diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/actions.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/actions.go index 9867a92dc197..ab89e65fa199 100644 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/actions.go +++ b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/actions.go @@ -46,11 +46,9 @@ func NewActionsClientWithBaseURI(baseURI string, subscriptionID string) ActionsC // Parameters: // resourceGroupName - the name of the resource group within the user's subscription. The name is case // insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. // workspaceName - the name of the workspace. // ruleID - alert rule ID -func (client ActionsClient) ListByAlertRule(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (result ActionsListPage, err error) { +func (client ActionsClient) ListByAlertRule(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (result ActionsListPage, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/ActionsClient.ListByAlertRule") defer func() { @@ -75,7 +73,7 @@ func (client ActionsClient) ListByAlertRule(ctx context.Context, resourceGroupNa } result.fn = client.listByAlertRuleNextResults - req, err := client.ListByAlertRulePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, ruleID) + req, err := client.ListByAlertRulePreparer(ctx, resourceGroupName, workspaceName, ruleID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.ActionsClient", "ListByAlertRule", nil, "Failure preparing request") return @@ -97,16 +95,15 @@ func (client ActionsClient) ListByAlertRule(ctx context.Context, resourceGroupNa } // ListByAlertRulePreparer prepares the ListByAlertRule request. -func (client ActionsClient) ListByAlertRulePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (*http.Request, error) { +func (client ActionsClient) ListByAlertRulePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "ruleId": autorest.Encode("path", ruleID), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "ruleId": autorest.Encode("path", ruleID), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2020-01-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -114,7 +111,7 @@ func (client ActionsClient) ListByAlertRulePreparer(ctx context.Context, resourc preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -122,8 +119,7 @@ func (client ActionsClient) ListByAlertRulePreparer(ctx context.Context, resourc // ListByAlertRuleSender sends the ListByAlertRule request. The method will close the // http.Response Body if it receives an error. func (client ActionsClient) ListByAlertRuleSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } // ListByAlertRuleResponder handles the response to the ListByAlertRule request. The method always @@ -161,7 +157,7 @@ func (client ActionsClient) listByAlertRuleNextResults(ctx context.Context, last } // ListByAlertRuleComplete enumerates all values, automatically crossing page boundaries as required. -func (client ActionsClient) ListByAlertRuleComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (result ActionsListIterator, err error) { +func (client ActionsClient) ListByAlertRuleComplete(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (result ActionsListIterator, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/ActionsClient.ListByAlertRule") defer func() { @@ -172,6 +168,6 @@ func (client ActionsClient) ListByAlertRuleComplete(ctx context.Context, resourc tracing.EndSpan(ctx, sc, err) }() } - result.page, err = client.ListByAlertRule(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, ruleID) + result.page, err = client.ListByAlertRule(ctx, resourceGroupName, workspaceName, ruleID) return } diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/alertrules.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/alertrules.go index 46269c19a903..1d5b29d4d72c 100644 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/alertrules.go +++ b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/alertrules.go @@ -46,12 +46,10 @@ func NewAlertRulesClientWithBaseURI(baseURI string, subscriptionID string) Alert // Parameters: // resourceGroupName - the name of the resource group within the user's subscription. The name is case // insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. // workspaceName - the name of the workspace. // ruleID - alert rule ID // alertRule - the alert rule -func (client AlertRulesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, alertRule BasicAlertRule) (result AlertRuleModel, err error) { +func (client AlertRulesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, alertRule BasicAlertRule) (result AlertRuleModel, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/AlertRulesClient.CreateOrUpdate") defer func() { @@ -75,7 +73,7 @@ func (client AlertRulesClient) CreateOrUpdate(ctx context.Context, resourceGroup return result, validation.NewError("securityinsight.AlertRulesClient", "CreateOrUpdate", err.Error()) } - req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, ruleID, alertRule) + req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, workspaceName, ruleID, alertRule) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.AlertRulesClient", "CreateOrUpdate", nil, "Failure preparing request") return @@ -97,16 +95,15 @@ func (client AlertRulesClient) CreateOrUpdate(ctx context.Context, resourceGroup } // CreateOrUpdatePreparer prepares the CreateOrUpdate request. -func (client AlertRulesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, alertRule BasicAlertRule) (*http.Request, error) { +func (client AlertRulesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, alertRule BasicAlertRule) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "ruleId": autorest.Encode("path", ruleID), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "ruleId": autorest.Encode("path", ruleID), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2020-01-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -115,7 +112,7 @@ func (client AlertRulesClient) CreateOrUpdatePreparer(ctx context.Context, resou autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPut(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}", pathParameters), autorest.WithJSON(alertRule), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) @@ -124,8 +121,7 @@ func (client AlertRulesClient) CreateOrUpdatePreparer(ctx context.Context, resou // CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the // http.Response Body if it receives an error. func (client AlertRulesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } // CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always @@ -145,13 +141,11 @@ func (client AlertRulesClient) CreateOrUpdateResponder(resp *http.Response) (res // Parameters: // resourceGroupName - the name of the resource group within the user's subscription. The name is case // insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. // workspaceName - the name of the workspace. // ruleID - alert rule ID // actionID - action ID // action - the action -func (client AlertRulesClient) CreateOrUpdateAction(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, actionID string, action ActionRequest) (result ActionResponse, err error) { +func (client AlertRulesClient) CreateOrUpdateAction(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string, action ActionRequest) (result ActionResponse, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/AlertRulesClient.CreateOrUpdateAction") defer func() { @@ -175,7 +169,7 @@ func (client AlertRulesClient) CreateOrUpdateAction(ctx context.Context, resourc return result, validation.NewError("securityinsight.AlertRulesClient", "CreateOrUpdateAction", err.Error()) } - req, err := client.CreateOrUpdateActionPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, ruleID, actionID, action) + req, err := client.CreateOrUpdateActionPreparer(ctx, resourceGroupName, workspaceName, ruleID, actionID, action) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.AlertRulesClient", "CreateOrUpdateAction", nil, "Failure preparing request") return @@ -197,17 +191,16 @@ func (client AlertRulesClient) CreateOrUpdateAction(ctx context.Context, resourc } // CreateOrUpdateActionPreparer prepares the CreateOrUpdateAction request. -func (client AlertRulesClient) CreateOrUpdateActionPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, actionID string, action ActionRequest) (*http.Request, error) { +func (client AlertRulesClient) CreateOrUpdateActionPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string, action ActionRequest) (*http.Request, error) { pathParameters := map[string]interface{}{ - "actionId": autorest.Encode("path", actionID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "ruleId": autorest.Encode("path", ruleID), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "actionId": autorest.Encode("path", actionID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "ruleId": autorest.Encode("path", ruleID), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2020-01-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -216,7 +209,7 @@ func (client AlertRulesClient) CreateOrUpdateActionPreparer(ctx context.Context, autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPut(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}", pathParameters), autorest.WithJSON(action), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) @@ -225,8 +218,7 @@ func (client AlertRulesClient) CreateOrUpdateActionPreparer(ctx context.Context, // CreateOrUpdateActionSender sends the CreateOrUpdateAction request. The method will close the // http.Response Body if it receives an error. func (client AlertRulesClient) CreateOrUpdateActionSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } // CreateOrUpdateActionResponder handles the response to the CreateOrUpdateAction request. The method always @@ -246,11 +238,9 @@ func (client AlertRulesClient) CreateOrUpdateActionResponder(resp *http.Response // Parameters: // resourceGroupName - the name of the resource group within the user's subscription. The name is case // insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. // workspaceName - the name of the workspace. // ruleID - alert rule ID -func (client AlertRulesClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (result autorest.Response, err error) { +func (client AlertRulesClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (result autorest.Response, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/AlertRulesClient.Delete") defer func() { @@ -274,7 +264,7 @@ func (client AlertRulesClient) Delete(ctx context.Context, resourceGroupName str return result, validation.NewError("securityinsight.AlertRulesClient", "Delete", err.Error()) } - req, err := client.DeletePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, ruleID) + req, err := client.DeletePreparer(ctx, resourceGroupName, workspaceName, ruleID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.AlertRulesClient", "Delete", nil, "Failure preparing request") return @@ -296,16 +286,15 @@ func (client AlertRulesClient) Delete(ctx context.Context, resourceGroupName str } // DeletePreparer prepares the Delete request. -func (client AlertRulesClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (*http.Request, error) { +func (client AlertRulesClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "ruleId": autorest.Encode("path", ruleID), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "ruleId": autorest.Encode("path", ruleID), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2020-01-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -313,7 +302,7 @@ func (client AlertRulesClient) DeletePreparer(ctx context.Context, resourceGroup preparer := autorest.CreatePreparer( autorest.AsDelete(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -321,8 +310,7 @@ func (client AlertRulesClient) DeletePreparer(ctx context.Context, resourceGroup // DeleteSender sends the Delete request. The method will close the // http.Response Body if it receives an error. func (client AlertRulesClient) DeleteSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } // DeleteResponder handles the response to the Delete request. The method always @@ -341,12 +329,10 @@ func (client AlertRulesClient) DeleteResponder(resp *http.Response) (result auto // Parameters: // resourceGroupName - the name of the resource group within the user's subscription. The name is case // insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. // workspaceName - the name of the workspace. // ruleID - alert rule ID // actionID - action ID -func (client AlertRulesClient) DeleteAction(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, actionID string) (result autorest.Response, err error) { +func (client AlertRulesClient) DeleteAction(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string) (result autorest.Response, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/AlertRulesClient.DeleteAction") defer func() { @@ -370,7 +356,7 @@ func (client AlertRulesClient) DeleteAction(ctx context.Context, resourceGroupNa return result, validation.NewError("securityinsight.AlertRulesClient", "DeleteAction", err.Error()) } - req, err := client.DeleteActionPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, ruleID, actionID) + req, err := client.DeleteActionPreparer(ctx, resourceGroupName, workspaceName, ruleID, actionID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.AlertRulesClient", "DeleteAction", nil, "Failure preparing request") return @@ -392,17 +378,16 @@ func (client AlertRulesClient) DeleteAction(ctx context.Context, resourceGroupNa } // DeleteActionPreparer prepares the DeleteAction request. -func (client AlertRulesClient) DeleteActionPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, actionID string) (*http.Request, error) { +func (client AlertRulesClient) DeleteActionPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "actionId": autorest.Encode("path", actionID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "ruleId": autorest.Encode("path", ruleID), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "actionId": autorest.Encode("path", actionID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "ruleId": autorest.Encode("path", ruleID), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2020-01-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -410,7 +395,7 @@ func (client AlertRulesClient) DeleteActionPreparer(ctx context.Context, resourc preparer := autorest.CreatePreparer( autorest.AsDelete(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -418,8 +403,7 @@ func (client AlertRulesClient) DeleteActionPreparer(ctx context.Context, resourc // DeleteActionSender sends the DeleteAction request. The method will close the // http.Response Body if it receives an error. func (client AlertRulesClient) DeleteActionSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } // DeleteActionResponder handles the response to the DeleteAction request. The method always @@ -438,11 +422,9 @@ func (client AlertRulesClient) DeleteActionResponder(resp *http.Response) (resul // Parameters: // resourceGroupName - the name of the resource group within the user's subscription. The name is case // insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. // workspaceName - the name of the workspace. // ruleID - alert rule ID -func (client AlertRulesClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (result AlertRuleModel, err error) { +func (client AlertRulesClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (result AlertRuleModel, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/AlertRulesClient.Get") defer func() { @@ -466,7 +448,7 @@ func (client AlertRulesClient) Get(ctx context.Context, resourceGroupName string return result, validation.NewError("securityinsight.AlertRulesClient", "Get", err.Error()) } - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, ruleID) + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, ruleID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.AlertRulesClient", "Get", nil, "Failure preparing request") return @@ -488,16 +470,15 @@ func (client AlertRulesClient) Get(ctx context.Context, resourceGroupName string } // GetPreparer prepares the Get request. -func (client AlertRulesClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (*http.Request, error) { +func (client AlertRulesClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "ruleId": autorest.Encode("path", ruleID), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "ruleId": autorest.Encode("path", ruleID), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2020-01-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -505,7 +486,7 @@ func (client AlertRulesClient) GetPreparer(ctx context.Context, resourceGroupNam preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -513,8 +494,7 @@ func (client AlertRulesClient) GetPreparer(ctx context.Context, resourceGroupNam // GetSender sends the Get request. The method will close the // http.Response Body if it receives an error. func (client AlertRulesClient) GetSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } // GetResponder handles the response to the Get request. The method always @@ -534,12 +514,10 @@ func (client AlertRulesClient) GetResponder(resp *http.Response) (result AlertRu // Parameters: // resourceGroupName - the name of the resource group within the user's subscription. The name is case // insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. // workspaceName - the name of the workspace. // ruleID - alert rule ID // actionID - action ID -func (client AlertRulesClient) GetAction(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, actionID string) (result ActionResponse, err error) { +func (client AlertRulesClient) GetAction(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string) (result ActionResponse, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/AlertRulesClient.GetAction") defer func() { @@ -563,7 +541,7 @@ func (client AlertRulesClient) GetAction(ctx context.Context, resourceGroupName return result, validation.NewError("securityinsight.AlertRulesClient", "GetAction", err.Error()) } - req, err := client.GetActionPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, ruleID, actionID) + req, err := client.GetActionPreparer(ctx, resourceGroupName, workspaceName, ruleID, actionID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.AlertRulesClient", "GetAction", nil, "Failure preparing request") return @@ -585,17 +563,16 @@ func (client AlertRulesClient) GetAction(ctx context.Context, resourceGroupName } // GetActionPreparer prepares the GetAction request. -func (client AlertRulesClient) GetActionPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, actionID string) (*http.Request, error) { +func (client AlertRulesClient) GetActionPreparer(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "actionId": autorest.Encode("path", actionID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "ruleId": autorest.Encode("path", ruleID), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "actionId": autorest.Encode("path", actionID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "ruleId": autorest.Encode("path", ruleID), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2020-01-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -603,7 +580,7 @@ func (client AlertRulesClient) GetActionPreparer(ctx context.Context, resourceGr preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -611,8 +588,7 @@ func (client AlertRulesClient) GetActionPreparer(ctx context.Context, resourceGr // GetActionSender sends the GetAction request. The method will close the // http.Response Body if it receives an error. func (client AlertRulesClient) GetActionSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } // GetActionResponder handles the response to the GetAction request. The method always @@ -632,10 +608,8 @@ func (client AlertRulesClient) GetActionResponder(resp *http.Response) (result A // Parameters: // resourceGroupName - the name of the resource group within the user's subscription. The name is case // insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. // workspaceName - the name of the workspace. -func (client AlertRulesClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result AlertRulesListPage, err error) { +func (client AlertRulesClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRulesListPage, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/AlertRulesClient.List") defer func() { @@ -660,7 +634,7 @@ func (client AlertRulesClient) List(ctx context.Context, resourceGroupName strin } result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.AlertRulesClient", "List", nil, "Failure preparing request") return @@ -682,15 +656,14 @@ func (client AlertRulesClient) List(ctx context.Context, resourceGroupName strin } // ListPreparer prepares the List request. -func (client AlertRulesClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error) { +func (client AlertRulesClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2020-01-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -698,7 +671,7 @@ func (client AlertRulesClient) ListPreparer(ctx context.Context, resourceGroupNa preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -706,8 +679,7 @@ func (client AlertRulesClient) ListPreparer(ctx context.Context, resourceGroupNa // ListSender sends the List request. The method will close the // http.Response Body if it receives an error. func (client AlertRulesClient) ListSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } // ListResponder handles the response to the List request. The method always @@ -745,7 +717,7 @@ func (client AlertRulesClient) listNextResults(ctx context.Context, lastResults } // ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client AlertRulesClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result AlertRulesListIterator, err error) { +func (client AlertRulesClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result AlertRulesListIterator, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/AlertRulesClient.List") defer func() { @@ -756,6 +728,6 @@ func (client AlertRulesClient) ListComplete(ctx context.Context, resourceGroupNa tracing.EndSpan(ctx, sc, err) }() } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + result.page, err = client.List(ctx, resourceGroupName, workspaceName) return } diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/alertruletemplates.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/alertruletemplates.go deleted file mode 100644 index 455be45eb50e..000000000000 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/alertruletemplates.go +++ /dev/null @@ -1,272 +0,0 @@ -package securityinsight - -// Copyright (c) Microsoft and contributors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// -// See the License for the specific language governing permissions and -// limitations under the License. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/validation" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// AlertRuleTemplatesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider -type AlertRuleTemplatesClient struct { - BaseClient -} - -// NewAlertRuleTemplatesClient creates an instance of the AlertRuleTemplatesClient client. -func NewAlertRuleTemplatesClient(subscriptionID string) AlertRuleTemplatesClient { - return NewAlertRuleTemplatesClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewAlertRuleTemplatesClientWithBaseURI creates an instance of the AlertRuleTemplatesClient client using a custom -// endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure -// stack). -func NewAlertRuleTemplatesClientWithBaseURI(baseURI string, subscriptionID string) AlertRuleTemplatesClient { - return AlertRuleTemplatesClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// Get gets the alert rule template. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// alertRuleTemplateID - alert rule template ID -func (client AlertRuleTemplatesClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, alertRuleTemplateID string) (result AlertRuleTemplateModel, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/AlertRuleTemplatesClient.Get") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.AlertRuleTemplatesClient", "Get", err.Error()) - } - - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, alertRuleTemplateID) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.AlertRuleTemplatesClient", "Get", nil, "Failure preparing request") - return - } - - resp, err := client.GetSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.AlertRuleTemplatesClient", "Get", resp, "Failure sending request") - return - } - - result, err = client.GetResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.AlertRuleTemplatesClient", "Get", resp, "Failure responding to request") - } - - return -} - -// GetPreparer prepares the Get request. -func (client AlertRuleTemplatesClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, alertRuleTemplateID string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "alertRuleTemplateId": autorest.Encode("path", alertRuleTemplateID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRuleTemplates/{alertRuleTemplateId}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetSender sends the Get request. The method will close the -// http.Response Body if it receives an error. -func (client AlertRuleTemplatesClient) GetSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// GetResponder handles the response to the Get request. The method always -// closes the http.Response Body. -func (client AlertRuleTemplatesClient) GetResponder(resp *http.Response) (result AlertRuleTemplateModel, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// List gets all alert rule templates. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -func (client AlertRuleTemplatesClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result AlertRuleTemplatesListPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/AlertRuleTemplatesClient.List") - defer func() { - sc := -1 - if result.artl.Response.Response != nil { - sc = result.artl.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.AlertRuleTemplatesClient", "List", err.Error()) - } - - result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.AlertRuleTemplatesClient", "List", nil, "Failure preparing request") - return - } - - resp, err := client.ListSender(req) - if err != nil { - result.artl.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.AlertRuleTemplatesClient", "List", resp, "Failure sending request") - return - } - - result.artl, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.AlertRuleTemplatesClient", "List", resp, "Failure responding to request") - } - - return -} - -// ListPreparer prepares the List request. -func (client AlertRuleTemplatesClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRuleTemplates", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListSender sends the List request. The method will close the -// http.Response Body if it receives an error. -func (client AlertRuleTemplatesClient) ListSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// ListResponder handles the response to the List request. The method always -// closes the http.Response Body. -func (client AlertRuleTemplatesClient) ListResponder(resp *http.Response) (result AlertRuleTemplatesList, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listNextResults retrieves the next set of results, if any. -func (client AlertRuleTemplatesClient) listNextResults(ctx context.Context, lastResults AlertRuleTemplatesList) (result AlertRuleTemplatesList, err error) { - req, err := lastResults.alertRuleTemplatesListPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "securityinsight.AlertRuleTemplatesClient", "listNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "securityinsight.AlertRuleTemplatesClient", "listNextResults", resp, "Failure sending next results request") - } - result, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.AlertRuleTemplatesClient", "listNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client AlertRuleTemplatesClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result AlertRuleTemplatesListIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/AlertRuleTemplatesClient.List") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) - return -} diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/bookmarkrelations.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/bookmarkrelations.go deleted file mode 100644 index 05601f32d8ff..000000000000 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/bookmarkrelations.go +++ /dev/null @@ -1,492 +0,0 @@ -package securityinsight - -// Copyright (c) Microsoft and contributors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// -// See the License for the specific language governing permissions and -// limitations under the License. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/validation" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// BookmarkRelationsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider -type BookmarkRelationsClient struct { - BaseClient -} - -// NewBookmarkRelationsClient creates an instance of the BookmarkRelationsClient client. -func NewBookmarkRelationsClient(subscriptionID string) BookmarkRelationsClient { - return NewBookmarkRelationsClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewBookmarkRelationsClientWithBaseURI creates an instance of the BookmarkRelationsClient client using a custom -// endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure -// stack). -func NewBookmarkRelationsClientWithBaseURI(baseURI string, subscriptionID string) BookmarkRelationsClient { - return BookmarkRelationsClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// CreateOrUpdateRelation creates the bookmark relation. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// bookmarkID - bookmark ID -// relationName - relation Name -// relationInputModel - the relation input model -func (client BookmarkRelationsClient) CreateOrUpdateRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, relationName string, relationInputModel RelationsModelInput) (result BookmarkRelation, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/BookmarkRelationsClient.CreateOrUpdateRelation") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.BookmarkRelationsClient", "CreateOrUpdateRelation", err.Error()) - } - - req, err := client.CreateOrUpdateRelationPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, bookmarkID, relationName, relationInputModel) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "CreateOrUpdateRelation", nil, "Failure preparing request") - return - } - - resp, err := client.CreateOrUpdateRelationSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "CreateOrUpdateRelation", resp, "Failure sending request") - return - } - - result, err = client.CreateOrUpdateRelationResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "CreateOrUpdateRelation", resp, "Failure responding to request") - } - - return -} - -// CreateOrUpdateRelationPreparer prepares the CreateOrUpdateRelation request. -func (client BookmarkRelationsClient) CreateOrUpdateRelationPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, relationName string, relationInputModel RelationsModelInput) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "bookmarkId": autorest.Encode("path", bookmarkID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "relationName": autorest.Encode("path", relationName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPut(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations/{relationName}", pathParameters), - autorest.WithJSON(relationInputModel), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// CreateOrUpdateRelationSender sends the CreateOrUpdateRelation request. The method will close the -// http.Response Body if it receives an error. -func (client BookmarkRelationsClient) CreateOrUpdateRelationSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// CreateOrUpdateRelationResponder handles the response to the CreateOrUpdateRelation request. The method always -// closes the http.Response Body. -func (client BookmarkRelationsClient) CreateOrUpdateRelationResponder(resp *http.Response) (result BookmarkRelation, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// DeleteRelation delete the bookmark relation. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// bookmarkID - bookmark ID -// relationName - relation Name -func (client BookmarkRelationsClient) DeleteRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, relationName string) (result autorest.Response, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/BookmarkRelationsClient.DeleteRelation") - defer func() { - sc := -1 - if result.Response != nil { - sc = result.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.BookmarkRelationsClient", "DeleteRelation", err.Error()) - } - - req, err := client.DeleteRelationPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, bookmarkID, relationName) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "DeleteRelation", nil, "Failure preparing request") - return - } - - resp, err := client.DeleteRelationSender(req) - if err != nil { - result.Response = resp - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "DeleteRelation", resp, "Failure sending request") - return - } - - result, err = client.DeleteRelationResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "DeleteRelation", resp, "Failure responding to request") - } - - return -} - -// DeleteRelationPreparer prepares the DeleteRelation request. -func (client BookmarkRelationsClient) DeleteRelationPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, relationName string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "bookmarkId": autorest.Encode("path", bookmarkID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "relationName": autorest.Encode("path", relationName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsDelete(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations/{relationName}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// DeleteRelationSender sends the DeleteRelation request. The method will close the -// http.Response Body if it receives an error. -func (client BookmarkRelationsClient) DeleteRelationSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// DeleteRelationResponder handles the response to the DeleteRelation request. The method always -// closes the http.Response Body. -func (client BookmarkRelationsClient) DeleteRelationResponder(resp *http.Response) (result autorest.Response, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), - autorest.ByClosing()) - result.Response = resp - return -} - -// GetRelation gets a bookmark relation. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// bookmarkID - bookmark ID -// relationName - relation Name -func (client BookmarkRelationsClient) GetRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, relationName string) (result BookmarkRelation, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/BookmarkRelationsClient.GetRelation") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.BookmarkRelationsClient", "GetRelation", err.Error()) - } - - req, err := client.GetRelationPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, bookmarkID, relationName) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "GetRelation", nil, "Failure preparing request") - return - } - - resp, err := client.GetRelationSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "GetRelation", resp, "Failure sending request") - return - } - - result, err = client.GetRelationResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "GetRelation", resp, "Failure responding to request") - } - - return -} - -// GetRelationPreparer prepares the GetRelation request. -func (client BookmarkRelationsClient) GetRelationPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, relationName string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "bookmarkId": autorest.Encode("path", bookmarkID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "relationName": autorest.Encode("path", relationName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations/{relationName}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetRelationSender sends the GetRelation request. The method will close the -// http.Response Body if it receives an error. -func (client BookmarkRelationsClient) GetRelationSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// GetRelationResponder handles the response to the GetRelation request. The method always -// closes the http.Response Body. -func (client BookmarkRelationsClient) GetRelationResponder(resp *http.Response) (result BookmarkRelation, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// List gets all bookmark relations. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// bookmarkID - bookmark ID -// filter - filters the results, based on a Boolean condition. Optional. -// orderby - sorts the results. Optional. -// top - returns only the first n results. Optional. -// skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response -// contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that -// specifies a starting point to use for subsequent calls. Optional. -func (client BookmarkRelationsClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, filter string, orderby string, top *int32, skipToken string) (result BookmarkRelationListPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/BookmarkRelationsClient.List") - defer func() { - sc := -1 - if result.brl.Response.Response != nil { - sc = result.brl.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.BookmarkRelationsClient", "List", err.Error()) - } - - result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, bookmarkID, filter, orderby, top, skipToken) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "List", nil, "Failure preparing request") - return - } - - resp, err := client.ListSender(req) - if err != nil { - result.brl.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "List", resp, "Failure sending request") - return - } - - result.brl, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "List", resp, "Failure responding to request") - } - - return -} - -// ListPreparer prepares the List request. -func (client BookmarkRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "bookmarkId": autorest.Encode("path", bookmarkID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - if len(filter) > 0 { - queryParameters["$filter"] = autorest.Encode("query", filter) - } - if len(orderby) > 0 { - queryParameters["$orderby"] = autorest.Encode("query", orderby) - } - if top != nil { - queryParameters["$top"] = autorest.Encode("query", *top) - } - if len(skipToken) > 0 { - queryParameters["$skipToken"] = autorest.Encode("query", skipToken) - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListSender sends the List request. The method will close the -// http.Response Body if it receives an error. -func (client BookmarkRelationsClient) ListSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// ListResponder handles the response to the List request. The method always -// closes the http.Response Body. -func (client BookmarkRelationsClient) ListResponder(resp *http.Response) (result BookmarkRelationList, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listNextResults retrieves the next set of results, if any. -func (client BookmarkRelationsClient) listNextResults(ctx context.Context, lastResults BookmarkRelationList) (result BookmarkRelationList, err error) { - req, err := lastResults.bookmarkRelationListPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "listNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "listNextResults", resp, "Failure sending next results request") - } - result, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarkRelationsClient", "listNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client BookmarkRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, filter string, orderby string, top *int32, skipToken string) (result BookmarkRelationListIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/BookmarkRelationsClient.List") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, bookmarkID, filter, orderby, top, skipToken) - return -} diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/bookmarks.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/bookmarks.go deleted file mode 100644 index febbeeb20e05..000000000000 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/bookmarks.go +++ /dev/null @@ -1,475 +0,0 @@ -package securityinsight - -// Copyright (c) Microsoft and contributors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// -// See the License for the specific language governing permissions and -// limitations under the License. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/validation" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// BookmarksClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider -type BookmarksClient struct { - BaseClient -} - -// NewBookmarksClient creates an instance of the BookmarksClient client. -func NewBookmarksClient(subscriptionID string) BookmarksClient { - return NewBookmarksClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewBookmarksClientWithBaseURI creates an instance of the BookmarksClient client using a custom endpoint. Use this -// when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). -func NewBookmarksClientWithBaseURI(baseURI string, subscriptionID string) BookmarksClient { - return BookmarksClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// CreateOrUpdate creates or updates the bookmark. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// bookmarkID - bookmark ID -// bookmark - the bookmark -func (client BookmarksClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, bookmark Bookmark) (result Bookmark, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/BookmarksClient.CreateOrUpdate") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, - {TargetValue: bookmark, - Constraints: []validation.Constraint{{Target: "bookmark.BookmarkProperties", Name: validation.Null, Rule: false, - Chain: []validation.Constraint{{Target: "bookmark.BookmarkProperties.DisplayName", Name: validation.Null, Rule: true, Chain: nil}, - {Target: "bookmark.BookmarkProperties.Query", Name: validation.Null, Rule: true, Chain: nil}, - {Target: "bookmark.BookmarkProperties.IncidentInfo", Name: validation.Null, Rule: false, - Chain: []validation.Constraint{{Target: "bookmark.BookmarkProperties.IncidentInfo.IncidentID", Name: validation.Null, Rule: true, Chain: nil}, - {Target: "bookmark.BookmarkProperties.IncidentInfo.Title", Name: validation.Null, Rule: true, Chain: nil}, - {Target: "bookmark.BookmarkProperties.IncidentInfo.RelationName", Name: validation.Null, Rule: true, Chain: nil}, - }}, - }}}}}); err != nil { - return result, validation.NewError("securityinsight.BookmarksClient", "CreateOrUpdate", err.Error()) - } - - req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, bookmarkID, bookmark) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarksClient", "CreateOrUpdate", nil, "Failure preparing request") - return - } - - resp, err := client.CreateOrUpdateSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.BookmarksClient", "CreateOrUpdate", resp, "Failure sending request") - return - } - - result, err = client.CreateOrUpdateResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarksClient", "CreateOrUpdate", resp, "Failure responding to request") - } - - return -} - -// CreateOrUpdatePreparer prepares the CreateOrUpdate request. -func (client BookmarksClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, bookmark Bookmark) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "bookmarkId": autorest.Encode("path", bookmarkID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPut(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}", pathParameters), - autorest.WithJSON(bookmark), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the -// http.Response Body if it receives an error. -func (client BookmarksClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always -// closes the http.Response Body. -func (client BookmarksClient) CreateOrUpdateResponder(resp *http.Response) (result Bookmark, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// Delete delete the bookmark. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// bookmarkID - bookmark ID -func (client BookmarksClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string) (result autorest.Response, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/BookmarksClient.Delete") - defer func() { - sc := -1 - if result.Response != nil { - sc = result.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.BookmarksClient", "Delete", err.Error()) - } - - req, err := client.DeletePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, bookmarkID) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarksClient", "Delete", nil, "Failure preparing request") - return - } - - resp, err := client.DeleteSender(req) - if err != nil { - result.Response = resp - err = autorest.NewErrorWithError(err, "securityinsight.BookmarksClient", "Delete", resp, "Failure sending request") - return - } - - result, err = client.DeleteResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarksClient", "Delete", resp, "Failure responding to request") - } - - return -} - -// DeletePreparer prepares the Delete request. -func (client BookmarksClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "bookmarkId": autorest.Encode("path", bookmarkID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsDelete(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// DeleteSender sends the Delete request. The method will close the -// http.Response Body if it receives an error. -func (client BookmarksClient) DeleteSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// DeleteResponder handles the response to the Delete request. The method always -// closes the http.Response Body. -func (client BookmarksClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), - autorest.ByClosing()) - result.Response = resp - return -} - -// Get gets a bookmark. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// bookmarkID - bookmark ID -func (client BookmarksClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string) (result Bookmark, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/BookmarksClient.Get") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.BookmarksClient", "Get", err.Error()) - } - - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, bookmarkID) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarksClient", "Get", nil, "Failure preparing request") - return - } - - resp, err := client.GetSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.BookmarksClient", "Get", resp, "Failure sending request") - return - } - - result, err = client.GetResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarksClient", "Get", resp, "Failure responding to request") - } - - return -} - -// GetPreparer prepares the Get request. -func (client BookmarksClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "bookmarkId": autorest.Encode("path", bookmarkID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetSender sends the Get request. The method will close the -// http.Response Body if it receives an error. -func (client BookmarksClient) GetSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// GetResponder handles the response to the Get request. The method always -// closes the http.Response Body. -func (client BookmarksClient) GetResponder(resp *http.Response) (result Bookmark, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// List gets all bookmarks. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -func (client BookmarksClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result BookmarkListPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/BookmarksClient.List") - defer func() { - sc := -1 - if result.bl.Response.Response != nil { - sc = result.bl.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.BookmarksClient", "List", err.Error()) - } - - result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarksClient", "List", nil, "Failure preparing request") - return - } - - resp, err := client.ListSender(req) - if err != nil { - result.bl.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.BookmarksClient", "List", resp, "Failure sending request") - return - } - - result.bl, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarksClient", "List", resp, "Failure responding to request") - } - - return -} - -// ListPreparer prepares the List request. -func (client BookmarksClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListSender sends the List request. The method will close the -// http.Response Body if it receives an error. -func (client BookmarksClient) ListSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// ListResponder handles the response to the List request. The method always -// closes the http.Response Body. -func (client BookmarksClient) ListResponder(resp *http.Response) (result BookmarkList, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listNextResults retrieves the next set of results, if any. -func (client BookmarksClient) listNextResults(ctx context.Context, lastResults BookmarkList) (result BookmarkList, err error) { - req, err := lastResults.bookmarkListPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "securityinsight.BookmarksClient", "listNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "securityinsight.BookmarksClient", "listNextResults", resp, "Failure sending next results request") - } - result, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BookmarksClient", "listNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client BookmarksClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result BookmarkListIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/BookmarksClient.List") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) - return -} diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/casecomments.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/casecomments.go deleted file mode 100644 index b88cc9656f51..000000000000 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/casecomments.go +++ /dev/null @@ -1,147 +0,0 @@ -package securityinsight - -// Copyright (c) Microsoft and contributors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// -// See the License for the specific language governing permissions and -// limitations under the License. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/validation" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// CaseCommentsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider -type CaseCommentsClient struct { - BaseClient -} - -// NewCaseCommentsClient creates an instance of the CaseCommentsClient client. -func NewCaseCommentsClient(subscriptionID string) CaseCommentsClient { - return NewCaseCommentsClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewCaseCommentsClientWithBaseURI creates an instance of the CaseCommentsClient client using a custom endpoint. Use -// this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). -func NewCaseCommentsClientWithBaseURI(baseURI string, subscriptionID string) CaseCommentsClient { - return CaseCommentsClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// CreateComment creates the case comment. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// caseID - case ID -// caseCommentID - case comment ID -// caseComment - the case comment -func (client CaseCommentsClient) CreateComment(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, caseCommentID string, caseComment CaseComment) (result CaseComment, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseCommentsClient.CreateComment") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, - {TargetValue: caseComment, - Constraints: []validation.Constraint{{Target: "caseComment.CaseCommentProperties", Name: validation.Null, Rule: false, - Chain: []validation.Constraint{{Target: "caseComment.CaseCommentProperties.Message", Name: validation.Null, Rule: true, Chain: nil}}}}}}); err != nil { - return result, validation.NewError("securityinsight.CaseCommentsClient", "CreateComment", err.Error()) - } - - req, err := client.CreateCommentPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID, caseCommentID, caseComment) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseCommentsClient", "CreateComment", nil, "Failure preparing request") - return - } - - resp, err := client.CreateCommentSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.CaseCommentsClient", "CreateComment", resp, "Failure sending request") - return - } - - result, err = client.CreateCommentResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseCommentsClient", "CreateComment", resp, "Failure responding to request") - } - - return -} - -// CreateCommentPreparer prepares the CreateComment request. -func (client CaseCommentsClient) CreateCommentPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, caseCommentID string, caseComment CaseComment) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "caseCommentId": autorest.Encode("path", caseCommentID), - "caseId": autorest.Encode("path", caseID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPut(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}/comments/{caseCommentId}", pathParameters), - autorest.WithJSON(caseComment), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// CreateCommentSender sends the CreateComment request. The method will close the -// http.Response Body if it receives an error. -func (client CaseCommentsClient) CreateCommentSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// CreateCommentResponder handles the response to the CreateComment request. The method always -// closes the http.Response Body. -func (client CaseCommentsClient) CreateCommentResponder(resp *http.Response) (result CaseComment, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/caserelations.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/caserelations.go deleted file mode 100644 index b7ad0a6da639..000000000000 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/caserelations.go +++ /dev/null @@ -1,491 +0,0 @@ -package securityinsight - -// Copyright (c) Microsoft and contributors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// -// See the License for the specific language governing permissions and -// limitations under the License. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/validation" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// CaseRelationsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider -type CaseRelationsClient struct { - BaseClient -} - -// NewCaseRelationsClient creates an instance of the CaseRelationsClient client. -func NewCaseRelationsClient(subscriptionID string) CaseRelationsClient { - return NewCaseRelationsClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewCaseRelationsClientWithBaseURI creates an instance of the CaseRelationsClient client using a custom endpoint. -// Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). -func NewCaseRelationsClientWithBaseURI(baseURI string, subscriptionID string) CaseRelationsClient { - return CaseRelationsClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// CreateOrUpdateRelation creates or updates the case relation. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// caseID - case ID -// relationName - relation Name -// relationInputModel - the relation input model -func (client CaseRelationsClient) CreateOrUpdateRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, relationName string, relationInputModel RelationsModelInput) (result CaseRelation, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseRelationsClient.CreateOrUpdateRelation") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.CaseRelationsClient", "CreateOrUpdateRelation", err.Error()) - } - - req, err := client.CreateOrUpdateRelationPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID, relationName, relationInputModel) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "CreateOrUpdateRelation", nil, "Failure preparing request") - return - } - - resp, err := client.CreateOrUpdateRelationSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "CreateOrUpdateRelation", resp, "Failure sending request") - return - } - - result, err = client.CreateOrUpdateRelationResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "CreateOrUpdateRelation", resp, "Failure responding to request") - } - - return -} - -// CreateOrUpdateRelationPreparer prepares the CreateOrUpdateRelation request. -func (client CaseRelationsClient) CreateOrUpdateRelationPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, relationName string, relationInputModel RelationsModelInput) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "caseId": autorest.Encode("path", caseID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "relationName": autorest.Encode("path", relationName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPut(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}/relations/{relationName}", pathParameters), - autorest.WithJSON(relationInputModel), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// CreateOrUpdateRelationSender sends the CreateOrUpdateRelation request. The method will close the -// http.Response Body if it receives an error. -func (client CaseRelationsClient) CreateOrUpdateRelationSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// CreateOrUpdateRelationResponder handles the response to the CreateOrUpdateRelation request. The method always -// closes the http.Response Body. -func (client CaseRelationsClient) CreateOrUpdateRelationResponder(resp *http.Response) (result CaseRelation, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// DeleteRelation delete the case relation. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// caseID - case ID -// relationName - relation Name -func (client CaseRelationsClient) DeleteRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, relationName string) (result autorest.Response, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseRelationsClient.DeleteRelation") - defer func() { - sc := -1 - if result.Response != nil { - sc = result.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.CaseRelationsClient", "DeleteRelation", err.Error()) - } - - req, err := client.DeleteRelationPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID, relationName) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "DeleteRelation", nil, "Failure preparing request") - return - } - - resp, err := client.DeleteRelationSender(req) - if err != nil { - result.Response = resp - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "DeleteRelation", resp, "Failure sending request") - return - } - - result, err = client.DeleteRelationResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "DeleteRelation", resp, "Failure responding to request") - } - - return -} - -// DeleteRelationPreparer prepares the DeleteRelation request. -func (client CaseRelationsClient) DeleteRelationPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, relationName string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "caseId": autorest.Encode("path", caseID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "relationName": autorest.Encode("path", relationName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsDelete(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}/relations/{relationName}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// DeleteRelationSender sends the DeleteRelation request. The method will close the -// http.Response Body if it receives an error. -func (client CaseRelationsClient) DeleteRelationSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// DeleteRelationResponder handles the response to the DeleteRelation request. The method always -// closes the http.Response Body. -func (client CaseRelationsClient) DeleteRelationResponder(resp *http.Response) (result autorest.Response, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), - autorest.ByClosing()) - result.Response = resp - return -} - -// GetRelation gets a case relation. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// caseID - case ID -// relationName - relation Name -func (client CaseRelationsClient) GetRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, relationName string) (result CaseRelation, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseRelationsClient.GetRelation") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.CaseRelationsClient", "GetRelation", err.Error()) - } - - req, err := client.GetRelationPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID, relationName) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "GetRelation", nil, "Failure preparing request") - return - } - - resp, err := client.GetRelationSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "GetRelation", resp, "Failure sending request") - return - } - - result, err = client.GetRelationResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "GetRelation", resp, "Failure responding to request") - } - - return -} - -// GetRelationPreparer prepares the GetRelation request. -func (client CaseRelationsClient) GetRelationPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, relationName string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "caseId": autorest.Encode("path", caseID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "relationName": autorest.Encode("path", relationName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}/relations/{relationName}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetRelationSender sends the GetRelation request. The method will close the -// http.Response Body if it receives an error. -func (client CaseRelationsClient) GetRelationSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// GetRelationResponder handles the response to the GetRelation request. The method always -// closes the http.Response Body. -func (client CaseRelationsClient) GetRelationResponder(resp *http.Response) (result CaseRelation, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// List gets all case relations. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// caseID - case ID -// filter - filters the results, based on a Boolean condition. Optional. -// orderby - sorts the results. Optional. -// top - returns only the first n results. Optional. -// skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response -// contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that -// specifies a starting point to use for subsequent calls. Optional. -func (client CaseRelationsClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, filter string, orderby string, top *int32, skipToken string) (result CaseRelationListPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseRelationsClient.List") - defer func() { - sc := -1 - if result.crl.Response.Response != nil { - sc = result.crl.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.CaseRelationsClient", "List", err.Error()) - } - - result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID, filter, orderby, top, skipToken) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "List", nil, "Failure preparing request") - return - } - - resp, err := client.ListSender(req) - if err != nil { - result.crl.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "List", resp, "Failure sending request") - return - } - - result.crl, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "List", resp, "Failure responding to request") - } - - return -} - -// ListPreparer prepares the List request. -func (client CaseRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "caseId": autorest.Encode("path", caseID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - if len(filter) > 0 { - queryParameters["$filter"] = autorest.Encode("query", filter) - } - if len(orderby) > 0 { - queryParameters["$orderby"] = autorest.Encode("query", orderby) - } - if top != nil { - queryParameters["$top"] = autorest.Encode("query", *top) - } - if len(skipToken) > 0 { - queryParameters["$skipToken"] = autorest.Encode("query", skipToken) - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}/relations", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListSender sends the List request. The method will close the -// http.Response Body if it receives an error. -func (client CaseRelationsClient) ListSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// ListResponder handles the response to the List request. The method always -// closes the http.Response Body. -func (client CaseRelationsClient) ListResponder(resp *http.Response) (result CaseRelationList, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listNextResults retrieves the next set of results, if any. -func (client CaseRelationsClient) listNextResults(ctx context.Context, lastResults CaseRelationList) (result CaseRelationList, err error) { - req, err := lastResults.caseRelationListPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "listNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "listNextResults", resp, "Failure sending next results request") - } - result, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CaseRelationsClient", "listNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client CaseRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, filter string, orderby string, top *int32, skipToken string) (result CaseRelationListIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseRelationsClient.List") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID, filter, orderby, top, skipToken) - return -} diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/cases.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/cases.go deleted file mode 100644 index 3add52949613..000000000000 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/cases.go +++ /dev/null @@ -1,586 +0,0 @@ -package securityinsight - -// Copyright (c) Microsoft and contributors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// -// See the License for the specific language governing permissions and -// limitations under the License. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/validation" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// CasesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider -type CasesClient struct { - BaseClient -} - -// NewCasesClient creates an instance of the CasesClient client. -func NewCasesClient(subscriptionID string) CasesClient { - return NewCasesClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewCasesClientWithBaseURI creates an instance of the CasesClient client using a custom endpoint. Use this when -// interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). -func NewCasesClientWithBaseURI(baseURI string, subscriptionID string) CasesClient { - return CasesClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// CreateOrUpdate creates or updates the case. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// caseID - case ID -// caseParameter - the case -func (client CasesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, caseParameter Case) (result Case, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CasesClient.CreateOrUpdate") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, - {TargetValue: caseParameter, - Constraints: []validation.Constraint{{Target: "caseParameter.CaseProperties", Name: validation.Null, Rule: false, - Chain: []validation.Constraint{{Target: "caseParameter.CaseProperties.StartTimeUtc", Name: validation.Null, Rule: true, Chain: nil}, - {Target: "caseParameter.CaseProperties.Title", Name: validation.Null, Rule: true, Chain: nil}, - }}}}}); err != nil { - return result, validation.NewError("securityinsight.CasesClient", "CreateOrUpdate", err.Error()) - } - - req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID, caseParameter) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "CreateOrUpdate", nil, "Failure preparing request") - return - } - - resp, err := client.CreateOrUpdateSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "CreateOrUpdate", resp, "Failure sending request") - return - } - - result, err = client.CreateOrUpdateResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "CreateOrUpdate", resp, "Failure responding to request") - } - - return -} - -// CreateOrUpdatePreparer prepares the CreateOrUpdate request. -func (client CasesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, caseParameter Case) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "caseId": autorest.Encode("path", caseID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPut(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}", pathParameters), - autorest.WithJSON(caseParameter), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the -// http.Response Body if it receives an error. -func (client CasesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always -// closes the http.Response Body. -func (client CasesClient) CreateOrUpdateResponder(resp *http.Response) (result Case, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// Delete delete the case. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// caseID - case ID -func (client CasesClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string) (result autorest.Response, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CasesClient.Delete") - defer func() { - sc := -1 - if result.Response != nil { - sc = result.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.CasesClient", "Delete", err.Error()) - } - - req, err := client.DeletePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "Delete", nil, "Failure preparing request") - return - } - - resp, err := client.DeleteSender(req) - if err != nil { - result.Response = resp - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "Delete", resp, "Failure sending request") - return - } - - result, err = client.DeleteResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "Delete", resp, "Failure responding to request") - } - - return -} - -// DeletePreparer prepares the Delete request. -func (client CasesClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "caseId": autorest.Encode("path", caseID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsDelete(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// DeleteSender sends the Delete request. The method will close the -// http.Response Body if it receives an error. -func (client CasesClient) DeleteSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// DeleteResponder handles the response to the Delete request. The method always -// closes the http.Response Body. -func (client CasesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), - autorest.ByClosing()) - result.Response = resp - return -} - -// Get gets a case. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// caseID - case ID -func (client CasesClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string) (result Case, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CasesClient.Get") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.CasesClient", "Get", err.Error()) - } - - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "Get", nil, "Failure preparing request") - return - } - - resp, err := client.GetSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "Get", resp, "Failure sending request") - return - } - - result, err = client.GetResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "Get", resp, "Failure responding to request") - } - - return -} - -// GetPreparer prepares the Get request. -func (client CasesClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "caseId": autorest.Encode("path", caseID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetSender sends the Get request. The method will close the -// http.Response Body if it receives an error. -func (client CasesClient) GetSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// GetResponder handles the response to the Get request. The method always -// closes the http.Response Body. -func (client CasesClient) GetResponder(resp *http.Response) (result Case, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// GetComment gets a case comment. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// caseID - case ID -// caseCommentID - case comment ID -func (client CasesClient) GetComment(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, caseCommentID string) (result CaseComment, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CasesClient.GetComment") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.CasesClient", "GetComment", err.Error()) - } - - req, err := client.GetCommentPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID, caseCommentID) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "GetComment", nil, "Failure preparing request") - return - } - - resp, err := client.GetCommentSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "GetComment", resp, "Failure sending request") - return - } - - result, err = client.GetCommentResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "GetComment", resp, "Failure responding to request") - } - - return -} - -// GetCommentPreparer prepares the GetComment request. -func (client CasesClient) GetCommentPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, caseCommentID string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "caseCommentId": autorest.Encode("path", caseCommentID), - "caseId": autorest.Encode("path", caseID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}/comments/{caseCommentId}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetCommentSender sends the GetComment request. The method will close the -// http.Response Body if it receives an error. -func (client CasesClient) GetCommentSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// GetCommentResponder handles the response to the GetComment request. The method always -// closes the http.Response Body. -func (client CasesClient) GetCommentResponder(resp *http.Response) (result CaseComment, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// List gets all cases. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// filter - filters the results, based on a Boolean condition. Optional. -// orderby - sorts the results. Optional. -// top - returns only the first n results. Optional. -// skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response -// contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that -// specifies a starting point to use for subsequent calls. Optional. -func (client CasesClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result CaseListPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CasesClient.List") - defer func() { - sc := -1 - if result.cl.Response.Response != nil { - sc = result.cl.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.CasesClient", "List", err.Error()) - } - - result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, filter, orderby, top, skipToken) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "List", nil, "Failure preparing request") - return - } - - resp, err := client.ListSender(req) - if err != nil { - result.cl.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "List", resp, "Failure sending request") - return - } - - result.cl, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "List", resp, "Failure responding to request") - } - - return -} - -// ListPreparer prepares the List request. -func (client CasesClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - if len(filter) > 0 { - queryParameters["$filter"] = autorest.Encode("query", filter) - } - if len(orderby) > 0 { - queryParameters["$orderby"] = autorest.Encode("query", orderby) - } - if top != nil { - queryParameters["$top"] = autorest.Encode("query", *top) - } - if len(skipToken) > 0 { - queryParameters["$skipToken"] = autorest.Encode("query", skipToken) - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListSender sends the List request. The method will close the -// http.Response Body if it receives an error. -func (client CasesClient) ListSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// ListResponder handles the response to the List request. The method always -// closes the http.Response Body. -func (client CasesClient) ListResponder(resp *http.Response) (result CaseList, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listNextResults retrieves the next set of results, if any. -func (client CasesClient) listNextResults(ctx context.Context, lastResults CaseList) (result CaseList, err error) { - req, err := lastResults.caseListPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "securityinsight.CasesClient", "listNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "securityinsight.CasesClient", "listNextResults", resp, "Failure sending next results request") - } - result, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesClient", "listNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client CasesClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result CaseListIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CasesClient.List") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, filter, orderby, top, skipToken) - return -} diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/casesaggregations.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/casesaggregations.go deleted file mode 100644 index 0f5e446b3416..000000000000 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/casesaggregations.go +++ /dev/null @@ -1,140 +0,0 @@ -package securityinsight - -// Copyright (c) Microsoft and contributors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// -// See the License for the specific language governing permissions and -// limitations under the License. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/validation" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// CasesAggregationsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider -type CasesAggregationsClient struct { - BaseClient -} - -// NewCasesAggregationsClient creates an instance of the CasesAggregationsClient client. -func NewCasesAggregationsClient(subscriptionID string) CasesAggregationsClient { - return NewCasesAggregationsClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewCasesAggregationsClientWithBaseURI creates an instance of the CasesAggregationsClient client using a custom -// endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure -// stack). -func NewCasesAggregationsClientWithBaseURI(baseURI string, subscriptionID string) CasesAggregationsClient { - return CasesAggregationsClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// Get get aggregative result for the given resources under the defined workspace -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// aggregationsName - the aggregation name. Supports - Cases -func (client CasesAggregationsClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, aggregationsName string) (result AggregationsModel, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CasesAggregationsClient.Get") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.CasesAggregationsClient", "Get", err.Error()) - } - - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, aggregationsName) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesAggregationsClient", "Get", nil, "Failure preparing request") - return - } - - resp, err := client.GetSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.CasesAggregationsClient", "Get", resp, "Failure sending request") - return - } - - result, err = client.GetResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CasesAggregationsClient", "Get", resp, "Failure responding to request") - } - - return -} - -// GetPreparer prepares the Get request. -func (client CasesAggregationsClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, aggregationsName string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "aggregationsName": autorest.Encode("path", aggregationsName), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/aggregations/{aggregationsName}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetSender sends the Get request. The method will close the -// http.Response Body if it receives an error. -func (client CasesAggregationsClient) GetSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// GetResponder handles the response to the Get request. The method always -// closes the http.Response Body. -func (client CasesAggregationsClient) GetResponder(resp *http.Response) (result AggregationsModel, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/client.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/client.go index 59aefbb9aad1..795d10bb8823 100644 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/client.go +++ b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/client.go @@ -1,4 +1,4 @@ -// Package securityinsight implements the Azure ARM Securityinsight service API version 2019-01-01-preview. +// Package securityinsight implements the Azure ARM Securityinsight service API version 2020-01-01. // // API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider package securityinsight @@ -21,12 +21,7 @@ package securityinsight // Changes may cause incorrect behavior and will be lost if the code is regenerated. import ( - "context" "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/validation" - "github.com/Azure/go-autorest/tracing" - "net/http" ) const ( @@ -55,100 +50,3 @@ func NewWithBaseURI(baseURI string, subscriptionID string) BaseClient { SubscriptionID: subscriptionID, } } - -// ListDataConnectorRequirements get requirements state for a data connector type. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// workspaceName - the name of the workspace. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// dataConnectorsCheckRequirements - the parameters for requirements check message -func (client BaseClient) ListDataConnectorRequirements(ctx context.Context, resourceGroupName string, workspaceName string, operationalInsightsResourceProvider string, dataConnectorsCheckRequirements DataConnectorsCheckRequirements) (result DataConnectorRequirementsState, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/BaseClient.ListDataConnectorRequirements") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.BaseClient", "ListDataConnectorRequirements", err.Error()) - } - - req, err := client.ListDataConnectorRequirementsPreparer(ctx, resourceGroupName, workspaceName, operationalInsightsResourceProvider, dataConnectorsCheckRequirements) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BaseClient", "ListDataConnectorRequirements", nil, "Failure preparing request") - return - } - - resp, err := client.ListDataConnectorRequirementsSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.BaseClient", "ListDataConnectorRequirements", resp, "Failure sending request") - return - } - - result, err = client.ListDataConnectorRequirementsResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.BaseClient", "ListDataConnectorRequirements", resp, "Failure responding to request") - } - - return -} - -// ListDataConnectorRequirementsPreparer prepares the ListDataConnectorRequirements request. -func (client BaseClient) ListDataConnectorRequirementsPreparer(ctx context.Context, resourceGroupName string, workspaceName string, operationalInsightsResourceProvider string, dataConnectorsCheckRequirements DataConnectorsCheckRequirements) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPost(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectorsCheckRequirements", pathParameters), - autorest.WithJSON(dataConnectorsCheckRequirements), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListDataConnectorRequirementsSender sends the ListDataConnectorRequirements request. The method will close the -// http.Response Body if it receives an error. -func (client BaseClient) ListDataConnectorRequirementsSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// ListDataConnectorRequirementsResponder handles the response to the ListDataConnectorRequirements request. The method always -// closes the http.Response Body. -func (client BaseClient) ListDataConnectorRequirementsResponder(resp *http.Response) (result DataConnectorRequirementsState, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/comments.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/comments.go deleted file mode 100644 index be5fd653e8f1..000000000000 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/comments.go +++ /dev/null @@ -1,195 +0,0 @@ -package securityinsight - -// Copyright (c) Microsoft and contributors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// -// See the License for the specific language governing permissions and -// limitations under the License. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/validation" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// CommentsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider -type CommentsClient struct { - BaseClient -} - -// NewCommentsClient creates an instance of the CommentsClient client. -func NewCommentsClient(subscriptionID string) CommentsClient { - return NewCommentsClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewCommentsClientWithBaseURI creates an instance of the CommentsClient client using a custom endpoint. Use this -// when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). -func NewCommentsClientWithBaseURI(baseURI string, subscriptionID string) CommentsClient { - return CommentsClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// ListByCase gets all case comments. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// caseID - case ID -// filter - filters the results, based on a Boolean condition. Optional. -// orderby - sorts the results. Optional. -// top - returns only the first n results. Optional. -// skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response -// contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that -// specifies a starting point to use for subsequent calls. Optional. -func (client CommentsClient) ListByCase(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, filter string, orderby string, top *int32, skipToken string) (result CaseCommentListPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CommentsClient.ListByCase") - defer func() { - sc := -1 - if result.ccl.Response.Response != nil { - sc = result.ccl.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.CommentsClient", "ListByCase", err.Error()) - } - - result.fn = client.listByCaseNextResults - req, err := client.ListByCasePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID, filter, orderby, top, skipToken) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CommentsClient", "ListByCase", nil, "Failure preparing request") - return - } - - resp, err := client.ListByCaseSender(req) - if err != nil { - result.ccl.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.CommentsClient", "ListByCase", resp, "Failure sending request") - return - } - - result.ccl, err = client.ListByCaseResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CommentsClient", "ListByCase", resp, "Failure responding to request") - } - - return -} - -// ListByCasePreparer prepares the ListByCase request. -func (client CommentsClient) ListByCasePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "caseId": autorest.Encode("path", caseID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - if len(filter) > 0 { - queryParameters["$filter"] = autorest.Encode("query", filter) - } - if len(orderby) > 0 { - queryParameters["$orderby"] = autorest.Encode("query", orderby) - } - if top != nil { - queryParameters["$top"] = autorest.Encode("query", *top) - } - if len(skipToken) > 0 { - queryParameters["$skipToken"] = autorest.Encode("query", skipToken) - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/cases/{caseId}/comments", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListByCaseSender sends the ListByCase request. The method will close the -// http.Response Body if it receives an error. -func (client CommentsClient) ListByCaseSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// ListByCaseResponder handles the response to the ListByCase request. The method always -// closes the http.Response Body. -func (client CommentsClient) ListByCaseResponder(resp *http.Response) (result CaseCommentList, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listByCaseNextResults retrieves the next set of results, if any. -func (client CommentsClient) listByCaseNextResults(ctx context.Context, lastResults CaseCommentList) (result CaseCommentList, err error) { - req, err := lastResults.caseCommentListPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "securityinsight.CommentsClient", "listByCaseNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListByCaseSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "securityinsight.CommentsClient", "listByCaseNextResults", resp, "Failure sending next results request") - } - result, err = client.ListByCaseResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.CommentsClient", "listByCaseNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListByCaseComplete enumerates all values, automatically crossing page boundaries as required. -func (client CommentsClient) ListByCaseComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, filter string, orderby string, top *int32, skipToken string) (result CaseCommentListIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CommentsClient.ListByCase") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.ListByCase(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, caseID, filter, orderby, top, skipToken) - return -} diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/dataconnectors.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/dataconnectors.go index a464869f6233..254c70e6667b 100644 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/dataconnectors.go +++ b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/dataconnectors.go @@ -46,12 +46,10 @@ func NewDataConnectorsClientWithBaseURI(baseURI string, subscriptionID string) D // Parameters: // resourceGroupName - the name of the resource group within the user's subscription. The name is case // insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. // workspaceName - the name of the workspace. // dataConnectorID - connector ID // dataConnector - the data connector -func (client DataConnectorsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, dataConnectorID string, dataConnector BasicDataConnector) (result DataConnectorModel, err error) { +func (client DataConnectorsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, dataConnector BasicDataConnector) (result DataConnectorModel, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/DataConnectorsClient.CreateOrUpdate") defer func() { @@ -75,7 +73,7 @@ func (client DataConnectorsClient) CreateOrUpdate(ctx context.Context, resourceG return result, validation.NewError("securityinsight.DataConnectorsClient", "CreateOrUpdate", err.Error()) } - req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, dataConnectorID, dataConnector) + req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, workspaceName, dataConnectorID, dataConnector) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.DataConnectorsClient", "CreateOrUpdate", nil, "Failure preparing request") return @@ -97,16 +95,15 @@ func (client DataConnectorsClient) CreateOrUpdate(ctx context.Context, resourceG } // CreateOrUpdatePreparer prepares the CreateOrUpdate request. -func (client DataConnectorsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, dataConnectorID string, dataConnector BasicDataConnector) (*http.Request, error) { +func (client DataConnectorsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, dataConnector BasicDataConnector) (*http.Request, error) { pathParameters := map[string]interface{}{ - "dataConnectorId": autorest.Encode("path", dataConnectorID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "dataConnectorId": autorest.Encode("path", dataConnectorID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2020-01-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -115,7 +112,7 @@ func (client DataConnectorsClient) CreateOrUpdatePreparer(ctx context.Context, r autorest.AsContentType("application/json; charset=utf-8"), autorest.AsPut(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}", pathParameters), autorest.WithJSON(dataConnector), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) @@ -124,8 +121,7 @@ func (client DataConnectorsClient) CreateOrUpdatePreparer(ctx context.Context, r // CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the // http.Response Body if it receives an error. func (client DataConnectorsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } // CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always @@ -145,11 +141,9 @@ func (client DataConnectorsClient) CreateOrUpdateResponder(resp *http.Response) // Parameters: // resourceGroupName - the name of the resource group within the user's subscription. The name is case // insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. // workspaceName - the name of the workspace. // dataConnectorID - connector ID -func (client DataConnectorsClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, dataConnectorID string) (result autorest.Response, err error) { +func (client DataConnectorsClient) Delete(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (result autorest.Response, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/DataConnectorsClient.Delete") defer func() { @@ -173,7 +167,7 @@ func (client DataConnectorsClient) Delete(ctx context.Context, resourceGroupName return result, validation.NewError("securityinsight.DataConnectorsClient", "Delete", err.Error()) } - req, err := client.DeletePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, dataConnectorID) + req, err := client.DeletePreparer(ctx, resourceGroupName, workspaceName, dataConnectorID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.DataConnectorsClient", "Delete", nil, "Failure preparing request") return @@ -195,16 +189,15 @@ func (client DataConnectorsClient) Delete(ctx context.Context, resourceGroupName } // DeletePreparer prepares the Delete request. -func (client DataConnectorsClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, dataConnectorID string) (*http.Request, error) { +func (client DataConnectorsClient) DeletePreparer(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "dataConnectorId": autorest.Encode("path", dataConnectorID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "dataConnectorId": autorest.Encode("path", dataConnectorID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2020-01-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -212,7 +205,7 @@ func (client DataConnectorsClient) DeletePreparer(ctx context.Context, resourceG preparer := autorest.CreatePreparer( autorest.AsDelete(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -220,8 +213,7 @@ func (client DataConnectorsClient) DeletePreparer(ctx context.Context, resourceG // DeleteSender sends the Delete request. The method will close the // http.Response Body if it receives an error. func (client DataConnectorsClient) DeleteSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } // DeleteResponder handles the response to the Delete request. The method always @@ -240,11 +232,9 @@ func (client DataConnectorsClient) DeleteResponder(resp *http.Response) (result // Parameters: // resourceGroupName - the name of the resource group within the user's subscription. The name is case // insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. // workspaceName - the name of the workspace. // dataConnectorID - connector ID -func (client DataConnectorsClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, dataConnectorID string) (result DataConnectorModel, err error) { +func (client DataConnectorsClient) Get(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (result DataConnectorModel, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/DataConnectorsClient.Get") defer func() { @@ -268,7 +258,7 @@ func (client DataConnectorsClient) Get(ctx context.Context, resourceGroupName st return result, validation.NewError("securityinsight.DataConnectorsClient", "Get", err.Error()) } - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, dataConnectorID) + req, err := client.GetPreparer(ctx, resourceGroupName, workspaceName, dataConnectorID) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.DataConnectorsClient", "Get", nil, "Failure preparing request") return @@ -290,16 +280,15 @@ func (client DataConnectorsClient) Get(ctx context.Context, resourceGroupName st } // GetPreparer prepares the Get request. -func (client DataConnectorsClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, dataConnectorID string) (*http.Request, error) { +func (client DataConnectorsClient) GetPreparer(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "dataConnectorId": autorest.Encode("path", dataConnectorID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "dataConnectorId": autorest.Encode("path", dataConnectorID), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2020-01-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -307,7 +296,7 @@ func (client DataConnectorsClient) GetPreparer(ctx context.Context, resourceGrou preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -315,8 +304,7 @@ func (client DataConnectorsClient) GetPreparer(ctx context.Context, resourceGrou // GetSender sends the Get request. The method will close the // http.Response Body if it receives an error. func (client DataConnectorsClient) GetSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } // GetResponder handles the response to the Get request. The method always @@ -336,10 +324,8 @@ func (client DataConnectorsClient) GetResponder(resp *http.Response) (result Dat // Parameters: // resourceGroupName - the name of the resource group within the user's subscription. The name is case // insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. // workspaceName - the name of the workspace. -func (client DataConnectorsClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result DataConnectorListPage, err error) { +func (client DataConnectorsClient) List(ctx context.Context, resourceGroupName string, workspaceName string) (result DataConnectorListPage, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/DataConnectorsClient.List") defer func() { @@ -364,7 +350,7 @@ func (client DataConnectorsClient) List(ctx context.Context, resourceGroupName s } result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + req, err := client.ListPreparer(ctx, resourceGroupName, workspaceName) if err != nil { err = autorest.NewErrorWithError(err, "securityinsight.DataConnectorsClient", "List", nil, "Failure preparing request") return @@ -386,15 +372,14 @@ func (client DataConnectorsClient) List(ctx context.Context, resourceGroupName s } // ListPreparer prepares the List request. -func (client DataConnectorsClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error) { +func (client DataConnectorsClient) ListPreparer(ctx context.Context, resourceGroupName string, workspaceName string) (*http.Request, error) { pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), } - const APIVersion = "2019-01-01-preview" + const APIVersion = "2020-01-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -402,7 +387,7 @@ func (client DataConnectorsClient) ListPreparer(ctx context.Context, resourceGro preparer := autorest.CreatePreparer( autorest.AsGet(), autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors", pathParameters), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors", pathParameters), autorest.WithQueryParameters(queryParameters)) return preparer.Prepare((&http.Request{}).WithContext(ctx)) } @@ -410,8 +395,7 @@ func (client DataConnectorsClient) ListPreparer(ctx context.Context, resourceGro // ListSender sends the List request. The method will close the // http.Response Body if it receives an error. func (client DataConnectorsClient) ListSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) + return client.Send(req, azure.DoRetryWithRegistration(client.Client)) } // ListResponder handles the response to the List request. The method always @@ -449,7 +433,7 @@ func (client DataConnectorsClient) listNextResults(ctx context.Context, lastResu } // ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client DataConnectorsClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result DataConnectorListIterator, err error) { +func (client DataConnectorsClient) ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result DataConnectorListIterator, err error) { if tracing.IsEnabled() { ctx = tracing.StartSpan(ctx, fqdn+"/DataConnectorsClient.List") defer func() { @@ -460,6 +444,6 @@ func (client DataConnectorsClient) ListComplete(ctx context.Context, resourceGro tracing.EndSpan(ctx, sc, err) }() } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) + result.page, err = client.List(ctx, resourceGroupName, workspaceName) return } diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/entities.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/entities.go deleted file mode 100644 index d3f59f42ea9c..000000000000 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/entities.go +++ /dev/null @@ -1,370 +0,0 @@ -package securityinsight - -// Copyright (c) Microsoft and contributors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// -// See the License for the specific language governing permissions and -// limitations under the License. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/validation" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// EntitiesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider -type EntitiesClient struct { - BaseClient -} - -// NewEntitiesClient creates an instance of the EntitiesClient client. -func NewEntitiesClient(subscriptionID string) EntitiesClient { - return NewEntitiesClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewEntitiesClientWithBaseURI creates an instance of the EntitiesClient client using a custom endpoint. Use this -// when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). -func NewEntitiesClientWithBaseURI(baseURI string, subscriptionID string) EntitiesClient { - return EntitiesClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// Expand expands an entity. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// entityID - entity ID -// parameters - the parameters required to execute an expand operation on the given entity. -func (client EntitiesClient) Expand(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, parameters EntityExpandParameters) (result EntityExpandResponse, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/EntitiesClient.Expand") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.EntitiesClient", "Expand", err.Error()) - } - - req, err := client.ExpandPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, entityID, parameters) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.EntitiesClient", "Expand", nil, "Failure preparing request") - return - } - - resp, err := client.ExpandSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.EntitiesClient", "Expand", resp, "Failure sending request") - return - } - - result, err = client.ExpandResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.EntitiesClient", "Expand", resp, "Failure responding to request") - } - - return -} - -// ExpandPreparer prepares the Expand request. -func (client EntitiesClient) ExpandPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, parameters EntityExpandParameters) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "entityId": autorest.Encode("path", entityID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPost(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/expand", pathParameters), - autorest.WithJSON(parameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ExpandSender sends the Expand request. The method will close the -// http.Response Body if it receives an error. -func (client EntitiesClient) ExpandSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// ExpandResponder handles the response to the Expand request. The method always -// closes the http.Response Body. -func (client EntitiesClient) ExpandResponder(resp *http.Response) (result EntityExpandResponse, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// Get gets an entity. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// entityID - entity ID -func (client EntitiesClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string) (result EntityModel, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/EntitiesClient.Get") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.EntitiesClient", "Get", err.Error()) - } - - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, entityID) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.EntitiesClient", "Get", nil, "Failure preparing request") - return - } - - resp, err := client.GetSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.EntitiesClient", "Get", resp, "Failure sending request") - return - } - - result, err = client.GetResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.EntitiesClient", "Get", resp, "Failure responding to request") - } - - return -} - -// GetPreparer prepares the Get request. -func (client EntitiesClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "entityId": autorest.Encode("path", entityID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetSender sends the Get request. The method will close the -// http.Response Body if it receives an error. -func (client EntitiesClient) GetSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// GetResponder handles the response to the Get request. The method always -// closes the http.Response Body. -func (client EntitiesClient) GetResponder(resp *http.Response) (result EntityModel, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// List gets all entities. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -func (client EntitiesClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result EntityListPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/EntitiesClient.List") - defer func() { - sc := -1 - if result.el.Response.Response != nil { - sc = result.el.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.EntitiesClient", "List", err.Error()) - } - - result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.EntitiesClient", "List", nil, "Failure preparing request") - return - } - - resp, err := client.ListSender(req) - if err != nil { - result.el.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.EntitiesClient", "List", resp, "Failure sending request") - return - } - - result.el, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.EntitiesClient", "List", resp, "Failure responding to request") - } - - return -} - -// ListPreparer prepares the List request. -func (client EntitiesClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListSender sends the List request. The method will close the -// http.Response Body if it receives an error. -func (client EntitiesClient) ListSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// ListResponder handles the response to the List request. The method always -// closes the http.Response Body. -func (client EntitiesClient) ListResponder(resp *http.Response) (result EntityList, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listNextResults retrieves the next set of results, if any. -func (client EntitiesClient) listNextResults(ctx context.Context, lastResults EntityList) (result EntityList, err error) { - req, err := lastResults.entityListPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "securityinsight.EntitiesClient", "listNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "securityinsight.EntitiesClient", "listNextResults", resp, "Failure sending next results request") - } - result, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.EntitiesClient", "listNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client EntitiesClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result EntityListIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/EntitiesClient.List") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) - return -} diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/entityqueries.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/entityqueries.go deleted file mode 100644 index e474b6600e1d..000000000000 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/entityqueries.go +++ /dev/null @@ -1,271 +0,0 @@ -package securityinsight - -// Copyright (c) Microsoft and contributors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// -// See the License for the specific language governing permissions and -// limitations under the License. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/validation" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// EntityQueriesClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider -type EntityQueriesClient struct { - BaseClient -} - -// NewEntityQueriesClient creates an instance of the EntityQueriesClient client. -func NewEntityQueriesClient(subscriptionID string) EntityQueriesClient { - return NewEntityQueriesClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewEntityQueriesClientWithBaseURI creates an instance of the EntityQueriesClient client using a custom endpoint. -// Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). -func NewEntityQueriesClientWithBaseURI(baseURI string, subscriptionID string) EntityQueriesClient { - return EntityQueriesClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// Get gets an entity query. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// entityQueryID - entity query ID -func (client EntityQueriesClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityQueryID string) (result EntityQuery, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueriesClient.Get") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.EntityQueriesClient", "Get", err.Error()) - } - - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, entityQueryID) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "Get", nil, "Failure preparing request") - return - } - - resp, err := client.GetSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "Get", resp, "Failure sending request") - return - } - - result, err = client.GetResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "Get", resp, "Failure responding to request") - } - - return -} - -// GetPreparer prepares the Get request. -func (client EntityQueriesClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityQueryID string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "entityQueryId": autorest.Encode("path", entityQueryID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries/{entityQueryId}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetSender sends the Get request. The method will close the -// http.Response Body if it receives an error. -func (client EntityQueriesClient) GetSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// GetResponder handles the response to the Get request. The method always -// closes the http.Response Body. -func (client EntityQueriesClient) GetResponder(resp *http.Response) (result EntityQuery, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// List gets all entity queries. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -func (client EntityQueriesClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result EntityQueryListPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueriesClient.List") - defer func() { - sc := -1 - if result.eql.Response.Response != nil { - sc = result.eql.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.EntityQueriesClient", "List", err.Error()) - } - - result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "List", nil, "Failure preparing request") - return - } - - resp, err := client.ListSender(req) - if err != nil { - result.eql.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "List", resp, "Failure sending request") - return - } - - result.eql, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "List", resp, "Failure responding to request") - } - - return -} - -// ListPreparer prepares the List request. -func (client EntityQueriesClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListSender sends the List request. The method will close the -// http.Response Body if it receives an error. -func (client EntityQueriesClient) ListSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// ListResponder handles the response to the List request. The method always -// closes the http.Response Body. -func (client EntityQueriesClient) ListResponder(resp *http.Response) (result EntityQueryList, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listNextResults retrieves the next set of results, if any. -func (client EntityQueriesClient) listNextResults(ctx context.Context, lastResults EntityQueryList) (result EntityQueryList, err error) { - req, err := lastResults.entityQueryListPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "listNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "listNextResults", resp, "Failure sending next results request") - } - result, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.EntityQueriesClient", "listNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client EntityQueriesClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result EntityQueryListIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueriesClient.List") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) - return -} diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/models.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/models.go index 66a1ae79c619..e1f7a356ed41 100644 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/models.go +++ b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/models.go @@ -67,27 +67,6 @@ func PossibleAlertSeverityValues() []AlertSeverity { return []AlertSeverity{High, Informational, Low, Medium} } -// AlertStatus enumerates the values for alert status. -type AlertStatus string - -const ( - // AlertStatusDismissed Alert dismissed as false positive - AlertStatusDismissed AlertStatus = "Dismissed" - // AlertStatusInProgress Alert is being handled - AlertStatusInProgress AlertStatus = "InProgress" - // AlertStatusNew New alert - AlertStatusNew AlertStatus = "New" - // AlertStatusResolved Alert closed after handling - AlertStatusResolved AlertStatus = "Resolved" - // AlertStatusUnknown Unknown value - AlertStatusUnknown AlertStatus = "Unknown" -) - -// PossibleAlertStatusValues returns an array of possible values for the AlertStatus const type. -func PossibleAlertStatusValues() []AlertStatus { - return []AlertStatus{AlertStatusDismissed, AlertStatusInProgress, AlertStatusNew, AlertStatusResolved, AlertStatusUnknown} -} - // AttackTactic enumerates the values for attack tactic. type AttackTactic string @@ -123,120 +102,6 @@ func PossibleAttackTacticValues() []AttackTactic { return []AttackTactic{Collection, CommandAndControl, CredentialAccess, DefenseEvasion, Discovery, Execution, Exfiltration, Impact, InitialAccess, LateralMovement, Persistence, PrivilegeEscalation} } -// CaseSeverity enumerates the values for case severity. -type CaseSeverity string - -const ( - // CaseSeverityCritical Critical severity - CaseSeverityCritical CaseSeverity = "Critical" - // CaseSeverityHigh High severity - CaseSeverityHigh CaseSeverity = "High" - // CaseSeverityInformational Informational severity - CaseSeverityInformational CaseSeverity = "Informational" - // CaseSeverityLow Low severity - CaseSeverityLow CaseSeverity = "Low" - // CaseSeverityMedium Medium severity - CaseSeverityMedium CaseSeverity = "Medium" -) - -// PossibleCaseSeverityValues returns an array of possible values for the CaseSeverity const type. -func PossibleCaseSeverityValues() []CaseSeverity { - return []CaseSeverity{CaseSeverityCritical, CaseSeverityHigh, CaseSeverityInformational, CaseSeverityLow, CaseSeverityMedium} -} - -// CaseStatus enumerates the values for case status. -type CaseStatus string - -const ( - // CaseStatusClosed A non active case - CaseStatusClosed CaseStatus = "Closed" - // CaseStatusDraft Case that wasn't promoted yet to active - CaseStatusDraft CaseStatus = "Draft" - // CaseStatusInProgress An active case which is handled - CaseStatusInProgress CaseStatus = "InProgress" - // CaseStatusNew An active case which isn't handled currently - CaseStatusNew CaseStatus = "New" -) - -// PossibleCaseStatusValues returns an array of possible values for the CaseStatus const type. -func PossibleCaseStatusValues() []CaseStatus { - return []CaseStatus{CaseStatusClosed, CaseStatusDraft, CaseStatusInProgress, CaseStatusNew} -} - -// CloseReason enumerates the values for close reason. -type CloseReason string - -const ( - // Dismissed Case was dismissed - Dismissed CloseReason = "Dismissed" - // FalsePositive Case was false positive - FalsePositive CloseReason = "FalsePositive" - // Other Case was closed for another reason - Other CloseReason = "Other" - // Resolved Case was resolved - Resolved CloseReason = "Resolved" - // TruePositive Case was true positive - TruePositive CloseReason = "TruePositive" -) - -// PossibleCloseReasonValues returns an array of possible values for the CloseReason const type. -func PossibleCloseReasonValues() []CloseReason { - return []CloseReason{Dismissed, FalsePositive, Other, Resolved, TruePositive} -} - -// ConfidenceLevel enumerates the values for confidence level. -type ConfidenceLevel string - -const ( - // ConfidenceLevelHigh High confidence that the alert is true positive malicious - ConfidenceLevelHigh ConfidenceLevel = "High" - // ConfidenceLevelLow Low confidence, meaning we have some doubts this is indeed malicious or part of an - // attack - ConfidenceLevelLow ConfidenceLevel = "Low" - // ConfidenceLevelUnknown Unknown confidence, the is the default value - ConfidenceLevelUnknown ConfidenceLevel = "Unknown" -) - -// PossibleConfidenceLevelValues returns an array of possible values for the ConfidenceLevel const type. -func PossibleConfidenceLevelValues() []ConfidenceLevel { - return []ConfidenceLevel{ConfidenceLevelHigh, ConfidenceLevelLow, ConfidenceLevelUnknown} -} - -// ConfidenceScoreStatus enumerates the values for confidence score status. -type ConfidenceScoreStatus string - -const ( - // Final Final score was calculated and available - Final ConfidenceScoreStatus = "Final" - // InProcess No score was set yet and calculation is in progress - InProcess ConfidenceScoreStatus = "InProcess" - // NotApplicable Score will not be calculated for this alert as it is not supported by virtual analyst - NotApplicable ConfidenceScoreStatus = "NotApplicable" - // NotFinal Score is calculated and shown as part of the alert, but may be updated again at a later time - // following the processing of additional data - NotFinal ConfidenceScoreStatus = "NotFinal" -) - -// PossibleConfidenceScoreStatusValues returns an array of possible values for the ConfidenceScoreStatus const type. -func PossibleConfidenceScoreStatusValues() []ConfidenceScoreStatus { - return []ConfidenceScoreStatus{Final, InProcess, NotApplicable, NotFinal} -} - -// DataConnectorAuthorizationState enumerates the values for data connector authorization state. -type DataConnectorAuthorizationState string - -const ( - // Invalid ... - Invalid DataConnectorAuthorizationState = "Invalid" - // Valid ... - Valid DataConnectorAuthorizationState = "Valid" -) - -// PossibleDataConnectorAuthorizationStateValues returns an array of possible values for the DataConnectorAuthorizationState const type. -func PossibleDataConnectorAuthorizationStateValues() []DataConnectorAuthorizationState { - return []DataConnectorAuthorizationState{Invalid, Valid} -} - // DataConnectorKind enumerates the values for data connector kind. type DataConnectorKind string @@ -264,23 +129,6 @@ func PossibleDataConnectorKindValues() []DataConnectorKind { return []DataConnectorKind{DataConnectorKindAmazonWebServicesCloudTrail, DataConnectorKindAzureActiveDirectory, DataConnectorKindAzureAdvancedThreatProtection, DataConnectorKindAzureSecurityCenter, DataConnectorKindMicrosoftCloudAppSecurity, DataConnectorKindMicrosoftDefenderAdvancedThreatProtection, DataConnectorKindOffice365, DataConnectorKindThreatIntelligence} } -// DataConnectorLicenseState enumerates the values for data connector license state. -type DataConnectorLicenseState string - -const ( - // DataConnectorLicenseStateInvalid ... - DataConnectorLicenseStateInvalid DataConnectorLicenseState = "Invalid" - // DataConnectorLicenseStateUnknown ... - DataConnectorLicenseStateUnknown DataConnectorLicenseState = "Unknown" - // DataConnectorLicenseStateValid ... - DataConnectorLicenseStateValid DataConnectorLicenseState = "Valid" -) - -// PossibleDataConnectorLicenseStateValues returns an array of possible values for the DataConnectorLicenseState const type. -func PossibleDataConnectorLicenseStateValues() []DataConnectorLicenseState { - return []DataConnectorLicenseState{DataConnectorLicenseStateInvalid, DataConnectorLicenseStateUnknown, DataConnectorLicenseStateValid} -} - // DataTypeState enumerates the values for data type state. type DataTypeState string @@ -296,149 +144,6 @@ func PossibleDataTypeStateValues() []DataTypeState { return []DataTypeState{Disabled, Enabled} } -// DataTypeStatus enumerates the values for data type status. -type DataTypeStatus string - -const ( - // Exist ... - Exist DataTypeStatus = "Exist" - // NotExist ... - NotExist DataTypeStatus = "NotExist" -) - -// PossibleDataTypeStatusValues returns an array of possible values for the DataTypeStatus const type. -func PossibleDataTypeStatusValues() []DataTypeStatus { - return []DataTypeStatus{Exist, NotExist} -} - -// ElevationToken enumerates the values for elevation token. -type ElevationToken string - -const ( - // Default Default elevation token - Default ElevationToken = "Default" - // Full Full elevation token - Full ElevationToken = "Full" - // Limited Limited elevation token - Limited ElevationToken = "Limited" -) - -// PossibleElevationTokenValues returns an array of possible values for the ElevationToken const type. -func PossibleElevationTokenValues() []ElevationToken { - return []ElevationToken{Default, Full, Limited} -} - -// EntityKind enumerates the values for entity kind. -type EntityKind string - -const ( - // EntityKindAccount Entity represents account in the system. - EntityKindAccount EntityKind = "Account" - // EntityKindAzureResource Entity represents azure resource in the system. - EntityKindAzureResource EntityKind = "AzureResource" - // EntityKindBookmark Entity represents bookmark in the system. - EntityKindBookmark EntityKind = "Bookmark" - // EntityKindCloudApplication Entity represents cloud application in the system. - EntityKindCloudApplication EntityKind = "CloudApplication" - // EntityKindDNSResolution Entity represents dns resolution in the system. - EntityKindDNSResolution EntityKind = "DnsResolution" - // EntityKindFile Entity represents file in the system. - EntityKindFile EntityKind = "File" - // EntityKindFileHash Entity represents file hash in the system. - EntityKindFileHash EntityKind = "FileHash" - // EntityKindHost Entity represents host in the system. - EntityKindHost EntityKind = "Host" - // EntityKindIoTDevice Entity represents IoT device in the system. - EntityKindIoTDevice EntityKind = "IoTDevice" - // EntityKindIP Entity represents ip in the system. - EntityKindIP EntityKind = "Ip" - // EntityKindMalware Entity represents malware in the system. - EntityKindMalware EntityKind = "Malware" - // EntityKindProcess Entity represents process in the system. - EntityKindProcess EntityKind = "Process" - // EntityKindRegistryKey Entity represents registry key in the system. - EntityKindRegistryKey EntityKind = "RegistryKey" - // EntityKindRegistryValue Entity represents registry value in the system. - EntityKindRegistryValue EntityKind = "RegistryValue" - // EntityKindSecurityAlert Entity represents security alert in the system. - EntityKindSecurityAlert EntityKind = "SecurityAlert" - // EntityKindSecurityGroup Entity represents security group in the system. - EntityKindSecurityGroup EntityKind = "SecurityGroup" - // EntityKindURL Entity represents url in the system. - EntityKindURL EntityKind = "Url" -) - -// PossibleEntityKindValues returns an array of possible values for the EntityKind const type. -func PossibleEntityKindValues() []EntityKind { - return []EntityKind{EntityKindAccount, EntityKindAzureResource, EntityKindBookmark, EntityKindCloudApplication, EntityKindDNSResolution, EntityKindFile, EntityKindFileHash, EntityKindHost, EntityKindIoTDevice, EntityKindIP, EntityKindMalware, EntityKindProcess, EntityKindRegistryKey, EntityKindRegistryValue, EntityKindSecurityAlert, EntityKindSecurityGroup, EntityKindURL} -} - -// EntityType enumerates the values for entity type. -type EntityType string - -const ( - // EntityTypeAccount Entity represents account in the system. - EntityTypeAccount EntityType = "Account" - // EntityTypeAzureResource Entity represents azure resource in the system. - EntityTypeAzureResource EntityType = "AzureResource" - // EntityTypeCloudApplication Entity represents cloud application in the system. - EntityTypeCloudApplication EntityType = "CloudApplication" - // EntityTypeDNS Entity represents dns in the system. - EntityTypeDNS EntityType = "DNS" - // EntityTypeFile Entity represents file in the system. - EntityTypeFile EntityType = "File" - // EntityTypeFileHash Entity represents file hash in the system. - EntityTypeFileHash EntityType = "FileHash" - // EntityTypeHost Entity represents host in the system. - EntityTypeHost EntityType = "Host" - // EntityTypeHuntingBookmark Entity represents HuntingBookmark in the system. - EntityTypeHuntingBookmark EntityType = "HuntingBookmark" - // EntityTypeIoTDevice Entity represents IoT device in the system. - EntityTypeIoTDevice EntityType = "IoTDevice" - // EntityTypeIP Entity represents ip in the system. - EntityTypeIP EntityType = "IP" - // EntityTypeMalware Entity represents malware in the system. - EntityTypeMalware EntityType = "Malware" - // EntityTypeProcess Entity represents process in the system. - EntityTypeProcess EntityType = "Process" - // EntityTypeRegistryKey Entity represents registry key in the system. - EntityTypeRegistryKey EntityType = "RegistryKey" - // EntityTypeRegistryValue Entity represents registry value in the system. - EntityTypeRegistryValue EntityType = "RegistryValue" - // EntityTypeSecurityAlert Entity represents security alert in the system. - EntityTypeSecurityAlert EntityType = "SecurityAlert" - // EntityTypeSecurityGroup Entity represents security group in the system. - EntityTypeSecurityGroup EntityType = "SecurityGroup" - // EntityTypeURL Entity represents url in the system. - EntityTypeURL EntityType = "URL" -) - -// PossibleEntityTypeValues returns an array of possible values for the EntityType const type. -func PossibleEntityTypeValues() []EntityType { - return []EntityType{EntityTypeAccount, EntityTypeAzureResource, EntityTypeCloudApplication, EntityTypeDNS, EntityTypeFile, EntityTypeFileHash, EntityTypeHost, EntityTypeHuntingBookmark, EntityTypeIoTDevice, EntityTypeIP, EntityTypeMalware, EntityTypeProcess, EntityTypeRegistryKey, EntityTypeRegistryValue, EntityTypeSecurityAlert, EntityTypeSecurityGroup, EntityTypeURL} -} - -// FileHashAlgorithm enumerates the values for file hash algorithm. -type FileHashAlgorithm string - -const ( - // MD5 MD5 hash type - MD5 FileHashAlgorithm = "MD5" - // SHA1 SHA1 hash type - SHA1 FileHashAlgorithm = "SHA1" - // SHA256 SHA256 hash type - SHA256 FileHashAlgorithm = "SHA256" - // SHA256AC SHA256 Authenticode hash type - SHA256AC FileHashAlgorithm = "SHA256AC" - // Unknown Unknown hash algorithm - Unknown FileHashAlgorithm = "Unknown" -) - -// PossibleFileHashAlgorithmValues returns an array of possible values for the FileHashAlgorithm const type. -func PossibleFileHashAlgorithmValues() []FileHashAlgorithm { - return []FileHashAlgorithm{MD5, SHA1, SHA256, SHA256AC, Unknown} -} - // IncidentSeverity enumerates the values for incident severity. type IncidentSeverity string @@ -460,116 +165,23 @@ func PossibleIncidentSeverityValues() []IncidentSeverity { return []IncidentSeverity{IncidentSeverityCritical, IncidentSeverityHigh, IncidentSeverityInformational, IncidentSeverityLow, IncidentSeverityMedium} } -// KillChainIntent enumerates the values for kill chain intent. -type KillChainIntent string - -const ( - // KillChainIntentCollection Collection consists of techniques used to identify and gather information, - // such as sensitive files, from a target network prior to exfiltration. This category also covers - // locations on a system or network where the adversary may look for information to exfiltrate. - KillChainIntentCollection KillChainIntent = "Collection" - // KillChainIntentCommandAndControl The command and control tactic represents how adversaries communicate - // with systems under their control within a target network. - KillChainIntentCommandAndControl KillChainIntent = "CommandAndControl" - // KillChainIntentCredentialAccess Credential access represents techniques resulting in access to or - // control over system, domain, or service credentials that are used within an enterprise environment. - // Adversaries will likely attempt to obtain legitimate credentials from users or administrator accounts - // (local system administrator or domain users with administrator access) to use within the network. With - // sufficient access within a network, an adversary can create accounts for later use within the - // environment. - KillChainIntentCredentialAccess KillChainIntent = "CredentialAccess" - // KillChainIntentDefenseEvasion Defense evasion consists of techniques an adversary may use to evade - // detection or avoid other defenses. Sometimes these actions are the same as or variations of techniques - // in other categories that have the added benefit of subverting a particular defense or mitigation. - KillChainIntentDefenseEvasion KillChainIntent = "DefenseEvasion" - // KillChainIntentDiscovery Discovery consists of techniques that allow the adversary to gain knowledge - // about the system and internal network. When adversaries gain access to a new system, they must orient - // themselves to what they now have control of and what benefits operating from that system give to their - // current objective or overall goals during the intrusion. The operating system provides many native tools - // that aid in this post-compromise information-gathering phase. - KillChainIntentDiscovery KillChainIntent = "Discovery" - // KillChainIntentExecution The execution tactic represents techniques that result in execution of - // adversary-controlled code on a local or remote system. This tactic is often used in conjunction with - // lateral movement to expand access to remote systems on a network. - KillChainIntentExecution KillChainIntent = "Execution" - // KillChainIntentExfiltration Exfiltration refers to techniques and attributes that result or aid in the - // adversary removing files and information from a target network. This category also covers locations on a - // system or network where the adversary may look for information to exfiltrate. - KillChainIntentExfiltration KillChainIntent = "Exfiltration" - // KillChainIntentExploitation Exploitation is the stage where an attacker manage to get foothold on the - // attacked resource. This stage is applicable not only for compute hosts, but also for resources such as - // user accounts, certificates etc. Adversaries will often be able to control the resource after this - // stage. - KillChainIntentExploitation KillChainIntent = "Exploitation" - // KillChainIntentImpact The impact intent primary objective is to directly reduce the availability or - // integrity of a system, service, or network; including manipulation of data to impact a business or - // operational process. This would often refer to techniques such as ransom-ware, defacement, data - // manipulation and others. - KillChainIntentImpact KillChainIntent = "Impact" - // KillChainIntentLateralMovement Lateral movement consists of techniques that enable an adversary to - // access and control remote systems on a network and could, but does not necessarily, include execution of - // tools on remote systems. The lateral movement techniques could allow an adversary to gather information - // from a system without needing additional tools, such as a remote access tool. An adversary can use - // lateral movement for many purposes, including remote Execution of tools, pivoting to additional systems, - // access to specific information or files, access to additional credentials, or to cause an effect. - KillChainIntentLateralMovement KillChainIntent = "LateralMovement" - // KillChainIntentPersistence Persistence is any access, action, or configuration change to a system that - // gives an adversary a persistent presence on that system. Adversaries will often need to maintain access - // to systems through interruptions such as system restarts, loss of credentials, or other failures that - // would require a remote access tool to restart or alternate backdoor for them to regain access. - KillChainIntentPersistence KillChainIntent = "Persistence" - // KillChainIntentPrivilegeEscalation Privilege escalation is the result of actions that allow an adversary - // to obtain a higher level of permissions on a system or network. Certain tools or actions require a - // higher level of privilege to work and are likely necessary at many points throughout an operation. User - // accounts with permissions to access specific systems or perform specific functions necessary for - // adversaries to achieve their objective may also be considered an escalation of privilege. - KillChainIntentPrivilegeEscalation KillChainIntent = "PrivilegeEscalation" - // KillChainIntentProbing Probing could be an attempt to access a certain resource regardless of a - // malicious intent or a failed attempt to gain access to a target system to gather information prior to - // exploitation. This step is usually detected as an attempt originating from outside the network in - // attempt to scan the target system and find a way in. - KillChainIntentProbing KillChainIntent = "Probing" - // KillChainIntentUnknown The default value. - KillChainIntentUnknown KillChainIntent = "Unknown" -) - -// PossibleKillChainIntentValues returns an array of possible values for the KillChainIntent const type. -func PossibleKillChainIntentValues() []KillChainIntent { - return []KillChainIntent{KillChainIntentCollection, KillChainIntentCommandAndControl, KillChainIntentCredentialAccess, KillChainIntentDefenseEvasion, KillChainIntentDiscovery, KillChainIntentExecution, KillChainIntentExfiltration, KillChainIntentExploitation, KillChainIntentImpact, KillChainIntentLateralMovement, KillChainIntentPersistence, KillChainIntentPrivilegeEscalation, KillChainIntentProbing, KillChainIntentUnknown} -} - // Kind enumerates the values for kind. type Kind string -const ( - // KindAggregations ... - KindAggregations Kind = "Aggregations" - // KindCasesAggregation ... - KindCasesAggregation Kind = "CasesAggregation" -) - -// PossibleKindValues returns an array of possible values for the Kind const type. -func PossibleKindValues() []Kind { - return []Kind{KindAggregations, KindCasesAggregation} -} - -// KindBasicAlertRule enumerates the values for kind basic alert rule. -type KindBasicAlertRule string - const ( // KindAlertRule ... - KindAlertRule KindBasicAlertRule = "AlertRule" + KindAlertRule Kind = "AlertRule" // KindFusion ... - KindFusion KindBasicAlertRule = "Fusion" + KindFusion Kind = "Fusion" // KindMicrosoftSecurityIncidentCreation ... - KindMicrosoftSecurityIncidentCreation KindBasicAlertRule = "MicrosoftSecurityIncidentCreation" + KindMicrosoftSecurityIncidentCreation Kind = "MicrosoftSecurityIncidentCreation" // KindScheduled ... - KindScheduled KindBasicAlertRule = "Scheduled" + KindScheduled Kind = "Scheduled" ) -// PossibleKindBasicAlertRuleValues returns an array of possible values for the KindBasicAlertRule const type. -func PossibleKindBasicAlertRuleValues() []KindBasicAlertRule { - return []KindBasicAlertRule{KindAlertRule, KindFusion, KindMicrosoftSecurityIncidentCreation, KindScheduled} +// PossibleKindValues returns an array of possible values for the Kind const type. +func PossibleKindValues() []Kind { + return []Kind{KindAlertRule, KindFusion, KindMicrosoftSecurityIncidentCreation, KindScheduled} } // KindBasicAlertRuleTemplate enumerates the values for kind basic alert rule template. @@ -620,51 +232,6 @@ func PossibleKindBasicDataConnectorValues() []KindBasicDataConnector { return []KindBasicDataConnector{KindAmazonWebServicesCloudTrail, KindAzureActiveDirectory, KindAzureAdvancedThreatProtection, KindAzureSecurityCenter, KindDataConnector, KindMicrosoftCloudAppSecurity, KindMicrosoftDefenderAdvancedThreatProtection, KindOffice365, KindThreatIntelligence} } -// KindBasicEntity enumerates the values for kind basic entity. -type KindBasicEntity string - -const ( - // KindAccount ... - KindAccount KindBasicEntity = "Account" - // KindAzureResource ... - KindAzureResource KindBasicEntity = "AzureResource" - // KindCloudApplication ... - KindCloudApplication KindBasicEntity = "CloudApplication" - // KindDNSResolution ... - KindDNSResolution KindBasicEntity = "DnsResolution" - // KindEntity ... - KindEntity KindBasicEntity = "Entity" - // KindFile ... - KindFile KindBasicEntity = "File" - // KindFileHash ... - KindFileHash KindBasicEntity = "FileHash" - // KindHost ... - KindHost KindBasicEntity = "Host" - // KindIoTDevice ... - KindIoTDevice KindBasicEntity = "IoTDevice" - // KindIP ... - KindIP KindBasicEntity = "Ip" - // KindMalware ... - KindMalware KindBasicEntity = "Malware" - // KindProcess ... - KindProcess KindBasicEntity = "Process" - // KindRegistryKey ... - KindRegistryKey KindBasicEntity = "RegistryKey" - // KindRegistryValue ... - KindRegistryValue KindBasicEntity = "RegistryValue" - // KindSecurityAlert ... - KindSecurityAlert KindBasicEntity = "SecurityAlert" - // KindSecurityGroup ... - KindSecurityGroup KindBasicEntity = "SecurityGroup" - // KindURL ... - KindURL KindBasicEntity = "Url" -) - -// PossibleKindBasicEntityValues returns an array of possible values for the KindBasicEntity const type. -func PossibleKindBasicEntityValues() []KindBasicEntity { - return []KindBasicEntity{KindAccount, KindAzureResource, KindCloudApplication, KindDNSResolution, KindEntity, KindFile, KindFileHash, KindHost, KindIoTDevice, KindIP, KindMalware, KindProcess, KindRegistryKey, KindRegistryValue, KindSecurityAlert, KindSecurityGroup, KindURL} -} - // KindBasicSettings enumerates the values for kind basic settings. type KindBasicSettings string @@ -718,111 +285,6 @@ func PossibleMicrosoftSecurityProductNameValues() []MicrosoftSecurityProductName return []MicrosoftSecurityProductName{AzureActiveDirectoryIdentityProtection, AzureAdvancedThreatProtection, AzureSecurityCenter, AzureSecurityCenterforIoT, MicrosoftCloudAppSecurity} } -// OSFamily enumerates the values for os family. -type OSFamily string - -const ( - // Android Host with Android operating system. - Android OSFamily = "Android" - // IOS Host with IOS operating system. - IOS OSFamily = "IOS" - // Linux Host with Linux operating system. - Linux OSFamily = "Linux" - // Windows Host with Windows operating system. - Windows OSFamily = "Windows" -) - -// PossibleOSFamilyValues returns an array of possible values for the OSFamily const type. -func PossibleOSFamilyValues() []OSFamily { - return []OSFamily{Android, IOS, Linux, Windows} -} - -// RegistryHive enumerates the values for registry hive. -type RegistryHive string - -const ( - // HKEYA HKEY_A - HKEYA RegistryHive = "HKEY_A" - // HKEYCLASSESROOT HKEY_CLASSES_ROOT - HKEYCLASSESROOT RegistryHive = "HKEY_CLASSES_ROOT" - // HKEYCURRENTCONFIG HKEY_CURRENT_CONFIG - HKEYCURRENTCONFIG RegistryHive = "HKEY_CURRENT_CONFIG" - // HKEYCURRENTUSER HKEY_CURRENT_USER - HKEYCURRENTUSER RegistryHive = "HKEY_CURRENT_USER" - // HKEYCURRENTUSERLOCALSETTINGS HKEY_CURRENT_USER_LOCAL_SETTINGS - HKEYCURRENTUSERLOCALSETTINGS RegistryHive = "HKEY_CURRENT_USER_LOCAL_SETTINGS" - // HKEYLOCALMACHINE HKEY_LOCAL_MACHINE - HKEYLOCALMACHINE RegistryHive = "HKEY_LOCAL_MACHINE" - // HKEYPERFORMANCEDATA HKEY_PERFORMANCE_DATA - HKEYPERFORMANCEDATA RegistryHive = "HKEY_PERFORMANCE_DATA" - // HKEYPERFORMANCENLSTEXT HKEY_PERFORMANCE_NLSTEXT - HKEYPERFORMANCENLSTEXT RegistryHive = "HKEY_PERFORMANCE_NLSTEXT" - // HKEYPERFORMANCETEXT HKEY_PERFORMANCE_TEXT - HKEYPERFORMANCETEXT RegistryHive = "HKEY_PERFORMANCE_TEXT" - // HKEYUSERS HKEY_USERS - HKEYUSERS RegistryHive = "HKEY_USERS" -) - -// PossibleRegistryHiveValues returns an array of possible values for the RegistryHive const type. -func PossibleRegistryHiveValues() []RegistryHive { - return []RegistryHive{HKEYA, HKEYCLASSESROOT, HKEYCURRENTCONFIG, HKEYCURRENTUSER, HKEYCURRENTUSERLOCALSETTINGS, HKEYLOCALMACHINE, HKEYPERFORMANCEDATA, HKEYPERFORMANCENLSTEXT, HKEYPERFORMANCETEXT, HKEYUSERS} -} - -// RegistryValueKind enumerates the values for registry value kind. -type RegistryValueKind string - -const ( - // RegistryValueKindBinary Binary value type - RegistryValueKindBinary RegistryValueKind = "Binary" - // RegistryValueKindDWord DWord value type - RegistryValueKindDWord RegistryValueKind = "DWord" - // RegistryValueKindExpandString ExpandString value type - RegistryValueKindExpandString RegistryValueKind = "ExpandString" - // RegistryValueKindMultiString MultiString value type - RegistryValueKindMultiString RegistryValueKind = "MultiString" - // RegistryValueKindNone None - RegistryValueKindNone RegistryValueKind = "None" - // RegistryValueKindQWord QWord value type - RegistryValueKindQWord RegistryValueKind = "QWord" - // RegistryValueKindString String value type - RegistryValueKindString RegistryValueKind = "String" - // RegistryValueKindUnknown Unknown value type - RegistryValueKindUnknown RegistryValueKind = "Unknown" -) - -// PossibleRegistryValueKindValues returns an array of possible values for the RegistryValueKind const type. -func PossibleRegistryValueKindValues() []RegistryValueKind { - return []RegistryValueKind{RegistryValueKindBinary, RegistryValueKindDWord, RegistryValueKindExpandString, RegistryValueKindMultiString, RegistryValueKindNone, RegistryValueKindQWord, RegistryValueKindString, RegistryValueKindUnknown} -} - -// RelationNodeKind enumerates the values for relation node kind. -type RelationNodeKind string - -const ( - // RelationNodeKindBookmark Bookmark node part of the relation - RelationNodeKindBookmark RelationNodeKind = "Bookmark" - // RelationNodeKindCase Case node part of the relation - RelationNodeKindCase RelationNodeKind = "Case" -) - -// PossibleRelationNodeKindValues returns an array of possible values for the RelationNodeKind const type. -func PossibleRelationNodeKindValues() []RelationNodeKind { - return []RelationNodeKind{RelationNodeKindBookmark, RelationNodeKindCase} -} - -// RelationTypes enumerates the values for relation types. -type RelationTypes string - -const ( - // CasesToBookmarks Relations between cases and bookmarks - CasesToBookmarks RelationTypes = "CasesToBookmarks" -) - -// PossibleRelationTypesValues returns an array of possible values for the RelationTypes const type. -func PossibleRelationTypesValues() []RelationTypes { - return []RelationTypes{CasesToBookmarks} -} - // SettingKind enumerates the values for setting kind. type SettingKind string @@ -889,12 +351,6 @@ func PossibleTriggerOperatorValues() []TriggerOperator { return []TriggerOperator{Equal, GreaterThan, LessThan, NotEqual} } -// AADCheckRequirements AAD (Azure Active Directory) requirements check properties. -type AADCheckRequirements struct { - // TenantID - The tenant id to connect to, and get the data from. - TenantID *string `json:"tenantId,omitempty"` -} - // AADDataConnector represents AAD (Azure Active Directory) data connector. type AADDataConnector struct { // AADDataConnectorProperties - AAD (Azure Active Directory) data connector properties. @@ -1054,12 +510,6 @@ type AADDataConnectorProperties struct { DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` } -// AATPCheckRequirements AATP (Azure Advanced Threat Protection) requirements check properties. -type AATPCheckRequirements struct { - // TenantID - The tenant id to connect to, and get the data from. - TenantID *string `json:"tenantId,omitempty"` -} - // AATPDataConnector represents AATP (Azure Advanced Threat Protection) data connector. type AATPDataConnector struct { // AATPDataConnectorProperties - AATP (Azure Advanced Threat Protection) data connector properties. @@ -1219,125 +669,40 @@ type AATPDataConnectorProperties struct { DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` } -// AccountEntity represents an account entity. -type AccountEntity struct { - // AccountEntityProperties - Account entity properties - *AccountEntityProperties `json:"properties,omitempty"` +// ActionPropertiesBase action property bag base. +type ActionPropertiesBase struct { + // LogicAppResourceID - Logic App Resource Id, providers/Microsoft.Logic/workflows/{WorkflowID}. + LogicAppResourceID *string `json:"logicAppResourceId,omitempty"` +} + +// ActionRequest action for alert rule. +type ActionRequest struct { + // ActionRequestProperties - Action properties for put request + *ActionRequestProperties `json:"properties,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindAzureResource', 'KindCloudApplication', 'KindDNSResolution', 'KindFile', 'KindFileHash', 'KindHost', 'KindIP', 'KindMalware', 'KindProcess', 'KindRegistryKey', 'KindRegistryValue', 'KindSecurityAlert', 'KindSecurityGroup', 'KindURL', 'KindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` } -// MarshalJSON is the custom marshaler for AccountEntity. -func (ae AccountEntity) MarshalJSON() ([]byte, error) { - ae.Kind = KindAccount +// MarshalJSON is the custom marshaler for ActionRequest. +func (ar ActionRequest) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if ae.AccountEntityProperties != nil { - objectMap["properties"] = ae.AccountEntityProperties + if ar.ActionRequestProperties != nil { + objectMap["properties"] = ar.ActionRequestProperties } - if ae.Kind != "" { - objectMap["kind"] = ae.Kind + if ar.Etag != nil { + objectMap["etag"] = ar.Etag } return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsAccountEntity() (*AccountEntity, bool) { - return &ae, true -} - -// AsAzureResourceEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false -} - -// AsCloudApplicationEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false -} - -// AsDNSEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsDNSEntity() (*DNSEntity, bool) { - return nil, false -} - -// AsFileEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsFileEntity() (*FileEntity, bool) { - return nil, false -} - -// AsFileHashEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsFileHashEntity() (*FileHashEntity, bool) { - return nil, false -} - -// AsHostEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsHostEntity() (*HostEntity, bool) { - return nil, false -} - -// AsIPEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsIPEntity() (*IPEntity, bool) { - return nil, false -} - -// AsMalwareEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsMalwareEntity() (*MalwareEntity, bool) { - return nil, false -} - -// AsProcessEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsProcessEntity() (*ProcessEntity, bool) { - return nil, false -} - -// AsRegistryKeyEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return nil, false -} - -// AsRegistryValueEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { - return nil, false -} - -// AsSecurityAlert is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsSecurityAlert() (*SecurityAlert, bool) { - return nil, false -} - -// AsSecurityGroupEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { - return nil, false -} - -// AsURLEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsURLEntity() (*URLEntity, bool) { - return nil, false -} - -// AsIoTDeviceEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { - return nil, false -} - -// AsEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsEntity() (*Entity, bool) { - return nil, false -} - -// AsBasicEntity is the BasicEntity implementation for AccountEntity. -func (ae AccountEntity) AsBasicEntity() (BasicEntity, bool) { - return &ae, true -} - -// UnmarshalJSON is the custom unmarshaler for AccountEntity struct. -func (ae *AccountEntity) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for ActionRequest struct. +func (ar *ActionRequest) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -1347,12 +712,12 @@ func (ae *AccountEntity) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var accountEntityProperties AccountEntityProperties - err = json.Unmarshal(*v, &accountEntityProperties) + var actionRequestProperties ActionRequestProperties + err = json.Unmarshal(*v, &actionRequestProperties) if err != nil { return err } - ae.AccountEntityProperties = &accountEntityProperties + ar.ActionRequestProperties = &actionRequestProperties } case "id": if v != nil { @@ -1361,7 +726,7 @@ func (ae *AccountEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - ae.ID = &ID + ar.ID = &ID } case "name": if v != nil { @@ -1370,7 +735,7 @@ func (ae *AccountEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - ae.Name = &name + ar.Name = &name } case "type": if v != nil { @@ -1379,16 +744,16 @@ func (ae *AccountEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - ae.Type = &typeVar + ar.Type = &typeVar } - case "kind": + case "etag": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var etag string + err = json.Unmarshal(*v, &etag) if err != nil { return err } - ae.Kind = kind + ar.Etag = &etag } } } @@ -1396,166 +761,38 @@ func (ae *AccountEntity) UnmarshalJSON(body []byte) error { return nil } -// AccountEntityProperties account entity property bag. -type AccountEntityProperties struct { - // AadTenantID - READ-ONLY; The Azure Active Directory tenant id. - AadTenantID *string `json:"aadTenantId,omitempty"` - // AadUserID - READ-ONLY; The Azure Active Directory user id. - AadUserID *string `json:"aadUserId,omitempty"` - // AccountName - READ-ONLY; The name of the account. This field should hold only the name without any domain added to it, i.e. administrator. - AccountName *string `json:"accountName,omitempty"` - // DisplayName - READ-ONLY; The display name of the account. - DisplayName *string `json:"displayName,omitempty"` - // HostEntityID - READ-ONLY; The Host entity id that contains the account in case it is a local account (not domain joined) - HostEntityID *string `json:"hostEntityId,omitempty"` - // IsDomainJoined - READ-ONLY; Determines whether this is a domain account. - IsDomainJoined *bool `json:"isDomainJoined,omitempty"` - // NtDomain - READ-ONLY; The NetBIOS domain name as it appears in the alert format – domain\username. Examples: NT AUTHORITY. - NtDomain *string `json:"ntDomain,omitempty"` - // ObjectGUID - READ-ONLY; The objectGUID attribute is a single-value attribute that is the unique identifier for the object, assigned by active directory. - ObjectGUID *uuid.UUID `json:"objectGuid,omitempty"` - // Puid - READ-ONLY; The Azure Active Directory Passport User ID. - Puid *string `json:"puid,omitempty"` - // Sid - READ-ONLY; The account security identifier, e.g. S-1-5-18. - Sid *string `json:"sid,omitempty"` - // UpnSuffix - READ-ONLY; The user principal name suffix for the account, in some cases it is also the domain name. Examples: contoso.com. - UpnSuffix *string `json:"upnSuffix,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` -} - -// MarshalJSON is the custom marshaler for AccountEntityProperties. -func (aep AccountEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) -} - -// ActionPropertiesBase action property bag base. -type ActionPropertiesBase struct { - // LogicAppResourceID - Logic App Resource Id, /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}. +// ActionRequestProperties action property bag. +type ActionRequestProperties struct { + // TriggerURI - Logic App Callback URL for this specific workflow. + TriggerURI *string `json:"triggerUri,omitempty"` + // LogicAppResourceID - Logic App Resource Id, providers/Microsoft.Logic/workflows/{WorkflowID}. LogicAppResourceID *string `json:"logicAppResourceId,omitempty"` } -// ActionRequest action for alert rule. -type ActionRequest struct { - // ActionRequestProperties - Action properties for put request - *ActionRequestProperties `json:"properties,omitempty"` +// ActionResponse action for alert rule. +type ActionResponse struct { + autorest.Response `json:"-"` + // Etag - Etag of the action. + Etag *string `json:"etag,omitempty"` + // ActionResponseProperties - Action properties for get request + *ActionResponseProperties `json:"properties,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` } -// MarshalJSON is the custom marshaler for ActionRequest. -func (ar ActionRequest) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for ActionResponse. +func (ar ActionResponse) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if ar.ActionRequestProperties != nil { - objectMap["properties"] = ar.ActionRequestProperties - } if ar.Etag != nil { objectMap["etag"] = ar.Etag } - return json.Marshal(objectMap) -} - -// UnmarshalJSON is the custom unmarshaler for ActionRequest struct. -func (ar *ActionRequest) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var actionRequestProperties ActionRequestProperties - err = json.Unmarshal(*v, &actionRequestProperties) - if err != nil { - return err - } - ar.ActionRequestProperties = &actionRequestProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - ar.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - ar.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - ar.Type = &typeVar - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - ar.Etag = &etag - } - } - } - - return nil -} - -// ActionRequestProperties action property bag. -type ActionRequestProperties struct { - // TriggerURI - Logic App Callback URL for this specific workflow. - TriggerURI *string `json:"triggerUri,omitempty"` - // LogicAppResourceID - Logic App Resource Id, /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}. - LogicAppResourceID *string `json:"logicAppResourceId,omitempty"` -} - -// ActionResponse action for alert rule. -type ActionResponse struct { - autorest.Response `json:"-"` - // Etag - Etag of the action. - Etag *string `json:"etag,omitempty"` - // ActionResponseProperties - Action properties for get request - *ActionResponseProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` -} - -// MarshalJSON is the custom marshaler for ActionResponse. -func (ar ActionResponse) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if ar.Etag != nil { - objectMap["etag"] = ar.Etag - } - if ar.ActionResponseProperties != nil { - objectMap["properties"] = ar.ActionResponseProperties - } + if ar.ActionResponseProperties != nil { + objectMap["properties"] = ar.ActionResponseProperties + } return json.Marshal(objectMap) } @@ -1623,7 +860,7 @@ func (ar *ActionResponse) UnmarshalJSON(body []byte) error { type ActionResponseProperties struct { // WorkflowID - The name of the logic app's workflow. WorkflowID *string `json:"workflowId,omitempty"` - // LogicAppResourceID - Logic App Resource Id, /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}. + // LogicAppResourceID - Logic App Resource Id, providers/Microsoft.Logic/workflows/{WorkflowID}. LogicAppResourceID *string `json:"logicAppResourceId,omitempty"` } @@ -1773,110 +1010,6 @@ func NewActionsListPage(getNextPage func(context.Context, ActionsList) (ActionsL return ActionsListPage{fn: getNextPage} } -// BasicAggregations the aggregation. -type BasicAggregations interface { - AsCasesAggregation() (*CasesAggregation, bool) - AsAggregations() (*Aggregations, bool) -} - -// Aggregations the aggregation. -type Aggregations struct { - autorest.Response `json:"-"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindAggregations', 'KindCasesAggregation' - Kind Kind `json:"kind,omitempty"` -} - -func unmarshalBasicAggregations(body []byte) (BasicAggregations, error) { - var m map[string]interface{} - err := json.Unmarshal(body, &m) - if err != nil { - return nil, err - } - - switch m["kind"] { - case string(KindCasesAggregation): - var ca CasesAggregation - err := json.Unmarshal(body, &ca) - return ca, err - default: - var a Aggregations - err := json.Unmarshal(body, &a) - return a, err - } -} -func unmarshalBasicAggregationsArray(body []byte) ([]BasicAggregations, error) { - var rawMessages []*json.RawMessage - err := json.Unmarshal(body, &rawMessages) - if err != nil { - return nil, err - } - - aArray := make([]BasicAggregations, len(rawMessages)) - - for index, rawMessage := range rawMessages { - a, err := unmarshalBasicAggregations(*rawMessage) - if err != nil { - return nil, err - } - aArray[index] = a - } - return aArray, nil -} - -// MarshalJSON is the custom marshaler for Aggregations. -func (a Aggregations) MarshalJSON() ([]byte, error) { - a.Kind = KindAggregations - objectMap := make(map[string]interface{}) - if a.Kind != "" { - objectMap["kind"] = a.Kind - } - return json.Marshal(objectMap) -} - -// AsCasesAggregation is the BasicAggregations implementation for Aggregations. -func (a Aggregations) AsCasesAggregation() (*CasesAggregation, bool) { - return nil, false -} - -// AsAggregations is the BasicAggregations implementation for Aggregations. -func (a Aggregations) AsAggregations() (*Aggregations, bool) { - return &a, true -} - -// AsBasicAggregations is the BasicAggregations implementation for Aggregations. -func (a Aggregations) AsBasicAggregations() (BasicAggregations, bool) { - return &a, true -} - -// AggregationsKind describes an Azure resource with kind. -type AggregationsKind struct { - // Kind - The kind of the setting - Kind *string `json:"kind,omitempty"` -} - -// AggregationsModel ... -type AggregationsModel struct { - autorest.Response `json:"-"` - Value BasicAggregations `json:"value,omitempty"` -} - -// UnmarshalJSON is the custom unmarshaler for AggregationsModel struct. -func (am *AggregationsModel) UnmarshalJSON(body []byte) error { - a, err := unmarshalBasicAggregations(body) - if err != nil { - return err - } - am.Value = a - - return nil -} - // BasicAlertRule alert rule. type BasicAlertRule interface { AsFusionAlertRule() (*FusionAlertRule, bool) @@ -1897,7 +1030,7 @@ type AlertRule struct { // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` // Kind - Possible values include: 'KindAlertRule', 'KindFusion', 'KindMicrosoftSecurityIncidentCreation', 'KindScheduled' - Kind KindBasicAlertRule `json:"kind,omitempty"` + Kind Kind `json:"kind,omitempty"` } func unmarshalBasicAlertRule(body []byte) (BasicAlertRule, error) { @@ -2194,7 +1327,6 @@ type BasicAlertRuleTemplate interface { // AlertRuleTemplate alert rule template. type AlertRuleTemplate struct { - autorest.Response `json:"-"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name @@ -2285,21 +1417,12 @@ func (art AlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, return &art, true } -// AlertRuleTemplateModel ... -type AlertRuleTemplateModel struct { - autorest.Response `json:"-"` - Value BasicAlertRuleTemplate `json:"value,omitempty"` -} - -// UnmarshalJSON is the custom unmarshaler for AlertRuleTemplateModel struct. -func (artm *AlertRuleTemplateModel) UnmarshalJSON(body []byte) error { - art, err := unmarshalBasicAlertRuleTemplate(body) - if err != nil { - return err - } - artm.Value = art - - return nil +// AlertRuleTemplateDataSource alert rule template data sources +type AlertRuleTemplateDataSource struct { + // ConnectorID - The connector id that provides the following data types + ConnectorID *string `json:"connectorId,omitempty"` + // DataTypes - The data types used by the alert rule template + DataTypes *[]string `json:"dataTypes,omitempty"` } // AlertRuleTemplatePropertiesBase base alert rule template property bag. @@ -2313,246 +1436,58 @@ type AlertRuleTemplatePropertiesBase struct { // DisplayName - The display name for alert rule template. DisplayName *string `json:"displayName,omitempty"` // RequiredDataConnectors - The required data connectors for this template - RequiredDataConnectors *[]DataConnectorStatus `json:"requiredDataConnectors,omitempty"` + RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` // Status - The alert rule template status. Possible values include: 'Installed', 'Available', 'NotAvailable' Status TemplateStatus `json:"status,omitempty"` - // Tactics - The tactics of the alert rule template - Tactics *[]AttackTactic `json:"tactics,omitempty"` } -// AlertRuleTemplatesList list all the alert rule templates. -type AlertRuleTemplatesList struct { - autorest.Response `json:"-"` - // NextLink - READ-ONLY; URL to fetch the next set of alert rule templates. - NextLink *string `json:"nextLink,omitempty"` - // Value - Array of alert rule templates. - Value *[]BasicAlertRuleTemplate `json:"value,omitempty"` +// AlertsDataTypeOfDataConnector alerts data type for data connectors. +type AlertsDataTypeOfDataConnector struct { + // Alerts - Alerts data type connection. + Alerts *AlertsDataTypeOfDataConnectorAlerts `json:"alerts,omitempty"` } -// UnmarshalJSON is the custom unmarshaler for AlertRuleTemplatesList struct. -func (artl *AlertRuleTemplatesList) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "nextLink": - if v != nil { - var nextLink string - err = json.Unmarshal(*v, &nextLink) - if err != nil { - return err - } - artl.NextLink = &nextLink - } - case "value": - if v != nil { - value, err := unmarshalBasicAlertRuleTemplateArray(*v) - if err != nil { - return err - } - artl.Value = &value - } - } - } - - return nil +// AlertsDataTypeOfDataConnectorAlerts alerts data type connection. +type AlertsDataTypeOfDataConnectorAlerts struct { + // State - Describe whether this data type connection is enabled or not. Possible values include: 'Enabled', 'Disabled' + State DataTypeState `json:"state,omitempty"` } -// AlertRuleTemplatesListIterator provides access to a complete listing of AlertRuleTemplate values. -type AlertRuleTemplatesListIterator struct { - i int - page AlertRuleTemplatesListPage +// ASCDataConnector represents ASC (Azure Security Center) data connector. +type ASCDataConnector struct { + // ASCDataConnectorProperties - ASC (Azure Security Center) data connector properties. + *ASCDataConnectorProperties `json:"properties,omitempty"` + // ID - READ-ONLY; Azure resource Id + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; Azure resource name + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; Azure resource type + Type *string `json:"type,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // Kind - Possible values include: 'KindDataConnector', 'KindAzureActiveDirectory', 'KindAzureAdvancedThreatProtection', 'KindAzureSecurityCenter', 'KindAmazonWebServicesCloudTrail', 'KindMicrosoftCloudAppSecurity', 'KindMicrosoftDefenderAdvancedThreatProtection', 'KindOffice365', 'KindThreatIntelligence' + Kind KindBasicDataConnector `json:"kind,omitempty"` } -// NextWithContext advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -func (iter *AlertRuleTemplatesListIterator) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/AlertRuleTemplatesListIterator.NextWithContext") - defer func() { - sc := -1 - if iter.Response().Response.Response != nil { - sc = iter.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() +// MarshalJSON is the custom marshaler for ASCDataConnector. +func (adc ASCDataConnector) MarshalJSON() ([]byte, error) { + adc.Kind = KindAzureSecurityCenter + objectMap := make(map[string]interface{}) + if adc.ASCDataConnectorProperties != nil { + objectMap["properties"] = adc.ASCDataConnectorProperties } - iter.i++ - if iter.i < len(iter.page.Values()) { - return nil + if adc.Etag != nil { + objectMap["etag"] = adc.Etag } - err = iter.page.NextWithContext(ctx) - if err != nil { - iter.i-- - return err + if adc.Kind != "" { + objectMap["kind"] = adc.Kind } - iter.i = 0 - return nil + return json.Marshal(objectMap) } -// Next advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (iter *AlertRuleTemplatesListIterator) Next() error { - return iter.NextWithContext(context.Background()) -} - -// NotDone returns true if the enumeration should be started or is not yet complete. -func (iter AlertRuleTemplatesListIterator) NotDone() bool { - return iter.page.NotDone() && iter.i < len(iter.page.Values()) -} - -// Response returns the raw server response from the last page request. -func (iter AlertRuleTemplatesListIterator) Response() AlertRuleTemplatesList { - return iter.page.Response() -} - -// Value returns the current value or a zero-initialized value if the -// iterator has advanced beyond the end of the collection. -func (iter AlertRuleTemplatesListIterator) Value() BasicAlertRuleTemplate { - if !iter.page.NotDone() { - return AlertRuleTemplate{} - } - return iter.page.Values()[iter.i] -} - -// Creates a new instance of the AlertRuleTemplatesListIterator type. -func NewAlertRuleTemplatesListIterator(page AlertRuleTemplatesListPage) AlertRuleTemplatesListIterator { - return AlertRuleTemplatesListIterator{page: page} -} - -// IsEmpty returns true if the ListResult contains no values. -func (artl AlertRuleTemplatesList) IsEmpty() bool { - return artl.Value == nil || len(*artl.Value) == 0 -} - -// alertRuleTemplatesListPreparer prepares a request to retrieve the next set of results. -// It returns nil if no more results exist. -func (artl AlertRuleTemplatesList) alertRuleTemplatesListPreparer(ctx context.Context) (*http.Request, error) { - if artl.NextLink == nil || len(to.String(artl.NextLink)) < 1 { - return nil, nil - } - return autorest.Prepare((&http.Request{}).WithContext(ctx), - autorest.AsJSON(), - autorest.AsGet(), - autorest.WithBaseURL(to.String(artl.NextLink))) -} - -// AlertRuleTemplatesListPage contains a page of BasicAlertRuleTemplate values. -type AlertRuleTemplatesListPage struct { - fn func(context.Context, AlertRuleTemplatesList) (AlertRuleTemplatesList, error) - artl AlertRuleTemplatesList -} - -// NextWithContext advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -func (page *AlertRuleTemplatesListPage) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/AlertRuleTemplatesListPage.NextWithContext") - defer func() { - sc := -1 - if page.Response().Response.Response != nil { - sc = page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - next, err := page.fn(ctx, page.artl) - if err != nil { - return err - } - page.artl = next - return nil -} - -// Next advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (page *AlertRuleTemplatesListPage) Next() error { - return page.NextWithContext(context.Background()) -} - -// NotDone returns true if the page enumeration should be started or is not yet complete. -func (page AlertRuleTemplatesListPage) NotDone() bool { - return !page.artl.IsEmpty() -} - -// Response returns the raw server response from the last page request. -func (page AlertRuleTemplatesListPage) Response() AlertRuleTemplatesList { - return page.artl -} - -// Values returns the slice of values for the current page or nil if there are no values. -func (page AlertRuleTemplatesListPage) Values() []BasicAlertRuleTemplate { - if page.artl.IsEmpty() { - return nil - } - return *page.artl.Value -} - -// Creates a new instance of the AlertRuleTemplatesListPage type. -func NewAlertRuleTemplatesListPage(getNextPage func(context.Context, AlertRuleTemplatesList) (AlertRuleTemplatesList, error)) AlertRuleTemplatesListPage { - return AlertRuleTemplatesListPage{fn: getNextPage} -} - -// AlertsDataTypeOfDataConnector alerts data type for data connectors. -type AlertsDataTypeOfDataConnector struct { - // Alerts - Alerts data type connection. - Alerts *AlertsDataTypeOfDataConnectorAlerts `json:"alerts,omitempty"` -} - -// AlertsDataTypeOfDataConnectorAlerts alerts data type connection. -type AlertsDataTypeOfDataConnectorAlerts struct { - // State - Describe whether this data type connection is enabled or not. Possible values include: 'Enabled', 'Disabled' - State DataTypeState `json:"state,omitempty"` -} - -// ASCCheckRequirements ASC (Azure Security Center) requirements check properties. -type ASCCheckRequirements struct { - // SubscriptionID - The subscription id to connect to, and get the data from. - SubscriptionID *string `json:"subscriptionId,omitempty"` - // Kind - The kind of the data connector. Possible values include: 'DataConnectorKindAzureActiveDirectory', 'DataConnectorKindAzureSecurityCenter', 'DataConnectorKindMicrosoftCloudAppSecurity', 'DataConnectorKindThreatIntelligence', 'DataConnectorKindOffice365', 'DataConnectorKindAmazonWebServicesCloudTrail', 'DataConnectorKindAzureAdvancedThreatProtection', 'DataConnectorKindMicrosoftDefenderAdvancedThreatProtection' - Kind DataConnectorKind `json:"kind,omitempty"` -} - -// ASCDataConnector represents ASC (Azure Security Center) data connector. -type ASCDataConnector struct { - // ASCDataConnectorProperties - ASC (Azure Security Center) data connector properties. - *ASCDataConnectorProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindDataConnector', 'KindAzureActiveDirectory', 'KindAzureAdvancedThreatProtection', 'KindAzureSecurityCenter', 'KindAmazonWebServicesCloudTrail', 'KindMicrosoftCloudAppSecurity', 'KindMicrosoftDefenderAdvancedThreatProtection', 'KindOffice365', 'KindThreatIntelligence' - Kind KindBasicDataConnector `json:"kind,omitempty"` -} - -// MarshalJSON is the custom marshaler for ASCDataConnector. -func (adc ASCDataConnector) MarshalJSON() ([]byte, error) { - adc.Kind = KindAzureSecurityCenter - objectMap := make(map[string]interface{}) - if adc.ASCDataConnectorProperties != nil { - objectMap["properties"] = adc.ASCDataConnectorProperties - } - if adc.Etag != nil { - objectMap["etag"] = adc.Etag - } - if adc.Kind != "" { - objectMap["kind"] = adc.Kind - } - return json.Marshal(objectMap) -} - -// AsAADDataConnector is the BasicDataConnector implementation for ASCDataConnector. -func (adc ASCDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { - return nil, false +// AsAADDataConnector is the BasicDataConnector implementation for ASCDataConnector. +func (adc ASCDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { + return nil, false } // AsAATPDataConnector is the BasicDataConnector implementation for ASCDataConnector. @@ -2677,12 +1612,6 @@ type ASCDataConnectorProperties struct { DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` } -// AwsCloudTrailCheckRequirements amazon Web Services CloudTrail requirements check properties. -type AwsCloudTrailCheckRequirements struct { - // Kind - The kind of the data connector. Possible values include: 'DataConnectorKindAzureActiveDirectory', 'DataConnectorKindAzureSecurityCenter', 'DataConnectorKindMicrosoftCloudAppSecurity', 'DataConnectorKindThreatIntelligence', 'DataConnectorKindOffice365', 'DataConnectorKindAmazonWebServicesCloudTrail', 'DataConnectorKindAzureAdvancedThreatProtection', 'DataConnectorKindMicrosoftDefenderAdvancedThreatProtection' - Kind DataConnectorKind `json:"kind,omitempty"` -} - // AwsCloudTrailDataConnector represents Amazon Web Services CloudTrail data connector. type AwsCloudTrailDataConnector struct { // AwsCloudTrailDataConnectorProperties - Amazon Web Services CloudTrail data connector properties. @@ -2855,125 +1784,23 @@ type AwsCloudTrailDataConnectorProperties struct { DataTypes *AwsCloudTrailDataConnectorDataTypes `json:"dataTypes,omitempty"` } -// AzureResourceEntity represents an azure resource entity. -type AzureResourceEntity struct { - // AzureResourceEntityProperties - AzureResource entity properties - *AzureResourceEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindAzureResource', 'KindCloudApplication', 'KindDNSResolution', 'KindFile', 'KindFileHash', 'KindHost', 'KindIP', 'KindMalware', 'KindProcess', 'KindRegistryKey', 'KindRegistryValue', 'KindSecurityAlert', 'KindSecurityGroup', 'KindURL', 'KindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` +// CloudError error response structure. +type CloudError struct { + // CloudErrorBody - Error data + *CloudErrorBody `json:"error,omitempty"` } -// MarshalJSON is the custom marshaler for AzureResourceEntity. -func (are AzureResourceEntity) MarshalJSON() ([]byte, error) { - are.Kind = KindAzureResource +// MarshalJSON is the custom marshaler for CloudError. +func (ce CloudError) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if are.AzureResourceEntityProperties != nil { - objectMap["properties"] = are.AzureResourceEntityProperties - } - if are.Kind != "" { - objectMap["kind"] = are.Kind + if ce.CloudErrorBody != nil { + objectMap["error"] = ce.CloudErrorBody } return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false -} - -// AsAzureResourceEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return &are, true -} - -// AsCloudApplicationEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false -} - -// AsDNSEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsDNSEntity() (*DNSEntity, bool) { - return nil, false -} - -// AsFileEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsFileEntity() (*FileEntity, bool) { - return nil, false -} - -// AsFileHashEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsFileHashEntity() (*FileHashEntity, bool) { - return nil, false -} - -// AsHostEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsHostEntity() (*HostEntity, bool) { - return nil, false -} - -// AsIPEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsIPEntity() (*IPEntity, bool) { - return nil, false -} - -// AsMalwareEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsMalwareEntity() (*MalwareEntity, bool) { - return nil, false -} - -// AsProcessEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsProcessEntity() (*ProcessEntity, bool) { - return nil, false -} - -// AsRegistryKeyEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return nil, false -} - -// AsRegistryValueEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { - return nil, false -} - -// AsSecurityAlert is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsSecurityAlert() (*SecurityAlert, bool) { - return nil, false -} - -// AsSecurityGroupEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { - return nil, false -} - -// AsURLEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsURLEntity() (*URLEntity, bool) { - return nil, false -} - -// AsIoTDeviceEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { - return nil, false -} - -// AsEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsEntity() (*Entity, bool) { - return nil, false -} - -// AsBasicEntity is the BasicEntity implementation for AzureResourceEntity. -func (are AzureResourceEntity) AsBasicEntity() (BasicEntity, bool) { - return &are, true -} - -// UnmarshalJSON is the custom unmarshaler for AzureResourceEntity struct. -func (are *AzureResourceEntity) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for CloudError struct. +func (ce *CloudError) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -2981,50 +1808,14 @@ func (are *AzureResourceEntity) UnmarshalJSON(body []byte) error { } for k, v := range m { switch k { - case "properties": - if v != nil { - var azureResourceEntityProperties AzureResourceEntityProperties - err = json.Unmarshal(*v, &azureResourceEntityProperties) - if err != nil { - return err - } - are.AzureResourceEntityProperties = &azureResourceEntityProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - are.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - are.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - are.Type = &typeVar - } - case "kind": + case "error": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var cloudErrorBody CloudErrorBody + err = json.Unmarshal(*v, &cloudErrorBody) if err != nil { return err } - are.Kind = kind + ce.CloudErrorBody = &cloudErrorBody } } } @@ -3032,27 +1823,30 @@ func (are *AzureResourceEntity) UnmarshalJSON(body []byte) error { return nil } -// AzureResourceEntityProperties azureResource entity property bag. -type AzureResourceEntityProperties struct { - // ResourceID - READ-ONLY; The azure resource id of the resource - ResourceID *string `json:"resourceId,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` +// CloudErrorBody error details. +type CloudErrorBody struct { + // Code - READ-ONLY; An identifier for the error. Codes are invariant and are intended to be consumed programmatically. + Code *string `json:"code,omitempty"` + // Message - READ-ONLY; A message describing the error, intended to be suitable for display in a user interface. + Message *string `json:"message,omitempty"` } -// MarshalJSON is the custom marshaler for AzureResourceEntityProperties. -func (arep AzureResourceEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) +// BasicDataConnector data connector. +type BasicDataConnector interface { + AsAADDataConnector() (*AADDataConnector, bool) + AsAATPDataConnector() (*AATPDataConnector, bool) + AsASCDataConnector() (*ASCDataConnector, bool) + AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) + AsMCASDataConnector() (*MCASDataConnector, bool) + AsMDATPDataConnector() (*MDATPDataConnector, bool) + AsOfficeDataConnector() (*OfficeDataConnector, bool) + AsTIDataConnector() (*TIDataConnector, bool) + AsDataConnector() (*DataConnector, bool) } -// Bookmark represents a bookmark in Azure Security Insights. -type Bookmark struct { +// DataConnector data connector. +type DataConnector struct { autorest.Response `json:"-"` - // BookmarkProperties - Bookmark properties - *BookmarkProperties `json:"properties,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name @@ -3061,22 +1855,161 @@ type Bookmark struct { Type *string `json:"type,omitempty"` // Etag - Etag of the azure resource Etag *string `json:"etag,omitempty"` + // Kind - Possible values include: 'KindDataConnector', 'KindAzureActiveDirectory', 'KindAzureAdvancedThreatProtection', 'KindAzureSecurityCenter', 'KindAmazonWebServicesCloudTrail', 'KindMicrosoftCloudAppSecurity', 'KindMicrosoftDefenderAdvancedThreatProtection', 'KindOffice365', 'KindThreatIntelligence' + Kind KindBasicDataConnector `json:"kind,omitempty"` } -// MarshalJSON is the custom marshaler for Bookmark. -func (b Bookmark) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if b.BookmarkProperties != nil { - objectMap["properties"] = b.BookmarkProperties +func unmarshalBasicDataConnector(body []byte) (BasicDataConnector, error) { + var m map[string]interface{} + err := json.Unmarshal(body, &m) + if err != nil { + return nil, err } - if b.Etag != nil { - objectMap["etag"] = b.Etag + + switch m["kind"] { + case string(KindAzureActiveDirectory): + var adc AADDataConnector + err := json.Unmarshal(body, &adc) + return adc, err + case string(KindAzureAdvancedThreatProtection): + var adc AATPDataConnector + err := json.Unmarshal(body, &adc) + return adc, err + case string(KindAzureSecurityCenter): + var adc ASCDataConnector + err := json.Unmarshal(body, &adc) + return adc, err + case string(KindAmazonWebServicesCloudTrail): + var actdc AwsCloudTrailDataConnector + err := json.Unmarshal(body, &actdc) + return actdc, err + case string(KindMicrosoftCloudAppSecurity): + var mdc MCASDataConnector + err := json.Unmarshal(body, &mdc) + return mdc, err + case string(KindMicrosoftDefenderAdvancedThreatProtection): + var mdc MDATPDataConnector + err := json.Unmarshal(body, &mdc) + return mdc, err + case string(KindOffice365): + var odc OfficeDataConnector + err := json.Unmarshal(body, &odc) + return odc, err + case string(KindThreatIntelligence): + var tdc TIDataConnector + err := json.Unmarshal(body, &tdc) + return tdc, err + default: + var dc DataConnector + err := json.Unmarshal(body, &dc) + return dc, err + } +} +func unmarshalBasicDataConnectorArray(body []byte) ([]BasicDataConnector, error) { + var rawMessages []*json.RawMessage + err := json.Unmarshal(body, &rawMessages) + if err != nil { + return nil, err + } + + dcArray := make([]BasicDataConnector, len(rawMessages)) + + for index, rawMessage := range rawMessages { + dc, err := unmarshalBasicDataConnector(*rawMessage) + if err != nil { + return nil, err + } + dcArray[index] = dc + } + return dcArray, nil +} + +// MarshalJSON is the custom marshaler for DataConnector. +func (dc DataConnector) MarshalJSON() ([]byte, error) { + dc.Kind = KindDataConnector + objectMap := make(map[string]interface{}) + if dc.Etag != nil { + objectMap["etag"] = dc.Etag + } + if dc.Kind != "" { + objectMap["kind"] = dc.Kind } return json.Marshal(objectMap) } -// UnmarshalJSON is the custom unmarshaler for Bookmark struct. -func (b *Bookmark) UnmarshalJSON(body []byte) error { +// AsAADDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsAADDataConnector() (*AADDataConnector, bool) { + return nil, false +} + +// AsAATPDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { + return nil, false +} + +// AsASCDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { + return nil, false +} + +// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { + return nil, false +} + +// AsMCASDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { + return nil, false +} + +// AsMDATPDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { + return nil, false +} + +// AsOfficeDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { + return nil, false +} + +// AsTIDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsTIDataConnector() (*TIDataConnector, bool) { + return nil, false +} + +// AsDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsDataConnector() (*DataConnector, bool) { + return &dc, true +} + +// AsBasicDataConnector is the BasicDataConnector implementation for DataConnector. +func (dc DataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { + return &dc, true +} + +// DataConnectorDataTypeCommon common field for data type in data connectors. +type DataConnectorDataTypeCommon struct { + // State - Describe whether this data type connection is enabled or not. Possible values include: 'Enabled', 'Disabled' + State DataTypeState `json:"state,omitempty"` +} + +// DataConnectorKind1 describes an Azure resource with kind. +type DataConnectorKind1 struct { + // Kind - The kind of the data connector. Possible values include: 'DataConnectorKindAzureActiveDirectory', 'DataConnectorKindAzureSecurityCenter', 'DataConnectorKindMicrosoftCloudAppSecurity', 'DataConnectorKindThreatIntelligence', 'DataConnectorKindOffice365', 'DataConnectorKindAmazonWebServicesCloudTrail', 'DataConnectorKindAzureAdvancedThreatProtection', 'DataConnectorKindMicrosoftDefenderAdvancedThreatProtection' + Kind DataConnectorKind `json:"kind,omitempty"` +} + +// DataConnectorList list all the data connectors. +type DataConnectorList struct { + autorest.Response `json:"-"` + // NextLink - READ-ONLY; URL to fetch the next set of data connectors. + NextLink *string `json:"nextLink,omitempty"` + // Value - Array of data connectors. + Value *[]BasicDataConnector `json:"value,omitempty"` +} + +// UnmarshalJSON is the custom unmarshaler for DataConnectorList struct. +func (dcl *DataConnectorList) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -3084,50 +2017,22 @@ func (b *Bookmark) UnmarshalJSON(body []byte) error { } for k, v := range m { switch k { - case "properties": - if v != nil { - var bookmarkProperties BookmarkProperties - err = json.Unmarshal(*v, &bookmarkProperties) - if err != nil { - return err - } - b.BookmarkProperties = &bookmarkProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - b.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - b.Name = &name - } - case "type": + case "nextLink": if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) + var nextLink string + err = json.Unmarshal(*v, &nextLink) if err != nil { return err } - b.Type = &typeVar + dcl.NextLink = &nextLink } - case "etag": + case "value": if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) + value, err := unmarshalBasicDataConnectorArray(*v) if err != nil { return err } - b.Etag = &etag + dcl.Value = &value } } } @@ -3135,26 +2040,17 @@ func (b *Bookmark) UnmarshalJSON(body []byte) error { return nil } -// BookmarkList list all the bookmarks. -type BookmarkList struct { - autorest.Response `json:"-"` - // NextLink - READ-ONLY; URL to fetch the next set of cases. - NextLink *string `json:"nextLink,omitempty"` - // Value - Array of bookmarks. - Value *[]Bookmark `json:"value,omitempty"` -} - -// BookmarkListIterator provides access to a complete listing of Bookmark values. -type BookmarkListIterator struct { +// DataConnectorListIterator provides access to a complete listing of DataConnector values. +type DataConnectorListIterator struct { i int - page BookmarkListPage + page DataConnectorListPage } // NextWithContext advances to the next value. If there was an error making // the request the iterator does not advance and the error is returned. -func (iter *BookmarkListIterator) NextWithContext(ctx context.Context) (err error) { +func (iter *DataConnectorListIterator) NextWithContext(ctx context.Context) (err error) { if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/BookmarkListIterator.NextWithContext") + ctx = tracing.StartSpan(ctx, fqdn+"/DataConnectorListIterator.NextWithContext") defer func() { sc := -1 if iter.Response().Response.Response != nil { @@ -3179,62 +2075,62 @@ func (iter *BookmarkListIterator) NextWithContext(ctx context.Context) (err erro // Next advances to the next value. If there was an error making // the request the iterator does not advance and the error is returned. // Deprecated: Use NextWithContext() instead. -func (iter *BookmarkListIterator) Next() error { +func (iter *DataConnectorListIterator) Next() error { return iter.NextWithContext(context.Background()) } // NotDone returns true if the enumeration should be started or is not yet complete. -func (iter BookmarkListIterator) NotDone() bool { +func (iter DataConnectorListIterator) NotDone() bool { return iter.page.NotDone() && iter.i < len(iter.page.Values()) } // Response returns the raw server response from the last page request. -func (iter BookmarkListIterator) Response() BookmarkList { +func (iter DataConnectorListIterator) Response() DataConnectorList { return iter.page.Response() } // Value returns the current value or a zero-initialized value if the // iterator has advanced beyond the end of the collection. -func (iter BookmarkListIterator) Value() Bookmark { +func (iter DataConnectorListIterator) Value() BasicDataConnector { if !iter.page.NotDone() { - return Bookmark{} + return DataConnector{} } return iter.page.Values()[iter.i] } -// Creates a new instance of the BookmarkListIterator type. -func NewBookmarkListIterator(page BookmarkListPage) BookmarkListIterator { - return BookmarkListIterator{page: page} +// Creates a new instance of the DataConnectorListIterator type. +func NewDataConnectorListIterator(page DataConnectorListPage) DataConnectorListIterator { + return DataConnectorListIterator{page: page} } // IsEmpty returns true if the ListResult contains no values. -func (bl BookmarkList) IsEmpty() bool { - return bl.Value == nil || len(*bl.Value) == 0 +func (dcl DataConnectorList) IsEmpty() bool { + return dcl.Value == nil || len(*dcl.Value) == 0 } -// bookmarkListPreparer prepares a request to retrieve the next set of results. +// dataConnectorListPreparer prepares a request to retrieve the next set of results. // It returns nil if no more results exist. -func (bl BookmarkList) bookmarkListPreparer(ctx context.Context) (*http.Request, error) { - if bl.NextLink == nil || len(to.String(bl.NextLink)) < 1 { +func (dcl DataConnectorList) dataConnectorListPreparer(ctx context.Context) (*http.Request, error) { + if dcl.NextLink == nil || len(to.String(dcl.NextLink)) < 1 { return nil, nil } return autorest.Prepare((&http.Request{}).WithContext(ctx), autorest.AsJSON(), autorest.AsGet(), - autorest.WithBaseURL(to.String(bl.NextLink))) + autorest.WithBaseURL(to.String(dcl.NextLink))) } -// BookmarkListPage contains a page of Bookmark values. -type BookmarkListPage struct { - fn func(context.Context, BookmarkList) (BookmarkList, error) - bl BookmarkList +// DataConnectorListPage contains a page of BasicDataConnector values. +type DataConnectorListPage struct { + fn func(context.Context, DataConnectorList) (DataConnectorList, error) + dcl DataConnectorList } // NextWithContext advances to the next page of values. If there was an error making // the request the page does not advance and the error is returned. -func (page *BookmarkListPage) NextWithContext(ctx context.Context) (err error) { +func (page *DataConnectorListPage) NextWithContext(ctx context.Context) (err error) { if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/BookmarkListPage.NextWithContext") + ctx = tracing.StartSpan(ctx, fqdn+"/DataConnectorListPage.NextWithContext") defer func() { sc := -1 if page.Response().Response.Response != nil { @@ -3243,99 +2139,132 @@ func (page *BookmarkListPage) NextWithContext(ctx context.Context) (err error) { tracing.EndSpan(ctx, sc, err) }() } - next, err := page.fn(ctx, page.bl) + next, err := page.fn(ctx, page.dcl) if err != nil { return err } - page.bl = next + page.dcl = next return nil } // Next advances to the next page of values. If there was an error making // the request the page does not advance and the error is returned. // Deprecated: Use NextWithContext() instead. -func (page *BookmarkListPage) Next() error { +func (page *DataConnectorListPage) Next() error { return page.NextWithContext(context.Background()) } // NotDone returns true if the page enumeration should be started or is not yet complete. -func (page BookmarkListPage) NotDone() bool { - return !page.bl.IsEmpty() +func (page DataConnectorListPage) NotDone() bool { + return !page.dcl.IsEmpty() } // Response returns the raw server response from the last page request. -func (page BookmarkListPage) Response() BookmarkList { - return page.bl +func (page DataConnectorListPage) Response() DataConnectorList { + return page.dcl } // Values returns the slice of values for the current page or nil if there are no values. -func (page BookmarkListPage) Values() []Bookmark { - if page.bl.IsEmpty() { +func (page DataConnectorListPage) Values() []BasicDataConnector { + if page.dcl.IsEmpty() { return nil } - return *page.bl.Value + return *page.dcl.Value } -// Creates a new instance of the BookmarkListPage type. -func NewBookmarkListPage(getNextPage func(context.Context, BookmarkList) (BookmarkList, error)) BookmarkListPage { - return BookmarkListPage{fn: getNextPage} +// Creates a new instance of the DataConnectorListPage type. +func NewDataConnectorListPage(getNextPage func(context.Context, DataConnectorList) (DataConnectorList, error)) DataConnectorListPage { + return DataConnectorListPage{fn: getNextPage} } -// BookmarkProperties describes bookmark properties -type BookmarkProperties struct { - // Created - The time the bookmark was created - Created *date.Time `json:"created,omitempty"` - // CreatedBy - Describes a user that created the bookmark - CreatedBy *UserInfo `json:"createdBy,omitempty"` - // DisplayName - The display name of the bookmark - DisplayName *string `json:"displayName,omitempty"` - // Labels - List of labels relevant to this bookmark - Labels *[]string `json:"labels,omitempty"` - // Notes - The notes of the bookmark - Notes *string `json:"notes,omitempty"` - // Query - The query of the bookmark. - Query *string `json:"query,omitempty"` - // QueryResult - The query result of the bookmark. - QueryResult *string `json:"queryResult,omitempty"` - // Updated - The last time the bookmark was updated - Updated *date.Time `json:"updated,omitempty"` - // UpdatedBy - Describes a user that updated the bookmark - UpdatedBy *UserInfo `json:"updatedBy,omitempty"` - // IncidentInfo - Describes an incident that relates to bookmark - IncidentInfo *IncidentInfo `json:"incidentInfo,omitempty"` -} - -// BookmarkRelation represents a bookmark relation -type BookmarkRelation struct { +// DataConnectorModel ... +type DataConnectorModel struct { autorest.Response `json:"-"` - // BookmarkRelationProperties - Bookmark relation properties - *BookmarkRelationProperties `json:"properties,omitempty"` - // Kind - READ-ONLY; The type of relation node. Possible values include: 'CasesToBookmarks' - Kind RelationTypes `json:"kind,omitempty"` - // Etag - ETag for relation - Etag *string `json:"etag,omitempty"` + Value BasicDataConnector `json:"value,omitempty"` +} + +// UnmarshalJSON is the custom unmarshaler for DataConnectorModel struct. +func (dcm *DataConnectorModel) UnmarshalJSON(body []byte) error { + dc, err := unmarshalBasicDataConnector(body) + if err != nil { + return err + } + dcm.Value = dc + + return nil +} + +// DataConnectorTenantID properties data connector on tenant level. +type DataConnectorTenantID struct { + // TenantID - The tenant id to connect to, and get the data from. + TenantID *string `json:"tenantId,omitempty"` +} + +// DataConnectorWithAlertsProperties data connector properties. +type DataConnectorWithAlertsProperties struct { + // DataTypes - The available data types for the connector. + DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` +} + +// FusionAlertRule represents Fusion alert rule. +type FusionAlertRule struct { + // FusionAlertRuleProperties - Fusion alert rule properties + *FusionAlertRuleProperties `json:"properties,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` -} - -// MarshalJSON is the custom marshaler for BookmarkRelation. -func (br BookmarkRelation) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if br.BookmarkRelationProperties != nil { - objectMap["properties"] = br.BookmarkRelationProperties + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // Kind - Possible values include: 'KindAlertRule', 'KindFusion', 'KindMicrosoftSecurityIncidentCreation', 'KindScheduled' + Kind Kind `json:"kind,omitempty"` +} + +// MarshalJSON is the custom marshaler for FusionAlertRule. +func (far FusionAlertRule) MarshalJSON() ([]byte, error) { + far.Kind = KindFusion + objectMap := make(map[string]interface{}) + if far.FusionAlertRuleProperties != nil { + objectMap["properties"] = far.FusionAlertRuleProperties } - if br.Etag != nil { - objectMap["etag"] = br.Etag + if far.Etag != nil { + objectMap["etag"] = far.Etag + } + if far.Kind != "" { + objectMap["kind"] = far.Kind } return json.Marshal(objectMap) } -// UnmarshalJSON is the custom unmarshaler for BookmarkRelation struct. -func (br *BookmarkRelation) UnmarshalJSON(body []byte) error { +// AsFusionAlertRule is the BasicAlertRule implementation for FusionAlertRule. +func (far FusionAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool) { + return &far, true +} + +// AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for FusionAlertRule. +func (far FusionAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool) { + return nil, false +} + +// AsScheduledAlertRule is the BasicAlertRule implementation for FusionAlertRule. +func (far FusionAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool) { + return nil, false +} + +// AsAlertRule is the BasicAlertRule implementation for FusionAlertRule. +func (far FusionAlertRule) AsAlertRule() (*AlertRule, bool) { + return nil, false +} + +// AsBasicAlertRule is the BasicAlertRule implementation for FusionAlertRule. +func (far FusionAlertRule) AsBasicAlertRule() (BasicAlertRule, bool) { + return &far, true +} + +// UnmarshalJSON is the custom unmarshaler for FusionAlertRule struct. +func (far *FusionAlertRule) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -3345,57 +2274,57 @@ func (br *BookmarkRelation) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var bookmarkRelationProperties BookmarkRelationProperties - err = json.Unmarshal(*v, &bookmarkRelationProperties) + var fusionAlertRuleProperties FusionAlertRuleProperties + err = json.Unmarshal(*v, &fusionAlertRuleProperties) if err != nil { return err } - br.BookmarkRelationProperties = &bookmarkRelationProperties + far.FusionAlertRuleProperties = &fusionAlertRuleProperties } - case "kind": + case "id": if v != nil { - var kind RelationTypes - err = json.Unmarshal(*v, &kind) + var ID string + err = json.Unmarshal(*v, &ID) if err != nil { return err } - br.Kind = kind + far.ID = &ID } - case "etag": + case "name": if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) + var name string + err = json.Unmarshal(*v, &name) if err != nil { return err } - br.Etag = &etag + far.Name = &name } - case "id": + case "type": if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) + var typeVar string + err = json.Unmarshal(*v, &typeVar) if err != nil { return err } - br.ID = &ID + far.Type = &typeVar } - case "name": + case "etag": if v != nil { - var name string - err = json.Unmarshal(*v, &name) + var etag string + err = json.Unmarshal(*v, &etag) if err != nil { return err } - br.Name = &name + far.Etag = &etag } - case "type": + case "kind": if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) + var kind Kind + err = json.Unmarshal(*v, &kind) if err != nil { return err } - br.Type = &typeVar + far.Kind = kind } } } @@ -3403,195 +2332,78 @@ func (br *BookmarkRelation) UnmarshalJSON(body []byte) error { return nil } -// BookmarkRelationList list of bookmark relations. -type BookmarkRelationList struct { - autorest.Response `json:"-"` - // NextLink - READ-ONLY; URL to fetch the next set of relations. - NextLink *string `json:"nextLink,omitempty"` - // Value - Array of relations. - Value *[]BookmarkRelation `json:"value,omitempty"` -} - -// BookmarkRelationListIterator provides access to a complete listing of BookmarkRelation values. -type BookmarkRelationListIterator struct { - i int - page BookmarkRelationListPage -} - -// NextWithContext advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -func (iter *BookmarkRelationListIterator) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/BookmarkRelationListIterator.NextWithContext") - defer func() { - sc := -1 - if iter.Response().Response.Response != nil { - sc = iter.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - iter.i++ - if iter.i < len(iter.page.Values()) { - return nil - } - err = iter.page.NextWithContext(ctx) - if err != nil { - iter.i-- - return err - } - iter.i = 0 - return nil -} - -// Next advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (iter *BookmarkRelationListIterator) Next() error { - return iter.NextWithContext(context.Background()) -} - -// NotDone returns true if the enumeration should be started or is not yet complete. -func (iter BookmarkRelationListIterator) NotDone() bool { - return iter.page.NotDone() && iter.i < len(iter.page.Values()) -} - -// Response returns the raw server response from the last page request. -func (iter BookmarkRelationListIterator) Response() BookmarkRelationList { - return iter.page.Response() -} - -// Value returns the current value or a zero-initialized value if the -// iterator has advanced beyond the end of the collection. -func (iter BookmarkRelationListIterator) Value() BookmarkRelation { - if !iter.page.NotDone() { - return BookmarkRelation{} - } - return iter.page.Values()[iter.i] -} - -// Creates a new instance of the BookmarkRelationListIterator type. -func NewBookmarkRelationListIterator(page BookmarkRelationListPage) BookmarkRelationListIterator { - return BookmarkRelationListIterator{page: page} -} - -// IsEmpty returns true if the ListResult contains no values. -func (brl BookmarkRelationList) IsEmpty() bool { - return brl.Value == nil || len(*brl.Value) == 0 -} - -// bookmarkRelationListPreparer prepares a request to retrieve the next set of results. -// It returns nil if no more results exist. -func (brl BookmarkRelationList) bookmarkRelationListPreparer(ctx context.Context) (*http.Request, error) { - if brl.NextLink == nil || len(to.String(brl.NextLink)) < 1 { - return nil, nil - } - return autorest.Prepare((&http.Request{}).WithContext(ctx), - autorest.AsJSON(), - autorest.AsGet(), - autorest.WithBaseURL(to.String(brl.NextLink))) +// FusionAlertRuleProperties fusion alert rule base property bag. +type FusionAlertRuleProperties struct { + // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. + AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` + // Description - READ-ONLY; The description of the alert rule. + Description *string `json:"description,omitempty"` + // DisplayName - READ-ONLY; The display name for alerts created by this alert rule. + DisplayName *string `json:"displayName,omitempty"` + // Enabled - Determines whether this alert rule is enabled or disabled. + Enabled *bool `json:"enabled,omitempty"` + // LastModifiedUtc - READ-ONLY; The last time that this alert has been modified. + LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` + // Severity - READ-ONLY; The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', 'Low', 'Informational' + Severity AlertSeverity `json:"severity,omitempty"` + // Tactics - READ-ONLY; The tactics of the alert rule + Tactics *[]AttackTactic `json:"tactics,omitempty"` } -// BookmarkRelationListPage contains a page of BookmarkRelation values. -type BookmarkRelationListPage struct { - fn func(context.Context, BookmarkRelationList) (BookmarkRelationList, error) - brl BookmarkRelationList +// FusionAlertRuleTemplate represents Fusion alert rule template. +type FusionAlertRuleTemplate struct { + // FusionAlertRuleTemplateProperties - Fusion alert rule template properties + *FusionAlertRuleTemplateProperties `json:"properties,omitempty"` + // ID - READ-ONLY; Azure resource Id + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; Azure resource name + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; Azure resource type + Type *string `json:"type,omitempty"` + // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled' + Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` } -// NextWithContext advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -func (page *BookmarkRelationListPage) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/BookmarkRelationListPage.NextWithContext") - defer func() { - sc := -1 - if page.Response().Response.Response != nil { - sc = page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() +// MarshalJSON is the custom marshaler for FusionAlertRuleTemplate. +func (fart FusionAlertRuleTemplate) MarshalJSON() ([]byte, error) { + fart.Kind = KindBasicAlertRuleTemplateKindFusion + objectMap := make(map[string]interface{}) + if fart.FusionAlertRuleTemplateProperties != nil { + objectMap["properties"] = fart.FusionAlertRuleTemplateProperties } - next, err := page.fn(ctx, page.brl) - if err != nil { - return err + if fart.Kind != "" { + objectMap["kind"] = fart.Kind } - page.brl = next - return nil -} - -// Next advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (page *BookmarkRelationListPage) Next() error { - return page.NextWithContext(context.Background()) -} - -// NotDone returns true if the page enumeration should be started or is not yet complete. -func (page BookmarkRelationListPage) NotDone() bool { - return !page.brl.IsEmpty() + return json.Marshal(objectMap) } -// Response returns the raw server response from the last page request. -func (page BookmarkRelationListPage) Response() BookmarkRelationList { - return page.brl +// AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate. +func (fart FusionAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool) { + return &fart, true } -// Values returns the slice of values for the current page or nil if there are no values. -func (page BookmarkRelationListPage) Values() []BookmarkRelation { - if page.brl.IsEmpty() { - return nil - } - return *page.brl.Value +// AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate. +func (fart FusionAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool) { + return nil, false } -// Creates a new instance of the BookmarkRelationListPage type. -func NewBookmarkRelationListPage(getNextPage func(context.Context, BookmarkRelationList) (BookmarkRelationList, error)) BookmarkRelationListPage { - return BookmarkRelationListPage{fn: getNextPage} +// AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate. +func (fart FusionAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool) { + return nil, false } -// BookmarkRelationProperties bookmark relation properties -type BookmarkRelationProperties struct { - // RelationName - Name of relation - RelationName *string `json:"relationName,omitempty"` - // BookmarkID - The case related bookmark id - BookmarkID *string `json:"bookmarkId,omitempty"` - // CaseIdentifier - The case identifier - CaseIdentifier *string `json:"caseIdentifier,omitempty"` - // CaseTitle - The case title - CaseTitle *string `json:"caseTitle,omitempty"` - // CaseSeverity - The case severity - CaseSeverity *string `json:"caseSeverity,omitempty"` -} - -// Case represents a case in Azure Security Insights. -type Case struct { - autorest.Response `json:"-"` - // CaseProperties - Case properties - *CaseProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` +// AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate. +func (fart FusionAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) { + return nil, false } -// MarshalJSON is the custom marshaler for Case. -func (c Case) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if c.CaseProperties != nil { - objectMap["properties"] = c.CaseProperties - } - if c.Etag != nil { - objectMap["etag"] = c.Etag - } - return json.Marshal(objectMap) +// AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate. +func (fart FusionAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool) { + return &fart, true } -// UnmarshalJSON is the custom unmarshaler for Case struct. -func (c *Case) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for FusionAlertRuleTemplate struct. +func (fart *FusionAlertRuleTemplate) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -3601,12 +2413,12 @@ func (c *Case) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var caseProperties CaseProperties - err = json.Unmarshal(*v, &caseProperties) + var fusionAlertRuleTemplateProperties FusionAlertRuleTemplateProperties + err = json.Unmarshal(*v, &fusionAlertRuleTemplateProperties) if err != nil { return err } - c.CaseProperties = &caseProperties + fart.FusionAlertRuleTemplateProperties = &fusionAlertRuleTemplateProperties } case "id": if v != nil { @@ -3615,7 +2427,7 @@ func (c *Case) UnmarshalJSON(body []byte) error { if err != nil { return err } - c.ID = &ID + fart.ID = &ID } case "name": if v != nil { @@ -3624,7 +2436,7 @@ func (c *Case) UnmarshalJSON(body []byte) error { if err != nil { return err } - c.Name = &name + fart.Name = &name } case "type": if v != nil { @@ -3633,16 +2445,16 @@ func (c *Case) UnmarshalJSON(body []byte) error { if err != nil { return err } - c.Type = &typeVar + fart.Type = &typeVar } - case "etag": + case "kind": if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) + var kind KindBasicAlertRuleTemplate + err = json.Unmarshal(*v, &kind) if err != nil { return err } - c.Etag = &etag + fart.Kind = kind } } } @@ -3650,5263 +2462,122 @@ func (c *Case) UnmarshalJSON(body []byte) error { return nil } -// CaseComment represents a case comment -type CaseComment struct { - autorest.Response `json:"-"` - // CaseCommentProperties - Case comment properties - *CaseCommentProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` -} - -// MarshalJSON is the custom marshaler for CaseComment. -func (cc CaseComment) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if cc.CaseCommentProperties != nil { - objectMap["properties"] = cc.CaseCommentProperties - } - return json.Marshal(objectMap) -} - -// UnmarshalJSON is the custom unmarshaler for CaseComment struct. -func (cc *CaseComment) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var caseCommentProperties CaseCommentProperties - err = json.Unmarshal(*v, &caseCommentProperties) - if err != nil { - return err - } - cc.CaseCommentProperties = &caseCommentProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - cc.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - cc.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - cc.Type = &typeVar - } - } - } - - return nil -} - -// CaseCommentList list of case comments. -type CaseCommentList struct { - autorest.Response `json:"-"` - // NextLink - READ-ONLY; URL to fetch the next set of comments. - NextLink *string `json:"nextLink,omitempty"` - // Value - Array of comments. - Value *[]CaseComment `json:"value,omitempty"` -} - -// CaseCommentListIterator provides access to a complete listing of CaseComment values. -type CaseCommentListIterator struct { - i int - page CaseCommentListPage -} - -// NextWithContext advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -func (iter *CaseCommentListIterator) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseCommentListIterator.NextWithContext") - defer func() { - sc := -1 - if iter.Response().Response.Response != nil { - sc = iter.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - iter.i++ - if iter.i < len(iter.page.Values()) { - return nil - } - err = iter.page.NextWithContext(ctx) - if err != nil { - iter.i-- - return err - } - iter.i = 0 - return nil -} - -// Next advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (iter *CaseCommentListIterator) Next() error { - return iter.NextWithContext(context.Background()) -} - -// NotDone returns true if the enumeration should be started or is not yet complete. -func (iter CaseCommentListIterator) NotDone() bool { - return iter.page.NotDone() && iter.i < len(iter.page.Values()) -} - -// Response returns the raw server response from the last page request. -func (iter CaseCommentListIterator) Response() CaseCommentList { - return iter.page.Response() -} - -// Value returns the current value or a zero-initialized value if the -// iterator has advanced beyond the end of the collection. -func (iter CaseCommentListIterator) Value() CaseComment { - if !iter.page.NotDone() { - return CaseComment{} - } - return iter.page.Values()[iter.i] -} - -// Creates a new instance of the CaseCommentListIterator type. -func NewCaseCommentListIterator(page CaseCommentListPage) CaseCommentListIterator { - return CaseCommentListIterator{page: page} -} - -// IsEmpty returns true if the ListResult contains no values. -func (ccl CaseCommentList) IsEmpty() bool { - return ccl.Value == nil || len(*ccl.Value) == 0 -} - -// caseCommentListPreparer prepares a request to retrieve the next set of results. -// It returns nil if no more results exist. -func (ccl CaseCommentList) caseCommentListPreparer(ctx context.Context) (*http.Request, error) { - if ccl.NextLink == nil || len(to.String(ccl.NextLink)) < 1 { - return nil, nil - } - return autorest.Prepare((&http.Request{}).WithContext(ctx), - autorest.AsJSON(), - autorest.AsGet(), - autorest.WithBaseURL(to.String(ccl.NextLink))) -} - -// CaseCommentListPage contains a page of CaseComment values. -type CaseCommentListPage struct { - fn func(context.Context, CaseCommentList) (CaseCommentList, error) - ccl CaseCommentList -} - -// NextWithContext advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -func (page *CaseCommentListPage) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseCommentListPage.NextWithContext") - defer func() { - sc := -1 - if page.Response().Response.Response != nil { - sc = page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - next, err := page.fn(ctx, page.ccl) - if err != nil { - return err - } - page.ccl = next - return nil -} - -// Next advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (page *CaseCommentListPage) Next() error { - return page.NextWithContext(context.Background()) -} - -// NotDone returns true if the page enumeration should be started or is not yet complete. -func (page CaseCommentListPage) NotDone() bool { - return !page.ccl.IsEmpty() -} - -// Response returns the raw server response from the last page request. -func (page CaseCommentListPage) Response() CaseCommentList { - return page.ccl -} - -// Values returns the slice of values for the current page or nil if there are no values. -func (page CaseCommentListPage) Values() []CaseComment { - if page.ccl.IsEmpty() { - return nil - } - return *page.ccl.Value -} - -// Creates a new instance of the CaseCommentListPage type. -func NewCaseCommentListPage(getNextPage func(context.Context, CaseCommentList) (CaseCommentList, error)) CaseCommentListPage { - return CaseCommentListPage{fn: getNextPage} -} - -// CaseCommentProperties case comment property bag. -type CaseCommentProperties struct { - // CreatedTimeUtc - READ-ONLY; The time the comment was created - CreatedTimeUtc *date.Time `json:"createdTimeUtc,omitempty"` - // Message - The comment message - Message *string `json:"message,omitempty"` - // UserInfo - READ-ONLY; Describes the user that created the comment - UserInfo *UserInfo `json:"userInfo,omitempty"` -} - -// CaseList list all the cases. -type CaseList struct { - autorest.Response `json:"-"` - // NextLink - READ-ONLY; URL to fetch the next set of cases. - NextLink *string `json:"nextLink,omitempty"` - // Value - Array of cases. - Value *[]Case `json:"value,omitempty"` -} - -// CaseListIterator provides access to a complete listing of Case values. -type CaseListIterator struct { - i int - page CaseListPage -} - -// NextWithContext advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -func (iter *CaseListIterator) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseListIterator.NextWithContext") - defer func() { - sc := -1 - if iter.Response().Response.Response != nil { - sc = iter.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - iter.i++ - if iter.i < len(iter.page.Values()) { - return nil - } - err = iter.page.NextWithContext(ctx) - if err != nil { - iter.i-- - return err - } - iter.i = 0 - return nil -} - -// Next advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (iter *CaseListIterator) Next() error { - return iter.NextWithContext(context.Background()) -} - -// NotDone returns true if the enumeration should be started or is not yet complete. -func (iter CaseListIterator) NotDone() bool { - return iter.page.NotDone() && iter.i < len(iter.page.Values()) -} - -// Response returns the raw server response from the last page request. -func (iter CaseListIterator) Response() CaseList { - return iter.page.Response() -} - -// Value returns the current value or a zero-initialized value if the -// iterator has advanced beyond the end of the collection. -func (iter CaseListIterator) Value() Case { - if !iter.page.NotDone() { - return Case{} - } - return iter.page.Values()[iter.i] -} - -// Creates a new instance of the CaseListIterator type. -func NewCaseListIterator(page CaseListPage) CaseListIterator { - return CaseListIterator{page: page} -} - -// IsEmpty returns true if the ListResult contains no values. -func (cl CaseList) IsEmpty() bool { - return cl.Value == nil || len(*cl.Value) == 0 -} - -// caseListPreparer prepares a request to retrieve the next set of results. -// It returns nil if no more results exist. -func (cl CaseList) caseListPreparer(ctx context.Context) (*http.Request, error) { - if cl.NextLink == nil || len(to.String(cl.NextLink)) < 1 { - return nil, nil - } - return autorest.Prepare((&http.Request{}).WithContext(ctx), - autorest.AsJSON(), - autorest.AsGet(), - autorest.WithBaseURL(to.String(cl.NextLink))) -} - -// CaseListPage contains a page of Case values. -type CaseListPage struct { - fn func(context.Context, CaseList) (CaseList, error) - cl CaseList -} - -// NextWithContext advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -func (page *CaseListPage) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseListPage.NextWithContext") - defer func() { - sc := -1 - if page.Response().Response.Response != nil { - sc = page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - next, err := page.fn(ctx, page.cl) - if err != nil { - return err - } - page.cl = next - return nil -} - -// Next advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (page *CaseListPage) Next() error { - return page.NextWithContext(context.Background()) -} - -// NotDone returns true if the page enumeration should be started or is not yet complete. -func (page CaseListPage) NotDone() bool { - return !page.cl.IsEmpty() -} - -// Response returns the raw server response from the last page request. -func (page CaseListPage) Response() CaseList { - return page.cl -} - -// Values returns the slice of values for the current page or nil if there are no values. -func (page CaseListPage) Values() []Case { - if page.cl.IsEmpty() { - return nil - } - return *page.cl.Value -} - -// Creates a new instance of the CaseListPage type. -func NewCaseListPage(getNextPage func(context.Context, CaseList) (CaseList, error)) CaseListPage { - return CaseListPage{fn: getNextPage} -} - -// CaseProperties describes case properties -type CaseProperties struct { - // CaseNumber - READ-ONLY; a sequential number - CaseNumber *int32 `json:"caseNumber,omitempty"` - // CloseReason - The reason the case was closed. Possible values include: 'Resolved', 'Dismissed', 'TruePositive', 'FalsePositive', 'Other' - CloseReason CloseReason `json:"closeReason,omitempty"` - // ClosedReasonText - the case close reason details - ClosedReasonText *string `json:"closedReasonText,omitempty"` - // CreatedTimeUtc - READ-ONLY; The time the case was created - CreatedTimeUtc *date.Time `json:"createdTimeUtc,omitempty"` - // Description - The description of the case - Description *string `json:"description,omitempty"` - // EndTimeUtc - The end time of the case - EndTimeUtc *date.Time `json:"endTimeUtc,omitempty"` - // Labels - List of labels relevant to this case - Labels *[]string `json:"labels,omitempty"` - // LastComment - READ-ONLY; the last comment in the case - LastComment *string `json:"lastComment,omitempty"` - // LastUpdatedTimeUtc - READ-ONLY; The last time the case was updated - LastUpdatedTimeUtc *date.Time `json:"lastUpdatedTimeUtc,omitempty"` - // Owner - Describes a user that the case is assigned to - Owner *UserInfo `json:"owner,omitempty"` - // RelatedAlertIds - READ-ONLY; List of related alert identifiers - RelatedAlertIds *[]string `json:"relatedAlertIds,omitempty"` - // Severity - The severity of the case. Possible values include: 'CaseSeverityCritical', 'CaseSeverityHigh', 'CaseSeverityMedium', 'CaseSeverityLow', 'CaseSeverityInformational' - Severity CaseSeverity `json:"severity,omitempty"` - // StartTimeUtc - The start time of the case - StartTimeUtc *date.Time `json:"startTimeUtc,omitempty"` - // Status - The status of the case. Possible values include: 'CaseStatusDraft', 'CaseStatusNew', 'CaseStatusInProgress', 'CaseStatusClosed' - Status CaseStatus `json:"status,omitempty"` - // Title - The title of the case - Title *string `json:"title,omitempty"` - // TotalComments - READ-ONLY; the number of total comments in the case - TotalComments *int32 `json:"totalComments,omitempty"` -} - -// CaseRelation represents a case relation -type CaseRelation struct { - autorest.Response `json:"-"` - // CaseRelationProperties - Case relation properties - *CaseRelationProperties `json:"properties,omitempty"` - // Kind - READ-ONLY; The type of relation node. Possible values include: 'CasesToBookmarks' - Kind RelationTypes `json:"kind,omitempty"` - // Etag - ETag for relation - Etag *string `json:"etag,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` -} - -// MarshalJSON is the custom marshaler for CaseRelation. -func (cr CaseRelation) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if cr.CaseRelationProperties != nil { - objectMap["properties"] = cr.CaseRelationProperties - } - if cr.Etag != nil { - objectMap["etag"] = cr.Etag - } - return json.Marshal(objectMap) -} - -// UnmarshalJSON is the custom unmarshaler for CaseRelation struct. -func (cr *CaseRelation) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var caseRelationProperties CaseRelationProperties - err = json.Unmarshal(*v, &caseRelationProperties) - if err != nil { - return err - } - cr.CaseRelationProperties = &caseRelationProperties - } - case "kind": - if v != nil { - var kind RelationTypes - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - cr.Kind = kind - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - cr.Etag = &etag - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - cr.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - cr.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - cr.Type = &typeVar - } - } - } - - return nil -} - -// CaseRelationList list of case relations. -type CaseRelationList struct { - autorest.Response `json:"-"` - // NextLink - READ-ONLY; URL to fetch the next set of relations. - NextLink *string `json:"nextLink,omitempty"` - // Value - Array of relations. - Value *[]CaseRelation `json:"value,omitempty"` -} - -// CaseRelationListIterator provides access to a complete listing of CaseRelation values. -type CaseRelationListIterator struct { - i int - page CaseRelationListPage -} - -// NextWithContext advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -func (iter *CaseRelationListIterator) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseRelationListIterator.NextWithContext") - defer func() { - sc := -1 - if iter.Response().Response.Response != nil { - sc = iter.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - iter.i++ - if iter.i < len(iter.page.Values()) { - return nil - } - err = iter.page.NextWithContext(ctx) - if err != nil { - iter.i-- - return err - } - iter.i = 0 - return nil -} - -// Next advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (iter *CaseRelationListIterator) Next() error { - return iter.NextWithContext(context.Background()) -} - -// NotDone returns true if the enumeration should be started or is not yet complete. -func (iter CaseRelationListIterator) NotDone() bool { - return iter.page.NotDone() && iter.i < len(iter.page.Values()) -} - -// Response returns the raw server response from the last page request. -func (iter CaseRelationListIterator) Response() CaseRelationList { - return iter.page.Response() -} - -// Value returns the current value or a zero-initialized value if the -// iterator has advanced beyond the end of the collection. -func (iter CaseRelationListIterator) Value() CaseRelation { - if !iter.page.NotDone() { - return CaseRelation{} - } - return iter.page.Values()[iter.i] -} - -// Creates a new instance of the CaseRelationListIterator type. -func NewCaseRelationListIterator(page CaseRelationListPage) CaseRelationListIterator { - return CaseRelationListIterator{page: page} -} - -// IsEmpty returns true if the ListResult contains no values. -func (crl CaseRelationList) IsEmpty() bool { - return crl.Value == nil || len(*crl.Value) == 0 -} - -// caseRelationListPreparer prepares a request to retrieve the next set of results. -// It returns nil if no more results exist. -func (crl CaseRelationList) caseRelationListPreparer(ctx context.Context) (*http.Request, error) { - if crl.NextLink == nil || len(to.String(crl.NextLink)) < 1 { - return nil, nil - } - return autorest.Prepare((&http.Request{}).WithContext(ctx), - autorest.AsJSON(), - autorest.AsGet(), - autorest.WithBaseURL(to.String(crl.NextLink))) -} - -// CaseRelationListPage contains a page of CaseRelation values. -type CaseRelationListPage struct { - fn func(context.Context, CaseRelationList) (CaseRelationList, error) - crl CaseRelationList -} - -// NextWithContext advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -func (page *CaseRelationListPage) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/CaseRelationListPage.NextWithContext") - defer func() { - sc := -1 - if page.Response().Response.Response != nil { - sc = page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - next, err := page.fn(ctx, page.crl) - if err != nil { - return err - } - page.crl = next - return nil -} - -// Next advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (page *CaseRelationListPage) Next() error { - return page.NextWithContext(context.Background()) -} - -// NotDone returns true if the page enumeration should be started or is not yet complete. -func (page CaseRelationListPage) NotDone() bool { - return !page.crl.IsEmpty() -} - -// Response returns the raw server response from the last page request. -func (page CaseRelationListPage) Response() CaseRelationList { - return page.crl -} - -// Values returns the slice of values for the current page or nil if there are no values. -func (page CaseRelationListPage) Values() []CaseRelation { - if page.crl.IsEmpty() { - return nil - } - return *page.crl.Value -} - -// Creates a new instance of the CaseRelationListPage type. -func NewCaseRelationListPage(getNextPage func(context.Context, CaseRelationList) (CaseRelationList, error)) CaseRelationListPage { - return CaseRelationListPage{fn: getNextPage} -} - -// CaseRelationProperties case relation properties -type CaseRelationProperties struct { - // RelationName - Name of relation - RelationName *string `json:"relationName,omitempty"` - // BookmarkID - The case related bookmark id - BookmarkID *string `json:"bookmarkId,omitempty"` - // CaseIdentifier - The case identifier - CaseIdentifier *string `json:"caseIdentifier,omitempty"` - // BookmarkName - The case related bookmark name - BookmarkName *string `json:"bookmarkName,omitempty"` -} - -// CasesAggregation represents aggregations results for cases. -type CasesAggregation struct { - // CasesAggregationProperties - Properties of aggregations results of cases. - *CasesAggregationProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindAggregations', 'KindCasesAggregation' - Kind Kind `json:"kind,omitempty"` -} - -// MarshalJSON is the custom marshaler for CasesAggregation. -func (ca CasesAggregation) MarshalJSON() ([]byte, error) { - ca.Kind = KindCasesAggregation - objectMap := make(map[string]interface{}) - if ca.CasesAggregationProperties != nil { - objectMap["properties"] = ca.CasesAggregationProperties - } - if ca.Kind != "" { - objectMap["kind"] = ca.Kind - } - return json.Marshal(objectMap) -} - -// AsCasesAggregation is the BasicAggregations implementation for CasesAggregation. -func (ca CasesAggregation) AsCasesAggregation() (*CasesAggregation, bool) { - return &ca, true -} - -// AsAggregations is the BasicAggregations implementation for CasesAggregation. -func (ca CasesAggregation) AsAggregations() (*Aggregations, bool) { - return nil, false -} - -// AsBasicAggregations is the BasicAggregations implementation for CasesAggregation. -func (ca CasesAggregation) AsBasicAggregations() (BasicAggregations, bool) { - return &ca, true -} - -// UnmarshalJSON is the custom unmarshaler for CasesAggregation struct. -func (ca *CasesAggregation) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var casesAggregationProperties CasesAggregationProperties - err = json.Unmarshal(*v, &casesAggregationProperties) - if err != nil { - return err - } - ca.CasesAggregationProperties = &casesAggregationProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - ca.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - ca.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - ca.Type = &typeVar - } - case "kind": - if v != nil { - var kind Kind - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - ca.Kind = kind - } - } - } - - return nil -} - -// CasesAggregationBySeverityProperties aggregative results of cases by severity property bag. -type CasesAggregationBySeverityProperties struct { - // TotalCriticalSeverity - READ-ONLY; Total amount of open cases with severity Critical - TotalCriticalSeverity *int32 `json:"totalCriticalSeverity,omitempty"` - // TotalHighSeverity - READ-ONLY; Total amount of open cases with severity High - TotalHighSeverity *int32 `json:"totalHighSeverity,omitempty"` - // TotalInformationalSeverity - READ-ONLY; Total amount of open cases with severity Informational - TotalInformationalSeverity *int32 `json:"totalInformationalSeverity,omitempty"` - // TotalLowSeverity - READ-ONLY; Total amount of open cases with severity Low - TotalLowSeverity *int32 `json:"totalLowSeverity,omitempty"` - // TotalMediumSeverity - READ-ONLY; Total amount of open cases with severity medium - TotalMediumSeverity *int32 `json:"totalMediumSeverity,omitempty"` -} - -// CasesAggregationByStatusProperties aggregative results of cases by status property bag. -type CasesAggregationByStatusProperties struct { - // TotalDismissedStatus - READ-ONLY; Total amount of open cases with status Dismissed - TotalDismissedStatus *int32 `json:"totalDismissedStatus,omitempty"` - // TotalInProgressStatus - READ-ONLY; Total amount of open cases with status InProgress - TotalInProgressStatus *int32 `json:"totalInProgressStatus,omitempty"` - // TotalNewStatus - READ-ONLY; Total amount of open cases with status New - TotalNewStatus *int32 `json:"totalNewStatus,omitempty"` - // TotalResolvedStatus - READ-ONLY; Total amount of open cases with status Resolved - TotalResolvedStatus *int32 `json:"totalResolvedStatus,omitempty"` -} - -// CasesAggregationProperties aggregative results of cases property bag. -type CasesAggregationProperties struct { - // AggregationBySeverity - Aggregations results by case severity. - AggregationBySeverity *CasesAggregationBySeverityProperties `json:"aggregationBySeverity,omitempty"` - // AggregationByStatus - Aggregations results by case status. - AggregationByStatus *CasesAggregationByStatusProperties `json:"aggregationByStatus,omitempty"` -} - -// CloudApplicationEntity represents a cloud application entity. -type CloudApplicationEntity struct { - // CloudApplicationEntityProperties - CloudApplication entity properties - *CloudApplicationEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindAzureResource', 'KindCloudApplication', 'KindDNSResolution', 'KindFile', 'KindFileHash', 'KindHost', 'KindIP', 'KindMalware', 'KindProcess', 'KindRegistryKey', 'KindRegistryValue', 'KindSecurityAlert', 'KindSecurityGroup', 'KindURL', 'KindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` -} - -// MarshalJSON is the custom marshaler for CloudApplicationEntity. -func (cae CloudApplicationEntity) MarshalJSON() ([]byte, error) { - cae.Kind = KindCloudApplication - objectMap := make(map[string]interface{}) - if cae.CloudApplicationEntityProperties != nil { - objectMap["properties"] = cae.CloudApplicationEntityProperties - } - if cae.Kind != "" { - objectMap["kind"] = cae.Kind - } - return json.Marshal(objectMap) -} - -// AsAccountEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false -} - -// AsAzureResourceEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false -} - -// AsCloudApplicationEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return &cae, true -} - -// AsDNSEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsDNSEntity() (*DNSEntity, bool) { - return nil, false -} - -// AsFileEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsFileEntity() (*FileEntity, bool) { - return nil, false -} - -// AsFileHashEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsFileHashEntity() (*FileHashEntity, bool) { - return nil, false -} - -// AsHostEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsHostEntity() (*HostEntity, bool) { - return nil, false -} - -// AsIPEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsIPEntity() (*IPEntity, bool) { - return nil, false -} - -// AsMalwareEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsMalwareEntity() (*MalwareEntity, bool) { - return nil, false -} - -// AsProcessEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsProcessEntity() (*ProcessEntity, bool) { - return nil, false -} - -// AsRegistryKeyEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return nil, false -} - -// AsRegistryValueEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { - return nil, false -} - -// AsSecurityAlert is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsSecurityAlert() (*SecurityAlert, bool) { - return nil, false -} - -// AsSecurityGroupEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { - return nil, false -} - -// AsURLEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsURLEntity() (*URLEntity, bool) { - return nil, false -} - -// AsIoTDeviceEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { - return nil, false -} - -// AsEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsEntity() (*Entity, bool) { - return nil, false -} - -// AsBasicEntity is the BasicEntity implementation for CloudApplicationEntity. -func (cae CloudApplicationEntity) AsBasicEntity() (BasicEntity, bool) { - return &cae, true -} - -// UnmarshalJSON is the custom unmarshaler for CloudApplicationEntity struct. -func (cae *CloudApplicationEntity) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var cloudApplicationEntityProperties CloudApplicationEntityProperties - err = json.Unmarshal(*v, &cloudApplicationEntityProperties) - if err != nil { - return err - } - cae.CloudApplicationEntityProperties = &cloudApplicationEntityProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - cae.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - cae.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - cae.Type = &typeVar - } - case "kind": - if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - cae.Kind = kind - } - } - } - - return nil -} - -// CloudApplicationEntityProperties cloudApplication entity property bag. -type CloudApplicationEntityProperties struct { - // AppID - READ-ONLY; The technical identifier of the application. - AppID *int32 `json:"appId,omitempty"` - // AppName - READ-ONLY; The name of the related cloud application. - AppName *string `json:"appName,omitempty"` - // InstanceName - READ-ONLY; The user defined instance name of the cloud application. It is often used to distinguish between several applications of the same type that a customer has. - InstanceName *string `json:"instanceName,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` -} - -// MarshalJSON is the custom marshaler for CloudApplicationEntityProperties. -func (caep CloudApplicationEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) -} - -// CloudError error response structure. -type CloudError struct { - // CloudErrorBody - Error data - *CloudErrorBody `json:"error,omitempty"` -} - -// MarshalJSON is the custom marshaler for CloudError. -func (ce CloudError) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if ce.CloudErrorBody != nil { - objectMap["error"] = ce.CloudErrorBody - } - return json.Marshal(objectMap) -} - -// UnmarshalJSON is the custom unmarshaler for CloudError struct. -func (ce *CloudError) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "error": - if v != nil { - var cloudErrorBody CloudErrorBody - err = json.Unmarshal(*v, &cloudErrorBody) - if err != nil { - return err - } - ce.CloudErrorBody = &cloudErrorBody - } - } - } - - return nil -} - -// CloudErrorBody error details. -type CloudErrorBody struct { - // Code - READ-ONLY; An identifier for the error. Codes are invariant and are intended to be consumed programmatically. - Code *string `json:"code,omitempty"` - // Message - READ-ONLY; A message describing the error, intended to be suitable for display in a user interface. - Message *string `json:"message,omitempty"` -} - -// BasicDataConnector data connector. -type BasicDataConnector interface { - AsAADDataConnector() (*AADDataConnector, bool) - AsAATPDataConnector() (*AATPDataConnector, bool) - AsASCDataConnector() (*ASCDataConnector, bool) - AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) - AsMCASDataConnector() (*MCASDataConnector, bool) - AsMDATPDataConnector() (*MDATPDataConnector, bool) - AsOfficeDataConnector() (*OfficeDataConnector, bool) - AsTIDataConnector() (*TIDataConnector, bool) - AsDataConnector() (*DataConnector, bool) -} - -// DataConnector data connector. -type DataConnector struct { - autorest.Response `json:"-"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindDataConnector', 'KindAzureActiveDirectory', 'KindAzureAdvancedThreatProtection', 'KindAzureSecurityCenter', 'KindAmazonWebServicesCloudTrail', 'KindMicrosoftCloudAppSecurity', 'KindMicrosoftDefenderAdvancedThreatProtection', 'KindOffice365', 'KindThreatIntelligence' - Kind KindBasicDataConnector `json:"kind,omitempty"` -} - -func unmarshalBasicDataConnector(body []byte) (BasicDataConnector, error) { - var m map[string]interface{} - err := json.Unmarshal(body, &m) - if err != nil { - return nil, err - } - - switch m["kind"] { - case string(KindAzureActiveDirectory): - var adc AADDataConnector - err := json.Unmarshal(body, &adc) - return adc, err - case string(KindAzureAdvancedThreatProtection): - var adc AATPDataConnector - err := json.Unmarshal(body, &adc) - return adc, err - case string(KindAzureSecurityCenter): - var adc ASCDataConnector - err := json.Unmarshal(body, &adc) - return adc, err - case string(KindAmazonWebServicesCloudTrail): - var actdc AwsCloudTrailDataConnector - err := json.Unmarshal(body, &actdc) - return actdc, err - case string(KindMicrosoftCloudAppSecurity): - var mdc MCASDataConnector - err := json.Unmarshal(body, &mdc) - return mdc, err - case string(KindMicrosoftDefenderAdvancedThreatProtection): - var mdc MDATPDataConnector - err := json.Unmarshal(body, &mdc) - return mdc, err - case string(KindOffice365): - var odc OfficeDataConnector - err := json.Unmarshal(body, &odc) - return odc, err - case string(KindThreatIntelligence): - var tdc TIDataConnector - err := json.Unmarshal(body, &tdc) - return tdc, err - default: - var dc DataConnector - err := json.Unmarshal(body, &dc) - return dc, err - } -} -func unmarshalBasicDataConnectorArray(body []byte) ([]BasicDataConnector, error) { - var rawMessages []*json.RawMessage - err := json.Unmarshal(body, &rawMessages) - if err != nil { - return nil, err - } - - dcArray := make([]BasicDataConnector, len(rawMessages)) - - for index, rawMessage := range rawMessages { - dc, err := unmarshalBasicDataConnector(*rawMessage) - if err != nil { - return nil, err - } - dcArray[index] = dc - } - return dcArray, nil -} - -// MarshalJSON is the custom marshaler for DataConnector. -func (dc DataConnector) MarshalJSON() ([]byte, error) { - dc.Kind = KindDataConnector - objectMap := make(map[string]interface{}) - if dc.Etag != nil { - objectMap["etag"] = dc.Etag - } - if dc.Kind != "" { - objectMap["kind"] = dc.Kind - } - return json.Marshal(objectMap) -} - -// AsAADDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsAADDataConnector() (*AADDataConnector, bool) { - return nil, false -} - -// AsAATPDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { - return nil, false -} - -// AsASCDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { - return nil, false -} - -// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { - return nil, false -} - -// AsMCASDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { - return nil, false -} - -// AsMDATPDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { - return nil, false -} - -// AsOfficeDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { - return nil, false -} - -// AsTIDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsTIDataConnector() (*TIDataConnector, bool) { - return nil, false -} - -// AsDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsDataConnector() (*DataConnector, bool) { - return &dc, true -} - -// AsBasicDataConnector is the BasicDataConnector implementation for DataConnector. -func (dc DataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { - return &dc, true -} - -// DataConnectorDataTypeCommon common field for data type in data connectors. -type DataConnectorDataTypeCommon struct { - // State - Describe whether this data type connection is enabled or not. Possible values include: 'Enabled', 'Disabled' - State DataTypeState `json:"state,omitempty"` -} - -// DataConnectorKind1 describes an Azure resource with kind. -type DataConnectorKind1 struct { - // Kind - The kind of the data connector. Possible values include: 'DataConnectorKindAzureActiveDirectory', 'DataConnectorKindAzureSecurityCenter', 'DataConnectorKindMicrosoftCloudAppSecurity', 'DataConnectorKindThreatIntelligence', 'DataConnectorKindOffice365', 'DataConnectorKindAmazonWebServicesCloudTrail', 'DataConnectorKindAzureAdvancedThreatProtection', 'DataConnectorKindMicrosoftDefenderAdvancedThreatProtection' - Kind DataConnectorKind `json:"kind,omitempty"` -} - -// DataConnectorList list all the data connectors. -type DataConnectorList struct { - autorest.Response `json:"-"` - // NextLink - READ-ONLY; URL to fetch the next set of data connectors. - NextLink *string `json:"nextLink,omitempty"` - // Value - Array of data connectors. - Value *[]BasicDataConnector `json:"value,omitempty"` -} - -// UnmarshalJSON is the custom unmarshaler for DataConnectorList struct. -func (dcl *DataConnectorList) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "nextLink": - if v != nil { - var nextLink string - err = json.Unmarshal(*v, &nextLink) - if err != nil { - return err - } - dcl.NextLink = &nextLink - } - case "value": - if v != nil { - value, err := unmarshalBasicDataConnectorArray(*v) - if err != nil { - return err - } - dcl.Value = &value - } - } - } - - return nil -} - -// DataConnectorListIterator provides access to a complete listing of DataConnector values. -type DataConnectorListIterator struct { - i int - page DataConnectorListPage -} - -// NextWithContext advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -func (iter *DataConnectorListIterator) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/DataConnectorListIterator.NextWithContext") - defer func() { - sc := -1 - if iter.Response().Response.Response != nil { - sc = iter.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - iter.i++ - if iter.i < len(iter.page.Values()) { - return nil - } - err = iter.page.NextWithContext(ctx) - if err != nil { - iter.i-- - return err - } - iter.i = 0 - return nil -} - -// Next advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (iter *DataConnectorListIterator) Next() error { - return iter.NextWithContext(context.Background()) -} - -// NotDone returns true if the enumeration should be started or is not yet complete. -func (iter DataConnectorListIterator) NotDone() bool { - return iter.page.NotDone() && iter.i < len(iter.page.Values()) -} - -// Response returns the raw server response from the last page request. -func (iter DataConnectorListIterator) Response() DataConnectorList { - return iter.page.Response() -} - -// Value returns the current value or a zero-initialized value if the -// iterator has advanced beyond the end of the collection. -func (iter DataConnectorListIterator) Value() BasicDataConnector { - if !iter.page.NotDone() { - return DataConnector{} - } - return iter.page.Values()[iter.i] -} - -// Creates a new instance of the DataConnectorListIterator type. -func NewDataConnectorListIterator(page DataConnectorListPage) DataConnectorListIterator { - return DataConnectorListIterator{page: page} -} - -// IsEmpty returns true if the ListResult contains no values. -func (dcl DataConnectorList) IsEmpty() bool { - return dcl.Value == nil || len(*dcl.Value) == 0 -} - -// dataConnectorListPreparer prepares a request to retrieve the next set of results. -// It returns nil if no more results exist. -func (dcl DataConnectorList) dataConnectorListPreparer(ctx context.Context) (*http.Request, error) { - if dcl.NextLink == nil || len(to.String(dcl.NextLink)) < 1 { - return nil, nil - } - return autorest.Prepare((&http.Request{}).WithContext(ctx), - autorest.AsJSON(), - autorest.AsGet(), - autorest.WithBaseURL(to.String(dcl.NextLink))) -} - -// DataConnectorListPage contains a page of BasicDataConnector values. -type DataConnectorListPage struct { - fn func(context.Context, DataConnectorList) (DataConnectorList, error) - dcl DataConnectorList -} - -// NextWithContext advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -func (page *DataConnectorListPage) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/DataConnectorListPage.NextWithContext") - defer func() { - sc := -1 - if page.Response().Response.Response != nil { - sc = page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - next, err := page.fn(ctx, page.dcl) - if err != nil { - return err - } - page.dcl = next - return nil -} - -// Next advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (page *DataConnectorListPage) Next() error { - return page.NextWithContext(context.Background()) -} - -// NotDone returns true if the page enumeration should be started or is not yet complete. -func (page DataConnectorListPage) NotDone() bool { - return !page.dcl.IsEmpty() -} - -// Response returns the raw server response from the last page request. -func (page DataConnectorListPage) Response() DataConnectorList { - return page.dcl -} - -// Values returns the slice of values for the current page or nil if there are no values. -func (page DataConnectorListPage) Values() []BasicDataConnector { - if page.dcl.IsEmpty() { - return nil - } - return *page.dcl.Value -} - -// Creates a new instance of the DataConnectorListPage type. -func NewDataConnectorListPage(getNextPage func(context.Context, DataConnectorList) (DataConnectorList, error)) DataConnectorListPage { - return DataConnectorListPage{fn: getNextPage} -} - -// DataConnectorModel ... -type DataConnectorModel struct { - autorest.Response `json:"-"` - Value BasicDataConnector `json:"value,omitempty"` -} - -// UnmarshalJSON is the custom unmarshaler for DataConnectorModel struct. -func (dcm *DataConnectorModel) UnmarshalJSON(body []byte) error { - dc, err := unmarshalBasicDataConnector(body) - if err != nil { - return err - } - dcm.Value = dc - - return nil -} - -// DataConnectorRequirementsState data connector requirements status. -type DataConnectorRequirementsState struct { - autorest.Response `json:"-"` - // AuthorizationState - Authorization state for this connector. Possible values include: 'Valid', 'Invalid' - AuthorizationState DataConnectorAuthorizationState `json:"authorizationState,omitempty"` - // LicenseState - License state for this connector. Possible values include: 'DataConnectorLicenseStateValid', 'DataConnectorLicenseStateInvalid', 'DataConnectorLicenseStateUnknown' - LicenseState DataConnectorLicenseState `json:"licenseState,omitempty"` -} - -// DataConnectorsCheckRequirements data connector requirements properties. -type DataConnectorsCheckRequirements struct { - // Kind - The kind of the data connector. Possible values include: 'DataConnectorKindAzureActiveDirectory', 'DataConnectorKindAzureSecurityCenter', 'DataConnectorKindMicrosoftCloudAppSecurity', 'DataConnectorKindThreatIntelligence', 'DataConnectorKindOffice365', 'DataConnectorKindAmazonWebServicesCloudTrail', 'DataConnectorKindAzureAdvancedThreatProtection', 'DataConnectorKindMicrosoftDefenderAdvancedThreatProtection' - Kind DataConnectorKind `json:"kind,omitempty"` -} - -// DataConnectorStatus alert rule template data connector status -type DataConnectorStatus struct { - // ConnectorID - the connector id - ConnectorID *string `json:"connectorId,omitempty"` - // DataTypes - The data types availability map - DataTypes map[string]*DataTypeStatus `json:"dataTypes"` -} - -// MarshalJSON is the custom marshaler for DataConnectorStatus. -func (dcs DataConnectorStatus) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if dcs.ConnectorID != nil { - objectMap["connectorId"] = dcs.ConnectorID - } - if dcs.DataTypes != nil { - objectMap["dataTypes"] = dcs.DataTypes - } - return json.Marshal(objectMap) -} - -// DataConnectorTenantID properties data connector on tenant level. -type DataConnectorTenantID struct { - // TenantID - The tenant id to connect to, and get the data from. - TenantID *string `json:"tenantId,omitempty"` -} - -// DataConnectorWithAlertsProperties data connector properties. -type DataConnectorWithAlertsProperties struct { - // DataTypes - The available data types for the connector. - DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` -} - -// DNSEntity represents a dns entity. -type DNSEntity struct { - // DNSEntityProperties - Dns entity properties - *DNSEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindAzureResource', 'KindCloudApplication', 'KindDNSResolution', 'KindFile', 'KindFileHash', 'KindHost', 'KindIP', 'KindMalware', 'KindProcess', 'KindRegistryKey', 'KindRegistryValue', 'KindSecurityAlert', 'KindSecurityGroup', 'KindURL', 'KindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` -} - -// MarshalJSON is the custom marshaler for DNSEntity. -func (de DNSEntity) MarshalJSON() ([]byte, error) { - de.Kind = KindDNSResolution - objectMap := make(map[string]interface{}) - if de.DNSEntityProperties != nil { - objectMap["properties"] = de.DNSEntityProperties - } - if de.Kind != "" { - objectMap["kind"] = de.Kind - } - return json.Marshal(objectMap) -} - -// AsAccountEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false -} - -// AsAzureResourceEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false -} - -// AsCloudApplicationEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false -} - -// AsDNSEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsDNSEntity() (*DNSEntity, bool) { - return &de, true -} - -// AsFileEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsFileEntity() (*FileEntity, bool) { - return nil, false -} - -// AsFileHashEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsFileHashEntity() (*FileHashEntity, bool) { - return nil, false -} - -// AsHostEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsHostEntity() (*HostEntity, bool) { - return nil, false -} - -// AsIPEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsIPEntity() (*IPEntity, bool) { - return nil, false -} - -// AsMalwareEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsMalwareEntity() (*MalwareEntity, bool) { - return nil, false -} - -// AsProcessEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsProcessEntity() (*ProcessEntity, bool) { - return nil, false -} - -// AsRegistryKeyEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return nil, false -} - -// AsRegistryValueEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { - return nil, false -} - -// AsSecurityAlert is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsSecurityAlert() (*SecurityAlert, bool) { - return nil, false -} - -// AsSecurityGroupEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { - return nil, false -} - -// AsURLEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsURLEntity() (*URLEntity, bool) { - return nil, false -} - -// AsIoTDeviceEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { - return nil, false -} - -// AsEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsEntity() (*Entity, bool) { - return nil, false -} - -// AsBasicEntity is the BasicEntity implementation for DNSEntity. -func (de DNSEntity) AsBasicEntity() (BasicEntity, bool) { - return &de, true -} - -// UnmarshalJSON is the custom unmarshaler for DNSEntity struct. -func (de *DNSEntity) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var DNSEntityProperties DNSEntityProperties - err = json.Unmarshal(*v, &DNSEntityProperties) - if err != nil { - return err - } - de.DNSEntityProperties = &DNSEntityProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - de.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - de.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - de.Type = &typeVar - } - case "kind": - if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - de.Kind = kind - } - } - } - - return nil -} - -// DNSEntityProperties dns entity property bag. -type DNSEntityProperties struct { - // DNSServerIPEntityID - READ-ONLY; An ip entity id for the dns server resolving the request - DNSServerIPEntityID *string `json:"dnsServerIpEntityId,omitempty"` - // DomainName - READ-ONLY; The name of the dns record associated with the alert - DomainName *string `json:"domainName,omitempty"` - // HostIPAddressEntityID - READ-ONLY; An ip entity id for the dns request client - HostIPAddressEntityID *string `json:"hostIpAddressEntityId,omitempty"` - // IPAddressEntityIds - READ-ONLY; Ip entity identifiers for the resolved ip address. - IPAddressEntityIds *[]string `json:"ipAddressEntityIds,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` -} - -// MarshalJSON is the custom marshaler for DNSEntityProperties. -func (dep DNSEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) -} - -// BasicEntity specific entity. -type BasicEntity interface { - AsAccountEntity() (*AccountEntity, bool) - AsAzureResourceEntity() (*AzureResourceEntity, bool) - AsCloudApplicationEntity() (*CloudApplicationEntity, bool) - AsDNSEntity() (*DNSEntity, bool) - AsFileEntity() (*FileEntity, bool) - AsFileHashEntity() (*FileHashEntity, bool) - AsHostEntity() (*HostEntity, bool) - AsIPEntity() (*IPEntity, bool) - AsMalwareEntity() (*MalwareEntity, bool) - AsProcessEntity() (*ProcessEntity, bool) - AsRegistryKeyEntity() (*RegistryKeyEntity, bool) - AsRegistryValueEntity() (*RegistryValueEntity, bool) - AsSecurityAlert() (*SecurityAlert, bool) - AsSecurityGroupEntity() (*SecurityGroupEntity, bool) - AsURLEntity() (*URLEntity, bool) - AsIoTDeviceEntity() (*IoTDeviceEntity, bool) - AsEntity() (*Entity, bool) -} - -// Entity specific entity. -type Entity struct { - autorest.Response `json:"-"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindAzureResource', 'KindCloudApplication', 'KindDNSResolution', 'KindFile', 'KindFileHash', 'KindHost', 'KindIP', 'KindMalware', 'KindProcess', 'KindRegistryKey', 'KindRegistryValue', 'KindSecurityAlert', 'KindSecurityGroup', 'KindURL', 'KindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` -} - -func unmarshalBasicEntity(body []byte) (BasicEntity, error) { - var m map[string]interface{} - err := json.Unmarshal(body, &m) - if err != nil { - return nil, err - } - - switch m["kind"] { - case string(KindAccount): - var ae AccountEntity - err := json.Unmarshal(body, &ae) - return ae, err - case string(KindAzureResource): - var are AzureResourceEntity - err := json.Unmarshal(body, &are) - return are, err - case string(KindCloudApplication): - var cae CloudApplicationEntity - err := json.Unmarshal(body, &cae) - return cae, err - case string(KindDNSResolution): - var de DNSEntity - err := json.Unmarshal(body, &de) - return de, err - case string(KindFile): - var fe FileEntity - err := json.Unmarshal(body, &fe) - return fe, err - case string(KindFileHash): - var fhe FileHashEntity - err := json.Unmarshal(body, &fhe) - return fhe, err - case string(KindHost): - var he HostEntity - err := json.Unmarshal(body, &he) - return he, err - case string(KindIP): - var ie IPEntity - err := json.Unmarshal(body, &ie) - return ie, err - case string(KindMalware): - var me MalwareEntity - err := json.Unmarshal(body, &me) - return me, err - case string(KindProcess): - var peVar ProcessEntity - err := json.Unmarshal(body, &peVar) - return peVar, err - case string(KindRegistryKey): - var rke RegistryKeyEntity - err := json.Unmarshal(body, &rke) - return rke, err - case string(KindRegistryValue): - var rve RegistryValueEntity - err := json.Unmarshal(body, &rve) - return rve, err - case string(KindSecurityAlert): - var sa SecurityAlert - err := json.Unmarshal(body, &sa) - return sa, err - case string(KindSecurityGroup): - var sge SecurityGroupEntity - err := json.Unmarshal(body, &sge) - return sge, err - case string(KindURL): - var ue URLEntity - err := json.Unmarshal(body, &ue) - return ue, err - case string(KindIoTDevice): - var itde IoTDeviceEntity - err := json.Unmarshal(body, &itde) - return itde, err - default: - var e Entity - err := json.Unmarshal(body, &e) - return e, err - } -} -func unmarshalBasicEntityArray(body []byte) ([]BasicEntity, error) { - var rawMessages []*json.RawMessage - err := json.Unmarshal(body, &rawMessages) - if err != nil { - return nil, err - } - - eArray := make([]BasicEntity, len(rawMessages)) - - for index, rawMessage := range rawMessages { - e, err := unmarshalBasicEntity(*rawMessage) - if err != nil { - return nil, err - } - eArray[index] = e - } - return eArray, nil -} - -// MarshalJSON is the custom marshaler for Entity. -func (e Entity) MarshalJSON() ([]byte, error) { - e.Kind = KindEntity - objectMap := make(map[string]interface{}) - if e.Kind != "" { - objectMap["kind"] = e.Kind - } - return json.Marshal(objectMap) -} - -// AsAccountEntity is the BasicEntity implementation for Entity. -func (e Entity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false -} - -// AsAzureResourceEntity is the BasicEntity implementation for Entity. -func (e Entity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false -} - -// AsCloudApplicationEntity is the BasicEntity implementation for Entity. -func (e Entity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false -} - -// AsDNSEntity is the BasicEntity implementation for Entity. -func (e Entity) AsDNSEntity() (*DNSEntity, bool) { - return nil, false -} - -// AsFileEntity is the BasicEntity implementation for Entity. -func (e Entity) AsFileEntity() (*FileEntity, bool) { - return nil, false -} - -// AsFileHashEntity is the BasicEntity implementation for Entity. -func (e Entity) AsFileHashEntity() (*FileHashEntity, bool) { - return nil, false -} - -// AsHostEntity is the BasicEntity implementation for Entity. -func (e Entity) AsHostEntity() (*HostEntity, bool) { - return nil, false -} - -// AsIPEntity is the BasicEntity implementation for Entity. -func (e Entity) AsIPEntity() (*IPEntity, bool) { - return nil, false -} - -// AsMalwareEntity is the BasicEntity implementation for Entity. -func (e Entity) AsMalwareEntity() (*MalwareEntity, bool) { - return nil, false -} - -// AsProcessEntity is the BasicEntity implementation for Entity. -func (e Entity) AsProcessEntity() (*ProcessEntity, bool) { - return nil, false -} - -// AsRegistryKeyEntity is the BasicEntity implementation for Entity. -func (e Entity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return nil, false -} - -// AsRegistryValueEntity is the BasicEntity implementation for Entity. -func (e Entity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { - return nil, false -} - -// AsSecurityAlert is the BasicEntity implementation for Entity. -func (e Entity) AsSecurityAlert() (*SecurityAlert, bool) { - return nil, false -} - -// AsSecurityGroupEntity is the BasicEntity implementation for Entity. -func (e Entity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { - return nil, false -} - -// AsURLEntity is the BasicEntity implementation for Entity. -func (e Entity) AsURLEntity() (*URLEntity, bool) { - return nil, false -} - -// AsIoTDeviceEntity is the BasicEntity implementation for Entity. -func (e Entity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { - return nil, false -} - -// AsEntity is the BasicEntity implementation for Entity. -func (e Entity) AsEntity() (*Entity, bool) { - return &e, true -} - -// AsBasicEntity is the BasicEntity implementation for Entity. -func (e Entity) AsBasicEntity() (BasicEntity, bool) { - return &e, true -} - -// EntityCommonProperties entity common property bag. -type EntityCommonProperties struct { - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` -} - -// MarshalJSON is the custom marshaler for EntityCommonProperties. -func (ecp EntityCommonProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) -} - -// EntityExpandParameters the parameters required to execute an expand operation on the given entity. -type EntityExpandParameters struct { - // EndTime - The end date filter, so the only expansion results returned are before this date. - EndTime *date.Time `json:"endTime,omitempty"` - // ExpansionID - The Id of the expansion to perform. - ExpansionID *uuid.UUID `json:"expansionId,omitempty"` - // StartTime - The start date filter, so the only expansion results returned are after this date. - StartTime *date.Time `json:"startTime,omitempty"` -} - -// EntityExpandResponse the entity expansion result operation response. -type EntityExpandResponse struct { - autorest.Response `json:"-"` - // MetaData - The metadata from the expansion operation results. - MetaData *ExpansionResultsMetadata `json:"metaData,omitempty"` - // Value - The expansion result values. - Value *EntityExpandResponseValue `json:"value,omitempty"` -} - -// EntityExpandResponseValue the expansion result values. -type EntityExpandResponseValue struct { - // Entities - Array of the expansion result entities. - Entities *[]BasicEntity `json:"entities,omitempty"` -} - -// UnmarshalJSON is the custom unmarshaler for EntityExpandResponseValue struct. -func (eer *EntityExpandResponseValue) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "entities": - if v != nil { - entities, err := unmarshalBasicEntityArray(*v) - if err != nil { - return err - } - eer.Entities = &entities - } - } - } - - return nil -} - -// EntityKind1 describes an entity with kind. -type EntityKind1 struct { - // Kind - The kind of the entity. Possible values include: 'EntityKindAccount', 'EntityKindHost', 'EntityKindFile', 'EntityKindAzureResource', 'EntityKindCloudApplication', 'EntityKindDNSResolution', 'EntityKindFileHash', 'EntityKindIP', 'EntityKindMalware', 'EntityKindProcess', 'EntityKindRegistryKey', 'EntityKindRegistryValue', 'EntityKindSecurityGroup', 'EntityKindURL', 'EntityKindIoTDevice', 'EntityKindSecurityAlert', 'EntityKindBookmark' - Kind EntityKind `json:"kind,omitempty"` -} - -// EntityList list of all the entities. -type EntityList struct { - autorest.Response `json:"-"` - // NextLink - READ-ONLY; URL to fetch the next set of entities. - NextLink *string `json:"nextLink,omitempty"` - // Value - Array of entities. - Value *[]BasicEntity `json:"value,omitempty"` -} - -// UnmarshalJSON is the custom unmarshaler for EntityList struct. -func (el *EntityList) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "nextLink": - if v != nil { - var nextLink string - err = json.Unmarshal(*v, &nextLink) - if err != nil { - return err - } - el.NextLink = &nextLink - } - case "value": - if v != nil { - value, err := unmarshalBasicEntityArray(*v) - if err != nil { - return err - } - el.Value = &value - } - } - } - - return nil -} - -// EntityListIterator provides access to a complete listing of Entity values. -type EntityListIterator struct { - i int - page EntityListPage -} - -// NextWithContext advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -func (iter *EntityListIterator) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/EntityListIterator.NextWithContext") - defer func() { - sc := -1 - if iter.Response().Response.Response != nil { - sc = iter.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - iter.i++ - if iter.i < len(iter.page.Values()) { - return nil - } - err = iter.page.NextWithContext(ctx) - if err != nil { - iter.i-- - return err - } - iter.i = 0 - return nil -} - -// Next advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (iter *EntityListIterator) Next() error { - return iter.NextWithContext(context.Background()) -} - -// NotDone returns true if the enumeration should be started or is not yet complete. -func (iter EntityListIterator) NotDone() bool { - return iter.page.NotDone() && iter.i < len(iter.page.Values()) -} - -// Response returns the raw server response from the last page request. -func (iter EntityListIterator) Response() EntityList { - return iter.page.Response() -} - -// Value returns the current value or a zero-initialized value if the -// iterator has advanced beyond the end of the collection. -func (iter EntityListIterator) Value() BasicEntity { - if !iter.page.NotDone() { - return Entity{} - } - return iter.page.Values()[iter.i] -} - -// Creates a new instance of the EntityListIterator type. -func NewEntityListIterator(page EntityListPage) EntityListIterator { - return EntityListIterator{page: page} -} - -// IsEmpty returns true if the ListResult contains no values. -func (el EntityList) IsEmpty() bool { - return el.Value == nil || len(*el.Value) == 0 -} - -// entityListPreparer prepares a request to retrieve the next set of results. -// It returns nil if no more results exist. -func (el EntityList) entityListPreparer(ctx context.Context) (*http.Request, error) { - if el.NextLink == nil || len(to.String(el.NextLink)) < 1 { - return nil, nil - } - return autorest.Prepare((&http.Request{}).WithContext(ctx), - autorest.AsJSON(), - autorest.AsGet(), - autorest.WithBaseURL(to.String(el.NextLink))) -} - -// EntityListPage contains a page of BasicEntity values. -type EntityListPage struct { - fn func(context.Context, EntityList) (EntityList, error) - el EntityList -} - -// NextWithContext advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -func (page *EntityListPage) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/EntityListPage.NextWithContext") - defer func() { - sc := -1 - if page.Response().Response.Response != nil { - sc = page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - next, err := page.fn(ctx, page.el) - if err != nil { - return err - } - page.el = next - return nil -} - -// Next advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (page *EntityListPage) Next() error { - return page.NextWithContext(context.Background()) -} - -// NotDone returns true if the page enumeration should be started or is not yet complete. -func (page EntityListPage) NotDone() bool { - return !page.el.IsEmpty() -} - -// Response returns the raw server response from the last page request. -func (page EntityListPage) Response() EntityList { - return page.el -} - -// Values returns the slice of values for the current page or nil if there are no values. -func (page EntityListPage) Values() []BasicEntity { - if page.el.IsEmpty() { - return nil - } - return *page.el.Value -} - -// Creates a new instance of the EntityListPage type. -func NewEntityListPage(getNextPage func(context.Context, EntityList) (EntityList, error)) EntityListPage { - return EntityListPage{fn: getNextPage} -} - -// EntityModel ... -type EntityModel struct { - autorest.Response `json:"-"` - Value BasicEntity `json:"value,omitempty"` -} - -// UnmarshalJSON is the custom unmarshaler for EntityModel struct. -func (em *EntityModel) UnmarshalJSON(body []byte) error { - e, err := unmarshalBasicEntity(body) - if err != nil { - return err - } - em.Value = e - - return nil -} - -// EntityQuery specific entity query. -type EntityQuery struct { - autorest.Response `json:"-"` - // EntityQueryProperties - Entity query properties - *EntityQueryProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` -} - -// MarshalJSON is the custom marshaler for EntityQuery. -func (eq EntityQuery) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if eq.EntityQueryProperties != nil { - objectMap["properties"] = eq.EntityQueryProperties - } - return json.Marshal(objectMap) -} - -// UnmarshalJSON is the custom unmarshaler for EntityQuery struct. -func (eq *EntityQuery) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var entityQueryProperties EntityQueryProperties - err = json.Unmarshal(*v, &entityQueryProperties) - if err != nil { - return err - } - eq.EntityQueryProperties = &entityQueryProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - eq.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - eq.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - eq.Type = &typeVar - } - } - } - - return nil -} - -// EntityQueryList list of all the entity queries. -type EntityQueryList struct { - autorest.Response `json:"-"` - // NextLink - READ-ONLY; URL to fetch the next set of entity queries. - NextLink *string `json:"nextLink,omitempty"` - // Value - Array of entity queries. - Value *[]EntityQuery `json:"value,omitempty"` -} - -// EntityQueryListIterator provides access to a complete listing of EntityQuery values. -type EntityQueryListIterator struct { - i int - page EntityQueryListPage -} - -// NextWithContext advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -func (iter *EntityQueryListIterator) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueryListIterator.NextWithContext") - defer func() { - sc := -1 - if iter.Response().Response.Response != nil { - sc = iter.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - iter.i++ - if iter.i < len(iter.page.Values()) { - return nil - } - err = iter.page.NextWithContext(ctx) - if err != nil { - iter.i-- - return err - } - iter.i = 0 - return nil -} - -// Next advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (iter *EntityQueryListIterator) Next() error { - return iter.NextWithContext(context.Background()) -} - -// NotDone returns true if the enumeration should be started or is not yet complete. -func (iter EntityQueryListIterator) NotDone() bool { - return iter.page.NotDone() && iter.i < len(iter.page.Values()) -} - -// Response returns the raw server response from the last page request. -func (iter EntityQueryListIterator) Response() EntityQueryList { - return iter.page.Response() -} - -// Value returns the current value or a zero-initialized value if the -// iterator has advanced beyond the end of the collection. -func (iter EntityQueryListIterator) Value() EntityQuery { - if !iter.page.NotDone() { - return EntityQuery{} - } - return iter.page.Values()[iter.i] -} - -// Creates a new instance of the EntityQueryListIterator type. -func NewEntityQueryListIterator(page EntityQueryListPage) EntityQueryListIterator { - return EntityQueryListIterator{page: page} -} - -// IsEmpty returns true if the ListResult contains no values. -func (eql EntityQueryList) IsEmpty() bool { - return eql.Value == nil || len(*eql.Value) == 0 -} - -// entityQueryListPreparer prepares a request to retrieve the next set of results. -// It returns nil if no more results exist. -func (eql EntityQueryList) entityQueryListPreparer(ctx context.Context) (*http.Request, error) { - if eql.NextLink == nil || len(to.String(eql.NextLink)) < 1 { - return nil, nil - } - return autorest.Prepare((&http.Request{}).WithContext(ctx), - autorest.AsJSON(), - autorest.AsGet(), - autorest.WithBaseURL(to.String(eql.NextLink))) -} - -// EntityQueryListPage contains a page of EntityQuery values. -type EntityQueryListPage struct { - fn func(context.Context, EntityQueryList) (EntityQueryList, error) - eql EntityQueryList -} - -// NextWithContext advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -func (page *EntityQueryListPage) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/EntityQueryListPage.NextWithContext") - defer func() { - sc := -1 - if page.Response().Response.Response != nil { - sc = page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - next, err := page.fn(ctx, page.eql) - if err != nil { - return err - } - page.eql = next - return nil -} - -// Next advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (page *EntityQueryListPage) Next() error { - return page.NextWithContext(context.Background()) -} - -// NotDone returns true if the page enumeration should be started or is not yet complete. -func (page EntityQueryListPage) NotDone() bool { - return !page.eql.IsEmpty() -} - -// Response returns the raw server response from the last page request. -func (page EntityQueryListPage) Response() EntityQueryList { - return page.eql -} - -// Values returns the slice of values for the current page or nil if there are no values. -func (page EntityQueryListPage) Values() []EntityQuery { - if page.eql.IsEmpty() { - return nil - } - return *page.eql.Value -} - -// Creates a new instance of the EntityQueryListPage type. -func NewEntityQueryListPage(getNextPage func(context.Context, EntityQueryList) (EntityQueryList, error)) EntityQueryListPage { - return EntityQueryListPage{fn: getNextPage} -} - -// EntityQueryProperties describes entity query properties -type EntityQueryProperties struct { - // DataSources - List of the data sources that are required to run the query - DataSources *[]string `json:"dataSources,omitempty"` - // DisplayName - The query display name - DisplayName *string `json:"displayName,omitempty"` - // InputEntityType - The type of the query's source entity. Possible values include: 'EntityTypeAccount', 'EntityTypeHost', 'EntityTypeFile', 'EntityTypeAzureResource', 'EntityTypeCloudApplication', 'EntityTypeDNS', 'EntityTypeFileHash', 'EntityTypeIP', 'EntityTypeMalware', 'EntityTypeProcess', 'EntityTypeRegistryKey', 'EntityTypeRegistryValue', 'EntityTypeSecurityGroup', 'EntityTypeURL', 'EntityTypeIoTDevice', 'EntityTypeSecurityAlert', 'EntityTypeHuntingBookmark' - InputEntityType EntityType `json:"inputEntityType,omitempty"` - // InputFields - List of the fields of the source entity that are required to run the query - InputFields *[]string `json:"inputFields,omitempty"` - // OutputEntityTypes - List of the desired output types to be constructed from the result - OutputEntityTypes *[]EntityType `json:"outputEntityTypes,omitempty"` - // QueryTemplate - The template query string to be parsed and formatted - QueryTemplate *string `json:"queryTemplate,omitempty"` -} - -// ExpansionResultAggregation information of a specific aggregation in the expansion result. -type ExpansionResultAggregation struct { - // AggregationType - The common type of the aggregation. (for e.g. entity field name) - AggregationType *string `json:"aggregationType,omitempty"` - // Count - Total number of aggregations of the given kind (and aggregationType if given) in the expansion result. - Count *int32 `json:"count,omitempty"` - // DisplayName - The display name of the aggregation by type. - DisplayName *string `json:"displayName,omitempty"` - // EntityKind - The kind of the aggregated entity. Possible values include: 'EntityKindAccount', 'EntityKindHost', 'EntityKindFile', 'EntityKindAzureResource', 'EntityKindCloudApplication', 'EntityKindDNSResolution', 'EntityKindFileHash', 'EntityKindIP', 'EntityKindMalware', 'EntityKindProcess', 'EntityKindRegistryKey', 'EntityKindRegistryValue', 'EntityKindSecurityGroup', 'EntityKindURL', 'EntityKindIoTDevice', 'EntityKindSecurityAlert', 'EntityKindBookmark' - EntityKind EntityKind `json:"entityKind,omitempty"` -} - -// ExpansionResultsMetadata expansion result metadata. -type ExpansionResultsMetadata struct { - // Aggregations - Information of the aggregated nodes in the expansion result. - Aggregations *[]ExpansionResultAggregation `json:"aggregations,omitempty"` -} - -// FileEntity represents a file entity. -type FileEntity struct { - // FileEntityProperties - File entity properties - *FileEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindAzureResource', 'KindCloudApplication', 'KindDNSResolution', 'KindFile', 'KindFileHash', 'KindHost', 'KindIP', 'KindMalware', 'KindProcess', 'KindRegistryKey', 'KindRegistryValue', 'KindSecurityAlert', 'KindSecurityGroup', 'KindURL', 'KindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` -} - -// MarshalJSON is the custom marshaler for FileEntity. -func (fe FileEntity) MarshalJSON() ([]byte, error) { - fe.Kind = KindFile - objectMap := make(map[string]interface{}) - if fe.FileEntityProperties != nil { - objectMap["properties"] = fe.FileEntityProperties - } - if fe.Kind != "" { - objectMap["kind"] = fe.Kind - } - return json.Marshal(objectMap) -} - -// AsAccountEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false -} - -// AsAzureResourceEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false -} - -// AsCloudApplicationEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false -} - -// AsDNSEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsDNSEntity() (*DNSEntity, bool) { - return nil, false -} - -// AsFileEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsFileEntity() (*FileEntity, bool) { - return &fe, true -} - -// AsFileHashEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsFileHashEntity() (*FileHashEntity, bool) { - return nil, false -} - -// AsHostEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsHostEntity() (*HostEntity, bool) { - return nil, false -} - -// AsIPEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsIPEntity() (*IPEntity, bool) { - return nil, false -} - -// AsMalwareEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsMalwareEntity() (*MalwareEntity, bool) { - return nil, false -} - -// AsProcessEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsProcessEntity() (*ProcessEntity, bool) { - return nil, false -} - -// AsRegistryKeyEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return nil, false -} - -// AsRegistryValueEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { - return nil, false -} - -// AsSecurityAlert is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsSecurityAlert() (*SecurityAlert, bool) { - return nil, false -} - -// AsSecurityGroupEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { - return nil, false -} - -// AsURLEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsURLEntity() (*URLEntity, bool) { - return nil, false -} - -// AsIoTDeviceEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { - return nil, false -} - -// AsEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsEntity() (*Entity, bool) { - return nil, false -} - -// AsBasicEntity is the BasicEntity implementation for FileEntity. -func (fe FileEntity) AsBasicEntity() (BasicEntity, bool) { - return &fe, true -} - -// UnmarshalJSON is the custom unmarshaler for FileEntity struct. -func (fe *FileEntity) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var fileEntityProperties FileEntityProperties - err = json.Unmarshal(*v, &fileEntityProperties) - if err != nil { - return err - } - fe.FileEntityProperties = &fileEntityProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - fe.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - fe.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - fe.Type = &typeVar - } - case "kind": - if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - fe.Kind = kind - } - } - } - - return nil -} - -// FileEntityProperties file entity property bag. -type FileEntityProperties struct { - // Directory - READ-ONLY; The full path to the file. - Directory *string `json:"directory,omitempty"` - // FileHashEntityIds - READ-ONLY; The file hash entity identifiers associated with this file - FileHashEntityIds *[]string `json:"fileHashEntityIds,omitempty"` - // FileName - READ-ONLY; The file name without path (some alerts might not include path). - FileName *string `json:"fileName,omitempty"` - // HostEntityID - READ-ONLY; The Host entity id which the file belongs to - HostEntityID *string `json:"hostEntityId,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` -} - -// MarshalJSON is the custom marshaler for FileEntityProperties. -func (fep FileEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) -} - -// FileHashEntity represents a file hash entity. -type FileHashEntity struct { - // FileHashEntityProperties - FileHash entity properties - *FileHashEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindAzureResource', 'KindCloudApplication', 'KindDNSResolution', 'KindFile', 'KindFileHash', 'KindHost', 'KindIP', 'KindMalware', 'KindProcess', 'KindRegistryKey', 'KindRegistryValue', 'KindSecurityAlert', 'KindSecurityGroup', 'KindURL', 'KindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` -} - -// MarshalJSON is the custom marshaler for FileHashEntity. -func (fhe FileHashEntity) MarshalJSON() ([]byte, error) { - fhe.Kind = KindFileHash - objectMap := make(map[string]interface{}) - if fhe.FileHashEntityProperties != nil { - objectMap["properties"] = fhe.FileHashEntityProperties - } - if fhe.Kind != "" { - objectMap["kind"] = fhe.Kind - } - return json.Marshal(objectMap) -} - -// AsAccountEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false -} - -// AsAzureResourceEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false -} - -// AsCloudApplicationEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false -} - -// AsDNSEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsDNSEntity() (*DNSEntity, bool) { - return nil, false -} - -// AsFileEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsFileEntity() (*FileEntity, bool) { - return nil, false -} - -// AsFileHashEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsFileHashEntity() (*FileHashEntity, bool) { - return &fhe, true -} - -// AsHostEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsHostEntity() (*HostEntity, bool) { - return nil, false -} - -// AsIPEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsIPEntity() (*IPEntity, bool) { - return nil, false -} - -// AsMalwareEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsMalwareEntity() (*MalwareEntity, bool) { - return nil, false -} - -// AsProcessEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsProcessEntity() (*ProcessEntity, bool) { - return nil, false -} - -// AsRegistryKeyEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return nil, false -} - -// AsRegistryValueEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { - return nil, false -} - -// AsSecurityAlert is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsSecurityAlert() (*SecurityAlert, bool) { - return nil, false -} - -// AsSecurityGroupEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { - return nil, false -} - -// AsURLEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsURLEntity() (*URLEntity, bool) { - return nil, false -} - -// AsIoTDeviceEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { - return nil, false -} - -// AsEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsEntity() (*Entity, bool) { - return nil, false -} - -// AsBasicEntity is the BasicEntity implementation for FileHashEntity. -func (fhe FileHashEntity) AsBasicEntity() (BasicEntity, bool) { - return &fhe, true -} - -// UnmarshalJSON is the custom unmarshaler for FileHashEntity struct. -func (fhe *FileHashEntity) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var fileHashEntityProperties FileHashEntityProperties - err = json.Unmarshal(*v, &fileHashEntityProperties) - if err != nil { - return err - } - fhe.FileHashEntityProperties = &fileHashEntityProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - fhe.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - fhe.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - fhe.Type = &typeVar - } - case "kind": - if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - fhe.Kind = kind - } - } - } - - return nil -} - -// FileHashEntityProperties fileHash entity property bag. -type FileHashEntityProperties struct { - // Algorithm - READ-ONLY; The hash algorithm type. Possible values include: 'Unknown', 'MD5', 'SHA1', 'SHA256', 'SHA256AC' - Algorithm FileHashAlgorithm `json:"algorithm,omitempty"` - // HashValue - READ-ONLY; The file hash value. - HashValue *string `json:"hashValue,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` -} - -// MarshalJSON is the custom marshaler for FileHashEntityProperties. -func (fhep FileHashEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) -} - -// FusionAlertRule represents Fusion alert rule. -type FusionAlertRule struct { - // FusionAlertRuleProperties - Fusion alert rule properties - *FusionAlertRuleProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindAlertRule', 'KindFusion', 'KindMicrosoftSecurityIncidentCreation', 'KindScheduled' - Kind KindBasicAlertRule `json:"kind,omitempty"` -} - -// MarshalJSON is the custom marshaler for FusionAlertRule. -func (far FusionAlertRule) MarshalJSON() ([]byte, error) { - far.Kind = KindFusion - objectMap := make(map[string]interface{}) - if far.FusionAlertRuleProperties != nil { - objectMap["properties"] = far.FusionAlertRuleProperties - } - if far.Etag != nil { - objectMap["etag"] = far.Etag - } - if far.Kind != "" { - objectMap["kind"] = far.Kind - } - return json.Marshal(objectMap) -} - -// AsFusionAlertRule is the BasicAlertRule implementation for FusionAlertRule. -func (far FusionAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool) { - return &far, true -} - -// AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for FusionAlertRule. -func (far FusionAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool) { - return nil, false -} - -// AsScheduledAlertRule is the BasicAlertRule implementation for FusionAlertRule. -func (far FusionAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool) { - return nil, false -} - -// AsAlertRule is the BasicAlertRule implementation for FusionAlertRule. -func (far FusionAlertRule) AsAlertRule() (*AlertRule, bool) { - return nil, false -} - -// AsBasicAlertRule is the BasicAlertRule implementation for FusionAlertRule. -func (far FusionAlertRule) AsBasicAlertRule() (BasicAlertRule, bool) { - return &far, true -} - -// UnmarshalJSON is the custom unmarshaler for FusionAlertRule struct. -func (far *FusionAlertRule) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var fusionAlertRuleProperties FusionAlertRuleProperties - err = json.Unmarshal(*v, &fusionAlertRuleProperties) - if err != nil { - return err - } - far.FusionAlertRuleProperties = &fusionAlertRuleProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - far.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - far.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - far.Type = &typeVar - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - far.Etag = &etag - } - case "kind": - if v != nil { - var kind KindBasicAlertRule - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - far.Kind = kind - } - } - } - - return nil -} - -// FusionAlertRuleProperties fusion alert rule base property bag. -type FusionAlertRuleProperties struct { - // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. - AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` - // Description - READ-ONLY; The description of the alert rule. - Description *string `json:"description,omitempty"` - // DisplayName - READ-ONLY; The display name for alerts created by this alert rule. - DisplayName *string `json:"displayName,omitempty"` - // Enabled - Determines whether this alert rule is enabled or disabled. - Enabled *bool `json:"enabled,omitempty"` - // LastModifiedUtc - READ-ONLY; The last time that this alert has been modified. - LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` - // Severity - READ-ONLY; The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', 'Low', 'Informational' - Severity AlertSeverity `json:"severity,omitempty"` - // Tactics - READ-ONLY; The tactics of the alert rule - Tactics *[]AttackTactic `json:"tactics,omitempty"` -} - -// FusionAlertRuleTemplate represents Fusion alert rule template. -type FusionAlertRuleTemplate struct { - // FusionAlertRuleTemplateProperties - Fusion alert rule template properties - *FusionAlertRuleTemplateProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled' - Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` -} - -// MarshalJSON is the custom marshaler for FusionAlertRuleTemplate. -func (fart FusionAlertRuleTemplate) MarshalJSON() ([]byte, error) { - fart.Kind = KindBasicAlertRuleTemplateKindFusion - objectMap := make(map[string]interface{}) - if fart.FusionAlertRuleTemplateProperties != nil { - objectMap["properties"] = fart.FusionAlertRuleTemplateProperties - } - if fart.Kind != "" { - objectMap["kind"] = fart.Kind - } - return json.Marshal(objectMap) -} - -// AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate. -func (fart FusionAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool) { - return &fart, true -} - -// AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate. -func (fart FusionAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool) { - return nil, false -} - -// AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate. -func (fart FusionAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool) { - return nil, false -} - -// AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate. -func (fart FusionAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) { - return nil, false -} - -// AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for FusionAlertRuleTemplate. -func (fart FusionAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool) { - return &fart, true -} - -// UnmarshalJSON is the custom unmarshaler for FusionAlertRuleTemplate struct. -func (fart *FusionAlertRuleTemplate) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var fusionAlertRuleTemplateProperties FusionAlertRuleTemplateProperties - err = json.Unmarshal(*v, &fusionAlertRuleTemplateProperties) - if err != nil { - return err - } - fart.FusionAlertRuleTemplateProperties = &fusionAlertRuleTemplateProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - fart.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - fart.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - fart.Type = &typeVar - } - case "kind": - if v != nil { - var kind KindBasicAlertRuleTemplate - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - fart.Kind = kind - } - } - } - - return nil -} - -// FusionAlertRuleTemplateProperties fusion alert rule template properties -type FusionAlertRuleTemplateProperties struct { - // Severity - The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', 'Low', 'Informational' - Severity AlertSeverity `json:"severity,omitempty"` - // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template - AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` - // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. - CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` - // Description - The description of the alert rule template. - Description *string `json:"description,omitempty"` - // DisplayName - The display name for alert rule template. - DisplayName *string `json:"displayName,omitempty"` - // RequiredDataConnectors - The required data connectors for this template - RequiredDataConnectors *[]DataConnectorStatus `json:"requiredDataConnectors,omitempty"` - // Status - The alert rule template status. Possible values include: 'Installed', 'Available', 'NotAvailable' - Status TemplateStatus `json:"status,omitempty"` - // Tactics - The tactics of the alert rule template - Tactics *[]AttackTactic `json:"tactics,omitempty"` -} - -// GeoLocation the geo-location context attached to the ip entity -type GeoLocation struct { - // Asn - READ-ONLY; Autonomous System Number - Asn *int32 `json:"asn,omitempty"` - // City - READ-ONLY; City name - City *string `json:"city,omitempty"` - // CountryCode - READ-ONLY; The country code according to ISO 3166 format - CountryCode *string `json:"countryCode,omitempty"` - // CountryName - READ-ONLY; Country name according to ISO 3166 Alpha 2: the lowercase of the English Short Name - CountryName *string `json:"countryName,omitempty"` - // Latitude - READ-ONLY; The longitude of the identified location, expressed as a floating point number with range of -180 to 180, with positive numbers representing East and negative numbers representing West. Latitude and longitude are derived from the city or postal code. - Latitude *float64 `json:"latitude,omitempty"` - // Longitude - READ-ONLY; The latitude of the identified location, expressed as a floating point number with range of - 90 to 90, with positive numbers representing North and negative numbers representing South. Latitude and longitude are derived from the city or postal code. - Longitude *float64 `json:"longitude,omitempty"` - // State - READ-ONLY; State name - State *string `json:"state,omitempty"` -} - -// HostEntity represents a host entity. -type HostEntity struct { - // HostEntityProperties - Host entity properties - *HostEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindAzureResource', 'KindCloudApplication', 'KindDNSResolution', 'KindFile', 'KindFileHash', 'KindHost', 'KindIP', 'KindMalware', 'KindProcess', 'KindRegistryKey', 'KindRegistryValue', 'KindSecurityAlert', 'KindSecurityGroup', 'KindURL', 'KindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` -} - -// MarshalJSON is the custom marshaler for HostEntity. -func (he HostEntity) MarshalJSON() ([]byte, error) { - he.Kind = KindHost - objectMap := make(map[string]interface{}) - if he.HostEntityProperties != nil { - objectMap["properties"] = he.HostEntityProperties - } - if he.Kind != "" { - objectMap["kind"] = he.Kind - } - return json.Marshal(objectMap) -} - -// AsAccountEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false -} - -// AsAzureResourceEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false -} - -// AsCloudApplicationEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false -} - -// AsDNSEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsDNSEntity() (*DNSEntity, bool) { - return nil, false -} - -// AsFileEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsFileEntity() (*FileEntity, bool) { - return nil, false -} - -// AsFileHashEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsFileHashEntity() (*FileHashEntity, bool) { - return nil, false -} - -// AsHostEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsHostEntity() (*HostEntity, bool) { - return &he, true -} - -// AsIPEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsIPEntity() (*IPEntity, bool) { - return nil, false -} - -// AsMalwareEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsMalwareEntity() (*MalwareEntity, bool) { - return nil, false -} - -// AsProcessEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsProcessEntity() (*ProcessEntity, bool) { - return nil, false -} - -// AsRegistryKeyEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return nil, false -} - -// AsRegistryValueEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { - return nil, false -} - -// AsSecurityAlert is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsSecurityAlert() (*SecurityAlert, bool) { - return nil, false -} - -// AsSecurityGroupEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { - return nil, false -} - -// AsURLEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsURLEntity() (*URLEntity, bool) { - return nil, false -} - -// AsIoTDeviceEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { - return nil, false -} - -// AsEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsEntity() (*Entity, bool) { - return nil, false -} - -// AsBasicEntity is the BasicEntity implementation for HostEntity. -func (he HostEntity) AsBasicEntity() (BasicEntity, bool) { - return &he, true -} - -// UnmarshalJSON is the custom unmarshaler for HostEntity struct. -func (he *HostEntity) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var hostEntityProperties HostEntityProperties - err = json.Unmarshal(*v, &hostEntityProperties) - if err != nil { - return err - } - he.HostEntityProperties = &hostEntityProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - he.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - he.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - he.Type = &typeVar - } - case "kind": - if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - he.Kind = kind - } - } - } - - return nil -} - -// HostEntityProperties host entity property bag. -type HostEntityProperties struct { - // AzureID - READ-ONLY; The azure resource id of the VM. - AzureID *string `json:"azureID,omitempty"` - // DNSDomain - READ-ONLY; The DNS domain that this host belongs to. Should contain the compete DNS suffix for the domain - DNSDomain *string `json:"dnsDomain,omitempty"` - // HostName - READ-ONLY; The hostname without the domain suffix. - HostName *string `json:"hostName,omitempty"` - // IsDomainJoined - READ-ONLY; Determines whether this host belongs to a domain. - IsDomainJoined *bool `json:"isDomainJoined,omitempty"` - // NetBiosName - READ-ONLY; The host name (pre-windows2000). - NetBiosName *string `json:"netBiosName,omitempty"` - // NtDomain - READ-ONLY; The NT domain that this host belongs to. - NtDomain *string `json:"ntDomain,omitempty"` - // OmsAgentID - READ-ONLY; The OMS agent id, if the host has OMS agent installed. - OmsAgentID *string `json:"omsAgentID,omitempty"` - // OsFamily - The operating system type. Possible values include: 'Linux', 'Windows', 'Android', 'IOS' - OsFamily OSFamily `json:"osFamily,omitempty"` - // OsVersion - READ-ONLY; A free text representation of the operating system. This field is meant to hold specific versions the are more fine grained than OSFamily or future values not supported by OSFamily enumeration - OsVersion *string `json:"osVersion,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` -} - -// MarshalJSON is the custom marshaler for HostEntityProperties. -func (hep HostEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if hep.OsFamily != "" { - objectMap["osFamily"] = hep.OsFamily - } - return json.Marshal(objectMap) -} - -// IncidentInfo describes related incident information for the bookmark -type IncidentInfo struct { - // IncidentID - Incident Id - IncidentID *string `json:"incidentId,omitempty"` - // Severity - The severity of the incident. Possible values include: 'IncidentSeverityCritical', 'IncidentSeverityHigh', 'IncidentSeverityMedium', 'IncidentSeverityLow', 'IncidentSeverityInformational' - Severity IncidentSeverity `json:"severity,omitempty"` - // Title - The title of the incident - Title *string `json:"title,omitempty"` - // RelationName - Relation Name - RelationName *string `json:"relationName,omitempty"` -} - -// IoTDeviceEntity represents an IoT device entity. -type IoTDeviceEntity struct { - // IoTDeviceEntityProperties - IoTDevice entity properties - *IoTDeviceEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindAzureResource', 'KindCloudApplication', 'KindDNSResolution', 'KindFile', 'KindFileHash', 'KindHost', 'KindIP', 'KindMalware', 'KindProcess', 'KindRegistryKey', 'KindRegistryValue', 'KindSecurityAlert', 'KindSecurityGroup', 'KindURL', 'KindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` -} - -// MarshalJSON is the custom marshaler for IoTDeviceEntity. -func (itde IoTDeviceEntity) MarshalJSON() ([]byte, error) { - itde.Kind = KindIoTDevice - objectMap := make(map[string]interface{}) - if itde.IoTDeviceEntityProperties != nil { - objectMap["properties"] = itde.IoTDeviceEntityProperties - } - if itde.Kind != "" { - objectMap["kind"] = itde.Kind - } - return json.Marshal(objectMap) -} - -// AsAccountEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false -} - -// AsAzureResourceEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false -} - -// AsCloudApplicationEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false -} - -// AsDNSEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsDNSEntity() (*DNSEntity, bool) { - return nil, false -} - -// AsFileEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsFileEntity() (*FileEntity, bool) { - return nil, false -} - -// AsFileHashEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsFileHashEntity() (*FileHashEntity, bool) { - return nil, false -} - -// AsHostEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsHostEntity() (*HostEntity, bool) { - return nil, false -} - -// AsIPEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsIPEntity() (*IPEntity, bool) { - return nil, false -} - -// AsMalwareEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsMalwareEntity() (*MalwareEntity, bool) { - return nil, false -} - -// AsProcessEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsProcessEntity() (*ProcessEntity, bool) { - return nil, false -} - -// AsRegistryKeyEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return nil, false -} - -// AsRegistryValueEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { - return nil, false -} - -// AsSecurityAlert is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsSecurityAlert() (*SecurityAlert, bool) { - return nil, false -} - -// AsSecurityGroupEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { - return nil, false -} - -// AsURLEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsURLEntity() (*URLEntity, bool) { - return nil, false -} - -// AsIoTDeviceEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { - return &itde, true -} - -// AsEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsEntity() (*Entity, bool) { - return nil, false -} - -// AsBasicEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsBasicEntity() (BasicEntity, bool) { - return &itde, true -} - -// UnmarshalJSON is the custom unmarshaler for IoTDeviceEntity struct. -func (itde *IoTDeviceEntity) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var ioTDeviceEntityProperties IoTDeviceEntityProperties - err = json.Unmarshal(*v, &ioTDeviceEntityProperties) - if err != nil { - return err - } - itde.IoTDeviceEntityProperties = &ioTDeviceEntityProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - itde.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - itde.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - itde.Type = &typeVar - } - case "kind": - if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - itde.Kind = kind - } - } - } - - return nil -} - -// IoTDeviceEntityProperties ioTDevice entity property bag. -type IoTDeviceEntityProperties struct { - // DeviceID - READ-ONLY; The ID of the IoT Device in the IoT Hub - DeviceID *string `json:"deviceId,omitempty"` - // IotSecurityAgentID - READ-ONLY; The ID of the security agent running on the device - IotSecurityAgentID *uuid.UUID `json:"iotSecurityAgentId,omitempty"` - // DeviceType - READ-ONLY; The type of the device - DeviceType *string `json:"deviceType,omitempty"` - // Vendor - READ-ONLY; The vendor of the device - Vendor *string `json:"vendor,omitempty"` - // EdgeID - READ-ONLY; The ID of the edge device - EdgeID *string `json:"edgeId,omitempty"` - // IotHubEntityID - READ-ONLY; The AzureResource entity id of the IoT Hub - IotHubEntityID *string `json:"iotHubEntityId,omitempty"` - // HostEntityID - READ-ONLY; The Host entity id of this device - HostEntityID *string `json:"hostEntityId,omitempty"` - // ThreatIntelligence - READ-ONLY; A list of TI contexts attached to the IoTDevice entity. - ThreatIntelligence *[]ThreatIntelligence `json:"threatIntelligence,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` -} - -// MarshalJSON is the custom marshaler for IoTDeviceEntityProperties. -func (itdep IoTDeviceEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) -} - -// IPEntity represents an ip entity. -type IPEntity struct { - // IPEntityProperties - Ip entity properties - *IPEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindAzureResource', 'KindCloudApplication', 'KindDNSResolution', 'KindFile', 'KindFileHash', 'KindHost', 'KindIP', 'KindMalware', 'KindProcess', 'KindRegistryKey', 'KindRegistryValue', 'KindSecurityAlert', 'KindSecurityGroup', 'KindURL', 'KindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` -} - -// MarshalJSON is the custom marshaler for IPEntity. -func (ie IPEntity) MarshalJSON() ([]byte, error) { - ie.Kind = KindIP - objectMap := make(map[string]interface{}) - if ie.IPEntityProperties != nil { - objectMap["properties"] = ie.IPEntityProperties - } - if ie.Kind != "" { - objectMap["kind"] = ie.Kind - } - return json.Marshal(objectMap) -} - -// AsAccountEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false -} - -// AsAzureResourceEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false -} - -// AsCloudApplicationEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false -} - -// AsDNSEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsDNSEntity() (*DNSEntity, bool) { - return nil, false -} - -// AsFileEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsFileEntity() (*FileEntity, bool) { - return nil, false -} - -// AsFileHashEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsFileHashEntity() (*FileHashEntity, bool) { - return nil, false -} - -// AsHostEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsHostEntity() (*HostEntity, bool) { - return nil, false -} - -// AsIPEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsIPEntity() (*IPEntity, bool) { - return &ie, true -} - -// AsMalwareEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsMalwareEntity() (*MalwareEntity, bool) { - return nil, false -} - -// AsProcessEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsProcessEntity() (*ProcessEntity, bool) { - return nil, false -} - -// AsRegistryKeyEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return nil, false -} - -// AsRegistryValueEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { - return nil, false -} - -// AsSecurityAlert is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsSecurityAlert() (*SecurityAlert, bool) { - return nil, false -} - -// AsSecurityGroupEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { - return nil, false -} - -// AsURLEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsURLEntity() (*URLEntity, bool) { - return nil, false -} - -// AsIoTDeviceEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { - return nil, false -} - -// AsEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsEntity() (*Entity, bool) { - return nil, false -} - -// AsBasicEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsBasicEntity() (BasicEntity, bool) { - return &ie, true -} - -// UnmarshalJSON is the custom unmarshaler for IPEntity struct. -func (ie *IPEntity) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var IPEntityProperties IPEntityProperties - err = json.Unmarshal(*v, &IPEntityProperties) - if err != nil { - return err - } - ie.IPEntityProperties = &IPEntityProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - ie.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - ie.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - ie.Type = &typeVar - } - case "kind": - if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - ie.Kind = kind - } - } - } - - return nil -} - -// IPEntityProperties ip entity property bag. -type IPEntityProperties struct { - // Address - READ-ONLY; The IP address as string, e.g. 127.0.0.1 (either in Ipv4 or Ipv6) - Address *string `json:"address,omitempty"` - // Location - The geo-location context attached to the ip entity - Location *GeoLocation `json:"location,omitempty"` - // ThreatIntelligence - READ-ONLY; A list of TI contexts attached to the ip entity. - ThreatIntelligence *[]ThreatIntelligence `json:"threatIntelligence,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` -} - -// MarshalJSON is the custom marshaler for IPEntityProperties. -func (iep IPEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if iep.Location != nil { - objectMap["location"] = iep.Location - } - return json.Marshal(objectMap) -} - -// MalwareEntity represents a malware entity. -type MalwareEntity struct { - // MalwareEntityProperties - File entity properties - *MalwareEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindAzureResource', 'KindCloudApplication', 'KindDNSResolution', 'KindFile', 'KindFileHash', 'KindHost', 'KindIP', 'KindMalware', 'KindProcess', 'KindRegistryKey', 'KindRegistryValue', 'KindSecurityAlert', 'KindSecurityGroup', 'KindURL', 'KindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` -} - -// MarshalJSON is the custom marshaler for MalwareEntity. -func (me MalwareEntity) MarshalJSON() ([]byte, error) { - me.Kind = KindMalware - objectMap := make(map[string]interface{}) - if me.MalwareEntityProperties != nil { - objectMap["properties"] = me.MalwareEntityProperties - } - if me.Kind != "" { - objectMap["kind"] = me.Kind - } - return json.Marshal(objectMap) -} - -// AsAccountEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false -} - -// AsAzureResourceEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false -} - -// AsCloudApplicationEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false -} - -// AsDNSEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsDNSEntity() (*DNSEntity, bool) { - return nil, false -} - -// AsFileEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsFileEntity() (*FileEntity, bool) { - return nil, false -} - -// AsFileHashEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsFileHashEntity() (*FileHashEntity, bool) { - return nil, false -} - -// AsHostEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsHostEntity() (*HostEntity, bool) { - return nil, false -} - -// AsIPEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsIPEntity() (*IPEntity, bool) { - return nil, false -} - -// AsMalwareEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsMalwareEntity() (*MalwareEntity, bool) { - return &me, true -} - -// AsProcessEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsProcessEntity() (*ProcessEntity, bool) { - return nil, false -} - -// AsRegistryKeyEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return nil, false -} - -// AsRegistryValueEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { - return nil, false -} - -// AsSecurityAlert is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsSecurityAlert() (*SecurityAlert, bool) { - return nil, false -} - -// AsSecurityGroupEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { - return nil, false -} - -// AsURLEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsURLEntity() (*URLEntity, bool) { - return nil, false -} - -// AsIoTDeviceEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { - return nil, false -} - -// AsEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsEntity() (*Entity, bool) { - return nil, false -} - -// AsBasicEntity is the BasicEntity implementation for MalwareEntity. -func (me MalwareEntity) AsBasicEntity() (BasicEntity, bool) { - return &me, true -} - -// UnmarshalJSON is the custom unmarshaler for MalwareEntity struct. -func (me *MalwareEntity) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var malwareEntityProperties MalwareEntityProperties - err = json.Unmarshal(*v, &malwareEntityProperties) - if err != nil { - return err - } - me.MalwareEntityProperties = &malwareEntityProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - me.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - me.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - me.Type = &typeVar - } - case "kind": - if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - me.Kind = kind - } - } - } - - return nil -} - -// MalwareEntityProperties malware entity property bag. -type MalwareEntityProperties struct { - // Category - READ-ONLY; The malware category by the vendor, e.g. Trojan - Category *string `json:"category,omitempty"` - // FileEntityIds - READ-ONLY; List of linked file entity identifiers on which the malware was found - FileEntityIds *[]string `json:"fileEntityIds,omitempty"` - // MalwareName - READ-ONLY; The malware name by the vendor, e.g. Win32/Toga!rfn - MalwareName *string `json:"malwareName,omitempty"` - // ProcessEntityIds - READ-ONLY; List of linked process entity identifiers on which the malware was found. - ProcessEntityIds *[]string `json:"processEntityIds,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` -} - -// MarshalJSON is the custom marshaler for MalwareEntityProperties. -func (mep MalwareEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) -} - -// MCASCheckRequirements MCAS (Microsoft Cloud App Security) requirements check properties. -type MCASCheckRequirements struct { - // TenantID - The tenant id to connect to, and get the data from. - TenantID *string `json:"tenantId,omitempty"` -} - -// MCASDataConnector represents MCAS (Microsoft Cloud App Security) data connector. -type MCASDataConnector struct { - // MCASDataConnectorProperties - MCAS (Microsoft Cloud App Security) data connector properties. - *MCASDataConnectorProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindDataConnector', 'KindAzureActiveDirectory', 'KindAzureAdvancedThreatProtection', 'KindAzureSecurityCenter', 'KindAmazonWebServicesCloudTrail', 'KindMicrosoftCloudAppSecurity', 'KindMicrosoftDefenderAdvancedThreatProtection', 'KindOffice365', 'KindThreatIntelligence' - Kind KindBasicDataConnector `json:"kind,omitempty"` -} - -// MarshalJSON is the custom marshaler for MCASDataConnector. -func (mdc MCASDataConnector) MarshalJSON() ([]byte, error) { - mdc.Kind = KindMicrosoftCloudAppSecurity - objectMap := make(map[string]interface{}) - if mdc.MCASDataConnectorProperties != nil { - objectMap["properties"] = mdc.MCASDataConnectorProperties - } - if mdc.Etag != nil { - objectMap["etag"] = mdc.Etag - } - if mdc.Kind != "" { - objectMap["kind"] = mdc.Kind - } - return json.Marshal(objectMap) -} - -// AsAADDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { - return nil, false -} - -// AsAATPDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { - return nil, false -} - -// AsASCDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { - return nil, false -} - -// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { - return nil, false -} - -// AsMCASDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { - return &mdc, true -} - -// AsMDATPDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { - return nil, false -} - -// AsOfficeDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { - return nil, false -} - -// AsTIDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsTIDataConnector() (*TIDataConnector, bool) { - return nil, false -} - -// AsDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsDataConnector() (*DataConnector, bool) { - return nil, false -} - -// AsBasicDataConnector is the BasicDataConnector implementation for MCASDataConnector. -func (mdc MCASDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { - return &mdc, true -} - -// UnmarshalJSON is the custom unmarshaler for MCASDataConnector struct. -func (mdc *MCASDataConnector) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var mCASDataConnectorProperties MCASDataConnectorProperties - err = json.Unmarshal(*v, &mCASDataConnectorProperties) - if err != nil { - return err - } - mdc.MCASDataConnectorProperties = &mCASDataConnectorProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - mdc.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - mdc.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - mdc.Type = &typeVar - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - mdc.Etag = &etag - } - case "kind": - if v != nil { - var kind KindBasicDataConnector - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - mdc.Kind = kind - } - } - } - - return nil -} - -// MCASDataConnectorDataTypes the available data types for MCAS (Microsoft Cloud App Security) data -// connector. -type MCASDataConnectorDataTypes struct { - // DiscoveryLogs - Discovery log data type connection. - DiscoveryLogs *MCASDataConnectorDataTypesDiscoveryLogs `json:"discoveryLogs,omitempty"` - // Alerts - Alerts data type connection. - Alerts *AlertsDataTypeOfDataConnectorAlerts `json:"alerts,omitempty"` -} - -// MCASDataConnectorDataTypesDiscoveryLogs discovery log data type connection. -type MCASDataConnectorDataTypesDiscoveryLogs struct { - // State - Describe whether this data type connection is enabled or not. Possible values include: 'Enabled', 'Disabled' - State DataTypeState `json:"state,omitempty"` -} - -// MCASDataConnectorProperties MCAS (Microsoft Cloud App Security) data connector properties. -type MCASDataConnectorProperties struct { - // DataTypes - The available data types for the connector. - DataTypes *MCASDataConnectorDataTypes `json:"dataTypes,omitempty"` - // TenantID - The tenant id to connect to, and get the data from. - TenantID *string `json:"tenantId,omitempty"` -} - -// MDATPCheckRequirements MDATP (Microsoft Defender Advanced Threat Protection) requirements check -// properties. -type MDATPCheckRequirements struct { - // TenantID - The tenant id to connect to, and get the data from. - TenantID *string `json:"tenantId,omitempty"` -} - -// MDATPDataConnector represents MDATP (Microsoft Defender Advanced Threat Protection) data connector. -type MDATPDataConnector struct { - // MDATPDataConnectorProperties - MDATP (Microsoft Defender Advanced Threat Protection) data connector properties. - *MDATPDataConnectorProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindDataConnector', 'KindAzureActiveDirectory', 'KindAzureAdvancedThreatProtection', 'KindAzureSecurityCenter', 'KindAmazonWebServicesCloudTrail', 'KindMicrosoftCloudAppSecurity', 'KindMicrosoftDefenderAdvancedThreatProtection', 'KindOffice365', 'KindThreatIntelligence' - Kind KindBasicDataConnector `json:"kind,omitempty"` -} - -// MarshalJSON is the custom marshaler for MDATPDataConnector. -func (mdc MDATPDataConnector) MarshalJSON() ([]byte, error) { - mdc.Kind = KindMicrosoftDefenderAdvancedThreatProtection - objectMap := make(map[string]interface{}) - if mdc.MDATPDataConnectorProperties != nil { - objectMap["properties"] = mdc.MDATPDataConnectorProperties - } - if mdc.Etag != nil { - objectMap["etag"] = mdc.Etag - } - if mdc.Kind != "" { - objectMap["kind"] = mdc.Kind - } - return json.Marshal(objectMap) -} - -// AsAADDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { - return nil, false -} - -// AsAATPDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { - return nil, false -} - -// AsASCDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { - return nil, false -} - -// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { - return nil, false -} - -// AsMCASDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { - return nil, false -} - -// AsMDATPDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { - return &mdc, true -} - -// AsOfficeDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { - return nil, false -} - -// AsTIDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool) { - return nil, false -} - -// AsDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsDataConnector() (*DataConnector, bool) { - return nil, false -} - -// AsBasicDataConnector is the BasicDataConnector implementation for MDATPDataConnector. -func (mdc MDATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { - return &mdc, true -} - -// UnmarshalJSON is the custom unmarshaler for MDATPDataConnector struct. -func (mdc *MDATPDataConnector) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var mDATPDataConnectorProperties MDATPDataConnectorProperties - err = json.Unmarshal(*v, &mDATPDataConnectorProperties) - if err != nil { - return err - } - mdc.MDATPDataConnectorProperties = &mDATPDataConnectorProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - mdc.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - mdc.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - mdc.Type = &typeVar - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - mdc.Etag = &etag - } - case "kind": - if v != nil { - var kind KindBasicDataConnector - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - mdc.Kind = kind - } - } - } - - return nil -} - -// MDATPDataConnectorProperties MDATP (Microsoft Defender Advanced Threat Protection) data connector -// properties. -type MDATPDataConnectorProperties struct { - // TenantID - The tenant id to connect to, and get the data from. - TenantID *string `json:"tenantId,omitempty"` - // DataTypes - The available data types for the connector. - DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` -} - -// MicrosoftSecurityIncidentCreationAlertRule represents MicrosoftSecurityIncidentCreation rule. -type MicrosoftSecurityIncidentCreationAlertRule struct { - // MicrosoftSecurityIncidentCreationAlertRuleProperties - MicrosoftSecurityIncidentCreation rule properties - *MicrosoftSecurityIncidentCreationAlertRuleProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindAlertRule', 'KindFusion', 'KindMicrosoftSecurityIncidentCreation', 'KindScheduled' - Kind KindBasicAlertRule `json:"kind,omitempty"` -} - -// MarshalJSON is the custom marshaler for MicrosoftSecurityIncidentCreationAlertRule. -func (msicar MicrosoftSecurityIncidentCreationAlertRule) MarshalJSON() ([]byte, error) { - msicar.Kind = KindMicrosoftSecurityIncidentCreation - objectMap := make(map[string]interface{}) - if msicar.MicrosoftSecurityIncidentCreationAlertRuleProperties != nil { - objectMap["properties"] = msicar.MicrosoftSecurityIncidentCreationAlertRuleProperties - } - if msicar.Etag != nil { - objectMap["etag"] = msicar.Etag - } - if msicar.Kind != "" { - objectMap["kind"] = msicar.Kind - } - return json.Marshal(objectMap) -} - -// AsFusionAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. -func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool) { - return nil, false -} - -// AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. -func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool) { - return &msicar, true -} - -// AsScheduledAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. -func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool) { - return nil, false -} - -// AsAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. -func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsAlertRule() (*AlertRule, bool) { - return nil, false -} - -// AsBasicAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. -func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsBasicAlertRule() (BasicAlertRule, bool) { - return &msicar, true -} - -// UnmarshalJSON is the custom unmarshaler for MicrosoftSecurityIncidentCreationAlertRule struct. -func (msicar *MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var microsoftSecurityIncidentCreationAlertRuleProperties MicrosoftSecurityIncidentCreationAlertRuleProperties - err = json.Unmarshal(*v, µsoftSecurityIncidentCreationAlertRuleProperties) - if err != nil { - return err - } - msicar.MicrosoftSecurityIncidentCreationAlertRuleProperties = µsoftSecurityIncidentCreationAlertRuleProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - msicar.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - msicar.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - msicar.Type = &typeVar - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - msicar.Etag = &etag - } - case "kind": - if v != nil { - var kind KindBasicAlertRule - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - msicar.Kind = kind - } - } - } - - return nil -} - -// MicrosoftSecurityIncidentCreationAlertRuleCommonProperties microsoftSecurityIncidentCreation rule common -// property bag. -type MicrosoftSecurityIncidentCreationAlertRuleCommonProperties struct { - // DisplayNamesFilter - the alerts' displayNames on which the cases will be generated - DisplayNamesFilter *[]string `json:"displayNamesFilter,omitempty"` - // ProductFilter - The alerts' productName on which the cases will be generated. Possible values include: 'MicrosoftCloudAppSecurity', 'AzureSecurityCenter', 'AzureAdvancedThreatProtection', 'AzureActiveDirectoryIdentityProtection', 'AzureSecurityCenterforIoT' - ProductFilter MicrosoftSecurityProductName `json:"productFilter,omitempty"` - // SeveritiesFilter - the alerts' severities on which the cases will be generated - SeveritiesFilter *[]AlertSeverity `json:"severitiesFilter,omitempty"` -} - -// MicrosoftSecurityIncidentCreationAlertRuleProperties microsoftSecurityIncidentCreation rule property -// bag. -type MicrosoftSecurityIncidentCreationAlertRuleProperties struct { - // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. - AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` - // Description - The description of the alert rule. - Description *string `json:"description,omitempty"` - // DisplayName - The display name for alerts created by this alert rule. - DisplayName *string `json:"displayName,omitempty"` - // Enabled - Determines whether this alert rule is enabled or disabled. - Enabled *bool `json:"enabled,omitempty"` - // LastModifiedUtc - READ-ONLY; The last time that this alert has been modified. - LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` - // Tactics - The tactics of the alert rule - Tactics *[]AttackTactic `json:"tactics,omitempty"` - // DisplayNamesFilter - the alerts' displayNames on which the cases will be generated - DisplayNamesFilter *[]string `json:"displayNamesFilter,omitempty"` - // ProductFilter - The alerts' productName on which the cases will be generated. Possible values include: 'MicrosoftCloudAppSecurity', 'AzureSecurityCenter', 'AzureAdvancedThreatProtection', 'AzureActiveDirectoryIdentityProtection', 'AzureSecurityCenterforIoT' - ProductFilter MicrosoftSecurityProductName `json:"productFilter,omitempty"` - // SeveritiesFilter - the alerts' severities on which the cases will be generated - SeveritiesFilter *[]AlertSeverity `json:"severitiesFilter,omitempty"` -} - -// MicrosoftSecurityIncidentCreationAlertRuleTemplate represents MicrosoftSecurityIncidentCreation rule -// template. -type MicrosoftSecurityIncidentCreationAlertRuleTemplate struct { - // MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties - MicrosoftSecurityIncidentCreation rule template properties - *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled' - Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` -} - -// MarshalJSON is the custom marshaler for MicrosoftSecurityIncidentCreationAlertRuleTemplate. -func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) MarshalJSON() ([]byte, error) { - msicart.Kind = KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation - objectMap := make(map[string]interface{}) - if msicart.MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties != nil { - objectMap["properties"] = msicart.MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties - } - if msicart.Kind != "" { - objectMap["kind"] = msicart.Kind - } - return json.Marshal(objectMap) -} - -// AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. -func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool) { - return nil, false -} - -// AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. -func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool) { - return &msicart, true -} - -// AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. -func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool) { - return nil, false -} - -// AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. -func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) { - return nil, false -} - -// AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. -func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool) { - return &msicart, true -} - -// UnmarshalJSON is the custom unmarshaler for MicrosoftSecurityIncidentCreationAlertRuleTemplate struct. -func (msicart *MicrosoftSecurityIncidentCreationAlertRuleTemplate) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var microsoftSecurityIncidentCreationAlertRuleTemplateProperties MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties - err = json.Unmarshal(*v, µsoftSecurityIncidentCreationAlertRuleTemplateProperties) - if err != nil { - return err - } - msicart.MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties = µsoftSecurityIncidentCreationAlertRuleTemplateProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - msicart.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - msicart.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - msicart.Type = &typeVar - } - case "kind": - if v != nil { - var kind KindBasicAlertRuleTemplate - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - msicart.Kind = kind - } - } - } - - return nil -} - -// MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties microsoftSecurityIncidentCreation rule -// template properties -type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties struct { - // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template - AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` - // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. - CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` - // Description - The description of the alert rule template. - Description *string `json:"description,omitempty"` - // DisplayName - The display name for alert rule template. - DisplayName *string `json:"displayName,omitempty"` - // RequiredDataConnectors - The required data connectors for this template - RequiredDataConnectors *[]DataConnectorStatus `json:"requiredDataConnectors,omitempty"` - // Status - The alert rule template status. Possible values include: 'Installed', 'Available', 'NotAvailable' - Status TemplateStatus `json:"status,omitempty"` - // Tactics - The tactics of the alert rule template - Tactics *[]AttackTactic `json:"tactics,omitempty"` - // DisplayNamesFilter - the alerts' displayNames on which the cases will be generated - DisplayNamesFilter *[]string `json:"displayNamesFilter,omitempty"` - // ProductFilter - The alerts' productName on which the cases will be generated. Possible values include: 'MicrosoftCloudAppSecurity', 'AzureSecurityCenter', 'AzureAdvancedThreatProtection', 'AzureActiveDirectoryIdentityProtection', 'AzureSecurityCenterforIoT' - ProductFilter MicrosoftSecurityProductName `json:"productFilter,omitempty"` - // SeveritiesFilter - the alerts' severities on which the cases will be generated - SeveritiesFilter *[]AlertSeverity `json:"severitiesFilter,omitempty"` -} - -// OfficeConsent consent for Office365 tenant that already made. -type OfficeConsent struct { - autorest.Response `json:"-"` - // OfficeConsentProperties - Office consent properties - *OfficeConsentProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` -} - -// MarshalJSON is the custom marshaler for OfficeConsent. -func (oc OfficeConsent) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if oc.OfficeConsentProperties != nil { - objectMap["properties"] = oc.OfficeConsentProperties - } - return json.Marshal(objectMap) -} - -// UnmarshalJSON is the custom unmarshaler for OfficeConsent struct. -func (oc *OfficeConsent) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var officeConsentProperties OfficeConsentProperties - err = json.Unmarshal(*v, &officeConsentProperties) - if err != nil { - return err - } - oc.OfficeConsentProperties = &officeConsentProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - oc.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - oc.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - oc.Type = &typeVar - } - } - } - - return nil -} - -// OfficeConsentList list of all the office365 consents. -type OfficeConsentList struct { - autorest.Response `json:"-"` - // NextLink - READ-ONLY; URL to fetch the next set of office consents. - NextLink *string `json:"nextLink,omitempty"` - // Value - Array of the consents. - Value *[]OfficeConsent `json:"value,omitempty"` -} - -// OfficeConsentListIterator provides access to a complete listing of OfficeConsent values. -type OfficeConsentListIterator struct { - i int - page OfficeConsentListPage -} - -// NextWithContext advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -func (iter *OfficeConsentListIterator) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/OfficeConsentListIterator.NextWithContext") - defer func() { - sc := -1 - if iter.Response().Response.Response != nil { - sc = iter.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - iter.i++ - if iter.i < len(iter.page.Values()) { - return nil - } - err = iter.page.NextWithContext(ctx) - if err != nil { - iter.i-- - return err - } - iter.i = 0 - return nil -} - -// Next advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (iter *OfficeConsentListIterator) Next() error { - return iter.NextWithContext(context.Background()) -} - -// NotDone returns true if the enumeration should be started or is not yet complete. -func (iter OfficeConsentListIterator) NotDone() bool { - return iter.page.NotDone() && iter.i < len(iter.page.Values()) -} - -// Response returns the raw server response from the last page request. -func (iter OfficeConsentListIterator) Response() OfficeConsentList { - return iter.page.Response() -} - -// Value returns the current value or a zero-initialized value if the -// iterator has advanced beyond the end of the collection. -func (iter OfficeConsentListIterator) Value() OfficeConsent { - if !iter.page.NotDone() { - return OfficeConsent{} - } - return iter.page.Values()[iter.i] -} - -// Creates a new instance of the OfficeConsentListIterator type. -func NewOfficeConsentListIterator(page OfficeConsentListPage) OfficeConsentListIterator { - return OfficeConsentListIterator{page: page} -} - -// IsEmpty returns true if the ListResult contains no values. -func (ocl OfficeConsentList) IsEmpty() bool { - return ocl.Value == nil || len(*ocl.Value) == 0 -} - -// officeConsentListPreparer prepares a request to retrieve the next set of results. -// It returns nil if no more results exist. -func (ocl OfficeConsentList) officeConsentListPreparer(ctx context.Context) (*http.Request, error) { - if ocl.NextLink == nil || len(to.String(ocl.NextLink)) < 1 { - return nil, nil - } - return autorest.Prepare((&http.Request{}).WithContext(ctx), - autorest.AsJSON(), - autorest.AsGet(), - autorest.WithBaseURL(to.String(ocl.NextLink))) -} - -// OfficeConsentListPage contains a page of OfficeConsent values. -type OfficeConsentListPage struct { - fn func(context.Context, OfficeConsentList) (OfficeConsentList, error) - ocl OfficeConsentList -} - -// NextWithContext advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -func (page *OfficeConsentListPage) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/OfficeConsentListPage.NextWithContext") - defer func() { - sc := -1 - if page.Response().Response.Response != nil { - sc = page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - next, err := page.fn(ctx, page.ocl) - if err != nil { - return err - } - page.ocl = next - return nil -} - -// Next advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (page *OfficeConsentListPage) Next() error { - return page.NextWithContext(context.Background()) -} - -// NotDone returns true if the page enumeration should be started or is not yet complete. -func (page OfficeConsentListPage) NotDone() bool { - return !page.ocl.IsEmpty() -} - -// Response returns the raw server response from the last page request. -func (page OfficeConsentListPage) Response() OfficeConsentList { - return page.ocl -} - -// Values returns the slice of values for the current page or nil if there are no values. -func (page OfficeConsentListPage) Values() []OfficeConsent { - if page.ocl.IsEmpty() { - return nil - } - return *page.ocl.Value -} - -// Creates a new instance of the OfficeConsentListPage type. -func NewOfficeConsentListPage(getNextPage func(context.Context, OfficeConsentList) (OfficeConsentList, error)) OfficeConsentListPage { - return OfficeConsentListPage{fn: getNextPage} -} - -// OfficeConsentProperties consent property bag. -type OfficeConsentProperties struct { - // TenantID - The tenantId of the Office365 with the consent. - TenantID *string `json:"tenantId,omitempty"` - // TenantName - READ-ONLY; The tenant name of the Office365 with the consent. - TenantName *string `json:"tenantName,omitempty"` -} - -// OfficeDataConnector represents office data connector. -type OfficeDataConnector struct { - // OfficeDataConnectorProperties - Office data connector properties. - *OfficeDataConnectorProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindDataConnector', 'KindAzureActiveDirectory', 'KindAzureAdvancedThreatProtection', 'KindAzureSecurityCenter', 'KindAmazonWebServicesCloudTrail', 'KindMicrosoftCloudAppSecurity', 'KindMicrosoftDefenderAdvancedThreatProtection', 'KindOffice365', 'KindThreatIntelligence' - Kind KindBasicDataConnector `json:"kind,omitempty"` -} - -// MarshalJSON is the custom marshaler for OfficeDataConnector. -func (odc OfficeDataConnector) MarshalJSON() ([]byte, error) { - odc.Kind = KindOffice365 - objectMap := make(map[string]interface{}) - if odc.OfficeDataConnectorProperties != nil { - objectMap["properties"] = odc.OfficeDataConnectorProperties - } - if odc.Etag != nil { - objectMap["etag"] = odc.Etag - } - if odc.Kind != "" { - objectMap["kind"] = odc.Kind - } - return json.Marshal(objectMap) -} - -// AsAADDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { - return nil, false -} - -// AsAATPDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { - return nil, false -} - -// AsASCDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { - return nil, false -} - -// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { - return nil, false -} - -// AsMCASDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { - return nil, false -} - -// AsMDATPDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { - return nil, false -} - -// AsOfficeDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { - return &odc, true -} - -// AsTIDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsTIDataConnector() (*TIDataConnector, bool) { - return nil, false -} - -// AsDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsDataConnector() (*DataConnector, bool) { - return nil, false -} - -// AsBasicDataConnector is the BasicDataConnector implementation for OfficeDataConnector. -func (odc OfficeDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { - return &odc, true -} - -// UnmarshalJSON is the custom unmarshaler for OfficeDataConnector struct. -func (odc *OfficeDataConnector) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var officeDataConnectorProperties OfficeDataConnectorProperties - err = json.Unmarshal(*v, &officeDataConnectorProperties) - if err != nil { - return err - } - odc.OfficeDataConnectorProperties = &officeDataConnectorProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - odc.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - odc.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - odc.Type = &typeVar - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - odc.Etag = &etag - } - case "kind": - if v != nil { - var kind KindBasicDataConnector - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - odc.Kind = kind - } - } - } - - return nil -} - -// OfficeDataConnectorDataTypes the available data types for office data connector. -type OfficeDataConnectorDataTypes struct { - // Exchange - Exchange data type connection. - Exchange *OfficeDataConnectorDataTypesExchange `json:"exchange,omitempty"` - // SharePoint - SharePoint data type connection. - SharePoint *OfficeDataConnectorDataTypesSharePoint `json:"sharePoint,omitempty"` -} - -// OfficeDataConnectorDataTypesExchange exchange data type connection. -type OfficeDataConnectorDataTypesExchange struct { - // State - Describe whether this data type connection is enabled or not. Possible values include: 'Enabled', 'Disabled' - State DataTypeState `json:"state,omitempty"` -} - -// OfficeDataConnectorDataTypesSharePoint sharePoint data type connection. -type OfficeDataConnectorDataTypesSharePoint struct { - // State - Describe whether this data type connection is enabled or not. Possible values include: 'Enabled', 'Disabled' - State DataTypeState `json:"state,omitempty"` -} - -// OfficeDataConnectorProperties office data connector properties. -type OfficeDataConnectorProperties struct { - // DataTypes - The available data types for the connector. - DataTypes *OfficeDataConnectorDataTypes `json:"dataTypes,omitempty"` - // TenantID - The tenant id to connect to, and get the data from. - TenantID *string `json:"tenantId,omitempty"` -} - -// Operation operation provided by provider -type Operation struct { - // Display - Properties of the operation - Display *OperationDisplay `json:"display,omitempty"` - // Name - Name of the operation - Name *string `json:"name,omitempty"` -} - -// OperationDisplay properties of the operation -type OperationDisplay struct { - // Description - Description of the operation +// FusionAlertRuleTemplateProperties fusion alert rule template properties +type FusionAlertRuleTemplateProperties struct { + // Severity - The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', 'Low', 'Informational' + Severity AlertSeverity `json:"severity,omitempty"` + // Tactics - The tactics of the alert rule template + Tactics *[]AttackTactic `json:"tactics,omitempty"` + // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template + AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` + // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. + CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` + // Description - The description of the alert rule template. Description *string `json:"description,omitempty"` - // Operation - Operation name - Operation *string `json:"operation,omitempty"` - // Provider - Provider name - Provider *string `json:"provider,omitempty"` - // Resource - Resource name - Resource *string `json:"resource,omitempty"` -} - -// OperationsList lists the operations available in the SecurityInsights RP. -type OperationsList struct { - autorest.Response `json:"-"` - // NextLink - URL to fetch the next set of operations. - NextLink *string `json:"nextLink,omitempty"` - // Value - Array of operations - Value *[]Operation `json:"value,omitempty"` -} - -// OperationsListIterator provides access to a complete listing of Operation values. -type OperationsListIterator struct { - i int - page OperationsListPage -} - -// NextWithContext advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -func (iter *OperationsListIterator) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/OperationsListIterator.NextWithContext") - defer func() { - sc := -1 - if iter.Response().Response.Response != nil { - sc = iter.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - iter.i++ - if iter.i < len(iter.page.Values()) { - return nil - } - err = iter.page.NextWithContext(ctx) - if err != nil { - iter.i-- - return err - } - iter.i = 0 - return nil -} - -// Next advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (iter *OperationsListIterator) Next() error { - return iter.NextWithContext(context.Background()) -} - -// NotDone returns true if the enumeration should be started or is not yet complete. -func (iter OperationsListIterator) NotDone() bool { - return iter.page.NotDone() && iter.i < len(iter.page.Values()) -} - -// Response returns the raw server response from the last page request. -func (iter OperationsListIterator) Response() OperationsList { - return iter.page.Response() -} - -// Value returns the current value or a zero-initialized value if the -// iterator has advanced beyond the end of the collection. -func (iter OperationsListIterator) Value() Operation { - if !iter.page.NotDone() { - return Operation{} - } - return iter.page.Values()[iter.i] -} - -// Creates a new instance of the OperationsListIterator type. -func NewOperationsListIterator(page OperationsListPage) OperationsListIterator { - return OperationsListIterator{page: page} -} - -// IsEmpty returns true if the ListResult contains no values. -func (ol OperationsList) IsEmpty() bool { - return ol.Value == nil || len(*ol.Value) == 0 -} - -// operationsListPreparer prepares a request to retrieve the next set of results. -// It returns nil if no more results exist. -func (ol OperationsList) operationsListPreparer(ctx context.Context) (*http.Request, error) { - if ol.NextLink == nil || len(to.String(ol.NextLink)) < 1 { - return nil, nil - } - return autorest.Prepare((&http.Request{}).WithContext(ctx), - autorest.AsJSON(), - autorest.AsGet(), - autorest.WithBaseURL(to.String(ol.NextLink))) -} - -// OperationsListPage contains a page of Operation values. -type OperationsListPage struct { - fn func(context.Context, OperationsList) (OperationsList, error) - ol OperationsList -} - -// NextWithContext advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -func (page *OperationsListPage) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/OperationsListPage.NextWithContext") - defer func() { - sc := -1 - if page.Response().Response.Response != nil { - sc = page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - next, err := page.fn(ctx, page.ol) - if err != nil { - return err - } - page.ol = next - return nil -} - -// Next advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (page *OperationsListPage) Next() error { - return page.NextWithContext(context.Background()) -} - -// NotDone returns true if the page enumeration should be started or is not yet complete. -func (page OperationsListPage) NotDone() bool { - return !page.ol.IsEmpty() -} - -// Response returns the raw server response from the last page request. -func (page OperationsListPage) Response() OperationsList { - return page.ol -} - -// Values returns the slice of values for the current page or nil if there are no values. -func (page OperationsListPage) Values() []Operation { - if page.ol.IsEmpty() { - return nil - } - return *page.ol.Value + // DisplayName - The display name for alert rule template. + DisplayName *string `json:"displayName,omitempty"` + // RequiredDataConnectors - The required data connectors for this template + RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` + // Status - The alert rule template status. Possible values include: 'Installed', 'Available', 'NotAvailable' + Status TemplateStatus `json:"status,omitempty"` } -// Creates a new instance of the OperationsListPage type. -func NewOperationsListPage(getNextPage func(context.Context, OperationsList) (OperationsList, error)) OperationsListPage { - return OperationsListPage{fn: getNextPage} +// IncidentInfo describes related incident information for the bookmark +type IncidentInfo struct { + // IncidentID - Incident Id + IncidentID *string `json:"incidentId,omitempty"` + // Severity - The severity of the incident. Possible values include: 'IncidentSeverityCritical', 'IncidentSeverityHigh', 'IncidentSeverityMedium', 'IncidentSeverityLow', 'IncidentSeverityInformational' + Severity IncidentSeverity `json:"severity,omitempty"` + // Title - The title of the incident + Title *string `json:"title,omitempty"` + // RelationName - Relation Name + RelationName *string `json:"relationName,omitempty"` } -// ProcessEntity represents a process entity. -type ProcessEntity struct { - // ProcessEntityProperties - Process entity properties - *ProcessEntityProperties `json:"properties,omitempty"` +// MCASDataConnector represents MCAS (Microsoft Cloud App Security) data connector. +type MCASDataConnector struct { + // MCASDataConnectorProperties - MCAS (Microsoft Cloud App Security) data connector properties. + *MCASDataConnectorProperties `json:"properties,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindAzureResource', 'KindCloudApplication', 'KindDNSResolution', 'KindFile', 'KindFileHash', 'KindHost', 'KindIP', 'KindMalware', 'KindProcess', 'KindRegistryKey', 'KindRegistryValue', 'KindSecurityAlert', 'KindSecurityGroup', 'KindURL', 'KindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // Kind - Possible values include: 'KindDataConnector', 'KindAzureActiveDirectory', 'KindAzureAdvancedThreatProtection', 'KindAzureSecurityCenter', 'KindAmazonWebServicesCloudTrail', 'KindMicrosoftCloudAppSecurity', 'KindMicrosoftDefenderAdvancedThreatProtection', 'KindOffice365', 'KindThreatIntelligence' + Kind KindBasicDataConnector `json:"kind,omitempty"` } -// MarshalJSON is the custom marshaler for ProcessEntity. -func (peVar ProcessEntity) MarshalJSON() ([]byte, error) { - peVar.Kind = KindProcess +// MarshalJSON is the custom marshaler for MCASDataConnector. +func (mdc MCASDataConnector) MarshalJSON() ([]byte, error) { + mdc.Kind = KindMicrosoftCloudAppSecurity objectMap := make(map[string]interface{}) - if peVar.ProcessEntityProperties != nil { - objectMap["properties"] = peVar.ProcessEntityProperties + if mdc.MCASDataConnectorProperties != nil { + objectMap["properties"] = mdc.MCASDataConnectorProperties + } + if mdc.Etag != nil { + objectMap["etag"] = mdc.Etag } - if peVar.Kind != "" { - objectMap["kind"] = peVar.Kind + if mdc.Kind != "" { + objectMap["kind"] = mdc.Kind } return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false -} - -// AsAzureResourceEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false -} - -// AsCloudApplicationEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false -} - -// AsDNSEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsDNSEntity() (*DNSEntity, bool) { - return nil, false -} - -// AsFileEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsFileEntity() (*FileEntity, bool) { - return nil, false -} - -// AsFileHashEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsFileHashEntity() (*FileHashEntity, bool) { - return nil, false -} - -// AsHostEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsHostEntity() (*HostEntity, bool) { - return nil, false -} - -// AsIPEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsIPEntity() (*IPEntity, bool) { +// AsAADDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { return nil, false } -// AsMalwareEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsMalwareEntity() (*MalwareEntity, bool) { +// AsAATPDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { return nil, false } -// AsProcessEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsProcessEntity() (*ProcessEntity, bool) { - return &peVar, true -} - -// AsRegistryKeyEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { +// AsASCDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { return nil, false } -// AsRegistryValueEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { +// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { return nil, false } -// AsSecurityAlert is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsSecurityAlert() (*SecurityAlert, bool) { - return nil, false +// AsMCASDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { + return &mdc, true } -// AsSecurityGroupEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { +// AsMDATPDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { return nil, false } -// AsURLEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsURLEntity() (*URLEntity, bool) { +// AsOfficeDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { +// AsTIDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsTIDataConnector() (*TIDataConnector, bool) { return nil, false } -// AsEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsEntity() (*Entity, bool) { +// AsDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsDataConnector() (*DataConnector, bool) { return nil, false } -// AsBasicEntity is the BasicEntity implementation for ProcessEntity. -func (peVar ProcessEntity) AsBasicEntity() (BasicEntity, bool) { - return &peVar, true +// AsBasicDataConnector is the BasicDataConnector implementation for MCASDataConnector. +func (mdc MCASDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { + return &mdc, true } -// UnmarshalJSON is the custom unmarshaler for ProcessEntity struct. -func (peVar *ProcessEntity) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for MCASDataConnector struct. +func (mdc *MCASDataConnector) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -8916,12 +2587,12 @@ func (peVar *ProcessEntity) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var processEntityProperties ProcessEntityProperties - err = json.Unmarshal(*v, &processEntityProperties) + var mCASDataConnectorProperties MCASDataConnectorProperties + err = json.Unmarshal(*v, &mCASDataConnectorProperties) if err != nil { return err } - peVar.ProcessEntityProperties = &processEntityProperties + mdc.MCASDataConnectorProperties = &mCASDataConnectorProperties } case "id": if v != nil { @@ -8930,7 +2601,7 @@ func (peVar *ProcessEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - peVar.ID = &ID + mdc.ID = &ID } case "name": if v != nil { @@ -8939,7 +2610,7 @@ func (peVar *ProcessEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - peVar.Name = &name + mdc.Name = &name } case "type": if v != nil { @@ -8948,16 +2619,25 @@ func (peVar *ProcessEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - peVar.Type = &typeVar + mdc.Type = &typeVar + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + mdc.Etag = &etag } case "kind": if v != nil { - var kind KindBasicEntity + var kind KindBasicDataConnector err = json.Unmarshal(*v, &kind) if err != nil { return err } - peVar.Kind = kind + mdc.Kind = kind } } } @@ -8965,160 +2645,113 @@ func (peVar *ProcessEntity) UnmarshalJSON(body []byte) error { return nil } -// ProcessEntityProperties process entity property bag. -type ProcessEntityProperties struct { - // AccountEntityID - READ-ONLY; The account entity id running the processes. - AccountEntityID *string `json:"accountEntityId,omitempty"` - // CommandLine - READ-ONLY; The command line used to create the process - CommandLine *string `json:"commandLine,omitempty"` - // CreationTimeUtc - READ-ONLY; The time when the process started to run - CreationTimeUtc *date.Time `json:"creationTimeUtc,omitempty"` - // ElevationToken - The elevation token associated with the process. Possible values include: 'Default', 'Full', 'Limited' - ElevationToken ElevationToken `json:"elevationToken,omitempty"` - // HostEntityID - READ-ONLY; The host entity id on which the process was running - HostEntityID *string `json:"hostEntityId,omitempty"` - // HostLogonSessionEntityID - READ-ONLY; The session entity id in which the process was running - HostLogonSessionEntityID *string `json:"hostLogonSessionEntityId,omitempty"` - // ImageFileEntityID - READ-ONLY; Image file entity id - ImageFileEntityID *string `json:"imageFileEntityId,omitempty"` - // ParentProcessEntityID - READ-ONLY; The parent process entity id. - ParentProcessEntityID *string `json:"parentProcessEntityId,omitempty"` - // ProcessID - READ-ONLY; The process ID - ProcessID *string `json:"processId,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` -} - -// MarshalJSON is the custom marshaler for ProcessEntityProperties. -func (pep ProcessEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if pep.ElevationToken != "" { - objectMap["elevationToken"] = pep.ElevationToken - } - return json.Marshal(objectMap) +// MCASDataConnectorDataTypes the available data types for MCAS (Microsoft Cloud App Security) data +// connector. +type MCASDataConnectorDataTypes struct { + // DiscoveryLogs - Discovery log data type connection. + DiscoveryLogs *MCASDataConnectorDataTypesDiscoveryLogs `json:"discoveryLogs,omitempty"` + // Alerts - Alerts data type connection. + Alerts *AlertsDataTypeOfDataConnectorAlerts `json:"alerts,omitempty"` +} + +// MCASDataConnectorDataTypesDiscoveryLogs discovery log data type connection. +type MCASDataConnectorDataTypesDiscoveryLogs struct { + // State - Describe whether this data type connection is enabled or not. Possible values include: 'Enabled', 'Disabled' + State DataTypeState `json:"state,omitempty"` +} + +// MCASDataConnectorProperties MCAS (Microsoft Cloud App Security) data connector properties. +type MCASDataConnectorProperties struct { + // DataTypes - The available data types for the connector. + DataTypes *MCASDataConnectorDataTypes `json:"dataTypes,omitempty"` + // TenantID - The tenant id to connect to, and get the data from. + TenantID *string `json:"tenantId,omitempty"` } -// RegistryKeyEntity represents a registry key entity. -type RegistryKeyEntity struct { - // RegistryKeyEntityProperties - RegistryKey entity properties - *RegistryKeyEntityProperties `json:"properties,omitempty"` +// MDATPDataConnector represents MDATP (Microsoft Defender Advanced Threat Protection) data connector. +type MDATPDataConnector struct { + // MDATPDataConnectorProperties - MDATP (Microsoft Defender Advanced Threat Protection) data connector properties. + *MDATPDataConnectorProperties `json:"properties,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindAzureResource', 'KindCloudApplication', 'KindDNSResolution', 'KindFile', 'KindFileHash', 'KindHost', 'KindIP', 'KindMalware', 'KindProcess', 'KindRegistryKey', 'KindRegistryValue', 'KindSecurityAlert', 'KindSecurityGroup', 'KindURL', 'KindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // Kind - Possible values include: 'KindDataConnector', 'KindAzureActiveDirectory', 'KindAzureAdvancedThreatProtection', 'KindAzureSecurityCenter', 'KindAmazonWebServicesCloudTrail', 'KindMicrosoftCloudAppSecurity', 'KindMicrosoftDefenderAdvancedThreatProtection', 'KindOffice365', 'KindThreatIntelligence' + Kind KindBasicDataConnector `json:"kind,omitempty"` } -// MarshalJSON is the custom marshaler for RegistryKeyEntity. -func (rke RegistryKeyEntity) MarshalJSON() ([]byte, error) { - rke.Kind = KindRegistryKey +// MarshalJSON is the custom marshaler for MDATPDataConnector. +func (mdc MDATPDataConnector) MarshalJSON() ([]byte, error) { + mdc.Kind = KindMicrosoftDefenderAdvancedThreatProtection objectMap := make(map[string]interface{}) - if rke.RegistryKeyEntityProperties != nil { - objectMap["properties"] = rke.RegistryKeyEntityProperties + if mdc.MDATPDataConnectorProperties != nil { + objectMap["properties"] = mdc.MDATPDataConnectorProperties } - if rke.Kind != "" { - objectMap["kind"] = rke.Kind + if mdc.Etag != nil { + objectMap["etag"] = mdc.Etag + } + if mdc.Kind != "" { + objectMap["kind"] = mdc.Kind } return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false -} - -// AsAzureResourceEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false -} - -// AsCloudApplicationEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false -} - -// AsDNSEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsDNSEntity() (*DNSEntity, bool) { - return nil, false -} - -// AsFileEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsFileEntity() (*FileEntity, bool) { - return nil, false -} - -// AsFileHashEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsFileHashEntity() (*FileHashEntity, bool) { - return nil, false -} - -// AsHostEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsHostEntity() (*HostEntity, bool) { - return nil, false -} - -// AsIPEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsIPEntity() (*IPEntity, bool) { +// AsAADDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { return nil, false } -// AsMalwareEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsMalwareEntity() (*MalwareEntity, bool) { +// AsAATPDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { return nil, false } -// AsProcessEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsProcessEntity() (*ProcessEntity, bool) { +// AsASCDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { return nil, false } -// AsRegistryKeyEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return &rke, true -} - -// AsRegistryValueEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { +// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { return nil, false } -// AsSecurityAlert is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsSecurityAlert() (*SecurityAlert, bool) { +// AsMCASDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { return nil, false } -// AsSecurityGroupEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { - return nil, false +// AsMDATPDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { + return &mdc, true } -// AsURLEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsURLEntity() (*URLEntity, bool) { +// AsOfficeDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { +// AsTIDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsTIDataConnector() (*TIDataConnector, bool) { return nil, false } -// AsEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsEntity() (*Entity, bool) { +// AsDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsDataConnector() (*DataConnector, bool) { return nil, false } -// AsBasicEntity is the BasicEntity implementation for RegistryKeyEntity. -func (rke RegistryKeyEntity) AsBasicEntity() (BasicEntity, bool) { - return &rke, true +// AsBasicDataConnector is the BasicDataConnector implementation for MDATPDataConnector. +func (mdc MDATPDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { + return &mdc, true } -// UnmarshalJSON is the custom unmarshaler for RegistryKeyEntity struct. -func (rke *RegistryKeyEntity) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for MDATPDataConnector struct. +func (mdc *MDATPDataConnector) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -9128,12 +2761,12 @@ func (rke *RegistryKeyEntity) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var registryKeyEntityProperties RegistryKeyEntityProperties - err = json.Unmarshal(*v, ®istryKeyEntityProperties) + var mDATPDataConnectorProperties MDATPDataConnectorProperties + err = json.Unmarshal(*v, &mDATPDataConnectorProperties) if err != nil { return err } - rke.RegistryKeyEntityProperties = ®istryKeyEntityProperties + mdc.MDATPDataConnectorProperties = &mDATPDataConnectorProperties } case "id": if v != nil { @@ -9142,7 +2775,7 @@ func (rke *RegistryKeyEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - rke.ID = &ID + mdc.ID = &ID } case "name": if v != nil { @@ -9151,7 +2784,7 @@ func (rke *RegistryKeyEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - rke.Name = &name + mdc.Name = &name } case "type": if v != nil { @@ -9160,16 +2793,25 @@ func (rke *RegistryKeyEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - rke.Type = &typeVar + mdc.Type = &typeVar + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + mdc.Etag = &etag } case "kind": if v != nil { - var kind KindBasicEntity + var kind KindBasicDataConnector err = json.Unmarshal(*v, &kind) if err != nil { return err } - rke.Kind = kind + mdc.Kind = kind } } } @@ -9177,143 +2819,74 @@ func (rke *RegistryKeyEntity) UnmarshalJSON(body []byte) error { return nil } -// RegistryKeyEntityProperties registryKey entity property bag. -type RegistryKeyEntityProperties struct { - // Hive - READ-ONLY; the hive that holds the registry key. Possible values include: 'HKEYLOCALMACHINE', 'HKEYCLASSESROOT', 'HKEYCURRENTCONFIG', 'HKEYUSERS', 'HKEYCURRENTUSERLOCALSETTINGS', 'HKEYPERFORMANCEDATA', 'HKEYPERFORMANCENLSTEXT', 'HKEYPERFORMANCETEXT', 'HKEYA', 'HKEYCURRENTUSER' - Hive RegistryHive `json:"hive,omitempty"` - // Key - READ-ONLY; The registry key path. - Key *string `json:"key,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` -} - -// MarshalJSON is the custom marshaler for RegistryKeyEntityProperties. -func (rkep RegistryKeyEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) +// MDATPDataConnectorProperties MDATP (Microsoft Defender Advanced Threat Protection) data connector +// properties. +type MDATPDataConnectorProperties struct { + // TenantID - The tenant id to connect to, and get the data from. + TenantID *string `json:"tenantId,omitempty"` + // DataTypes - The available data types for the connector. + DataTypes *AlertsDataTypeOfDataConnector `json:"dataTypes,omitempty"` } -// RegistryValueEntity represents a registry value entity. -type RegistryValueEntity struct { - // RegistryValueEntityProperties - RegistryKey entity properties - *RegistryValueEntityProperties `json:"properties,omitempty"` +// MicrosoftSecurityIncidentCreationAlertRule represents MicrosoftSecurityIncidentCreation rule. +type MicrosoftSecurityIncidentCreationAlertRule struct { + // MicrosoftSecurityIncidentCreationAlertRuleProperties - MicrosoftSecurityIncidentCreation rule properties + *MicrosoftSecurityIncidentCreationAlertRuleProperties `json:"properties,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindAzureResource', 'KindCloudApplication', 'KindDNSResolution', 'KindFile', 'KindFileHash', 'KindHost', 'KindIP', 'KindMalware', 'KindProcess', 'KindRegistryKey', 'KindRegistryValue', 'KindSecurityAlert', 'KindSecurityGroup', 'KindURL', 'KindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // Kind - Possible values include: 'KindAlertRule', 'KindFusion', 'KindMicrosoftSecurityIncidentCreation', 'KindScheduled' + Kind Kind `json:"kind,omitempty"` } -// MarshalJSON is the custom marshaler for RegistryValueEntity. -func (rve RegistryValueEntity) MarshalJSON() ([]byte, error) { - rve.Kind = KindRegistryValue +// MarshalJSON is the custom marshaler for MicrosoftSecurityIncidentCreationAlertRule. +func (msicar MicrosoftSecurityIncidentCreationAlertRule) MarshalJSON() ([]byte, error) { + msicar.Kind = KindMicrosoftSecurityIncidentCreation objectMap := make(map[string]interface{}) - if rve.RegistryValueEntityProperties != nil { - objectMap["properties"] = rve.RegistryValueEntityProperties + if msicar.MicrosoftSecurityIncidentCreationAlertRuleProperties != nil { + objectMap["properties"] = msicar.MicrosoftSecurityIncidentCreationAlertRuleProperties + } + if msicar.Etag != nil { + objectMap["etag"] = msicar.Etag } - if rve.Kind != "" { - objectMap["kind"] = rve.Kind + if msicar.Kind != "" { + objectMap["kind"] = msicar.Kind } return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false -} - -// AsAzureResourceEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false -} - -// AsCloudApplicationEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false -} - -// AsDNSEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsDNSEntity() (*DNSEntity, bool) { - return nil, false -} - -// AsFileEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsFileEntity() (*FileEntity, bool) { - return nil, false -} - -// AsFileHashEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsFileHashEntity() (*FileHashEntity, bool) { - return nil, false -} - -// AsHostEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsHostEntity() (*HostEntity, bool) { - return nil, false -} - -// AsIPEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsIPEntity() (*IPEntity, bool) { - return nil, false -} - -// AsMalwareEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsMalwareEntity() (*MalwareEntity, bool) { - return nil, false -} - -// AsProcessEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsProcessEntity() (*ProcessEntity, bool) { - return nil, false -} - -// AsRegistryKeyEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return nil, false -} - -// AsRegistryValueEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { - return &rve, true -} - -// AsSecurityAlert is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsSecurityAlert() (*SecurityAlert, bool) { - return nil, false -} - -// AsSecurityGroupEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { +// AsFusionAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. +func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool) { return nil, false } -// AsURLEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsURLEntity() (*URLEntity, bool) { - return nil, false +// AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. +func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool) { + return &msicar, true } -// AsIoTDeviceEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { +// AsScheduledAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. +func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool) { return nil, false } -// AsEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsEntity() (*Entity, bool) { +// AsAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. +func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsAlertRule() (*AlertRule, bool) { return nil, false } -// AsBasicEntity is the BasicEntity implementation for RegistryValueEntity. -func (rve RegistryValueEntity) AsBasicEntity() (BasicEntity, bool) { - return &rve, true +// AsBasicAlertRule is the BasicAlertRule implementation for MicrosoftSecurityIncidentCreationAlertRule. +func (msicar MicrosoftSecurityIncidentCreationAlertRule) AsBasicAlertRule() (BasicAlertRule, bool) { + return &msicar, true } -// UnmarshalJSON is the custom unmarshaler for RegistryValueEntity struct. -func (rve *RegistryValueEntity) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for MicrosoftSecurityIncidentCreationAlertRule struct. +func (msicar *MicrosoftSecurityIncidentCreationAlertRule) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -9323,12 +2896,12 @@ func (rve *RegistryValueEntity) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var registryValueEntityProperties RegistryValueEntityProperties - err = json.Unmarshal(*v, ®istryValueEntityProperties) + var microsoftSecurityIncidentCreationAlertRuleProperties MicrosoftSecurityIncidentCreationAlertRuleProperties + err = json.Unmarshal(*v, µsoftSecurityIncidentCreationAlertRuleProperties) if err != nil { return err } - rve.RegistryValueEntityProperties = ®istryValueEntityProperties + msicar.MicrosoftSecurityIncidentCreationAlertRuleProperties = µsoftSecurityIncidentCreationAlertRuleProperties } case "id": if v != nil { @@ -9337,7 +2910,7 @@ func (rve *RegistryValueEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - rve.ID = &ID + msicar.ID = &ID } case "name": if v != nil { @@ -9346,7 +2919,7 @@ func (rve *RegistryValueEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - rve.Name = &name + msicar.Name = &name } case "type": if v != nil { @@ -9355,16 +2928,25 @@ func (rve *RegistryValueEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - rve.Type = &typeVar + msicar.Type = &typeVar + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + msicar.Etag = &etag } case "kind": if v != nil { - var kind KindBasicEntity + var kind Kind err = json.Unmarshal(*v, &kind) if err != nil { return err } - rve.Kind = kind + msicar.Kind = kind } } } @@ -9372,99 +2954,93 @@ func (rve *RegistryValueEntity) UnmarshalJSON(body []byte) error { return nil } -// RegistryValueEntityProperties registryValue entity property bag. -type RegistryValueEntityProperties struct { - // KeyEntityID - READ-ONLY; The registry key entity id. - KeyEntityID *string `json:"keyEntityId,omitempty"` - // ValueData - READ-ONLY; String formatted representation of the value data. - ValueData *string `json:"valueData,omitempty"` - // ValueName - READ-ONLY; The registry value name. - ValueName *string `json:"valueName,omitempty"` - // ValueType - READ-ONLY; Specifies the data types to use when storing values in the registry, or identifies the data type of a value in the registry. Possible values include: 'RegistryValueKindNone', 'RegistryValueKindUnknown', 'RegistryValueKindString', 'RegistryValueKindExpandString', 'RegistryValueKindBinary', 'RegistryValueKindDWord', 'RegistryValueKindMultiString', 'RegistryValueKindQWord' - ValueType RegistryValueKind `json:"valueType,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` -} - -// MarshalJSON is the custom marshaler for RegistryValueEntityProperties. -func (rvep RegistryValueEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) +// MicrosoftSecurityIncidentCreationAlertRuleCommonProperties microsoftSecurityIncidentCreation rule common +// property bag. +type MicrosoftSecurityIncidentCreationAlertRuleCommonProperties struct { + // DisplayNamesFilter - the alerts' displayNames on which the cases will be generated + DisplayNamesFilter *[]string `json:"displayNamesFilter,omitempty"` + // ProductFilter - The alerts' productName on which the cases will be generated. Possible values include: 'MicrosoftCloudAppSecurity', 'AzureSecurityCenter', 'AzureAdvancedThreatProtection', 'AzureActiveDirectoryIdentityProtection', 'AzureSecurityCenterforIoT' + ProductFilter MicrosoftSecurityProductName `json:"productFilter,omitempty"` + // SeveritiesFilter - the alerts' severities on which the cases will be generated + SeveritiesFilter *[]AlertSeverity `json:"severitiesFilter,omitempty"` } -// RelationBase represents a relation -type RelationBase struct { - // Kind - READ-ONLY; The type of relation node. Possible values include: 'CasesToBookmarks' - Kind RelationTypes `json:"kind,omitempty"` - // Etag - ETag for relation - Etag *string `json:"etag,omitempty"` +// MicrosoftSecurityIncidentCreationAlertRuleProperties microsoftSecurityIncidentCreation rule property +// bag. +type MicrosoftSecurityIncidentCreationAlertRuleProperties struct { + // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. + AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` + // Description - The description of the alert rule. + Description *string `json:"description,omitempty"` + // DisplayName - The display name for alerts created by this alert rule. + DisplayName *string `json:"displayName,omitempty"` + // Enabled - Determines whether this alert rule is enabled or disabled. + Enabled *bool `json:"enabled,omitempty"` + // LastModifiedUtc - READ-ONLY; The last time that this alert has been modified. + LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` + // DisplayNamesFilter - the alerts' displayNames on which the cases will be generated + DisplayNamesFilter *[]string `json:"displayNamesFilter,omitempty"` + // ProductFilter - The alerts' productName on which the cases will be generated. Possible values include: 'MicrosoftCloudAppSecurity', 'AzureSecurityCenter', 'AzureAdvancedThreatProtection', 'AzureActiveDirectoryIdentityProtection', 'AzureSecurityCenterforIoT' + ProductFilter MicrosoftSecurityProductName `json:"productFilter,omitempty"` + // SeveritiesFilter - the alerts' severities on which the cases will be generated + SeveritiesFilter *[]AlertSeverity `json:"severitiesFilter,omitempty"` +} + +// MicrosoftSecurityIncidentCreationAlertRuleTemplate represents MicrosoftSecurityIncidentCreation rule +// template. +type MicrosoftSecurityIncidentCreationAlertRuleTemplate struct { + // MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties - MicrosoftSecurityIncidentCreation rule template properties + *MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties `json:"properties,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` + // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled' + Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` } -// RelationNode relation node -type RelationNode struct { - // RelationNodeID - Relation Node Id - RelationNodeID *string `json:"relationNodeId,omitempty"` - // RelationNodeKind - READ-ONLY; The type of relation node. Possible values include: 'RelationNodeKindCase', 'RelationNodeKindBookmark' - RelationNodeKind RelationNodeKind `json:"relationNodeKind,omitempty"` - // Etag - Etag for relation node - Etag *string `json:"etag,omitempty"` - // RelationAdditionalProperties - Additional set of properties - RelationAdditionalProperties map[string]*string `json:"relationAdditionalProperties"` -} - -// MarshalJSON is the custom marshaler for RelationNode. -func (rn RelationNode) MarshalJSON() ([]byte, error) { +// MarshalJSON is the custom marshaler for MicrosoftSecurityIncidentCreationAlertRuleTemplate. +func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) MarshalJSON() ([]byte, error) { + msicart.Kind = KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation objectMap := make(map[string]interface{}) - if rn.RelationNodeID != nil { - objectMap["relationNodeId"] = rn.RelationNodeID - } - if rn.Etag != nil { - objectMap["etag"] = rn.Etag + if msicart.MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties != nil { + objectMap["properties"] = msicart.MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties } - if rn.RelationAdditionalProperties != nil { - objectMap["relationAdditionalProperties"] = rn.RelationAdditionalProperties + if msicart.Kind != "" { + objectMap["kind"] = msicart.Kind } return json.Marshal(objectMap) } -// RelationsModelInput relation input model -type RelationsModelInput struct { - // RelationsModelInputProperties - Relation input properties - *RelationsModelInputProperties `json:"properties,omitempty"` - // Kind - READ-ONLY; The type of relation node. Possible values include: 'CasesToBookmarks' - Kind RelationTypes `json:"kind,omitempty"` - // Etag - ETag for relation - Etag *string `json:"etag,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` +// AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. +func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool) { + return nil, false } -// MarshalJSON is the custom marshaler for RelationsModelInput. -func (rmi RelationsModelInput) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if rmi.RelationsModelInputProperties != nil { - objectMap["properties"] = rmi.RelationsModelInputProperties - } - if rmi.Etag != nil { - objectMap["etag"] = rmi.Etag - } - return json.Marshal(objectMap) +// AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. +func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool) { + return &msicart, true +} + +// AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. +func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool) { + return nil, false +} + +// AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. +func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) { + return nil, false +} + +// AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for MicrosoftSecurityIncidentCreationAlertRuleTemplate. +func (msicart MicrosoftSecurityIncidentCreationAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool) { + return &msicart, true } -// UnmarshalJSON is the custom unmarshaler for RelationsModelInput struct. -func (rmi *RelationsModelInput) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for MicrosoftSecurityIncidentCreationAlertRuleTemplate struct. +func (msicart *MicrosoftSecurityIncidentCreationAlertRuleTemplate) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -9474,30 +3050,12 @@ func (rmi *RelationsModelInput) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var relationsModelInputProperties RelationsModelInputProperties - err = json.Unmarshal(*v, &relationsModelInputProperties) - if err != nil { - return err - } - rmi.RelationsModelInputProperties = &relationsModelInputProperties - } - case "kind": - if v != nil { - var kind RelationTypes - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - rmi.Kind = kind - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) + var microsoftSecurityIncidentCreationAlertRuleTemplateProperties MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties + err = json.Unmarshal(*v, µsoftSecurityIncidentCreationAlertRuleTemplateProperties) if err != nil { return err } - rmi.Etag = &etag + msicart.MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties = µsoftSecurityIncidentCreationAlertRuleTemplateProperties } case "id": if v != nil { @@ -9506,7 +3064,7 @@ func (rmi *RelationsModelInput) UnmarshalJSON(body []byte) error { if err != nil { return err } - rmi.ID = &ID + msicart.ID = &ID } case "name": if v != nil { @@ -9515,7 +3073,7 @@ func (rmi *RelationsModelInput) UnmarshalJSON(body []byte) error { if err != nil { return err } - rmi.Name = &name + msicart.Name = &name } case "type": if v != nil { @@ -9524,7 +3082,16 @@ func (rmi *RelationsModelInput) UnmarshalJSON(body []byte) error { if err != nil { return err } - rmi.Type = &typeVar + msicart.Type = &typeVar + } + case "kind": + if v != nil { + var kind KindBasicAlertRuleTemplate + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + msicart.Kind = kind } } } @@ -9532,97 +3099,52 @@ func (rmi *RelationsModelInput) UnmarshalJSON(body []byte) error { return nil } -// RelationsModelInputProperties relation input properties -type RelationsModelInputProperties struct { - // RelationName - Name of relation - RelationName *string `json:"relationName,omitempty"` - // SourceRelationNode - Relation source node - SourceRelationNode *RelationNode `json:"sourceRelationNode,omitempty"` - // TargetRelationNode - Relation target node - TargetRelationNode *RelationNode `json:"targetRelationNode,omitempty"` -} - -// Resource an azure resource object -type Resource struct { - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` -} - -// ResourceWithEtag an azure resource object with an Etag property -type ResourceWithEtag struct { - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` +// MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties microsoftSecurityIncidentCreation rule +// template properties +type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties struct { + // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template + AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` + // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. + CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` + // Description - The description of the alert rule template. + Description *string `json:"description,omitempty"` + // DisplayName - The display name for alert rule template. + DisplayName *string `json:"displayName,omitempty"` + // RequiredDataConnectors - The required data connectors for this template + RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` + // Status - The alert rule template status. Possible values include: 'Installed', 'Available', 'NotAvailable' + Status TemplateStatus `json:"status,omitempty"` + // DisplayNamesFilter - the alerts' displayNames on which the cases will be generated + DisplayNamesFilter *[]string `json:"displayNamesFilter,omitempty"` + // ProductFilter - The alerts' productName on which the cases will be generated. Possible values include: 'MicrosoftCloudAppSecurity', 'AzureSecurityCenter', 'AzureAdvancedThreatProtection', 'AzureActiveDirectoryIdentityProtection', 'AzureSecurityCenterforIoT' + ProductFilter MicrosoftSecurityProductName `json:"productFilter,omitempty"` + // SeveritiesFilter - the alerts' severities on which the cases will be generated + SeveritiesFilter *[]AlertSeverity `json:"severitiesFilter,omitempty"` } -// ScheduledAlertRule represents scheduled alert rule. -type ScheduledAlertRule struct { - // ScheduledAlertRuleProperties - Scheduled alert rule properties - *ScheduledAlertRuleProperties `json:"properties,omitempty"` +// OfficeConsent consent for Office365 tenant that already made. +type OfficeConsent struct { + // OfficeConsentProperties - Office consent properties + *OfficeConsentProperties `json:"properties,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` - // Etag - Etag of the azure resource - Etag *string `json:"etag,omitempty"` - // Kind - Possible values include: 'KindAlertRule', 'KindFusion', 'KindMicrosoftSecurityIncidentCreation', 'KindScheduled' - Kind KindBasicAlertRule `json:"kind,omitempty"` } -// MarshalJSON is the custom marshaler for ScheduledAlertRule. -func (sar ScheduledAlertRule) MarshalJSON() ([]byte, error) { - sar.Kind = KindScheduled +// MarshalJSON is the custom marshaler for OfficeConsent. +func (oc OfficeConsent) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if sar.ScheduledAlertRuleProperties != nil { - objectMap["properties"] = sar.ScheduledAlertRuleProperties - } - if sar.Etag != nil { - objectMap["etag"] = sar.Etag - } - if sar.Kind != "" { - objectMap["kind"] = sar.Kind + if oc.OfficeConsentProperties != nil { + objectMap["properties"] = oc.OfficeConsentProperties } return json.Marshal(objectMap) } -// AsFusionAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. -func (sar ScheduledAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool) { - return nil, false -} - -// AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. -func (sar ScheduledAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool) { - return nil, false -} - -// AsScheduledAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. -func (sar ScheduledAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool) { - return &sar, true -} - -// AsAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. -func (sar ScheduledAlertRule) AsAlertRule() (*AlertRule, bool) { - return nil, false -} - -// AsBasicAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. -func (sar ScheduledAlertRule) AsBasicAlertRule() (BasicAlertRule, bool) { - return &sar, true -} - -// UnmarshalJSON is the custom unmarshaler for ScheduledAlertRule struct. -func (sar *ScheduledAlertRule) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for OfficeConsent struct. +func (oc *OfficeConsent) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -9632,12 +3154,12 @@ func (sar *ScheduledAlertRule) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var scheduledAlertRuleProperties ScheduledAlertRuleProperties - err = json.Unmarshal(*v, &scheduledAlertRuleProperties) + var officeConsentProperties OfficeConsentProperties + err = json.Unmarshal(*v, &officeConsentProperties) if err != nil { return err } - sar.ScheduledAlertRuleProperties = &scheduledAlertRuleProperties + oc.OfficeConsentProperties = &officeConsentProperties } case "id": if v != nil { @@ -9646,43 +3168,25 @@ func (sar *ScheduledAlertRule) UnmarshalJSON(body []byte) error { if err != nil { return err } - sar.ID = &ID + oc.ID = &ID } case "name": if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - sar.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - sar.Type = &typeVar - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) + var name string + err = json.Unmarshal(*v, &name) if err != nil { return err } - sar.Etag = &etag + oc.Name = &name } - case "kind": + case "type": if v != nil { - var kind KindBasicAlertRule - err = json.Unmarshal(*v, &kind) + var typeVar string + err = json.Unmarshal(*v, &typeVar) if err != nil { return err } - sar.Kind = kind + oc.Type = &typeVar } } } @@ -9690,108 +3194,106 @@ func (sar *ScheduledAlertRule) UnmarshalJSON(body []byte) error { return nil } -// ScheduledAlertRuleCommonProperties schedule alert rule template property bag. -type ScheduledAlertRuleCommonProperties struct { - // Query - The query that creates alerts for this rule. - Query *string `json:"query,omitempty"` - // QueryFrequency - The frequency (in ISO 8601 duration format) for this alert rule to run. - QueryFrequency *string `json:"queryFrequency,omitempty"` - // QueryPeriod - The period (in ISO 8601 duration format) that this alert rule looks at. - QueryPeriod *string `json:"queryPeriod,omitempty"` - // Severity - The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', 'Low', 'Informational' - Severity AlertSeverity `json:"severity,omitempty"` - // TriggerOperator - The operation against the threshold that triggers alert rule. Possible values include: 'GreaterThan', 'LessThan', 'Equal', 'NotEqual' - TriggerOperator TriggerOperator `json:"triggerOperator,omitempty"` - // TriggerThreshold - The threshold triggers this alert rule. - TriggerThreshold *int32 `json:"triggerThreshold,omitempty"` +// OfficeConsentList list of all the office365 consents. +type OfficeConsentList struct { + // NextLink - READ-ONLY; URL to fetch the next set of office consents. + NextLink *string `json:"nextLink,omitempty"` + // Value - Array of the consents. + Value *[]OfficeConsent `json:"value,omitempty"` } -// ScheduledAlertRuleProperties scheduled alert rule base property bag. -type ScheduledAlertRuleProperties struct { - // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. - AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` - // Description - The description of the alert rule. - Description *string `json:"description,omitempty"` - // DisplayName - The display name for alerts created by this alert rule. - DisplayName *string `json:"displayName,omitempty"` - // Enabled - Determines whether this alert rule is enabled or disabled. - Enabled *bool `json:"enabled,omitempty"` - // LastModifiedUtc - READ-ONLY; The last time that this alert rule has been modified. - LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` - // SuppressionDuration - The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered. - SuppressionDuration *string `json:"suppressionDuration,omitempty"` - // SuppressionEnabled - Determines whether the suppression for this alert rule is enabled or disabled. - SuppressionEnabled *bool `json:"suppressionEnabled,omitempty"` - // Tactics - The tactics of the alert rule - Tactics *[]AttackTactic `json:"tactics,omitempty"` - // Query - The query that creates alerts for this rule. - Query *string `json:"query,omitempty"` - // QueryFrequency - The frequency (in ISO 8601 duration format) for this alert rule to run. - QueryFrequency *string `json:"queryFrequency,omitempty"` - // QueryPeriod - The period (in ISO 8601 duration format) that this alert rule looks at. - QueryPeriod *string `json:"queryPeriod,omitempty"` - // Severity - The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', 'Low', 'Informational' - Severity AlertSeverity `json:"severity,omitempty"` - // TriggerOperator - The operation against the threshold that triggers alert rule. Possible values include: 'GreaterThan', 'LessThan', 'Equal', 'NotEqual' - TriggerOperator TriggerOperator `json:"triggerOperator,omitempty"` - // TriggerThreshold - The threshold triggers this alert rule. - TriggerThreshold *int32 `json:"triggerThreshold,omitempty"` +// OfficeConsentProperties consent property bag. +type OfficeConsentProperties struct { + // TenantID - The tenantId of the Office365 with the consent. + TenantID *string `json:"tenantId,omitempty"` + // TenantName - READ-ONLY; The tenant name of the Office365 with the consent. + TenantName *string `json:"tenantName,omitempty"` } -// ScheduledAlertRuleTemplate represents scheduled alert rule template. -type ScheduledAlertRuleTemplate struct { - // ScheduledAlertRuleTemplateProperties - Scheduled alert rule template properties - *ScheduledAlertRuleTemplateProperties `json:"properties,omitempty"` +// OfficeDataConnector represents office data connector. +type OfficeDataConnector struct { + // OfficeDataConnectorProperties - Office data connector properties. + *OfficeDataConnectorProperties `json:"properties,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled' - Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // Kind - Possible values include: 'KindDataConnector', 'KindAzureActiveDirectory', 'KindAzureAdvancedThreatProtection', 'KindAzureSecurityCenter', 'KindAmazonWebServicesCloudTrail', 'KindMicrosoftCloudAppSecurity', 'KindMicrosoftDefenderAdvancedThreatProtection', 'KindOffice365', 'KindThreatIntelligence' + Kind KindBasicDataConnector `json:"kind,omitempty"` } -// MarshalJSON is the custom marshaler for ScheduledAlertRuleTemplate. -func (sart ScheduledAlertRuleTemplate) MarshalJSON() ([]byte, error) { - sart.Kind = KindBasicAlertRuleTemplateKindScheduled +// MarshalJSON is the custom marshaler for OfficeDataConnector. +func (odc OfficeDataConnector) MarshalJSON() ([]byte, error) { + odc.Kind = KindOffice365 objectMap := make(map[string]interface{}) - if sart.ScheduledAlertRuleTemplateProperties != nil { - objectMap["properties"] = sart.ScheduledAlertRuleTemplateProperties + if odc.OfficeDataConnectorProperties != nil { + objectMap["properties"] = odc.OfficeDataConnectorProperties } - if sart.Kind != "" { - objectMap["kind"] = sart.Kind + if odc.Etag != nil { + objectMap["etag"] = odc.Etag + } + if odc.Kind != "" { + objectMap["kind"] = odc.Kind } return json.Marshal(objectMap) } -// AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. -func (sart ScheduledAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool) { +// AsAADDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsAADDataConnector() (*AADDataConnector, bool) { return nil, false } -// AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. -func (sart ScheduledAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool) { +// AsAATPDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsAATPDataConnector() (*AATPDataConnector, bool) { return nil, false } -// AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. -func (sart ScheduledAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool) { - return &sart, true +// AsASCDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsASCDataConnector() (*ASCDataConnector, bool) { + return nil, false } -// AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. -func (sart ScheduledAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) { +// AsAwsCloudTrailDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsAwsCloudTrailDataConnector() (*AwsCloudTrailDataConnector, bool) { return nil, false } -// AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. -func (sart ScheduledAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool) { - return &sart, true +// AsMCASDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsMCASDataConnector() (*MCASDataConnector, bool) { + return nil, false } -// UnmarshalJSON is the custom unmarshaler for ScheduledAlertRuleTemplate struct. -func (sart *ScheduledAlertRuleTemplate) UnmarshalJSON(body []byte) error { +// AsMDATPDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsMDATPDataConnector() (*MDATPDataConnector, bool) { + return nil, false +} + +// AsOfficeDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsOfficeDataConnector() (*OfficeDataConnector, bool) { + return &odc, true +} + +// AsTIDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsTIDataConnector() (*TIDataConnector, bool) { + return nil, false +} + +// AsDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsDataConnector() (*DataConnector, bool) { + return nil, false +} + +// AsBasicDataConnector is the BasicDataConnector implementation for OfficeDataConnector. +func (odc OfficeDataConnector) AsBasicDataConnector() (BasicDataConnector, bool) { + return &odc, true +} + +// UnmarshalJSON is the custom unmarshaler for OfficeDataConnector struct. +func (odc *OfficeDataConnector) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -9801,12 +3303,12 @@ func (sart *ScheduledAlertRuleTemplate) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var scheduledAlertRuleTemplateProperties ScheduledAlertRuleTemplateProperties - err = json.Unmarshal(*v, &scheduledAlertRuleTemplateProperties) + var officeDataConnectorProperties OfficeDataConnectorProperties + err = json.Unmarshal(*v, &officeDataConnectorProperties) if err != nil { return err } - sart.ScheduledAlertRuleTemplateProperties = &scheduledAlertRuleTemplateProperties + odc.OfficeDataConnectorProperties = &officeDataConnectorProperties } case "id": if v != nil { @@ -9815,7 +3317,7 @@ func (sart *ScheduledAlertRuleTemplate) UnmarshalJSON(body []byte) error { if err != nil { return err } - sart.ID = &ID + odc.ID = &ID } case "name": if v != nil { @@ -9824,7 +3326,7 @@ func (sart *ScheduledAlertRuleTemplate) UnmarshalJSON(body []byte) error { if err != nil { return err } - sart.Name = &name + odc.Name = &name } case "type": if v != nil { @@ -9833,172 +3335,307 @@ func (sart *ScheduledAlertRuleTemplate) UnmarshalJSON(body []byte) error { if err != nil { return err } - sart.Type = &typeVar + odc.Type = &typeVar + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + odc.Etag = &etag } case "kind": if v != nil { - var kind KindBasicAlertRuleTemplate + var kind KindBasicDataConnector err = json.Unmarshal(*v, &kind) if err != nil { return err } - sart.Kind = kind + odc.Kind = kind + } + } + } + + return nil +} + +// OfficeDataConnectorDataTypes the available data types for office data connector. +type OfficeDataConnectorDataTypes struct { + // Exchange - Exchange data type connection. + Exchange *OfficeDataConnectorDataTypesExchange `json:"exchange,omitempty"` + // SharePoint - SharePoint data type connection. + SharePoint *OfficeDataConnectorDataTypesSharePoint `json:"sharePoint,omitempty"` +} + +// OfficeDataConnectorDataTypesExchange exchange data type connection. +type OfficeDataConnectorDataTypesExchange struct { + // State - Describe whether this data type connection is enabled or not. Possible values include: 'Enabled', 'Disabled' + State DataTypeState `json:"state,omitempty"` +} + +// OfficeDataConnectorDataTypesSharePoint sharePoint data type connection. +type OfficeDataConnectorDataTypesSharePoint struct { + // State - Describe whether this data type connection is enabled or not. Possible values include: 'Enabled', 'Disabled' + State DataTypeState `json:"state,omitempty"` +} + +// OfficeDataConnectorProperties office data connector properties. +type OfficeDataConnectorProperties struct { + // DataTypes - The available data types for the connector. + DataTypes *OfficeDataConnectorDataTypes `json:"dataTypes,omitempty"` + // TenantID - The tenant id to connect to, and get the data from. + TenantID *string `json:"tenantId,omitempty"` +} + +// Operation operation provided by provider +type Operation struct { + // Display - Properties of the operation + Display *OperationDisplay `json:"display,omitempty"` + // Name - Name of the operation + Name *string `json:"name,omitempty"` +} + +// OperationDisplay properties of the operation +type OperationDisplay struct { + // Description - Description of the operation + Description *string `json:"description,omitempty"` + // Operation - Operation name + Operation *string `json:"operation,omitempty"` + // Provider - Provider name + Provider *string `json:"provider,omitempty"` + // Resource - Resource name + Resource *string `json:"resource,omitempty"` +} + +// OperationsList lists the operations available in the SecurityInsights RP. +type OperationsList struct { + autorest.Response `json:"-"` + // NextLink - URL to fetch the next set of operations. + NextLink *string `json:"nextLink,omitempty"` + // Value - Array of operations + Value *[]Operation `json:"value,omitempty"` +} + +// OperationsListIterator provides access to a complete listing of Operation values. +type OperationsListIterator struct { + i int + page OperationsListPage +} + +// NextWithContext advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +func (iter *OperationsListIterator) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/OperationsListIterator.NextWithContext") + defer func() { + sc := -1 + if iter.Response().Response.Response != nil { + sc = iter.Response().Response.Response.StatusCode } - } + tracing.EndSpan(ctx, sc, err) + }() } - + iter.i++ + if iter.i < len(iter.page.Values()) { + return nil + } + err = iter.page.NextWithContext(ctx) + if err != nil { + iter.i-- + return err + } + iter.i = 0 return nil } -// ScheduledAlertRuleTemplateProperties scheduled alert rule template properties -type ScheduledAlertRuleTemplateProperties struct { - // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template - AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` - // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. - CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` - // Description - The description of the alert rule template. - Description *string `json:"description,omitempty"` - // DisplayName - The display name for alert rule template. - DisplayName *string `json:"displayName,omitempty"` - // RequiredDataConnectors - The required data connectors for this template - RequiredDataConnectors *[]DataConnectorStatus `json:"requiredDataConnectors,omitempty"` - // Status - The alert rule template status. Possible values include: 'Installed', 'Available', 'NotAvailable' - Status TemplateStatus `json:"status,omitempty"` - // Tactics - The tactics of the alert rule template - Tactics *[]AttackTactic `json:"tactics,omitempty"` - // Query - The query that creates alerts for this rule. - Query *string `json:"query,omitempty"` - // QueryFrequency - The frequency (in ISO 8601 duration format) for this alert rule to run. - QueryFrequency *string `json:"queryFrequency,omitempty"` - // QueryPeriod - The period (in ISO 8601 duration format) that this alert rule looks at. - QueryPeriod *string `json:"queryPeriod,omitempty"` - // Severity - The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', 'Low', 'Informational' - Severity AlertSeverity `json:"severity,omitempty"` - // TriggerOperator - The operation against the threshold that triggers alert rule. Possible values include: 'GreaterThan', 'LessThan', 'Equal', 'NotEqual' - TriggerOperator TriggerOperator `json:"triggerOperator,omitempty"` - // TriggerThreshold - The threshold triggers this alert rule. - TriggerThreshold *int32 `json:"triggerThreshold,omitempty"` +// Next advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (iter *OperationsListIterator) Next() error { + return iter.NextWithContext(context.Background()) } -// SecurityAlert represents a security alert entity. -type SecurityAlert struct { - // SecurityAlertProperties - SecurityAlert entity properties - *SecurityAlertProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindAzureResource', 'KindCloudApplication', 'KindDNSResolution', 'KindFile', 'KindFileHash', 'KindHost', 'KindIP', 'KindMalware', 'KindProcess', 'KindRegistryKey', 'KindRegistryValue', 'KindSecurityAlert', 'KindSecurityGroup', 'KindURL', 'KindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` +// NotDone returns true if the enumeration should be started or is not yet complete. +func (iter OperationsListIterator) NotDone() bool { + return iter.page.NotDone() && iter.i < len(iter.page.Values()) } -// MarshalJSON is the custom marshaler for SecurityAlert. -func (sa SecurityAlert) MarshalJSON() ([]byte, error) { - sa.Kind = KindSecurityAlert - objectMap := make(map[string]interface{}) - if sa.SecurityAlertProperties != nil { - objectMap["properties"] = sa.SecurityAlertProperties - } - if sa.Kind != "" { - objectMap["kind"] = sa.Kind +// Response returns the raw server response from the last page request. +func (iter OperationsListIterator) Response() OperationsList { + return iter.page.Response() +} + +// Value returns the current value or a zero-initialized value if the +// iterator has advanced beyond the end of the collection. +func (iter OperationsListIterator) Value() Operation { + if !iter.page.NotDone() { + return Operation{} } - return json.Marshal(objectMap) + return iter.page.Values()[iter.i] } -// AsAccountEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsAccountEntity() (*AccountEntity, bool) { - return nil, false +// Creates a new instance of the OperationsListIterator type. +func NewOperationsListIterator(page OperationsListPage) OperationsListIterator { + return OperationsListIterator{page: page} } -// AsAzureResourceEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false +// IsEmpty returns true if the ListResult contains no values. +func (ol OperationsList) IsEmpty() bool { + return ol.Value == nil || len(*ol.Value) == 0 } -// AsCloudApplicationEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false +// operationsListPreparer prepares a request to retrieve the next set of results. +// It returns nil if no more results exist. +func (ol OperationsList) operationsListPreparer(ctx context.Context) (*http.Request, error) { + if ol.NextLink == nil || len(to.String(ol.NextLink)) < 1 { + return nil, nil + } + return autorest.Prepare((&http.Request{}).WithContext(ctx), + autorest.AsJSON(), + autorest.AsGet(), + autorest.WithBaseURL(to.String(ol.NextLink))) } -// AsDNSEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsDNSEntity() (*DNSEntity, bool) { - return nil, false +// OperationsListPage contains a page of Operation values. +type OperationsListPage struct { + fn func(context.Context, OperationsList) (OperationsList, error) + ol OperationsList } -// AsFileEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsFileEntity() (*FileEntity, bool) { - return nil, false +// NextWithContext advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +func (page *OperationsListPage) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/OperationsListPage.NextWithContext") + defer func() { + sc := -1 + if page.Response().Response.Response != nil { + sc = page.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + next, err := page.fn(ctx, page.ol) + if err != nil { + return err + } + page.ol = next + return nil } -// AsFileHashEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsFileHashEntity() (*FileHashEntity, bool) { - return nil, false +// Next advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (page *OperationsListPage) Next() error { + return page.NextWithContext(context.Background()) } -// AsHostEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsHostEntity() (*HostEntity, bool) { - return nil, false +// NotDone returns true if the page enumeration should be started or is not yet complete. +func (page OperationsListPage) NotDone() bool { + return !page.ol.IsEmpty() } -// AsIPEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsIPEntity() (*IPEntity, bool) { - return nil, false +// Response returns the raw server response from the last page request. +func (page OperationsListPage) Response() OperationsList { + return page.ol } -// AsMalwareEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsMalwareEntity() (*MalwareEntity, bool) { - return nil, false +// Values returns the slice of values for the current page or nil if there are no values. +func (page OperationsListPage) Values() []Operation { + if page.ol.IsEmpty() { + return nil + } + return *page.ol.Value } -// AsProcessEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsProcessEntity() (*ProcessEntity, bool) { - return nil, false +// Creates a new instance of the OperationsListPage type. +func NewOperationsListPage(getNextPage func(context.Context, OperationsList) (OperationsList, error)) OperationsListPage { + return OperationsListPage{fn: getNextPage} } -// AsRegistryKeyEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return nil, false +// Resource an azure resource object +type Resource struct { + // ID - READ-ONLY; Azure resource Id + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; Azure resource name + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; Azure resource type + Type *string `json:"type,omitempty"` } -// AsRegistryValueEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsRegistryValueEntity() (*RegistryValueEntity, bool) { - return nil, false +// ResourceWithEtag an azure resource object with an Etag property +type ResourceWithEtag struct { + // ID - READ-ONLY; Azure resource Id + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; Azure resource name + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; Azure resource type + Type *string `json:"type,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` } -// AsSecurityAlert is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsSecurityAlert() (*SecurityAlert, bool) { - return &sa, true +// ScheduledAlertRule represents scheduled alert rule. +type ScheduledAlertRule struct { + // ScheduledAlertRuleProperties - Scheduled alert rule properties + *ScheduledAlertRuleProperties `json:"properties,omitempty"` + // ID - READ-ONLY; Azure resource Id + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; Azure resource name + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; Azure resource type + Type *string `json:"type,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` + // Kind - Possible values include: 'KindAlertRule', 'KindFusion', 'KindMicrosoftSecurityIncidentCreation', 'KindScheduled' + Kind Kind `json:"kind,omitempty"` } -// AsSecurityGroupEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { - return nil, false +// MarshalJSON is the custom marshaler for ScheduledAlertRule. +func (sar ScheduledAlertRule) MarshalJSON() ([]byte, error) { + sar.Kind = KindScheduled + objectMap := make(map[string]interface{}) + if sar.ScheduledAlertRuleProperties != nil { + objectMap["properties"] = sar.ScheduledAlertRuleProperties + } + if sar.Etag != nil { + objectMap["etag"] = sar.Etag + } + if sar.Kind != "" { + objectMap["kind"] = sar.Kind + } + return json.Marshal(objectMap) } -// AsURLEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsURLEntity() (*URLEntity, bool) { +// AsFusionAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. +func (sar ScheduledAlertRule) AsFusionAlertRule() (*FusionAlertRule, bool) { return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { +// AsMicrosoftSecurityIncidentCreationAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. +func (sar ScheduledAlertRule) AsMicrosoftSecurityIncidentCreationAlertRule() (*MicrosoftSecurityIncidentCreationAlertRule, bool) { return nil, false } -// AsEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsEntity() (*Entity, bool) { +// AsScheduledAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. +func (sar ScheduledAlertRule) AsScheduledAlertRule() (*ScheduledAlertRule, bool) { + return &sar, true +} + +// AsAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. +func (sar ScheduledAlertRule) AsAlertRule() (*AlertRule, bool) { return nil, false } -// AsBasicEntity is the BasicEntity implementation for SecurityAlert. -func (sa SecurityAlert) AsBasicEntity() (BasicEntity, bool) { - return &sa, true +// AsBasicAlertRule is the BasicAlertRule implementation for ScheduledAlertRule. +func (sar ScheduledAlertRule) AsBasicAlertRule() (BasicAlertRule, bool) { + return &sar, true } -// UnmarshalJSON is the custom unmarshaler for SecurityAlert struct. -func (sa *SecurityAlert) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for ScheduledAlertRule struct. +func (sar *ScheduledAlertRule) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -10008,12 +3645,12 @@ func (sa *SecurityAlert) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var securityAlertProperties SecurityAlertProperties - err = json.Unmarshal(*v, &securityAlertProperties) + var scheduledAlertRuleProperties ScheduledAlertRuleProperties + err = json.Unmarshal(*v, &scheduledAlertRuleProperties) if err != nil { return err } - sa.SecurityAlertProperties = &securityAlertProperties + sar.ScheduledAlertRuleProperties = &scheduledAlertRuleProperties } case "id": if v != nil { @@ -10022,7 +3659,7 @@ func (sa *SecurityAlert) UnmarshalJSON(body []byte) error { if err != nil { return err } - sa.ID = &ID + sar.ID = &ID } case "name": if v != nil { @@ -10031,7 +3668,7 @@ func (sa *SecurityAlert) UnmarshalJSON(body []byte) error { if err != nil { return err } - sa.Name = &name + sar.Name = &name } case "type": if v != nil { @@ -10040,16 +3677,25 @@ func (sa *SecurityAlert) UnmarshalJSON(body []byte) error { if err != nil { return err } - sa.Type = &typeVar + sar.Type = &typeVar + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + sar.Etag = &etag } case "kind": if v != nil { - var kind KindBasicEntity + var kind Kind err = json.Unmarshal(*v, &kind) if err != nil { return err } - sa.Kind = kind + sar.Kind = kind } } } @@ -10057,192 +3703,108 @@ func (sa *SecurityAlert) UnmarshalJSON(body []byte) error { return nil } -// SecurityAlertProperties securityAlert entity property bag. -type SecurityAlertProperties struct { - // AlertDisplayName - READ-ONLY; The display name of the alert. - AlertDisplayName *string `json:"alertDisplayName,omitempty"` - // AlertType - READ-ONLY; The type name of the alert. - AlertType *string `json:"alertType,omitempty"` - // CompromisedEntity - READ-ONLY; Display name of the main entity being reported on. - CompromisedEntity *string `json:"compromisedEntity,omitempty"` - // ConfidenceLevel - READ-ONLY; The confidence level of this alert. Possible values include: 'ConfidenceLevelUnknown', 'ConfidenceLevelLow', 'ConfidenceLevelHigh' - ConfidenceLevel ConfidenceLevel `json:"confidenceLevel,omitempty"` - // ConfidenceReasons - READ-ONLY; The confidence reasons - ConfidenceReasons *[]SecurityAlertPropertiesConfidenceReasonsItem `json:"confidenceReasons,omitempty"` - // ConfidenceScore - READ-ONLY; The confidence score of the alert. - ConfidenceScore *float64 `json:"confidenceScore,omitempty"` - // ConfidenceScoreStatus - READ-ONLY; The confidence score calculation status, i.e. indicating if score calculation is pending for this alert, not applicable or final. Possible values include: 'NotApplicable', 'InProcess', 'NotFinal', 'Final' - ConfidenceScoreStatus ConfidenceScoreStatus `json:"confidenceScoreStatus,omitempty"` - // Description - READ-ONLY; Alert description. +// ScheduledAlertRuleCommonProperties schedule alert rule template property bag. +type ScheduledAlertRuleCommonProperties struct { + // Query - The query that creates alerts for this rule. + Query *string `json:"query,omitempty"` + // QueryFrequency - The frequency (in ISO 8601 duration format) for this alert rule to run. + QueryFrequency *string `json:"queryFrequency,omitempty"` + // QueryPeriod - The period (in ISO 8601 duration format) that this alert rule looks at. + QueryPeriod *string `json:"queryPeriod,omitempty"` + // Severity - The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', 'Low', 'Informational' + Severity AlertSeverity `json:"severity,omitempty"` + // TriggerOperator - The operation against the threshold that triggers alert rule. Possible values include: 'GreaterThan', 'LessThan', 'Equal', 'NotEqual' + TriggerOperator TriggerOperator `json:"triggerOperator,omitempty"` + // TriggerThreshold - The threshold triggers this alert rule. + TriggerThreshold *int32 `json:"triggerThreshold,omitempty"` +} + +// ScheduledAlertRuleProperties scheduled alert rule base property bag. +type ScheduledAlertRuleProperties struct { + // AlertRuleTemplateName - The Name of the alert rule template used to create this rule. + AlertRuleTemplateName *string `json:"alertRuleTemplateName,omitempty"` + // Description - The description of the alert rule. Description *string `json:"description,omitempty"` - // EndTimeUtc - READ-ONLY; The impact end time of the alert (the time of the last event contributing to the alert). - EndTimeUtc *date.Time `json:"endTimeUtc,omitempty"` - // Intent - READ-ONLY; Holds the alert intent stage(s) mapping for this alert. Possible values include: 'KillChainIntentUnknown', 'KillChainIntentProbing', 'KillChainIntentExploitation', 'KillChainIntentPersistence', 'KillChainIntentPrivilegeEscalation', 'KillChainIntentDefenseEvasion', 'KillChainIntentCredentialAccess', 'KillChainIntentDiscovery', 'KillChainIntentLateralMovement', 'KillChainIntentExecution', 'KillChainIntentCollection', 'KillChainIntentExfiltration', 'KillChainIntentCommandAndControl', 'KillChainIntentImpact' - Intent KillChainIntent `json:"intent,omitempty"` - // ProcessingEndTime - READ-ONLY; The time the alert was made available for consumption. - ProcessingEndTime *date.Time `json:"processingEndTime,omitempty"` - // ProductComponentName - READ-ONLY; The name of a component inside the product which generated the alert. - ProductComponentName *string `json:"productComponentName,omitempty"` - // ProductName - READ-ONLY; The name of the product which published this alert. - ProductName *string `json:"productName,omitempty"` - // ProductVersion - READ-ONLY; The version of the product generating the alert. - ProductVersion *string `json:"productVersion,omitempty"` - // RemediationSteps - READ-ONLY; Manual action items to take to remediate the alert. - RemediationSteps *[]string `json:"remediationSteps,omitempty"` - // Severity - The severity of the alert. Possible values include: 'High', 'Medium', 'Low', 'Informational' + // DisplayName - The display name for alerts created by this alert rule. + DisplayName *string `json:"displayName,omitempty"` + // Enabled - Determines whether this alert rule is enabled or disabled. + Enabled *bool `json:"enabled,omitempty"` + // LastModifiedUtc - READ-ONLY; The last time that this alert rule has been modified. + LastModifiedUtc *date.Time `json:"lastModifiedUtc,omitempty"` + // SuppressionDuration - The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered. + SuppressionDuration *string `json:"suppressionDuration,omitempty"` + // SuppressionEnabled - Determines whether the suppression for this alert rule is enabled or disabled. + SuppressionEnabled *bool `json:"suppressionEnabled,omitempty"` + // Tactics - The tactics of the alert rule + Tactics *[]AttackTactic `json:"tactics,omitempty"` + // Query - The query that creates alerts for this rule. + Query *string `json:"query,omitempty"` + // QueryFrequency - The frequency (in ISO 8601 duration format) for this alert rule to run. + QueryFrequency *string `json:"queryFrequency,omitempty"` + // QueryPeriod - The period (in ISO 8601 duration format) that this alert rule looks at. + QueryPeriod *string `json:"queryPeriod,omitempty"` + // Severity - The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', 'Low', 'Informational' Severity AlertSeverity `json:"severity,omitempty"` - // StartTimeUtc - READ-ONLY; The impact start time of the alert (the time of the first event contributing to the alert). - StartTimeUtc *date.Time `json:"startTimeUtc,omitempty"` - // Status - READ-ONLY; The lifecycle status of the alert. Possible values include: 'AlertStatusUnknown', 'AlertStatusNew', 'AlertStatusResolved', 'AlertStatusDismissed', 'AlertStatusInProgress' - Status AlertStatus `json:"status,omitempty"` - // SystemAlertID - READ-ONLY; Holds the product identifier of the alert for the product. - SystemAlertID *string `json:"systemAlertId,omitempty"` - // TimeGenerated - READ-ONLY; The time the alert was generated. - TimeGenerated *date.Time `json:"timeGenerated,omitempty"` - // VendorName - READ-ONLY; The name of the vendor that raise the alert. - VendorName *string `json:"vendorName,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` -} - -// MarshalJSON is the custom marshaler for SecurityAlertProperties. -func (sap SecurityAlertProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if sap.Severity != "" { - objectMap["severity"] = sap.Severity - } - return json.Marshal(objectMap) -} - -// SecurityAlertPropertiesConfidenceReasonsItem confidence reason item -type SecurityAlertPropertiesConfidenceReasonsItem struct { - // Reason - READ-ONLY; The reason's description - Reason *string `json:"reason,omitempty"` - // ReasonType - READ-ONLY; The type (category) of the reason - ReasonType *string `json:"reasonType,omitempty"` + // TriggerOperator - The operation against the threshold that triggers alert rule. Possible values include: 'GreaterThan', 'LessThan', 'Equal', 'NotEqual' + TriggerOperator TriggerOperator `json:"triggerOperator,omitempty"` + // TriggerThreshold - The threshold triggers this alert rule. + TriggerThreshold *int32 `json:"triggerThreshold,omitempty"` } -// SecurityGroupEntity represents a security group entity. -type SecurityGroupEntity struct { - // SecurityGroupEntityProperties - SecurityGroup entity properties - *SecurityGroupEntityProperties `json:"properties,omitempty"` +// ScheduledAlertRuleTemplate represents scheduled alert rule template. +type ScheduledAlertRuleTemplate struct { + // ScheduledAlertRuleTemplateProperties - Scheduled alert rule template properties + *ScheduledAlertRuleTemplateProperties `json:"properties,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindAzureResource', 'KindCloudApplication', 'KindDNSResolution', 'KindFile', 'KindFileHash', 'KindHost', 'KindIP', 'KindMalware', 'KindProcess', 'KindRegistryKey', 'KindRegistryValue', 'KindSecurityAlert', 'KindSecurityGroup', 'KindURL', 'KindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // Kind - Possible values include: 'KindBasicAlertRuleTemplateKindAlertRuleTemplate', 'KindBasicAlertRuleTemplateKindFusion', 'KindBasicAlertRuleTemplateKindMicrosoftSecurityIncidentCreation', 'KindBasicAlertRuleTemplateKindScheduled' + Kind KindBasicAlertRuleTemplate `json:"kind,omitempty"` } -// MarshalJSON is the custom marshaler for SecurityGroupEntity. -func (sge SecurityGroupEntity) MarshalJSON() ([]byte, error) { - sge.Kind = KindSecurityGroup +// MarshalJSON is the custom marshaler for ScheduledAlertRuleTemplate. +func (sart ScheduledAlertRuleTemplate) MarshalJSON() ([]byte, error) { + sart.Kind = KindBasicAlertRuleTemplateKindScheduled objectMap := make(map[string]interface{}) - if sge.SecurityGroupEntityProperties != nil { - objectMap["properties"] = sge.SecurityGroupEntityProperties + if sart.ScheduledAlertRuleTemplateProperties != nil { + objectMap["properties"] = sart.ScheduledAlertRuleTemplateProperties } - if sge.Kind != "" { - objectMap["kind"] = sge.Kind + if sart.Kind != "" { + objectMap["kind"] = sart.Kind } return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false -} - -// AsAzureResourceEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false -} - -// AsCloudApplicationEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false -} - -// AsDNSEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsDNSEntity() (*DNSEntity, bool) { - return nil, false -} - -// AsFileEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsFileEntity() (*FileEntity, bool) { - return nil, false -} - -// AsFileHashEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsFileHashEntity() (*FileHashEntity, bool) { - return nil, false -} - -// AsHostEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsHostEntity() (*HostEntity, bool) { - return nil, false -} - -// AsIPEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsIPEntity() (*IPEntity, bool) { - return nil, false -} - -// AsMalwareEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsMalwareEntity() (*MalwareEntity, bool) { - return nil, false -} - -// AsProcessEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsProcessEntity() (*ProcessEntity, bool) { - return nil, false -} - -// AsRegistryKeyEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return nil, false -} - -// AsRegistryValueEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { - return nil, false -} - -// AsSecurityAlert is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsSecurityAlert() (*SecurityAlert, bool) { +// AsFusionAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. +func (sart ScheduledAlertRuleTemplate) AsFusionAlertRuleTemplate() (*FusionAlertRuleTemplate, bool) { return nil, false } -// AsSecurityGroupEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { - return &sge, true -} - -// AsURLEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsURLEntity() (*URLEntity, bool) { +// AsMicrosoftSecurityIncidentCreationAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. +func (sart ScheduledAlertRuleTemplate) AsMicrosoftSecurityIncidentCreationAlertRuleTemplate() (*MicrosoftSecurityIncidentCreationAlertRuleTemplate, bool) { return nil, false } -// AsIoTDeviceEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { - return nil, false +// AsScheduledAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. +func (sart ScheduledAlertRuleTemplate) AsScheduledAlertRuleTemplate() (*ScheduledAlertRuleTemplate, bool) { + return &sart, true } -// AsEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsEntity() (*Entity, bool) { +// AsAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. +func (sart ScheduledAlertRuleTemplate) AsAlertRuleTemplate() (*AlertRuleTemplate, bool) { return nil, false } -// AsBasicEntity is the BasicEntity implementation for SecurityGroupEntity. -func (sge SecurityGroupEntity) AsBasicEntity() (BasicEntity, bool) { - return &sge, true +// AsBasicAlertRuleTemplate is the BasicAlertRuleTemplate implementation for ScheduledAlertRuleTemplate. +func (sart ScheduledAlertRuleTemplate) AsBasicAlertRuleTemplate() (BasicAlertRuleTemplate, bool) { + return &sart, true } -// UnmarshalJSON is the custom unmarshaler for SecurityGroupEntity struct. -func (sge *SecurityGroupEntity) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for ScheduledAlertRuleTemplate struct. +func (sart *ScheduledAlertRuleTemplate) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -10252,12 +3814,12 @@ func (sge *SecurityGroupEntity) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var securityGroupEntityProperties SecurityGroupEntityProperties - err = json.Unmarshal(*v, &securityGroupEntityProperties) + var scheduledAlertRuleTemplateProperties ScheduledAlertRuleTemplateProperties + err = json.Unmarshal(*v, &scheduledAlertRuleTemplateProperties) if err != nil { return err } - sge.SecurityGroupEntityProperties = &securityGroupEntityProperties + sart.ScheduledAlertRuleTemplateProperties = &scheduledAlertRuleTemplateProperties } case "id": if v != nil { @@ -10266,7 +3828,7 @@ func (sge *SecurityGroupEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - sge.ID = &ID + sart.ID = &ID } case "name": if v != nil { @@ -10275,7 +3837,7 @@ func (sge *SecurityGroupEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - sge.Name = &name + sart.Name = &name } case "type": if v != nil { @@ -10284,16 +3846,16 @@ func (sge *SecurityGroupEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - sge.Type = &typeVar + sart.Type = &typeVar } case "kind": if v != nil { - var kind KindBasicEntity + var kind KindBasicAlertRuleTemplate err = json.Unmarshal(*v, &kind) if err != nil { return err } - sge.Kind = kind + sart.Kind = kind } } } @@ -10301,24 +3863,34 @@ func (sge *SecurityGroupEntity) UnmarshalJSON(body []byte) error { return nil } -// SecurityGroupEntityProperties securityGroup entity property bag. -type SecurityGroupEntityProperties struct { - // DistinguishedName - READ-ONLY; The group distinguished name - DistinguishedName *string `json:"distinguishedName,omitempty"` - // ObjectGUID - READ-ONLY; A single-value attribute that is the unique identifier for the object, assigned by active directory. - ObjectGUID *uuid.UUID `json:"objectGuid,omitempty"` - // Sid - READ-ONLY; The SID attribute is a single-value attribute that specifies the security identifier (SID) of the group - Sid *string `json:"sid,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` -} - -// MarshalJSON is the custom marshaler for SecurityGroupEntityProperties. -func (sgep SecurityGroupEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) +// ScheduledAlertRuleTemplateProperties scheduled alert rule template properties +type ScheduledAlertRuleTemplateProperties struct { + // AlertRulesCreatedByTemplateCount - the number of alert rules that were created by this template + AlertRulesCreatedByTemplateCount *int32 `json:"alertRulesCreatedByTemplateCount,omitempty"` + // CreatedDateUTC - READ-ONLY; The time that this alert rule template has been added. + CreatedDateUTC *date.Time `json:"createdDateUTC,omitempty"` + // Description - The description of the alert rule template. + Description *string `json:"description,omitempty"` + // DisplayName - The display name for alert rule template. + DisplayName *string `json:"displayName,omitempty"` + // RequiredDataConnectors - The required data connectors for this template + RequiredDataConnectors *[]AlertRuleTemplateDataSource `json:"requiredDataConnectors,omitempty"` + // Status - The alert rule template status. Possible values include: 'Installed', 'Available', 'NotAvailable' + Status TemplateStatus `json:"status,omitempty"` + // Query - The query that creates alerts for this rule. + Query *string `json:"query,omitempty"` + // QueryFrequency - The frequency (in ISO 8601 duration format) for this alert rule to run. + QueryFrequency *string `json:"queryFrequency,omitempty"` + // QueryPeriod - The period (in ISO 8601 duration format) that this alert rule looks at. + QueryPeriod *string `json:"queryPeriod,omitempty"` + // Severity - The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', 'Low', 'Informational' + Severity AlertSeverity `json:"severity,omitempty"` + // TriggerOperator - The operation against the threshold that triggers alert rule. Possible values include: 'GreaterThan', 'LessThan', 'Equal', 'NotEqual' + TriggerOperator TriggerOperator `json:"triggerOperator,omitempty"` + // TriggerThreshold - The threshold triggers this alert rule. + TriggerThreshold *int32 `json:"triggerThreshold,omitempty"` + // Tactics - The tactics of the alert rule template + Tactics *[]AttackTactic `json:"tactics,omitempty"` } // BasicSettings the Setting. @@ -10330,7 +3902,6 @@ type BasicSettings interface { // Settings the Setting. type Settings struct { - autorest.Response `json:"-"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name @@ -10423,23 +3994,6 @@ type SettingsKind struct { Kind SettingKind `json:"kind,omitempty"` } -// SettingsModel ... -type SettingsModel struct { - autorest.Response `json:"-"` - Value BasicSettings `json:"value,omitempty"` -} - -// UnmarshalJSON is the custom unmarshaler for SettingsModel struct. -func (sm *SettingsModel) UnmarshalJSON(body []byte) error { - s, err := unmarshalBasicSettings(body) - if err != nil { - return err - } - sm.Value = s - - return nil -} - // ThreatIntelligence threatIntelligence property bag. type ThreatIntelligence struct { // Confidence - READ-ONLY; Confidence (must be between 0 and 1) @@ -10456,12 +4010,6 @@ type ThreatIntelligence struct { ThreatType *string `json:"threatType,omitempty"` } -// TICheckRequirements TI (Threat Intelligence) requirements check properties. -type TICheckRequirements struct { - // TenantID - The tenant id to connect to, and get the data from. - TenantID *string `json:"tenantId,omitempty"` -} - // TIDataConnector represents threat intelligence data connector. type TIDataConnector struct { // TIDataConnectorProperties - TI (Threat Intelligence) data connector properties. @@ -10891,199 +4439,6 @@ type UebaSettingsProperties struct { StatusInMcas StatusInMcas `json:"statusInMcas,omitempty"` } -// URLEntity represents a url entity. -type URLEntity struct { - // URLEntityProperties - Url entity properties - *URLEntityProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Azure resource Id - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Azure resource name - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Azure resource type - Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindAzureResource', 'KindCloudApplication', 'KindDNSResolution', 'KindFile', 'KindFileHash', 'KindHost', 'KindIP', 'KindMalware', 'KindProcess', 'KindRegistryKey', 'KindRegistryValue', 'KindSecurityAlert', 'KindSecurityGroup', 'KindURL', 'KindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` -} - -// MarshalJSON is the custom marshaler for URLEntity. -func (ue URLEntity) MarshalJSON() ([]byte, error) { - ue.Kind = KindURL - objectMap := make(map[string]interface{}) - if ue.URLEntityProperties != nil { - objectMap["properties"] = ue.URLEntityProperties - } - if ue.Kind != "" { - objectMap["kind"] = ue.Kind - } - return json.Marshal(objectMap) -} - -// AsAccountEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false -} - -// AsAzureResourceEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false -} - -// AsCloudApplicationEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false -} - -// AsDNSEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsDNSEntity() (*DNSEntity, bool) { - return nil, false -} - -// AsFileEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsFileEntity() (*FileEntity, bool) { - return nil, false -} - -// AsFileHashEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsFileHashEntity() (*FileHashEntity, bool) { - return nil, false -} - -// AsHostEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsHostEntity() (*HostEntity, bool) { - return nil, false -} - -// AsIPEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsIPEntity() (*IPEntity, bool) { - return nil, false -} - -// AsMalwareEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsMalwareEntity() (*MalwareEntity, bool) { - return nil, false -} - -// AsProcessEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsProcessEntity() (*ProcessEntity, bool) { - return nil, false -} - -// AsRegistryKeyEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return nil, false -} - -// AsRegistryValueEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { - return nil, false -} - -// AsSecurityAlert is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsSecurityAlert() (*SecurityAlert, bool) { - return nil, false -} - -// AsSecurityGroupEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { - return nil, false -} - -// AsURLEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsURLEntity() (*URLEntity, bool) { - return &ue, true -} - -// AsIoTDeviceEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { - return nil, false -} - -// AsEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsEntity() (*Entity, bool) { - return nil, false -} - -// AsBasicEntity is the BasicEntity implementation for URLEntity. -func (ue URLEntity) AsBasicEntity() (BasicEntity, bool) { - return &ue, true -} - -// UnmarshalJSON is the custom unmarshaler for URLEntity struct. -func (ue *URLEntity) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var URLEntityProperties URLEntityProperties - err = json.Unmarshal(*v, &URLEntityProperties) - if err != nil { - return err - } - ue.URLEntityProperties = &URLEntityProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - ue.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - ue.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - ue.Type = &typeVar - } - case "kind": - if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) - if err != nil { - return err - } - ue.Kind = kind - } - } - } - - return nil -} - -// URLEntityProperties url entity property bag. -type URLEntityProperties struct { - // URL - READ-ONLY; A full URL the entity points to - URL *string `json:"url,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` -} - -// MarshalJSON is the custom marshaler for URLEntityProperties. -func (uep URLEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) -} - // UserInfo user information that made some action type UserInfo struct { // Email - READ-ONLY; The email of the user. diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/officeconsents.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/officeconsents.go deleted file mode 100644 index a61d046d56f7..000000000000 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/officeconsents.go +++ /dev/null @@ -1,366 +0,0 @@ -package securityinsight - -// Copyright (c) Microsoft and contributors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// -// See the License for the specific language governing permissions and -// limitations under the License. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/validation" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// OfficeConsentsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider -type OfficeConsentsClient struct { - BaseClient -} - -// NewOfficeConsentsClient creates an instance of the OfficeConsentsClient client. -func NewOfficeConsentsClient(subscriptionID string) OfficeConsentsClient { - return NewOfficeConsentsClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewOfficeConsentsClientWithBaseURI creates an instance of the OfficeConsentsClient client using a custom endpoint. -// Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). -func NewOfficeConsentsClientWithBaseURI(baseURI string, subscriptionID string) OfficeConsentsClient { - return OfficeConsentsClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// Delete delete the office365 consent. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// consentID - consent ID -func (client OfficeConsentsClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, consentID string) (result autorest.Response, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/OfficeConsentsClient.Delete") - defer func() { - sc := -1 - if result.Response != nil { - sc = result.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.OfficeConsentsClient", "Delete", err.Error()) - } - - req, err := client.DeletePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, consentID) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.OfficeConsentsClient", "Delete", nil, "Failure preparing request") - return - } - - resp, err := client.DeleteSender(req) - if err != nil { - result.Response = resp - err = autorest.NewErrorWithError(err, "securityinsight.OfficeConsentsClient", "Delete", resp, "Failure sending request") - return - } - - result, err = client.DeleteResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.OfficeConsentsClient", "Delete", resp, "Failure responding to request") - } - - return -} - -// DeletePreparer prepares the Delete request. -func (client OfficeConsentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, consentID string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "consentId": autorest.Encode("path", consentID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsDelete(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/officeConsents/{consentId}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// DeleteSender sends the Delete request. The method will close the -// http.Response Body if it receives an error. -func (client OfficeConsentsClient) DeleteSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// DeleteResponder handles the response to the Delete request. The method always -// closes the http.Response Body. -func (client OfficeConsentsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), - autorest.ByClosing()) - result.Response = resp - return -} - -// Get gets an office365 consent. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// consentID - consent ID -func (client OfficeConsentsClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, consentID string) (result OfficeConsent, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/OfficeConsentsClient.Get") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.OfficeConsentsClient", "Get", err.Error()) - } - - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, consentID) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.OfficeConsentsClient", "Get", nil, "Failure preparing request") - return - } - - resp, err := client.GetSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.OfficeConsentsClient", "Get", resp, "Failure sending request") - return - } - - result, err = client.GetResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.OfficeConsentsClient", "Get", resp, "Failure responding to request") - } - - return -} - -// GetPreparer prepares the Get request. -func (client OfficeConsentsClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, consentID string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "consentId": autorest.Encode("path", consentID), - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/officeConsents/{consentId}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetSender sends the Get request. The method will close the -// http.Response Body if it receives an error. -func (client OfficeConsentsClient) GetSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// GetResponder handles the response to the Get request. The method always -// closes the http.Response Body. -func (client OfficeConsentsClient) GetResponder(resp *http.Response) (result OfficeConsent, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// List gets all office365 consents. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -func (client OfficeConsentsClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result OfficeConsentListPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/OfficeConsentsClient.List") - defer func() { - sc := -1 - if result.ocl.Response.Response != nil { - sc = result.ocl.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.OfficeConsentsClient", "List", err.Error()) - } - - result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.OfficeConsentsClient", "List", nil, "Failure preparing request") - return - } - - resp, err := client.ListSender(req) - if err != nil { - result.ocl.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.OfficeConsentsClient", "List", resp, "Failure sending request") - return - } - - result.ocl, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.OfficeConsentsClient", "List", resp, "Failure responding to request") - } - - return -} - -// ListPreparer prepares the List request. -func (client OfficeConsentsClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/officeConsents", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListSender sends the List request. The method will close the -// http.Response Body if it receives an error. -func (client OfficeConsentsClient) ListSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// ListResponder handles the response to the List request. The method always -// closes the http.Response Body. -func (client OfficeConsentsClient) ListResponder(resp *http.Response) (result OfficeConsentList, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listNextResults retrieves the next set of results, if any. -func (client OfficeConsentsClient) listNextResults(ctx context.Context, lastResults OfficeConsentList) (result OfficeConsentList, err error) { - req, err := lastResults.officeConsentListPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "securityinsight.OfficeConsentsClient", "listNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "securityinsight.OfficeConsentsClient", "listNextResults", resp, "Failure sending next results request") - } - result, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.OfficeConsentsClient", "listNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client OfficeConsentsClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result OfficeConsentListIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/OfficeConsentsClient.List") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName) - return -} diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/operations.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/operations.go index 0d1667bade73..39c94464e8ae 100644 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/operations.go +++ b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/operations.go @@ -77,7 +77,7 @@ func (client OperationsClient) List(ctx context.Context) (result OperationsListP // ListPreparer prepares the List request. func (client OperationsClient) ListPreparer(ctx context.Context) (*http.Request, error) { - const APIVersion = "2019-01-01-preview" + const APIVersion = "2020-01-01" queryParameters := map[string]interface{}{ "api-version": APIVersion, } @@ -93,8 +93,7 @@ func (client OperationsClient) ListPreparer(ctx context.Context) (*http.Request, // ListSender sends the List request. The method will close the // http.Response Body if it receives an error. func (client OperationsClient) ListSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...)) - return autorest.SendWithSender(client, req, sd...) + return client.Send(req, autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...)) } // ListResponder handles the response to the List request. The method always diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/productsettings.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/productsettings.go deleted file mode 100644 index 52a40ad1a5d2..000000000000 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/productsettings.go +++ /dev/null @@ -1,238 +0,0 @@ -package securityinsight - -// Copyright (c) Microsoft and contributors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// -// See the License for the specific language governing permissions and -// limitations under the License. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/validation" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// ProductSettingsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider -type ProductSettingsClient struct { - BaseClient -} - -// NewProductSettingsClient creates an instance of the ProductSettingsClient client. -func NewProductSettingsClient(subscriptionID string) ProductSettingsClient { - return NewProductSettingsClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewProductSettingsClientWithBaseURI creates an instance of the ProductSettingsClient client using a custom endpoint. -// Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). -func NewProductSettingsClientWithBaseURI(baseURI string, subscriptionID string) ProductSettingsClient { - return ProductSettingsClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// Get gets a setting. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// settingsName - the setting name. Supports- Fusion, UEBA -func (client ProductSettingsClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, settingsName string) (result SettingsModel, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/ProductSettingsClient.Get") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.ProductSettingsClient", "Get", err.Error()) - } - - req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, settingsName) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.ProductSettingsClient", "Get", nil, "Failure preparing request") - return - } - - resp, err := client.GetSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.ProductSettingsClient", "Get", resp, "Failure sending request") - return - } - - result, err = client.GetResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.ProductSettingsClient", "Get", resp, "Failure responding to request") - } - - return -} - -// GetPreparer prepares the Get request. -func (client ProductSettingsClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, settingsName string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "settingsName": autorest.Encode("path", settingsName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings/{settingsName}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetSender sends the Get request. The method will close the -// http.Response Body if it receives an error. -func (client ProductSettingsClient) GetSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// GetResponder handles the response to the Get request. The method always -// closes the http.Response Body. -func (client ProductSettingsClient) GetResponder(resp *http.Response) (result SettingsModel, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// Update updates the setting. -// Parameters: -// resourceGroupName - the name of the resource group within the user's subscription. The name is case -// insensitive. -// operationalInsightsResourceProvider - the namespace of workspaces resource provider- -// Microsoft.OperationalInsights. -// workspaceName - the name of the workspace. -// settingsName - the setting name. Supports- Fusion, UEBA -// settings - the setting -func (client ProductSettingsClient) Update(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, settingsName string, settings BasicSettings) (result SettingsModel, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/ProductSettingsClient.Update") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - if err := validation.Validate([]validation.Validation{ - {TargetValue: client.SubscriptionID, - Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, - {TargetValue: resourceGroupName, - Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, - {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, - {TargetValue: workspaceName, - Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, - {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { - return result, validation.NewError("securityinsight.ProductSettingsClient", "Update", err.Error()) - } - - req, err := client.UpdatePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, settingsName, settings) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.ProductSettingsClient", "Update", nil, "Failure preparing request") - return - } - - resp, err := client.UpdateSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "securityinsight.ProductSettingsClient", "Update", resp, "Failure sending request") - return - } - - result, err = client.UpdateResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "securityinsight.ProductSettingsClient", "Update", resp, "Failure responding to request") - } - - return -} - -// UpdatePreparer prepares the Update request. -func (client ProductSettingsClient) UpdatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, settingsName string, settings BasicSettings) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "settingsName": autorest.Encode("path", settingsName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "workspaceName": autorest.Encode("path", workspaceName), - } - - const APIVersion = "2019-01-01-preview" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPut(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings/{settingsName}", pathParameters), - autorest.WithJSON(settings), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// UpdateSender sends the Update request. The method will close the -// http.Response Body if it receives an error. -func (client ProductSettingsClient) UpdateSender(req *http.Request) (*http.Response, error) { - sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) - return autorest.SendWithSender(client, req, sd...) -} - -// UpdateResponder handles the response to the Update request. The method always -// closes the http.Response Body. -func (client ProductSettingsClient) UpdateResponder(resp *http.Response) (result SettingsModel, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/securityinsightapi/interfaces.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/securityinsightapi/interfaces.go index 374637a85817..5801614599ff 100644 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/securityinsightapi/interfaces.go +++ b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/securityinsightapi/interfaces.go @@ -23,13 +23,6 @@ import ( "github.com/Azure/go-autorest/autorest" ) -// BaseClientAPI contains the set of methods on the BaseClient type. -type BaseClientAPI interface { - ListDataConnectorRequirements(ctx context.Context, resourceGroupName string, workspaceName string, operationalInsightsResourceProvider string, dataConnectorsCheckRequirements securityinsight.DataConnectorsCheckRequirements) (result securityinsight.DataConnectorRequirementsState, err error) -} - -var _ BaseClientAPI = (*securityinsight.BaseClient)(nil) - // OperationsClientAPI contains the set of methods on the OperationsClient type. type OperationsClientAPI interface { List(ctx context.Context) (result securityinsight.OperationsListPage, err error) @@ -40,146 +33,33 @@ var _ OperationsClientAPI = (*securityinsight.OperationsClient)(nil) // AlertRulesClientAPI contains the set of methods on the AlertRulesClient type. type AlertRulesClientAPI interface { - CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, alertRule securityinsight.BasicAlertRule) (result securityinsight.AlertRuleModel, err error) - CreateOrUpdateAction(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, actionID string, action securityinsight.ActionRequest) (result securityinsight.ActionResponse, err error) - Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (result autorest.Response, err error) - DeleteAction(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, actionID string) (result autorest.Response, err error) - Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (result securityinsight.AlertRuleModel, err error) - GetAction(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string, actionID string) (result securityinsight.ActionResponse, err error) - List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result securityinsight.AlertRulesListPage, err error) - ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result securityinsight.AlertRulesListIterator, err error) + CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, alertRule securityinsight.BasicAlertRule) (result securityinsight.AlertRuleModel, err error) + CreateOrUpdateAction(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string, action securityinsight.ActionRequest) (result securityinsight.ActionResponse, err error) + Delete(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (result autorest.Response, err error) + DeleteAction(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string) (result autorest.Response, err error) + Get(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (result securityinsight.AlertRuleModel, err error) + GetAction(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string, actionID string) (result securityinsight.ActionResponse, err error) + List(ctx context.Context, resourceGroupName string, workspaceName string) (result securityinsight.AlertRulesListPage, err error) + ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result securityinsight.AlertRulesListIterator, err error) } var _ AlertRulesClientAPI = (*securityinsight.AlertRulesClient)(nil) // ActionsClientAPI contains the set of methods on the ActionsClient type. type ActionsClientAPI interface { - ListByAlertRule(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (result securityinsight.ActionsListPage, err error) - ListByAlertRuleComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, ruleID string) (result securityinsight.ActionsListIterator, err error) + ListByAlertRule(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (result securityinsight.ActionsListPage, err error) + ListByAlertRuleComplete(ctx context.Context, resourceGroupName string, workspaceName string, ruleID string) (result securityinsight.ActionsListIterator, err error) } var _ ActionsClientAPI = (*securityinsight.ActionsClient)(nil) -// AlertRuleTemplatesClientAPI contains the set of methods on the AlertRuleTemplatesClient type. -type AlertRuleTemplatesClientAPI interface { - Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, alertRuleTemplateID string) (result securityinsight.AlertRuleTemplateModel, err error) - List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result securityinsight.AlertRuleTemplatesListPage, err error) - ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result securityinsight.AlertRuleTemplatesListIterator, err error) -} - -var _ AlertRuleTemplatesClientAPI = (*securityinsight.AlertRuleTemplatesClient)(nil) - -// CasesClientAPI contains the set of methods on the CasesClient type. -type CasesClientAPI interface { - CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, caseParameter securityinsight.Case) (result securityinsight.Case, err error) - Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string) (result autorest.Response, err error) - Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string) (result securityinsight.Case, err error) - GetComment(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, caseCommentID string) (result securityinsight.CaseComment, err error) - List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result securityinsight.CaseListPage, err error) - ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result securityinsight.CaseListIterator, err error) -} - -var _ CasesClientAPI = (*securityinsight.CasesClient)(nil) - -// CommentsClientAPI contains the set of methods on the CommentsClient type. -type CommentsClientAPI interface { - ListByCase(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, filter string, orderby string, top *int32, skipToken string) (result securityinsight.CaseCommentListPage, err error) - ListByCaseComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, filter string, orderby string, top *int32, skipToken string) (result securityinsight.CaseCommentListIterator, err error) -} - -var _ CommentsClientAPI = (*securityinsight.CommentsClient)(nil) - -// CaseCommentsClientAPI contains the set of methods on the CaseCommentsClient type. -type CaseCommentsClientAPI interface { - CreateComment(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, caseCommentID string, caseComment securityinsight.CaseComment) (result securityinsight.CaseComment, err error) -} - -var _ CaseCommentsClientAPI = (*securityinsight.CaseCommentsClient)(nil) - -// BookmarksClientAPI contains the set of methods on the BookmarksClient type. -type BookmarksClientAPI interface { - CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, bookmark securityinsight.Bookmark) (result securityinsight.Bookmark, err error) - Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string) (result autorest.Response, err error) - Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string) (result securityinsight.Bookmark, err error) - List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result securityinsight.BookmarkListPage, err error) - ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result securityinsight.BookmarkListIterator, err error) -} - -var _ BookmarksClientAPI = (*securityinsight.BookmarksClient)(nil) - -// CaseRelationsClientAPI contains the set of methods on the CaseRelationsClient type. -type CaseRelationsClientAPI interface { - CreateOrUpdateRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, relationName string, relationInputModel securityinsight.RelationsModelInput) (result securityinsight.CaseRelation, err error) - DeleteRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, relationName string) (result autorest.Response, err error) - GetRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, relationName string) (result securityinsight.CaseRelation, err error) - List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, filter string, orderby string, top *int32, skipToken string) (result securityinsight.CaseRelationListPage, err error) - ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, caseID string, filter string, orderby string, top *int32, skipToken string) (result securityinsight.CaseRelationListIterator, err error) -} - -var _ CaseRelationsClientAPI = (*securityinsight.CaseRelationsClient)(nil) - -// BookmarkRelationsClientAPI contains the set of methods on the BookmarkRelationsClient type. -type BookmarkRelationsClientAPI interface { - CreateOrUpdateRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, relationName string, relationInputModel securityinsight.RelationsModelInput) (result securityinsight.BookmarkRelation, err error) - DeleteRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, relationName string) (result autorest.Response, err error) - GetRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, relationName string) (result securityinsight.BookmarkRelation, err error) - List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, filter string, orderby string, top *int32, skipToken string) (result securityinsight.BookmarkRelationListPage, err error) - ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, bookmarkID string, filter string, orderby string, top *int32, skipToken string) (result securityinsight.BookmarkRelationListIterator, err error) -} - -var _ BookmarkRelationsClientAPI = (*securityinsight.BookmarkRelationsClient)(nil) - // DataConnectorsClientAPI contains the set of methods on the DataConnectorsClient type. type DataConnectorsClientAPI interface { - CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, dataConnectorID string, dataConnector securityinsight.BasicDataConnector) (result securityinsight.DataConnectorModel, err error) - Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, dataConnectorID string) (result autorest.Response, err error) - Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, dataConnectorID string) (result securityinsight.DataConnectorModel, err error) - List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result securityinsight.DataConnectorListPage, err error) - ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result securityinsight.DataConnectorListIterator, err error) + CreateOrUpdate(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string, dataConnector securityinsight.BasicDataConnector) (result securityinsight.DataConnectorModel, err error) + Delete(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (result autorest.Response, err error) + Get(ctx context.Context, resourceGroupName string, workspaceName string, dataConnectorID string) (result securityinsight.DataConnectorModel, err error) + List(ctx context.Context, resourceGroupName string, workspaceName string) (result securityinsight.DataConnectorListPage, err error) + ListComplete(ctx context.Context, resourceGroupName string, workspaceName string) (result securityinsight.DataConnectorListIterator, err error) } var _ DataConnectorsClientAPI = (*securityinsight.DataConnectorsClient)(nil) - -// EntitiesClientAPI contains the set of methods on the EntitiesClient type. -type EntitiesClientAPI interface { - Expand(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, parameters securityinsight.EntityExpandParameters) (result securityinsight.EntityExpandResponse, err error) - Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string) (result securityinsight.EntityModel, err error) - List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result securityinsight.EntityListPage, err error) - ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result securityinsight.EntityListIterator, err error) -} - -var _ EntitiesClientAPI = (*securityinsight.EntitiesClient)(nil) - -// OfficeConsentsClientAPI contains the set of methods on the OfficeConsentsClient type. -type OfficeConsentsClientAPI interface { - Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, consentID string) (result autorest.Response, err error) - Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, consentID string) (result securityinsight.OfficeConsent, err error) - List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result securityinsight.OfficeConsentListPage, err error) - ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result securityinsight.OfficeConsentListIterator, err error) -} - -var _ OfficeConsentsClientAPI = (*securityinsight.OfficeConsentsClient)(nil) - -// ProductSettingsClientAPI contains the set of methods on the ProductSettingsClient type. -type ProductSettingsClientAPI interface { - Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, settingsName string) (result securityinsight.SettingsModel, err error) - Update(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, settingsName string, settings securityinsight.BasicSettings) (result securityinsight.SettingsModel, err error) -} - -var _ ProductSettingsClientAPI = (*securityinsight.ProductSettingsClient)(nil) - -// CasesAggregationsClientAPI contains the set of methods on the CasesAggregationsClient type. -type CasesAggregationsClientAPI interface { - Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, aggregationsName string) (result securityinsight.AggregationsModel, err error) -} - -var _ CasesAggregationsClientAPI = (*securityinsight.CasesAggregationsClient)(nil) - -// EntityQueriesClientAPI contains the set of methods on the EntityQueriesClient type. -type EntityQueriesClientAPI interface { - Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityQueryID string) (result securityinsight.EntityQuery, err error) - List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result securityinsight.EntityQueryListPage, err error) - ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string) (result securityinsight.EntityQueryListIterator, err error) -} - -var _ EntityQueriesClientAPI = (*securityinsight.EntityQueriesClient)(nil) diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/version.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/version.go index 78e3f935413c..3fb54aeb4f55 100644 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/version.go +++ b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/version.go @@ -21,7 +21,7 @@ import "github.com/Azure/azure-sdk-for-go/version" // UserAgent returns the UserAgent string to use when sending http.Requests. func UserAgent() string { - return "Azure-SDK-For-Go/" + version.Number + " securityinsight/2019-01-01-preview" + return "Azure-SDK-For-Go/" + version.Number + " securityinsight/2020-01-01" } // Version returns the semantic version (see http://semver.org) of the client.