diff --git a/sdk/securityinsight/arm-securityinsight/LICENSE.txt b/sdk/securityinsight/arm-securityinsight/LICENSE.txt new file mode 100644 index 000000000000..2d3163745319 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/LICENSE.txt @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2021 Microsoft + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/sdk/securityinsight/arm-securityinsight/README.md b/sdk/securityinsight/arm-securityinsight/README.md new file mode 100644 index 000000000000..e8762d11ca35 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/README.md @@ -0,0 +1,112 @@ +## Azure SecurityInsights SDK for JavaScript + +This package contains an isomorphic SDK (runs both in node.js and in browsers) for SecurityInsights. + +### Currently supported environments + +- [LTS versions of Node.js](https://nodejs.org/about/releases/) +- Latest versions of Safari, Chrome, Edge and Firefox. + +### Prerequisites + +You must have an [Azure subscription](https://azure.microsoft.com/free/). + +### How to install + +To use this SDK in your project, you will need to install two packages. +- `@azure/arm-securityinsight` that contains the client. +- `@azure/identity` that provides different mechanisms for the client to authenticate your requests using Azure Active Directory. + +Install both packages using the below command: +```bash +npm install --save @azure/arm-securityinsight @azure/identity +``` +> **Note**: You may have used either `@azure/ms-rest-nodeauth` or `@azure/ms-rest-browserauth` in the past. These packages are in maintenance mode receiving critical bug fixes, but no new features. +If you are on a [Node.js that has LTS status](https://nodejs.org/about/releases/), or are writing a client side browser application, we strongly encourage you to upgrade to `@azure/identity` which uses the latest versions of Azure Active Directory and MSAL APIs and provides more authentication options. + +### How to use + +- If you are writing a client side browser application, + - Follow the instructions in the section on Authenticating client side browser applications in [Azure Identity examples](https://aka.ms/azsdk/js/identity/examples) to register your application in the Microsoft identity platform and set the right permissions. + - Copy the client ID and tenant ID from the Overview section of your app registration in Azure portal and use it in the browser sample below. +- If you are writing a server side application, + - [Select a credential from `@azure/identity` based on the authentication method of your choice](https://aka.ms/azsdk/js/identity/examples) + - Complete the set up steps required by the credential if any. + - Use the credential you picked in the place of `DefaultAzureCredential` in the Node.js sample below. + +In the below samples, we pass the credential and the Azure subscription id to instantiate the client. +Once the client is created, explore the operations on it either in your favorite editor or in our [API reference documentation](https://docs.microsoft.com/javascript/api) to get started. +#### nodejs - Authentication, client creation, and list alertRules as an example written in JavaScript. + +##### Sample code + +```javascript +const { DefaultAzureCredential } = require("@azure/identity"); +const { SecurityInsights } = require("@azure/arm-securityinsight"); +const subscriptionId = process.env["AZURE_SUBSCRIPTION_ID"]; + +// Use `DefaultAzureCredential` or any other credential of your choice based on https://aka.ms/azsdk/js/identity/examples +// Please note that you can also use credentials from the `@azure/ms-rest-nodeauth` package instead. +const creds = new DefaultAzureCredential(); +const client = new SecurityInsights(creds, subscriptionId); +const resourceGroupName = "testresourceGroupName"; +const operationalInsightsResourceProvider = "testoperationalInsightsResourceProvider"; +const workspaceName = "testworkspaceName"; +client.alertRules.list(resourceGroupName, operationalInsightsResourceProvider, workspaceName).then((result) => { + console.log("The result is:"); + console.log(result); +}).catch((err) => { + console.log("An error occurred:"); + console.error(err); +}); +``` + +#### browser - Authentication, client creation, and list alertRules as an example written in JavaScript. + +In browser applications, we recommend using the `InteractiveBrowserCredential` that interactively authenticates using the default system browser. + - See [Single-page application: App registration guide](https://docs.microsoft.com/azure/active-directory/develop/scenario-spa-app-registration) to configure your app registration for the browser. + - Note down the client Id from the previous step and use it in the browser sample below. + +##### Sample code + +- index.html + +```html + + + + @azure/arm-securityinsight sample + + + + + + + +``` + +## Related projects + +- [Microsoft Azure SDK for Javascript](https://github.com/Azure/azure-sdk-for-js) + +![Impressions](https://azure-sdk-impressions.azurewebsites.net/api/impressions/azure-sdk-for-js/sdk/securityinsight/arm-securityinsight/README.png) diff --git a/sdk/securityinsight/arm-securityinsight/package.json b/sdk/securityinsight/arm-securityinsight/package.json new file mode 100644 index 000000000000..0477c570a3b6 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/package.json @@ -0,0 +1,59 @@ +{ + "name": "@azure/arm-securityinsight", + "author": "Microsoft Corporation", + "description": "SecurityInsights Library with typescript type definitions for node.js and browser.", + "version": "1.0.0", + "dependencies": { + "@azure/ms-rest-azure-js": "^2.1.0", + "@azure/ms-rest-js": "^2.2.0", + "@azure/core-auth": "^1.1.4", + "tslib": "^1.10.0" + }, + "keywords": [ + "node", + "azure", + "typescript", + "browser", + "isomorphic" + ], + "license": "MIT", + "main": "./dist/arm-securityinsight.js", + "module": "./esm/securityInsights.js", + "types": "./esm/securityInsights.d.ts", + "devDependencies": { + "typescript": "^3.6.0", + "rollup": "^1.18.0", + "rollup-plugin-node-resolve": "^5.2.0", + "rollup-plugin-sourcemaps": "^0.4.2", + "uglify-js": "^3.6.0" + }, + "homepage": "https://github.com/Azure/azure-sdk-for-js/tree/master/sdk/securityinsight/arm-securityinsight", + "repository": { + "type": "git", + "url": "https://github.com/Azure/azure-sdk-for-js.git" + }, + "bugs": { + "url": "https://github.com/Azure/azure-sdk-for-js/issues" + }, + "files": [ + "dist/**/*.js", + "dist/**/*.js.map", + "dist/**/*.d.ts", + "dist/**/*.d.ts.map", + "esm/**/*.js", + "esm/**/*.js.map", + "esm/**/*.d.ts", + "esm/**/*.d.ts.map", + "src/**/*.ts", + "README.md", + "rollup.config.js", + "tsconfig.json" + ], + "scripts": { + "build": "tsc && rollup -c rollup.config.js && npm run minify", + "minify": "uglifyjs -c -m --comments --source-map \"content='./dist/arm-securityinsight.js.map'\" -o ./dist/arm-securityinsight.min.js ./dist/arm-securityinsight.js", + "prepack": "npm install && npm run build" + }, + "sideEffects": false, + "autoPublish": true +} diff --git a/sdk/securityinsight/arm-securityinsight/rollup.config.js b/sdk/securityinsight/arm-securityinsight/rollup.config.js new file mode 100644 index 000000000000..276048058dba --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/rollup.config.js @@ -0,0 +1,37 @@ +import rollup from "rollup"; +import nodeResolve from "rollup-plugin-node-resolve"; +import sourcemaps from "rollup-plugin-sourcemaps"; + +/** + * @type {rollup.RollupFileOptions} + */ +const config = { + input: "./esm/securityInsights.js", + external: [ + "@azure/ms-rest-js", + "@azure/ms-rest-azure-js" + ], + output: { + file: "./dist/arm-securityinsight.js", + format: "umd", + name: "Azure.ArmSecurityinsight", + sourcemap: true, + globals: { + "@azure/ms-rest-js": "msRest", + "@azure/ms-rest-azure-js": "msRestAzure" + }, + banner: `/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */` + }, + plugins: [ + nodeResolve({ mainFields: ['module', 'main'] }), + sourcemaps() + ] +}; + +export default config; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/actionsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/actionsMappers.ts new file mode 100644 index 000000000000..a91914d637b3 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/actionsMappers.ts @@ -0,0 +1,178 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActionsList, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/alertRuleTemplatesMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/alertRuleTemplatesMappers.ts new file mode 100644 index 000000000000..5cc89617b45d --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/alertRuleTemplatesMappers.ts @@ -0,0 +1,178 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertRuleTemplatesList, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/alertRulesMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/alertRulesMappers.ts new file mode 100644 index 000000000000..b9e2e5a5bad6 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/alertRulesMappers.ts @@ -0,0 +1,178 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRulesList, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/automationRulesMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/automationRulesMappers.ts new file mode 100644 index 000000000000..50f5280d1990 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/automationRulesMappers.ts @@ -0,0 +1,178 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRulesList, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/bookmarkOperationsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/bookmarkOperationsMappers.ts new file mode 100644 index 000000000000..5fa796235e2d --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/bookmarkOperationsMappers.ts @@ -0,0 +1,183 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + BookmarkExpandParameters, + BookmarkExpandResponse, + BookmarkExpandResponseValue, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectedEntity, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + ExpansionResultAggregation, + ExpansionResultsMetadata, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/bookmarkRelationsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/bookmarkRelationsMappers.ts new file mode 100644 index 000000000000..45e33895b762 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/bookmarkRelationsMappers.ts @@ -0,0 +1,178 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + RelationList, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/bookmarksMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/bookmarksMappers.ts new file mode 100644 index 000000000000..d80928906614 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/bookmarksMappers.ts @@ -0,0 +1,178 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + BookmarkList, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/dataConnectorsCheckRequirementsOperationsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/dataConnectorsCheckRequirementsOperationsMappers.ts new file mode 100644 index 000000000000..35f28e40126d --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/dataConnectorsCheckRequirementsOperationsMappers.ts @@ -0,0 +1,29 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADCheckRequirements, + AATPCheckRequirements, + ASCCheckRequirements, + AwsCloudTrailCheckRequirements, + AwsS3CheckRequirements, + DataConnectorRequirementsState, + DataConnectorsCheckRequirements, + Dynamics365CheckRequirements, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + MCASCheckRequirements, + MDATPCheckRequirements, + MSTICheckRequirements, + MtpCheckRequirements, + OfficeATPCheckRequirements, + TICheckRequirements, + TiTaxiiCheckRequirements +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/dataConnectorsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/dataConnectorsMappers.ts new file mode 100644 index 000000000000..b63fee492f56 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/dataConnectorsMappers.ts @@ -0,0 +1,178 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataConnectorList, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/domainWhoisMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/domainWhoisMappers.ts new file mode 100644 index 000000000000..884fae4a3993 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/domainWhoisMappers.ts @@ -0,0 +1,19 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + EnrichmentDomainWhois, + EnrichmentDomainWhoisContact, + EnrichmentDomainWhoisContacts, + EnrichmentDomainWhoisDetails, + EnrichmentDomainWhoisRegistrarDetails, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/entitiesGetTimelineMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/entitiesGetTimelineMappers.ts new file mode 100644 index 000000000000..df0c4713b07b --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/entitiesGetTimelineMappers.ts @@ -0,0 +1,24 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + ActivityTimelineItem, + BookmarkTimelineItem, + EntityTimelineItem, + EntityTimelineParameters, + EntityTimelineResponse, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + SecurityAlertTimelineItem, + TimelineAggregation, + TimelineError, + TimelineResultsMetadata, + UserInfo +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/entitiesMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/entitiesMappers.ts new file mode 100644 index 000000000000..f94010dc3894 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/entitiesMappers.ts @@ -0,0 +1,205 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityEdges, + EntityExpandParameters, + EntityExpandResponse, + EntityExpandResponseValue, + EntityGetInsightsParameters, + EntityGetInsightsResponse, + EntityInsightItem, + EntityInsightItemQueryTimeInterval, + EntityList, + EntityMapping, + EntityQuery, + EntityQueryItem, + EntityQueryItemProperties, + EntityQueryItemPropertiesDataTypesItem, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + ExpansionResultAggregation, + ExpansionResultsMetadata, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GetInsightsError, + GetInsightsResultsMetadata, + GetQueriesResponse, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InsightQueryItem, + InsightQueryItemProperties, + InsightQueryItemPropertiesAdditionalQuery, + InsightQueryItemPropertiesDefaultTimeRange, + InsightQueryItemPropertiesReferenceTimeRange, + InsightQueryItemPropertiesTableQuery, + InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem, + InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem, + InsightQueryItemPropertiesTableQueryQueriesDefinitionsItemLinkColumnsDefinitionsItem, + InsightsTableResult, + InsightsTableResultColumnsItem, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/entitiesRelationsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/entitiesRelationsMappers.ts new file mode 100644 index 000000000000..45e33895b762 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/entitiesRelationsMappers.ts @@ -0,0 +1,178 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + RelationList, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/entityQueriesMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/entityQueriesMappers.ts new file mode 100644 index 000000000000..d73e7016af3f --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/entityQueriesMappers.ts @@ -0,0 +1,178 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryList, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/entityQueryTemplatesMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/entityQueryTemplatesMappers.ts new file mode 100644 index 000000000000..837fd14aa211 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/entityQueryTemplatesMappers.ts @@ -0,0 +1,178 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryTemplate, + EntityQueryTemplateList, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/entityRelationsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/entityRelationsMappers.ts new file mode 100644 index 000000000000..b4acc3d103bc --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/entityRelationsMappers.ts @@ -0,0 +1,177 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/iPGeodataMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/iPGeodataMappers.ts new file mode 100644 index 000000000000..df22f02a6efd --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/iPGeodataMappers.ts @@ -0,0 +1,15 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + EnrichmentIpGeodata, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/incidentCommentsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/incidentCommentsMappers.ts new file mode 100644 index 000000000000..214b7549db0a --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/incidentCommentsMappers.ts @@ -0,0 +1,178 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentCommentList, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/incidentRelationsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/incidentRelationsMappers.ts new file mode 100644 index 000000000000..45e33895b762 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/incidentRelationsMappers.ts @@ -0,0 +1,178 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + RelationList, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/incidentsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/incidentsMappers.ts new file mode 100644 index 000000000000..f182758560fb --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/incidentsMappers.ts @@ -0,0 +1,184 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentAlertList, + IncidentBookmarkList, + IncidentComment, + IncidentConfiguration, + IncidentEntitiesResponse, + IncidentEntitiesResultsMetadata, + IncidentInfo, + IncidentLabel, + IncidentList, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + TeamInformation, + TeamProperties, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/index.ts b/sdk/securityinsight/arm-securityinsight/src/models/index.ts new file mode 100644 index 000000000000..f6271aae6da1 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/index.ts @@ -0,0 +1,11627 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { BaseResource, CloudError, AzureServiceClientOptions } from "@azure/ms-rest-azure-js"; +import * as msRest from "@azure/ms-rest-js"; + +export { BaseResource, CloudError }; + +/** + * Common fields that are returned in the response for all Azure Resource Manager resources + * @summary Resource + */ +export interface Resource extends BaseResource { + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; +} + +/** + * An azure resource object with an Etag property + */ +export interface ResourceWithEtag extends Resource { + /** + * Etag of the azure resource + */ + etag?: string; +} + +/** + * Contains the possible cases for AlertRule. + */ +export type AlertRuleUnion = AlertRule | MLBehaviorAnalyticsAlertRule | FusionAlertRule | ThreatIntelligenceAlertRule | MicrosoftSecurityIncidentCreationAlertRule | ScheduledAlertRule | NrtAlertRule; + +/** + * Alert rule. + */ +export interface AlertRule { + /** + * Polymorphic Discriminator + */ + kind: "AlertRule"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; +} + +/** + * Contains the possible cases for AlertRuleTemplate. + */ +export type AlertRuleTemplateUnion = AlertRuleTemplate | MLBehaviorAnalyticsAlertRuleTemplate | FusionAlertRuleTemplate | ThreatIntelligenceAlertRuleTemplate | MicrosoftSecurityIncidentCreationAlertRuleTemplate | ScheduledAlertRuleTemplate | NrtAlertRuleTemplate; + +/** + * Alert rule template. + */ +export interface AlertRuleTemplate { + /** + * Polymorphic Discriminator + */ + kind: "AlertRuleTemplate"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; +} + +/** + * alert rule template data sources + */ +export interface AlertRuleTemplateDataSource { + /** + * The connector id that provides the following data types + */ + connectorId?: string; + /** + * The data types used by the alert rule template + */ + dataTypes?: string[]; +} + +/** + * Base alert rule template property bag. + */ +export interface AlertRuleTemplatePropertiesBase { + /** + * the number of alert rules that were created by this template + */ + alertRulesCreatedByTemplateCount?: number; + /** + * The last time that this alert rule template has been updated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly lastUpdatedDateUTC?: Date; + /** + * The time that this alert rule template has been added. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly createdDateUTC?: Date; + /** + * The description of the alert rule template. + */ + description?: string; + /** + * The display name for alert rule template. + */ + displayName?: string; + /** + * The required data sources for this template + */ + requiredDataConnectors?: AlertRuleTemplateDataSource[]; + /** + * The alert rule template status. Possible values include: 'Installed', 'Available', + * 'NotAvailable' + */ + status?: TemplateStatus; +} + +/** + * A single field mapping of the mapped entity + */ +export interface FieldMapping { + /** + * the V3 identifier of the entity + */ + identifier?: string; + /** + * the column name to be mapped to the identifier + */ + columnName?: string; +} + +/** + * Single entity mapping for the alert rule + */ +export interface EntityMapping { + /** + * Possible values include: 'Account', 'Host', 'IP', 'Malware', 'File', 'Process', + * 'CloudApplication', 'DNS', 'AzureResource', 'FileHash', 'RegistryKey', 'RegistryValue', + * 'SecurityGroup', 'URL', 'Mailbox', 'MailCluster', 'MailMessage', 'SubmissionMail' + */ + entityType?: EntityMappingType; + /** + * array of field mappings for the given entity mapping + */ + fieldMappings?: FieldMapping[]; +} + +/** + * Settings for how to dynamically override alert static details + */ +export interface AlertDetailsOverride { + /** + * the format containing columns name(s) to override the alert name + */ + alertDisplayNameFormat?: string; + /** + * the format containing columns name(s) to override the alert description + */ + alertDescriptionFormat?: string; + /** + * the column name to take the alert tactics from + */ + alertTacticsColumnName?: string; + /** + * the column name to take the alert severity from + */ + alertSeverityColumnName?: string; +} + +/** + * Query based alert rule template base property bag. + */ +export interface QueryBasedAlertRuleTemplateProperties { + /** + * The query that creates alerts for this rule. + */ + query?: string; + /** + * The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', + * 'Low', 'Informational' + */ + severity?: AlertSeverity; + /** + * The tactics of the alert rule + */ + tactics?: AttackTactic[]; + /** + * The version of this template - in format , where all are numbers. For example <1.0.2>. + */ + version?: string; + /** + * Dictionary of string key-value pairs of columns to be attached to the alert + */ + customDetails?: { [propertyName: string]: string }; + /** + * Array of the entity mappings of the alert rule + */ + entityMappings?: EntityMapping[]; + /** + * The alert details override settings + */ + alertDetailsOverride?: AlertDetailsOverride; +} + +/** + * Represents MLBehaviorAnalytics alert rule. + */ +export interface MLBehaviorAnalyticsAlertRule { + /** + * Polymorphic Discriminator + */ + kind: "MLBehaviorAnalytics"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The Name of the alert rule template used to create this rule. + */ + alertRuleTemplateName: string; + /** + * The description of the alert rule. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly description?: string; + /** + * The display name for alerts created by this alert rule. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly displayName?: string; + /** + * Determines whether this alert rule is enabled or disabled. + */ + enabled: boolean; + /** + * The last time that this alert rule has been modified. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly lastModifiedUtc?: Date; + /** + * The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', + * 'Low', 'Informational' + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly severity?: AlertSeverity; + /** + * The tactics of the alert rule + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly tactics?: AttackTactic[]; +} + +/** + * Represents MLBehaviorAnalytics alert rule template. + */ +export interface MLBehaviorAnalyticsAlertRuleTemplate { + /** + * Polymorphic Discriminator + */ + kind: "MLBehaviorAnalytics"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * the number of alert rules that were created by this template + */ + alertRulesCreatedByTemplateCount?: number; + /** + * The last time that this alert rule template has been updated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly lastUpdatedDateUTC?: Date; + /** + * The time that this alert rule template has been added. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly createdDateUTC?: Date; + /** + * The description of the alert rule template. + */ + description?: string; + /** + * The display name for alert rule template. + */ + displayName?: string; + /** + * The required data sources for this template + */ + requiredDataConnectors?: AlertRuleTemplateDataSource[]; + /** + * The alert rule template status. Possible values include: 'Installed', 'Available', + * 'NotAvailable' + */ + status?: TemplateStatus; + /** + * The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', + * 'Low', 'Informational' + */ + severity: AlertSeverity; + /** + * The tactics of the alert rule template. + */ + tactics?: AttackTactic[]; +} + +/** + * Represents Fusion alert rule. + */ +export interface FusionAlertRule { + /** + * Polymorphic Discriminator + */ + kind: "Fusion"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The Name of the alert rule template used to create this rule. + */ + alertRuleTemplateName: string; + /** + * The description of the alert rule. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly description?: string; + /** + * The display name for alerts created by this alert rule. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly displayName?: string; + /** + * Determines whether this alert rule is enabled or disabled. + */ + enabled: boolean; + /** + * The last time that this alert has been modified. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly lastModifiedUtc?: Date; + /** + * The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', + * 'Low', 'Informational' + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly severity?: AlertSeverity; + /** + * The tactics of the alert rule + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly tactics?: AttackTactic[]; +} + +/** + * Represents Fusion alert rule template. + */ +export interface FusionAlertRuleTemplate { + /** + * Polymorphic Discriminator + */ + kind: "Fusion"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * the number of alert rules that were created by this template + */ + alertRulesCreatedByTemplateCount?: number; + /** + * The last time that this alert rule template has been updated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly lastUpdatedDateUTC?: Date; + /** + * The time that this alert rule template has been added. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly createdDateUTC?: Date; + /** + * The description of the alert rule template. + */ + description?: string; + /** + * The display name for alert rule template. + */ + displayName?: string; + /** + * The required data sources for this template + */ + requiredDataConnectors?: AlertRuleTemplateDataSource[]; + /** + * The alert rule template status. Possible values include: 'Installed', 'Available', + * 'NotAvailable' + */ + status?: TemplateStatus; + /** + * The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', + * 'Low', 'Informational' + */ + severity: AlertSeverity; + /** + * The tactics of the alert rule template + */ + tactics?: AttackTactic[]; +} + +/** + * Represents Threat Intelligence alert rule. + */ +export interface ThreatIntelligenceAlertRule { + /** + * Polymorphic Discriminator + */ + kind: "ThreatIntelligence"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The Name of the alert rule template used to create this rule. + */ + alertRuleTemplateName: string; + /** + * The description of the alert rule. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly description?: string; + /** + * The display name for alerts created by this alert rule. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly displayName?: string; + /** + * Determines whether this alert rule is enabled or disabled. + */ + enabled: boolean; + /** + * The last time that this alert has been modified. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly lastModifiedUtc?: Date; + /** + * The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', + * 'Low', 'Informational' + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly severity?: AlertSeverity; + /** + * The tactics of the alert rule + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly tactics?: AttackTactic[]; +} + +/** + * Represents Threat Intelligence alert rule template. + */ +export interface ThreatIntelligenceAlertRuleTemplate { + /** + * Polymorphic Discriminator + */ + kind: "ThreatIntelligence"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * the number of alert rules that were created by this template + */ + alertRulesCreatedByTemplateCount?: number; + /** + * The last time that this alert rule template has been updated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly lastUpdatedDateUTC?: Date; + /** + * The time that this alert rule template has been added. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly createdDateUTC?: Date; + /** + * The description of the alert rule template. + */ + description?: string; + /** + * The display name for alert rule template. + */ + displayName?: string; + /** + * The required data sources for this template + */ + requiredDataConnectors?: AlertRuleTemplateDataSource[]; + /** + * The alert rule template status. Possible values include: 'Installed', 'Available', + * 'NotAvailable' + */ + status?: TemplateStatus; + /** + * The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', + * 'Low', 'Informational' + */ + severity: AlertSeverity; + /** + * The tactics of the alert rule template + */ + tactics?: AttackTactic[]; +} + +/** + * Represents MicrosoftSecurityIncidentCreation rule. + */ +export interface MicrosoftSecurityIncidentCreationAlertRule { + /** + * Polymorphic Discriminator + */ + kind: "MicrosoftSecurityIncidentCreation"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * the alerts' displayNames on which the cases will be generated + */ + displayNamesFilter?: string[]; + /** + * the alerts' displayNames on which the cases will not be generated + */ + displayNamesExcludeFilter?: string[]; + /** + * The alerts' productName on which the cases will be generated. Possible values include: + * 'Microsoft Cloud App Security', 'Azure Security Center', 'Azure Advanced Threat Protection', + * 'Azure Active Directory Identity Protection', 'Azure Security Center for IoT', 'Office 365 + * Advanced Threat Protection', 'Microsoft Defender Advanced Threat Protection' + */ + productFilter: MicrosoftSecurityProductName; + /** + * the alerts' severities on which the cases will be generated + */ + severitiesFilter?: AlertSeverity[]; + /** + * The Name of the alert rule template used to create this rule. + */ + alertRuleTemplateName?: string; + /** + * The description of the alert rule. + */ + description?: string; + /** + * The display name for alerts created by this alert rule. + */ + displayName: string; + /** + * Determines whether this alert rule is enabled or disabled. + */ + enabled: boolean; + /** + * The last time that this alert has been modified. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly lastModifiedUtc?: Date; +} + +/** + * MicrosoftSecurityIncidentCreation rule common property bag. + */ +export interface MicrosoftSecurityIncidentCreationAlertRuleCommonProperties { + /** + * the alerts' displayNames on which the cases will be generated + */ + displayNamesFilter?: string[]; + /** + * the alerts' displayNames on which the cases will not be generated + */ + displayNamesExcludeFilter?: string[]; + /** + * The alerts' productName on which the cases will be generated. Possible values include: + * 'Microsoft Cloud App Security', 'Azure Security Center', 'Azure Advanced Threat Protection', + * 'Azure Active Directory Identity Protection', 'Azure Security Center for IoT', 'Office 365 + * Advanced Threat Protection', 'Microsoft Defender Advanced Threat Protection' + */ + productFilter: MicrosoftSecurityProductName; + /** + * the alerts' severities on which the cases will be generated + */ + severitiesFilter?: AlertSeverity[]; +} + +/** + * Represents MicrosoftSecurityIncidentCreation rule template. + */ +export interface MicrosoftSecurityIncidentCreationAlertRuleTemplate { + /** + * Polymorphic Discriminator + */ + kind: "MicrosoftSecurityIncidentCreation"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * the number of alert rules that were created by this template + */ + alertRulesCreatedByTemplateCount: number; + /** + * The last time that this alert rule template has been updated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly lastUpdatedDateUTC?: Date; + /** + * The time that this alert rule template has been added. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly createdDateUTC: Date; + /** + * The description of the alert rule template. + */ + description: string; + /** + * The display name for alert rule template. + */ + displayName: string; + /** + * The required data sources for this template + */ + requiredDataConnectors?: AlertRuleTemplateDataSource[]; + /** + * The alert rule template status. Possible values include: 'Installed', 'Available', + * 'NotAvailable' + */ + status: TemplateStatus; + /** + * the alerts' displayNames on which the cases will be generated + */ + displayNamesFilter?: string[]; + /** + * the alerts' displayNames on which the cases will not be generated + */ + displayNamesExcludeFilter?: string[]; + /** + * The alerts' productName on which the cases will be generated. Possible values include: + * 'Microsoft Cloud App Security', 'Azure Security Center', 'Azure Advanced Threat Protection', + * 'Azure Active Directory Identity Protection', 'Azure Security Center for IoT', 'Office 365 + * Advanced Threat Protection', 'Microsoft Defender Advanced Threat Protection' + */ + productFilter: MicrosoftSecurityProductName; + /** + * the alerts' severities on which the cases will be generated + */ + severitiesFilter?: AlertSeverity[]; +} + +/** + * Grouping configuration property bag. + */ +export interface GroupingConfiguration { + /** + * Grouping enabled + */ + enabled: boolean; + /** + * Re-open closed matching incidents + */ + reopenClosedIncident: boolean; + /** + * Limit the group to alerts created within the lookback duration (in ISO 8601 duration format) + */ + lookbackDuration: string; + /** + * Grouping matching method. When method is Selected at least one of groupByEntities, + * groupByAlertDetails, groupByCustomDetails must be provided and not empty. Possible values + * include: 'AllEntities', 'AnyAlert', 'Selected' + */ + matchingMethod: MatchingMethod; + /** + * A list of entity types to group by (when matchingMethod is Selected). Only entities defined in + * the current alert rule may be used. + */ + groupByEntities?: EntityMappingType[]; + /** + * A list of alert details to group by (when matchingMethod is Selected) + */ + groupByAlertDetails?: AlertDetail[]; + /** + * A list of custom details keys to group by (when matchingMethod is Selected). Only keys defined + * in the current alert rule may be used. + */ + groupByCustomDetails?: string[]; +} + +/** + * Incident Configuration property bag. + */ +export interface IncidentConfiguration { + /** + * Create incidents from alerts triggered by this analytics rule + */ + createIncident: boolean; + /** + * Set how the alerts that are triggered by this analytics rule, are grouped into incidents + */ + groupingConfiguration?: GroupingConfiguration; +} + +/** + * Query based alert rule base property bag. + */ +export interface QueryBasedAlertRuleProperties { + /** + * The Name of the alert rule template used to create this rule. + */ + alertRuleTemplateName?: string; + /** + * The version of the alert rule template used to create this rule - in format , where all + * are numbers, for example 0 <1.0.2> + */ + templateVersion?: string; + /** + * The description of the alert rule. + */ + description?: string; + /** + * The query that creates alerts for this rule. + */ + query?: string; + /** + * The display name for alerts created by this alert rule. + */ + displayName: string; + /** + * Determines whether this alert rule is enabled or disabled. + */ + enabled: boolean; + /** + * The last time that this alert rule has been modified. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly lastModifiedUtc?: Date; + /** + * The suppression (in ISO 8601 duration format) to wait since last time this alert rule been + * triggered. + */ + suppressionDuration: string; + /** + * Determines whether the suppression for this alert rule is enabled or disabled. + */ + suppressionEnabled: boolean; + /** + * The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', + * 'Low', 'Informational' + */ + severity?: AlertSeverity; + /** + * The tactics of the alert rule + */ + tactics?: AttackTactic[]; + /** + * The settings of the incidents that created from alerts triggered by this analytics rule + */ + incidentConfiguration?: IncidentConfiguration; + /** + * Dictionary of string key-value pairs of columns to be attached to the alert + */ + customDetails?: { [propertyName: string]: string }; + /** + * Array of the entity mappings of the alert rule + */ + entityMappings?: EntityMapping[]; + /** + * The alert details override settings + */ + alertDetailsOverride?: AlertDetailsOverride; +} + +/** + * Event grouping settings property bag. + */ +export interface EventGroupingSettings { + /** + * Possible values include: 'SingleAlert', 'AlertPerResult' + */ + aggregationKind?: EventGroupingAggregationKind; +} + +/** + * Represents scheduled alert rule template. + */ +export interface ScheduledAlertRuleTemplate { + /** + * Polymorphic Discriminator + */ + kind: "Scheduled"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * the number of alert rules that were created by this template + */ + alertRulesCreatedByTemplateCount: number; + /** + * The last time that this alert rule template has been updated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly lastUpdatedDateUTC?: Date; + /** + * The time that this alert rule template has been added. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly createdDateUTC?: Date; + /** + * The description of the alert rule template. + */ + description: string; + /** + * The display name for alert rule template. + */ + displayName: string; + /** + * The required data sources for this template + */ + requiredDataConnectors?: AlertRuleTemplateDataSource[]; + /** + * The alert rule template status. Possible values include: 'Installed', 'Available', + * 'NotAvailable' + */ + status: TemplateStatus; + /** + * The query that creates alerts for this rule. + */ + query: string; + /** + * The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', + * 'Low', 'Informational' + */ + severity: AlertSeverity; + /** + * The tactics of the alert rule + */ + tactics?: AttackTactic[]; + /** + * The version of this template - in format , where all are numbers. For example <1.0.2>. + */ + version: string; + /** + * Dictionary of string key-value pairs of columns to be attached to the alert + */ + customDetails?: { [propertyName: string]: string }; + /** + * Array of the entity mappings of the alert rule + */ + entityMappings?: EntityMapping[]; + /** + * The alert details override settings + */ + alertDetailsOverride?: AlertDetailsOverride; + /** + * The frequency (in ISO 8601 duration format) for this alert rule to run. + */ + queryFrequency: string; + /** + * The period (in ISO 8601 duration format) that this alert rule looks at. + */ + queryPeriod: string; + /** + * The operation against the threshold that triggers alert rule. Possible values include: + * 'GreaterThan', 'LessThan', 'Equal', 'NotEqual' + */ + triggerOperator: TriggerOperator; + /** + * The threshold triggers this alert rule. + */ + triggerThreshold: number; + /** + * The event grouping settings. + */ + eventGroupingSettings?: EventGroupingSettings; +} + +/** + * Represents NRT alert rule template. + */ +export interface NrtAlertRuleTemplate { + /** + * Polymorphic Discriminator + */ + kind: "NRT"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * the number of alert rules that were created by this template + */ + alertRulesCreatedByTemplateCount: number; + /** + * The last time that this alert rule template has been updated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly lastUpdatedDateUTC?: Date; + /** + * The time that this alert rule template has been added. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly createdDateUTC?: Date; + /** + * The description of the alert rule template. + */ + description: string; + /** + * The display name for alert rule template. + */ + displayName: string; + /** + * The required data sources for this template + */ + requiredDataConnectors?: AlertRuleTemplateDataSource[]; + /** + * The alert rule template status. Possible values include: 'Installed', 'Available', + * 'NotAvailable' + */ + status: TemplateStatus; + /** + * The query that creates alerts for this rule. + */ + query: string; + /** + * The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', + * 'Low', 'Informational' + */ + severity: AlertSeverity; + /** + * The tactics of the alert rule + */ + tactics?: AttackTactic[]; + /** + * The version of this template - in format , where all are numbers. For example <1.0.2>. + */ + version: string; + /** + * Dictionary of string key-value pairs of columns to be attached to the alert + */ + customDetails?: { [propertyName: string]: string }; + /** + * Array of the entity mappings of the alert rule + */ + entityMappings?: EntityMapping[]; + /** + * The alert details override settings + */ + alertDetailsOverride?: AlertDetailsOverride; +} + +/** + * Represents scheduled alert rule. + */ +export interface ScheduledAlertRule { + /** + * Polymorphic Discriminator + */ + kind: "Scheduled"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The frequency (in ISO 8601 duration format) for this alert rule to run. + */ + queryFrequency: string; + /** + * The period (in ISO 8601 duration format) that this alert rule looks at. + */ + queryPeriod: string; + /** + * The operation against the threshold that triggers alert rule. Possible values include: + * 'GreaterThan', 'LessThan', 'Equal', 'NotEqual' + */ + triggerOperator: TriggerOperator; + /** + * The threshold triggers this alert rule. + */ + triggerThreshold: number; + /** + * The event grouping settings. + */ + eventGroupingSettings?: EventGroupingSettings; + /** + * The Name of the alert rule template used to create this rule. + */ + alertRuleTemplateName?: string; + /** + * The version of the alert rule template used to create this rule - in format , where all + * are numbers, for example 0 <1.0.2> + */ + templateVersion?: string; + /** + * The description of the alert rule. + */ + description?: string; + /** + * The query that creates alerts for this rule. + */ + query: string; + /** + * The display name for alerts created by this alert rule. + */ + displayName: string; + /** + * Determines whether this alert rule is enabled or disabled. + */ + enabled: boolean; + /** + * The last time that this alert rule has been modified. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly lastModifiedUtc?: Date; + /** + * The suppression (in ISO 8601 duration format) to wait since last time this alert rule been + * triggered. + */ + suppressionDuration: string; + /** + * Determines whether the suppression for this alert rule is enabled or disabled. + */ + suppressionEnabled: boolean; + /** + * The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', + * 'Low', 'Informational' + */ + severity: AlertSeverity; + /** + * The tactics of the alert rule + */ + tactics?: AttackTactic[]; + /** + * The settings of the incidents that created from alerts triggered by this analytics rule + */ + incidentConfiguration?: IncidentConfiguration; + /** + * Dictionary of string key-value pairs of columns to be attached to the alert + */ + customDetails?: { [propertyName: string]: string }; + /** + * Array of the entity mappings of the alert rule + */ + entityMappings?: EntityMapping[]; + /** + * The alert details override settings + */ + alertDetailsOverride?: AlertDetailsOverride; +} + +/** + * Represents NRT alert rule. + */ +export interface NrtAlertRule { + /** + * Polymorphic Discriminator + */ + kind: "NRT"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The Name of the alert rule template used to create this rule. + */ + alertRuleTemplateName?: string; + /** + * The version of the alert rule template used to create this rule - in format , where all + * are numbers, for example 0 <1.0.2> + */ + templateVersion?: string; + /** + * The description of the alert rule. + */ + description?: string; + /** + * The query that creates alerts for this rule. + */ + query?: string; + /** + * The display name for alerts created by this alert rule. + */ + displayName: string; + /** + * Determines whether this alert rule is enabled or disabled. + */ + enabled: boolean; + /** + * The last time that this alert rule has been modified. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly lastModifiedUtc?: Date; + /** + * The suppression (in ISO 8601 duration format) to wait since last time this alert rule been + * triggered. + */ + suppressionDuration: string; + /** + * Determines whether the suppression for this alert rule is enabled or disabled. + */ + suppressionEnabled: boolean; + /** + * The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium', + * 'Low', 'Informational' + */ + severity?: AlertSeverity; + /** + * The tactics of the alert rule + */ + tactics?: AttackTactic[]; + /** + * The settings of the incidents that created from alerts triggered by this analytics rule + */ + incidentConfiguration?: IncidentConfiguration; + /** + * Dictionary of string key-value pairs of columns to be attached to the alert + */ + customDetails?: { [propertyName: string]: string }; + /** + * Array of the entity mappings of the alert rule + */ + entityMappings?: EntityMapping[]; + /** + * The alert details override settings + */ + alertDetailsOverride?: AlertDetailsOverride; +} + +/** + * Scheduled alert rule template property bag. + */ +export interface ScheduledAlertRuleCommonProperties { + /** + * The frequency (in ISO 8601 duration format) for this alert rule to run. + */ + queryFrequency?: string; + /** + * The period (in ISO 8601 duration format) that this alert rule looks at. + */ + queryPeriod?: string; + /** + * The operation against the threshold that triggers alert rule. Possible values include: + * 'GreaterThan', 'LessThan', 'Equal', 'NotEqual' + */ + triggerOperator?: TriggerOperator; + /** + * The threshold triggers this alert rule. + */ + triggerThreshold?: number; + /** + * The event grouping settings. + */ + eventGroupingSettings?: EventGroupingSettings; +} + +/** + * Action for alert rule. + */ +export interface ActionRequest extends ResourceWithEtag { + /** + * Logic App Resource Id, + * /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}. + */ + logicAppResourceId: string; + /** + * Logic App Callback URL for this specific workflow. + */ + triggerUri: string; +} + +/** + * Action property bag base. + */ +export interface ActionPropertiesBase { + /** + * Logic App Resource Id, + * /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}. + */ + logicAppResourceId: string; +} + +/** + * Action for alert rule. + */ +export interface ActionResponse extends ResourceWithEtag { + /** + * Logic App Resource Id, + * /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}. + */ + logicAppResourceId: string; + /** + * The name of the logic app's workflow. + */ + workflowId?: string; +} + +/** + * Metadata pertaining to creation and last modification of the resource. + */ +export interface SystemData { + /** + * The identity that created the resource. + */ + createdBy?: string; + /** + * The type of identity that created the resource. Possible values include: 'User', + * 'Application', 'ManagedIdentity', 'Key' + */ + createdByType?: CreatedByType; + /** + * The timestamp of resource creation (UTC). + */ + createdAt?: Date; + /** + * The identity that last modified the resource. + */ + lastModifiedBy?: string; + /** + * The type of identity that last modified the resource. Possible values include: 'User', + * 'Application', 'ManagedIdentity', 'Key' + */ + lastModifiedByType?: CreatedByType; + /** + * The timestamp of resource last modification (UTC) + */ + lastModifiedAt?: Date; +} + +/** + * The resource model definition for a Azure Resource Manager proxy resource. It will not have tags + * and a location + * @summary Proxy Resource + */ +export interface ProxyResource extends Resource { +} + +/** + * The resource model definition for an Azure Resource Manager tracked top level resource which has + * 'tags' and a 'location' + * @summary Tracked Resource + */ +export interface TrackedResource extends Resource { + /** + * Resource tags. + */ + tags?: { [propertyName: string]: string }; + /** + * The geo-location where the resource lives + */ + location: string; +} + +/** + * The resource model definition for an Azure Resource Manager resource with an etag. + * @summary Entity Resource + */ +export interface AzureEntityResource extends Resource { + /** + * Resource Etag. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly etag?: string; +} + +/** + * The resource management error additional info. + */ +export interface ErrorAdditionalInfo { + /** + * The additional info type. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * The additional info. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly info?: any; +} + +/** + * The error detail. + */ +export interface ErrorDetail { + /** + * The error code. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly code?: string; + /** + * The error message. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly message?: string; + /** + * The error target. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly target?: string; + /** + * The error details. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly details?: ErrorDetail[]; + /** + * The error additional info. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalInfo?: ErrorAdditionalInfo[]; +} + +/** + * Common error response for all Azure Resource Manager APIs to return error details for failed + * operations. (This also follows the OData error response format.). + * @summary Error response + */ +export interface ErrorResponse { + /** + * The error object. + */ + error?: ErrorDetail; +} + +/** + * Contains the possible cases for AutomationRuleCondition. + */ +export type AutomationRuleConditionUnion = AutomationRuleCondition | AutomationRulePropertyValuesCondition; + +/** + * Describes an automation rule condition + */ +export interface AutomationRuleCondition { + /** + * Polymorphic Discriminator + */ + conditionType: "AutomationRuleCondition"; +} + +/** + * Describes automation rule triggering logic + */ +export interface AutomationRuleTriggeringLogic { + /** + * Determines whether the automation rule is enabled or disabled. + */ + isEnabled: boolean; + /** + * Determines when the automation rule should automatically expire and be disabled. + */ + expirationTimeUtc?: Date; + /** + * The conditions to evaluate to determine if the automation rule should be triggered on a given + * object + */ + conditions?: AutomationRuleConditionUnion[]; +} + +/** + * Contains the possible cases for AutomationRuleAction. + */ +export type AutomationRuleActionUnion = AutomationRuleAction | AutomationRuleRunPlaybookAction | AutomationRuleModifyPropertiesAction; + +/** + * Describes an automation rule action + */ +export interface AutomationRuleAction { + /** + * Polymorphic Discriminator + */ + actionType: "AutomationRuleAction"; + /** + * The order of execution of the automation rule action + */ + order: number; +} + +/** + * Information on the client (user or application) that made some action + */ +export interface ClientInfo { + /** + * The email of the client. + */ + email?: string; + /** + * The name of the client. + */ + name?: string; + /** + * The object id of the client. + */ + objectId?: string; + /** + * The user principal name of the client. + */ + userPrincipalName?: string; +} + +/** + * Represents an automation rule. + */ +export interface AutomationRule extends ResourceWithEtag { + /** + * The display name of the automation rule + */ + displayName: string; + /** + * The order of execution of the automation rule + */ + order: number; + /** + * The triggering logic of the automation rule + */ + triggeringLogic: AutomationRuleTriggeringLogic; + /** + * The actions to execute when the automation rule is triggered + */ + actions: AutomationRuleActionUnion[]; + /** + * The time the automation rule was created + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly createdTimeUtc?: Date; + /** + * The last time the automation rule was updated + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly lastModifiedTimeUtc?: Date; + /** + * Describes the client that created the automation rule + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly createdBy?: ClientInfo; + /** + * Describes the client that last updated the automation rule + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly lastModifiedBy?: ClientInfo; +} + +/** + * The configuration of the run playbook automation rule action + */ +export interface AutomationRuleRunPlaybookActionActionConfiguration { + /** + * The resource id of the playbook resource + */ + logicAppResourceId?: string; + /** + * The tenant id of the playbook resource + */ + tenantId?: string; +} + +/** + * Describes an automation rule action to run a playbook + */ +export interface AutomationRuleRunPlaybookAction { + /** + * Polymorphic Discriminator + */ + actionType: "RunPlaybook"; + /** + * The order of execution of the automation rule action + */ + order: number; + /** + * The configuration of the run playbook automation rule action + */ + actionConfiguration: AutomationRuleRunPlaybookActionActionConfiguration; +} + +/** + * Represents an incident label + */ +export interface IncidentLabel { + /** + * The name of the label + */ + labelName: string; + /** + * The type of the label. Possible values include: 'User', 'System' + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly labelType?: IncidentLabelType; +} + +/** + * Information on the user an incident is assigned to + */ +export interface IncidentOwnerInfo { + /** + * The email of the user the incident is assigned to. + */ + email?: string; + /** + * The name of the user the incident is assigned to. + */ + assignedTo?: string; + /** + * The object id of the user the incident is assigned to. + */ + objectId?: string; + /** + * The user principal name of the user the incident is assigned to. + */ + userPrincipalName?: string; + /** + * The type of the owner the incident is assigned to. Possible values include: 'Unknown', 'User', + * 'Group' + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly ownerType?: OwnerType; +} + +/** + * The configuration of the modify properties automation rule action + */ +export interface AutomationRuleModifyPropertiesActionActionConfiguration { + /** + * The reason the incident was closed. Possible values include: 'Undetermined', 'TruePositive', + * 'BenignPositive', 'FalsePositive' + */ + classification?: IncidentClassification; + /** + * Describes the reason the incident was closed + */ + classificationComment?: string; + /** + * The classification reason the incident was closed with. Possible values include: + * 'SuspiciousActivity', 'SuspiciousButExpected', 'IncorrectAlertLogic', 'InaccurateData' + */ + classificationReason?: IncidentClassificationReason; + /** + * List of labels to add to the incident + */ + labels?: IncidentLabel[]; + /** + * Describes a user that the incident is assigned to + */ + owner?: IncidentOwnerInfo; + /** + * The severity of the incident. Possible values include: 'High', 'Medium', 'Low', + * 'Informational' + */ + severity?: IncidentSeverity; + /** + * The status of the incident. Possible values include: 'New', 'Active', 'Closed' + */ + status?: IncidentStatus; +} + +/** + * Describes an automation rule action to modify an object's properties + */ +export interface AutomationRuleModifyPropertiesAction { + /** + * Polymorphic Discriminator + */ + actionType: "ModifyProperties"; + /** + * The order of execution of the automation rule action + */ + order: number; + /** + * The configuration of the modify properties automation rule action + */ + actionConfiguration: AutomationRuleModifyPropertiesActionActionConfiguration; +} + +/** + * The configuration of the automation rule condition + */ +export interface AutomationRulePropertyValuesConditionConditionProperties { + /** + * The property to evaluate. Possible values include: 'IncidentTitle', 'IncidentDescription', + * 'IncidentSeverity', 'IncidentStatus', 'IncidentTactics', 'IncidentRelatedAnalyticRuleIds', + * 'IncidentProviderName', 'AccountAadTenantId', 'AccountAadUserId', 'AccountName', + * 'AccountNTDomain', 'AccountPUID', 'AccountSid', 'AccountObjectGuid', 'AccountUPNSuffix', + * 'AzureResourceResourceId', 'AzureResourceSubscriptionId', 'CloudApplicationAppId', + * 'CloudApplicationAppName', 'DNSDomainName', 'FileDirectory', 'FileName', 'FileHashValue', + * 'HostAzureID', 'HostName', 'HostNetBiosName', 'HostNTDomain', 'HostOSVersion', 'IoTDeviceId', + * 'IoTDeviceName', 'IoTDeviceType', 'IoTDeviceVendor', 'IoTDeviceModel', + * 'IoTDeviceOperatingSystem', 'IPAddress', 'MailboxDisplayName', 'MailboxPrimaryAddress', + * 'MailboxUPN', 'MailMessageDeliveryAction', 'MailMessageDeliveryLocation', + * 'MailMessageRecipient', 'MailMessageSenderIP', 'MailMessageSubject', 'MailMessageP1Sender', + * 'MailMessageP2Sender', 'MalwareCategory', 'MalwareName', 'ProcessCommandLine', 'ProcessId', + * 'RegistryKey', 'RegistryValueData', 'Url' + */ + propertyName?: AutomationRulePropertyConditionSupportedProperty; + /** + * The operator to use for evaluation the condition. Possible values include: 'Equals', + * 'NotEquals', 'Contains', 'NotContains', 'StartsWith', 'NotStartsWith', 'EndsWith', + * 'NotEndsWith' + */ + operator?: AutomationRulePropertyConditionSupportedOperator; + /** + * The values to use for evaluating the condition + */ + propertyValues?: string[]; +} + +/** + * Describes an automation rule condition that evaluates a property's value + */ +export interface AutomationRulePropertyValuesCondition { + /** + * Polymorphic Discriminator + */ + conditionType: "Property"; + /** + * The configuration of the automation rule condition + */ + conditionProperties: AutomationRulePropertyValuesConditionConditionProperties; +} + +/** + * User information that made some action + */ +export interface UserInfo { + /** + * The email of the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly email?: string; + /** + * The name of the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The object id of the user. + */ + objectId?: string; +} + +/** + * Describes related incident information for the bookmark + */ +export interface IncidentInfo { + /** + * Incident Id + */ + incidentId?: string; + /** + * The severity of the incident. Possible values include: 'High', 'Medium', 'Low', + * 'Informational' + */ + severity?: IncidentSeverity; + /** + * The title of the incident + */ + title?: string; + /** + * Relation Name + */ + relationName?: string; +} + +/** + * Represents a bookmark in Azure Security Insights. + */ +export interface Bookmark extends ResourceWithEtag { + /** + * The time the bookmark was created + */ + created?: Date; + /** + * Describes a user that created the bookmark + */ + createdBy?: UserInfo; + /** + * The display name of the bookmark + */ + displayName: string; + /** + * List of labels relevant to this bookmark + */ + labels?: string[]; + /** + * The notes of the bookmark + */ + notes?: string; + /** + * The query of the bookmark. + */ + query: string; + /** + * The query result of the bookmark. + */ + queryResult?: string; + /** + * The last time the bookmark was updated + */ + updated?: Date; + /** + * Describes a user that updated the bookmark + */ + updatedBy?: UserInfo; + /** + * The bookmark event time + */ + eventTime?: Date; + /** + * The start time for the query + */ + queryStartTime?: Date; + /** + * The end time for the query + */ + queryEndTime?: Date; + /** + * Describes an incident that relates to bookmark + */ + incidentInfo?: IncidentInfo; +} + +/** + * The parameters required to execute an expand operation on the given bookmark. + */ +export interface BookmarkExpandParameters { + /** + * The end date filter, so the only expansion results returned are before this date. + */ + endTime?: Date; + /** + * The Id of the expansion to perform. + */ + expansionId?: string; + /** + * The start date filter, so the only expansion results returned are after this date. + */ + startTime?: Date; +} + +/** + * Information of a specific aggregation in the expansion result. + */ +export interface ExpansionResultAggregation { + /** + * The common type of the aggregation. (for e.g. entity field name) + */ + aggregationType?: string; + /** + * Total number of aggregations of the given kind (and aggregationType if given) in the expansion + * result. + */ + count: number; + /** + * The display name of the aggregation by type. + */ + displayName?: string; + /** + * The kind of the aggregated entity. Possible values include: 'Account', 'Host', 'File', + * 'AzureResource', 'CloudApplication', 'DnsResolution', 'FileHash', 'Ip', 'Malware', 'Process', + * 'RegistryKey', 'RegistryValue', 'SecurityGroup', 'Url', 'IoTDevice', 'SecurityAlert', + * 'Bookmark', 'MailCluster', 'MailMessage', 'Mailbox', 'SubmissionMail' + */ + entityKind: EntityKind; +} + +/** + * Expansion result metadata. + */ +export interface ExpansionResultsMetadata { + /** + * Information of the aggregated nodes in the expansion result. + */ + aggregations?: ExpansionResultAggregation[]; +} + +/** + * Contains the possible cases for Entity. + */ +export type EntityUnion = Entity | UrlEntity | SubmissionMailEntity | SecurityGroupEntity | SecurityAlert | RegistryValueEntity | RegistryKeyEntity | ProcessEntity | MalwareEntity | MailMessageEntity | MailClusterEntity | MailboxEntity | IpEntity | IoTDeviceEntity | HuntingBookmark | HostEntity | FileHashEntity | FileEntity | DnsEntity | CloudApplicationEntity | AzureResourceEntity | AccountEntity; + +/** + * Specific entity. + */ +export interface Entity { + /** + * Polymorphic Discriminator + */ + kind: "Entity"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; +} + +/** + * Expansion result connected entities + */ +export interface ConnectedEntity { + /** + * Entity Id of the connected entity + */ + targetEntityId?: string; + /** + * key-value pairs for a connected entity mapping + */ + additionalData?: any; +} + +/** + * The expansion result values. + */ +export interface BookmarkExpandResponseValue { + /** + * Array of the expansion result entities. + */ + entities?: EntityUnion[]; + /** + * Array of expansion result connected entities + */ + edges?: ConnectedEntity[]; +} + +/** + * The entity expansion result operation response. + */ +export interface BookmarkExpandResponse { + /** + * The metadata from the expansion operation results. + */ + metaData?: ExpansionResultsMetadata; + /** + * The expansion result values. + */ + value?: BookmarkExpandResponseValue; +} + +/** + * confidence reason item + */ +export interface SecurityAlertPropertiesConfidenceReasonsItem { + /** + * The reason's description + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly reason?: string; + /** + * The type (category) of the reason + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly reasonType?: string; +} + +/** + * ThreatIntelligence property bag. + */ +export interface ThreatIntelligence { + /** + * Confidence (must be between 0 and 1) + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly confidence?: number; + /** + * Name of the provider from whom this Threat Intelligence information was received + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly providerName?: string; + /** + * Report link + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly reportLink?: string; + /** + * Threat description (free text) + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly threatDescription?: string; + /** + * Threat name (e.g. "Jedobot malware") + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly threatName?: string; + /** + * Threat type (e.g. "Botnet") + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly threatType?: string; +} + +/** + * The geo-location context attached to the ip entity + */ +export interface GeoLocation { + /** + * Autonomous System Number + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly asn?: number; + /** + * City name + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly city?: string; + /** + * The country code according to ISO 3166 format + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly countryCode?: string; + /** + * Country name according to ISO 3166 Alpha 2: the lowercase of the English Short Name + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly countryName?: string; + /** + * The longitude of the identified location, expressed as a floating point number with range of + * -180 to 180, with positive numbers representing East and negative numbers representing West. + * Latitude and longitude are derived from the city or postal code. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly latitude?: number; + /** + * The latitude of the identified location, expressed as a floating point number with range of - + * 90 to 90, with positive numbers representing North and negative numbers representing South. + * Latitude and longitude are derived from the city or postal code. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly longitude?: number; + /** + * State name + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly state?: string; +} + +/** + * Entity common property bag. + */ +export interface EntityCommonProperties { + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; +} + +/** + * Represents a url entity. + */ +export interface UrlEntity { + /** + * Polymorphic Discriminator + */ + kind: "Url"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * A full URL the entity points to + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly url?: string; +} + +/** + * Represents a submission mail entity. + */ +export interface SubmissionMailEntity { + /** + * Polymorphic Discriminator + */ + kind: "SubmissionMail"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * The network message id of email to which submission belongs + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly networkMessageId?: string; + /** + * The submission id + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly submissionId?: string; + /** + * The submitter + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly submitter?: string; + /** + * The submission date + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly submissionDate?: Date; + /** + * The Time stamp when the message is received (Mail) + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly timestamp?: Date; + /** + * The recipient of the mail + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly recipient?: string; + /** + * The sender of the mail + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly sender?: string; + /** + * The sender's IP + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly senderIp?: string; + /** + * The subject of submission mail + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly subject?: string; + /** + * The submission type for the given instance. This maps to Junk, Phish, Malware or NotJunk. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly reportType?: string; +} + +/** + * Represents a security group entity. + */ +export interface SecurityGroupEntity { + /** + * Polymorphic Discriminator + */ + kind: "SecurityGroup"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * The group distinguished name + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly distinguishedName?: string; + /** + * A single-value attribute that is the unique identifier for the object, assigned by active + * directory. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly objectGuid?: string; + /** + * The SID attribute is a single-value attribute that specifies the security identifier (SID) of + * the group + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly sid?: string; +} + +/** + * Represents a security alert entity. + */ +export interface SecurityAlert { + /** + * Polymorphic Discriminator + */ + kind: "SecurityAlert"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * The display name of the alert. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly alertDisplayName?: string; + /** + * The type name of the alert. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly alertType?: string; + /** + * Display name of the main entity being reported on. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly compromisedEntity?: string; + /** + * The confidence level of this alert. Possible values include: 'Unknown', 'Low', 'High' + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly confidenceLevel?: ConfidenceLevel; + /** + * The confidence reasons + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly confidenceReasons?: SecurityAlertPropertiesConfidenceReasonsItem[]; + /** + * The confidence score of the alert. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly confidenceScore?: number; + /** + * The confidence score calculation status, i.e. indicating if score calculation is pending for + * this alert, not applicable or final. Possible values include: 'NotApplicable', 'InProcess', + * 'NotFinal', 'Final' + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly confidenceScoreStatus?: ConfidenceScoreStatus; + /** + * Alert description. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly description?: string; + /** + * The impact end time of the alert (the time of the last event contributing to the alert). + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly endTimeUtc?: Date; + /** + * Holds the alert intent stage(s) mapping for this alert. Possible values include: 'Unknown', + * 'Probing', 'Exploitation', 'Persistence', 'PrivilegeEscalation', 'DefenseEvasion', + * 'CredentialAccess', 'Discovery', 'LateralMovement', 'Execution', 'Collection', 'Exfiltration', + * 'CommandAndControl', 'Impact' + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly intent?: KillChainIntent; + /** + * The identifier of the alert inside the product which generated the alert. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly providerAlertId?: string; + /** + * The time the alert was made available for consumption. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly processingEndTime?: Date; + /** + * The name of a component inside the product which generated the alert. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly productComponentName?: string; + /** + * The name of the product which published this alert. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly productName?: string; + /** + * The version of the product generating the alert. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly productVersion?: string; + /** + * Manual action items to take to remediate the alert. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly remediationSteps?: string[]; + /** + * The severity of the alert. Possible values include: 'High', 'Medium', 'Low', 'Informational' + */ + severity?: AlertSeverity; + /** + * The impact start time of the alert (the time of the first event contributing to the alert). + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly startTimeUtc?: Date; + /** + * The lifecycle status of the alert. Possible values include: 'Unknown', 'New', 'Resolved', + * 'Dismissed', 'InProgress' + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly status?: AlertStatus; + /** + * Holds the product identifier of the alert for the product. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemAlertId?: string; + /** + * The tactics of the alert + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly tactics?: AttackTactic[]; + /** + * The time the alert was generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly timeGenerated?: Date; + /** + * The name of the vendor that raise the alert. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly vendorName?: string; + /** + * The uri link of the alert. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly alertLink?: string; + /** + * The list of resource identifiers of the alert. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly resourceIdentifiers?: any[]; +} + +/** + * Represents a registry value entity. + */ +export interface RegistryValueEntity { + /** + * Polymorphic Discriminator + */ + kind: "RegistryValue"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * The registry key entity id. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly keyEntityId?: string; + /** + * String formatted representation of the value data. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly valueData?: string; + /** + * The registry value name. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly valueName?: string; + /** + * Specifies the data types to use when storing values in the registry, or identifies the data + * type of a value in the registry. Possible values include: 'None', 'Unknown', 'String', + * 'ExpandString', 'Binary', 'DWord', 'MultiString', 'QWord' + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly valueType?: RegistryValueKind; +} + +/** + * Represents a registry key entity. + */ +export interface RegistryKeyEntity { + /** + * Polymorphic Discriminator + */ + kind: "RegistryKey"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * the hive that holds the registry key. Possible values include: 'HKEY_LOCAL_MACHINE', + * 'HKEY_CLASSES_ROOT', 'HKEY_CURRENT_CONFIG', 'HKEY_USERS', 'HKEY_CURRENT_USER_LOCAL_SETTINGS', + * 'HKEY_PERFORMANCE_DATA', 'HKEY_PERFORMANCE_NLSTEXT', 'HKEY_PERFORMANCE_TEXT', 'HKEY_A', + * 'HKEY_CURRENT_USER' + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly hive?: RegistryHive; + /** + * The registry key path. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly key?: string; +} + +/** + * Represents a process entity. + */ +export interface ProcessEntity { + /** + * Polymorphic Discriminator + */ + kind: "Process"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * The account entity id running the processes. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly accountEntityId?: string; + /** + * The command line used to create the process + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly commandLine?: string; + /** + * The time when the process started to run + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly creationTimeUtc?: Date; + /** + * The elevation token associated with the process. Possible values include: 'Default', 'Full', + * 'Limited' + */ + elevationToken?: ElevationToken; + /** + * The host entity id on which the process was running + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly hostEntityId?: string; + /** + * The session entity id in which the process was running + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly hostLogonSessionEntityId?: string; + /** + * Image file entity id + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly imageFileEntityId?: string; + /** + * The parent process entity id. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly parentProcessEntityId?: string; + /** + * The process ID + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly processId?: string; +} + +/** + * Represents a malware entity. + */ +export interface MalwareEntity { + /** + * Polymorphic Discriminator + */ + kind: "Malware"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * The malware category by the vendor, e.g. Trojan + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly category?: string; + /** + * List of linked file entity identifiers on which the malware was found + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly fileEntityIds?: string[]; + /** + * The malware name by the vendor, e.g. Win32/Toga!rfn + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly malwareName?: string; + /** + * List of linked process entity identifiers on which the malware was found. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly processEntityIds?: string[]; +} + +/** + * Represents a mail message entity. + */ +export interface MailMessageEntity { + /** + * Polymorphic Discriminator + */ + kind: "MailMessage"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * The File entity ids of this mail message's attachments + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly fileEntityIds?: string[]; + /** + * The recipient of this mail message. Note that in case of multiple recipients the mail message + * is forked and each copy has one recipient + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly recipient?: string; + /** + * The Urls contained in this mail message + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly urls?: string[]; + /** + * The threats of this mail message + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly threats?: string[]; + /** + * The p1 sender's email address + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly p1Sender?: string; + /** + * The p1 sender's display name + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly p1SenderDisplayName?: string; + /** + * The p1 sender's domain + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly p1SenderDomain?: string; + /** + * The sender's IP address + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly senderIP?: string; + /** + * The p2 sender's email address + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly p2Sender?: string; + /** + * The p2 sender's display name + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly p2SenderDisplayName?: string; + /** + * The p2 sender's domain + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly p2SenderDomain?: string; + /** + * The receive date of this message + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly receiveDate?: Date; + /** + * The network message id of this mail message + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly networkMessageId?: string; + /** + * The internet message id of this mail message + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly internetMessageId?: string; + /** + * The subject of this mail message + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly subject?: string; + /** + * The language of this mail message + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly language?: string; + /** + * The threat detection methods + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly threatDetectionMethods?: string[]; + /** + * The bodyFingerprintBin1 + */ + bodyFingerprintBin1?: number; + /** + * The bodyFingerprintBin2 + */ + bodyFingerprintBin2?: number; + /** + * The bodyFingerprintBin3 + */ + bodyFingerprintBin3?: number; + /** + * The bodyFingerprintBin4 + */ + bodyFingerprintBin4?: number; + /** + * The bodyFingerprintBin5 + */ + bodyFingerprintBin5?: number; + /** + * The directionality of this mail message. Possible values include: 'Unknown', 'Inbound', + * 'Outbound', 'Intraorg' + */ + antispamDirection?: AntispamMailDirection; + /** + * The delivery action of this mail message like Delivered, Blocked, Replaced etc. Possible + * values include: 'Unknown', 'DeliveredAsSpam', 'Delivered', 'Blocked', 'Replaced' + */ + deliveryAction?: DeliveryAction; + /** + * The delivery location of this mail message like Inbox, JunkFolder etc. Possible values + * include: 'Unknown', 'Inbox', 'JunkFolder', 'DeletedFolder', 'Quarantine', 'External', + * 'Failed', 'Dropped', 'Forwarded' + */ + deliveryLocation?: DeliveryLocation; +} + +/** + * Represents a mail cluster entity. + */ +export interface MailClusterEntity { + /** + * Polymorphic Discriminator + */ + kind: "MailCluster"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * The mail message IDs that are part of the mail cluster + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly networkMessageIds?: string[]; + /** + * Count of mail messages by DeliveryStatus string representation + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly countByDeliveryStatus?: any; + /** + * Count of mail messages by ThreatType string representation + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly countByThreatType?: any; + /** + * Count of mail messages by ProtectionStatus string representation + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly countByProtectionStatus?: any; + /** + * The threats of mail messages that are part of the mail cluster + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly threats?: string[]; + /** + * The query that was used to identify the messages of the mail cluster + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly query?: string; + /** + * The query time + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly queryTime?: Date; + /** + * The number of mail messages that are part of the mail cluster + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly mailCount?: number; + /** + * Is this a volume anomaly mail cluster + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly isVolumeAnomaly?: boolean; + /** + * The source of the mail cluster (default is 'O365 ATP') + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly source?: string; + /** + * The id of the cluster source + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly clusterSourceIdentifier?: string; + /** + * The type of the cluster source + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly clusterSourceType?: string; + /** + * The cluster query start time + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly clusterQueryStartTime?: Date; + /** + * The cluster query end time + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly clusterQueryEndTime?: Date; + /** + * The cluster group + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly clusterGroup?: string; +} + +/** + * Represents a mailbox entity. + */ +export interface MailboxEntity { + /** + * Polymorphic Discriminator + */ + kind: "Mailbox"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * The mailbox's primary address + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly mailboxPrimaryAddress?: string; + /** + * The mailbox's display name + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly displayName?: string; + /** + * The mailbox's UPN + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly upn?: string; + /** + * The AzureAD identifier of mailbox. Similar to AadUserId in account entity but this property is + * specific to mailbox object on office side + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly externalDirectoryObjectId?: string; +} + +/** + * Represents an ip entity. + */ +export interface IpEntity { + /** + * Polymorphic Discriminator + */ + kind: "Ip"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * The IP address as string, e.g. 127.0.0.1 (either in Ipv4 or Ipv6) + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly address?: string; + /** + * The geo-location context attached to the ip entity + */ + location?: GeoLocation; + /** + * A list of TI contexts attached to the ip entity. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly threatIntelligence?: ThreatIntelligence[]; +} + +/** + * Represents an IoT device entity. + */ +export interface IoTDeviceEntity { + /** + * Polymorphic Discriminator + */ + kind: "IoTDevice"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * The ID of the IoT Device in the IoT Hub + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly deviceId?: string; + /** + * The friendly name of the device + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly deviceName?: string; + /** + * The source of the device + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly source?: string; + /** + * The ID of the security agent running on the device + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly iotSecurityAgentId?: string; + /** + * The type of the device + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly deviceType?: string; + /** + * The vendor of the device + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly vendor?: string; + /** + * The ID of the edge device + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly edgeId?: string; + /** + * The MAC address of the device + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly macAddress?: string; + /** + * The model of the device + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly model?: string; + /** + * The serial number of the device + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly serialNumber?: string; + /** + * The firmware version of the device + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly firmwareVersion?: string; + /** + * The operating system of the device + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly operatingSystem?: string; + /** + * The AzureResource entity id of the IoT Hub + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly iotHubEntityId?: string; + /** + * The Host entity id of this device + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly hostEntityId?: string; + /** + * The IP entity if of this device + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly ipAddressEntityId?: string; + /** + * A list of TI contexts attached to the IoTDevice entity. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly threatIntelligence?: ThreatIntelligence[]; + /** + * A list of protocols of the IoTDevice entity. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly protocols?: string[]; +} + +/** + * Represents a Hunting bookmark entity. + */ +export interface HuntingBookmark { + /** + * Polymorphic Discriminator + */ + kind: "Bookmark"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * The time the bookmark was created + */ + created?: Date; + /** + * Describes a user that created the bookmark + */ + createdBy?: UserInfo; + /** + * The display name of the bookmark + */ + displayName: string; + /** + * The time of the event + */ + eventTime?: Date; + /** + * List of labels relevant to this bookmark + */ + labels?: string[]; + /** + * The notes of the bookmark + */ + notes?: string; + /** + * The query of the bookmark. + */ + query: string; + /** + * The query result of the bookmark. + */ + queryResult?: string; + /** + * The last time the bookmark was updated + */ + updated?: Date; + /** + * Describes a user that updated the bookmark + */ + updatedBy?: UserInfo; + /** + * Describes an incident that relates to bookmark + */ + incidentInfo?: IncidentInfo; +} + +/** + * Represents a host entity. + */ +export interface HostEntity { + /** + * Polymorphic Discriminator + */ + kind: "Host"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * The azure resource id of the VM. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly azureID?: string; + /** + * The DNS domain that this host belongs to. Should contain the compete DNS suffix for the domain + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly dnsDomain?: string; + /** + * The hostname without the domain suffix. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly hostName?: string; + /** + * Determines whether this host belongs to a domain. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly isDomainJoined?: boolean; + /** + * The host name (pre-windows2000). + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly netBiosName?: string; + /** + * The NT domain that this host belongs to. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly ntDomain?: string; + /** + * The OMS agent id, if the host has OMS agent installed. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly omsAgentID?: string; + /** + * The operating system type. Possible values include: 'Linux', 'Windows', 'Android', 'IOS', + * 'Unknown' + */ + osFamily?: OSFamily; + /** + * A free text representation of the operating system. This field is meant to hold specific + * versions the are more fine grained than OSFamily or future values not supported by OSFamily + * enumeration + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly osVersion?: string; +} + +/** + * Represents a file hash entity. + */ +export interface FileHashEntity { + /** + * Polymorphic Discriminator + */ + kind: "FileHash"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * The hash algorithm type. Possible values include: 'Unknown', 'MD5', 'SHA1', 'SHA256', + * 'SHA256AC' + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly algorithm?: FileHashAlgorithm; + /** + * The file hash value. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly hashValue?: string; +} + +/** + * Represents a file entity. + */ +export interface FileEntity { + /** + * Polymorphic Discriminator + */ + kind: "File"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * The full path to the file. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly directory?: string; + /** + * The file hash entity identifiers associated with this file + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly fileHashEntityIds?: string[]; + /** + * The file name without path (some alerts might not include path). + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly fileName?: string; + /** + * The Host entity id which the file belongs to + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly hostEntityId?: string; +} + +/** + * Represents a dns entity. + */ +export interface DnsEntity { + /** + * Polymorphic Discriminator + */ + kind: "DnsResolution"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * An ip entity id for the dns server resolving the request + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly dnsServerIpEntityId?: string; + /** + * The name of the dns record associated with the alert + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly domainName?: string; + /** + * An ip entity id for the dns request client + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly hostIpAddressEntityId?: string; + /** + * Ip entity identifiers for the resolved ip address. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly ipAddressEntityIds?: string[]; +} + +/** + * Represents a cloud application entity. + */ +export interface CloudApplicationEntity { + /** + * Polymorphic Discriminator + */ + kind: "CloudApplication"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * The technical identifier of the application. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly appId?: number; + /** + * The name of the related cloud application. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly appName?: string; + /** + * The user defined instance name of the cloud application. It is often used to distinguish + * between several applications of the same type that a customer has. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly instanceName?: string; +} + +/** + * Represents an azure resource entity. + */ +export interface AzureResourceEntity { + /** + * Polymorphic Discriminator + */ + kind: "AzureResource"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * The azure resource id of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly resourceId?: string; + /** + * The subscription id of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly subscriptionId?: string; +} + +/** + * Represents an account entity. + */ +export interface AccountEntity { + /** + * Polymorphic Discriminator + */ + kind: "Account"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * The Azure Active Directory tenant id. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly aadTenantId?: string; + /** + * The Azure Active Directory user id. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly aadUserId?: string; + /** + * The name of the account. This field should hold only the name without any domain added to it, + * i.e. administrator. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly accountName?: string; + /** + * The display name of the account. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly displayName?: string; + /** + * The Host entity id that contains the account in case it is a local account (not domain joined) + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly hostEntityId?: string; + /** + * Determines whether this is a domain account. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly isDomainJoined?: boolean; + /** + * The NetBIOS domain name as it appears in the alert format domain\username. Examples: NT + * AUTHORITY. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly ntDomain?: string; + /** + * The objectGUID attribute is a single-value attribute that is the unique identifier for the + * object, assigned by active directory. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly objectGuid?: string; + /** + * The Azure Active Directory Passport User ID. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly puid?: string; + /** + * The account security identifier, e.g. S-1-5-18. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly sid?: string; + /** + * The user principal name suffix for the account, in some cases it is also the domain name. + * Examples: contoso.com. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly upnSuffix?: string; + /** + * The fully qualified domain DNS name. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly dnsDomain?: string; +} + +/** + * Represents a relation between two resources + */ +export interface Relation extends ResourceWithEtag { + /** + * The resource ID of the related resource + */ + relatedResourceId: string; + /** + * The name of the related resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly relatedResourceName?: string; + /** + * The resource type of the related resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly relatedResourceType?: string; + /** + * The resource kind of the related resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly relatedResourceKind?: string; +} + +/** + * The registrar associated with this domain + */ +export interface EnrichmentDomainWhoisRegistrarDetails { + /** + * The name of this registrar + */ + name?: string; + /** + * This registrar's abuse contact email + */ + abuseContactEmail?: string; + /** + * This registrar's abuse contact phone number + */ + abuseContactPhone?: string; + /** + * This registrar's Internet Assigned Numbers Authority id + */ + ianaId?: string; + /** + * This registrar's URL + */ + url?: string; + /** + * The hostname of this registrar's whois server + */ + whoisServer?: string; +} + +/** + * An individual contact associated with this domain + */ +export interface EnrichmentDomainWhoisContact { + /** + * The name of this contact + */ + name?: string; + /** + * The organization for this contact + */ + org?: string; + /** + * A list describing the street address for this contact + */ + street?: string[]; + /** + * The city for this contact + */ + city?: string; + /** + * The state for this contact + */ + state?: string; + /** + * The postal code for this contact + */ + postal?: string; + /** + * The country for this contact + */ + country?: string; + /** + * The phone number for this contact + */ + phone?: string; + /** + * The fax number for this contact + */ + fax?: string; + /** + * The email address for this contact + */ + email?: string; +} + +/** + * The set of contacts associated with this domain + */ +export interface EnrichmentDomainWhoisContacts { + /** + * The admin contact for this whois record + */ + admin?: EnrichmentDomainWhoisContact; + /** + * The billing contact for this whois record + */ + billing?: EnrichmentDomainWhoisContact; + /** + * The registrant contact for this whois record + */ + registrant?: EnrichmentDomainWhoisContact; + /** + * The technical contact for this whois record + */ + tech?: EnrichmentDomainWhoisContact; +} + +/** + * The whois record for a given domain + */ +export interface EnrichmentDomainWhoisDetails { + /** + * The registrar associated with this domain + */ + registrar?: EnrichmentDomainWhoisRegistrarDetails; + /** + * The set of contacts associated with this domain + */ + contacts?: EnrichmentDomainWhoisContacts; + /** + * A list of name servers associated with this domain + */ + nameServers?: string[]; + /** + * The set of status flags for this whois record + */ + statuses?: string[]; +} + +/** + * Whois information for a given domain and associated metadata + */ +export interface EnrichmentDomainWhois { + /** + * The domain for this whois record + */ + domain?: string; + /** + * The hostname of this registrar's whois server + */ + server?: string; + /** + * The timestamp at which this record was created + */ + created?: Date; + /** + * The timestamp at which this record was last updated + */ + updated?: Date; + /** + * The timestamp at which this record will expire + */ + expires?: Date; + /** + * The whois record for a given domain + */ + parsedWhois?: EnrichmentDomainWhoisDetails; +} + +/** + * Geodata information for a given IP address + */ +export interface EnrichmentIpGeodata { + /** + * The autonomous system number associated with this IP address + */ + asn?: string; + /** + * The name of the carrier for this IP address + */ + carrier?: string; + /** + * The city this IP address is located in + */ + city?: string; + /** + * A numeric rating of confidence that the value in the 'city' field is correct, on a scale of + * 0-100 + */ + cityCf?: number; + /** + * The continent this IP address is located on + */ + continent?: string; + /** + * The county this IP address is located in + */ + country?: string; + /** + * A numeric rating of confidence that the value in the 'country' field is correct on a scale of + * 0-100 + */ + countryCf?: number; + /** + * The dotted-decimal or colon-separated string representation of the IP address + */ + ipAddr?: string; + /** + * A description of the connection type of this IP address + */ + ipRoutingType?: string; + /** + * The latitude of this IP address + */ + latitude?: string; + /** + * The longitude of this IP address + */ + longitude?: string; + /** + * The name of the organization for this IP address + */ + organization?: string; + /** + * The type of the organization for this IP address + */ + organizationType?: string; + /** + * The geographic region this IP address is located in + */ + region?: string; + /** + * The state this IP address is located in + */ + state?: string; + /** + * A numeric rating of confidence that the value in the 'state' field is correct on a scale of + * 0-100 + */ + stateCf?: number; + /** + * The abbreviated name for the state this IP address is located in + */ + stateCode?: string; +} + +/** + * Contains the possible cases for EntityQuery. + */ +export type EntityQueryUnion = EntityQuery | ExpansionEntityQuery | ActivityEntityQuery; + +/** + * Specific entity query. + */ +export interface EntityQuery { + /** + * Polymorphic Discriminator + */ + kind: "EntityQuery"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; +} + +/** + * Contains the possible cases for CustomEntityQuery. + */ +export type CustomEntityQueryUnion = CustomEntityQuery | ActivityCustomEntityQuery; + +/** + * Specific entity query that supports put requests. + */ +export interface CustomEntityQuery { + /** + * Polymorphic Discriminator + */ + kind: "CustomEntityQuery"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; +} + +/** + * Represents Expansion entity query. + */ +export interface ExpansionEntityQuery { + /** + * Polymorphic Discriminator + */ + kind: "Expansion"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * List of the data sources that are required to run the query + */ + dataSources?: string[]; + /** + * The query display name + */ + displayName?: string; + /** + * The type of the query's source entity. Possible values include: 'Account', 'Host', 'File', + * 'AzureResource', 'CloudApplication', 'DNS', 'FileHash', 'IP', 'Malware', 'Process', + * 'RegistryKey', 'RegistryValue', 'SecurityGroup', 'URL', 'IoTDevice', 'SecurityAlert', + * 'HuntingBookmark', 'MailCluster', 'MailMessage', 'Mailbox', 'SubmissionMail' + */ + inputEntityType?: EntityType; + /** + * List of the fields of the source entity that are required to run the query + */ + inputFields?: string[]; + /** + * List of the desired output types to be constructed from the result + */ + outputEntityTypes?: EntityType[]; + /** + * The template query string to be parsed and formatted + */ + queryTemplate?: string; +} + +/** + * The Activity query definitions + */ +export interface ActivityEntityQueriesPropertiesQueryDefinitions { + /** + * The Activity query to run on a given entity + */ + query?: string; +} + +/** + * Represents Activity entity query. + */ +export interface ActivityEntityQuery { + /** + * Polymorphic Discriminator + */ + kind: "Activity"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The entity query title + */ + title?: string; + /** + * The entity query content to display in timeline + */ + content?: string; + /** + * The entity query description + */ + description?: string; + /** + * The Activity query definitions + */ + queryDefinitions?: ActivityEntityQueriesPropertiesQueryDefinitions; + /** + * The type of the query's source entity. Possible values include: 'Account', 'Host', 'File', + * 'AzureResource', 'CloudApplication', 'DNS', 'FileHash', 'IP', 'Malware', 'Process', + * 'RegistryKey', 'RegistryValue', 'SecurityGroup', 'URL', 'IoTDevice', 'SecurityAlert', + * 'HuntingBookmark', 'MailCluster', 'MailMessage', 'Mailbox', 'SubmissionMail' + */ + inputEntityType?: EntityType; + /** + * List of the fields of the source entity that are required to run the query + */ + requiredInputFieldsSets?: string[][]; + /** + * The query applied only to entities matching to all filters + */ + entitiesFilter?: { [propertyName: string]: string[] }; + /** + * The template id this activity was created from + */ + templateName?: string; + /** + * Determines whether this activity is enabled or disabled. + */ + enabled?: boolean; + /** + * The time the activity was created + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly createdTimeUtc?: Date; + /** + * The last time the activity was updated + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly lastModifiedTimeUtc?: Date; +} + +/** + * Represents Activity entity query. + */ +export interface ActivityCustomEntityQuery { + /** + * Polymorphic Discriminator + */ + kind: "Activity"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The entity query title + */ + title?: string; + /** + * The entity query content to display in timeline + */ + content?: string; + /** + * The entity query description + */ + description?: string; + /** + * The Activity query definitions + */ + queryDefinitions?: ActivityEntityQueriesPropertiesQueryDefinitions; + /** + * The type of the query's source entity. Possible values include: 'Account', 'Host', 'File', + * 'AzureResource', 'CloudApplication', 'DNS', 'FileHash', 'IP', 'Malware', 'Process', + * 'RegistryKey', 'RegistryValue', 'SecurityGroup', 'URL', 'IoTDevice', 'SecurityAlert', + * 'HuntingBookmark', 'MailCluster', 'MailMessage', 'Mailbox', 'SubmissionMail' + */ + inputEntityType?: EntityType; + /** + * List of the fields of the source entity that are required to run the query + */ + requiredInputFieldsSets?: string[][]; + /** + * The query applied only to entities matching to all filters + */ + entitiesFilter?: { [propertyName: string]: string[] }; + /** + * The template id this activity was created from + */ + templateName?: string; + /** + * Determines whether this activity is enabled or disabled. + */ + enabled?: boolean; + /** + * The time the activity was created + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly createdTimeUtc?: Date; + /** + * The last time the activity was updated + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly lastModifiedTimeUtc?: Date; +} + +/** + * Contains the possible cases for EntityTimelineItem. + */ +export type EntityTimelineItemUnion = EntityTimelineItem | ActivityTimelineItem | BookmarkTimelineItem | SecurityAlertTimelineItem; + +/** + * Entity timeline Item. + */ +export interface EntityTimelineItem { + /** + * Polymorphic Discriminator + */ + kind: "EntityTimelineItem"; +} + +/** + * Represents Activity timeline item. + */ +export interface ActivityTimelineItem { + /** + * Polymorphic Discriminator + */ + kind: "Activity"; + /** + * The activity query id. + */ + queryId: string; + /** + * The grouping bucket start time. + */ + bucketStartTimeUTC: Date; + /** + * The grouping bucket end time. + */ + bucketEndTimeUTC: Date; + /** + * The time of the first activity in the grouping bucket. + */ + firstActivityTimeUTC: Date; + /** + * The time of the last activity in the grouping bucket. + */ + lastActivityTimeUTC: Date; + /** + * The activity timeline content. + */ + content: string; + /** + * The activity timeline title. + */ + title: string; +} + +/** + * Represents bookmark timeline item. + */ +export interface BookmarkTimelineItem { + /** + * Polymorphic Discriminator + */ + kind: "Bookmark"; + /** + * The bookmark azure resource id. + */ + azureResourceId: string; + /** + * The bookmark display name. + */ + displayName?: string; + /** + * The notes of the bookmark + */ + notes?: string; + /** + * The bookmark end time. + */ + endTimeUtc?: Date; + /** + * The bookmark start time. + */ + startTimeUtc?: Date; + /** + * The bookmark event time. + */ + eventTime?: Date; + /** + * Describes a user that created the bookmark + */ + createdBy?: UserInfo; + /** + * List of labels relevant to this bookmark + */ + labels?: string[]; +} + +/** + * The parameters required to execute insights operation on the given entity. + */ +export interface EntityGetInsightsParameters { + /** + * The start timeline date, so the results returned are after this date. + */ + startTime: Date; + /** + * The end timeline date, so the results returned are before this date. + */ + endTime: Date; + /** + * Indicates if query time range should be extended with default time range of the query. Default + * value is false + */ + addDefaultExtendedTimeRange?: boolean; + /** + * List of Insights Query Id. If empty, default value is all insights of this entity + */ + insightQueryIds?: string[]; +} + +/** + * GetInsights Query Errors. + */ +export interface GetInsightsError { + /** + * the query id + */ + queryId?: string; + /** + * the error message + */ + errorMessage: string; +} + +/** + * Get Insights result metadata. + */ +export interface GetInsightsResultsMetadata { + /** + * the total items found for the insights request + */ + totalCount: number; + /** + * information about the failed queries + */ + errors?: GetInsightsError[]; +} + +/** + * The Time interval that the query actually executed on. + */ +export interface EntityInsightItemQueryTimeInterval { + /** + * Insight query start time + */ + startTime?: Date; + /** + * Insight query end time + */ + endTime?: Date; +} + +/** + * An interface representing InsightsTableResultColumnsItem. + */ +export interface InsightsTableResultColumnsItem { + /** + * the type of the colum + */ + type?: string; + /** + * the name of the colum + */ + name?: string; +} + +/** + * Query results for table insights query. + */ +export interface InsightsTableResult { + /** + * Columns Metadata of the table + */ + columns?: InsightsTableResultColumnsItem[]; + /** + * Rows data of the table + */ + rows?: string[][]; +} + +/** + * Entity insight Item. + */ +export interface EntityInsightItem { + /** + * The query id of the insight + */ + queryId?: string; + /** + * The Time interval that the query actually executed on. + */ + queryTimeInterval?: EntityInsightItemQueryTimeInterval; + /** + * Query results for table insights query. + */ + tableQueryResults?: InsightsTableResult; + /** + * Query results for table insights query. + */ + chartQueryResults?: InsightsTableResult[]; +} + +/** + * The Get Insights result operation response. + */ +export interface EntityGetInsightsResponse { + /** + * The metadata from the get insights operation results. + */ + metaData?: GetInsightsResultsMetadata; + /** + * The insights result values. + */ + value?: EntityInsightItem[]; +} + +/** + * The edge that connects the entity to the other entity. + */ +export interface EntityEdges { + /** + * The target entity Id. + */ + targetEntityId?: string; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + */ + additionalData?: { [propertyName: string]: any }; +} + +/** + * The parameters required to execute an expand operation on the given entity. + */ +export interface EntityExpandParameters { + /** + * The end date filter, so the only expansion results returned are before this date. + */ + endTime?: Date; + /** + * The Id of the expansion to perform. + */ + expansionId?: string; + /** + * The start date filter, so the only expansion results returned are after this date. + */ + startTime?: Date; +} + +/** + * The expansion result values. + */ +export interface EntityExpandResponseValue { + /** + * Array of the expansion result entities. + */ + entities?: EntityUnion[]; + /** + * Array of edges that connects the entity to the list of entities. + */ + edges?: EntityEdges[]; +} + +/** + * The entity expansion result operation response. + */ +export interface EntityExpandResponse { + /** + * The metadata from the expansion operation results. + */ + metaData?: ExpansionResultsMetadata; + /** + * The expansion result values. + */ + value?: EntityExpandResponseValue; +} + +/** + * timeline aggregation information per kind + */ +export interface TimelineAggregation { + /** + * the total items found for a kind + */ + count: number; + /** + * the query kind. Possible values include: 'Activity', 'Bookmark', 'SecurityAlert' + */ + kind: EntityTimelineKind; +} + +/** + * Timeline Query Errors. + */ +export interface TimelineError { + /** + * the query kind. Possible values include: 'Activity', 'Bookmark', 'SecurityAlert' + */ + kind: EntityTimelineKind; + /** + * the query id + */ + queryId?: string; + /** + * the error message + */ + errorMessage: string; +} + +/** + * Expansion result metadata. + */ +export interface TimelineResultsMetadata { + /** + * the total items found for the timeline request + */ + totalCount: number; + /** + * timeline aggregation per kind + */ + aggregations: TimelineAggregation[]; + /** + * information about the failure queries + */ + errors?: TimelineError[]; +} + +/** + * The entity timeline result operation response. + */ +export interface EntityTimelineResponse { + /** + * The metadata from the timeline operation results. + */ + metaData?: TimelineResultsMetadata; + /** + * The timeline result values. + */ + value?: EntityTimelineItemUnion[]; +} + +/** + * The parameters required to execute s timeline operation on the given entity. + */ +export interface EntityTimelineParameters { + /** + * Array of timeline Item kinds. + */ + kinds?: EntityTimelineKind[]; + /** + * The start timeline date, so the results returned are after this date. + */ + startTime: Date; + /** + * The end timeline date, so the results returned are before this date. + */ + endTime: Date; + /** + * The number of bucket for timeline queries aggregation. + */ + numberOfBucket?: number; +} + +/** + * Contains the possible cases for EntityQueryItem. + */ +export type EntityQueryItemUnion = EntityQueryItem | InsightQueryItem; + +/** + * An abstract Query item for entity + */ +export interface EntityQueryItem { + /** + * Polymorphic Discriminator + */ + kind: "EntityQueryItem"; + /** + * Query Template ARM ID + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * Query Template ARM Name + */ + name?: string; + /** + * ARM Type + */ + type?: string; +} + +/** + * An interface representing EntityQueryItemPropertiesDataTypesItem. + */ +export interface EntityQueryItemPropertiesDataTypesItem { + /** + * Data type name + */ + dataType?: string; +} + +/** + * An properties abstract Query item for entity + */ +export interface EntityQueryItemProperties { + /** + * Data types for template + */ + dataTypes?: EntityQueryItemPropertiesDataTypesItem[]; + /** + * The type of the entity. Possible values include: 'Account', 'Host', 'File', 'AzureResource', + * 'CloudApplication', 'DNS', 'FileHash', 'IP', 'Malware', 'Process', 'RegistryKey', + * 'RegistryValue', 'SecurityGroup', 'URL', 'IoTDevice', 'SecurityAlert', 'HuntingBookmark', + * 'MailCluster', 'MailMessage', 'Mailbox', 'SubmissionMail' + */ + inputEntityType?: EntityType; + /** + * Data types for template + */ + requiredInputFieldsSets?: string[][]; + /** + * The query applied only to entities matching to all filters + */ + entitiesFilter?: any; +} + +/** + * An interface representing InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem. + */ +export interface InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem { + /** + * Insight column header. + */ + header?: string; + /** + * Insights Column type. Possible values include: 'Number', 'String', 'Date', 'Entity' + */ + outputType?: OutputType; + /** + * Is query supports deep-link. + */ + supportDeepLink?: boolean; +} + +/** + * An interface representing + * InsightQueryItemPropertiesTableQueryQueriesDefinitionsItemLinkColumnsDefinitionsItem. + */ +export interface InsightQueryItemPropertiesTableQueryQueriesDefinitionsItemLinkColumnsDefinitionsItem { + /** + * Insight Link Definition Projected Name. + */ + projectedName?: string; + /** + * Insight Link Definition Query. + */ + query?: string; +} + +/** + * An interface representing InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem. + */ +export interface InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem { + /** + * Insight column header. + */ + filter?: string; + /** + * Insight column header. + */ + summarize?: string; + /** + * Insight column header. + */ + project?: string; + /** + * Insight column header. + */ + linkColumnsDefinitions?: InsightQueryItemPropertiesTableQueryQueriesDefinitionsItemLinkColumnsDefinitionsItem[]; +} + +/** + * The insight table query. + */ +export interface InsightQueryItemPropertiesTableQuery { + /** + * List of insight column definitions. + */ + columnsDefinitions?: InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem[]; + /** + * List of insight queries definitions. + */ + queriesDefinitions?: InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem[]; +} + +/** + * The activity query definitions. + */ +export interface InsightQueryItemPropertiesAdditionalQuery { + /** + * The insight query. + */ + query?: string; + /** + * The insight text. + */ + text?: string; +} + +/** + * The insight chart query. + */ +export interface InsightQueryItemPropertiesDefaultTimeRange { + /** + * The padding for the start time of the query. + */ + beforeRange?: string; + /** + * The padding for the end time of the query. + */ + afterRange?: string; +} + +/** + * The insight chart query. + */ +export interface InsightQueryItemPropertiesReferenceTimeRange { + /** + * Additional query time for looking back. + */ + beforeRange?: string; +} + +/** + * Represents Insight Query. + */ +export interface InsightQueryItemProperties extends EntityQueryItemProperties { + /** + * The insight display name. + */ + displayName?: string; + /** + * The insight description. + */ + description?: string; + /** + * The base query of the insight. + */ + baseQuery?: string; + /** + * The insight table query. + */ + tableQuery?: InsightQueryItemPropertiesTableQuery; + /** + * The insight chart query. + */ + chartQuery?: any; + /** + * The activity query definitions. + */ + additionalQuery?: InsightQueryItemPropertiesAdditionalQuery; + /** + * The insight chart query. + */ + defaultTimeRange?: InsightQueryItemPropertiesDefaultTimeRange; + /** + * The insight chart query. + */ + referenceTimeRange?: InsightQueryItemPropertiesReferenceTimeRange; +} + +/** + * Represents Insight Query. + */ +export interface InsightQueryItem { + /** + * Polymorphic Discriminator + */ + kind: "Insight"; + /** + * Query Template ARM ID + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * Query Template ARM Name + */ + name?: string; + /** + * ARM Type + */ + type?: string; + /** + * Properties bag for InsightQueryItem + */ + properties?: InsightQueryItemProperties; +} + +/** + * Retrieve queries for entity result operation response. + */ +export interface GetQueriesResponse { + /** + * The query result values. + */ + value?: EntityQueryItemUnion[]; +} + +/** + * Represents security alert timeline item. + */ +export interface SecurityAlertTimelineItem { + /** + * Polymorphic Discriminator + */ + kind: "SecurityAlert"; + /** + * The alert azure resource id. + */ + azureResourceId: string; + /** + * The alert product name. + */ + productName?: string; + /** + * The alert description. + */ + description?: string; + /** + * The alert name. + */ + displayName: string; + /** + * The alert severity. Possible values include: 'High', 'Medium', 'Low', 'Informational' + */ + severity: AlertSeverity; + /** + * The alert end time. + */ + endTimeUtc: Date; + /** + * The alert start time. + */ + startTimeUtc: Date; + /** + * The alert generated time. + */ + timeGenerated: Date; + /** + * The name of the alert type. + */ + alertType: string; +} + +/** + * Incident additional data property bag. + */ +export interface IncidentAdditionalData { + /** + * The number of alerts in the incident + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly alertsCount?: number; + /** + * The number of bookmarks in the incident + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly bookmarksCount?: number; + /** + * The number of comments in the incident + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly commentsCount?: number; + /** + * List of product names of alerts in the incident + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly alertProductNames?: string[]; + /** + * The tactics associated with incident + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly tactics?: AttackTactic[]; +} + +/** + * Represents an incident in Azure Security Insights. + */ +export interface Incident extends ResourceWithEtag { + /** + * Additional data on the incident + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: IncidentAdditionalData; + /** + * The reason the incident was closed. Possible values include: 'Undetermined', 'TruePositive', + * 'BenignPositive', 'FalsePositive' + */ + classification?: IncidentClassification; + /** + * Describes the reason the incident was closed + */ + classificationComment?: string; + /** + * The classification reason the incident was closed with. Possible values include: + * 'SuspiciousActivity', 'SuspiciousButExpected', 'IncorrectAlertLogic', 'InaccurateData' + */ + classificationReason?: IncidentClassificationReason; + /** + * The time the incident was created + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly createdTimeUtc?: Date; + /** + * The description of the incident + */ + description?: string; + /** + * The time of the first activity in the incident + */ + firstActivityTimeUtc?: Date; + /** + * The deep-link url to the incident in Azure portal + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly incidentUrl?: string; + /** + * A sequential number + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly incidentNumber?: number; + /** + * List of labels relevant to this incident + */ + labels?: IncidentLabel[]; + /** + * The name of the source provider that generated the incident + */ + providerName?: string; + /** + * The incident ID assigned by the incident provider + */ + providerIncidentId?: string; + /** + * The time of the last activity in the incident + */ + lastActivityTimeUtc?: Date; + /** + * The last time the incident was updated + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly lastModifiedTimeUtc?: Date; + /** + * Describes a user that the incident is assigned to + */ + owner?: IncidentOwnerInfo; + /** + * List of resource ids of Analytic rules related to the incident + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly relatedAnalyticRuleIds?: string[]; + /** + * The severity of the incident. Possible values include: 'High', 'Medium', 'Low', + * 'Informational' + */ + severity: IncidentSeverity; + /** + * The status of the incident. Possible values include: 'New', 'Active', 'Closed' + */ + status: IncidentStatus; + /** + * The title of the incident + */ + title: string; +} + +/** + * List of incident alerts. + */ +export interface IncidentAlertList { + /** + * Array of incident alerts. + */ + value: SecurityAlert[]; +} + +/** + * List of incident bookmarks. + */ +export interface IncidentBookmarkList { + /** + * Array of incident bookmarks. + */ + value: HuntingBookmark[]; +} + +/** + * Represents an incident comment + */ +export interface IncidentComment extends ResourceWithEtag { + /** + * The time the comment was created + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly createdTimeUtc?: Date; + /** + * The time the comment was updated + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly lastModifiedTimeUtc?: Date; + /** + * The comment message + */ + message: string; + /** + * Describes the client that created the comment + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly author?: ClientInfo; +} + +/** + * Information of a specific aggregation in the incident related entities result. + */ +export interface IncidentEntitiesResultsMetadata { + /** + * Total number of aggregations of the given kind in the incident related entities result. + */ + count: number; + /** + * The kind of the aggregated entity. Possible values include: 'Account', 'Host', 'File', + * 'AzureResource', 'CloudApplication', 'DnsResolution', 'FileHash', 'Ip', 'Malware', 'Process', + * 'RegistryKey', 'RegistryValue', 'SecurityGroup', 'Url', 'IoTDevice', 'SecurityAlert', + * 'Bookmark', 'MailCluster', 'MailMessage', 'Mailbox', 'SubmissionMail' + */ + entityKind: EntityKind; +} + +/** + * The incident related entities response. + */ +export interface IncidentEntitiesResponse { + /** + * Array of the incident related entities. + */ + entities?: EntityUnion[]; + /** + * The metadata from the incident related entities results. + */ + metaData?: IncidentEntitiesResultsMetadata[]; +} + +/** + * Describes team information + */ +export interface TeamInformation { + /** + * Team ID + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly teamId?: string; + /** + * The primary channel URL of the team + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly primaryChannelUrl?: string; + /** + * The time the team was created + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly teamCreationTimeUtc?: Date; + /** + * The name of the team + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The description of the team + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly description?: string; +} + +/** + * Describes team properties + */ +export interface TeamProperties { + /** + * The name of the team + */ + teamName: string; + /** + * The description of the team + */ + teamDescription?: string; + /** + * List of member IDs to add to the team + */ + memberIds?: string[]; + /** + * List of group IDs to add their members to the team + */ + groupIds?: string[]; +} + +/** + * The original source of the content item, where it comes from. + */ +export interface MetadataSource { + /** + * Source type of the content. Possible values include: 'LocalWorkspace', 'Community', + * 'Solution', 'SourceRepository' + */ + kind: SourceKind; + /** + * Name of the content source. The repo name, solution name, LA workspace name etc. + */ + name?: string; + /** + * ID of the content source. The solution ID, workspace ID, etc + */ + sourceId?: string; +} + +/** + * Publisher or creator of the content item. + */ +export interface MetadataAuthor { + /** + * Name of the author. Company or person. + */ + name?: string; + /** + * Email of author contact + */ + email?: string; + /** + * Link for author/vendor page + */ + link?: string; +} + +/** + * Support information for the content item. + */ +export interface MetadataSupport { + /** + * Type of support for content item. Possible values include: 'Microsoft', 'Partner', 'Community' + */ + tier: SupportTier; + /** + * Name of the support contact. Company or person. + */ + name?: string; + /** + * Email of support contact + */ + email?: string; + /** + * Link for support help, like to support page to open a ticket etc. + */ + link?: string; +} + +/** + * Dependencies for the content item, what other content items it requires to work. Can describe + * more complex dependencies using a recursive/nested structure. For a single dependency an + * id/kind/version can be supplied or operator/criteria for complex dependencies. + */ +export interface MetadataDependencies { + /** + * Id of the content item we depend on + */ + contentId?: string; + /** + * Type of the content item we depend on. Possible values include: 'DataConnector', 'DataType', + * 'Workbook', 'WorkbookTemplate', 'Playbook', 'PlaybookTemplate', 'AnalyticsRuleTemplate', + * 'AnalyticsRule', 'HuntingQuery', 'InvestigationQuery', 'Parser', 'Watchlist', + * 'WatchlistTemplate', 'Solution' + */ + kind?: Kind; + /** + * Version of the the content item we depend on. Can be blank, * or missing to indicate any + * version fulfills the dependency. If version does not match our defined numeric format then an + * exact match is required. + */ + version?: string; + /** + * Name of the content item + */ + name?: string; + /** + * Operator used for list of dependencies in criteria array. Possible values include: 'AND', 'OR' + */ + operator?: Operator; + /** + * This is the list of dependencies we must fulfill, according to the AND/OR operator + */ + criteria?: MetadataDependencies[]; +} + +/** + * ies for the solution content item + */ +export interface MetadataCategories { + /** + * domain for the solution content item + */ + domains?: string[]; + /** + * Industry verticals for the solution content item + */ + verticals?: string[]; +} + +/** + * Metadata resource definition. + */ +export interface MetadataModel extends ResourceWithEtag { + /** + * Static ID for the content. Used to identify dependencies and content from solutions or + * community. Hard-coded/static for out of the box content and solutions. Dynamic for + * user-created. This is the resource name + */ + contentId?: string; + /** + * Full parent resource ID of the content item the metadata is for. This is the full resource ID + * including the scope (subscription and resource group) + */ + parentId: string; + /** + * Version of the content. Default and recommended format is numeric (e.g. 1, 1.0, 1.0.0, + * 1.0.0.0), following ARM template best practices. Can also be any string, but then we cannot + * guarantee any version checks + */ + version?: string; + /** + * The kind of content the metadata is for. Possible values include: 'DataConnector', 'DataType', + * 'Workbook', 'WorkbookTemplate', 'Playbook', 'PlaybookTemplate', 'AnalyticsRuleTemplate', + * 'AnalyticsRule', 'HuntingQuery', 'InvestigationQuery', 'Parser', 'Watchlist', + * 'WatchlistTemplate', 'Solution' + */ + kind: Kind; + /** + * Source of the content. This is where/how it was created. + */ + source?: MetadataSource; + /** + * The creator of the content item. + */ + author?: MetadataAuthor; + /** + * Support information for the metadata - type, name, contact information + */ + support?: MetadataSupport; + /** + * Dependencies for the content item, what other content items it requires to work. Can describe + * more complex dependencies using a recursive/nested structure. For a single dependency an + * id/kind/version can be supplied or operator/criteria for complex formats. + */ + dependencies?: MetadataDependencies; + /** + * Categories for the solution content item + */ + categories?: MetadataCategories; + /** + * Providers for the solution content item + */ + providers?: string[]; + /** + * first publish date solution content item + */ + firstPublishDate?: Date; + /** + * last publish date for the solution content item + */ + lastPublishDate?: Date; +} + +/** + * Metadata patch request body. + */ +export interface MetadataPatch extends ResourceWithEtag { + /** + * Static ID for the content. Used to identify dependencies and content from solutions or + * community. Hard-coded/static for out of the box content and solutions. Dynamic for + * user-created. This is the resource name + */ + contentId?: string; + /** + * Full parent resource ID of the content item the metadata is for. This is the full resource ID + * including the scope (subscription and resource group) + */ + parentId?: string; + /** + * Version of the content. Default and recommended format is numeric (e.g. 1, 1.0, 1.0.0, + * 1.0.0.0), following ARM template best practices. Can also be any string, but then we cannot + * guarantee any version checks + */ + version?: string; + /** + * The kind of content the metadata is for. Possible values include: 'DataConnector', 'DataType', + * 'Workbook', 'WorkbookTemplate', 'Playbook', 'PlaybookTemplate', 'AnalyticsRuleTemplate', + * 'AnalyticsRule', 'HuntingQuery', 'InvestigationQuery', 'Parser', 'Watchlist', + * 'WatchlistTemplate', 'Solution' + */ + kind?: Kind; + /** + * Source of the content. This is where/how it was created. + */ + source?: MetadataSource; + /** + * The creator of the content item. + */ + author?: MetadataAuthor; + /** + * Support information for the metadata - type, name, contact information + */ + support?: MetadataSupport; + /** + * Dependencies for the content item, what other content items it requires to work. Can describe + * more complex dependencies using a recursive/nested structure. For a single dependency an + * id/kind/version can be supplied or operator/criteria for complex formats. + */ + dependencies?: MetadataDependencies; + /** + * Categories for the solution content item + */ + categories?: MetadataCategories; + /** + * Providers for the solution content item + */ + providers?: string[]; + /** + * first publish date solution content item + */ + firstPublishDate?: Date; + /** + * last publish date for the solution content item + */ + lastPublishDate?: Date; +} + +/** + * Sentinel onboarding state + */ +export interface SentinelOnboardingState extends ResourceWithEtag { + /** + * Flag that indicates the status of the CMK setting + */ + customerManagedKey?: boolean; +} + +/** + * List of the Sentinel onboarding states + */ +export interface SentinelOnboardingStatesList { + /** + * Array of Sentinel onboarding states + */ + value: SentinelOnboardingState[]; +} + +/** + * Contains the possible cases for Settings. + */ +export type SettingsUnion = Settings | Anomalies | EyesOn | EntityAnalytics | Ueba; + +/** + * The Setting. + */ +export interface Settings { + /** + * Polymorphic Discriminator + */ + kind: "Settings"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; +} + +/** + * List of all the settings. + */ +export interface SettingList { + /** + * Array of settings. + */ + value: SettingsUnion[]; +} + +/** + * Settings with single toggle. + */ +export interface Anomalies { + /** + * Polymorphic Discriminator + */ + kind: "Anomalies"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * Determines whether the setting is enable or disabled. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly isEnabled?: boolean; +} + +/** + * Settings with single toggle. + */ +export interface EyesOn { + /** + * Polymorphic Discriminator + */ + kind: "EyesOn"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * Determines whether the setting is enable or disabled. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly isEnabled?: boolean; +} + +/** + * Settings with single toggle. + */ +export interface EntityAnalytics { + /** + * Polymorphic Discriminator + */ + kind: "EntityAnalytics"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * Determines whether the setting is enable or disabled. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly isEnabled?: boolean; +} + +/** + * Settings with single toggle. + */ +export interface Ueba { + /** + * Polymorphic Discriminator + */ + kind: "Ueba"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The relevant data sources that enriched by ueba + */ + dataSources?: UebaDataSources[]; +} + +/** + * The pricing tier of the solution + */ +export interface Sku { + /** + * The kind of the tier. Possible values include: 'PerGB', 'CapacityReservation' + */ + name?: SkuKind; + /** + * The amount of reservation level + */ + capacityReservationLevel?: number; +} + +/** + * Represents a repository. + */ +export interface Repo { + /** + * The url to access the repository. + */ + url?: string; + /** + * The name of the repository. + */ + fullName?: string; + /** + * Array of branches. + */ + branches?: string[]; +} + +/** + * The mapping of content type to a repo path. + */ +export interface ContentPathMap { + /** + * Content type. Possible values include: 'AnalyticRule', 'Workbook' + */ + contentType?: ContentType; + /** + * The path to the content. + */ + path?: string; +} + +/** + * metadata of a repository. + */ +export interface Repository { + /** + * Url of repository. + */ + url?: string; + /** + * Branch name of repository. + */ + branch?: string; + /** + * Display url of repository. + */ + displayUrl?: string; + /** + * Url to access repository action logs. + */ + deploymentLogsUrl?: string; + /** + * Dictionary of source control content type and path mapping. + */ + pathMapping?: ContentPathMap[]; +} + +/** + * Represents a SourceControl in Azure Security Insights. + */ +export interface SourceControl extends ResourceWithEtag { + /** + * The id (a Guid) of the source control + */ + sourceControlId?: string; + /** + * The display name of the source control + */ + displayName: string; + /** + * A description of the source control + */ + description?: string; + /** + * The repository type of the source control. Possible values include: 'Github', 'DevOps' + */ + repoType: RepoType; + /** + * Array of source control content types. + */ + contentTypes: ContentType[]; + /** + * Repository metadata. + */ + repository: Repository; +} + +/** + * Represents a Watchlist in Azure Security Insights. + */ +export interface Watchlist extends ResourceWithEtag { + /** + * The id (a Guid) of the watchlist + */ + watchlistId?: string; + /** + * The display name of the watchlist + */ + displayName: string; + /** + * The provider of the watchlist + */ + provider: string; + /** + * The source of the watchlist. Possible values include: 'Local file', 'Remote storage' + */ + source: Source; + /** + * The time the watchlist was created + */ + created?: Date; + /** + * The last time the watchlist was updated + */ + updated?: Date; + /** + * Describes a user that created the watchlist + */ + createdBy?: UserInfo; + /** + * Describes a user that updated the watchlist + */ + updatedBy?: UserInfo; + /** + * A description of the watchlist + */ + description?: string; + /** + * The type of the watchlist + */ + watchlistType?: string; + /** + * The alias of the watchlist + */ + watchlistAlias?: string; + /** + * A flag that indicates if the watchlist is deleted or not + */ + isDeleted?: boolean; + /** + * List of labels relevant to this watchlist + */ + labels?: string[]; + /** + * The default duration of a watchlist (in ISO 8601 duration format) + */ + defaultDuration?: string; + /** + * The tenantId where the watchlist belongs to + */ + tenantId?: string; + /** + * The number of lines in a csv/tsv content to skip before the header + */ + numberOfLinesToSkip?: number; + /** + * The raw content that represents to watchlist items to create. In case of csv/tsv content type, + * it's the content of the file that will parsed by the endpoint + */ + rawContent?: string; + /** + * The search key is used to optimize query performance when using watchlists for joins with + * other data. For example, enable a column with IP addresses to be the designated SearchKey + * field, then use this field as the key field when joining to other event data by IP address. + */ + itemsSearchKey: string; + /** + * The content type of the raw content. Example : text/csv or text/tsv + */ + contentType?: string; + /** + * The status of the Watchlist upload : New, InProgress or Complete. Pls note : When a Watchlist + * upload status is equal to InProgress, the Watchlist cannot be deleted + */ + uploadStatus?: string; + /** + * The number of Watchlist Items in the Watchlist + */ + watchlistItemsCount?: number; +} + +/** + * Represents a Watchlist item in Azure Security Insights. + */ +export interface WatchlistItem extends ResourceWithEtag { + /** + * The type of the watchlist item + */ + watchlistItemType?: string; + /** + * The id (a Guid) of the watchlist item + */ + watchlistItemId?: string; + /** + * The tenantId to which the watchlist item belongs to + */ + tenantId?: string; + /** + * A flag that indicates if the watchlist item is deleted or not + */ + isDeleted?: boolean; + /** + * The time the watchlist item was created + */ + created?: Date; + /** + * The last time the watchlist item was updated + */ + updated?: Date; + /** + * Describes a user that created the watchlist item + */ + createdBy?: UserInfo; + /** + * Describes a user that updated the watchlist item + */ + updatedBy?: UserInfo; + /** + * key-value pairs for a watchlist item + */ + itemsKeyValue: any; + /** + * key-value pairs for a watchlist item entity mapping + */ + entityMapping?: any; +} + +/** + * Contains the possible cases for DataConnectorsCheckRequirements. + */ +export type DataConnectorsCheckRequirementsUnion = DataConnectorsCheckRequirements | AADCheckRequirements | AATPCheckRequirements | ASCCheckRequirements | AwsCloudTrailCheckRequirements | AwsS3CheckRequirements | Dynamics365CheckRequirements | MCASCheckRequirements | MDATPCheckRequirements | MSTICheckRequirements | MtpCheckRequirements | OfficeATPCheckRequirements | TICheckRequirements | TiTaxiiCheckRequirements; + +/** + * Data connector requirements properties. + */ +export interface DataConnectorsCheckRequirements { + /** + * Polymorphic Discriminator + */ + kind: "DataConnectorsCheckRequirements"; +} + +/** + * Represents AAD (Azure Active Directory) requirements check request. + */ +export interface AADCheckRequirements { + /** + * Polymorphic Discriminator + */ + kind: "AzureActiveDirectory"; + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; +} + +/** + * Represents AATP (Azure Advanced Threat Protection) requirements check request. + */ +export interface AATPCheckRequirements { + /** + * Polymorphic Discriminator + */ + kind: "AzureAdvancedThreatProtection"; + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; +} + +/** + * Represents ASC (Azure Security Center) requirements check request. + */ +export interface ASCCheckRequirements { + /** + * Polymorphic Discriminator + */ + kind: "AzureSecurityCenter"; + /** + * The subscription id to connect to, and get the data from. + */ + subscriptionId?: string; +} + +/** + * Amazon Web Services CloudTrail requirements check request. + */ +export interface AwsCloudTrailCheckRequirements { + /** + * Polymorphic Discriminator + */ + kind: "AmazonWebServicesCloudTrail"; +} + +/** + * Amazon Web Services S3 requirements check request. + */ +export interface AwsS3CheckRequirements { + /** + * Polymorphic Discriminator + */ + kind: "AmazonWebServicesS3"; +} + +/** + * Data connector requirements status. + */ +export interface DataConnectorRequirementsState { + /** + * Authorization state for this connector. Possible values include: 'Valid', 'Invalid' + */ + authorizationState?: DataConnectorAuthorizationState; + /** + * License state for this connector. Possible values include: 'Valid', 'Invalid', 'Unknown' + */ + licenseState?: DataConnectorLicenseState; +} + +/** + * Represents Dynamics365 requirements check request. + */ +export interface Dynamics365CheckRequirements { + /** + * Polymorphic Discriminator + */ + kind: "Dynamics365"; + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; +} + +/** + * Represents MCAS (Microsoft Cloud App Security) requirements check request. + */ +export interface MCASCheckRequirements { + /** + * Polymorphic Discriminator + */ + kind: "MicrosoftCloudAppSecurity"; + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; +} + +/** + * Represents MDATP (Microsoft Defender Advanced Threat Protection) requirements check request. + */ +export interface MDATPCheckRequirements { + /** + * Polymorphic Discriminator + */ + kind: "MicrosoftDefenderAdvancedThreatProtection"; + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; +} + +/** + * Represents Microsoft Threat Intelligence requirements check request. + */ +export interface MSTICheckRequirements { + /** + * Polymorphic Discriminator + */ + kind: "MicrosoftThreatIntelligence"; + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; +} + +/** + * Represents MTP (Microsoft Threat Protection) requirements check request. + */ +export interface MtpCheckRequirements { + /** + * Polymorphic Discriminator + */ + kind: "MicrosoftThreatProtection"; + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; +} + +/** + * Represents OfficeATP (Office 365 Advanced Threat Protection) requirements check request. + */ +export interface OfficeATPCheckRequirements { + /** + * Polymorphic Discriminator + */ + kind: "OfficeATP"; + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; +} + +/** + * Threat Intelligence Platforms data connector check requirements + */ +export interface TICheckRequirements { + /** + * Polymorphic Discriminator + */ + kind: "ThreatIntelligence"; + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; +} + +/** + * Threat Intelligence TAXII data connector check requirements + */ +export interface TiTaxiiCheckRequirements { + /** + * Polymorphic Discriminator + */ + kind: "ThreatIntelligenceTaxii"; + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; +} + +/** + * Common field for data type in data connectors. + */ +export interface DataConnectorDataTypeCommon { + /** + * Describe whether this data type connection is enabled or not. Possible values include: + * 'Enabled', 'Disabled' + */ + state: DataTypeState; +} + +/** + * Alerts data type for data connectors. + */ +export interface AlertsDataTypeOfDataConnector { + /** + * Alerts data type connection. + */ + alerts: DataConnectorDataTypeCommon; +} + +/** + * Contains the possible cases for DataConnector. + */ +export type DataConnectorUnion = DataConnector | AADDataConnector | MSTIDataConnector | MTPDataConnector | AATPDataConnector | ASCDataConnector | AwsCloudTrailDataConnector | AwsS3DataConnector | MCASDataConnector | Dynamics365DataConnector | OfficeATPDataConnector | MDATPDataConnector | OfficeDataConnector | TIDataConnector | TiTaxiiDataConnector | CodelessUiDataConnector; + +/** + * Data connector + */ +export interface DataConnector { + /** + * Polymorphic Discriminator + */ + kind: "DataConnector"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; +} + +/** + * Represents AAD (Azure Active Directory) data connector. + */ +export interface AADDataConnector { + /** + * Polymorphic Discriminator + */ + kind: "AzureActiveDirectory"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; + /** + * The available data types for the connector. + */ + dataTypes?: AlertsDataTypeOfDataConnector; +} + +/** + * Data type for Microsoft Threat Intelligence Platforms data connector. + */ +export interface MSTIDataConnectorDataTypesBingSafetyPhishingURL extends DataConnectorDataTypeCommon { + /** + * lookback period + */ + lookbackPeriod: string; +} + +/** + * Data type for Microsoft Threat Intelligence Platforms data connector. + */ +export interface MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed extends DataConnectorDataTypeCommon { + /** + * lookback period + */ + lookbackPeriod: string; +} + +/** + * The available data types for Microsoft Threat Intelligence Platforms data connector. + */ +export interface MSTIDataConnectorDataTypes { + /** + * Data type for Microsoft Threat Intelligence Platforms data connector. + */ + bingSafetyPhishingURL: MSTIDataConnectorDataTypesBingSafetyPhishingURL; + /** + * Data type for Microsoft Threat Intelligence Platforms data connector. + */ + microsoftEmergingThreatFeed: MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed; +} + +/** + * Represents Microsoft Threat Intelligence data connector. + */ +export interface MSTIDataConnector { + /** + * Polymorphic Discriminator + */ + kind: "MicrosoftThreatIntelligence"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; + /** + * The available data types for the connector. + */ + dataTypes: MSTIDataConnectorDataTypes; +} + +/** + * Data type for Microsoft Threat Protection Platforms data connector. + */ +export interface MTPDataConnectorDataTypesIncidents extends DataConnectorDataTypeCommon { +} + +/** + * The available data types for Microsoft Threat Protection Platforms data connector. + */ +export interface MTPDataConnectorDataTypes { + /** + * Data type for Microsoft Threat Protection Platforms data connector. + */ + incidents: MTPDataConnectorDataTypesIncidents; +} + +/** + * Represents MTP (Microsoft Threat Protection) data connector. + */ +export interface MTPDataConnector { + /** + * Polymorphic Discriminator + */ + kind: "MicrosoftThreatProtection"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; + /** + * The available data types for the connector. + */ + dataTypes: MTPDataConnectorDataTypes; +} + +/** + * Represents AATP (Azure Advanced Threat Protection) data connector. + */ +export interface AATPDataConnector { + /** + * Polymorphic Discriminator + */ + kind: "AzureAdvancedThreatProtection"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; + /** + * The available data types for the connector. + */ + dataTypes?: AlertsDataTypeOfDataConnector; +} + +/** + * Represents ASC (Azure Security Center) data connector. + */ +export interface ASCDataConnector { + /** + * Polymorphic Discriminator + */ + kind: "AzureSecurityCenter"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The available data types for the connector. + */ + dataTypes?: AlertsDataTypeOfDataConnector; + /** + * The subscription id to connect to, and get the data from. + */ + subscriptionId?: string; +} + +/** + * Logs data type. + */ +export interface AwsCloudTrailDataConnectorDataTypesLogs extends DataConnectorDataTypeCommon { +} + +/** + * The available data types for Amazon Web Services CloudTrail data connector. + */ +export interface AwsCloudTrailDataConnectorDataTypes { + /** + * Logs data type. + */ + logs: AwsCloudTrailDataConnectorDataTypesLogs; +} + +/** + * Represents Amazon Web Services CloudTrail data connector. + */ +export interface AwsCloudTrailDataConnector { + /** + * Polymorphic Discriminator + */ + kind: "AmazonWebServicesCloudTrail"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The Aws Role Arn (with CloudTrailReadOnly policy) that is used to access the Aws account. + */ + awsRoleArn?: string; + /** + * The available data types for the connector. + */ + dataTypes: AwsCloudTrailDataConnectorDataTypes; +} + +/** + * Logs data type. + */ +export interface AwsS3DataConnectorDataTypesLogs extends DataConnectorDataTypeCommon { +} + +/** + * The available data types for Amazon Web Services S3 data connector. + */ +export interface AwsS3DataConnectorDataTypes { + /** + * Logs data type. + */ + logs: AwsS3DataConnectorDataTypesLogs; +} + +/** + * Represents Amazon Web Services S3 data connector. + */ +export interface AwsS3DataConnector { + /** + * Polymorphic Discriminator + */ + kind: "AmazonWebServicesS3"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The logs destination table name in LogAnalytics. + */ + destinationTable: string; + /** + * The AWS sqs urls for the connector. + */ + sqsUrls: string[]; + /** + * The Aws Role Arn that is used to access the Aws account. + */ + roleArn: string; + /** + * The available data types for the connector. + */ + dataTypes: AwsS3DataConnectorDataTypes; +} + +/** + * Data connector properties. + */ +export interface DataConnectorWithAlertsProperties { + /** + * The available data types for the connector. + */ + dataTypes?: AlertsDataTypeOfDataConnector; +} + +/** + * Properties data connector on tenant level. + */ +export interface DataConnectorTenantId { + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; +} + +/** + * The available data types for MCAS (Microsoft Cloud App Security) data connector. + */ +export interface MCASDataConnectorDataTypes extends AlertsDataTypeOfDataConnector { + /** + * Discovery log data type connection. + */ + discoveryLogs?: DataConnectorDataTypeCommon; +} + +/** + * Represents MCAS (Microsoft Cloud App Security) data connector. + */ +export interface MCASDataConnector { + /** + * Polymorphic Discriminator + */ + kind: "MicrosoftCloudAppSecurity"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; + /** + * The available data types for the connector. + */ + dataTypes: MCASDataConnectorDataTypes; +} + +/** + * Common Data Service data type connection. + */ +export interface Dynamics365DataConnectorDataTypesDynamics365CdsActivities extends DataConnectorDataTypeCommon { +} + +/** + * The available data types for Dynamics365 data connector. + */ +export interface Dynamics365DataConnectorDataTypes { + /** + * Common Data Service data type connection. + */ + dynamics365CdsActivities: Dynamics365DataConnectorDataTypesDynamics365CdsActivities; +} + +/** + * Represents Dynamics365 data connector. + */ +export interface Dynamics365DataConnector { + /** + * Polymorphic Discriminator + */ + kind: "Dynamics365"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; + /** + * The available data types for the connector. + */ + dataTypes: Dynamics365DataConnectorDataTypes; +} + +/** + * Represents OfficeATP (Office 365 Advanced Threat Protection) data connector. + */ +export interface OfficeATPDataConnector { + /** + * Polymorphic Discriminator + */ + kind: "OfficeATP"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; + /** + * The available data types for the connector. + */ + dataTypes?: AlertsDataTypeOfDataConnector; +} + +/** + * Represents MDATP (Microsoft Defender Advanced Threat Protection) data connector. + */ +export interface MDATPDataConnector { + /** + * Polymorphic Discriminator + */ + kind: "MicrosoftDefenderAdvancedThreatProtection"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; + /** + * The available data types for the connector. + */ + dataTypes?: AlertsDataTypeOfDataConnector; +} + +/** + * Exchange data type connection. + */ +export interface OfficeDataConnectorDataTypesExchange extends DataConnectorDataTypeCommon { +} + +/** + * SharePoint data type connection. + */ +export interface OfficeDataConnectorDataTypesSharePoint extends DataConnectorDataTypeCommon { +} + +/** + * Teams data type connection. + */ +export interface OfficeDataConnectorDataTypesTeams extends DataConnectorDataTypeCommon { +} + +/** + * The available data types for office data connector. + */ +export interface OfficeDataConnectorDataTypes { + /** + * Exchange data type connection. + */ + exchange: OfficeDataConnectorDataTypesExchange; + /** + * SharePoint data type connection. + */ + sharePoint: OfficeDataConnectorDataTypesSharePoint; + /** + * Teams data type connection. + */ + teams: OfficeDataConnectorDataTypesTeams; +} + +/** + * Represents office data connector. + */ +export interface OfficeDataConnector { + /** + * Polymorphic Discriminator + */ + kind: "Office365"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; + /** + * The available data types for the connector. + */ + dataTypes: OfficeDataConnectorDataTypes; +} + +/** + * Data type for indicators connection. + */ +export interface TIDataConnectorDataTypesIndicators extends DataConnectorDataTypeCommon { +} + +/** + * The available data types for TI (Threat Intelligence) data connector. + */ +export interface TIDataConnectorDataTypes { + /** + * Data type for indicators connection. + */ + indicators: TIDataConnectorDataTypesIndicators; +} + +/** + * Represents threat intelligence data connector. + */ +export interface TIDataConnector { + /** + * Polymorphic Discriminator + */ + kind: "ThreatIntelligence"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; + /** + * The lookback period for the feed to be imported. + */ + tipLookbackPeriod?: Date; + /** + * The available data types for the connector. + */ + dataTypes: TIDataConnectorDataTypes; +} + +/** + * Data type for TAXII connector. + */ +export interface TiTaxiiDataConnectorDataTypesTaxiiClient extends DataConnectorDataTypeCommon { +} + +/** + * The available data types for Threat Intelligence TAXII data connector. + */ +export interface TiTaxiiDataConnectorDataTypes { + /** + * Data type for TAXII connector. + */ + taxiiClient: TiTaxiiDataConnectorDataTypesTaxiiClient; +} + +/** + * Data connector to pull Threat intelligence data from TAXII 2.0/2.1 server + */ +export interface TiTaxiiDataConnector { + /** + * Polymorphic Discriminator + */ + kind: "ThreatIntelligenceTaxii"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * The tenant id to connect to, and get the data from. + */ + tenantId: string; + /** + * The workspace id. + */ + workspaceId?: string; + /** + * The friendly name for the TAXII server. + */ + friendlyName?: string; + /** + * The API root for the TAXII server. + */ + taxiiServer?: string; + /** + * The collection id of the TAXII server. + */ + collectionId?: string; + /** + * The userName for the TAXII server. + */ + userName?: string; + /** + * The password for the TAXII server. + */ + password?: string; + /** + * The lookback period for the TAXII server. + */ + taxiiLookbackPeriod?: Date; + /** + * The polling frequency for the TAXII server. Possible values include: 'OnceAMinute', + * 'OnceAnHour', 'OnceADay' + */ + pollingFrequency: PollingFrequency; + /** + * The available data types for Threat Intelligence TAXII data connector. + */ + dataTypes: TiTaxiiDataConnectorDataTypes; +} + +/** + * The graph query to show the current data status + */ +export interface GraphQueries { + /** + * the metric that the query is checking + */ + metricName?: string; + /** + * The legend for the graph + */ + legend?: string; + /** + * The base query for the graph + */ + baseQuery?: string; +} + +/** + * An interface representing CodelessUiConnectorConfigPropertiesGraphQueriesItem. + */ +export interface CodelessUiConnectorConfigPropertiesGraphQueriesItem extends GraphQueries { +} + +/** + * The sample queries for the connector + */ +export interface SampleQueries { + /** + * The sample query description + */ + description?: string; + /** + * the sample query + */ + query?: string; +} + +/** + * An interface representing CodelessUiConnectorConfigPropertiesSampleQueriesItem. + */ +export interface CodelessUiConnectorConfigPropertiesSampleQueriesItem extends SampleQueries { +} + +/** + * Data type for last data received + */ +export interface LastDataReceivedDataType { + /** + * Name of the data type to show in the graph. can be use with {{graphQueriesTableName}} + * placeholder + */ + name?: string; + /** + * Query for indicate last data received + */ + lastDataReceivedQuery?: string; +} + +/** + * An interface representing CodelessUiConnectorConfigPropertiesDataTypesItem. + */ +export interface CodelessUiConnectorConfigPropertiesDataTypesItem extends LastDataReceivedDataType { +} + +/** + * Setting for the connector check connectivity + */ +export interface ConnectivityCriteria { + /** + * type of connectivity. Possible values include: 'IsConnectedQuery' + */ + type?: ConnectivityType; + /** + * Queries for checking connectivity + */ + value?: string[]; +} + +/** + * An interface representing CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem. + */ +export interface CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem extends ConnectivityCriteria { +} + +/** + * Connector Availability Status + */ +export interface Availability { + /** + * The connector Availability Status + */ + status?: number; + /** + * Set connector as preview + */ + isPreview?: boolean; +} + +/** + * Resource provider permissions required for the connector + */ +export interface ResourceProvider { + /** + * Provider name. Possible values include: 'Microsoft.OperationalInsights/solutions', + * 'Microsoft.OperationalInsights/workspaces', + * 'Microsoft.OperationalInsights/workspaces/datasources', 'microsoft.aadiam/diagnosticSettings', + * 'Microsoft.OperationalInsights/workspaces/sharedKeys', + * 'Microsoft.Authorization/policyAssignments' + */ + provider?: ProviderName; + /** + * Permission description text + */ + permissionsDisplayText?: string; + /** + * Permission provider display name + */ + providerDisplayName?: string; + /** + * Permission provider scope. Possible values include: 'ResourceGroup', 'Subscription', + * 'Workspace' + */ + scope?: PermissionProviderScope; + /** + * Required permissions for the connector + */ + requiredPermissions?: RequiredPermissions; +} + +/** + * An interface representing PermissionsResourceProviderItem. + */ +export interface PermissionsResourceProviderItem extends ResourceProvider { +} + +/** + * Customs permissions required for the connector + */ +export interface CustomsPermission { + /** + * Customs permissions name + */ + name?: string; + /** + * Customs permissions description + */ + description?: string; +} + +/** + * Customs permissions required for the connector + */ +export interface Customs extends CustomsPermission { +} + +/** + * An interface representing PermissionsCustomsItem. + */ +export interface PermissionsCustomsItem extends Customs { +} + +/** + * Permissions required for the connector + */ +export interface Permissions { + /** + * Resource provider permissions required for the connector + */ + resourceProvider?: PermissionsResourceProviderItem[]; + /** + * Customs permissions required for the connector + */ + customs?: PermissionsCustomsItem[]; +} + +/** + * Instruction steps to enable the connector + */ +export interface InstructionSteps { + /** + * Instruction step title + */ + title?: string; + /** + * Instruction step description + */ + description?: string; + /** + * Instruction step details + */ + instructions?: InstructionStepsInstructionsItem[]; +} + +/** + * An interface representing CodelessUiConnectorConfigPropertiesInstructionStepsItem. + */ +export interface CodelessUiConnectorConfigPropertiesInstructionStepsItem extends InstructionSteps { +} + +/** + * Config to describe the instructions blade + */ +export interface CodelessUiConnectorConfigProperties { + /** + * Connector blade title + */ + title: string; + /** + * Connector publisher name + */ + publisher: string; + /** + * Connector description + */ + descriptionMarkdown: string; + /** + * An optional custom image to be used when displaying the connector within Azure Sentinel's + * connector's gallery + */ + customImage?: string; + /** + * Name of the table the connector will insert the data to + */ + graphQueriesTableName: string; + /** + * The graph query to show the current data status + */ + graphQueries: CodelessUiConnectorConfigPropertiesGraphQueriesItem[]; + /** + * The sample queries for the connector + */ + sampleQueries: CodelessUiConnectorConfigPropertiesSampleQueriesItem[]; + /** + * Data types to check for last data received + */ + dataTypes: CodelessUiConnectorConfigPropertiesDataTypesItem[]; + /** + * Define the way the connector check connectivity + */ + connectivityCriteria: CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem[]; + /** + * Connector Availability Status + */ + availability: Availability; + /** + * Permissions required for the connector + */ + permissions: Permissions; + /** + * Instruction steps to enable the connector + */ + instructionSteps: CodelessUiConnectorConfigPropertiesInstructionStepsItem[]; +} + +/** + * Represents Codeless UI data connector. + */ +export interface CodelessUiDataConnector { + /** + * Polymorphic Discriminator + */ + kind: "GenericUI"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * Config to describe the instructions blade + */ + connectorUiConfig?: CodelessUiConnectorConfigProperties; +} + +/** + * Required permissions for the connector + */ +export interface RequiredPermissions { + /** + * action permission + */ + action?: boolean; + /** + * write permission + */ + write?: boolean; + /** + * read permission + */ + read?: boolean; + /** + * delete permission + */ + deleteProperty?: boolean; +} + +/** + * Instruction step details + */ +export interface ConnectorInstructionModelBase { + /** + * The parameters for the setting + */ + parameters?: any; + /** + * The kind of the setting. Possible values include: 'CopyableLabel', 'InstructionStepsGroup', + * 'InfoMessage' + */ + type: SettingType; +} + +/** + * An interface representing InstructionStepsInstructionsItem. + */ +export interface InstructionStepsInstructionsItem extends ConnectorInstructionModelBase { +} + +/** + * Contains the possible cases for ThreatIntelligenceInformation. + */ +export type ThreatIntelligenceInformationUnion = ThreatIntelligenceInformation | ThreatIntelligenceIndicatorModel; + +/** + * Threat intelligence information object. + */ +export interface ThreatIntelligenceInformation { + /** + * Polymorphic Discriminator + */ + kind: "ThreatIntelligenceInformation"; + /** + * Etag of the azure resource + */ + etag?: string; +} + +/** + * Describes threat kill chain phase entity + */ +export interface ThreatIntelligenceKillChainPhase { + /** + * Kill chainName name + */ + killChainName?: string; + /** + * Phase name + */ + phaseName?: string; +} + +/** + * Describes threat kill chain phase entity + */ +export interface ThreatIntelligenceParsedPatternTypeValue { + /** + * Type of the value + */ + valueType?: string; + /** + * Value of parsed pattern + */ + value?: string; +} + +/** + * Describes parsed pattern entity + */ +export interface ThreatIntelligenceParsedPattern { + /** + * Pattern type key + */ + patternTypeKey?: string; + /** + * Pattern type keys + */ + patternTypeValues?: ThreatIntelligenceParsedPatternTypeValue[]; +} + +/** + * Describes external reference + */ +export interface ThreatIntelligenceExternalReference { + /** + * External reference description + */ + description?: string; + /** + * External reference ID + */ + externalId?: string; + /** + * External reference source name + */ + sourceName?: string; + /** + * External reference URL + */ + url?: string; + /** + * External reference hashes + */ + hashes?: { [propertyName: string]: string }; +} + +/** + * Describes threat granular marking model entity + */ +export interface ThreatIntelligenceGranularMarkingModel { + /** + * Language granular marking model + */ + language?: string; + /** + * marking reference granular marking model + */ + markingRef?: number; + /** + * granular marking model selectors + */ + selectors?: string[]; +} + +/** + * Threat intelligence indicator entity. + */ +export interface ThreatIntelligenceIndicatorModel { + /** + * Polymorphic Discriminator + */ + kind: "indicator"; + /** + * Etag of the azure resource + */ + etag?: string; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * List of tags + */ + threatIntelligenceTags?: string[]; + /** + * Last updated time in UTC + */ + lastUpdatedTimeUtc?: string; + /** + * Source of a threat intelligence entity + */ + source?: string; + /** + * Display name of a threat intelligence entity + */ + displayName?: string; + /** + * Description of a threat intelligence entity + */ + description?: string; + /** + * Indicator types of threat intelligence entities + */ + indicatorTypes?: string[]; + /** + * Pattern of a threat intelligence entity + */ + pattern?: string; + /** + * Pattern type of a threat intelligence entity + */ + patternType?: string; + /** + * Pattern version of a threat intelligence entity + */ + patternVersion?: string; + /** + * Kill chain phases + */ + killChainPhases?: ThreatIntelligenceKillChainPhase[]; + /** + * Parsed patterns + */ + parsedPattern?: ThreatIntelligenceParsedPattern[]; + /** + * External ID of threat intelligence entity + */ + externalId?: string; + /** + * Created by reference of threat intelligence entity + */ + createdByRef?: string; + /** + * Is threat intelligence entity defanged + */ + defanged?: boolean; + /** + * External last updated time in UTC + */ + externalLastUpdatedTimeUtc?: string; + /** + * External References + */ + externalReferences?: ThreatIntelligenceExternalReference[]; + /** + * Granular Markings + */ + granularMarkings?: ThreatIntelligenceGranularMarkingModel[]; + /** + * Labels of threat intelligence entity + */ + labels?: string[]; + /** + * Is threat intelligence entity revoked + */ + revoked?: boolean; + /** + * Confidence of threat intelligence entity + */ + confidence?: number; + /** + * Threat intelligence entity object marking references + */ + objectMarkingRefs?: string[]; + /** + * Language of threat intelligence entity + */ + language?: string; + /** + * Threat types + */ + threatTypes?: string[]; + /** + * Valid from + */ + validFrom?: string; + /** + * Valid until + */ + validUntil?: string; + /** + * Created by + */ + created?: string; + /** + * Modified by + */ + modified?: string; + /** + * Extensions map + */ + extensions?: { [propertyName: string]: any }; +} + +/** + * Describes an entity with kind. + */ +export interface ThreatIntelligenceResourceKind { +} + +/** + * Threat intelligence indicator entity used in request body. + */ +export interface ThreatIntelligenceIndicatorModelForRequestBody extends ThreatIntelligenceResourceKind { + /** + * Etag of the azure resource + */ + etag?: string; + /** + * A bag of custom fields that should be part of the entity and will be presented to the user. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly additionalData?: { [propertyName: string]: any }; + /** + * The graph item display name which is a short humanly readable description of the graph item + * instance. This property is optional and might be system generated. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly friendlyName?: string; + /** + * List of tags + */ + threatIntelligenceTags?: string[]; + /** + * Last updated time in UTC + */ + lastUpdatedTimeUtc?: string; + /** + * Source of a threat intelligence entity + */ + source?: string; + /** + * Display name of a threat intelligence entity + */ + displayName?: string; + /** + * Description of a threat intelligence entity + */ + description?: string; + /** + * Indicator types of threat intelligence entities + */ + indicatorTypes?: string[]; + /** + * Pattern of a threat intelligence entity + */ + pattern?: string; + /** + * Pattern type of a threat intelligence entity + */ + patternType?: string; + /** + * Pattern version of a threat intelligence entity + */ + patternVersion?: string; + /** + * Kill chain phases + */ + killChainPhases?: ThreatIntelligenceKillChainPhase[]; + /** + * Parsed patterns + */ + parsedPattern?: ThreatIntelligenceParsedPattern[]; + /** + * External ID of threat intelligence entity + */ + externalId?: string; + /** + * Created by reference of threat intelligence entity + */ + createdByRef?: string; + /** + * Is threat intelligence entity defanged + */ + defanged?: boolean; + /** + * External last updated time in UTC + */ + externalLastUpdatedTimeUtc?: string; + /** + * External References + */ + externalReferences?: ThreatIntelligenceExternalReference[]; + /** + * Granular Markings + */ + granularMarkings?: ThreatIntelligenceGranularMarkingModel[]; + /** + * Labels of threat intelligence entity + */ + labels?: string[]; + /** + * Is threat intelligence entity revoked + */ + revoked?: boolean; + /** + * Confidence of threat intelligence entity + */ + confidence?: number; + /** + * Threat intelligence entity object marking references + */ + objectMarkingRefs?: string[]; + /** + * Language of threat intelligence entity + */ + language?: string; + /** + * Threat types + */ + threatTypes?: string[]; + /** + * Valid from + */ + validFrom?: string; + /** + * Valid until + */ + validUntil?: string; + /** + * Created by + */ + created?: string; + /** + * Modified by + */ + modified?: string; + /** + * Extensions map + */ + extensions?: { [propertyName: string]: any }; +} + +/** + * List of available columns for sorting + */ +export interface ThreatIntelligenceSortingCriteria { + /** + * Column name + */ + itemKey?: string; + /** + * Sorting order (ascending/descending/unsorted). Possible values include: 'unsorted', + * 'ascending', 'descending' + */ + sortOrder?: ThreatIntelligenceSortingCriteriaEnum; +} + +/** + * Filtering criteria for querying threat intelligence indicators. + */ +export interface ThreatIntelligenceFilteringCriteria { + /** + * Page size + */ + pageSize?: number; + /** + * Minimum confidence. + */ + minConfidence?: number; + /** + * Maximum confidence. + */ + maxConfidence?: number; + /** + * Start time for ValidUntil filter. + */ + minValidUntil?: string; + /** + * End time for ValidUntil filter. + */ + maxValidUntil?: string; + /** + * Parameter to include/exclude disabled indicators. + */ + includeDisabled?: boolean; + /** + * Columns to sort by and sorting order + */ + sortBy?: ThreatIntelligenceSortingCriteria[]; + /** + * Sources of threat intelligence indicators + */ + sources?: string[]; + /** + * Pattern types + */ + patternTypes?: string[]; + /** + * Threat types of threat intelligence indicators + */ + threatTypes?: string[]; + /** + * Ids of threat intelligence indicators + */ + ids?: string[]; + /** + * Keywords for searching threat intelligence indicators + */ + keywords?: string[]; + /** + * Skip token. + */ + skipToken?: string; +} + +/** + * Array of tags to be appended to the threat intelligence indicator. + */ +export interface ThreatIntelligenceAppendTags { + /** + * List of tags to be appended. + */ + threatIntelligenceTags?: string[]; +} + +/** + * Describes threat intelligence metric entity + */ +export interface ThreatIntelligenceMetricEntity { + /** + * Metric name + */ + metricName?: string; + /** + * Metric value + */ + metricValue?: number; +} + +/** + * Describes threat intelligence metric + */ +export interface ThreatIntelligenceMetric { + /** + * Last updated indicator metric + */ + lastUpdatedTimeUtc?: string; + /** + * Threat type metrics + */ + threatTypeMetrics?: ThreatIntelligenceMetricEntity[]; + /** + * Pattern type metrics + */ + patternTypeMetrics?: ThreatIntelligenceMetricEntity[]; + /** + * Source metrics + */ + sourceMetrics?: ThreatIntelligenceMetricEntity[]; +} + +/** + * Threat intelligence metrics. + */ +export interface ThreatIntelligenceMetrics { + /** + * Threat intelligence metrics. + */ + properties?: ThreatIntelligenceMetric; +} + +/** + * List of all the threat intelligence metric fields (type/threat type/source). + */ +export interface ThreatIntelligenceMetricsList { + /** + * Array of threat intelligence metric fields (type/threat type/source). + */ + value: ThreatIntelligenceMetrics[]; +} + +/** + * Properties of the operation + */ +export interface OperationDisplay { + /** + * Description of the operation + */ + description?: string; + /** + * Operation name + */ + operation?: string; + /** + * Provider name + */ + provider?: string; + /** + * Resource name + */ + resource?: string; +} + +/** + * Operation provided by provider + */ +export interface Operation { + /** + * Properties of the operation + */ + display?: OperationDisplay; + /** + * Name of the operation + */ + name?: string; + /** + * The origin of the operation + */ + origin?: string; + /** + * Indicates whether the operation is a data action + */ + isDataAction?: boolean; +} + +/** + * Consent for Office365 tenant that already made. + */ +export interface OfficeConsent extends Resource { + /** + * The tenantId of the Office365 with the consent. + */ + tenantId?: string; + /** + * Help to easily cascade among the data layers. + */ + consentId?: string; +} + +/** + * Contains the possible cases for EntityQueryTemplate. + */ +export type EntityQueryTemplateUnion = EntityQueryTemplate | ActivityEntityQueryTemplate; + +/** + * Specific entity query template. + */ +export interface EntityQueryTemplate { + /** + * Polymorphic Discriminator + */ + kind: "EntityQueryTemplate"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; +} + +/** + * The Activity query definitions + */ +export interface ActivityEntityQueryTemplatePropertiesQueryDefinitions { + /** + * The Activity query to run on a given entity + */ + query?: string; + /** + * The dimensions we want to summarize the timeline results on, this is comma separated list + */ + summarizeBy?: string; +} + +/** + * The data type definition + */ +export interface DataTypeDefinitions { + /** + * The data type name + */ + dataType?: string; +} + +/** + * Represents Activity entity query. + */ +export interface ActivityEntityQueryTemplate { + /** + * Polymorphic Discriminator + */ + kind: "Activity"; + /** + * Fully qualified resource ID for the resource. Ex - + * /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly id?: string; + /** + * The name of the resource + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly name?: string; + /** + * The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + * "Microsoft.Storage/storageAccounts" + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly type?: string; + /** + * Azure Resource Manager metadata containing createdBy and modifiedBy information. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly systemData?: SystemData; + /** + * The entity query title + */ + title?: string; + /** + * The entity query content to display in timeline + */ + content?: string; + /** + * The entity query description + */ + description?: string; + /** + * The Activity query definitions + */ + queryDefinitions?: ActivityEntityQueryTemplatePropertiesQueryDefinitions; + /** + * List of required data types for the given entity query template + */ + dataTypes?: DataTypeDefinitions[]; + /** + * The type of the query's source entity. Possible values include: 'Account', 'Host', 'File', + * 'AzureResource', 'CloudApplication', 'DNS', 'FileHash', 'IP', 'Malware', 'Process', + * 'RegistryKey', 'RegistryValue', 'SecurityGroup', 'URL', 'IoTDevice', 'SecurityAlert', + * 'HuntingBookmark', 'MailCluster', 'MailMessage', 'Mailbox', 'SubmissionMail' + */ + inputEntityType?: EntityType; + /** + * List of the fields of the source entity that are required to run the query + */ + requiredInputFieldsSets?: string[][]; + /** + * The query applied only to entities matching to all filters + */ + entitiesFilter?: { [propertyName: string]: string[] }; +} + +/** + * Optional Parameters. + */ +export interface BookmarkRelationsListOptionalParams extends msRest.RequestOptionsBase { + /** + * Filters the results, based on a Boolean condition. Optional. + */ + filter?: string; + /** + * Sorts the results. Optional. + */ + orderby?: string; + /** + * Returns only the first n results. Optional. + */ + top?: number; + /** + * Skiptoken is only used if a previous operation returned a partial result. If a previous + * response contains a nextLink element, the value of the nextLink element will include a + * skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + */ + skipToken?: string; +} + +/** + * Optional Parameters. + */ +export interface BookmarkRelationsListNextOptionalParams extends msRest.RequestOptionsBase { + /** + * Filters the results, based on a Boolean condition. Optional. + */ + filter?: string; + /** + * Sorts the results. Optional. + */ + orderby?: string; + /** + * Returns only the first n results. Optional. + */ + top?: number; + /** + * Skiptoken is only used if a previous operation returned a partial result. If a previous + * response contains a nextLink element, the value of the nextLink element will include a + * skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + */ + skipToken?: string; +} + +/** + * Optional Parameters. + */ +export interface EntityQueriesListOptionalParams extends msRest.RequestOptionsBase { + /** + * The entity query kind we want to fetch. Possible values include: 'Expansion', 'Activity' + */ + kind?: Kind1; +} + +/** + * Optional Parameters. + */ +export interface EntityQueriesListNextOptionalParams extends msRest.RequestOptionsBase { + /** + * The entity query kind we want to fetch. Possible values include: 'Expansion', 'Activity' + */ + kind?: Kind1; +} + +/** + * Optional Parameters. + */ +export interface EntitiesRelationsListOptionalParams extends msRest.RequestOptionsBase { + /** + * Filters the results, based on a Boolean condition. Optional. + */ + filter?: string; + /** + * Sorts the results. Optional. + */ + orderby?: string; + /** + * Returns only the first n results. Optional. + */ + top?: number; + /** + * Skiptoken is only used if a previous operation returned a partial result. If a previous + * response contains a nextLink element, the value of the nextLink element will include a + * skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + */ + skipToken?: string; +} + +/** + * Optional Parameters. + */ +export interface EntitiesRelationsListNextOptionalParams extends msRest.RequestOptionsBase { + /** + * Filters the results, based on a Boolean condition. Optional. + */ + filter?: string; + /** + * Sorts the results. Optional. + */ + orderby?: string; + /** + * Returns only the first n results. Optional. + */ + top?: number; + /** + * Skiptoken is only used if a previous operation returned a partial result. If a previous + * response contains a nextLink element, the value of the nextLink element will include a + * skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + */ + skipToken?: string; +} + +/** + * Optional Parameters. + */ +export interface IncidentsListOptionalParams extends msRest.RequestOptionsBase { + /** + * Filters the results, based on a Boolean condition. Optional. + */ + filter?: string; + /** + * Sorts the results. Optional. + */ + orderby?: string; + /** + * Returns only the first n results. Optional. + */ + top?: number; + /** + * Skiptoken is only used if a previous operation returned a partial result. If a previous + * response contains a nextLink element, the value of the nextLink element will include a + * skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + */ + skipToken?: string; +} + +/** + * Optional Parameters. + */ +export interface IncidentsListNextOptionalParams extends msRest.RequestOptionsBase { + /** + * Filters the results, based on a Boolean condition. Optional. + */ + filter?: string; + /** + * Sorts the results. Optional. + */ + orderby?: string; + /** + * Returns only the first n results. Optional. + */ + top?: number; + /** + * Skiptoken is only used if a previous operation returned a partial result. If a previous + * response contains a nextLink element, the value of the nextLink element will include a + * skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + */ + skipToken?: string; +} + +/** + * Optional Parameters. + */ +export interface IncidentCommentsListOptionalParams extends msRest.RequestOptionsBase { + /** + * Filters the results, based on a Boolean condition. Optional. + */ + filter?: string; + /** + * Sorts the results. Optional. + */ + orderby?: string; + /** + * Returns only the first n results. Optional. + */ + top?: number; + /** + * Skiptoken is only used if a previous operation returned a partial result. If a previous + * response contains a nextLink element, the value of the nextLink element will include a + * skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + */ + skipToken?: string; +} + +/** + * Optional Parameters. + */ +export interface IncidentCommentsListNextOptionalParams extends msRest.RequestOptionsBase { + /** + * Filters the results, based on a Boolean condition. Optional. + */ + filter?: string; + /** + * Sorts the results. Optional. + */ + orderby?: string; + /** + * Returns only the first n results. Optional. + */ + top?: number; + /** + * Skiptoken is only used if a previous operation returned a partial result. If a previous + * response contains a nextLink element, the value of the nextLink element will include a + * skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + */ + skipToken?: string; +} + +/** + * Optional Parameters. + */ +export interface IncidentRelationsListOptionalParams extends msRest.RequestOptionsBase { + /** + * Filters the results, based on a Boolean condition. Optional. + */ + filter?: string; + /** + * Sorts the results. Optional. + */ + orderby?: string; + /** + * Returns only the first n results. Optional. + */ + top?: number; + /** + * Skiptoken is only used if a previous operation returned a partial result. If a previous + * response contains a nextLink element, the value of the nextLink element will include a + * skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + */ + skipToken?: string; +} + +/** + * Optional Parameters. + */ +export interface IncidentRelationsListNextOptionalParams extends msRest.RequestOptionsBase { + /** + * Filters the results, based on a Boolean condition. Optional. + */ + filter?: string; + /** + * Sorts the results. Optional. + */ + orderby?: string; + /** + * Returns only the first n results. Optional. + */ + top?: number; + /** + * Skiptoken is only used if a previous operation returned a partial result. If a previous + * response contains a nextLink element, the value of the nextLink element will include a + * skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + */ + skipToken?: string; +} + +/** + * Optional Parameters. + */ +export interface MetadataListOptionalParams extends msRest.RequestOptionsBase { + /** + * Filters the results, based on a Boolean condition. Optional. + */ + filter?: string; + /** + * Sorts the results. Optional. + */ + orderby?: string; + /** + * Returns only the first n results. Optional. + */ + top?: number; + /** + * Used to skip n elements in the OData query (offset). Returns a nextLink to the next page of + * results if there are any left. + */ + skip?: number; +} + +/** + * Optional Parameters. + */ +export interface MetadataListNextOptionalParams extends msRest.RequestOptionsBase { + /** + * Filters the results, based on a Boolean condition. Optional. + */ + filter?: string; + /** + * Sorts the results. Optional. + */ + orderby?: string; + /** + * Returns only the first n results. Optional. + */ + top?: number; + /** + * Used to skip n elements in the OData query (offset). Returns a nextLink to the next page of + * results if there are any left. + */ + skip?: number; +} + +/** + * Optional Parameters. + */ +export interface SentinelOnboardingStatesCreateOptionalParams extends msRest.RequestOptionsBase { + /** + * The Sentinel onboarding state parameter + */ + sentinelOnboardingStateParameter?: SentinelOnboardingState; +} + +/** + * Optional Parameters. + */ +export interface ThreatIntelligenceIndicatorsListOptionalParams extends msRest.RequestOptionsBase { + /** + * Filters the results, based on a Boolean condition. Optional. + */ + filter?: string; + /** + * Sorts the results. Optional. + */ + orderby?: string; + /** + * Returns only the first n results. Optional. + */ + top?: number; + /** + * Skiptoken is only used if a previous operation returned a partial result. If a previous + * response contains a nextLink element, the value of the nextLink element will include a + * skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + */ + skipToken?: string; +} + +/** + * Optional Parameters. + */ +export interface ThreatIntelligenceIndicatorsListNextOptionalParams extends msRest.RequestOptionsBase { + /** + * Filters the results, based on a Boolean condition. Optional. + */ + filter?: string; + /** + * Sorts the results. Optional. + */ + orderby?: string; + /** + * Returns only the first n results. Optional. + */ + top?: number; + /** + * Skiptoken is only used if a previous operation returned a partial result. If a previous + * response contains a nextLink element, the value of the nextLink element will include a + * skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + */ + skipToken?: string; +} + +/** + * Optional Parameters. + */ +export interface EntityQueryTemplatesListOptionalParams extends msRest.RequestOptionsBase { + /** + * The entity template query kind we want to fetch. Possible values include: 'Activity' + */ + kind?: Kind2; +} + +/** + * Optional Parameters. + */ +export interface EntityQueryTemplatesListNextOptionalParams extends msRest.RequestOptionsBase { + /** + * The entity template query kind we want to fetch. Possible values include: 'Activity' + */ + kind?: Kind2; +} + +/** + * An interface representing SecurityInsightsOptions. + */ +export interface SecurityInsightsOptions extends AzureServiceClientOptions { + baseUri?: string; +} + +/** + * @interface + * List all the alert rules. + * @extends Array + */ +export interface AlertRulesList extends Array { + /** + * URL to fetch the next set of alert rules. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly nextLink?: string; +} + +/** + * @interface + * List all the actions. + * @extends Array + */ +export interface ActionsList extends Array { + /** + * URL to fetch the next set of actions. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly nextLink?: string; +} + +/** + * @interface + * List all the alert rule templates. + * @extends Array + */ +export interface AlertRuleTemplatesList extends Array { + /** + * URL to fetch the next set of alert rule templates. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly nextLink?: string; +} + +/** + * @interface + * List all the automation rules. + * @extends Array + */ +export interface AutomationRulesList extends Array { + /** + * URL to fetch the next set of automation rules. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly nextLink?: string; +} + +/** + * @interface + * List all the bookmarks. + * @extends Array + */ +export interface BookmarkList extends Array { + /** + * URL to fetch the next set of cases. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly nextLink?: string; +} + +/** + * @interface + * List of relations. + * @extends Array + */ +export interface RelationList extends Array { + /** + * URL to fetch the next set of relations. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly nextLink?: string; +} + +/** + * @interface + * List of all the entity queries. + * @extends Array + */ +export interface EntityQueryList extends Array { + /** + * URL to fetch the next set of entity queries. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly nextLink?: string; +} + +/** + * @interface + * List of all the entities. + * @extends Array + */ +export interface EntityList extends Array { + /** + * URL to fetch the next set of entities. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly nextLink?: string; +} + +/** + * @interface + * List all the incidents. + * @extends Array + */ +export interface IncidentList extends Array { + /** + * URL to fetch the next set of incidents. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly nextLink?: string; +} + +/** + * @interface + * List of incident comments. + * @extends Array + */ +export interface IncidentCommentList extends Array { + /** + * URL to fetch the next set of comments. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly nextLink?: string; +} + +/** + * @interface + * List of all the metadata. + * @extends Array + */ +export interface MetadataList extends Array { + /** + * URL to fetch the next page of metadata. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly nextLink?: string; +} + +/** + * @interface + * List all the source controls. + * @extends Array + */ +export interface RepoList extends Array { + /** + * URL to fetch the next set of repositories. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly nextLink?: string; +} + +/** + * @interface + * List all the source controls. + * @extends Array + */ +export interface SourceControlList extends Array { + /** + * URL to fetch the next set of source controls. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly nextLink?: string; +} + +/** + * @interface + * List all the watchlists. + * @extends Array + */ +export interface WatchlistList extends Array { + /** + * URL to fetch the next set of watchlists. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly nextLink?: string; +} + +/** + * @interface + * List all the watchlist items. + * @extends Array + */ +export interface WatchlistItemList extends Array { + /** + * URL to fetch the next set of watchlist item. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly nextLink?: string; +} + +/** + * @interface + * List all the data connectors. + * @extends Array + */ +export interface DataConnectorList extends Array { + /** + * URL to fetch the next set of data connectors. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly nextLink?: string; +} + +/** + * @interface + * List of all the threat intelligence information objects. + * @extends Array + */ +export interface ThreatIntelligenceInformationList extends Array { + /** + * URL to fetch the next set of information objects. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly nextLink?: string; +} + +/** + * @interface + * Lists the operations available in the SecurityInsights RP. + * @extends Array + */ +export interface OperationsList extends Array { + /** + * URL to fetch the next set of operations. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly nextLink?: string; +} + +/** + * @interface + * List of all the office365 consents. + * @extends Array + */ +export interface OfficeConsentList extends Array { + /** + * URL to fetch the next set of office consents. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly nextLink?: string; +} + +/** + * @interface + * List of all the entity query templates. + * @extends Array + */ +export interface EntityQueryTemplateList extends Array { + /** + * URL to fetch the next set of entity query templates. + * **NOTE: This property will not be serialized. It can only be populated by the server.** + */ + readonly nextLink?: string; +} + +/** + * Defines values for AlertRuleKind. + * Possible values include: 'Scheduled', 'MicrosoftSecurityIncidentCreation', 'Fusion', + * 'MLBehaviorAnalytics', 'ThreatIntelligence', 'NRT' + * @readonly + * @enum {string} + */ +export type AlertRuleKind = 'Scheduled' | 'MicrosoftSecurityIncidentCreation' | 'Fusion' | 'MLBehaviorAnalytics' | 'ThreatIntelligence' | 'NRT'; + +/** + * Defines values for TemplateStatus. + * Possible values include: 'Installed', 'Available', 'NotAvailable' + * @readonly + * @enum {string} + */ +export type TemplateStatus = 'Installed' | 'Available' | 'NotAvailable'; + +/** + * Defines values for AlertSeverity. + * Possible values include: 'High', 'Medium', 'Low', 'Informational' + * @readonly + * @enum {string} + */ +export type AlertSeverity = 'High' | 'Medium' | 'Low' | 'Informational'; + +/** + * Defines values for AttackTactic. + * Possible values include: 'InitialAccess', 'Execution', 'Persistence', 'PrivilegeEscalation', + * 'DefenseEvasion', 'CredentialAccess', 'Discovery', 'LateralMovement', 'Collection', + * 'Exfiltration', 'CommandAndControl', 'Impact', 'PreAttack' + * @readonly + * @enum {string} + */ +export type AttackTactic = 'InitialAccess' | 'Execution' | 'Persistence' | 'PrivilegeEscalation' | 'DefenseEvasion' | 'CredentialAccess' | 'Discovery' | 'LateralMovement' | 'Collection' | 'Exfiltration' | 'CommandAndControl' | 'Impact' | 'PreAttack'; + +/** + * Defines values for EntityMappingType. + * Possible values include: 'Account', 'Host', 'IP', 'Malware', 'File', 'Process', + * 'CloudApplication', 'DNS', 'AzureResource', 'FileHash', 'RegistryKey', 'RegistryValue', + * 'SecurityGroup', 'URL', 'Mailbox', 'MailCluster', 'MailMessage', 'SubmissionMail' + * @readonly + * @enum {string} + */ +export type EntityMappingType = 'Account' | 'Host' | 'IP' | 'Malware' | 'File' | 'Process' | 'CloudApplication' | 'DNS' | 'AzureResource' | 'FileHash' | 'RegistryKey' | 'RegistryValue' | 'SecurityGroup' | 'URL' | 'Mailbox' | 'MailCluster' | 'MailMessage' | 'SubmissionMail'; + +/** + * Defines values for TriggerOperator. + * Possible values include: 'GreaterThan', 'LessThan', 'Equal', 'NotEqual' + * @readonly + * @enum {string} + */ +export type TriggerOperator = 'GreaterThan' | 'LessThan' | 'Equal' | 'NotEqual'; + +/** + * Defines values for MicrosoftSecurityProductName. + * Possible values include: 'Microsoft Cloud App Security', 'Azure Security Center', 'Azure + * Advanced Threat Protection', 'Azure Active Directory Identity Protection', 'Azure Security + * Center for IoT', 'Office 365 Advanced Threat Protection', 'Microsoft Defender Advanced Threat + * Protection' + * @readonly + * @enum {string} + */ +export type MicrosoftSecurityProductName = 'Microsoft Cloud App Security' | 'Azure Security Center' | 'Azure Advanced Threat Protection' | 'Azure Active Directory Identity Protection' | 'Azure Security Center for IoT' | 'Office 365 Advanced Threat Protection' | 'Microsoft Defender Advanced Threat Protection'; + +/** + * Defines values for MatchingMethod. + * Possible values include: 'AllEntities', 'AnyAlert', 'Selected' + * @readonly + * @enum {string} + */ +export type MatchingMethod = 'AllEntities' | 'AnyAlert' | 'Selected'; + +/** + * Defines values for AlertDetail. + * Possible values include: 'DisplayName', 'Severity' + * @readonly + * @enum {string} + */ +export type AlertDetail = 'DisplayName' | 'Severity'; + +/** + * Defines values for EventGroupingAggregationKind. + * Possible values include: 'SingleAlert', 'AlertPerResult' + * @readonly + * @enum {string} + */ +export type EventGroupingAggregationKind = 'SingleAlert' | 'AlertPerResult'; + +/** + * Defines values for CreatedByType. + * Possible values include: 'User', 'Application', 'ManagedIdentity', 'Key' + * @readonly + * @enum {string} + */ +export type CreatedByType = 'User' | 'Application' | 'ManagedIdentity' | 'Key'; + +/** + * Defines values for IncidentClassification. + * Possible values include: 'Undetermined', 'TruePositive', 'BenignPositive', 'FalsePositive' + * @readonly + * @enum {string} + */ +export type IncidentClassification = 'Undetermined' | 'TruePositive' | 'BenignPositive' | 'FalsePositive'; + +/** + * Defines values for IncidentClassificationReason. + * Possible values include: 'SuspiciousActivity', 'SuspiciousButExpected', 'IncorrectAlertLogic', + * 'InaccurateData' + * @readonly + * @enum {string} + */ +export type IncidentClassificationReason = 'SuspiciousActivity' | 'SuspiciousButExpected' | 'IncorrectAlertLogic' | 'InaccurateData'; + +/** + * Defines values for IncidentLabelType. + * Possible values include: 'User', 'System' + * @readonly + * @enum {string} + */ +export type IncidentLabelType = 'User' | 'System'; + +/** + * Defines values for OwnerType. + * Possible values include: 'Unknown', 'User', 'Group' + * @readonly + * @enum {string} + */ +export type OwnerType = 'Unknown' | 'User' | 'Group'; + +/** + * Defines values for IncidentSeverity. + * Possible values include: 'High', 'Medium', 'Low', 'Informational' + * @readonly + * @enum {string} + */ +export type IncidentSeverity = 'High' | 'Medium' | 'Low' | 'Informational'; + +/** + * Defines values for IncidentStatus. + * Possible values include: 'New', 'Active', 'Closed' + * @readonly + * @enum {string} + */ +export type IncidentStatus = 'New' | 'Active' | 'Closed'; + +/** + * Defines values for AutomationRulePropertyConditionSupportedProperty. + * Possible values include: 'IncidentTitle', 'IncidentDescription', 'IncidentSeverity', + * 'IncidentStatus', 'IncidentTactics', 'IncidentRelatedAnalyticRuleIds', 'IncidentProviderName', + * 'AccountAadTenantId', 'AccountAadUserId', 'AccountName', 'AccountNTDomain', 'AccountPUID', + * 'AccountSid', 'AccountObjectGuid', 'AccountUPNSuffix', 'AzureResourceResourceId', + * 'AzureResourceSubscriptionId', 'CloudApplicationAppId', 'CloudApplicationAppName', + * 'DNSDomainName', 'FileDirectory', 'FileName', 'FileHashValue', 'HostAzureID', 'HostName', + * 'HostNetBiosName', 'HostNTDomain', 'HostOSVersion', 'IoTDeviceId', 'IoTDeviceName', + * 'IoTDeviceType', 'IoTDeviceVendor', 'IoTDeviceModel', 'IoTDeviceOperatingSystem', 'IPAddress', + * 'MailboxDisplayName', 'MailboxPrimaryAddress', 'MailboxUPN', 'MailMessageDeliveryAction', + * 'MailMessageDeliveryLocation', 'MailMessageRecipient', 'MailMessageSenderIP', + * 'MailMessageSubject', 'MailMessageP1Sender', 'MailMessageP2Sender', 'MalwareCategory', + * 'MalwareName', 'ProcessCommandLine', 'ProcessId', 'RegistryKey', 'RegistryValueData', 'Url' + * @readonly + * @enum {string} + */ +export type AutomationRulePropertyConditionSupportedProperty = 'IncidentTitle' | 'IncidentDescription' | 'IncidentSeverity' | 'IncidentStatus' | 'IncidentTactics' | 'IncidentRelatedAnalyticRuleIds' | 'IncidentProviderName' | 'AccountAadTenantId' | 'AccountAadUserId' | 'AccountName' | 'AccountNTDomain' | 'AccountPUID' | 'AccountSid' | 'AccountObjectGuid' | 'AccountUPNSuffix' | 'AzureResourceResourceId' | 'AzureResourceSubscriptionId' | 'CloudApplicationAppId' | 'CloudApplicationAppName' | 'DNSDomainName' | 'FileDirectory' | 'FileName' | 'FileHashValue' | 'HostAzureID' | 'HostName' | 'HostNetBiosName' | 'HostNTDomain' | 'HostOSVersion' | 'IoTDeviceId' | 'IoTDeviceName' | 'IoTDeviceType' | 'IoTDeviceVendor' | 'IoTDeviceModel' | 'IoTDeviceOperatingSystem' | 'IPAddress' | 'MailboxDisplayName' | 'MailboxPrimaryAddress' | 'MailboxUPN' | 'MailMessageDeliveryAction' | 'MailMessageDeliveryLocation' | 'MailMessageRecipient' | 'MailMessageSenderIP' | 'MailMessageSubject' | 'MailMessageP1Sender' | 'MailMessageP2Sender' | 'MalwareCategory' | 'MalwareName' | 'ProcessCommandLine' | 'ProcessId' | 'RegistryKey' | 'RegistryValueData' | 'Url'; + +/** + * Defines values for AutomationRulePropertyConditionSupportedOperator. + * Possible values include: 'Equals', 'NotEquals', 'Contains', 'NotContains', 'StartsWith', + * 'NotStartsWith', 'EndsWith', 'NotEndsWith' + * @readonly + * @enum {string} + */ +export type AutomationRulePropertyConditionSupportedOperator = 'Equals' | 'NotEquals' | 'Contains' | 'NotContains' | 'StartsWith' | 'NotStartsWith' | 'EndsWith' | 'NotEndsWith'; + +/** + * Defines values for EntityKind. + * Possible values include: 'Account', 'Host', 'File', 'AzureResource', 'CloudApplication', + * 'DnsResolution', 'FileHash', 'Ip', 'Malware', 'Process', 'RegistryKey', 'RegistryValue', + * 'SecurityGroup', 'Url', 'IoTDevice', 'SecurityAlert', 'Bookmark', 'MailCluster', 'MailMessage', + * 'Mailbox', 'SubmissionMail' + * @readonly + * @enum {string} + */ +export type EntityKind = 'Account' | 'Host' | 'File' | 'AzureResource' | 'CloudApplication' | 'DnsResolution' | 'FileHash' | 'Ip' | 'Malware' | 'Process' | 'RegistryKey' | 'RegistryValue' | 'SecurityGroup' | 'Url' | 'IoTDevice' | 'SecurityAlert' | 'Bookmark' | 'MailCluster' | 'MailMessage' | 'Mailbox' | 'SubmissionMail'; + +/** + * Defines values for ConfidenceLevel. + * Possible values include: 'Unknown', 'Low', 'High' + * @readonly + * @enum {string} + */ +export type ConfidenceLevel = 'Unknown' | 'Low' | 'High'; + +/** + * Defines values for ConfidenceScoreStatus. + * Possible values include: 'NotApplicable', 'InProcess', 'NotFinal', 'Final' + * @readonly + * @enum {string} + */ +export type ConfidenceScoreStatus = 'NotApplicable' | 'InProcess' | 'NotFinal' | 'Final'; + +/** + * Defines values for KillChainIntent. + * Possible values include: 'Unknown', 'Probing', 'Exploitation', 'Persistence', + * 'PrivilegeEscalation', 'DefenseEvasion', 'CredentialAccess', 'Discovery', 'LateralMovement', + * 'Execution', 'Collection', 'Exfiltration', 'CommandAndControl', 'Impact' + * @readonly + * @enum {string} + */ +export type KillChainIntent = 'Unknown' | 'Probing' | 'Exploitation' | 'Persistence' | 'PrivilegeEscalation' | 'DefenseEvasion' | 'CredentialAccess' | 'Discovery' | 'LateralMovement' | 'Execution' | 'Collection' | 'Exfiltration' | 'CommandAndControl' | 'Impact'; + +/** + * Defines values for AlertStatus. + * Possible values include: 'Unknown', 'New', 'Resolved', 'Dismissed', 'InProgress' + * @readonly + * @enum {string} + */ +export type AlertStatus = 'Unknown' | 'New' | 'Resolved' | 'Dismissed' | 'InProgress'; + +/** + * Defines values for RegistryValueKind. + * Possible values include: 'None', 'Unknown', 'String', 'ExpandString', 'Binary', 'DWord', + * 'MultiString', 'QWord' + * @readonly + * @enum {string} + */ +export type RegistryValueKind = 'None' | 'Unknown' | 'String' | 'ExpandString' | 'Binary' | 'DWord' | 'MultiString' | 'QWord'; + +/** + * Defines values for RegistryHive. + * Possible values include: 'HKEY_LOCAL_MACHINE', 'HKEY_CLASSES_ROOT', 'HKEY_CURRENT_CONFIG', + * 'HKEY_USERS', 'HKEY_CURRENT_USER_LOCAL_SETTINGS', 'HKEY_PERFORMANCE_DATA', + * 'HKEY_PERFORMANCE_NLSTEXT', 'HKEY_PERFORMANCE_TEXT', 'HKEY_A', 'HKEY_CURRENT_USER' + * @readonly + * @enum {string} + */ +export type RegistryHive = 'HKEY_LOCAL_MACHINE' | 'HKEY_CLASSES_ROOT' | 'HKEY_CURRENT_CONFIG' | 'HKEY_USERS' | 'HKEY_CURRENT_USER_LOCAL_SETTINGS' | 'HKEY_PERFORMANCE_DATA' | 'HKEY_PERFORMANCE_NLSTEXT' | 'HKEY_PERFORMANCE_TEXT' | 'HKEY_A' | 'HKEY_CURRENT_USER'; + +/** + * Defines values for ElevationToken. + * Possible values include: 'Default', 'Full', 'Limited' + * @readonly + * @enum {string} + */ +export type ElevationToken = 'Default' | 'Full' | 'Limited'; + +/** + * Defines values for AntispamMailDirection. + * Possible values include: 'Unknown', 'Inbound', 'Outbound', 'Intraorg' + * @readonly + * @enum {string} + */ +export type AntispamMailDirection = 'Unknown' | 'Inbound' | 'Outbound' | 'Intraorg'; + +/** + * Defines values for DeliveryAction. + * Possible values include: 'Unknown', 'DeliveredAsSpam', 'Delivered', 'Blocked', 'Replaced' + * @readonly + * @enum {string} + */ +export type DeliveryAction = 'Unknown' | 'DeliveredAsSpam' | 'Delivered' | 'Blocked' | 'Replaced'; + +/** + * Defines values for DeliveryLocation. + * Possible values include: 'Unknown', 'Inbox', 'JunkFolder', 'DeletedFolder', 'Quarantine', + * 'External', 'Failed', 'Dropped', 'Forwarded' + * @readonly + * @enum {string} + */ +export type DeliveryLocation = 'Unknown' | 'Inbox' | 'JunkFolder' | 'DeletedFolder' | 'Quarantine' | 'External' | 'Failed' | 'Dropped' | 'Forwarded'; + +/** + * Defines values for OSFamily. + * Possible values include: 'Linux', 'Windows', 'Android', 'IOS', 'Unknown' + * @readonly + * @enum {string} + */ +export type OSFamily = 'Linux' | 'Windows' | 'Android' | 'IOS' | 'Unknown'; + +/** + * Defines values for FileHashAlgorithm. + * Possible values include: 'Unknown', 'MD5', 'SHA1', 'SHA256', 'SHA256AC' + * @readonly + * @enum {string} + */ +export type FileHashAlgorithm = 'Unknown' | 'MD5' | 'SHA1' | 'SHA256' | 'SHA256AC'; + +/** + * Defines values for CustomEntityQueryKind. + * Possible values include: 'Activity' + * @readonly + * @enum {string} + */ +export type CustomEntityQueryKind = 'Activity'; + +/** + * Defines values for EntityType. + * Possible values include: 'Account', 'Host', 'File', 'AzureResource', 'CloudApplication', 'DNS', + * 'FileHash', 'IP', 'Malware', 'Process', 'RegistryKey', 'RegistryValue', 'SecurityGroup', 'URL', + * 'IoTDevice', 'SecurityAlert', 'HuntingBookmark', 'MailCluster', 'MailMessage', 'Mailbox', + * 'SubmissionMail' + * @readonly + * @enum {string} + */ +export type EntityType = 'Account' | 'Host' | 'File' | 'AzureResource' | 'CloudApplication' | 'DNS' | 'FileHash' | 'IP' | 'Malware' | 'Process' | 'RegistryKey' | 'RegistryValue' | 'SecurityGroup' | 'URL' | 'IoTDevice' | 'SecurityAlert' | 'HuntingBookmark' | 'MailCluster' | 'MailMessage' | 'Mailbox' | 'SubmissionMail'; + +/** + * Defines values for EntityQueryKind. + * Possible values include: 'Expansion', 'Insight', 'Activity' + * @readonly + * @enum {string} + */ +export type EntityQueryKind = 'Expansion' | 'Insight' | 'Activity'; + +/** + * Defines values for EntityTimelineKind. + * Possible values include: 'Activity', 'Bookmark', 'SecurityAlert' + * @readonly + * @enum {string} + */ +export type EntityTimelineKind = 'Activity' | 'Bookmark' | 'SecurityAlert'; + +/** + * Defines values for OutputType. + * Possible values include: 'Number', 'String', 'Date', 'Entity' + * @readonly + * @enum {string} + */ +export type OutputType = 'Number' | 'String' | 'Date' | 'Entity'; + +/** + * Defines values for Kind. + * Possible values include: 'DataConnector', 'DataType', 'Workbook', 'WorkbookTemplate', + * 'Playbook', 'PlaybookTemplate', 'AnalyticsRuleTemplate', 'AnalyticsRule', 'HuntingQuery', + * 'InvestigationQuery', 'Parser', 'Watchlist', 'WatchlistTemplate', 'Solution' + * @readonly + * @enum {string} + */ +export type Kind = 'DataConnector' | 'DataType' | 'Workbook' | 'WorkbookTemplate' | 'Playbook' | 'PlaybookTemplate' | 'AnalyticsRuleTemplate' | 'AnalyticsRule' | 'HuntingQuery' | 'InvestigationQuery' | 'Parser' | 'Watchlist' | 'WatchlistTemplate' | 'Solution'; + +/** + * Defines values for SourceKind. + * Possible values include: 'LocalWorkspace', 'Community', 'Solution', 'SourceRepository' + * @readonly + * @enum {string} + */ +export type SourceKind = 'LocalWorkspace' | 'Community' | 'Solution' | 'SourceRepository'; + +/** + * Defines values for SupportTier. + * Possible values include: 'Microsoft', 'Partner', 'Community' + * @readonly + * @enum {string} + */ +export type SupportTier = 'Microsoft' | 'Partner' | 'Community'; + +/** + * Defines values for Operator. + * Possible values include: 'AND', 'OR' + * @readonly + * @enum {string} + */ +export type Operator = 'AND' | 'OR'; + +/** + * Defines values for UebaDataSources. + * Possible values include: 'AuditLogs', 'AzureActivity', 'SecurityEvent', 'SigninLogs' + * @readonly + * @enum {string} + */ +export type UebaDataSources = 'AuditLogs' | 'AzureActivity' | 'SecurityEvent' | 'SigninLogs'; + +/** + * Defines values for SkuKind. + * Possible values include: 'PerGB', 'CapacityReservation' + * @readonly + * @enum {string} + */ +export type SkuKind = 'PerGB' | 'CapacityReservation'; + +/** + * Defines values for RepoType. + * Possible values include: 'Github', 'DevOps' + * @readonly + * @enum {string} + */ +export type RepoType = 'Github' | 'DevOps'; + +/** + * Defines values for ContentType. + * Possible values include: 'AnalyticRule', 'Workbook' + * @readonly + * @enum {string} + */ +export type ContentType = 'AnalyticRule' | 'Workbook'; + +/** + * Defines values for Source. + * Possible values include: 'Local file', 'Remote storage' + * @readonly + * @enum {string} + */ +export type Source = 'Local file' | 'Remote storage'; + +/** + * Defines values for DataConnectorAuthorizationState. + * Possible values include: 'Valid', 'Invalid' + * @readonly + * @enum {string} + */ +export type DataConnectorAuthorizationState = 'Valid' | 'Invalid'; + +/** + * Defines values for DataConnectorLicenseState. + * Possible values include: 'Valid', 'Invalid', 'Unknown' + * @readonly + * @enum {string} + */ +export type DataConnectorLicenseState = 'Valid' | 'Invalid' | 'Unknown'; + +/** + * Defines values for DataTypeState. + * Possible values include: 'Enabled', 'Disabled' + * @readonly + * @enum {string} + */ +export type DataTypeState = 'Enabled' | 'Disabled'; + +/** + * Defines values for DataConnectorKind. + * Possible values include: 'AzureActiveDirectory', 'AzureSecurityCenter', + * 'MicrosoftCloudAppSecurity', 'ThreatIntelligence', 'ThreatIntelligenceTaxii', 'Office365', + * 'OfficeATP', 'AmazonWebServicesCloudTrail', 'AmazonWebServicesS3', + * 'AzureAdvancedThreatProtection', 'MicrosoftDefenderAdvancedThreatProtection', 'Dynamics365', + * 'MicrosoftThreatProtection', 'MicrosoftThreatIntelligence', 'GenericUI' + * @readonly + * @enum {string} + */ +export type DataConnectorKind = 'AzureActiveDirectory' | 'AzureSecurityCenter' | 'MicrosoftCloudAppSecurity' | 'ThreatIntelligence' | 'ThreatIntelligenceTaxii' | 'Office365' | 'OfficeATP' | 'AmazonWebServicesCloudTrail' | 'AmazonWebServicesS3' | 'AzureAdvancedThreatProtection' | 'MicrosoftDefenderAdvancedThreatProtection' | 'Dynamics365' | 'MicrosoftThreatProtection' | 'MicrosoftThreatIntelligence' | 'GenericUI'; + +/** + * Defines values for PollingFrequency. + * Possible values include: 'OnceAMinute', 'OnceAnHour', 'OnceADay' + * @readonly + * @enum {string} + */ +export type PollingFrequency = 'OnceAMinute' | 'OnceAnHour' | 'OnceADay'; + +/** + * Defines values for ProviderName. + * Possible values include: 'Microsoft.OperationalInsights/solutions', + * 'Microsoft.OperationalInsights/workspaces', + * 'Microsoft.OperationalInsights/workspaces/datasources', 'microsoft.aadiam/diagnosticSettings', + * 'Microsoft.OperationalInsights/workspaces/sharedKeys', + * 'Microsoft.Authorization/policyAssignments' + * @readonly + * @enum {string} + */ +export type ProviderName = 'Microsoft.OperationalInsights/solutions' | 'Microsoft.OperationalInsights/workspaces' | 'Microsoft.OperationalInsights/workspaces/datasources' | 'microsoft.aadiam/diagnosticSettings' | 'Microsoft.OperationalInsights/workspaces/sharedKeys' | 'Microsoft.Authorization/policyAssignments'; + +/** + * Defines values for PermissionProviderScope. + * Possible values include: 'ResourceGroup', 'Subscription', 'Workspace' + * @readonly + * @enum {string} + */ +export type PermissionProviderScope = 'ResourceGroup' | 'Subscription' | 'Workspace'; + +/** + * Defines values for SettingType. + * Possible values include: 'CopyableLabel', 'InstructionStepsGroup', 'InfoMessage' + * @readonly + * @enum {string} + */ +export type SettingType = 'CopyableLabel' | 'InstructionStepsGroup' | 'InfoMessage'; + +/** + * Defines values for ConnectivityType. + * Possible values include: 'IsConnectedQuery' + * @readonly + * @enum {string} + */ +export type ConnectivityType = 'IsConnectedQuery'; + +/** + * Defines values for ThreatIntelligenceResourceKindEnum. + * Possible values include: 'indicator' + * @readonly + * @enum {string} + */ +export type ThreatIntelligenceResourceKindEnum = 'indicator'; + +/** + * Defines values for ThreatIntelligenceSortingCriteriaEnum. + * Possible values include: 'unsorted', 'ascending', 'descending' + * @readonly + * @enum {string} + */ +export type ThreatIntelligenceSortingCriteriaEnum = 'unsorted' | 'ascending' | 'descending'; + +/** + * Defines values for EntityQueryTemplateKind. + * Possible values include: 'Activity' + * @readonly + * @enum {string} + */ +export type EntityQueryTemplateKind = 'Activity'; + +/** + * Defines values for Kind1. + * Possible values include: 'Expansion', 'Activity' + * @readonly + * @enum {string} + */ +export type Kind1 = 'Expansion' | 'Activity'; + +/** + * Defines values for Kind2. + * Possible values include: 'Activity' + * @readonly + * @enum {string} + */ +export type Kind2 = 'Activity'; + +/** + * Contains response data for the list operation. + */ +export type AlertRulesListResponse = AlertRulesList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: AlertRulesList; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type AlertRulesGetResponse = AlertRuleUnion & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: AlertRuleUnion; + }; +}; + +/** + * Contains response data for the createOrUpdate operation. + */ +export type AlertRulesCreateOrUpdateResponse = AlertRuleUnion & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: AlertRuleUnion; + }; +}; + +/** + * Contains response data for the listNext operation. + */ +export type AlertRulesListNextResponse = AlertRulesList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: AlertRulesList; + }; +}; + +/** + * Contains response data for the listByAlertRule operation. + */ +export type ActionsListByAlertRuleResponse = ActionsList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: ActionsList; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type ActionsGetResponse = ActionResponse & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: ActionResponse; + }; +}; + +/** + * Contains response data for the createOrUpdate operation. + */ +export type ActionsCreateOrUpdateResponse = ActionResponse & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: ActionResponse; + }; +}; + +/** + * Contains response data for the listByAlertRuleNext operation. + */ +export type ActionsListByAlertRuleNextResponse = ActionsList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: ActionsList; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type AlertRuleTemplatesListResponse = AlertRuleTemplatesList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: AlertRuleTemplatesList; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type AlertRuleTemplatesGetResponse = AlertRuleTemplateUnion & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: AlertRuleTemplateUnion; + }; +}; + +/** + * Contains response data for the listNext operation. + */ +export type AlertRuleTemplatesListNextResponse = AlertRuleTemplatesList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: AlertRuleTemplatesList; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type AutomationRulesListResponse = AutomationRulesList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: AutomationRulesList; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type AutomationRulesGetResponse = AutomationRule & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: AutomationRule; + }; +}; + +/** + * Contains response data for the createOrUpdate operation. + */ +export type AutomationRulesCreateOrUpdateResponse = AutomationRule & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: AutomationRule; + }; +}; + +/** + * Contains response data for the listNext operation. + */ +export type AutomationRulesListNextResponse = AutomationRulesList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: AutomationRulesList; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type BookmarksListResponse = BookmarkList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: BookmarkList; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type BookmarksGetResponse = Bookmark & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: Bookmark; + }; +}; + +/** + * Contains response data for the createOrUpdate operation. + */ +export type BookmarksCreateOrUpdateResponse = Bookmark & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: Bookmark; + }; +}; + +/** + * Contains response data for the listNext operation. + */ +export type BookmarksListNextResponse = BookmarkList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: BookmarkList; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type BookmarkRelationsListResponse = RelationList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: RelationList; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type BookmarkRelationsGetResponse = Relation & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: Relation; + }; +}; + +/** + * Contains response data for the createOrUpdate operation. + */ +export type BookmarkRelationsCreateOrUpdateResponse = Relation & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: Relation; + }; +}; + +/** + * Contains response data for the listNext operation. + */ +export type BookmarkRelationsListNextResponse = RelationList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: RelationList; + }; +}; + +/** + * Contains response data for the expand operation. + */ +export type BookmarkExpandResponse2 = BookmarkExpandResponse & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: BookmarkExpandResponse; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type IPGeodataGetResponse = EnrichmentIpGeodata & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: EnrichmentIpGeodata; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type DomainWhoisGetResponse = EnrichmentDomainWhois & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: EnrichmentDomainWhois; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type EntityQueriesListResponse = EntityQueryList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: EntityQueryList; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type EntityQueriesGetResponse = EntityQueryUnion & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: EntityQueryUnion; + }; +}; + +/** + * Contains response data for the createOrUpdate operation. + */ +export type EntityQueriesCreateOrUpdateResponse = EntityQueryUnion & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: EntityQueryUnion; + }; +}; + +/** + * Contains response data for the listNext operation. + */ +export type EntityQueriesListNextResponse = EntityQueryList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: EntityQueryList; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type EntitiesListResponse = EntityList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: EntityList; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type EntitiesGetResponse = EntityUnion & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: EntityUnion; + }; +}; + +/** + * Contains response data for the expand operation. + */ +export type EntitiesExpandResponse = EntityExpandResponse & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: EntityExpandResponse; + }; +}; + +/** + * Contains response data for the queries operation. + */ +export type EntitiesQueriesResponse = GetQueriesResponse & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: GetQueriesResponse; + }; +}; + +/** + * Contains response data for the getInsights operation. + */ +export type EntitiesGetInsightsResponse = EntityGetInsightsResponse & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: EntityGetInsightsResponse; + }; +}; + +/** + * Contains response data for the listNext operation. + */ +export type EntitiesListNextResponse = EntityList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: EntityList; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type EntitiesGetTimelineListResponse = EntityTimelineResponse & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: EntityTimelineResponse; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type EntitiesRelationsListResponse = RelationList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: RelationList; + }; +}; + +/** + * Contains response data for the listNext operation. + */ +export type EntitiesRelationsListNextResponse = RelationList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: RelationList; + }; +}; + +/** + * Contains response data for the getRelation operation. + */ +export type EntityRelationsGetRelationResponse = Relation & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: Relation; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type IncidentsListResponse = IncidentList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: IncidentList; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type IncidentsGetResponse = Incident & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: Incident; + }; +}; + +/** + * Contains response data for the createOrUpdate operation. + */ +export type IncidentsCreateOrUpdateResponse = Incident & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: Incident; + }; +}; + +/** + * Contains response data for the createTeam operation. + */ +export type IncidentsCreateTeamResponse = TeamInformation & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: TeamInformation; + }; +}; + +/** + * Contains response data for the listAlerts operation. + */ +export type IncidentsListAlertsResponse = IncidentAlertList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: IncidentAlertList; + }; +}; + +/** + * Contains response data for the listBookmarks operation. + */ +export type IncidentsListBookmarksResponse = IncidentBookmarkList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: IncidentBookmarkList; + }; +}; + +/** + * Contains response data for the listEntities operation. + */ +export type IncidentsListEntitiesResponse = IncidentEntitiesResponse & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: IncidentEntitiesResponse; + }; +}; + +/** + * Contains response data for the listNext operation. + */ +export type IncidentsListNextResponse = IncidentList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: IncidentList; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type IncidentCommentsListResponse = IncidentCommentList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: IncidentCommentList; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type IncidentCommentsGetResponse = IncidentComment & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: IncidentComment; + }; +}; + +/** + * Contains response data for the createOrUpdate operation. + */ +export type IncidentCommentsCreateOrUpdateResponse = IncidentComment & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: IncidentComment; + }; +}; + +/** + * Contains response data for the listNext operation. + */ +export type IncidentCommentsListNextResponse = IncidentCommentList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: IncidentCommentList; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type IncidentRelationsListResponse = RelationList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: RelationList; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type IncidentRelationsGetResponse = Relation & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: Relation; + }; +}; + +/** + * Contains response data for the createOrUpdate operation. + */ +export type IncidentRelationsCreateOrUpdateResponse = Relation & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: Relation; + }; +}; + +/** + * Contains response data for the listNext operation. + */ +export type IncidentRelationsListNextResponse = RelationList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: RelationList; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type MetadataListResponse = MetadataList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: MetadataList; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type MetadataGetResponse = MetadataModel & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: MetadataModel; + }; +}; + +/** + * Contains response data for the create operation. + */ +export type MetadataCreateResponse = MetadataModel & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: MetadataModel; + }; +}; + +/** + * Contains response data for the update operation. + */ +export type MetadataUpdateResponse = MetadataModel & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: MetadataModel; + }; +}; + +/** + * Contains response data for the listNext operation. + */ +export type MetadataListNextResponse = MetadataList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: MetadataList; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type SentinelOnboardingStatesGetResponse = SentinelOnboardingState & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: SentinelOnboardingState; + }; +}; + +/** + * Contains response data for the create operation. + */ +export type SentinelOnboardingStatesCreateResponse = SentinelOnboardingState & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: SentinelOnboardingState; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type SentinelOnboardingStatesListResponse = SentinelOnboardingStatesList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: SentinelOnboardingStatesList; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type ProductSettingsListResponse = SettingList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: SettingList; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type ProductSettingsGetResponse = SettingsUnion & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: SettingsUnion; + }; +}; + +/** + * Contains response data for the update operation. + */ +export type ProductSettingsUpdateResponse = SettingsUnion & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: SettingsUnion; + }; +}; + +/** + * Contains response data for the listRepositories operation. + */ +export type SourceControlListRepositoriesResponse = RepoList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: RepoList; + }; +}; + +/** + * Contains response data for the listRepositoriesNext operation. + */ +export type SourceControlListRepositoriesNextResponse = RepoList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: RepoList; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type SourceControlsListResponse = SourceControlList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: SourceControlList; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type SourceControlsGetResponse = SourceControl & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: SourceControl; + }; +}; + +/** + * Contains response data for the create operation. + */ +export type SourceControlsCreateResponse = SourceControl & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: SourceControl; + }; +}; + +/** + * Contains response data for the listNext operation. + */ +export type SourceControlsListNextResponse = SourceControlList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: SourceControlList; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type WatchlistsListResponse = WatchlistList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: WatchlistList; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type WatchlistsGetResponse = Watchlist & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: Watchlist; + }; +}; + +/** + * Contains response data for the createOrUpdate operation. + */ +export type WatchlistsCreateOrUpdateResponse = Watchlist & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: Watchlist; + }; +}; + +/** + * Contains response data for the listNext operation. + */ +export type WatchlistsListNextResponse = WatchlistList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: WatchlistList; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type WatchlistItemsListResponse = WatchlistItemList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: WatchlistItemList; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type WatchlistItemsGetResponse = WatchlistItem & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: WatchlistItem; + }; +}; + +/** + * Contains response data for the createOrUpdate operation. + */ +export type WatchlistItemsCreateOrUpdateResponse = WatchlistItem & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: WatchlistItem; + }; +}; + +/** + * Contains response data for the listNext operation. + */ +export type WatchlistItemsListNextResponse = WatchlistItemList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: WatchlistItemList; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type DataConnectorsListResponse = DataConnectorList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: DataConnectorList; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type DataConnectorsGetResponse = DataConnectorUnion & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: DataConnectorUnion; + }; +}; + +/** + * Contains response data for the createOrUpdate operation. + */ +export type DataConnectorsCreateOrUpdateResponse = DataConnectorUnion & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: DataConnectorUnion; + }; +}; + +/** + * Contains response data for the listNext operation. + */ +export type DataConnectorsListNextResponse = DataConnectorList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: DataConnectorList; + }; +}; + +/** + * Contains response data for the post operation. + */ +export type DataConnectorsCheckRequirementsPostResponse = DataConnectorRequirementsState & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: DataConnectorRequirementsState; + }; +}; + +/** + * Contains response data for the createIndicator operation. + */ +export type ThreatIntelligenceIndicatorCreateIndicatorResponse = ThreatIntelligenceInformationUnion & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: ThreatIntelligenceInformationUnion; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type ThreatIntelligenceIndicatorGetResponse = ThreatIntelligenceInformationUnion & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: ThreatIntelligenceInformationUnion; + }; +}; + +/** + * Contains response data for the create operation. + */ +export type ThreatIntelligenceIndicatorCreateResponse = ThreatIntelligenceInformationUnion & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: ThreatIntelligenceInformationUnion; + }; +}; + +/** + * Contains response data for the queryIndicators operation. + */ +export type ThreatIntelligenceIndicatorQueryIndicatorsResponse = ThreatIntelligenceInformationList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: ThreatIntelligenceInformationList; + }; +}; + +/** + * Contains response data for the replaceTags operation. + */ +export type ThreatIntelligenceIndicatorReplaceTagsResponse = ThreatIntelligenceInformationUnion & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: ThreatIntelligenceInformationUnion; + }; +}; + +/** + * Contains response data for the queryIndicatorsNext operation. + */ +export type ThreatIntelligenceIndicatorQueryIndicatorsNextResponse = ThreatIntelligenceInformationList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: ThreatIntelligenceInformationList; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type ThreatIntelligenceIndicatorsListResponse = ThreatIntelligenceInformationList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: ThreatIntelligenceInformationList; + }; +}; + +/** + * Contains response data for the listNext operation. + */ +export type ThreatIntelligenceIndicatorsListNextResponse = ThreatIntelligenceInformationList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: ThreatIntelligenceInformationList; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type ThreatIntelligenceIndicatorMetricsListResponse = ThreatIntelligenceMetricsList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: ThreatIntelligenceMetricsList; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type OperationsListResponse = OperationsList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: OperationsList; + }; +}; + +/** + * Contains response data for the listNext operation. + */ +export type OperationsListNextResponse = OperationsList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: OperationsList; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type OfficeConsentsListResponse = OfficeConsentList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: OfficeConsentList; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type OfficeConsentsGetResponse = OfficeConsent & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: OfficeConsent; + }; +}; + +/** + * Contains response data for the listNext operation. + */ +export type OfficeConsentsListNextResponse = OfficeConsentList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: OfficeConsentList; + }; +}; + +/** + * Contains response data for the list operation. + */ +export type EntityQueryTemplatesListResponse = EntityQueryTemplateList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: EntityQueryTemplateList; + }; +}; + +/** + * Contains response data for the get operation. + */ +export type EntityQueryTemplatesGetResponse = EntityQueryTemplateUnion & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: EntityQueryTemplateUnion; + }; +}; + +/** + * Contains response data for the listNext operation. + */ +export type EntityQueryTemplatesListNextResponse = EntityQueryTemplateList & { + /** + * The underlying HTTP response. + */ + _response: msRest.HttpResponse & { + /** + * The response body as text (string format) + */ + bodyAsText: string; + + /** + * The response body as parsed JSON or XML + */ + parsedBody: EntityQueryTemplateList; + }; +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/mappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/mappers.ts new file mode 100644 index 000000000000..6318b028aa5d --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/mappers.ts @@ -0,0 +1,12020 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { CloudErrorMapper, BaseResourceMapper } from "@azure/ms-rest-azure-js"; +import * as msRest from "@azure/ms-rest-js"; + +export const CloudError = CloudErrorMapper; +export const BaseResource = BaseResourceMapper; + +export const Resource: msRest.CompositeMapper = { + serializedName: "Resource", + type: { + name: "Composite", + className: "Resource", + modelProperties: { + id: { + readOnly: true, + serializedName: "id", + type: { + name: "String" + } + }, + name: { + readOnly: true, + serializedName: "name", + type: { + name: "String" + } + }, + type: { + readOnly: true, + serializedName: "type", + type: { + name: "String" + } + }, + systemData: { + readOnly: true, + serializedName: "systemData", + type: { + name: "Composite", + className: "SystemData" + } + } + } + } +}; + +export const ResourceWithEtag: msRest.CompositeMapper = { + serializedName: "ResourceWithEtag", + type: { + name: "Composite", + className: "ResourceWithEtag", + modelProperties: { + ...Resource.type.modelProperties, + etag: { + serializedName: "etag", + type: { + name: "String" + } + } + } + } +}; + +export const AlertRule: msRest.CompositeMapper = { + serializedName: "AlertRule", + type: { + name: "Composite", + polymorphicDiscriminator: { + serializedName: "kind", + clientName: "kind" + }, + uberParent: "AlertRule", + className: "AlertRule", + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + kind: { + required: true, + serializedName: "kind", + type: { + name: "String" + } + } + } + } +}; + +export const AlertRuleTemplate: msRest.CompositeMapper = { + serializedName: "AlertRuleTemplate", + type: { + name: "Composite", + polymorphicDiscriminator: { + serializedName: "kind", + clientName: "kind" + }, + uberParent: "AlertRuleTemplate", + className: "AlertRuleTemplate", + modelProperties: { + ...Resource.type.modelProperties, + kind: { + required: true, + serializedName: "kind", + type: { + name: "String" + } + } + } + } +}; + +export const AlertRuleTemplateDataSource: msRest.CompositeMapper = { + serializedName: "AlertRuleTemplateDataSource", + type: { + name: "Composite", + className: "AlertRuleTemplateDataSource", + modelProperties: { + connectorId: { + serializedName: "connectorId", + type: { + name: "String" + } + }, + dataTypes: { + serializedName: "dataTypes", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const AlertRuleTemplatePropertiesBase: msRest.CompositeMapper = { + serializedName: "AlertRuleTemplatePropertiesBase", + type: { + name: "Composite", + className: "AlertRuleTemplatePropertiesBase", + modelProperties: { + alertRulesCreatedByTemplateCount: { + serializedName: "alertRulesCreatedByTemplateCount", + type: { + name: "Number" + } + }, + lastUpdatedDateUTC: { + readOnly: true, + serializedName: "lastUpdatedDateUTC", + type: { + name: "DateTime" + } + }, + createdDateUTC: { + readOnly: true, + serializedName: "createdDateUTC", + type: { + name: "DateTime" + } + }, + description: { + serializedName: "description", + type: { + name: "String" + } + }, + displayName: { + serializedName: "displayName", + type: { + name: "String" + } + }, + requiredDataConnectors: { + serializedName: "requiredDataConnectors", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "AlertRuleTemplateDataSource" + } + } + } + }, + status: { + serializedName: "status", + type: { + name: "String" + } + } + } + } +}; + +export const FieldMapping: msRest.CompositeMapper = { + serializedName: "FieldMapping", + type: { + name: "Composite", + className: "FieldMapping", + modelProperties: { + identifier: { + serializedName: "identifier", + type: { + name: "String" + } + }, + columnName: { + serializedName: "columnName", + type: { + name: "String" + } + } + } + } +}; + +export const EntityMapping: msRest.CompositeMapper = { + serializedName: "EntityMapping", + type: { + name: "Composite", + className: "EntityMapping", + modelProperties: { + entityType: { + serializedName: "entityType", + type: { + name: "String" + } + }, + fieldMappings: { + serializedName: "fieldMappings", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "FieldMapping" + } + } + } + } + } + } +}; + +export const AlertDetailsOverride: msRest.CompositeMapper = { + serializedName: "AlertDetailsOverride", + type: { + name: "Composite", + className: "AlertDetailsOverride", + modelProperties: { + alertDisplayNameFormat: { + serializedName: "alertDisplayNameFormat", + type: { + name: "String" + } + }, + alertDescriptionFormat: { + serializedName: "alertDescriptionFormat", + type: { + name: "String" + } + }, + alertTacticsColumnName: { + serializedName: "alertTacticsColumnName", + type: { + name: "String" + } + }, + alertSeverityColumnName: { + serializedName: "alertSeverityColumnName", + type: { + name: "String" + } + } + } + } +}; + +export const QueryBasedAlertRuleTemplateProperties: msRest.CompositeMapper = { + serializedName: "QueryBasedAlertRuleTemplateProperties", + type: { + name: "Composite", + className: "QueryBasedAlertRuleTemplateProperties", + modelProperties: { + query: { + serializedName: "query", + type: { + name: "String" + } + }, + severity: { + serializedName: "severity", + type: { + name: "String" + } + }, + tactics: { + serializedName: "tactics", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + version: { + serializedName: "version", + type: { + name: "String" + } + }, + customDetails: { + serializedName: "customDetails", + type: { + name: "Dictionary", + value: { + type: { + name: "String" + } + } + } + }, + entityMappings: { + serializedName: "entityMappings", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "EntityMapping" + } + } + } + }, + alertDetailsOverride: { + serializedName: "alertDetailsOverride", + type: { + name: "Composite", + className: "AlertDetailsOverride" + } + } + } + } +}; + +export const MLBehaviorAnalyticsAlertRule: msRest.CompositeMapper = { + serializedName: "MLBehaviorAnalytics", + type: { + name: "Composite", + polymorphicDiscriminator: AlertRule.type.polymorphicDiscriminator, + uberParent: "AlertRule", + className: "MLBehaviorAnalyticsAlertRule", + modelProperties: { + ...AlertRule.type.modelProperties, + alertRuleTemplateName: { + required: true, + serializedName: "properties.alertRuleTemplateName", + type: { + name: "String" + } + }, + description: { + readOnly: true, + serializedName: "properties.description", + type: { + name: "String" + } + }, + displayName: { + readOnly: true, + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + enabled: { + required: true, + serializedName: "properties.enabled", + type: { + name: "Boolean" + } + }, + lastModifiedUtc: { + readOnly: true, + serializedName: "properties.lastModifiedUtc", + type: { + name: "DateTime" + } + }, + severity: { + readOnly: true, + serializedName: "properties.severity", + type: { + name: "String" + } + }, + tactics: { + readOnly: true, + serializedName: "properties.tactics", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const MLBehaviorAnalyticsAlertRuleTemplate: msRest.CompositeMapper = { + serializedName: "MLBehaviorAnalytics", + type: { + name: "Composite", + polymorphicDiscriminator: AlertRuleTemplate.type.polymorphicDiscriminator, + uberParent: "AlertRuleTemplate", + className: "MLBehaviorAnalyticsAlertRuleTemplate", + modelProperties: { + ...AlertRuleTemplate.type.modelProperties, + alertRulesCreatedByTemplateCount: { + serializedName: "properties.alertRulesCreatedByTemplateCount", + type: { + name: "Number" + } + }, + lastUpdatedDateUTC: { + readOnly: true, + serializedName: "properties.lastUpdatedDateUTC", + type: { + name: "DateTime" + } + }, + createdDateUTC: { + readOnly: true, + serializedName: "properties.createdDateUTC", + type: { + name: "DateTime" + } + }, + description: { + serializedName: "properties.description", + type: { + name: "String" + } + }, + displayName: { + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + requiredDataConnectors: { + serializedName: "properties.requiredDataConnectors", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "AlertRuleTemplateDataSource" + } + } + } + }, + status: { + serializedName: "properties.status", + type: { + name: "String" + } + }, + severity: { + required: true, + serializedName: "properties.severity", + type: { + name: "String" + } + }, + tactics: { + serializedName: "properties.tactics", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const FusionAlertRule: msRest.CompositeMapper = { + serializedName: "Fusion", + type: { + name: "Composite", + polymorphicDiscriminator: AlertRule.type.polymorphicDiscriminator, + uberParent: "AlertRule", + className: "FusionAlertRule", + modelProperties: { + ...AlertRule.type.modelProperties, + alertRuleTemplateName: { + required: true, + serializedName: "properties.alertRuleTemplateName", + type: { + name: "String" + } + }, + description: { + readOnly: true, + serializedName: "properties.description", + type: { + name: "String" + } + }, + displayName: { + readOnly: true, + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + enabled: { + required: true, + serializedName: "properties.enabled", + type: { + name: "Boolean" + } + }, + lastModifiedUtc: { + readOnly: true, + serializedName: "properties.lastModifiedUtc", + type: { + name: "DateTime" + } + }, + severity: { + readOnly: true, + serializedName: "properties.severity", + type: { + name: "String" + } + }, + tactics: { + readOnly: true, + serializedName: "properties.tactics", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const FusionAlertRuleTemplate: msRest.CompositeMapper = { + serializedName: "Fusion", + type: { + name: "Composite", + polymorphicDiscriminator: AlertRuleTemplate.type.polymorphicDiscriminator, + uberParent: "AlertRuleTemplate", + className: "FusionAlertRuleTemplate", + modelProperties: { + ...AlertRuleTemplate.type.modelProperties, + alertRulesCreatedByTemplateCount: { + serializedName: "properties.alertRulesCreatedByTemplateCount", + type: { + name: "Number" + } + }, + lastUpdatedDateUTC: { + readOnly: true, + serializedName: "properties.lastUpdatedDateUTC", + type: { + name: "DateTime" + } + }, + createdDateUTC: { + readOnly: true, + serializedName: "properties.createdDateUTC", + type: { + name: "DateTime" + } + }, + description: { + serializedName: "properties.description", + type: { + name: "String" + } + }, + displayName: { + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + requiredDataConnectors: { + serializedName: "properties.requiredDataConnectors", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "AlertRuleTemplateDataSource" + } + } + } + }, + status: { + serializedName: "properties.status", + type: { + name: "String" + } + }, + severity: { + required: true, + serializedName: "properties.severity", + type: { + name: "String" + } + }, + tactics: { + serializedName: "properties.tactics", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const ThreatIntelligenceAlertRule: msRest.CompositeMapper = { + serializedName: "ThreatIntelligence", + type: { + name: "Composite", + polymorphicDiscriminator: AlertRule.type.polymorphicDiscriminator, + uberParent: "AlertRule", + className: "ThreatIntelligenceAlertRule", + modelProperties: { + ...AlertRule.type.modelProperties, + alertRuleTemplateName: { + required: true, + serializedName: "properties.alertRuleTemplateName", + type: { + name: "String" + } + }, + description: { + readOnly: true, + serializedName: "properties.description", + type: { + name: "String" + } + }, + displayName: { + readOnly: true, + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + enabled: { + required: true, + serializedName: "properties.enabled", + type: { + name: "Boolean" + } + }, + lastModifiedUtc: { + readOnly: true, + serializedName: "properties.lastModifiedUtc", + type: { + name: "DateTime" + } + }, + severity: { + readOnly: true, + serializedName: "properties.severity", + type: { + name: "String" + } + }, + tactics: { + readOnly: true, + serializedName: "properties.tactics", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const ThreatIntelligenceAlertRuleTemplate: msRest.CompositeMapper = { + serializedName: "ThreatIntelligence", + type: { + name: "Composite", + polymorphicDiscriminator: AlertRuleTemplate.type.polymorphicDiscriminator, + uberParent: "AlertRuleTemplate", + className: "ThreatIntelligenceAlertRuleTemplate", + modelProperties: { + ...AlertRuleTemplate.type.modelProperties, + alertRulesCreatedByTemplateCount: { + serializedName: "properties.alertRulesCreatedByTemplateCount", + type: { + name: "Number" + } + }, + lastUpdatedDateUTC: { + readOnly: true, + serializedName: "properties.lastUpdatedDateUTC", + type: { + name: "DateTime" + } + }, + createdDateUTC: { + readOnly: true, + serializedName: "properties.createdDateUTC", + type: { + name: "DateTime" + } + }, + description: { + serializedName: "properties.description", + type: { + name: "String" + } + }, + displayName: { + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + requiredDataConnectors: { + serializedName: "properties.requiredDataConnectors", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "AlertRuleTemplateDataSource" + } + } + } + }, + status: { + serializedName: "properties.status", + type: { + name: "String" + } + }, + severity: { + required: true, + serializedName: "properties.severity", + type: { + name: "String" + } + }, + tactics: { + serializedName: "properties.tactics", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const MicrosoftSecurityIncidentCreationAlertRule: msRest.CompositeMapper = { + serializedName: "MicrosoftSecurityIncidentCreation", + type: { + name: "Composite", + polymorphicDiscriminator: AlertRule.type.polymorphicDiscriminator, + uberParent: "AlertRule", + className: "MicrosoftSecurityIncidentCreationAlertRule", + modelProperties: { + ...AlertRule.type.modelProperties, + displayNamesFilter: { + serializedName: "properties.displayNamesFilter", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + displayNamesExcludeFilter: { + serializedName: "properties.displayNamesExcludeFilter", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + productFilter: { + required: true, + serializedName: "properties.productFilter", + type: { + name: "String" + } + }, + severitiesFilter: { + serializedName: "properties.severitiesFilter", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + alertRuleTemplateName: { + serializedName: "properties.alertRuleTemplateName", + type: { + name: "String" + } + }, + description: { + serializedName: "properties.description", + type: { + name: "String" + } + }, + displayName: { + required: true, + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + enabled: { + required: true, + serializedName: "properties.enabled", + type: { + name: "Boolean" + } + }, + lastModifiedUtc: { + readOnly: true, + serializedName: "properties.lastModifiedUtc", + type: { + name: "DateTime" + } + } + } + } +}; + +export const MicrosoftSecurityIncidentCreationAlertRuleCommonProperties: msRest.CompositeMapper = { + serializedName: "MicrosoftSecurityIncidentCreationAlertRuleCommonProperties", + type: { + name: "Composite", + className: "MicrosoftSecurityIncidentCreationAlertRuleCommonProperties", + modelProperties: { + displayNamesFilter: { + serializedName: "displayNamesFilter", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + displayNamesExcludeFilter: { + serializedName: "displayNamesExcludeFilter", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + productFilter: { + required: true, + serializedName: "productFilter", + type: { + name: "String" + } + }, + severitiesFilter: { + serializedName: "severitiesFilter", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const MicrosoftSecurityIncidentCreationAlertRuleTemplate: msRest.CompositeMapper = { + serializedName: "MicrosoftSecurityIncidentCreation", + type: { + name: "Composite", + polymorphicDiscriminator: AlertRuleTemplate.type.polymorphicDiscriminator, + uberParent: "AlertRuleTemplate", + className: "MicrosoftSecurityIncidentCreationAlertRuleTemplate", + modelProperties: { + ...AlertRuleTemplate.type.modelProperties, + alertRulesCreatedByTemplateCount: { + required: true, + serializedName: "properties.alertRulesCreatedByTemplateCount", + type: { + name: "Number" + } + }, + lastUpdatedDateUTC: { + readOnly: true, + serializedName: "properties.lastUpdatedDateUTC", + type: { + name: "DateTime" + } + }, + createdDateUTC: { + required: true, + readOnly: true, + serializedName: "properties.createdDateUTC", + type: { + name: "DateTime" + } + }, + description: { + required: true, + serializedName: "properties.description", + type: { + name: "String" + } + }, + displayName: { + required: true, + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + requiredDataConnectors: { + serializedName: "properties.requiredDataConnectors", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "AlertRuleTemplateDataSource" + } + } + } + }, + status: { + required: true, + serializedName: "properties.status", + type: { + name: "String" + } + }, + displayNamesFilter: { + serializedName: "properties.displayNamesFilter", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + displayNamesExcludeFilter: { + serializedName: "properties.displayNamesExcludeFilter", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + productFilter: { + required: true, + serializedName: "properties.productFilter", + type: { + name: "String" + } + }, + severitiesFilter: { + serializedName: "properties.severitiesFilter", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const GroupingConfiguration: msRest.CompositeMapper = { + serializedName: "GroupingConfiguration", + type: { + name: "Composite", + className: "GroupingConfiguration", + modelProperties: { + enabled: { + required: true, + serializedName: "enabled", + type: { + name: "Boolean" + } + }, + reopenClosedIncident: { + required: true, + serializedName: "reopenClosedIncident", + type: { + name: "Boolean" + } + }, + lookbackDuration: { + required: true, + serializedName: "lookbackDuration", + type: { + name: "TimeSpan" + } + }, + matchingMethod: { + required: true, + serializedName: "matchingMethod", + type: { + name: "String" + } + }, + groupByEntities: { + serializedName: "groupByEntities", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + groupByAlertDetails: { + serializedName: "groupByAlertDetails", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + groupByCustomDetails: { + serializedName: "groupByCustomDetails", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const IncidentConfiguration: msRest.CompositeMapper = { + serializedName: "IncidentConfiguration", + type: { + name: "Composite", + className: "IncidentConfiguration", + modelProperties: { + createIncident: { + required: true, + serializedName: "createIncident", + type: { + name: "Boolean" + } + }, + groupingConfiguration: { + serializedName: "groupingConfiguration", + type: { + name: "Composite", + className: "GroupingConfiguration" + } + } + } + } +}; + +export const QueryBasedAlertRuleProperties: msRest.CompositeMapper = { + serializedName: "QueryBasedAlertRuleProperties", + type: { + name: "Composite", + className: "QueryBasedAlertRuleProperties", + modelProperties: { + alertRuleTemplateName: { + serializedName: "alertRuleTemplateName", + type: { + name: "String" + } + }, + templateVersion: { + serializedName: "templateVersion", + type: { + name: "String" + } + }, + description: { + serializedName: "description", + type: { + name: "String" + } + }, + query: { + serializedName: "query", + type: { + name: "String" + } + }, + displayName: { + required: true, + serializedName: "displayName", + type: { + name: "String" + } + }, + enabled: { + required: true, + serializedName: "enabled", + type: { + name: "Boolean" + } + }, + lastModifiedUtc: { + readOnly: true, + serializedName: "lastModifiedUtc", + type: { + name: "DateTime" + } + }, + suppressionDuration: { + required: true, + serializedName: "suppressionDuration", + type: { + name: "TimeSpan" + } + }, + suppressionEnabled: { + required: true, + serializedName: "suppressionEnabled", + type: { + name: "Boolean" + } + }, + severity: { + serializedName: "severity", + type: { + name: "String" + } + }, + tactics: { + serializedName: "tactics", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + incidentConfiguration: { + serializedName: "incidentConfiguration", + type: { + name: "Composite", + className: "IncidentConfiguration" + } + }, + customDetails: { + serializedName: "customDetails", + type: { + name: "Dictionary", + value: { + type: { + name: "String" + } + } + } + }, + entityMappings: { + serializedName: "entityMappings", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "EntityMapping" + } + } + } + }, + alertDetailsOverride: { + serializedName: "alertDetailsOverride", + type: { + name: "Composite", + className: "AlertDetailsOverride" + } + } + } + } +}; + +export const EventGroupingSettings: msRest.CompositeMapper = { + serializedName: "EventGroupingSettings", + type: { + name: "Composite", + className: "EventGroupingSettings", + modelProperties: { + aggregationKind: { + serializedName: "aggregationKind", + type: { + name: "String" + } + } + } + } +}; + +export const ScheduledAlertRuleTemplate: msRest.CompositeMapper = { + serializedName: "Scheduled", + type: { + name: "Composite", + polymorphicDiscriminator: AlertRuleTemplate.type.polymorphicDiscriminator, + uberParent: "AlertRuleTemplate", + className: "ScheduledAlertRuleTemplate", + modelProperties: { + ...AlertRuleTemplate.type.modelProperties, + alertRulesCreatedByTemplateCount: { + required: true, + serializedName: "properties.alertRulesCreatedByTemplateCount", + type: { + name: "Number" + } + }, + lastUpdatedDateUTC: { + readOnly: true, + serializedName: "properties.lastUpdatedDateUTC", + type: { + name: "DateTime" + } + }, + createdDateUTC: { + readOnly: true, + serializedName: "properties.createdDateUTC", + type: { + name: "DateTime" + } + }, + description: { + required: true, + serializedName: "properties.description", + type: { + name: "String" + } + }, + displayName: { + required: true, + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + requiredDataConnectors: { + serializedName: "properties.requiredDataConnectors", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "AlertRuleTemplateDataSource" + } + } + } + }, + status: { + required: true, + serializedName: "properties.status", + type: { + name: "String" + } + }, + query: { + required: true, + serializedName: "properties.query", + type: { + name: "String" + } + }, + severity: { + required: true, + serializedName: "properties.severity", + type: { + name: "String" + } + }, + tactics: { + serializedName: "properties.tactics", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + version: { + required: true, + serializedName: "properties.version", + type: { + name: "String" + } + }, + customDetails: { + serializedName: "properties.customDetails", + type: { + name: "Dictionary", + value: { + type: { + name: "String" + } + } + } + }, + entityMappings: { + serializedName: "properties.entityMappings", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "EntityMapping" + } + } + } + }, + alertDetailsOverride: { + serializedName: "properties.alertDetailsOverride", + type: { + name: "Composite", + className: "AlertDetailsOverride" + } + }, + queryFrequency: { + required: true, + serializedName: "properties.queryFrequency", + type: { + name: "TimeSpan" + } + }, + queryPeriod: { + required: true, + serializedName: "properties.queryPeriod", + type: { + name: "TimeSpan" + } + }, + triggerOperator: { + required: true, + serializedName: "properties.triggerOperator", + type: { + name: "Enum", + allowedValues: [ + "GreaterThan", + "LessThan", + "Equal", + "NotEqual" + ] + } + }, + triggerThreshold: { + required: true, + serializedName: "properties.triggerThreshold", + type: { + name: "Number" + } + }, + eventGroupingSettings: { + serializedName: "properties.eventGroupingSettings", + type: { + name: "Composite", + className: "EventGroupingSettings" + } + } + } + } +}; + +export const NrtAlertRuleTemplate: msRest.CompositeMapper = { + serializedName: "NRT", + type: { + name: "Composite", + polymorphicDiscriminator: AlertRuleTemplate.type.polymorphicDiscriminator, + uberParent: "AlertRuleTemplate", + className: "NrtAlertRuleTemplate", + modelProperties: { + ...AlertRuleTemplate.type.modelProperties, + alertRulesCreatedByTemplateCount: { + required: true, + serializedName: "properties.alertRulesCreatedByTemplateCount", + type: { + name: "Number" + } + }, + lastUpdatedDateUTC: { + readOnly: true, + serializedName: "properties.lastUpdatedDateUTC", + type: { + name: "DateTime" + } + }, + createdDateUTC: { + readOnly: true, + serializedName: "properties.createdDateUTC", + type: { + name: "DateTime" + } + }, + description: { + required: true, + serializedName: "properties.description", + type: { + name: "String" + } + }, + displayName: { + required: true, + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + requiredDataConnectors: { + serializedName: "properties.requiredDataConnectors", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "AlertRuleTemplateDataSource" + } + } + } + }, + status: { + required: true, + serializedName: "properties.status", + type: { + name: "String" + } + }, + query: { + required: true, + serializedName: "properties.query", + type: { + name: "String" + } + }, + severity: { + required: true, + serializedName: "properties.severity", + type: { + name: "String" + } + }, + tactics: { + serializedName: "properties.tactics", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + version: { + required: true, + serializedName: "properties.version", + type: { + name: "String" + } + }, + customDetails: { + serializedName: "properties.customDetails", + type: { + name: "Dictionary", + value: { + type: { + name: "String" + } + } + } + }, + entityMappings: { + serializedName: "properties.entityMappings", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "EntityMapping" + } + } + } + }, + alertDetailsOverride: { + serializedName: "properties.alertDetailsOverride", + type: { + name: "Composite", + className: "AlertDetailsOverride" + } + } + } + } +}; + +export const ScheduledAlertRule: msRest.CompositeMapper = { + serializedName: "Scheduled", + type: { + name: "Composite", + polymorphicDiscriminator: AlertRule.type.polymorphicDiscriminator, + uberParent: "AlertRule", + className: "ScheduledAlertRule", + modelProperties: { + ...AlertRule.type.modelProperties, + queryFrequency: { + required: true, + serializedName: "properties.queryFrequency", + type: { + name: "TimeSpan" + } + }, + queryPeriod: { + required: true, + serializedName: "properties.queryPeriod", + type: { + name: "TimeSpan" + } + }, + triggerOperator: { + required: true, + serializedName: "properties.triggerOperator", + type: { + name: "Enum", + allowedValues: [ + "GreaterThan", + "LessThan", + "Equal", + "NotEqual" + ] + } + }, + triggerThreshold: { + required: true, + serializedName: "properties.triggerThreshold", + type: { + name: "Number" + } + }, + eventGroupingSettings: { + serializedName: "properties.eventGroupingSettings", + type: { + name: "Composite", + className: "EventGroupingSettings" + } + }, + alertRuleTemplateName: { + serializedName: "properties.alertRuleTemplateName", + type: { + name: "String" + } + }, + templateVersion: { + serializedName: "properties.templateVersion", + type: { + name: "String" + } + }, + description: { + serializedName: "properties.description", + type: { + name: "String" + } + }, + query: { + required: true, + serializedName: "properties.query", + type: { + name: "String" + } + }, + displayName: { + required: true, + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + enabled: { + required: true, + serializedName: "properties.enabled", + type: { + name: "Boolean" + } + }, + lastModifiedUtc: { + readOnly: true, + serializedName: "properties.lastModifiedUtc", + type: { + name: "DateTime" + } + }, + suppressionDuration: { + required: true, + serializedName: "properties.suppressionDuration", + type: { + name: "TimeSpan" + } + }, + suppressionEnabled: { + required: true, + serializedName: "properties.suppressionEnabled", + type: { + name: "Boolean" + } + }, + severity: { + required: true, + serializedName: "properties.severity", + type: { + name: "String" + } + }, + tactics: { + serializedName: "properties.tactics", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + incidentConfiguration: { + serializedName: "properties.incidentConfiguration", + type: { + name: "Composite", + className: "IncidentConfiguration" + } + }, + customDetails: { + serializedName: "properties.customDetails", + type: { + name: "Dictionary", + value: { + type: { + name: "String" + } + } + } + }, + entityMappings: { + serializedName: "properties.entityMappings", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "EntityMapping" + } + } + } + }, + alertDetailsOverride: { + serializedName: "properties.alertDetailsOverride", + type: { + name: "Composite", + className: "AlertDetailsOverride" + } + } + } + } +}; + +export const NrtAlertRule: msRest.CompositeMapper = { + serializedName: "NRT", + type: { + name: "Composite", + polymorphicDiscriminator: AlertRule.type.polymorphicDiscriminator, + uberParent: "AlertRule", + className: "NrtAlertRule", + modelProperties: { + ...AlertRule.type.modelProperties, + alertRuleTemplateName: { + serializedName: "properties.alertRuleTemplateName", + type: { + name: "String" + } + }, + templateVersion: { + serializedName: "properties.templateVersion", + type: { + name: "String" + } + }, + description: { + serializedName: "properties.description", + type: { + name: "String" + } + }, + query: { + serializedName: "properties.query", + type: { + name: "String" + } + }, + displayName: { + required: true, + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + enabled: { + required: true, + serializedName: "properties.enabled", + type: { + name: "Boolean" + } + }, + lastModifiedUtc: { + readOnly: true, + serializedName: "properties.lastModifiedUtc", + type: { + name: "DateTime" + } + }, + suppressionDuration: { + required: true, + serializedName: "properties.suppressionDuration", + type: { + name: "TimeSpan" + } + }, + suppressionEnabled: { + required: true, + serializedName: "properties.suppressionEnabled", + type: { + name: "Boolean" + } + }, + severity: { + serializedName: "properties.severity", + type: { + name: "String" + } + }, + tactics: { + serializedName: "properties.tactics", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + incidentConfiguration: { + serializedName: "properties.incidentConfiguration", + type: { + name: "Composite", + className: "IncidentConfiguration" + } + }, + customDetails: { + serializedName: "properties.customDetails", + type: { + name: "Dictionary", + value: { + type: { + name: "String" + } + } + } + }, + entityMappings: { + serializedName: "properties.entityMappings", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "EntityMapping" + } + } + } + }, + alertDetailsOverride: { + serializedName: "properties.alertDetailsOverride", + type: { + name: "Composite", + className: "AlertDetailsOverride" + } + } + } + } +}; + +export const ScheduledAlertRuleCommonProperties: msRest.CompositeMapper = { + serializedName: "ScheduledAlertRuleCommonProperties", + type: { + name: "Composite", + className: "ScheduledAlertRuleCommonProperties", + modelProperties: { + queryFrequency: { + serializedName: "queryFrequency", + type: { + name: "TimeSpan" + } + }, + queryPeriod: { + serializedName: "queryPeriod", + type: { + name: "TimeSpan" + } + }, + triggerOperator: { + serializedName: "triggerOperator", + type: { + name: "Enum", + allowedValues: [ + "GreaterThan", + "LessThan", + "Equal", + "NotEqual" + ] + } + }, + triggerThreshold: { + serializedName: "triggerThreshold", + type: { + name: "Number" + } + }, + eventGroupingSettings: { + serializedName: "eventGroupingSettings", + type: { + name: "Composite", + className: "EventGroupingSettings" + } + } + } + } +}; + +export const ActionRequest: msRest.CompositeMapper = { + serializedName: "ActionRequest", + type: { + name: "Composite", + className: "ActionRequest", + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + logicAppResourceId: { + required: true, + serializedName: "properties.logicAppResourceId", + type: { + name: "String" + } + }, + triggerUri: { + required: true, + serializedName: "properties.triggerUri", + type: { + name: "String" + } + } + } + } +}; + +export const ActionPropertiesBase: msRest.CompositeMapper = { + serializedName: "ActionPropertiesBase", + type: { + name: "Composite", + className: "ActionPropertiesBase", + modelProperties: { + logicAppResourceId: { + required: true, + serializedName: "logicAppResourceId", + type: { + name: "String" + } + } + } + } +}; + +export const ActionResponse: msRest.CompositeMapper = { + serializedName: "ActionResponse", + type: { + name: "Composite", + className: "ActionResponse", + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + logicAppResourceId: { + required: true, + serializedName: "properties.logicAppResourceId", + type: { + name: "String" + } + }, + workflowId: { + serializedName: "properties.workflowId", + type: { + name: "String" + } + } + } + } +}; + +export const SystemData: msRest.CompositeMapper = { + serializedName: "systemData", + type: { + name: "Composite", + className: "SystemData", + modelProperties: { + createdBy: { + serializedName: "createdBy", + type: { + name: "String" + } + }, + createdByType: { + serializedName: "createdByType", + type: { + name: "String" + } + }, + createdAt: { + serializedName: "createdAt", + type: { + name: "DateTime" + } + }, + lastModifiedBy: { + serializedName: "lastModifiedBy", + type: { + name: "String" + } + }, + lastModifiedByType: { + serializedName: "lastModifiedByType", + type: { + name: "String" + } + }, + lastModifiedAt: { + serializedName: "lastModifiedAt", + type: { + name: "DateTime" + } + } + } + } +}; + +export const ProxyResource: msRest.CompositeMapper = { + serializedName: "ProxyResource", + type: { + name: "Composite", + className: "ProxyResource", + modelProperties: { + ...Resource.type.modelProperties + } + } +}; + +export const TrackedResource: msRest.CompositeMapper = { + serializedName: "TrackedResource", + type: { + name: "Composite", + className: "TrackedResource", + modelProperties: { + ...Resource.type.modelProperties, + tags: { + serializedName: "tags", + type: { + name: "Dictionary", + value: { + type: { + name: "String" + } + } + } + }, + location: { + required: true, + serializedName: "location", + type: { + name: "String" + } + } + } + } +}; + +export const AzureEntityResource: msRest.CompositeMapper = { + serializedName: "AzureEntityResource", + type: { + name: "Composite", + className: "AzureEntityResource", + modelProperties: { + ...Resource.type.modelProperties, + etag: { + readOnly: true, + serializedName: "etag", + type: { + name: "String" + } + } + } + } +}; + +export const ErrorAdditionalInfo: msRest.CompositeMapper = { + serializedName: "ErrorAdditionalInfo", + type: { + name: "Composite", + className: "ErrorAdditionalInfo", + modelProperties: { + type: { + readOnly: true, + serializedName: "type", + type: { + name: "String" + } + }, + info: { + readOnly: true, + serializedName: "info", + type: { + name: "Object" + } + } + } + } +}; + +export const ErrorDetail: msRest.CompositeMapper = { + serializedName: "ErrorDetail", + type: { + name: "Composite", + className: "ErrorDetail", + modelProperties: { + code: { + readOnly: true, + serializedName: "code", + type: { + name: "String" + } + }, + message: { + readOnly: true, + serializedName: "message", + type: { + name: "String" + } + }, + target: { + readOnly: true, + serializedName: "target", + type: { + name: "String" + } + }, + details: { + readOnly: true, + serializedName: "details", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ErrorDetail" + } + } + } + }, + additionalInfo: { + readOnly: true, + serializedName: "additionalInfo", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ErrorAdditionalInfo" + } + } + } + } + } + } +}; + +export const ErrorResponse: msRest.CompositeMapper = { + serializedName: "ErrorResponse", + type: { + name: "Composite", + className: "ErrorResponse", + modelProperties: { + error: { + serializedName: "error", + type: { + name: "Composite", + className: "ErrorDetail" + } + } + } + } +}; + +export const AutomationRuleCondition: msRest.CompositeMapper = { + serializedName: "AutomationRuleCondition", + type: { + name: "Composite", + polymorphicDiscriminator: { + serializedName: "conditionType", + clientName: "conditionType" + }, + uberParent: "AutomationRuleCondition", + className: "AutomationRuleCondition", + modelProperties: { + conditionType: { + required: true, + serializedName: "conditionType", + type: { + name: "String" + } + } + } + } +}; + +export const AutomationRuleTriggeringLogic: msRest.CompositeMapper = { + serializedName: "AutomationRuleTriggeringLogic", + type: { + name: "Composite", + className: "AutomationRuleTriggeringLogic", + modelProperties: { + isEnabled: { + required: true, + serializedName: "isEnabled", + type: { + name: "Boolean" + } + }, + expirationTimeUtc: { + serializedName: "expirationTimeUtc", + type: { + name: "DateTime" + } + }, + triggersOn: { + required: true, + isConstant: true, + serializedName: "triggersOn", + defaultValue: 'Incidents', + type: { + name: "String" + } + }, + triggersWhen: { + required: true, + isConstant: true, + serializedName: "triggersWhen", + defaultValue: 'Created', + type: { + name: "String" + } + }, + conditions: { + serializedName: "conditions", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "AutomationRuleCondition" + } + } + } + } + } + } +}; + +export const AutomationRuleAction: msRest.CompositeMapper = { + serializedName: "AutomationRuleAction", + type: { + name: "Composite", + polymorphicDiscriminator: { + serializedName: "actionType", + clientName: "actionType" + }, + uberParent: "AutomationRuleAction", + className: "AutomationRuleAction", + modelProperties: { + order: { + required: true, + serializedName: "order", + type: { + name: "Number" + } + }, + actionType: { + required: true, + serializedName: "actionType", + type: { + name: "String" + } + } + } + } +}; + +export const ClientInfo: msRest.CompositeMapper = { + serializedName: "ClientInfo", + type: { + name: "Composite", + className: "ClientInfo", + modelProperties: { + email: { + serializedName: "email", + type: { + name: "String" + } + }, + name: { + serializedName: "name", + type: { + name: "String" + } + }, + objectId: { + serializedName: "objectId", + type: { + name: "Uuid" + } + }, + userPrincipalName: { + serializedName: "userPrincipalName", + type: { + name: "String" + } + } + } + } +}; + +export const AutomationRule: msRest.CompositeMapper = { + serializedName: "AutomationRule", + type: { + name: "Composite", + className: "AutomationRule", + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + displayName: { + required: true, + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + order: { + required: true, + serializedName: "properties.order", + type: { + name: "Number" + } + }, + triggeringLogic: { + required: true, + serializedName: "properties.triggeringLogic", + defaultValue: {}, + type: { + name: "Composite", + className: "AutomationRuleTriggeringLogic" + } + }, + actions: { + required: true, + serializedName: "properties.actions", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "AutomationRuleAction" + } + } + } + }, + createdTimeUtc: { + readOnly: true, + serializedName: "properties.createdTimeUtc", + type: { + name: "DateTime" + } + }, + lastModifiedTimeUtc: { + readOnly: true, + serializedName: "properties.lastModifiedTimeUtc", + type: { + name: "DateTime" + } + }, + createdBy: { + readOnly: true, + serializedName: "properties.createdBy", + type: { + name: "Composite", + className: "ClientInfo" + } + }, + lastModifiedBy: { + readOnly: true, + serializedName: "properties.lastModifiedBy", + type: { + name: "Composite", + className: "ClientInfo" + } + } + } + } +}; + +export const AutomationRuleRunPlaybookActionActionConfiguration: msRest.CompositeMapper = { + serializedName: "AutomationRuleRunPlaybookAction_actionConfiguration", + type: { + name: "Composite", + className: "AutomationRuleRunPlaybookActionActionConfiguration", + modelProperties: { + logicAppResourceId: { + serializedName: "logicAppResourceId", + type: { + name: "String" + } + }, + tenantId: { + serializedName: "tenantId", + type: { + name: "String" + } + } + } + } +}; + +export const AutomationRuleRunPlaybookAction: msRest.CompositeMapper = { + serializedName: "RunPlaybook", + type: { + name: "Composite", + polymorphicDiscriminator: AutomationRuleAction.type.polymorphicDiscriminator, + uberParent: "AutomationRuleAction", + className: "AutomationRuleRunPlaybookAction", + modelProperties: { + ...AutomationRuleAction.type.modelProperties, + actionConfiguration: { + required: true, + serializedName: "actionConfiguration", + type: { + name: "Composite", + className: "AutomationRuleRunPlaybookActionActionConfiguration" + } + } + } + } +}; + +export const IncidentLabel: msRest.CompositeMapper = { + serializedName: "IncidentLabel", + type: { + name: "Composite", + className: "IncidentLabel", + modelProperties: { + labelName: { + required: true, + serializedName: "labelName", + type: { + name: "String" + } + }, + labelType: { + readOnly: true, + serializedName: "labelType", + type: { + name: "String" + } + } + } + } +}; + +export const IncidentOwnerInfo: msRest.CompositeMapper = { + serializedName: "IncidentOwnerInfo", + type: { + name: "Composite", + className: "IncidentOwnerInfo", + modelProperties: { + email: { + serializedName: "email", + type: { + name: "String" + } + }, + assignedTo: { + serializedName: "assignedTo", + type: { + name: "String" + } + }, + objectId: { + serializedName: "objectId", + type: { + name: "Uuid" + } + }, + userPrincipalName: { + serializedName: "userPrincipalName", + type: { + name: "String" + } + }, + ownerType: { + readOnly: true, + serializedName: "ownerType", + type: { + name: "String" + } + } + } + } +}; + +export const AutomationRuleModifyPropertiesActionActionConfiguration: msRest.CompositeMapper = { + serializedName: "AutomationRuleModifyPropertiesAction_actionConfiguration", + type: { + name: "Composite", + className: "AutomationRuleModifyPropertiesActionActionConfiguration", + modelProperties: { + classification: { + serializedName: "classification", + type: { + name: "String" + } + }, + classificationComment: { + serializedName: "classificationComment", + type: { + name: "String" + } + }, + classificationReason: { + serializedName: "classificationReason", + type: { + name: "String" + } + }, + labels: { + serializedName: "labels", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "IncidentLabel" + } + } + } + }, + owner: { + serializedName: "owner", + type: { + name: "Composite", + className: "IncidentOwnerInfo" + } + }, + severity: { + serializedName: "severity", + type: { + name: "String" + } + }, + status: { + serializedName: "status", + type: { + name: "String" + } + } + } + } +}; + +export const AutomationRuleModifyPropertiesAction: msRest.CompositeMapper = { + serializedName: "ModifyProperties", + type: { + name: "Composite", + polymorphicDiscriminator: AutomationRuleAction.type.polymorphicDiscriminator, + uberParent: "AutomationRuleAction", + className: "AutomationRuleModifyPropertiesAction", + modelProperties: { + ...AutomationRuleAction.type.modelProperties, + actionConfiguration: { + required: true, + serializedName: "actionConfiguration", + type: { + name: "Composite", + className: "AutomationRuleModifyPropertiesActionActionConfiguration" + } + } + } + } +}; + +export const AutomationRulePropertyValuesConditionConditionProperties: msRest.CompositeMapper = { + serializedName: "AutomationRulePropertyValuesCondition_conditionProperties", + type: { + name: "Composite", + className: "AutomationRulePropertyValuesConditionConditionProperties", + modelProperties: { + propertyName: { + serializedName: "propertyName", + type: { + name: "String" + } + }, + operator: { + serializedName: "operator", + type: { + name: "String" + } + }, + propertyValues: { + serializedName: "propertyValues", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const AutomationRulePropertyValuesCondition: msRest.CompositeMapper = { + serializedName: "Property", + type: { + name: "Composite", + polymorphicDiscriminator: AutomationRuleCondition.type.polymorphicDiscriminator, + uberParent: "AutomationRuleCondition", + className: "AutomationRulePropertyValuesCondition", + modelProperties: { + ...AutomationRuleCondition.type.modelProperties, + conditionProperties: { + required: true, + serializedName: "conditionProperties", + type: { + name: "Composite", + className: "AutomationRulePropertyValuesConditionConditionProperties" + } + } + } + } +}; + +export const UserInfo: msRest.CompositeMapper = { + serializedName: "UserInfo", + type: { + name: "Composite", + className: "UserInfo", + modelProperties: { + email: { + readOnly: true, + serializedName: "email", + type: { + name: "String" + } + }, + name: { + readOnly: true, + serializedName: "name", + type: { + name: "String" + } + }, + objectId: { + nullable: true, + serializedName: "objectId", + type: { + name: "Uuid" + } + } + } + } +}; + +export const IncidentInfo: msRest.CompositeMapper = { + serializedName: "IncidentInfo", + type: { + name: "Composite", + className: "IncidentInfo", + modelProperties: { + incidentId: { + serializedName: "incidentId", + type: { + name: "String" + } + }, + severity: { + serializedName: "severity", + type: { + name: "String" + } + }, + title: { + serializedName: "title", + type: { + name: "String" + } + }, + relationName: { + serializedName: "relationName", + type: { + name: "String" + } + } + } + } +}; + +export const Bookmark: msRest.CompositeMapper = { + serializedName: "Bookmark", + type: { + name: "Composite", + className: "Bookmark", + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + created: { + serializedName: "properties.created", + type: { + name: "DateTime" + } + }, + createdBy: { + serializedName: "properties.createdBy", + type: { + name: "Composite", + className: "UserInfo" + } + }, + displayName: { + required: true, + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + labels: { + serializedName: "properties.labels", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + notes: { + serializedName: "properties.notes", + type: { + name: "String" + } + }, + query: { + required: true, + serializedName: "properties.query", + type: { + name: "String" + } + }, + queryResult: { + serializedName: "properties.queryResult", + type: { + name: "String" + } + }, + updated: { + serializedName: "properties.updated", + type: { + name: "DateTime" + } + }, + updatedBy: { + serializedName: "properties.updatedBy", + type: { + name: "Composite", + className: "UserInfo" + } + }, + eventTime: { + serializedName: "properties.eventTime", + type: { + name: "DateTime" + } + }, + queryStartTime: { + serializedName: "properties.queryStartTime", + type: { + name: "DateTime" + } + }, + queryEndTime: { + serializedName: "properties.queryEndTime", + type: { + name: "DateTime" + } + }, + incidentInfo: { + serializedName: "properties.incidentInfo", + type: { + name: "Composite", + className: "IncidentInfo" + } + } + } + } +}; + +export const BookmarkExpandParameters: msRest.CompositeMapper = { + serializedName: "BookmarkExpandParameters", + type: { + name: "Composite", + className: "BookmarkExpandParameters", + modelProperties: { + endTime: { + serializedName: "endTime", + type: { + name: "DateTime" + } + }, + expansionId: { + serializedName: "expansionId", + type: { + name: "Uuid" + } + }, + startTime: { + serializedName: "startTime", + type: { + name: "DateTime" + } + } + } + } +}; + +export const ExpansionResultAggregation: msRest.CompositeMapper = { + serializedName: "ExpansionResultAggregation", + type: { + name: "Composite", + className: "ExpansionResultAggregation", + modelProperties: { + aggregationType: { + serializedName: "aggregationType", + type: { + name: "String" + } + }, + count: { + required: true, + serializedName: "count", + type: { + name: "Number" + } + }, + displayName: { + serializedName: "displayName", + type: { + name: "String" + } + }, + entityKind: { + required: true, + serializedName: "entityKind", + type: { + name: "String" + } + } + } + } +}; + +export const ExpansionResultsMetadata: msRest.CompositeMapper = { + serializedName: "ExpansionResultsMetadata", + type: { + name: "Composite", + className: "ExpansionResultsMetadata", + modelProperties: { + aggregations: { + serializedName: "aggregations", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ExpansionResultAggregation" + } + } + } + } + } + } +}; + +export const Entity: msRest.CompositeMapper = { + serializedName: "Entity", + type: { + name: "Composite", + polymorphicDiscriminator: { + serializedName: "kind", + clientName: "kind" + }, + uberParent: "Entity", + className: "Entity", + modelProperties: { + ...Resource.type.modelProperties, + kind: { + required: true, + serializedName: "kind", + type: { + name: "String" + } + } + } + } +}; + +export const ConnectedEntity: msRest.CompositeMapper = { + serializedName: "ConnectedEntity", + type: { + name: "Composite", + className: "ConnectedEntity", + modelProperties: { + targetEntityId: { + serializedName: "targetEntityId", + type: { + name: "String" + } + }, + additionalData: { + serializedName: "additionalData", + type: { + name: "Object" + } + } + } + } +}; + +export const BookmarkExpandResponseValue: msRest.CompositeMapper = { + serializedName: "BookmarkExpandResponse_value", + type: { + name: "Composite", + className: "BookmarkExpandResponseValue", + modelProperties: { + entities: { + serializedName: "entities", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "Entity" + } + } + } + }, + edges: { + serializedName: "edges", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ConnectedEntity" + } + } + } + } + } + } +}; + +export const BookmarkExpandResponse: msRest.CompositeMapper = { + serializedName: "BookmarkExpandResponse", + type: { + name: "Composite", + className: "BookmarkExpandResponse", + modelProperties: { + metaData: { + serializedName: "metaData", + type: { + name: "Composite", + className: "ExpansionResultsMetadata" + } + }, + value: { + serializedName: "value", + type: { + name: "Composite", + className: "BookmarkExpandResponseValue" + } + } + } + } +}; + +export const SecurityAlertPropertiesConfidenceReasonsItem: msRest.CompositeMapper = { + serializedName: "SecurityAlertProperties_confidenceReasonsItem", + type: { + name: "Composite", + className: "SecurityAlertPropertiesConfidenceReasonsItem", + modelProperties: { + reason: { + readOnly: true, + serializedName: "reason", + type: { + name: "String" + } + }, + reasonType: { + readOnly: true, + serializedName: "reasonType", + type: { + name: "String" + } + } + } + } +}; + +export const ThreatIntelligence: msRest.CompositeMapper = { + serializedName: "ThreatIntelligence", + type: { + name: "Composite", + className: "ThreatIntelligence", + modelProperties: { + confidence: { + readOnly: true, + serializedName: "confidence", + type: { + name: "Number" + } + }, + providerName: { + readOnly: true, + serializedName: "providerName", + type: { + name: "String" + } + }, + reportLink: { + readOnly: true, + serializedName: "reportLink", + type: { + name: "String" + } + }, + threatDescription: { + readOnly: true, + serializedName: "threatDescription", + type: { + name: "String" + } + }, + threatName: { + readOnly: true, + serializedName: "threatName", + type: { + name: "String" + } + }, + threatType: { + readOnly: true, + serializedName: "threatType", + type: { + name: "String" + } + } + } + } +}; + +export const GeoLocation: msRest.CompositeMapper = { + serializedName: "GeoLocation", + type: { + name: "Composite", + className: "GeoLocation", + modelProperties: { + asn: { + readOnly: true, + serializedName: "asn", + type: { + name: "Number" + } + }, + city: { + readOnly: true, + serializedName: "city", + type: { + name: "String" + } + }, + countryCode: { + readOnly: true, + serializedName: "countryCode", + type: { + name: "String" + } + }, + countryName: { + readOnly: true, + serializedName: "countryName", + type: { + name: "String" + } + }, + latitude: { + readOnly: true, + serializedName: "latitude", + type: { + name: "Number" + } + }, + longitude: { + readOnly: true, + serializedName: "longitude", + type: { + name: "Number" + } + }, + state: { + readOnly: true, + serializedName: "state", + type: { + name: "String" + } + } + } + } +}; + +export const EntityCommonProperties: msRest.CompositeMapper = { + serializedName: "EntityCommonProperties", + type: { + name: "Composite", + className: "EntityCommonProperties", + modelProperties: { + additionalData: { + readOnly: true, + serializedName: "additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "friendlyName", + type: { + name: "String" + } + } + } + } +}; + +export const UrlEntity: msRest.CompositeMapper = { + serializedName: "Url", + type: { + name: "Composite", + polymorphicDiscriminator: Entity.type.polymorphicDiscriminator, + uberParent: "Entity", + className: "UrlEntity", + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + url: { + readOnly: true, + serializedName: "properties.url", + type: { + name: "String" + } + } + } + } +}; + +export const SubmissionMailEntity: msRest.CompositeMapper = { + serializedName: "SubmissionMail", + type: { + name: "Composite", + polymorphicDiscriminator: Entity.type.polymorphicDiscriminator, + uberParent: "Entity", + className: "SubmissionMailEntity", + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + networkMessageId: { + readOnly: true, + serializedName: "properties.networkMessageId", + type: { + name: "Uuid" + } + }, + submissionId: { + readOnly: true, + serializedName: "properties.submissionId", + type: { + name: "Uuid" + } + }, + submitter: { + readOnly: true, + serializedName: "properties.submitter", + type: { + name: "String" + } + }, + submissionDate: { + readOnly: true, + serializedName: "properties.submissionDate", + type: { + name: "DateTime" + } + }, + timestamp: { + readOnly: true, + serializedName: "properties.timestamp", + type: { + name: "DateTime" + } + }, + recipient: { + readOnly: true, + serializedName: "properties.recipient", + type: { + name: "String" + } + }, + sender: { + readOnly: true, + serializedName: "properties.sender", + type: { + name: "String" + } + }, + senderIp: { + readOnly: true, + serializedName: "properties.senderIp", + type: { + name: "String" + } + }, + subject: { + readOnly: true, + serializedName: "properties.subject", + type: { + name: "String" + } + }, + reportType: { + readOnly: true, + serializedName: "properties.reportType", + type: { + name: "String" + } + } + } + } +}; + +export const SecurityGroupEntity: msRest.CompositeMapper = { + serializedName: "SecurityGroup", + type: { + name: "Composite", + polymorphicDiscriminator: Entity.type.polymorphicDiscriminator, + uberParent: "Entity", + className: "SecurityGroupEntity", + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + distinguishedName: { + readOnly: true, + serializedName: "properties.distinguishedName", + type: { + name: "String" + } + }, + objectGuid: { + readOnly: true, + serializedName: "properties.objectGuid", + type: { + name: "Uuid" + } + }, + sid: { + readOnly: true, + serializedName: "properties.sid", + type: { + name: "String" + } + } + } + } +}; + +export const SecurityAlert: msRest.CompositeMapper = { + serializedName: "SecurityAlert", + type: { + name: "Composite", + polymorphicDiscriminator: Entity.type.polymorphicDiscriminator, + uberParent: "Entity", + className: "SecurityAlert", + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + alertDisplayName: { + readOnly: true, + serializedName: "properties.alertDisplayName", + type: { + name: "String" + } + }, + alertType: { + readOnly: true, + serializedName: "properties.alertType", + type: { + name: "String" + } + }, + compromisedEntity: { + readOnly: true, + serializedName: "properties.compromisedEntity", + type: { + name: "String" + } + }, + confidenceLevel: { + readOnly: true, + serializedName: "properties.confidenceLevel", + type: { + name: "String" + } + }, + confidenceReasons: { + readOnly: true, + serializedName: "properties.confidenceReasons", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "SecurityAlertPropertiesConfidenceReasonsItem" + } + } + } + }, + confidenceScore: { + readOnly: true, + serializedName: "properties.confidenceScore", + type: { + name: "Number" + } + }, + confidenceScoreStatus: { + readOnly: true, + serializedName: "properties.confidenceScoreStatus", + type: { + name: "String" + } + }, + description: { + readOnly: true, + serializedName: "properties.description", + type: { + name: "String" + } + }, + endTimeUtc: { + readOnly: true, + serializedName: "properties.endTimeUtc", + type: { + name: "DateTime" + } + }, + intent: { + readOnly: true, + serializedName: "properties.intent", + type: { + name: "String" + } + }, + providerAlertId: { + readOnly: true, + serializedName: "properties.providerAlertId", + type: { + name: "String" + } + }, + processingEndTime: { + readOnly: true, + serializedName: "properties.processingEndTime", + type: { + name: "DateTime" + } + }, + productComponentName: { + readOnly: true, + serializedName: "properties.productComponentName", + type: { + name: "String" + } + }, + productName: { + readOnly: true, + serializedName: "properties.productName", + type: { + name: "String" + } + }, + productVersion: { + readOnly: true, + serializedName: "properties.productVersion", + type: { + name: "String" + } + }, + remediationSteps: { + readOnly: true, + serializedName: "properties.remediationSteps", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + severity: { + serializedName: "properties.severity", + type: { + name: "String" + } + }, + startTimeUtc: { + readOnly: true, + serializedName: "properties.startTimeUtc", + type: { + name: "DateTime" + } + }, + status: { + readOnly: true, + serializedName: "properties.status", + type: { + name: "String" + } + }, + systemAlertId: { + readOnly: true, + serializedName: "properties.systemAlertId", + type: { + name: "String" + } + }, + tactics: { + readOnly: true, + serializedName: "properties.tactics", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + timeGenerated: { + readOnly: true, + serializedName: "properties.timeGenerated", + type: { + name: "DateTime" + } + }, + vendorName: { + readOnly: true, + serializedName: "properties.vendorName", + type: { + name: "String" + } + }, + alertLink: { + readOnly: true, + serializedName: "properties.alertLink", + type: { + name: "String" + } + }, + resourceIdentifiers: { + readOnly: true, + serializedName: "properties.resourceIdentifiers", + type: { + name: "Sequence", + element: { + type: { + name: "Object" + } + } + } + } + } + } +}; + +export const RegistryValueEntity: msRest.CompositeMapper = { + serializedName: "RegistryValue", + type: { + name: "Composite", + polymorphicDiscriminator: Entity.type.polymorphicDiscriminator, + uberParent: "Entity", + className: "RegistryValueEntity", + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + keyEntityId: { + readOnly: true, + serializedName: "properties.keyEntityId", + type: { + name: "String" + } + }, + valueData: { + readOnly: true, + serializedName: "properties.valueData", + type: { + name: "String" + } + }, + valueName: { + readOnly: true, + serializedName: "properties.valueName", + type: { + name: "String" + } + }, + valueType: { + readOnly: true, + serializedName: "properties.valueType", + type: { + name: "String" + } + } + } + } +}; + +export const RegistryKeyEntity: msRest.CompositeMapper = { + serializedName: "RegistryKey", + type: { + name: "Composite", + polymorphicDiscriminator: Entity.type.polymorphicDiscriminator, + uberParent: "Entity", + className: "RegistryKeyEntity", + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + hive: { + readOnly: true, + serializedName: "properties.hive", + type: { + name: "String" + } + }, + key: { + readOnly: true, + serializedName: "properties.key", + type: { + name: "String" + } + } + } + } +}; + +export const ProcessEntity: msRest.CompositeMapper = { + serializedName: "Process", + type: { + name: "Composite", + polymorphicDiscriminator: Entity.type.polymorphicDiscriminator, + uberParent: "Entity", + className: "ProcessEntity", + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + accountEntityId: { + readOnly: true, + serializedName: "properties.accountEntityId", + type: { + name: "String" + } + }, + commandLine: { + readOnly: true, + serializedName: "properties.commandLine", + type: { + name: "String" + } + }, + creationTimeUtc: { + readOnly: true, + serializedName: "properties.creationTimeUtc", + type: { + name: "DateTime" + } + }, + elevationToken: { + serializedName: "properties.elevationToken", + type: { + name: "Enum", + allowedValues: [ + "Default", + "Full", + "Limited" + ] + } + }, + hostEntityId: { + readOnly: true, + serializedName: "properties.hostEntityId", + type: { + name: "String" + } + }, + hostLogonSessionEntityId: { + readOnly: true, + serializedName: "properties.hostLogonSessionEntityId", + type: { + name: "String" + } + }, + imageFileEntityId: { + readOnly: true, + serializedName: "properties.imageFileEntityId", + type: { + name: "String" + } + }, + parentProcessEntityId: { + readOnly: true, + serializedName: "properties.parentProcessEntityId", + type: { + name: "String" + } + }, + processId: { + readOnly: true, + serializedName: "properties.processId", + type: { + name: "String" + } + } + } + } +}; + +export const MalwareEntity: msRest.CompositeMapper = { + serializedName: "Malware", + type: { + name: "Composite", + polymorphicDiscriminator: Entity.type.polymorphicDiscriminator, + uberParent: "Entity", + className: "MalwareEntity", + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + category: { + readOnly: true, + serializedName: "properties.category", + type: { + name: "String" + } + }, + fileEntityIds: { + readOnly: true, + serializedName: "properties.fileEntityIds", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + malwareName: { + readOnly: true, + serializedName: "properties.malwareName", + type: { + name: "String" + } + }, + processEntityIds: { + readOnly: true, + serializedName: "properties.processEntityIds", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const MailMessageEntity: msRest.CompositeMapper = { + serializedName: "MailMessage", + type: { + name: "Composite", + polymorphicDiscriminator: Entity.type.polymorphicDiscriminator, + uberParent: "Entity", + className: "MailMessageEntity", + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + fileEntityIds: { + readOnly: true, + serializedName: "properties.fileEntityIds", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + recipient: { + readOnly: true, + serializedName: "properties.recipient", + type: { + name: "String" + } + }, + urls: { + readOnly: true, + serializedName: "properties.urls", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + threats: { + readOnly: true, + serializedName: "properties.threats", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + p1Sender: { + readOnly: true, + serializedName: "properties.p1Sender", + type: { + name: "String" + } + }, + p1SenderDisplayName: { + readOnly: true, + serializedName: "properties.p1SenderDisplayName", + type: { + name: "String" + } + }, + p1SenderDomain: { + readOnly: true, + serializedName: "properties.p1SenderDomain", + type: { + name: "String" + } + }, + senderIP: { + readOnly: true, + serializedName: "properties.senderIP", + type: { + name: "String" + } + }, + p2Sender: { + readOnly: true, + serializedName: "properties.p2Sender", + type: { + name: "String" + } + }, + p2SenderDisplayName: { + readOnly: true, + serializedName: "properties.p2SenderDisplayName", + type: { + name: "String" + } + }, + p2SenderDomain: { + readOnly: true, + serializedName: "properties.p2SenderDomain", + type: { + name: "String" + } + }, + receiveDate: { + readOnly: true, + serializedName: "properties.receiveDate", + type: { + name: "DateTime" + } + }, + networkMessageId: { + readOnly: true, + serializedName: "properties.networkMessageId", + type: { + name: "Uuid" + } + }, + internetMessageId: { + readOnly: true, + serializedName: "properties.internetMessageId", + type: { + name: "String" + } + }, + subject: { + readOnly: true, + serializedName: "properties.subject", + type: { + name: "String" + } + }, + language: { + readOnly: true, + serializedName: "properties.language", + type: { + name: "String" + } + }, + threatDetectionMethods: { + readOnly: true, + serializedName: "properties.threatDetectionMethods", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + bodyFingerprintBin1: { + serializedName: "properties.bodyFingerprintBin1", + type: { + name: "Number" + } + }, + bodyFingerprintBin2: { + serializedName: "properties.bodyFingerprintBin2", + type: { + name: "Number" + } + }, + bodyFingerprintBin3: { + serializedName: "properties.bodyFingerprintBin3", + type: { + name: "Number" + } + }, + bodyFingerprintBin4: { + serializedName: "properties.bodyFingerprintBin4", + type: { + name: "Number" + } + }, + bodyFingerprintBin5: { + serializedName: "properties.bodyFingerprintBin5", + type: { + name: "Number" + } + }, + antispamDirection: { + serializedName: "properties.antispamDirection", + type: { + name: "String" + } + }, + deliveryAction: { + serializedName: "properties.deliveryAction", + type: { + name: "Enum", + allowedValues: [ + "Unknown", + "DeliveredAsSpam", + "Delivered", + "Blocked", + "Replaced" + ] + } + }, + deliveryLocation: { + serializedName: "properties.deliveryLocation", + type: { + name: "Enum", + allowedValues: [ + "Unknown", + "Inbox", + "JunkFolder", + "DeletedFolder", + "Quarantine", + "External", + "Failed", + "Dropped", + "Forwarded" + ] + } + } + } + } +}; + +export const MailClusterEntity: msRest.CompositeMapper = { + serializedName: "MailCluster", + type: { + name: "Composite", + polymorphicDiscriminator: Entity.type.polymorphicDiscriminator, + uberParent: "Entity", + className: "MailClusterEntity", + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + networkMessageIds: { + readOnly: true, + serializedName: "properties.networkMessageIds", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + countByDeliveryStatus: { + readOnly: true, + serializedName: "properties.countByDeliveryStatus", + type: { + name: "Object" + } + }, + countByThreatType: { + readOnly: true, + serializedName: "properties.countByThreatType", + type: { + name: "Object" + } + }, + countByProtectionStatus: { + readOnly: true, + serializedName: "properties.countByProtectionStatus", + type: { + name: "Object" + } + }, + threats: { + readOnly: true, + serializedName: "properties.threats", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + query: { + readOnly: true, + serializedName: "properties.query", + type: { + name: "String" + } + }, + queryTime: { + readOnly: true, + serializedName: "properties.queryTime", + type: { + name: "DateTime" + } + }, + mailCount: { + readOnly: true, + serializedName: "properties.mailCount", + type: { + name: "Number" + } + }, + isVolumeAnomaly: { + readOnly: true, + serializedName: "properties.isVolumeAnomaly", + type: { + name: "Boolean" + } + }, + source: { + readOnly: true, + serializedName: "properties.source", + type: { + name: "String" + } + }, + clusterSourceIdentifier: { + readOnly: true, + serializedName: "properties.clusterSourceIdentifier", + type: { + name: "String" + } + }, + clusterSourceType: { + readOnly: true, + serializedName: "properties.clusterSourceType", + type: { + name: "String" + } + }, + clusterQueryStartTime: { + readOnly: true, + serializedName: "properties.clusterQueryStartTime", + type: { + name: "DateTime" + } + }, + clusterQueryEndTime: { + readOnly: true, + serializedName: "properties.clusterQueryEndTime", + type: { + name: "DateTime" + } + }, + clusterGroup: { + readOnly: true, + serializedName: "properties.clusterGroup", + type: { + name: "String" + } + } + } + } +}; + +export const MailboxEntity: msRest.CompositeMapper = { + serializedName: "Mailbox", + type: { + name: "Composite", + polymorphicDiscriminator: Entity.type.polymorphicDiscriminator, + uberParent: "Entity", + className: "MailboxEntity", + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + mailboxPrimaryAddress: { + readOnly: true, + serializedName: "properties.mailboxPrimaryAddress", + type: { + name: "String" + } + }, + displayName: { + readOnly: true, + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + upn: { + readOnly: true, + serializedName: "properties.upn", + type: { + name: "String" + } + }, + externalDirectoryObjectId: { + readOnly: true, + serializedName: "properties.externalDirectoryObjectId", + type: { + name: "Uuid" + } + } + } + } +}; + +export const IpEntity: msRest.CompositeMapper = { + serializedName: "Ip", + type: { + name: "Composite", + polymorphicDiscriminator: Entity.type.polymorphicDiscriminator, + uberParent: "Entity", + className: "IpEntity", + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + address: { + readOnly: true, + serializedName: "properties.address", + type: { + name: "String" + } + }, + location: { + serializedName: "properties.location", + type: { + name: "Composite", + className: "GeoLocation" + } + }, + threatIntelligence: { + readOnly: true, + serializedName: "properties.threatIntelligence", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ThreatIntelligence" + } + } + } + } + } + } +}; + +export const IoTDeviceEntity: msRest.CompositeMapper = { + serializedName: "IoTDevice", + type: { + name: "Composite", + polymorphicDiscriminator: Entity.type.polymorphicDiscriminator, + uberParent: "Entity", + className: "IoTDeviceEntity", + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + deviceId: { + readOnly: true, + serializedName: "properties.deviceId", + type: { + name: "String" + } + }, + deviceName: { + readOnly: true, + serializedName: "properties.deviceName", + type: { + name: "String" + } + }, + source: { + readOnly: true, + serializedName: "properties.source", + type: { + name: "String" + } + }, + iotSecurityAgentId: { + readOnly: true, + serializedName: "properties.iotSecurityAgentId", + type: { + name: "Uuid" + } + }, + deviceType: { + readOnly: true, + serializedName: "properties.deviceType", + type: { + name: "String" + } + }, + vendor: { + readOnly: true, + serializedName: "properties.vendor", + type: { + name: "String" + } + }, + edgeId: { + readOnly: true, + serializedName: "properties.edgeId", + type: { + name: "String" + } + }, + macAddress: { + readOnly: true, + serializedName: "properties.macAddress", + type: { + name: "String" + } + }, + model: { + readOnly: true, + serializedName: "properties.model", + type: { + name: "String" + } + }, + serialNumber: { + readOnly: true, + serializedName: "properties.serialNumber", + type: { + name: "String" + } + }, + firmwareVersion: { + readOnly: true, + serializedName: "properties.firmwareVersion", + type: { + name: "String" + } + }, + operatingSystem: { + readOnly: true, + serializedName: "properties.operatingSystem", + type: { + name: "String" + } + }, + iotHubEntityId: { + readOnly: true, + serializedName: "properties.iotHubEntityId", + type: { + name: "String" + } + }, + hostEntityId: { + readOnly: true, + serializedName: "properties.hostEntityId", + type: { + name: "String" + } + }, + ipAddressEntityId: { + readOnly: true, + serializedName: "properties.ipAddressEntityId", + type: { + name: "String" + } + }, + threatIntelligence: { + readOnly: true, + serializedName: "properties.threatIntelligence", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ThreatIntelligence" + } + } + } + }, + protocols: { + readOnly: true, + serializedName: "properties.protocols", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const HuntingBookmark: msRest.CompositeMapper = { + serializedName: "Bookmark", + type: { + name: "Composite", + polymorphicDiscriminator: Entity.type.polymorphicDiscriminator, + uberParent: "Entity", + className: "HuntingBookmark", + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + created: { + serializedName: "properties.created", + type: { + name: "DateTime" + } + }, + createdBy: { + serializedName: "properties.createdBy", + type: { + name: "Composite", + className: "UserInfo" + } + }, + displayName: { + required: true, + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + eventTime: { + serializedName: "properties.eventTime", + type: { + name: "DateTime" + } + }, + labels: { + serializedName: "properties.labels", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + notes: { + serializedName: "properties.notes", + type: { + name: "String" + } + }, + query: { + required: true, + serializedName: "properties.query", + type: { + name: "String" + } + }, + queryResult: { + serializedName: "properties.queryResult", + type: { + name: "String" + } + }, + updated: { + serializedName: "properties.updated", + type: { + name: "DateTime" + } + }, + updatedBy: { + serializedName: "properties.updatedBy", + type: { + name: "Composite", + className: "UserInfo" + } + }, + incidentInfo: { + serializedName: "properties.incidentInfo", + type: { + name: "Composite", + className: "IncidentInfo" + } + } + } + } +}; + +export const HostEntity: msRest.CompositeMapper = { + serializedName: "Host", + type: { + name: "Composite", + polymorphicDiscriminator: Entity.type.polymorphicDiscriminator, + uberParent: "Entity", + className: "HostEntity", + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + azureID: { + readOnly: true, + serializedName: "properties.azureID", + type: { + name: "String" + } + }, + dnsDomain: { + readOnly: true, + serializedName: "properties.dnsDomain", + type: { + name: "String" + } + }, + hostName: { + readOnly: true, + serializedName: "properties.hostName", + type: { + name: "String" + } + }, + isDomainJoined: { + readOnly: true, + serializedName: "properties.isDomainJoined", + type: { + name: "Boolean" + } + }, + netBiosName: { + readOnly: true, + serializedName: "properties.netBiosName", + type: { + name: "String" + } + }, + ntDomain: { + readOnly: true, + serializedName: "properties.ntDomain", + type: { + name: "String" + } + }, + omsAgentID: { + readOnly: true, + serializedName: "properties.omsAgentID", + type: { + name: "String" + } + }, + osFamily: { + serializedName: "properties.osFamily", + type: { + name: "Enum", + allowedValues: [ + "Linux", + "Windows", + "Android", + "IOS", + "Unknown" + ] + } + }, + osVersion: { + readOnly: true, + serializedName: "properties.osVersion", + type: { + name: "String" + } + } + } + } +}; + +export const FileHashEntity: msRest.CompositeMapper = { + serializedName: "FileHash", + type: { + name: "Composite", + polymorphicDiscriminator: Entity.type.polymorphicDiscriminator, + uberParent: "Entity", + className: "FileHashEntity", + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + algorithm: { + readOnly: true, + serializedName: "properties.algorithm", + type: { + name: "String" + } + }, + hashValue: { + readOnly: true, + serializedName: "properties.hashValue", + type: { + name: "String" + } + } + } + } +}; + +export const FileEntity: msRest.CompositeMapper = { + serializedName: "File", + type: { + name: "Composite", + polymorphicDiscriminator: Entity.type.polymorphicDiscriminator, + uberParent: "Entity", + className: "FileEntity", + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + directory: { + readOnly: true, + serializedName: "properties.directory", + type: { + name: "String" + } + }, + fileHashEntityIds: { + readOnly: true, + serializedName: "properties.fileHashEntityIds", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + fileName: { + readOnly: true, + serializedName: "properties.fileName", + type: { + name: "String" + } + }, + hostEntityId: { + readOnly: true, + serializedName: "properties.hostEntityId", + type: { + name: "String" + } + } + } + } +}; + +export const DnsEntity: msRest.CompositeMapper = { + serializedName: "DnsResolution", + type: { + name: "Composite", + polymorphicDiscriminator: Entity.type.polymorphicDiscriminator, + uberParent: "Entity", + className: "DnsEntity", + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + dnsServerIpEntityId: { + readOnly: true, + serializedName: "properties.dnsServerIpEntityId", + type: { + name: "String" + } + }, + domainName: { + readOnly: true, + serializedName: "properties.domainName", + type: { + name: "String" + } + }, + hostIpAddressEntityId: { + readOnly: true, + serializedName: "properties.hostIpAddressEntityId", + type: { + name: "String" + } + }, + ipAddressEntityIds: { + readOnly: true, + serializedName: "properties.ipAddressEntityIds", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const CloudApplicationEntity: msRest.CompositeMapper = { + serializedName: "CloudApplication", + type: { + name: "Composite", + polymorphicDiscriminator: Entity.type.polymorphicDiscriminator, + uberParent: "Entity", + className: "CloudApplicationEntity", + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + appId: { + readOnly: true, + serializedName: "properties.appId", + type: { + name: "Number" + } + }, + appName: { + readOnly: true, + serializedName: "properties.appName", + type: { + name: "String" + } + }, + instanceName: { + readOnly: true, + serializedName: "properties.instanceName", + type: { + name: "String" + } + } + } + } +}; + +export const AzureResourceEntity: msRest.CompositeMapper = { + serializedName: "AzureResource", + type: { + name: "Composite", + polymorphicDiscriminator: Entity.type.polymorphicDiscriminator, + uberParent: "Entity", + className: "AzureResourceEntity", + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + resourceId: { + readOnly: true, + serializedName: "properties.resourceId", + type: { + name: "String" + } + }, + subscriptionId: { + readOnly: true, + serializedName: "properties.subscriptionId", + type: { + name: "String" + } + } + } + } +}; + +export const AccountEntity: msRest.CompositeMapper = { + serializedName: "Account", + type: { + name: "Composite", + polymorphicDiscriminator: Entity.type.polymorphicDiscriminator, + uberParent: "Entity", + className: "AccountEntity", + modelProperties: { + ...Entity.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + aadTenantId: { + readOnly: true, + serializedName: "properties.aadTenantId", + type: { + name: "String" + } + }, + aadUserId: { + readOnly: true, + serializedName: "properties.aadUserId", + type: { + name: "String" + } + }, + accountName: { + readOnly: true, + serializedName: "properties.accountName", + type: { + name: "String" + } + }, + displayName: { + readOnly: true, + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + hostEntityId: { + readOnly: true, + serializedName: "properties.hostEntityId", + type: { + name: "String" + } + }, + isDomainJoined: { + readOnly: true, + serializedName: "properties.isDomainJoined", + type: { + name: "Boolean" + } + }, + ntDomain: { + readOnly: true, + serializedName: "properties.ntDomain", + type: { + name: "String" + } + }, + objectGuid: { + readOnly: true, + serializedName: "properties.objectGuid", + type: { + name: "Uuid" + } + }, + puid: { + readOnly: true, + serializedName: "properties.puid", + type: { + name: "String" + } + }, + sid: { + readOnly: true, + serializedName: "properties.sid", + type: { + name: "String" + } + }, + upnSuffix: { + readOnly: true, + serializedName: "properties.upnSuffix", + type: { + name: "String" + } + }, + dnsDomain: { + readOnly: true, + serializedName: "properties.dnsDomain", + type: { + name: "String" + } + } + } + } +}; + +export const Relation: msRest.CompositeMapper = { + serializedName: "Relation", + type: { + name: "Composite", + className: "Relation", + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + relatedResourceId: { + required: true, + serializedName: "properties.relatedResourceId", + type: { + name: "String" + } + }, + relatedResourceName: { + readOnly: true, + serializedName: "properties.relatedResourceName", + type: { + name: "String" + } + }, + relatedResourceType: { + readOnly: true, + serializedName: "properties.relatedResourceType", + type: { + name: "String" + } + }, + relatedResourceKind: { + readOnly: true, + serializedName: "properties.relatedResourceKind", + type: { + name: "String" + } + } + } + } +}; + +export const EnrichmentDomainWhoisRegistrarDetails: msRest.CompositeMapper = { + serializedName: "EnrichmentDomainWhoisRegistrarDetails", + type: { + name: "Composite", + className: "EnrichmentDomainWhoisRegistrarDetails", + modelProperties: { + name: { + serializedName: "name", + type: { + name: "String" + } + }, + abuseContactEmail: { + serializedName: "abuseContactEmail", + type: { + name: "String" + } + }, + abuseContactPhone: { + serializedName: "abuseContactPhone", + type: { + name: "String" + } + }, + ianaId: { + serializedName: "ianaId", + type: { + name: "String" + } + }, + url: { + serializedName: "url", + type: { + name: "String" + } + }, + whoisServer: { + serializedName: "whoisServer", + type: { + name: "String" + } + } + } + } +}; + +export const EnrichmentDomainWhoisContact: msRest.CompositeMapper = { + serializedName: "EnrichmentDomainWhoisContact", + type: { + name: "Composite", + className: "EnrichmentDomainWhoisContact", + modelProperties: { + name: { + serializedName: "name", + type: { + name: "String" + } + }, + org: { + serializedName: "org", + type: { + name: "String" + } + }, + street: { + serializedName: "street", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + city: { + serializedName: "city", + type: { + name: "String" + } + }, + state: { + serializedName: "state", + type: { + name: "String" + } + }, + postal: { + serializedName: "postal", + type: { + name: "String" + } + }, + country: { + serializedName: "country", + type: { + name: "String" + } + }, + phone: { + serializedName: "phone", + type: { + name: "String" + } + }, + fax: { + serializedName: "fax", + type: { + name: "String" + } + }, + email: { + serializedName: "email", + type: { + name: "String" + } + } + } + } +}; + +export const EnrichmentDomainWhoisContacts: msRest.CompositeMapper = { + serializedName: "EnrichmentDomainWhoisContacts", + type: { + name: "Composite", + className: "EnrichmentDomainWhoisContacts", + modelProperties: { + admin: { + serializedName: "admin", + type: { + name: "Composite", + className: "EnrichmentDomainWhoisContact" + } + }, + billing: { + serializedName: "billing", + type: { + name: "Composite", + className: "EnrichmentDomainWhoisContact" + } + }, + registrant: { + serializedName: "registrant", + type: { + name: "Composite", + className: "EnrichmentDomainWhoisContact" + } + }, + tech: { + serializedName: "tech", + type: { + name: "Composite", + className: "EnrichmentDomainWhoisContact" + } + } + } + } +}; + +export const EnrichmentDomainWhoisDetails: msRest.CompositeMapper = { + serializedName: "EnrichmentDomainWhoisDetails", + type: { + name: "Composite", + className: "EnrichmentDomainWhoisDetails", + modelProperties: { + registrar: { + serializedName: "registrar", + type: { + name: "Composite", + className: "EnrichmentDomainWhoisRegistrarDetails" + } + }, + contacts: { + serializedName: "contacts", + type: { + name: "Composite", + className: "EnrichmentDomainWhoisContacts" + } + }, + nameServers: { + serializedName: "nameServers", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + statuses: { + serializedName: "statuses", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const EnrichmentDomainWhois: msRest.CompositeMapper = { + serializedName: "EnrichmentDomainWhois", + type: { + name: "Composite", + className: "EnrichmentDomainWhois", + modelProperties: { + domain: { + serializedName: "domain", + type: { + name: "String" + } + }, + server: { + serializedName: "server", + type: { + name: "String" + } + }, + created: { + serializedName: "created", + type: { + name: "DateTime" + } + }, + updated: { + serializedName: "updated", + type: { + name: "DateTime" + } + }, + expires: { + serializedName: "expires", + type: { + name: "DateTime" + } + }, + parsedWhois: { + serializedName: "parsedWhois", + type: { + name: "Composite", + className: "EnrichmentDomainWhoisDetails" + } + } + } + } +}; + +export const EnrichmentIpGeodata: msRest.CompositeMapper = { + serializedName: "EnrichmentIpGeodata", + type: { + name: "Composite", + className: "EnrichmentIpGeodata", + modelProperties: { + asn: { + serializedName: "asn", + type: { + name: "String" + } + }, + carrier: { + serializedName: "carrier", + type: { + name: "String" + } + }, + city: { + serializedName: "city", + type: { + name: "String" + } + }, + cityCf: { + serializedName: "cityCf", + type: { + name: "Number" + } + }, + continent: { + serializedName: "continent", + type: { + name: "String" + } + }, + country: { + serializedName: "country", + type: { + name: "String" + } + }, + countryCf: { + serializedName: "countryCf", + type: { + name: "Number" + } + }, + ipAddr: { + serializedName: "ipAddr", + type: { + name: "String" + } + }, + ipRoutingType: { + serializedName: "ipRoutingType", + type: { + name: "String" + } + }, + latitude: { + serializedName: "latitude", + type: { + name: "String" + } + }, + longitude: { + serializedName: "longitude", + type: { + name: "String" + } + }, + organization: { + serializedName: "organization", + type: { + name: "String" + } + }, + organizationType: { + serializedName: "organizationType", + type: { + name: "String" + } + }, + region: { + serializedName: "region", + type: { + name: "String" + } + }, + state: { + serializedName: "state", + type: { + name: "String" + } + }, + stateCf: { + serializedName: "stateCf", + type: { + name: "Number" + } + }, + stateCode: { + serializedName: "stateCode", + type: { + name: "String" + } + } + } + } +}; + +export const EntityQuery: msRest.CompositeMapper = { + serializedName: "EntityQuery", + type: { + name: "Composite", + polymorphicDiscriminator: { + serializedName: "kind", + clientName: "kind" + }, + uberParent: "EntityQuery", + className: "EntityQuery", + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + kind: { + required: true, + serializedName: "kind", + type: { + name: "String" + } + } + } + } +}; + +export const CustomEntityQuery: msRest.CompositeMapper = { + serializedName: "CustomEntityQuery", + type: { + name: "Composite", + polymorphicDiscriminator: { + serializedName: "kind", + clientName: "kind" + }, + uberParent: "CustomEntityQuery", + className: "CustomEntityQuery", + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + kind: { + required: true, + serializedName: "kind", + type: { + name: "String" + } + } + } + } +}; + +export const ExpansionEntityQuery: msRest.CompositeMapper = { + serializedName: "Expansion", + type: { + name: "Composite", + polymorphicDiscriminator: EntityQuery.type.polymorphicDiscriminator, + uberParent: "EntityQuery", + className: "ExpansionEntityQuery", + modelProperties: { + ...EntityQuery.type.modelProperties, + dataSources: { + serializedName: "properties.dataSources", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + displayName: { + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + inputEntityType: { + serializedName: "properties.inputEntityType", + type: { + name: "String" + } + }, + inputFields: { + serializedName: "properties.inputFields", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + outputEntityTypes: { + serializedName: "properties.outputEntityTypes", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + queryTemplate: { + serializedName: "properties.queryTemplate", + type: { + name: "String" + } + } + } + } +}; + +export const ActivityEntityQueriesPropertiesQueryDefinitions: msRest.CompositeMapper = { + serializedName: "ActivityEntityQueriesProperties_queryDefinitions", + type: { + name: "Composite", + className: "ActivityEntityQueriesPropertiesQueryDefinitions", + modelProperties: { + query: { + serializedName: "query", + type: { + name: "String" + } + } + } + } +}; + +export const ActivityEntityQuery: msRest.CompositeMapper = { + serializedName: "Activity", + type: { + name: "Composite", + polymorphicDiscriminator: EntityQuery.type.polymorphicDiscriminator, + uberParent: "EntityQuery", + className: "ActivityEntityQuery", + modelProperties: { + ...EntityQuery.type.modelProperties, + title: { + serializedName: "properties.title", + type: { + name: "String" + } + }, + content: { + serializedName: "properties.content", + type: { + name: "String" + } + }, + description: { + serializedName: "properties.description", + type: { + name: "String" + } + }, + queryDefinitions: { + serializedName: "properties.queryDefinitions", + type: { + name: "Composite", + className: "ActivityEntityQueriesPropertiesQueryDefinitions" + } + }, + inputEntityType: { + serializedName: "properties.inputEntityType", + type: { + name: "String" + } + }, + requiredInputFieldsSets: { + serializedName: "properties.requiredInputFieldsSets", + type: { + name: "Sequence", + element: { + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + }, + entitiesFilter: { + serializedName: "properties.entitiesFilter", + type: { + name: "Dictionary", + value: { + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + }, + templateName: { + serializedName: "properties.templateName", + type: { + name: "String" + } + }, + enabled: { + serializedName: "properties.enabled", + type: { + name: "Boolean" + } + }, + createdTimeUtc: { + readOnly: true, + serializedName: "properties.createdTimeUtc", + type: { + name: "DateTime" + } + }, + lastModifiedTimeUtc: { + readOnly: true, + serializedName: "properties.lastModifiedTimeUtc", + type: { + name: "DateTime" + } + } + } + } +}; + +export const ActivityCustomEntityQuery: msRest.CompositeMapper = { + serializedName: "Activity", + type: { + name: "Composite", + polymorphicDiscriminator: CustomEntityQuery.type.polymorphicDiscriminator, + uberParent: "CustomEntityQuery", + className: "ActivityCustomEntityQuery", + modelProperties: { + ...CustomEntityQuery.type.modelProperties, + title: { + serializedName: "properties.title", + type: { + name: "String" + } + }, + content: { + serializedName: "properties.content", + type: { + name: "String" + } + }, + description: { + serializedName: "properties.description", + type: { + name: "String" + } + }, + queryDefinitions: { + serializedName: "properties.queryDefinitions", + type: { + name: "Composite", + className: "ActivityEntityQueriesPropertiesQueryDefinitions" + } + }, + inputEntityType: { + serializedName: "properties.inputEntityType", + type: { + name: "String" + } + }, + requiredInputFieldsSets: { + serializedName: "properties.requiredInputFieldsSets", + type: { + name: "Sequence", + element: { + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + }, + entitiesFilter: { + serializedName: "properties.entitiesFilter", + type: { + name: "Dictionary", + value: { + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + }, + templateName: { + serializedName: "properties.templateName", + type: { + name: "String" + } + }, + enabled: { + serializedName: "properties.enabled", + type: { + name: "Boolean" + } + }, + createdTimeUtc: { + readOnly: true, + serializedName: "properties.createdTimeUtc", + type: { + name: "DateTime" + } + }, + lastModifiedTimeUtc: { + readOnly: true, + serializedName: "properties.lastModifiedTimeUtc", + type: { + name: "DateTime" + } + } + } + } +}; + +export const EntityTimelineItem: msRest.CompositeMapper = { + serializedName: "EntityTimelineItem", + type: { + name: "Composite", + polymorphicDiscriminator: { + serializedName: "kind", + clientName: "kind" + }, + uberParent: "EntityTimelineItem", + className: "EntityTimelineItem", + modelProperties: { + kind: { + required: true, + serializedName: "kind", + type: { + name: "String" + } + } + } + } +}; + +export const ActivityTimelineItem: msRest.CompositeMapper = { + serializedName: "Activity", + type: { + name: "Composite", + polymorphicDiscriminator: EntityTimelineItem.type.polymorphicDiscriminator, + uberParent: "EntityTimelineItem", + className: "ActivityTimelineItem", + modelProperties: { + ...EntityTimelineItem.type.modelProperties, + queryId: { + required: true, + serializedName: "queryId", + type: { + name: "String" + } + }, + bucketStartTimeUTC: { + required: true, + serializedName: "bucketStartTimeUTC", + type: { + name: "DateTime" + } + }, + bucketEndTimeUTC: { + required: true, + serializedName: "bucketEndTimeUTC", + type: { + name: "DateTime" + } + }, + firstActivityTimeUTC: { + required: true, + serializedName: "firstActivityTimeUTC", + type: { + name: "DateTime" + } + }, + lastActivityTimeUTC: { + required: true, + serializedName: "lastActivityTimeUTC", + type: { + name: "DateTime" + } + }, + content: { + required: true, + serializedName: "content", + type: { + name: "String" + } + }, + title: { + required: true, + serializedName: "title", + type: { + name: "String" + } + } + } + } +}; + +export const BookmarkTimelineItem: msRest.CompositeMapper = { + serializedName: "Bookmark", + type: { + name: "Composite", + polymorphicDiscriminator: EntityTimelineItem.type.polymorphicDiscriminator, + uberParent: "EntityTimelineItem", + className: "BookmarkTimelineItem", + modelProperties: { + ...EntityTimelineItem.type.modelProperties, + azureResourceId: { + required: true, + serializedName: "azureResourceId", + type: { + name: "String" + } + }, + displayName: { + serializedName: "displayName", + type: { + name: "String" + } + }, + notes: { + serializedName: "notes", + type: { + name: "String" + } + }, + endTimeUtc: { + serializedName: "endTimeUtc", + type: { + name: "DateTime" + } + }, + startTimeUtc: { + serializedName: "startTimeUtc", + type: { + name: "DateTime" + } + }, + eventTime: { + serializedName: "eventTime", + type: { + name: "DateTime" + } + }, + createdBy: { + serializedName: "createdBy", + type: { + name: "Composite", + className: "UserInfo" + } + }, + labels: { + serializedName: "labels", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const EntityGetInsightsParameters: msRest.CompositeMapper = { + serializedName: "EntityGetInsightsParameters", + type: { + name: "Composite", + className: "EntityGetInsightsParameters", + modelProperties: { + startTime: { + required: true, + serializedName: "startTime", + type: { + name: "DateTime" + } + }, + endTime: { + required: true, + serializedName: "endTime", + type: { + name: "DateTime" + } + }, + addDefaultExtendedTimeRange: { + serializedName: "addDefaultExtendedTimeRange", + type: { + name: "Boolean" + } + }, + insightQueryIds: { + serializedName: "insightQueryIds", + type: { + name: "Sequence", + element: { + type: { + name: "Uuid" + } + } + } + } + } + } +}; + +export const GetInsightsError: msRest.CompositeMapper = { + serializedName: "GetInsightsError", + type: { + name: "Composite", + className: "GetInsightsError", + modelProperties: { + kind: { + required: true, + isConstant: true, + serializedName: "kind", + defaultValue: 'Insight', + type: { + name: "String" + } + }, + queryId: { + serializedName: "queryId", + type: { + name: "String" + } + }, + errorMessage: { + required: true, + serializedName: "errorMessage", + type: { + name: "String" + } + } + } + } +}; + +export const GetInsightsResultsMetadata: msRest.CompositeMapper = { + serializedName: "GetInsightsResultsMetadata", + type: { + name: "Composite", + className: "GetInsightsResultsMetadata", + modelProperties: { + totalCount: { + required: true, + serializedName: "totalCount", + type: { + name: "Number" + } + }, + errors: { + serializedName: "errors", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "GetInsightsError" + } + } + } + } + } + } +}; + +export const EntityInsightItemQueryTimeInterval: msRest.CompositeMapper = { + serializedName: "EntityInsightItem_queryTimeInterval", + type: { + name: "Composite", + className: "EntityInsightItemQueryTimeInterval", + modelProperties: { + startTime: { + serializedName: "startTime", + type: { + name: "DateTime" + } + }, + endTime: { + serializedName: "endTime", + type: { + name: "DateTime" + } + } + } + } +}; + +export const InsightsTableResultColumnsItem: msRest.CompositeMapper = { + serializedName: "InsightsTableResult_columnsItem", + type: { + name: "Composite", + className: "InsightsTableResultColumnsItem", + modelProperties: { + type: { + serializedName: "type", + type: { + name: "String" + } + }, + name: { + serializedName: "name", + type: { + name: "String" + } + } + } + } +}; + +export const InsightsTableResult: msRest.CompositeMapper = { + serializedName: "InsightsTableResult", + type: { + name: "Composite", + className: "InsightsTableResult", + modelProperties: { + columns: { + serializedName: "columns", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "InsightsTableResultColumnsItem" + } + } + } + }, + rows: { + serializedName: "rows", + type: { + name: "Sequence", + element: { + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } + } + } +}; + +export const EntityInsightItem: msRest.CompositeMapper = { + serializedName: "EntityInsightItem", + type: { + name: "Composite", + className: "EntityInsightItem", + modelProperties: { + queryId: { + serializedName: "queryId", + type: { + name: "String" + } + }, + queryTimeInterval: { + serializedName: "queryTimeInterval", + type: { + name: "Composite", + className: "EntityInsightItemQueryTimeInterval" + } + }, + tableQueryResults: { + serializedName: "tableQueryResults", + type: { + name: "Composite", + className: "InsightsTableResult" + } + }, + chartQueryResults: { + serializedName: "chartQueryResults", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "InsightsTableResult" + } + } + } + } + } + } +}; + +export const EntityGetInsightsResponse: msRest.CompositeMapper = { + serializedName: "EntityGetInsightsResponse", + type: { + name: "Composite", + className: "EntityGetInsightsResponse", + modelProperties: { + metaData: { + serializedName: "metaData", + type: { + name: "Composite", + className: "GetInsightsResultsMetadata" + } + }, + value: { + serializedName: "value", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "EntityInsightItem" + } + } + } + } + } + } +}; + +export const EntityEdges: msRest.CompositeMapper = { + serializedName: "EntityEdges", + type: { + name: "Composite", + className: "EntityEdges", + modelProperties: { + targetEntityId: { + serializedName: "targetEntityId", + type: { + name: "String" + } + }, + additionalData: { + serializedName: "additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + } + } + } +}; + +export const EntityExpandParameters: msRest.CompositeMapper = { + serializedName: "EntityExpandParameters", + type: { + name: "Composite", + className: "EntityExpandParameters", + modelProperties: { + endTime: { + serializedName: "endTime", + type: { + name: "DateTime" + } + }, + expansionId: { + serializedName: "expansionId", + type: { + name: "Uuid" + } + }, + startTime: { + serializedName: "startTime", + type: { + name: "DateTime" + } + } + } + } +}; + +export const EntityExpandResponseValue: msRest.CompositeMapper = { + serializedName: "EntityExpandResponse_value", + type: { + name: "Composite", + className: "EntityExpandResponseValue", + modelProperties: { + entities: { + serializedName: "entities", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "Entity" + } + } + } + }, + edges: { + serializedName: "edges", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "EntityEdges" + } + } + } + } + } + } +}; + +export const EntityExpandResponse: msRest.CompositeMapper = { + serializedName: "EntityExpandResponse", + type: { + name: "Composite", + className: "EntityExpandResponse", + modelProperties: { + metaData: { + serializedName: "metaData", + type: { + name: "Composite", + className: "ExpansionResultsMetadata" + } + }, + value: { + serializedName: "value", + type: { + name: "Composite", + className: "EntityExpandResponseValue" + } + } + } + } +}; + +export const TimelineAggregation: msRest.CompositeMapper = { + serializedName: "TimelineAggregation", + type: { + name: "Composite", + className: "TimelineAggregation", + modelProperties: { + count: { + required: true, + serializedName: "count", + type: { + name: "Number" + } + }, + kind: { + required: true, + serializedName: "kind", + type: { + name: "String" + } + } + } + } +}; + +export const TimelineError: msRest.CompositeMapper = { + serializedName: "TimelineError", + type: { + name: "Composite", + className: "TimelineError", + modelProperties: { + kind: { + required: true, + serializedName: "kind", + type: { + name: "String" + } + }, + queryId: { + serializedName: "queryId", + type: { + name: "String" + } + }, + errorMessage: { + required: true, + serializedName: "errorMessage", + type: { + name: "String" + } + } + } + } +}; + +export const TimelineResultsMetadata: msRest.CompositeMapper = { + serializedName: "TimelineResultsMetadata", + type: { + name: "Composite", + className: "TimelineResultsMetadata", + modelProperties: { + totalCount: { + required: true, + serializedName: "totalCount", + type: { + name: "Number" + } + }, + aggregations: { + required: true, + serializedName: "aggregations", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "TimelineAggregation" + } + } + } + }, + errors: { + serializedName: "errors", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "TimelineError" + } + } + } + } + } + } +}; + +export const EntityTimelineResponse: msRest.CompositeMapper = { + serializedName: "EntityTimelineResponse", + type: { + name: "Composite", + className: "EntityTimelineResponse", + modelProperties: { + metaData: { + serializedName: "metaData", + type: { + name: "Composite", + className: "TimelineResultsMetadata" + } + }, + value: { + serializedName: "value", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "EntityTimelineItem" + } + } + } + } + } + } +}; + +export const EntityTimelineParameters: msRest.CompositeMapper = { + serializedName: "EntityTimelineParameters", + type: { + name: "Composite", + className: "EntityTimelineParameters", + modelProperties: { + kinds: { + serializedName: "kinds", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + startTime: { + required: true, + serializedName: "startTime", + type: { + name: "DateTime" + } + }, + endTime: { + required: true, + serializedName: "endTime", + type: { + name: "DateTime" + } + }, + numberOfBucket: { + serializedName: "numberOfBucket", + type: { + name: "Number" + } + } + } + } +}; + +export const EntityQueryItem: msRest.CompositeMapper = { + serializedName: "EntityQueryItem", + type: { + name: "Composite", + polymorphicDiscriminator: { + serializedName: "kind", + clientName: "kind" + }, + uberParent: "EntityQueryItem", + className: "EntityQueryItem", + modelProperties: { + id: { + readOnly: true, + serializedName: "id", + type: { + name: "String" + } + }, + name: { + serializedName: "name", + type: { + name: "String" + } + }, + type: { + serializedName: "type", + type: { + name: "String" + } + }, + kind: { + required: true, + serializedName: "kind", + type: { + name: "String" + } + } + } + } +}; + +export const EntityQueryItemPropertiesDataTypesItem: msRest.CompositeMapper = { + serializedName: "EntityQueryItemProperties_dataTypesItem", + type: { + name: "Composite", + className: "EntityQueryItemPropertiesDataTypesItem", + modelProperties: { + dataType: { + serializedName: "dataType", + type: { + name: "String" + } + } + } + } +}; + +export const EntityQueryItemProperties: msRest.CompositeMapper = { + serializedName: "EntityQueryItemProperties", + type: { + name: "Composite", + className: "EntityQueryItemProperties", + modelProperties: { + dataTypes: { + serializedName: "dataTypes", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "EntityQueryItemPropertiesDataTypesItem" + } + } + } + }, + inputEntityType: { + serializedName: "inputEntityType", + type: { + name: "String" + } + }, + requiredInputFieldsSets: { + serializedName: "requiredInputFieldsSets", + type: { + name: "Sequence", + element: { + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + }, + entitiesFilter: { + serializedName: "entitiesFilter", + type: { + name: "Object" + } + } + } + } +}; + +export const InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem: msRest.CompositeMapper = { + serializedName: "InsightQueryItemProperties_tableQuery_columnsDefinitionsItem", + type: { + name: "Composite", + className: "InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem", + modelProperties: { + header: { + serializedName: "header", + type: { + name: "String" + } + }, + outputType: { + serializedName: "outputType", + type: { + name: "String" + } + }, + supportDeepLink: { + serializedName: "supportDeepLink", + type: { + name: "Boolean" + } + } + } + } +}; + +export const InsightQueryItemPropertiesTableQueryQueriesDefinitionsItemLinkColumnsDefinitionsItem: msRest.CompositeMapper = { + serializedName: "InsightQueryItemProperties_tableQuery_queriesDefinitionsItem_linkColumnsDefinitionsItem", + type: { + name: "Composite", + className: "InsightQueryItemPropertiesTableQueryQueriesDefinitionsItemLinkColumnsDefinitionsItem", + modelProperties: { + projectedName: { + serializedName: "projectedName", + type: { + name: "String" + } + }, + query: { + serializedName: "Query", + type: { + name: "String" + } + } + } + } +}; + +export const InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem: msRest.CompositeMapper = { + serializedName: "InsightQueryItemProperties_tableQuery_queriesDefinitionsItem", + type: { + name: "Composite", + className: "InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem", + modelProperties: { + filter: { + serializedName: "filter", + type: { + name: "String" + } + }, + summarize: { + serializedName: "summarize", + type: { + name: "String" + } + }, + project: { + serializedName: "project", + type: { + name: "String" + } + }, + linkColumnsDefinitions: { + serializedName: "linkColumnsDefinitions", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "InsightQueryItemPropertiesTableQueryQueriesDefinitionsItemLinkColumnsDefinitionsItem" + } + } + } + } + } + } +}; + +export const InsightQueryItemPropertiesTableQuery: msRest.CompositeMapper = { + serializedName: "InsightQueryItemProperties_tableQuery", + type: { + name: "Composite", + className: "InsightQueryItemPropertiesTableQuery", + modelProperties: { + columnsDefinitions: { + serializedName: "columnsDefinitions", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem" + } + } + } + }, + queriesDefinitions: { + serializedName: "queriesDefinitions", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem" + } + } + } + } + } + } +}; + +export const InsightQueryItemPropertiesAdditionalQuery: msRest.CompositeMapper = { + serializedName: "InsightQueryItemProperties_additionalQuery", + type: { + name: "Composite", + className: "InsightQueryItemPropertiesAdditionalQuery", + modelProperties: { + query: { + serializedName: "query", + type: { + name: "String" + } + }, + text: { + serializedName: "text", + type: { + name: "String" + } + } + } + } +}; + +export const InsightQueryItemPropertiesDefaultTimeRange: msRest.CompositeMapper = { + serializedName: "InsightQueryItemProperties_defaultTimeRange", + type: { + name: "Composite", + className: "InsightQueryItemPropertiesDefaultTimeRange", + modelProperties: { + beforeRange: { + serializedName: "beforeRange", + type: { + name: "String" + } + }, + afterRange: { + serializedName: "afterRange", + type: { + name: "String" + } + } + } + } +}; + +export const InsightQueryItemPropertiesReferenceTimeRange: msRest.CompositeMapper = { + serializedName: "InsightQueryItemProperties_referenceTimeRange", + type: { + name: "Composite", + className: "InsightQueryItemPropertiesReferenceTimeRange", + modelProperties: { + beforeRange: { + serializedName: "beforeRange", + type: { + name: "String" + } + } + } + } +}; + +export const InsightQueryItemProperties: msRest.CompositeMapper = { + serializedName: "Insight", + type: { + name: "Composite", + className: "InsightQueryItemProperties", + modelProperties: { + ...EntityQueryItemProperties.type.modelProperties, + displayName: { + serializedName: "displayName", + type: { + name: "String" + } + }, + description: { + serializedName: "description", + type: { + name: "String" + } + }, + baseQuery: { + serializedName: "baseQuery", + type: { + name: "String" + } + }, + tableQuery: { + serializedName: "tableQuery", + type: { + name: "Composite", + className: "InsightQueryItemPropertiesTableQuery" + } + }, + chartQuery: { + serializedName: "chartQuery", + type: { + name: "Object" + } + }, + additionalQuery: { + serializedName: "additionalQuery", + type: { + name: "Composite", + className: "InsightQueryItemPropertiesAdditionalQuery" + } + }, + defaultTimeRange: { + serializedName: "defaultTimeRange", + type: { + name: "Composite", + className: "InsightQueryItemPropertiesDefaultTimeRange" + } + }, + referenceTimeRange: { + serializedName: "referenceTimeRange", + type: { + name: "Composite", + className: "InsightQueryItemPropertiesReferenceTimeRange" + } + } + } + } +}; + +export const InsightQueryItem: msRest.CompositeMapper = { + serializedName: "Insight", + type: { + name: "Composite", + polymorphicDiscriminator: EntityQueryItem.type.polymorphicDiscriminator, + uberParent: "EntityQueryItem", + className: "InsightQueryItem", + modelProperties: { + ...EntityQueryItem.type.modelProperties, + properties: { + serializedName: "properties", + type: { + name: "Composite", + className: "InsightQueryItemProperties" + } + } + } + } +}; + +export const GetQueriesResponse: msRest.CompositeMapper = { + serializedName: "GetQueriesResponse", + type: { + name: "Composite", + className: "GetQueriesResponse", + modelProperties: { + value: { + serializedName: "value", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "EntityQueryItem" + } + } + } + } + } + } +}; + +export const SecurityAlertTimelineItem: msRest.CompositeMapper = { + serializedName: "SecurityAlert", + type: { + name: "Composite", + polymorphicDiscriminator: EntityTimelineItem.type.polymorphicDiscriminator, + uberParent: "EntityTimelineItem", + className: "SecurityAlertTimelineItem", + modelProperties: { + ...EntityTimelineItem.type.modelProperties, + azureResourceId: { + required: true, + serializedName: "azureResourceId", + type: { + name: "String" + } + }, + productName: { + serializedName: "productName", + type: { + name: "String" + } + }, + description: { + serializedName: "description", + type: { + name: "String" + } + }, + displayName: { + required: true, + serializedName: "displayName", + type: { + name: "String" + } + }, + severity: { + required: true, + serializedName: "severity", + type: { + name: "String" + } + }, + endTimeUtc: { + required: true, + serializedName: "endTimeUtc", + type: { + name: "DateTime" + } + }, + startTimeUtc: { + required: true, + serializedName: "startTimeUtc", + type: { + name: "DateTime" + } + }, + timeGenerated: { + required: true, + serializedName: "timeGenerated", + type: { + name: "DateTime" + } + }, + alertType: { + required: true, + serializedName: "alertType", + type: { + name: "String" + } + } + } + } +}; + +export const IncidentAdditionalData: msRest.CompositeMapper = { + serializedName: "IncidentAdditionalData", + type: { + name: "Composite", + className: "IncidentAdditionalData", + modelProperties: { + alertsCount: { + readOnly: true, + serializedName: "alertsCount", + type: { + name: "Number" + } + }, + bookmarksCount: { + readOnly: true, + serializedName: "bookmarksCount", + type: { + name: "Number" + } + }, + commentsCount: { + readOnly: true, + serializedName: "commentsCount", + type: { + name: "Number" + } + }, + alertProductNames: { + readOnly: true, + serializedName: "alertProductNames", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + tactics: { + readOnly: true, + serializedName: "tactics", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const Incident: msRest.CompositeMapper = { + serializedName: "Incident", + type: { + name: "Composite", + className: "Incident", + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Composite", + className: "IncidentAdditionalData" + } + }, + classification: { + serializedName: "properties.classification", + type: { + name: "String" + } + }, + classificationComment: { + serializedName: "properties.classificationComment", + type: { + name: "String" + } + }, + classificationReason: { + serializedName: "properties.classificationReason", + type: { + name: "String" + } + }, + createdTimeUtc: { + readOnly: true, + serializedName: "properties.createdTimeUtc", + type: { + name: "DateTime" + } + }, + description: { + serializedName: "properties.description", + type: { + name: "String" + } + }, + firstActivityTimeUtc: { + serializedName: "properties.firstActivityTimeUtc", + type: { + name: "DateTime" + } + }, + incidentUrl: { + readOnly: true, + serializedName: "properties.incidentUrl", + type: { + name: "String" + } + }, + incidentNumber: { + readOnly: true, + serializedName: "properties.incidentNumber", + type: { + name: "Number" + } + }, + labels: { + serializedName: "properties.labels", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "IncidentLabel" + } + } + } + }, + providerName: { + serializedName: "properties.providerName", + type: { + name: "String" + } + }, + providerIncidentId: { + serializedName: "properties.providerIncidentId", + type: { + name: "String" + } + }, + lastActivityTimeUtc: { + serializedName: "properties.lastActivityTimeUtc", + type: { + name: "DateTime" + } + }, + lastModifiedTimeUtc: { + readOnly: true, + serializedName: "properties.lastModifiedTimeUtc", + type: { + name: "DateTime" + } + }, + owner: { + serializedName: "properties.owner", + type: { + name: "Composite", + className: "IncidentOwnerInfo" + } + }, + relatedAnalyticRuleIds: { + readOnly: true, + serializedName: "properties.relatedAnalyticRuleIds", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + severity: { + required: true, + serializedName: "properties.severity", + type: { + name: "String" + } + }, + status: { + required: true, + serializedName: "properties.status", + type: { + name: "String" + } + }, + title: { + required: true, + serializedName: "properties.title", + type: { + name: "String" + } + } + } + } +}; + +export const IncidentAlertList: msRest.CompositeMapper = { + serializedName: "IncidentAlertList", + type: { + name: "Composite", + className: "IncidentAlertList", + modelProperties: { + value: { + required: true, + serializedName: "value", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "SecurityAlert" + } + } + } + } + } + } +}; + +export const IncidentBookmarkList: msRest.CompositeMapper = { + serializedName: "IncidentBookmarkList", + type: { + name: "Composite", + className: "IncidentBookmarkList", + modelProperties: { + value: { + required: true, + serializedName: "value", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "HuntingBookmark" + } + } + } + } + } + } +}; + +export const IncidentComment: msRest.CompositeMapper = { + serializedName: "IncidentComment", + type: { + name: "Composite", + className: "IncidentComment", + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + createdTimeUtc: { + readOnly: true, + serializedName: "properties.createdTimeUtc", + type: { + name: "DateTime" + } + }, + lastModifiedTimeUtc: { + readOnly: true, + serializedName: "properties.lastModifiedTimeUtc", + type: { + name: "DateTime" + } + }, + message: { + required: true, + serializedName: "properties.message", + type: { + name: "String" + } + }, + author: { + readOnly: true, + serializedName: "properties.author", + type: { + name: "Composite", + className: "ClientInfo" + } + } + } + } +}; + +export const IncidentEntitiesResultsMetadata: msRest.CompositeMapper = { + serializedName: "IncidentEntitiesResultsMetadata", + type: { + name: "Composite", + className: "IncidentEntitiesResultsMetadata", + modelProperties: { + count: { + required: true, + serializedName: "count", + type: { + name: "Number" + } + }, + entityKind: { + required: true, + serializedName: "entityKind", + type: { + name: "String" + } + } + } + } +}; + +export const IncidentEntitiesResponse: msRest.CompositeMapper = { + serializedName: "IncidentEntitiesResponse", + type: { + name: "Composite", + className: "IncidentEntitiesResponse", + modelProperties: { + entities: { + serializedName: "entities", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "Entity" + } + } + } + }, + metaData: { + serializedName: "metaData", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "IncidentEntitiesResultsMetadata" + } + } + } + } + } + } +}; + +export const TeamInformation: msRest.CompositeMapper = { + serializedName: "TeamInformation", + type: { + name: "Composite", + className: "TeamInformation", + modelProperties: { + teamId: { + readOnly: true, + serializedName: "teamId", + type: { + name: "String" + } + }, + primaryChannelUrl: { + readOnly: true, + serializedName: "primaryChannelUrl", + type: { + name: "String" + } + }, + teamCreationTimeUtc: { + readOnly: true, + serializedName: "teamCreationTimeUtc", + type: { + name: "DateTime" + } + }, + name: { + readOnly: true, + serializedName: "name", + type: { + name: "String" + } + }, + description: { + readOnly: true, + serializedName: "description", + type: { + name: "String" + } + } + } + } +}; + +export const TeamProperties: msRest.CompositeMapper = { + serializedName: "TeamProperties", + type: { + name: "Composite", + className: "TeamProperties", + modelProperties: { + teamName: { + required: true, + serializedName: "teamName", + type: { + name: "String" + } + }, + teamDescription: { + serializedName: "teamDescription", + type: { + name: "String" + } + }, + memberIds: { + serializedName: "memberIds", + type: { + name: "Sequence", + element: { + type: { + name: "Uuid" + } + } + } + }, + groupIds: { + serializedName: "groupIds", + type: { + name: "Sequence", + element: { + type: { + name: "Uuid" + } + } + } + } + } + } +}; + +export const MetadataSource: msRest.CompositeMapper = { + serializedName: "metadataSource", + type: { + name: "Composite", + className: "MetadataSource", + modelProperties: { + kind: { + required: true, + serializedName: "kind", + type: { + name: "String" + } + }, + name: { + serializedName: "name", + type: { + name: "String" + } + }, + sourceId: { + serializedName: "sourceId", + type: { + name: "String" + } + } + } + } +}; + +export const MetadataAuthor: msRest.CompositeMapper = { + serializedName: "metadataAuthor", + type: { + name: "Composite", + className: "MetadataAuthor", + modelProperties: { + name: { + serializedName: "name", + type: { + name: "String" + } + }, + email: { + serializedName: "email", + type: { + name: "String" + } + }, + link: { + serializedName: "link", + type: { + name: "String" + } + } + } + } +}; + +export const MetadataSupport: msRest.CompositeMapper = { + serializedName: "metadataSupport", + type: { + name: "Composite", + className: "MetadataSupport", + modelProperties: { + tier: { + required: true, + serializedName: "tier", + type: { + name: "String" + } + }, + name: { + serializedName: "name", + type: { + name: "String" + } + }, + email: { + serializedName: "email", + type: { + name: "String" + } + }, + link: { + serializedName: "link", + type: { + name: "String" + } + } + } + } +}; + +export const MetadataDependencies: msRest.CompositeMapper = { + serializedName: "metadataDependencies", + type: { + name: "Composite", + className: "MetadataDependencies", + modelProperties: { + contentId: { + serializedName: "contentId", + type: { + name: "String" + } + }, + kind: { + serializedName: "kind", + type: { + name: "String" + } + }, + version: { + serializedName: "version", + type: { + name: "String" + } + }, + name: { + serializedName: "name", + type: { + name: "String" + } + }, + operator: { + serializedName: "operator", + type: { + name: "String" + } + }, + criteria: { + serializedName: "criteria", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "MetadataDependencies" + } + } + } + } + } + } +}; + +export const MetadataCategories: msRest.CompositeMapper = { + serializedName: "metadataCategories", + type: { + name: "Composite", + className: "MetadataCategories", + modelProperties: { + domains: { + serializedName: "domains", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + verticals: { + serializedName: "verticals", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const MetadataModel: msRest.CompositeMapper = { + serializedName: "MetadataModel", + type: { + name: "Composite", + className: "MetadataModel", + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + contentId: { + serializedName: "properties.contentId", + type: { + name: "String" + } + }, + parentId: { + required: true, + serializedName: "properties.parentId", + type: { + name: "String" + } + }, + version: { + serializedName: "properties.version", + type: { + name: "String" + } + }, + kind: { + required: true, + serializedName: "properties.kind", + type: { + name: "String" + } + }, + source: { + serializedName: "properties.source", + type: { + name: "Composite", + className: "MetadataSource" + } + }, + author: { + serializedName: "properties.author", + type: { + name: "Composite", + className: "MetadataAuthor" + } + }, + support: { + serializedName: "properties.support", + type: { + name: "Composite", + className: "MetadataSupport" + } + }, + dependencies: { + serializedName: "properties.dependencies", + type: { + name: "Composite", + className: "MetadataDependencies" + } + }, + categories: { + serializedName: "properties.categories", + type: { + name: "Composite", + className: "MetadataCategories" + } + }, + providers: { + serializedName: "properties.providers", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + firstPublishDate: { + serializedName: "properties.firstPublishDate", + type: { + name: "Date" + } + }, + lastPublishDate: { + serializedName: "properties.lastPublishDate", + type: { + name: "Date" + } + } + } + } +}; + +export const MetadataPatch: msRest.CompositeMapper = { + serializedName: "metadataPatch", + type: { + name: "Composite", + className: "MetadataPatch", + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + contentId: { + serializedName: "properties.contentId", + type: { + name: "String" + } + }, + parentId: { + serializedName: "properties.parentId", + type: { + name: "String" + } + }, + version: { + serializedName: "properties.version", + type: { + name: "String" + } + }, + kind: { + serializedName: "properties.kind", + type: { + name: "String" + } + }, + source: { + serializedName: "properties.source", + type: { + name: "Composite", + className: "MetadataSource" + } + }, + author: { + serializedName: "properties.author", + type: { + name: "Composite", + className: "MetadataAuthor" + } + }, + support: { + serializedName: "properties.support", + type: { + name: "Composite", + className: "MetadataSupport" + } + }, + dependencies: { + serializedName: "properties.dependencies", + type: { + name: "Composite", + className: "MetadataDependencies" + } + }, + categories: { + serializedName: "properties.categories", + type: { + name: "Composite", + className: "MetadataCategories" + } + }, + providers: { + serializedName: "properties.providers", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + firstPublishDate: { + serializedName: "properties.firstPublishDate", + type: { + name: "Date" + } + }, + lastPublishDate: { + serializedName: "properties.lastPublishDate", + type: { + name: "Date" + } + } + } + } +}; + +export const SentinelOnboardingState: msRest.CompositeMapper = { + serializedName: "SentinelOnboardingState", + type: { + name: "Composite", + className: "SentinelOnboardingState", + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + customerManagedKey: { + serializedName: "properties.customerManagedKey", + type: { + name: "Boolean" + } + } + } + } +}; + +export const SentinelOnboardingStatesList: msRest.CompositeMapper = { + serializedName: "SentinelOnboardingStatesList", + type: { + name: "Composite", + className: "SentinelOnboardingStatesList", + modelProperties: { + value: { + required: true, + serializedName: "value", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "SentinelOnboardingState" + } + } + } + } + } + } +}; + +export const Settings: msRest.CompositeMapper = { + serializedName: "Settings", + type: { + name: "Composite", + polymorphicDiscriminator: { + serializedName: "kind", + clientName: "kind" + }, + uberParent: "Settings", + className: "Settings", + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + kind: { + required: true, + serializedName: "kind", + type: { + name: "String" + } + } + } + } +}; + +export const SettingList: msRest.CompositeMapper = { + serializedName: "SettingList", + type: { + name: "Composite", + className: "SettingList", + modelProperties: { + value: { + required: true, + serializedName: "value", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "Settings" + } + } + } + } + } + } +}; + +export const Anomalies: msRest.CompositeMapper = { + serializedName: "Anomalies", + type: { + name: "Composite", + polymorphicDiscriminator: Settings.type.polymorphicDiscriminator, + uberParent: "Settings", + className: "Anomalies", + modelProperties: { + ...Settings.type.modelProperties, + isEnabled: { + readOnly: true, + serializedName: "properties.isEnabled", + type: { + name: "Boolean" + } + } + } + } +}; + +export const EyesOn: msRest.CompositeMapper = { + serializedName: "EyesOn", + type: { + name: "Composite", + polymorphicDiscriminator: Settings.type.polymorphicDiscriminator, + uberParent: "Settings", + className: "EyesOn", + modelProperties: { + ...Settings.type.modelProperties, + isEnabled: { + readOnly: true, + serializedName: "properties.isEnabled", + type: { + name: "Boolean" + } + } + } + } +}; + +export const EntityAnalytics: msRest.CompositeMapper = { + serializedName: "EntityAnalytics", + type: { + name: "Composite", + polymorphicDiscriminator: Settings.type.polymorphicDiscriminator, + uberParent: "Settings", + className: "EntityAnalytics", + modelProperties: { + ...Settings.type.modelProperties, + isEnabled: { + readOnly: true, + serializedName: "properties.isEnabled", + type: { + name: "Boolean" + } + } + } + } +}; + +export const Ueba: msRest.CompositeMapper = { + serializedName: "Ueba", + type: { + name: "Composite", + polymorphicDiscriminator: Settings.type.polymorphicDiscriminator, + uberParent: "Settings", + className: "Ueba", + modelProperties: { + ...Settings.type.modelProperties, + dataSources: { + serializedName: "properties.dataSources", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const Sku: msRest.CompositeMapper = { + serializedName: "Sku", + type: { + name: "Composite", + className: "Sku", + modelProperties: { + name: { + serializedName: "name", + type: { + name: "String" + } + }, + capacityReservationLevel: { + serializedName: "capacityReservationLevel", + type: { + name: "Number" + } + } + } + } +}; + +export const Repo: msRest.CompositeMapper = { + serializedName: "Repo", + type: { + name: "Composite", + className: "Repo", + modelProperties: { + url: { + serializedName: "url", + type: { + name: "String" + } + }, + fullName: { + serializedName: "fullName", + type: { + name: "String" + } + }, + branches: { + serializedName: "branches", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const ContentPathMap: msRest.CompositeMapper = { + serializedName: "ContentPathMap", + type: { + name: "Composite", + className: "ContentPathMap", + modelProperties: { + contentType: { + serializedName: "contentType", + type: { + name: "String" + } + }, + path: { + serializedName: "path", + type: { + name: "String" + } + } + } + } +}; + +export const Repository: msRest.CompositeMapper = { + serializedName: "Repository", + type: { + name: "Composite", + className: "Repository", + modelProperties: { + url: { + serializedName: "url", + type: { + name: "String" + } + }, + branch: { + serializedName: "branch", + type: { + name: "String" + } + }, + displayUrl: { + serializedName: "displayUrl", + type: { + name: "String" + } + }, + deploymentLogsUrl: { + serializedName: "deploymentLogsUrl", + type: { + name: "String" + } + }, + pathMapping: { + serializedName: "pathMapping", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ContentPathMap" + } + } + } + } + } + } +}; + +export const SourceControl: msRest.CompositeMapper = { + serializedName: "SourceControl", + type: { + name: "Composite", + className: "SourceControl", + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + sourceControlId: { + serializedName: "properties.id", + type: { + name: "String" + } + }, + displayName: { + required: true, + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + description: { + serializedName: "properties.description", + type: { + name: "String" + } + }, + repoType: { + required: true, + serializedName: "properties.repoType", + type: { + name: "String" + } + }, + contentTypes: { + required: true, + serializedName: "properties.contentTypes", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + repository: { + required: true, + serializedName: "properties.repository", + type: { + name: "Composite", + className: "Repository" + } + } + } + } +}; + +export const Watchlist: msRest.CompositeMapper = { + serializedName: "Watchlist", + type: { + name: "Composite", + className: "Watchlist", + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + watchlistId: { + serializedName: "properties.watchlistId", + type: { + name: "String" + } + }, + displayName: { + required: true, + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + provider: { + required: true, + serializedName: "properties.provider", + type: { + name: "String" + } + }, + source: { + required: true, + serializedName: "properties.source", + type: { + name: "String" + } + }, + created: { + serializedName: "properties.created", + type: { + name: "DateTime" + } + }, + updated: { + serializedName: "properties.updated", + type: { + name: "DateTime" + } + }, + createdBy: { + serializedName: "properties.createdBy", + type: { + name: "Composite", + className: "UserInfo" + } + }, + updatedBy: { + serializedName: "properties.updatedBy", + type: { + name: "Composite", + className: "UserInfo" + } + }, + description: { + serializedName: "properties.description", + type: { + name: "String" + } + }, + watchlistType: { + serializedName: "properties.watchlistType", + type: { + name: "String" + } + }, + watchlistAlias: { + serializedName: "properties.watchlistAlias", + type: { + name: "String" + } + }, + isDeleted: { + serializedName: "properties.isDeleted", + type: { + name: "Boolean" + } + }, + labels: { + serializedName: "properties.labels", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + defaultDuration: { + serializedName: "properties.defaultDuration", + type: { + name: "TimeSpan" + } + }, + tenantId: { + serializedName: "properties.tenantId", + type: { + name: "String" + } + }, + numberOfLinesToSkip: { + serializedName: "properties.numberOfLinesToSkip", + type: { + name: "Number" + } + }, + rawContent: { + serializedName: "properties.rawContent", + type: { + name: "String" + } + }, + itemsSearchKey: { + required: true, + serializedName: "properties.itemsSearchKey", + type: { + name: "String" + } + }, + contentType: { + serializedName: "properties.contentType", + type: { + name: "String" + } + }, + uploadStatus: { + serializedName: "properties.uploadStatus", + type: { + name: "String" + } + }, + watchlistItemsCount: { + serializedName: "properties.watchlistItemsCount", + type: { + name: "Number" + } + } + } + } +}; + +export const WatchlistItem: msRest.CompositeMapper = { + serializedName: "WatchlistItem", + type: { + name: "Composite", + className: "WatchlistItem", + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + watchlistItemType: { + serializedName: "properties.watchlistItemType", + type: { + name: "String" + } + }, + watchlistItemId: { + serializedName: "properties.watchlistItemId", + type: { + name: "String" + } + }, + tenantId: { + serializedName: "properties.tenantId", + type: { + name: "String" + } + }, + isDeleted: { + serializedName: "properties.isDeleted", + type: { + name: "Boolean" + } + }, + created: { + serializedName: "properties.created", + type: { + name: "DateTime" + } + }, + updated: { + serializedName: "properties.updated", + type: { + name: "DateTime" + } + }, + createdBy: { + serializedName: "properties.createdBy", + type: { + name: "Composite", + className: "UserInfo" + } + }, + updatedBy: { + serializedName: "properties.updatedBy", + type: { + name: "Composite", + className: "UserInfo" + } + }, + itemsKeyValue: { + required: true, + serializedName: "properties.itemsKeyValue", + type: { + name: "Object" + } + }, + entityMapping: { + serializedName: "properties.entityMapping", + type: { + name: "Object" + } + } + } + } +}; + +export const DataConnectorsCheckRequirements: msRest.CompositeMapper = { + serializedName: "DataConnectorsCheckRequirements", + type: { + name: "Composite", + polymorphicDiscriminator: { + serializedName: "kind", + clientName: "kind" + }, + uberParent: "DataConnectorsCheckRequirements", + className: "DataConnectorsCheckRequirements", + modelProperties: { + kind: { + required: true, + serializedName: "kind", + type: { + name: "String" + } + } + } + } +}; + +export const AADCheckRequirements: msRest.CompositeMapper = { + serializedName: "AzureActiveDirectory", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnectorsCheckRequirements.type.polymorphicDiscriminator, + uberParent: "DataConnectorsCheckRequirements", + className: "AADCheckRequirements", + modelProperties: { + ...DataConnectorsCheckRequirements.type.modelProperties, + tenantId: { + required: true, + serializedName: "properties.tenantId", + type: { + name: "String" + } + } + } + } +}; + +export const AATPCheckRequirements: msRest.CompositeMapper = { + serializedName: "AzureAdvancedThreatProtection", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnectorsCheckRequirements.type.polymorphicDiscriminator, + uberParent: "DataConnectorsCheckRequirements", + className: "AATPCheckRequirements", + modelProperties: { + ...DataConnectorsCheckRequirements.type.modelProperties, + tenantId: { + required: true, + serializedName: "properties.tenantId", + type: { + name: "String" + } + } + } + } +}; + +export const ASCCheckRequirements: msRest.CompositeMapper = { + serializedName: "AzureSecurityCenter", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnectorsCheckRequirements.type.polymorphicDiscriminator, + uberParent: "DataConnectorsCheckRequirements", + className: "ASCCheckRequirements", + modelProperties: { + ...DataConnectorsCheckRequirements.type.modelProperties, + subscriptionId: { + serializedName: "properties.subscriptionId", + type: { + name: "String" + } + } + } + } +}; + +export const AwsCloudTrailCheckRequirements: msRest.CompositeMapper = { + serializedName: "AmazonWebServicesCloudTrail", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnectorsCheckRequirements.type.polymorphicDiscriminator, + uberParent: "DataConnectorsCheckRequirements", + className: "AwsCloudTrailCheckRequirements", + modelProperties: { + ...DataConnectorsCheckRequirements.type.modelProperties + } + } +}; + +export const AwsS3CheckRequirements: msRest.CompositeMapper = { + serializedName: "AmazonWebServicesS3", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnectorsCheckRequirements.type.polymorphicDiscriminator, + uberParent: "DataConnectorsCheckRequirements", + className: "AwsS3CheckRequirements", + modelProperties: { + ...DataConnectorsCheckRequirements.type.modelProperties + } + } +}; + +export const DataConnectorRequirementsState: msRest.CompositeMapper = { + serializedName: "DataConnectorRequirementsState", + type: { + name: "Composite", + className: "DataConnectorRequirementsState", + modelProperties: { + authorizationState: { + serializedName: "authorizationState", + type: { + name: "String" + } + }, + licenseState: { + serializedName: "licenseState", + type: { + name: "String" + } + } + } + } +}; + +export const Dynamics365CheckRequirements: msRest.CompositeMapper = { + serializedName: "Dynamics365", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnectorsCheckRequirements.type.polymorphicDiscriminator, + uberParent: "DataConnectorsCheckRequirements", + className: "Dynamics365CheckRequirements", + modelProperties: { + ...DataConnectorsCheckRequirements.type.modelProperties, + tenantId: { + required: true, + serializedName: "properties.tenantId", + type: { + name: "String" + } + } + } + } +}; + +export const MCASCheckRequirements: msRest.CompositeMapper = { + serializedName: "MicrosoftCloudAppSecurity", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnectorsCheckRequirements.type.polymorphicDiscriminator, + uberParent: "DataConnectorsCheckRequirements", + className: "MCASCheckRequirements", + modelProperties: { + ...DataConnectorsCheckRequirements.type.modelProperties, + tenantId: { + required: true, + serializedName: "properties.tenantId", + type: { + name: "String" + } + } + } + } +}; + +export const MDATPCheckRequirements: msRest.CompositeMapper = { + serializedName: "MicrosoftDefenderAdvancedThreatProtection", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnectorsCheckRequirements.type.polymorphicDiscriminator, + uberParent: "DataConnectorsCheckRequirements", + className: "MDATPCheckRequirements", + modelProperties: { + ...DataConnectorsCheckRequirements.type.modelProperties, + tenantId: { + required: true, + serializedName: "properties.tenantId", + type: { + name: "String" + } + } + } + } +}; + +export const MSTICheckRequirements: msRest.CompositeMapper = { + serializedName: "MicrosoftThreatIntelligence", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnectorsCheckRequirements.type.polymorphicDiscriminator, + uberParent: "DataConnectorsCheckRequirements", + className: "MSTICheckRequirements", + modelProperties: { + ...DataConnectorsCheckRequirements.type.modelProperties, + tenantId: { + required: true, + serializedName: "properties.tenantId", + type: { + name: "String" + } + } + } + } +}; + +export const MtpCheckRequirements: msRest.CompositeMapper = { + serializedName: "MicrosoftThreatProtection", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnectorsCheckRequirements.type.polymorphicDiscriminator, + uberParent: "DataConnectorsCheckRequirements", + className: "MtpCheckRequirements", + modelProperties: { + ...DataConnectorsCheckRequirements.type.modelProperties, + tenantId: { + required: true, + serializedName: "properties.tenantId", + type: { + name: "String" + } + } + } + } +}; + +export const OfficeATPCheckRequirements: msRest.CompositeMapper = { + serializedName: "OfficeATP", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnectorsCheckRequirements.type.polymorphicDiscriminator, + uberParent: "DataConnectorsCheckRequirements", + className: "OfficeATPCheckRequirements", + modelProperties: { + ...DataConnectorsCheckRequirements.type.modelProperties, + tenantId: { + required: true, + serializedName: "properties.tenantId", + type: { + name: "String" + } + } + } + } +}; + +export const TICheckRequirements: msRest.CompositeMapper = { + serializedName: "ThreatIntelligence", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnectorsCheckRequirements.type.polymorphicDiscriminator, + uberParent: "DataConnectorsCheckRequirements", + className: "TICheckRequirements", + modelProperties: { + ...DataConnectorsCheckRequirements.type.modelProperties, + tenantId: { + required: true, + serializedName: "properties.tenantId", + type: { + name: "String" + } + } + } + } +}; + +export const TiTaxiiCheckRequirements: msRest.CompositeMapper = { + serializedName: "ThreatIntelligenceTaxii", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnectorsCheckRequirements.type.polymorphicDiscriminator, + uberParent: "DataConnectorsCheckRequirements", + className: "TiTaxiiCheckRequirements", + modelProperties: { + ...DataConnectorsCheckRequirements.type.modelProperties, + tenantId: { + required: true, + serializedName: "properties.tenantId", + type: { + name: "String" + } + } + } + } +}; + +export const DataConnectorDataTypeCommon: msRest.CompositeMapper = { + serializedName: "DataConnectorDataTypeCommon", + type: { + name: "Composite", + className: "DataConnectorDataTypeCommon", + modelProperties: { + state: { + required: true, + serializedName: "state", + type: { + name: "String" + } + } + } + } +}; + +export const AlertsDataTypeOfDataConnector: msRest.CompositeMapper = { + serializedName: "AlertsDataTypeOfDataConnector", + type: { + name: "Composite", + className: "AlertsDataTypeOfDataConnector", + modelProperties: { + alerts: { + required: true, + serializedName: "alerts", + type: { + name: "Composite", + className: "DataConnectorDataTypeCommon" + } + } + } + } +}; + +export const DataConnector: msRest.CompositeMapper = { + serializedName: "DataConnector", + type: { + name: "Composite", + polymorphicDiscriminator: { + serializedName: "kind", + clientName: "kind" + }, + uberParent: "DataConnector", + className: "DataConnector", + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + kind: { + required: true, + serializedName: "kind", + type: { + name: "String" + } + } + } + } +}; + +export const AADDataConnector: msRest.CompositeMapper = { + serializedName: "AzureActiveDirectory", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator, + uberParent: "DataConnector", + className: "AADDataConnector", + modelProperties: { + ...DataConnector.type.modelProperties, + tenantId: { + required: true, + serializedName: "properties.tenantId", + type: { + name: "String" + } + }, + dataTypes: { + serializedName: "properties.dataTypes", + type: { + name: "Composite", + className: "AlertsDataTypeOfDataConnector" + } + } + } + } +}; + +export const MSTIDataConnectorDataTypesBingSafetyPhishingURL: msRest.CompositeMapper = { + serializedName: "MSTIDataConnectorDataTypes_bingSafetyPhishingURL", + type: { + name: "Composite", + className: "MSTIDataConnectorDataTypesBingSafetyPhishingURL", + modelProperties: { + ...DataConnectorDataTypeCommon.type.modelProperties, + lookbackPeriod: { + required: true, + serializedName: "lookbackPeriod", + type: { + name: "String" + } + } + } + } +}; + +export const MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed: msRest.CompositeMapper = { + serializedName: "MSTIDataConnectorDataTypes_microsoftEmergingThreatFeed", + type: { + name: "Composite", + className: "MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed", + modelProperties: { + ...DataConnectorDataTypeCommon.type.modelProperties, + lookbackPeriod: { + required: true, + serializedName: "lookbackPeriod", + type: { + name: "String" + } + } + } + } +}; + +export const MSTIDataConnectorDataTypes: msRest.CompositeMapper = { + serializedName: "MSTIDataConnectorDataTypes", + type: { + name: "Composite", + className: "MSTIDataConnectorDataTypes", + modelProperties: { + bingSafetyPhishingURL: { + required: true, + serializedName: "bingSafetyPhishingURL", + type: { + name: "Composite", + className: "MSTIDataConnectorDataTypesBingSafetyPhishingURL" + } + }, + microsoftEmergingThreatFeed: { + required: true, + serializedName: "microsoftEmergingThreatFeed", + type: { + name: "Composite", + className: "MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed" + } + } + } + } +}; + +export const MSTIDataConnector: msRest.CompositeMapper = { + serializedName: "MicrosoftThreatIntelligence", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator, + uberParent: "DataConnector", + className: "MSTIDataConnector", + modelProperties: { + ...DataConnector.type.modelProperties, + tenantId: { + required: true, + serializedName: "properties.tenantId", + type: { + name: "String" + } + }, + dataTypes: { + required: true, + serializedName: "properties.dataTypes", + type: { + name: "Composite", + className: "MSTIDataConnectorDataTypes" + } + } + } + } +}; + +export const MTPDataConnectorDataTypesIncidents: msRest.CompositeMapper = { + serializedName: "MTPDataConnectorDataTypes_incidents", + type: { + name: "Composite", + className: "MTPDataConnectorDataTypesIncidents", + modelProperties: { + ...DataConnectorDataTypeCommon.type.modelProperties + } + } +}; + +export const MTPDataConnectorDataTypes: msRest.CompositeMapper = { + serializedName: "MTPDataConnectorDataTypes", + type: { + name: "Composite", + className: "MTPDataConnectorDataTypes", + modelProperties: { + incidents: { + required: true, + serializedName: "incidents", + type: { + name: "Composite", + className: "MTPDataConnectorDataTypesIncidents" + } + } + } + } +}; + +export const MTPDataConnector: msRest.CompositeMapper = { + serializedName: "MicrosoftThreatProtection", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator, + uberParent: "DataConnector", + className: "MTPDataConnector", + modelProperties: { + ...DataConnector.type.modelProperties, + tenantId: { + required: true, + serializedName: "properties.tenantId", + type: { + name: "String" + } + }, + dataTypes: { + required: true, + serializedName: "properties.dataTypes", + type: { + name: "Composite", + className: "MTPDataConnectorDataTypes" + } + } + } + } +}; + +export const AATPDataConnector: msRest.CompositeMapper = { + serializedName: "AzureAdvancedThreatProtection", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator, + uberParent: "DataConnector", + className: "AATPDataConnector", + modelProperties: { + ...DataConnector.type.modelProperties, + tenantId: { + required: true, + serializedName: "properties.tenantId", + type: { + name: "String" + } + }, + dataTypes: { + serializedName: "properties.dataTypes", + type: { + name: "Composite", + className: "AlertsDataTypeOfDataConnector" + } + } + } + } +}; + +export const ASCDataConnector: msRest.CompositeMapper = { + serializedName: "AzureSecurityCenter", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator, + uberParent: "DataConnector", + className: "ASCDataConnector", + modelProperties: { + ...DataConnector.type.modelProperties, + dataTypes: { + serializedName: "properties.dataTypes", + type: { + name: "Composite", + className: "AlertsDataTypeOfDataConnector" + } + }, + subscriptionId: { + serializedName: "properties.subscriptionId", + type: { + name: "String" + } + } + } + } +}; + +export const AwsCloudTrailDataConnectorDataTypesLogs: msRest.CompositeMapper = { + serializedName: "AwsCloudTrailDataConnectorDataTypes_logs", + type: { + name: "Composite", + className: "AwsCloudTrailDataConnectorDataTypesLogs", + modelProperties: { + ...DataConnectorDataTypeCommon.type.modelProperties + } + } +}; + +export const AwsCloudTrailDataConnectorDataTypes: msRest.CompositeMapper = { + serializedName: "AwsCloudTrailDataConnectorDataTypes", + type: { + name: "Composite", + className: "AwsCloudTrailDataConnectorDataTypes", + modelProperties: { + logs: { + required: true, + serializedName: "logs", + type: { + name: "Composite", + className: "AwsCloudTrailDataConnectorDataTypesLogs" + } + } + } + } +}; + +export const AwsCloudTrailDataConnector: msRest.CompositeMapper = { + serializedName: "AmazonWebServicesCloudTrail", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator, + uberParent: "DataConnector", + className: "AwsCloudTrailDataConnector", + modelProperties: { + ...DataConnector.type.modelProperties, + awsRoleArn: { + serializedName: "properties.awsRoleArn", + type: { + name: "String" + } + }, + dataTypes: { + required: true, + serializedName: "properties.dataTypes", + type: { + name: "Composite", + className: "AwsCloudTrailDataConnectorDataTypes" + } + } + } + } +}; + +export const AwsS3DataConnectorDataTypesLogs: msRest.CompositeMapper = { + serializedName: "AwsS3DataConnectorDataTypes_logs", + type: { + name: "Composite", + className: "AwsS3DataConnectorDataTypesLogs", + modelProperties: { + ...DataConnectorDataTypeCommon.type.modelProperties + } + } +}; + +export const AwsS3DataConnectorDataTypes: msRest.CompositeMapper = { + serializedName: "AwsS3DataConnectorDataTypes", + type: { + name: "Composite", + className: "AwsS3DataConnectorDataTypes", + modelProperties: { + logs: { + required: true, + serializedName: "logs", + type: { + name: "Composite", + className: "AwsS3DataConnectorDataTypesLogs" + } + } + } + } +}; + +export const AwsS3DataConnector: msRest.CompositeMapper = { + serializedName: "AmazonWebServicesS3", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator, + uberParent: "DataConnector", + className: "AwsS3DataConnector", + modelProperties: { + ...DataConnector.type.modelProperties, + destinationTable: { + required: true, + serializedName: "properties.destinationTable", + type: { + name: "String" + } + }, + sqsUrls: { + required: true, + serializedName: "properties.sqsUrls", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + roleArn: { + required: true, + serializedName: "properties.roleArn", + type: { + name: "String" + } + }, + dataTypes: { + required: true, + serializedName: "properties.dataTypes", + type: { + name: "Composite", + className: "AwsS3DataConnectorDataTypes" + } + } + } + } +}; + +export const DataConnectorWithAlertsProperties: msRest.CompositeMapper = { + serializedName: "DataConnectorWithAlertsProperties", + type: { + name: "Composite", + className: "DataConnectorWithAlertsProperties", + modelProperties: { + dataTypes: { + serializedName: "dataTypes", + type: { + name: "Composite", + className: "AlertsDataTypeOfDataConnector" + } + } + } + } +}; + +export const DataConnectorTenantId: msRest.CompositeMapper = { + serializedName: "DataConnectorTenantId", + type: { + name: "Composite", + className: "DataConnectorTenantId", + modelProperties: { + tenantId: { + required: true, + serializedName: "tenantId", + type: { + name: "String" + } + } + } + } +}; + +export const MCASDataConnectorDataTypes: msRest.CompositeMapper = { + serializedName: "MCASDataConnectorDataTypes", + type: { + name: "Composite", + className: "MCASDataConnectorDataTypes", + modelProperties: { + ...AlertsDataTypeOfDataConnector.type.modelProperties, + discoveryLogs: { + serializedName: "discoveryLogs", + type: { + name: "Composite", + className: "DataConnectorDataTypeCommon" + } + } + } + } +}; + +export const MCASDataConnector: msRest.CompositeMapper = { + serializedName: "MicrosoftCloudAppSecurity", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator, + uberParent: "DataConnector", + className: "MCASDataConnector", + modelProperties: { + ...DataConnector.type.modelProperties, + tenantId: { + required: true, + serializedName: "properties.tenantId", + type: { + name: "String" + } + }, + dataTypes: { + required: true, + serializedName: "properties.dataTypes", + type: { + name: "Composite", + className: "MCASDataConnectorDataTypes" + } + } + } + } +}; + +export const Dynamics365DataConnectorDataTypesDynamics365CdsActivities: msRest.CompositeMapper = { + serializedName: "Dynamics365DataConnectorDataTypes_dynamics365CdsActivities", + type: { + name: "Composite", + className: "Dynamics365DataConnectorDataTypesDynamics365CdsActivities", + modelProperties: { + ...DataConnectorDataTypeCommon.type.modelProperties + } + } +}; + +export const Dynamics365DataConnectorDataTypes: msRest.CompositeMapper = { + serializedName: "Dynamics365DataConnectorDataTypes", + type: { + name: "Composite", + className: "Dynamics365DataConnectorDataTypes", + modelProperties: { + dynamics365CdsActivities: { + required: true, + serializedName: "dynamics365CdsActivities", + type: { + name: "Composite", + className: "Dynamics365DataConnectorDataTypesDynamics365CdsActivities" + } + } + } + } +}; + +export const Dynamics365DataConnector: msRest.CompositeMapper = { + serializedName: "Dynamics365", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator, + uberParent: "DataConnector", + className: "Dynamics365DataConnector", + modelProperties: { + ...DataConnector.type.modelProperties, + tenantId: { + required: true, + serializedName: "properties.tenantId", + type: { + name: "String" + } + }, + dataTypes: { + required: true, + serializedName: "properties.dataTypes", + type: { + name: "Composite", + className: "Dynamics365DataConnectorDataTypes" + } + } + } + } +}; + +export const OfficeATPDataConnector: msRest.CompositeMapper = { + serializedName: "OfficeATP", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator, + uberParent: "DataConnector", + className: "OfficeATPDataConnector", + modelProperties: { + ...DataConnector.type.modelProperties, + tenantId: { + required: true, + serializedName: "properties.tenantId", + type: { + name: "String" + } + }, + dataTypes: { + serializedName: "properties.dataTypes", + type: { + name: "Composite", + className: "AlertsDataTypeOfDataConnector" + } + } + } + } +}; + +export const MDATPDataConnector: msRest.CompositeMapper = { + serializedName: "MicrosoftDefenderAdvancedThreatProtection", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator, + uberParent: "DataConnector", + className: "MDATPDataConnector", + modelProperties: { + ...DataConnector.type.modelProperties, + tenantId: { + required: true, + serializedName: "properties.tenantId", + type: { + name: "String" + } + }, + dataTypes: { + serializedName: "properties.dataTypes", + type: { + name: "Composite", + className: "AlertsDataTypeOfDataConnector" + } + } + } + } +}; + +export const OfficeDataConnectorDataTypesExchange: msRest.CompositeMapper = { + serializedName: "OfficeDataConnectorDataTypes_exchange", + type: { + name: "Composite", + className: "OfficeDataConnectorDataTypesExchange", + modelProperties: { + ...DataConnectorDataTypeCommon.type.modelProperties + } + } +}; + +export const OfficeDataConnectorDataTypesSharePoint: msRest.CompositeMapper = { + serializedName: "OfficeDataConnectorDataTypes_sharePoint", + type: { + name: "Composite", + className: "OfficeDataConnectorDataTypesSharePoint", + modelProperties: { + ...DataConnectorDataTypeCommon.type.modelProperties + } + } +}; + +export const OfficeDataConnectorDataTypesTeams: msRest.CompositeMapper = { + serializedName: "OfficeDataConnectorDataTypes_teams", + type: { + name: "Composite", + className: "OfficeDataConnectorDataTypesTeams", + modelProperties: { + ...DataConnectorDataTypeCommon.type.modelProperties + } + } +}; + +export const OfficeDataConnectorDataTypes: msRest.CompositeMapper = { + serializedName: "OfficeDataConnectorDataTypes", + type: { + name: "Composite", + className: "OfficeDataConnectorDataTypes", + modelProperties: { + exchange: { + required: true, + serializedName: "exchange", + type: { + name: "Composite", + className: "OfficeDataConnectorDataTypesExchange" + } + }, + sharePoint: { + required: true, + serializedName: "sharePoint", + type: { + name: "Composite", + className: "OfficeDataConnectorDataTypesSharePoint" + } + }, + teams: { + required: true, + serializedName: "teams", + type: { + name: "Composite", + className: "OfficeDataConnectorDataTypesTeams" + } + } + } + } +}; + +export const OfficeDataConnector: msRest.CompositeMapper = { + serializedName: "Office365", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator, + uberParent: "DataConnector", + className: "OfficeDataConnector", + modelProperties: { + ...DataConnector.type.modelProperties, + tenantId: { + required: true, + serializedName: "properties.tenantId", + type: { + name: "String" + } + }, + dataTypes: { + required: true, + serializedName: "properties.dataTypes", + type: { + name: "Composite", + className: "OfficeDataConnectorDataTypes" + } + } + } + } +}; + +export const TIDataConnectorDataTypesIndicators: msRest.CompositeMapper = { + serializedName: "TIDataConnectorDataTypes_indicators", + type: { + name: "Composite", + className: "TIDataConnectorDataTypesIndicators", + modelProperties: { + ...DataConnectorDataTypeCommon.type.modelProperties + } + } +}; + +export const TIDataConnectorDataTypes: msRest.CompositeMapper = { + serializedName: "TIDataConnectorDataTypes", + type: { + name: "Composite", + className: "TIDataConnectorDataTypes", + modelProperties: { + indicators: { + required: true, + serializedName: "indicators", + type: { + name: "Composite", + className: "TIDataConnectorDataTypesIndicators" + } + } + } + } +}; + +export const TIDataConnector: msRest.CompositeMapper = { + serializedName: "ThreatIntelligence", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator, + uberParent: "DataConnector", + className: "TIDataConnector", + modelProperties: { + ...DataConnector.type.modelProperties, + tenantId: { + required: true, + serializedName: "properties.tenantId", + type: { + name: "String" + } + }, + tipLookbackPeriod: { + nullable: true, + serializedName: "properties.tipLookbackPeriod", + type: { + name: "DateTime" + } + }, + dataTypes: { + required: true, + serializedName: "properties.dataTypes", + type: { + name: "Composite", + className: "TIDataConnectorDataTypes" + } + } + } + } +}; + +export const TiTaxiiDataConnectorDataTypesTaxiiClient: msRest.CompositeMapper = { + serializedName: "TiTaxiiDataConnectorDataTypes_taxiiClient", + type: { + name: "Composite", + className: "TiTaxiiDataConnectorDataTypesTaxiiClient", + modelProperties: { + ...DataConnectorDataTypeCommon.type.modelProperties + } + } +}; + +export const TiTaxiiDataConnectorDataTypes: msRest.CompositeMapper = { + serializedName: "TiTaxiiDataConnectorDataTypes", + type: { + name: "Composite", + className: "TiTaxiiDataConnectorDataTypes", + modelProperties: { + taxiiClient: { + required: true, + serializedName: "taxiiClient", + type: { + name: "Composite", + className: "TiTaxiiDataConnectorDataTypesTaxiiClient" + } + } + } + } +}; + +export const TiTaxiiDataConnector: msRest.CompositeMapper = { + serializedName: "ThreatIntelligenceTaxii", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator, + uberParent: "DataConnector", + className: "TiTaxiiDataConnector", + modelProperties: { + ...DataConnector.type.modelProperties, + tenantId: { + required: true, + serializedName: "properties.tenantId", + type: { + name: "String" + } + }, + workspaceId: { + serializedName: "properties.workspaceId", + type: { + name: "String" + } + }, + friendlyName: { + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + taxiiServer: { + serializedName: "properties.taxiiServer", + type: { + name: "String" + } + }, + collectionId: { + serializedName: "properties.collectionId", + type: { + name: "String" + } + }, + userName: { + serializedName: "properties.userName", + type: { + name: "String" + } + }, + password: { + serializedName: "properties.password", + type: { + name: "String" + } + }, + taxiiLookbackPeriod: { + nullable: true, + serializedName: "properties.taxiiLookbackPeriod", + type: { + name: "DateTime" + } + }, + pollingFrequency: { + required: true, + nullable: true, + serializedName: "properties.pollingFrequency", + type: { + name: "String" + } + }, + dataTypes: { + required: true, + serializedName: "properties.dataTypes", + type: { + name: "Composite", + className: "TiTaxiiDataConnectorDataTypes" + } + } + } + } +}; + +export const GraphQueries: msRest.CompositeMapper = { + serializedName: "GraphQueries", + type: { + name: "Composite", + className: "GraphQueries", + modelProperties: { + metricName: { + serializedName: "metricName", + type: { + name: "String" + } + }, + legend: { + serializedName: "legend", + type: { + name: "String" + } + }, + baseQuery: { + serializedName: "baseQuery", + type: { + name: "String" + } + } + } + } +}; + +export const CodelessUiConnectorConfigPropertiesGraphQueriesItem: msRest.CompositeMapper = { + serializedName: "CodelessUiConnectorConfigProperties_graphQueriesItem", + type: { + name: "Composite", + className: "CodelessUiConnectorConfigPropertiesGraphQueriesItem", + modelProperties: { + ...GraphQueries.type.modelProperties + } + } +}; + +export const SampleQueries: msRest.CompositeMapper = { + serializedName: "SampleQueries", + type: { + name: "Composite", + className: "SampleQueries", + modelProperties: { + description: { + serializedName: "description", + type: { + name: "String" + } + }, + query: { + serializedName: "query", + type: { + name: "String" + } + } + } + } +}; + +export const CodelessUiConnectorConfigPropertiesSampleQueriesItem: msRest.CompositeMapper = { + serializedName: "CodelessUiConnectorConfigProperties_sampleQueriesItem", + type: { + name: "Composite", + className: "CodelessUiConnectorConfigPropertiesSampleQueriesItem", + modelProperties: { + ...SampleQueries.type.modelProperties + } + } +}; + +export const LastDataReceivedDataType: msRest.CompositeMapper = { + serializedName: "LastDataReceivedDataType", + type: { + name: "Composite", + className: "LastDataReceivedDataType", + modelProperties: { + name: { + serializedName: "name", + type: { + name: "String" + } + }, + lastDataReceivedQuery: { + serializedName: "lastDataReceivedQuery", + type: { + name: "String" + } + } + } + } +}; + +export const CodelessUiConnectorConfigPropertiesDataTypesItem: msRest.CompositeMapper = { + serializedName: "CodelessUiConnectorConfigProperties_dataTypesItem", + type: { + name: "Composite", + className: "CodelessUiConnectorConfigPropertiesDataTypesItem", + modelProperties: { + ...LastDataReceivedDataType.type.modelProperties + } + } +}; + +export const ConnectivityCriteria: msRest.CompositeMapper = { + serializedName: "ConnectivityCriteria", + type: { + name: "Composite", + className: "ConnectivityCriteria", + modelProperties: { + type: { + serializedName: "type", + type: { + name: "String" + } + }, + value: { + serializedName: "value", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem: msRest.CompositeMapper = { + serializedName: "CodelessUiConnectorConfigProperties_connectivityCriteriaItem", + type: { + name: "Composite", + className: "CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem", + modelProperties: { + ...ConnectivityCriteria.type.modelProperties + } + } +}; + +export const Availability: msRest.CompositeMapper = { + serializedName: "Availability", + type: { + name: "Composite", + className: "Availability", + modelProperties: { + status: { + serializedName: "status", + type: { + name: "Number" + } + }, + isPreview: { + serializedName: "isPreview", + type: { + name: "Boolean" + } + } + } + } +}; + +export const ResourceProvider: msRest.CompositeMapper = { + serializedName: "ResourceProvider", + type: { + name: "Composite", + className: "ResourceProvider", + modelProperties: { + provider: { + serializedName: "provider", + type: { + name: "String" + } + }, + permissionsDisplayText: { + serializedName: "permissionsDisplayText", + type: { + name: "String" + } + }, + providerDisplayName: { + serializedName: "providerDisplayName", + type: { + name: "String" + } + }, + scope: { + serializedName: "scope", + type: { + name: "String" + } + }, + requiredPermissions: { + serializedName: "requiredPermissions", + type: { + name: "Composite", + className: "RequiredPermissions" + } + } + } + } +}; + +export const PermissionsResourceProviderItem: msRest.CompositeMapper = { + serializedName: "Permissions_resourceProviderItem", + type: { + name: "Composite", + className: "PermissionsResourceProviderItem", + modelProperties: { + ...ResourceProvider.type.modelProperties + } + } +}; + +export const CustomsPermission: msRest.CompositeMapper = { + serializedName: "CustomsPermission", + type: { + name: "Composite", + className: "CustomsPermission", + modelProperties: { + name: { + serializedName: "name", + type: { + name: "String" + } + }, + description: { + serializedName: "description", + type: { + name: "String" + } + } + } + } +}; + +export const Customs: msRest.CompositeMapper = { + serializedName: "Customs", + type: { + name: "Composite", + className: "Customs", + modelProperties: { + ...CustomsPermission.type.modelProperties + } + } +}; + +export const PermissionsCustomsItem: msRest.CompositeMapper = { + serializedName: "Permissions_customsItem", + type: { + name: "Composite", + className: "PermissionsCustomsItem", + modelProperties: { + ...Customs.type.modelProperties + } + } +}; + +export const Permissions: msRest.CompositeMapper = { + serializedName: "Permissions", + type: { + name: "Composite", + className: "Permissions", + modelProperties: { + resourceProvider: { + serializedName: "resourceProvider", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "PermissionsResourceProviderItem" + } + } + } + }, + customs: { + serializedName: "customs", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "PermissionsCustomsItem" + } + } + } + } + } + } +}; + +export const InstructionSteps: msRest.CompositeMapper = { + serializedName: "InstructionSteps", + type: { + name: "Composite", + className: "InstructionSteps", + modelProperties: { + title: { + serializedName: "title", + type: { + name: "String" + } + }, + description: { + serializedName: "description", + type: { + name: "String" + } + }, + instructions: { + serializedName: "instructions", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "InstructionStepsInstructionsItem" + } + } + } + } + } + } +}; + +export const CodelessUiConnectorConfigPropertiesInstructionStepsItem: msRest.CompositeMapper = { + serializedName: "CodelessUiConnectorConfigProperties_instructionStepsItem", + type: { + name: "Composite", + className: "CodelessUiConnectorConfigPropertiesInstructionStepsItem", + modelProperties: { + ...InstructionSteps.type.modelProperties + } + } +}; + +export const CodelessUiConnectorConfigProperties: msRest.CompositeMapper = { + serializedName: "CodelessUiConnectorConfigProperties", + type: { + name: "Composite", + className: "CodelessUiConnectorConfigProperties", + modelProperties: { + title: { + required: true, + serializedName: "title", + type: { + name: "String" + } + }, + publisher: { + required: true, + serializedName: "publisher", + type: { + name: "String" + } + }, + descriptionMarkdown: { + required: true, + serializedName: "descriptionMarkdown", + type: { + name: "String" + } + }, + customImage: { + serializedName: "customImage", + type: { + name: "String" + } + }, + graphQueriesTableName: { + required: true, + serializedName: "graphQueriesTableName", + type: { + name: "String" + } + }, + graphQueries: { + required: true, + serializedName: "graphQueries", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "CodelessUiConnectorConfigPropertiesGraphQueriesItem" + } + } + } + }, + sampleQueries: { + required: true, + serializedName: "sampleQueries", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "CodelessUiConnectorConfigPropertiesSampleQueriesItem" + } + } + } + }, + dataTypes: { + required: true, + serializedName: "dataTypes", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "CodelessUiConnectorConfigPropertiesDataTypesItem" + } + } + } + }, + connectivityCriteria: { + required: true, + serializedName: "connectivityCriteria", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem" + } + } + } + }, + availability: { + required: true, + serializedName: "availability", + type: { + name: "Composite", + className: "Availability" + } + }, + permissions: { + required: true, + serializedName: "permissions", + type: { + name: "Composite", + className: "Permissions" + } + }, + instructionSteps: { + required: true, + serializedName: "instructionSteps", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "CodelessUiConnectorConfigPropertiesInstructionStepsItem" + } + } + } + } + } + } +}; + +export const CodelessUiDataConnector: msRest.CompositeMapper = { + serializedName: "GenericUI", + type: { + name: "Composite", + polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator, + uberParent: "DataConnector", + className: "CodelessUiDataConnector", + modelProperties: { + ...DataConnector.type.modelProperties, + connectorUiConfig: { + serializedName: "properties.connectorUiConfig", + type: { + name: "Composite", + className: "CodelessUiConnectorConfigProperties" + } + } + } + } +}; + +export const RequiredPermissions: msRest.CompositeMapper = { + serializedName: "RequiredPermissions", + type: { + name: "Composite", + className: "RequiredPermissions", + modelProperties: { + action: { + serializedName: "action", + type: { + name: "Boolean" + } + }, + write: { + serializedName: "write", + type: { + name: "Boolean" + } + }, + read: { + serializedName: "read", + type: { + name: "Boolean" + } + }, + deleteProperty: { + serializedName: "delete", + type: { + name: "Boolean" + } + } + } + } +}; + +export const ConnectorInstructionModelBase: msRest.CompositeMapper = { + serializedName: "ConnectorInstructionModelBase", + type: { + name: "Composite", + className: "ConnectorInstructionModelBase", + modelProperties: { + parameters: { + serializedName: "parameters", + type: { + name: "Object" + } + }, + type: { + required: true, + serializedName: "type", + type: { + name: "String" + } + } + } + } +}; + +export const InstructionStepsInstructionsItem: msRest.CompositeMapper = { + serializedName: "InstructionSteps_instructionsItem", + type: { + name: "Composite", + className: "InstructionStepsInstructionsItem", + modelProperties: { + ...ConnectorInstructionModelBase.type.modelProperties + } + } +}; + +export const ThreatIntelligenceInformation: msRest.CompositeMapper = { + serializedName: "ThreatIntelligenceInformation", + type: { + name: "Composite", + polymorphicDiscriminator: { + serializedName: "kind", + clientName: "kind" + }, + uberParent: "ThreatIntelligenceInformation", + className: "ThreatIntelligenceInformation", + modelProperties: { + etag: { + serializedName: "etag", + type: { + name: "String" + } + }, + kind: { + required: true, + serializedName: "kind", + type: { + name: "String" + } + } + } + } +}; + +export const ThreatIntelligenceKillChainPhase: msRest.CompositeMapper = { + serializedName: "ThreatIntelligenceKillChainPhase", + type: { + name: "Composite", + className: "ThreatIntelligenceKillChainPhase", + modelProperties: { + killChainName: { + serializedName: "killChainName", + type: { + name: "String" + } + }, + phaseName: { + serializedName: "phaseName", + type: { + name: "String" + } + } + } + } +}; + +export const ThreatIntelligenceParsedPatternTypeValue: msRest.CompositeMapper = { + serializedName: "ThreatIntelligenceParsedPatternTypeValue", + type: { + name: "Composite", + className: "ThreatIntelligenceParsedPatternTypeValue", + modelProperties: { + valueType: { + serializedName: "valueType", + type: { + name: "String" + } + }, + value: { + serializedName: "value", + type: { + name: "String" + } + } + } + } +}; + +export const ThreatIntelligenceParsedPattern: msRest.CompositeMapper = { + serializedName: "ThreatIntelligenceParsedPattern", + type: { + name: "Composite", + className: "ThreatIntelligenceParsedPattern", + modelProperties: { + patternTypeKey: { + serializedName: "patternTypeKey", + type: { + name: "String" + } + }, + patternTypeValues: { + serializedName: "patternTypeValues", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ThreatIntelligenceParsedPatternTypeValue" + } + } + } + } + } + } +}; + +export const ThreatIntelligenceExternalReference: msRest.CompositeMapper = { + serializedName: "ThreatIntelligenceExternalReference", + type: { + name: "Composite", + className: "ThreatIntelligenceExternalReference", + modelProperties: { + description: { + serializedName: "description", + type: { + name: "String" + } + }, + externalId: { + serializedName: "externalId", + type: { + name: "String" + } + }, + sourceName: { + serializedName: "sourceName", + type: { + name: "String" + } + }, + url: { + serializedName: "url", + type: { + name: "String" + } + }, + hashes: { + serializedName: "hashes", + type: { + name: "Dictionary", + value: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const ThreatIntelligenceGranularMarkingModel: msRest.CompositeMapper = { + serializedName: "ThreatIntelligenceGranularMarkingModel", + type: { + name: "Composite", + className: "ThreatIntelligenceGranularMarkingModel", + modelProperties: { + language: { + serializedName: "language", + type: { + name: "String" + } + }, + markingRef: { + serializedName: "markingRef", + type: { + name: "Number" + } + }, + selectors: { + serializedName: "selectors", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const ThreatIntelligenceIndicatorModel: msRest.CompositeMapper = { + serializedName: "indicator", + type: { + name: "Composite", + polymorphicDiscriminator: ThreatIntelligenceInformation.type.polymorphicDiscriminator, + uberParent: "ThreatIntelligenceInformation", + className: "ThreatIntelligenceIndicatorModel", + modelProperties: { + ...ThreatIntelligenceInformation.type.modelProperties, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + threatIntelligenceTags: { + serializedName: "properties.threatIntelligenceTags", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + lastUpdatedTimeUtc: { + serializedName: "properties.lastUpdatedTimeUtc", + type: { + name: "String" + } + }, + source: { + serializedName: "properties.source", + type: { + name: "String" + } + }, + displayName: { + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + description: { + serializedName: "properties.description", + type: { + name: "String" + } + }, + indicatorTypes: { + serializedName: "properties.indicatorTypes", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + pattern: { + serializedName: "properties.pattern", + type: { + name: "String" + } + }, + patternType: { + serializedName: "properties.patternType", + type: { + name: "String" + } + }, + patternVersion: { + serializedName: "properties.patternVersion", + type: { + name: "String" + } + }, + killChainPhases: { + serializedName: "properties.killChainPhases", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ThreatIntelligenceKillChainPhase" + } + } + } + }, + parsedPattern: { + serializedName: "properties.parsedPattern", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ThreatIntelligenceParsedPattern" + } + } + } + }, + externalId: { + serializedName: "properties.externalId", + type: { + name: "String" + } + }, + createdByRef: { + serializedName: "properties.createdByRef", + type: { + name: "String" + } + }, + defanged: { + serializedName: "properties.defanged", + type: { + name: "Boolean" + } + }, + externalLastUpdatedTimeUtc: { + serializedName: "properties.externalLastUpdatedTimeUtc", + type: { + name: "String" + } + }, + externalReferences: { + serializedName: "properties.externalReferences", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ThreatIntelligenceExternalReference" + } + } + } + }, + granularMarkings: { + serializedName: "properties.granularMarkings", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ThreatIntelligenceGranularMarkingModel" + } + } + } + }, + labels: { + serializedName: "properties.labels", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + revoked: { + serializedName: "properties.revoked", + type: { + name: "Boolean" + } + }, + confidence: { + serializedName: "properties.confidence", + type: { + name: "Number" + } + }, + objectMarkingRefs: { + serializedName: "properties.objectMarkingRefs", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + language: { + serializedName: "properties.language", + type: { + name: "String" + } + }, + threatTypes: { + serializedName: "properties.threatTypes", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + validFrom: { + serializedName: "properties.validFrom", + type: { + name: "String" + } + }, + validUntil: { + serializedName: "properties.validUntil", + type: { + name: "String" + } + }, + created: { + serializedName: "properties.created", + type: { + name: "String" + } + }, + modified: { + serializedName: "properties.modified", + type: { + name: "String" + } + }, + extensions: { + serializedName: "properties.extensions", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + } + } + } +}; + +export const ThreatIntelligenceResourceKind: msRest.CompositeMapper = { + serializedName: "ThreatIntelligenceResourceKind", + type: { + name: "Composite", + className: "ThreatIntelligenceResourceKind", + modelProperties: { + kind: { + required: true, + isConstant: true, + serializedName: "kind", + defaultValue: 'indicator', + type: { + name: "String" + } + } + } + } +}; + +export const ThreatIntelligenceIndicatorModelForRequestBody: msRest.CompositeMapper = { + serializedName: "indicator", + type: { + name: "Composite", + className: "ThreatIntelligenceIndicatorModelForRequestBody", + modelProperties: { + ...ThreatIntelligenceResourceKind.type.modelProperties, + etag: { + serializedName: "etag", + type: { + name: "String" + } + }, + additionalData: { + readOnly: true, + serializedName: "properties.additionalData", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + }, + friendlyName: { + readOnly: true, + serializedName: "properties.friendlyName", + type: { + name: "String" + } + }, + threatIntelligenceTags: { + serializedName: "properties.threatIntelligenceTags", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + lastUpdatedTimeUtc: { + serializedName: "properties.lastUpdatedTimeUtc", + type: { + name: "String" + } + }, + source: { + serializedName: "properties.source", + type: { + name: "String" + } + }, + displayName: { + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + description: { + serializedName: "properties.description", + type: { + name: "String" + } + }, + indicatorTypes: { + serializedName: "properties.indicatorTypes", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + pattern: { + serializedName: "properties.pattern", + type: { + name: "String" + } + }, + patternType: { + serializedName: "properties.patternType", + type: { + name: "String" + } + }, + patternVersion: { + serializedName: "properties.patternVersion", + type: { + name: "String" + } + }, + killChainPhases: { + serializedName: "properties.killChainPhases", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ThreatIntelligenceKillChainPhase" + } + } + } + }, + parsedPattern: { + serializedName: "properties.parsedPattern", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ThreatIntelligenceParsedPattern" + } + } + } + }, + externalId: { + serializedName: "properties.externalId", + type: { + name: "String" + } + }, + createdByRef: { + serializedName: "properties.createdByRef", + type: { + name: "String" + } + }, + defanged: { + serializedName: "properties.defanged", + type: { + name: "Boolean" + } + }, + externalLastUpdatedTimeUtc: { + serializedName: "properties.externalLastUpdatedTimeUtc", + type: { + name: "String" + } + }, + externalReferences: { + serializedName: "properties.externalReferences", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ThreatIntelligenceExternalReference" + } + } + } + }, + granularMarkings: { + serializedName: "properties.granularMarkings", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ThreatIntelligenceGranularMarkingModel" + } + } + } + }, + labels: { + serializedName: "properties.labels", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + revoked: { + serializedName: "properties.revoked", + type: { + name: "Boolean" + } + }, + confidence: { + serializedName: "properties.confidence", + type: { + name: "Number" + } + }, + objectMarkingRefs: { + serializedName: "properties.objectMarkingRefs", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + language: { + serializedName: "properties.language", + type: { + name: "String" + } + }, + threatTypes: { + serializedName: "properties.threatTypes", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + validFrom: { + serializedName: "properties.validFrom", + type: { + name: "String" + } + }, + validUntil: { + serializedName: "properties.validUntil", + type: { + name: "String" + } + }, + created: { + serializedName: "properties.created", + type: { + name: "String" + } + }, + modified: { + serializedName: "properties.modified", + type: { + name: "String" + } + }, + extensions: { + serializedName: "properties.extensions", + type: { + name: "Dictionary", + value: { + type: { + name: "Object" + } + } + } + } + } + } +}; + +export const ThreatIntelligenceSortingCriteria: msRest.CompositeMapper = { + serializedName: "ThreatIntelligenceSortingCriteria", + type: { + name: "Composite", + className: "ThreatIntelligenceSortingCriteria", + modelProperties: { + itemKey: { + serializedName: "itemKey", + type: { + name: "String" + } + }, + sortOrder: { + serializedName: "sortOrder", + type: { + name: "String" + } + } + } + } +}; + +export const ThreatIntelligenceFilteringCriteria: msRest.CompositeMapper = { + serializedName: "ThreatIntelligenceFilteringCriteria", + type: { + name: "Composite", + className: "ThreatIntelligenceFilteringCriteria", + modelProperties: { + pageSize: { + serializedName: "pageSize", + type: { + name: "Number" + } + }, + minConfidence: { + serializedName: "minConfidence", + type: { + name: "Number" + } + }, + maxConfidence: { + serializedName: "maxConfidence", + type: { + name: "Number" + } + }, + minValidUntil: { + serializedName: "minValidUntil", + type: { + name: "String" + } + }, + maxValidUntil: { + serializedName: "maxValidUntil", + type: { + name: "String" + } + }, + includeDisabled: { + serializedName: "includeDisabled", + type: { + name: "Boolean" + } + }, + sortBy: { + serializedName: "sortBy", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ThreatIntelligenceSortingCriteria" + } + } + } + }, + sources: { + serializedName: "sources", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + patternTypes: { + serializedName: "patternTypes", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + threatTypes: { + serializedName: "threatTypes", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + ids: { + serializedName: "ids", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + keywords: { + serializedName: "keywords", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + }, + skipToken: { + serializedName: "skipToken", + type: { + name: "String" + } + } + } + } +}; + +export const ThreatIntelligenceAppendTags: msRest.CompositeMapper = { + serializedName: "ThreatIntelligenceAppendTags", + type: { + name: "Composite", + className: "ThreatIntelligenceAppendTags", + modelProperties: { + threatIntelligenceTags: { + serializedName: "threatIntelligenceTags", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const ThreatIntelligenceMetricEntity: msRest.CompositeMapper = { + serializedName: "ThreatIntelligenceMetricEntity", + type: { + name: "Composite", + className: "ThreatIntelligenceMetricEntity", + modelProperties: { + metricName: { + serializedName: "metricName", + type: { + name: "String" + } + }, + metricValue: { + serializedName: "metricValue", + type: { + name: "Number" + } + } + } + } +}; + +export const ThreatIntelligenceMetric: msRest.CompositeMapper = { + serializedName: "ThreatIntelligenceMetric", + type: { + name: "Composite", + className: "ThreatIntelligenceMetric", + modelProperties: { + lastUpdatedTimeUtc: { + serializedName: "lastUpdatedTimeUtc", + type: { + name: "String" + } + }, + threatTypeMetrics: { + serializedName: "threatTypeMetrics", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ThreatIntelligenceMetricEntity" + } + } + } + }, + patternTypeMetrics: { + serializedName: "patternTypeMetrics", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ThreatIntelligenceMetricEntity" + } + } + } + }, + sourceMetrics: { + serializedName: "sourceMetrics", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ThreatIntelligenceMetricEntity" + } + } + } + } + } + } +}; + +export const ThreatIntelligenceMetrics: msRest.CompositeMapper = { + serializedName: "ThreatIntelligenceMetrics", + type: { + name: "Composite", + className: "ThreatIntelligenceMetrics", + modelProperties: { + properties: { + serializedName: "properties", + type: { + name: "Composite", + className: "ThreatIntelligenceMetric" + } + } + } + } +}; + +export const ThreatIntelligenceMetricsList: msRest.CompositeMapper = { + serializedName: "ThreatIntelligenceMetricsList", + type: { + name: "Composite", + className: "ThreatIntelligenceMetricsList", + modelProperties: { + value: { + required: true, + serializedName: "value", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ThreatIntelligenceMetrics" + } + } + } + } + } + } +}; + +export const OperationDisplay: msRest.CompositeMapper = { + serializedName: "Operation_display", + type: { + name: "Composite", + className: "OperationDisplay", + modelProperties: { + description: { + serializedName: "description", + type: { + name: "String" + } + }, + operation: { + serializedName: "operation", + type: { + name: "String" + } + }, + provider: { + serializedName: "provider", + type: { + name: "String" + } + }, + resource: { + serializedName: "resource", + type: { + name: "String" + } + } + } + } +}; + +export const Operation: msRest.CompositeMapper = { + serializedName: "Operation", + type: { + name: "Composite", + className: "Operation", + modelProperties: { + display: { + serializedName: "display", + type: { + name: "Composite", + className: "OperationDisplay" + } + }, + name: { + serializedName: "name", + type: { + name: "String" + } + }, + origin: { + serializedName: "origin", + type: { + name: "String" + } + }, + isDataAction: { + serializedName: "isDataAction", + type: { + name: "Boolean" + } + } + } + } +}; + +export const OfficeConsent: msRest.CompositeMapper = { + serializedName: "OfficeConsent", + type: { + name: "Composite", + className: "OfficeConsent", + modelProperties: { + ...Resource.type.modelProperties, + tenantId: { + serializedName: "properties.tenantId", + type: { + name: "String" + } + }, + consentId: { + serializedName: "properties.consentId", + type: { + name: "String" + } + } + } + } +}; + +export const EntityQueryTemplate: msRest.CompositeMapper = { + serializedName: "EntityQueryTemplate", + type: { + name: "Composite", + polymorphicDiscriminator: { + serializedName: "kind", + clientName: "kind" + }, + uberParent: "EntityQueryTemplate", + className: "EntityQueryTemplate", + modelProperties: { + ...Resource.type.modelProperties, + kind: { + required: true, + serializedName: "kind", + type: { + name: "String" + } + } + } + } +}; + +export const ActivityEntityQueryTemplatePropertiesQueryDefinitions: msRest.CompositeMapper = { + serializedName: "ActivityEntityQueryTemplateProperties_queryDefinitions", + type: { + name: "Composite", + className: "ActivityEntityQueryTemplatePropertiesQueryDefinitions", + modelProperties: { + query: { + serializedName: "query", + type: { + name: "String" + } + }, + summarizeBy: { + serializedName: "summarizeBy", + type: { + name: "String" + } + } + } + } +}; + +export const DataTypeDefinitions: msRest.CompositeMapper = { + serializedName: "DataTypeDefinitions", + type: { + name: "Composite", + className: "DataTypeDefinitions", + modelProperties: { + dataType: { + serializedName: "dataType", + type: { + name: "String" + } + } + } + } +}; + +export const ActivityEntityQueryTemplate: msRest.CompositeMapper = { + serializedName: "Activity", + type: { + name: "Composite", + polymorphicDiscriminator: EntityQueryTemplate.type.polymorphicDiscriminator, + uberParent: "EntityQueryTemplate", + className: "ActivityEntityQueryTemplate", + modelProperties: { + ...EntityQueryTemplate.type.modelProperties, + title: { + serializedName: "properties.title", + type: { + name: "String" + } + }, + content: { + serializedName: "properties.content", + type: { + name: "String" + } + }, + description: { + serializedName: "properties.description", + type: { + name: "String" + } + }, + queryDefinitions: { + serializedName: "properties.queryDefinitions", + type: { + name: "Composite", + className: "ActivityEntityQueryTemplatePropertiesQueryDefinitions" + } + }, + dataTypes: { + serializedName: "properties.dataTypes", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "DataTypeDefinitions" + } + } + } + }, + inputEntityType: { + serializedName: "properties.inputEntityType", + type: { + name: "String" + } + }, + requiredInputFieldsSets: { + serializedName: "properties.requiredInputFieldsSets", + type: { + name: "Sequence", + element: { + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + }, + entitiesFilter: { + serializedName: "properties.entitiesFilter", + type: { + name: "Dictionary", + value: { + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } + } + } +}; + +export const AlertRulesList: msRest.CompositeMapper = { + serializedName: "AlertRulesList", + type: { + name: "Composite", + className: "AlertRulesList", + modelProperties: { + nextLink: { + readOnly: true, + serializedName: "nextLink", + type: { + name: "String" + } + }, + value: { + required: true, + serializedName: "", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "AlertRule" + } + } + } + } + } + } +}; + +export const ActionsList: msRest.CompositeMapper = { + serializedName: "ActionsList", + type: { + name: "Composite", + className: "ActionsList", + modelProperties: { + nextLink: { + readOnly: true, + serializedName: "nextLink", + type: { + name: "String" + } + }, + value: { + required: true, + serializedName: "", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ActionResponse" + } + } + } + } + } + } +}; + +export const AlertRuleTemplatesList: msRest.CompositeMapper = { + serializedName: "AlertRuleTemplatesList", + type: { + name: "Composite", + className: "AlertRuleTemplatesList", + modelProperties: { + nextLink: { + readOnly: true, + serializedName: "nextLink", + type: { + name: "String" + } + }, + value: { + required: true, + serializedName: "", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "AlertRuleTemplate" + } + } + } + } + } + } +}; + +export const AutomationRulesList: msRest.CompositeMapper = { + serializedName: "AutomationRulesList", + type: { + name: "Composite", + className: "AutomationRulesList", + modelProperties: { + nextLink: { + readOnly: true, + serializedName: "nextLink", + type: { + name: "String" + } + }, + value: { + required: true, + serializedName: "", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "AutomationRule" + } + } + } + } + } + } +}; + +export const BookmarkList: msRest.CompositeMapper = { + serializedName: "BookmarkList", + type: { + name: "Composite", + className: "BookmarkList", + modelProperties: { + nextLink: { + readOnly: true, + serializedName: "nextLink", + type: { + name: "String" + } + }, + value: { + required: true, + serializedName: "", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "Bookmark" + } + } + } + } + } + } +}; + +export const RelationList: msRest.CompositeMapper = { + serializedName: "RelationList", + type: { + name: "Composite", + className: "RelationList", + modelProperties: { + nextLink: { + readOnly: true, + serializedName: "nextLink", + type: { + name: "String" + } + }, + value: { + required: true, + serializedName: "", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "Relation" + } + } + } + } + } + } +}; + +export const EntityQueryList: msRest.CompositeMapper = { + serializedName: "EntityQueryList", + type: { + name: "Composite", + className: "EntityQueryList", + modelProperties: { + nextLink: { + readOnly: true, + serializedName: "nextLink", + type: { + name: "String" + } + }, + value: { + required: true, + serializedName: "", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "EntityQuery" + } + } + } + } + } + } +}; + +export const EntityList: msRest.CompositeMapper = { + serializedName: "EntityList", + type: { + name: "Composite", + className: "EntityList", + modelProperties: { + nextLink: { + readOnly: true, + serializedName: "nextLink", + type: { + name: "String" + } + }, + value: { + required: true, + serializedName: "", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "Entity" + } + } + } + } + } + } +}; + +export const IncidentList: msRest.CompositeMapper = { + serializedName: "IncidentList", + type: { + name: "Composite", + className: "IncidentList", + modelProperties: { + nextLink: { + readOnly: true, + serializedName: "nextLink", + type: { + name: "String" + } + }, + value: { + required: true, + serializedName: "", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "Incident" + } + } + } + } + } + } +}; + +export const IncidentCommentList: msRest.CompositeMapper = { + serializedName: "IncidentCommentList", + type: { + name: "Composite", + className: "IncidentCommentList", + modelProperties: { + nextLink: { + readOnly: true, + serializedName: "nextLink", + type: { + name: "String" + } + }, + value: { + required: true, + serializedName: "", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "IncidentComment" + } + } + } + } + } + } +}; + +export const MetadataList: msRest.CompositeMapper = { + serializedName: "MetadataList", + type: { + name: "Composite", + className: "MetadataList", + modelProperties: { + value: { + required: true, + serializedName: "", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "MetadataModel" + } + } + } + }, + nextLink: { + readOnly: true, + serializedName: "nextLink", + type: { + name: "String" + } + } + } + } +}; + +export const RepoList: msRest.CompositeMapper = { + serializedName: "RepoList", + type: { + name: "Composite", + className: "RepoList", + modelProperties: { + nextLink: { + readOnly: true, + serializedName: "nextLink", + type: { + name: "String" + } + }, + value: { + required: true, + serializedName: "", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "Repo" + } + } + } + } + } + } +}; + +export const SourceControlList: msRest.CompositeMapper = { + serializedName: "SourceControlList", + type: { + name: "Composite", + className: "SourceControlList", + modelProperties: { + nextLink: { + readOnly: true, + serializedName: "nextLink", + type: { + name: "String" + } + }, + value: { + required: true, + serializedName: "", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "SourceControl" + } + } + } + } + } + } +}; + +export const WatchlistList: msRest.CompositeMapper = { + serializedName: "WatchlistList", + type: { + name: "Composite", + className: "WatchlistList", + modelProperties: { + nextLink: { + readOnly: true, + serializedName: "nextLink", + type: { + name: "String" + } + }, + value: { + required: true, + serializedName: "", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "Watchlist" + } + } + } + } + } + } +}; + +export const WatchlistItemList: msRest.CompositeMapper = { + serializedName: "WatchlistItemList", + type: { + name: "Composite", + className: "WatchlistItemList", + modelProperties: { + nextLink: { + readOnly: true, + serializedName: "nextLink", + type: { + name: "String" + } + }, + value: { + required: true, + serializedName: "", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "WatchlistItem" + } + } + } + } + } + } +}; + +export const DataConnectorList: msRest.CompositeMapper = { + serializedName: "DataConnectorList", + type: { + name: "Composite", + className: "DataConnectorList", + modelProperties: { + nextLink: { + readOnly: true, + serializedName: "nextLink", + type: { + name: "String" + } + }, + value: { + required: true, + serializedName: "", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "DataConnector" + } + } + } + } + } + } +}; + +export const ThreatIntelligenceInformationList: msRest.CompositeMapper = { + serializedName: "ThreatIntelligenceInformationList", + type: { + name: "Composite", + className: "ThreatIntelligenceInformationList", + modelProperties: { + nextLink: { + readOnly: true, + serializedName: "nextLink", + type: { + name: "String" + } + }, + value: { + required: true, + serializedName: "", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ThreatIntelligenceInformation" + } + } + } + } + } + } +}; + +export const OperationsList: msRest.CompositeMapper = { + serializedName: "OperationsList", + type: { + name: "Composite", + className: "OperationsList", + modelProperties: { + nextLink: { + readOnly: true, + serializedName: "nextLink", + type: { + name: "String" + } + }, + value: { + required: true, + serializedName: "", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "Operation" + } + } + } + } + } + } +}; + +export const OfficeConsentList: msRest.CompositeMapper = { + serializedName: "OfficeConsentList", + type: { + name: "Composite", + className: "OfficeConsentList", + modelProperties: { + nextLink: { + readOnly: true, + serializedName: "nextLink", + type: { + name: "String" + } + }, + value: { + required: true, + serializedName: "", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "OfficeConsent" + } + } + } + } + } + } +}; + +export const EntityQueryTemplateList: msRest.CompositeMapper = { + serializedName: "EntityQueryTemplateList", + type: { + name: "Composite", + className: "EntityQueryTemplateList", + modelProperties: { + nextLink: { + readOnly: true, + serializedName: "nextLink", + type: { + name: "String" + } + }, + value: { + required: true, + serializedName: "", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "EntityQueryTemplate" + } + } + } + } + } + } +}; + +export const discriminators = { + 'AlertRule' : AlertRule, + 'AlertRuleTemplate' : AlertRuleTemplate, + 'AlertRule.MLBehaviorAnalytics' : MLBehaviorAnalyticsAlertRule, + 'AlertRuleTemplate.MLBehaviorAnalytics' : MLBehaviorAnalyticsAlertRuleTemplate, + 'AlertRule.Fusion' : FusionAlertRule, + 'AlertRuleTemplate.Fusion' : FusionAlertRuleTemplate, + 'AlertRule.ThreatIntelligence' : ThreatIntelligenceAlertRule, + 'AlertRuleTemplate.ThreatIntelligence' : ThreatIntelligenceAlertRuleTemplate, + 'AlertRule.MicrosoftSecurityIncidentCreation' : MicrosoftSecurityIncidentCreationAlertRule, + 'AlertRuleTemplate.MicrosoftSecurityIncidentCreation' : MicrosoftSecurityIncidentCreationAlertRuleTemplate, + 'AlertRuleTemplate.Scheduled' : ScheduledAlertRuleTemplate, + 'AlertRuleTemplate.NRT' : NrtAlertRuleTemplate, + 'AlertRule.Scheduled' : ScheduledAlertRule, + 'AlertRule.NRT' : NrtAlertRule, + 'AutomationRuleCondition' : AutomationRuleCondition, + 'AutomationRuleAction' : AutomationRuleAction, + 'AutomationRuleAction.RunPlaybook' : AutomationRuleRunPlaybookAction, + 'AutomationRuleAction.ModifyProperties' : AutomationRuleModifyPropertiesAction, + 'AutomationRuleCondition.Property' : AutomationRulePropertyValuesCondition, + 'Entity' : Entity, + 'Entity.Url' : UrlEntity, + 'Entity.SubmissionMail' : SubmissionMailEntity, + 'Entity.SecurityGroup' : SecurityGroupEntity, + 'Entity.SecurityAlert' : SecurityAlert, + 'Entity.RegistryValue' : RegistryValueEntity, + 'Entity.RegistryKey' : RegistryKeyEntity, + 'Entity.Process' : ProcessEntity, + 'Entity.Malware' : MalwareEntity, + 'Entity.MailMessage' : MailMessageEntity, + 'Entity.MailCluster' : MailClusterEntity, + 'Entity.Mailbox' : MailboxEntity, + 'Entity.Ip' : IpEntity, + 'Entity.IoTDevice' : IoTDeviceEntity, + 'Entity.Bookmark' : HuntingBookmark, + 'Entity.Host' : HostEntity, + 'Entity.FileHash' : FileHashEntity, + 'Entity.File' : FileEntity, + 'Entity.DnsResolution' : DnsEntity, + 'Entity.CloudApplication' : CloudApplicationEntity, + 'Entity.AzureResource' : AzureResourceEntity, + 'Entity.Account' : AccountEntity, + 'EntityQuery' : EntityQuery, + 'CustomEntityQuery' : CustomEntityQuery, + 'EntityQuery.Expansion' : ExpansionEntityQuery, + 'EntityQuery.Activity' : ActivityEntityQuery, + 'CustomEntityQuery.Activity' : ActivityCustomEntityQuery, + 'EntityTimelineItem.Activity' : ActivityTimelineItem, + 'EntityTimelineItem.Bookmark' : BookmarkTimelineItem, + 'EntityTimelineItem' : EntityTimelineItem, + 'EntityQueryItem' : EntityQueryItem, + 'EntityQueryItem.Insight' : InsightQueryItem, + 'EntityTimelineItem.SecurityAlert' : SecurityAlertTimelineItem, + 'Settings' : Settings, + 'Settings.Anomalies' : Anomalies, + 'Settings.EyesOn' : EyesOn, + 'Settings.EntityAnalytics' : EntityAnalytics, + 'Settings.Ueba' : Ueba, + 'DataConnectorsCheckRequirements.AzureActiveDirectory' : AADCheckRequirements, + 'DataConnectorsCheckRequirements.AzureAdvancedThreatProtection' : AATPCheckRequirements, + 'DataConnectorsCheckRequirements.AzureSecurityCenter' : ASCCheckRequirements, + 'DataConnectorsCheckRequirements.AmazonWebServicesCloudTrail' : AwsCloudTrailCheckRequirements, + 'DataConnectorsCheckRequirements.AmazonWebServicesS3' : AwsS3CheckRequirements, + 'DataConnectorsCheckRequirements' : DataConnectorsCheckRequirements, + 'DataConnectorsCheckRequirements.Dynamics365' : Dynamics365CheckRequirements, + 'DataConnectorsCheckRequirements.MicrosoftCloudAppSecurity' : MCASCheckRequirements, + 'DataConnectorsCheckRequirements.MicrosoftDefenderAdvancedThreatProtection' : MDATPCheckRequirements, + 'DataConnectorsCheckRequirements.MicrosoftThreatIntelligence' : MSTICheckRequirements, + 'DataConnectorsCheckRequirements.MicrosoftThreatProtection' : MtpCheckRequirements, + 'DataConnectorsCheckRequirements.OfficeATP' : OfficeATPCheckRequirements, + 'DataConnectorsCheckRequirements.ThreatIntelligence' : TICheckRequirements, + 'DataConnectorsCheckRequirements.ThreatIntelligenceTaxii' : TiTaxiiCheckRequirements, + 'DataConnector.AzureActiveDirectory' : AADDataConnector, + 'DataConnector.MicrosoftThreatIntelligence' : MSTIDataConnector, + 'DataConnector.MicrosoftThreatProtection' : MTPDataConnector, + 'DataConnector.AzureAdvancedThreatProtection' : AATPDataConnector, + 'DataConnector.AzureSecurityCenter' : ASCDataConnector, + 'DataConnector.AmazonWebServicesCloudTrail' : AwsCloudTrailDataConnector, + 'DataConnector.AmazonWebServicesS3' : AwsS3DataConnector, + 'DataConnector' : DataConnector, + 'DataConnector.MicrosoftCloudAppSecurity' : MCASDataConnector, + 'DataConnector.Dynamics365' : Dynamics365DataConnector, + 'DataConnector.OfficeATP' : OfficeATPDataConnector, + 'DataConnector.MicrosoftDefenderAdvancedThreatProtection' : MDATPDataConnector, + 'DataConnector.Office365' : OfficeDataConnector, + 'DataConnector.ThreatIntelligence' : TIDataConnector, + 'DataConnector.ThreatIntelligenceTaxii' : TiTaxiiDataConnector, + 'DataConnector.GenericUI' : CodelessUiDataConnector, + 'ThreatIntelligenceInformation' : ThreatIntelligenceInformation, + 'ThreatIntelligenceInformation.indicator' : ThreatIntelligenceIndicatorModel, + 'EntityQueryTemplate' : EntityQueryTemplate, + 'EntityQueryTemplate.Activity' : ActivityEntityQueryTemplate + +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/metadataMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/metadataMappers.ts new file mode 100644 index 000000000000..a3cd1c6cecb4 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/metadataMappers.ts @@ -0,0 +1,178 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataList, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/officeConsentsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/officeConsentsMappers.ts new file mode 100644 index 000000000000..5b5b0f1e0753 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/officeConsentsMappers.ts @@ -0,0 +1,178 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeConsentList, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/operationsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/operationsMappers.ts new file mode 100644 index 000000000000..001da350966e --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/operationsMappers.ts @@ -0,0 +1,17 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + Operation, + OperationDisplay, + OperationsList +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/parameters.ts b/sdk/securityinsight/arm-securityinsight/src/models/parameters.ts new file mode 100644 index 000000000000..9b8c05de44f5 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/parameters.ts @@ -0,0 +1,400 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; + +export const acceptLanguage: msRest.OperationParameter = { + parameterPath: "acceptLanguage", + mapper: { + serializedName: "accept-language", + defaultValue: 'en-US', + type: { + name: "String" + } + } +}; +export const actionId: msRest.OperationURLParameter = { + parameterPath: "actionId", + mapper: { + required: true, + serializedName: "actionId", + type: { + name: "String" + } + } +}; +export const alertRuleTemplateId: msRest.OperationURLParameter = { + parameterPath: "alertRuleTemplateId", + mapper: { + required: true, + serializedName: "alertRuleTemplateId", + type: { + name: "String" + } + } +}; +export const apiVersion: msRest.OperationQueryParameter = { + parameterPath: "apiVersion", + mapper: { + required: true, + serializedName: "api-version", + constraints: { + MinLength: 1 + }, + type: { + name: "String" + } + } +}; +export const automationRuleId: msRest.OperationURLParameter = { + parameterPath: "automationRuleId", + mapper: { + required: true, + serializedName: "automationRuleId", + type: { + name: "String" + } + } +}; +export const bookmarkId: msRest.OperationURLParameter = { + parameterPath: "bookmarkId", + mapper: { + required: true, + serializedName: "bookmarkId", + type: { + name: "String" + } + } +}; +export const consentId: msRest.OperationURLParameter = { + parameterPath: "consentId", + mapper: { + required: true, + serializedName: "consentId", + type: { + name: "String" + } + } +}; +export const dataConnectorId: msRest.OperationURLParameter = { + parameterPath: "dataConnectorId", + mapper: { + required: true, + serializedName: "dataConnectorId", + type: { + name: "String" + } + } +}; +export const domain: msRest.OperationQueryParameter = { + parameterPath: "domain", + mapper: { + required: true, + serializedName: "domain", + type: { + name: "String" + } + } +}; +export const entityId: msRest.OperationURLParameter = { + parameterPath: "entityId", + mapper: { + required: true, + serializedName: "entityId", + type: { + name: "String" + } + } +}; +export const entityQueryId: msRest.OperationURLParameter = { + parameterPath: "entityQueryId", + mapper: { + required: true, + serializedName: "entityQueryId", + type: { + name: "String" + } + } +}; +export const entityQueryTemplateId: msRest.OperationURLParameter = { + parameterPath: "entityQueryTemplateId", + mapper: { + required: true, + serializedName: "entityQueryTemplateId", + type: { + name: "String" + } + } +}; +export const filter: msRest.OperationQueryParameter = { + parameterPath: [ + "options", + "filter" + ], + mapper: { + serializedName: "$filter", + type: { + name: "String" + } + } +}; +export const incidentCommentId: msRest.OperationURLParameter = { + parameterPath: "incidentCommentId", + mapper: { + required: true, + serializedName: "incidentCommentId", + type: { + name: "String" + } + } +}; +export const incidentId: msRest.OperationURLParameter = { + parameterPath: "incidentId", + mapper: { + required: true, + serializedName: "incidentId", + type: { + name: "String" + } + } +}; +export const ipAddress: msRest.OperationQueryParameter = { + parameterPath: "ipAddress", + mapper: { + required: true, + serializedName: "ipAddress", + type: { + name: "String" + } + } +}; +export const kind0: msRest.OperationQueryParameter = { + parameterPath: [ + "options", + "kind" + ], + mapper: { + serializedName: "kind", + type: { + name: "String" + } + } +}; +export const kind1: msRest.OperationQueryParameter = { + parameterPath: "kind", + mapper: { + required: true, + isConstant: true, + serializedName: "kind", + defaultValue: 'Insight', + type: { + name: "String" + } + } +}; +export const metadataName: msRest.OperationURLParameter = { + parameterPath: "metadataName", + mapper: { + required: true, + serializedName: "metadataName", + type: { + name: "String" + } + } +}; +export const name: msRest.OperationURLParameter = { + parameterPath: "name", + mapper: { + required: true, + serializedName: "name", + type: { + name: "String" + } + } +}; +export const nextPageLink: msRest.OperationURLParameter = { + parameterPath: "nextPageLink", + mapper: { + required: true, + serializedName: "nextLink", + type: { + name: "String" + } + }, + skipEncoding: true +}; +export const operationalInsightsResourceProvider: msRest.OperationURLParameter = { + parameterPath: "operationalInsightsResourceProvider", + mapper: { + required: true, + serializedName: "operationalInsightsResourceProvider", + type: { + name: "String" + } + } +}; +export const orderby: msRest.OperationQueryParameter = { + parameterPath: [ + "options", + "orderby" + ], + mapper: { + serializedName: "$orderby", + type: { + name: "String" + } + } +}; +export const relationName: msRest.OperationURLParameter = { + parameterPath: "relationName", + mapper: { + required: true, + serializedName: "relationName", + type: { + name: "String" + } + } +}; +export const resourceGroupName: msRest.OperationURLParameter = { + parameterPath: "resourceGroupName", + mapper: { + required: true, + serializedName: "resourceGroupName", + constraints: { + MaxLength: 90, + MinLength: 1 + }, + type: { + name: "String" + } + } +}; +export const ruleId: msRest.OperationURLParameter = { + parameterPath: "ruleId", + mapper: { + required: true, + serializedName: "ruleId", + type: { + name: "String" + } + } +}; +export const sentinelOnboardingStateName: msRest.OperationURLParameter = { + parameterPath: "sentinelOnboardingStateName", + mapper: { + required: true, + serializedName: "sentinelOnboardingStateName", + type: { + name: "String" + } + } +}; +export const settingsName: msRest.OperationURLParameter = { + parameterPath: "settingsName", + mapper: { + required: true, + serializedName: "settingsName", + type: { + name: "String" + } + } +}; +export const skip: msRest.OperationQueryParameter = { + parameterPath: [ + "options", + "skip" + ], + mapper: { + serializedName: "$skip", + type: { + name: "Number" + } + } +}; +export const skipToken: msRest.OperationQueryParameter = { + parameterPath: [ + "options", + "skipToken" + ], + mapper: { + serializedName: "$skipToken", + type: { + name: "String" + } + } +}; +export const sourceControlId: msRest.OperationURLParameter = { + parameterPath: "sourceControlId", + mapper: { + required: true, + serializedName: "sourceControlId", + type: { + name: "String" + } + } +}; +export const subscriptionId: msRest.OperationURLParameter = { + parameterPath: "subscriptionId", + mapper: { + required: true, + serializedName: "subscriptionId", + constraints: { + MinLength: 1 + }, + type: { + name: "String" + } + } +}; +export const top: msRest.OperationQueryParameter = { + parameterPath: [ + "options", + "top" + ], + mapper: { + serializedName: "$top", + type: { + name: "Number" + } + } +}; +export const watchlistAlias: msRest.OperationURLParameter = { + parameterPath: "watchlistAlias", + mapper: { + required: true, + serializedName: "watchlistAlias", + type: { + name: "String" + } + } +}; +export const watchlistItemId: msRest.OperationURLParameter = { + parameterPath: "watchlistItemId", + mapper: { + required: true, + serializedName: "watchlistItemId", + type: { + name: "String" + } + } +}; +export const workspaceName: msRest.OperationURLParameter = { + parameterPath: "workspaceName", + mapper: { + required: true, + serializedName: "workspaceName", + constraints: { + MaxLength: 90, + MinLength: 1 + }, + type: { + name: "String" + } + } +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/productSettingsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/productSettingsMappers.ts new file mode 100644 index 000000000000..13c357f0982f --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/productSettingsMappers.ts @@ -0,0 +1,178 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + SettingList, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/sentinelOnboardingStatesMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/sentinelOnboardingStatesMappers.ts new file mode 100644 index 000000000000..626a0c21b16a --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/sentinelOnboardingStatesMappers.ts @@ -0,0 +1,178 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + SentinelOnboardingStatesList, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/sourceControlOperationsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/sourceControlOperationsMappers.ts new file mode 100644 index 000000000000..f7faa8a866dc --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/sourceControlOperationsMappers.ts @@ -0,0 +1,16 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + Repo, + RepoList +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/sourceControlsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/sourceControlsMappers.ts new file mode 100644 index 000000000000..1f3866701d12 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/sourceControlsMappers.ts @@ -0,0 +1,178 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + Settings, + SourceControl, + SourceControlList, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/threatIntelligenceIndicatorMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/threatIntelligenceIndicatorMappers.ts new file mode 100644 index 000000000000..dc1ecbc5ee2f --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/threatIntelligenceIndicatorMappers.ts @@ -0,0 +1,27 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + ThreatIntelligenceAppendTags, + ThreatIntelligenceExternalReference, + ThreatIntelligenceFilteringCriteria, + ThreatIntelligenceGranularMarkingModel, + ThreatIntelligenceIndicatorModel, + ThreatIntelligenceIndicatorModelForRequestBody, + ThreatIntelligenceInformation, + ThreatIntelligenceInformationList, + ThreatIntelligenceKillChainPhase, + ThreatIntelligenceParsedPattern, + ThreatIntelligenceParsedPatternTypeValue, + ThreatIntelligenceResourceKind, + ThreatIntelligenceSortingCriteria +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/threatIntelligenceIndicatorMetricsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/threatIntelligenceIndicatorMetricsMappers.ts new file mode 100644 index 000000000000..8a6f4da5c15f --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/threatIntelligenceIndicatorMetricsMappers.ts @@ -0,0 +1,18 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + ThreatIntelligenceMetric, + ThreatIntelligenceMetricEntity, + ThreatIntelligenceMetrics, + ThreatIntelligenceMetricsList +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/threatIntelligenceIndicatorsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/threatIntelligenceIndicatorsMappers.ts new file mode 100644 index 000000000000..1bb5a990e0d3 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/threatIntelligenceIndicatorsMappers.ts @@ -0,0 +1,22 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + ThreatIntelligenceExternalReference, + ThreatIntelligenceGranularMarkingModel, + ThreatIntelligenceIndicatorModel, + ThreatIntelligenceInformation, + ThreatIntelligenceInformationList, + ThreatIntelligenceKillChainPhase, + ThreatIntelligenceParsedPattern, + ThreatIntelligenceParsedPatternTypeValue +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/watchlistItemsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/watchlistItemsMappers.ts new file mode 100644 index 000000000000..feaafbd46605 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/watchlistItemsMappers.ts @@ -0,0 +1,178 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem, + WatchlistItemList +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/models/watchlistsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/watchlistsMappers.ts new file mode 100644 index 000000000000..b4a90250018a --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/models/watchlistsMappers.ts @@ -0,0 +1,178 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +export { + discriminators, + AADDataConnector, + AATPDataConnector, + AccountEntity, + ActionRequest, + ActionResponse, + ActivityCustomEntityQuery, + ActivityEntityQueriesPropertiesQueryDefinitions, + ActivityEntityQuery, + ActivityEntityQueryTemplate, + ActivityEntityQueryTemplatePropertiesQueryDefinitions, + AlertDetailsOverride, + AlertRule, + AlertRuleTemplate, + AlertRuleTemplateDataSource, + AlertsDataTypeOfDataConnector, + Anomalies, + ASCDataConnector, + AutomationRule, + AutomationRuleAction, + AutomationRuleCondition, + AutomationRuleModifyPropertiesAction, + AutomationRuleModifyPropertiesActionActionConfiguration, + AutomationRulePropertyValuesCondition, + AutomationRulePropertyValuesConditionConditionProperties, + AutomationRuleRunPlaybookAction, + AutomationRuleRunPlaybookActionActionConfiguration, + AutomationRuleTriggeringLogic, + Availability, + AwsCloudTrailDataConnector, + AwsCloudTrailDataConnectorDataTypes, + AwsCloudTrailDataConnectorDataTypesLogs, + AwsS3DataConnector, + AwsS3DataConnectorDataTypes, + AwsS3DataConnectorDataTypesLogs, + AzureEntityResource, + AzureResourceEntity, + BaseResource, + Bookmark, + ClientInfo, + CloudApplicationEntity, + CodelessUiConnectorConfigProperties, + CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem, + CodelessUiConnectorConfigPropertiesDataTypesItem, + CodelessUiConnectorConfigPropertiesGraphQueriesItem, + CodelessUiConnectorConfigPropertiesInstructionStepsItem, + CodelessUiConnectorConfigPropertiesSampleQueriesItem, + CodelessUiDataConnector, + ConnectivityCriteria, + ConnectorInstructionModelBase, + ContentPathMap, + CustomEntityQuery, + Customs, + CustomsPermission, + DataConnector, + DataConnectorDataTypeCommon, + DataTypeDefinitions, + DnsEntity, + Dynamics365DataConnector, + Dynamics365DataConnectorDataTypes, + Dynamics365DataConnectorDataTypesDynamics365CdsActivities, + Entity, + EntityAnalytics, + EntityMapping, + EntityQuery, + EntityQueryTemplate, + ErrorAdditionalInfo, + ErrorDetail, + ErrorResponse, + EventGroupingSettings, + ExpansionEntityQuery, + EyesOn, + FieldMapping, + FileEntity, + FileHashEntity, + FusionAlertRule, + FusionAlertRuleTemplate, + GeoLocation, + GraphQueries, + GroupingConfiguration, + HostEntity, + HuntingBookmark, + Incident, + IncidentAdditionalData, + IncidentComment, + IncidentConfiguration, + IncidentInfo, + IncidentLabel, + IncidentOwnerInfo, + InstructionSteps, + InstructionStepsInstructionsItem, + IoTDeviceEntity, + IpEntity, + LastDataReceivedDataType, + MailboxEntity, + MailClusterEntity, + MailMessageEntity, + MalwareEntity, + MCASDataConnector, + MCASDataConnectorDataTypes, + MDATPDataConnector, + MetadataAuthor, + MetadataCategories, + MetadataDependencies, + MetadataModel, + MetadataPatch, + MetadataSource, + MetadataSupport, + MicrosoftSecurityIncidentCreationAlertRule, + MicrosoftSecurityIncidentCreationAlertRuleTemplate, + MLBehaviorAnalyticsAlertRule, + MLBehaviorAnalyticsAlertRuleTemplate, + MSTIDataConnector, + MSTIDataConnectorDataTypes, + MSTIDataConnectorDataTypesBingSafetyPhishingURL, + MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed, + MTPDataConnector, + MTPDataConnectorDataTypes, + MTPDataConnectorDataTypesIncidents, + NrtAlertRule, + NrtAlertRuleTemplate, + OfficeATPDataConnector, + OfficeConsent, + OfficeDataConnector, + OfficeDataConnectorDataTypes, + OfficeDataConnectorDataTypesExchange, + OfficeDataConnectorDataTypesSharePoint, + OfficeDataConnectorDataTypesTeams, + Permissions, + PermissionsCustomsItem, + PermissionsResourceProviderItem, + ProcessEntity, + ProxyResource, + RegistryKeyEntity, + RegistryValueEntity, + Relation, + Repository, + RequiredPermissions, + Resource, + ResourceProvider, + ResourceWithEtag, + SampleQueries, + ScheduledAlertRule, + ScheduledAlertRuleTemplate, + SecurityAlert, + SecurityAlertPropertiesConfidenceReasonsItem, + SecurityGroupEntity, + SentinelOnboardingState, + Settings, + SourceControl, + SubmissionMailEntity, + SystemData, + ThreatIntelligence, + ThreatIntelligenceAlertRule, + ThreatIntelligenceAlertRuleTemplate, + TIDataConnector, + TIDataConnectorDataTypes, + TIDataConnectorDataTypesIndicators, + TiTaxiiDataConnector, + TiTaxiiDataConnectorDataTypes, + TiTaxiiDataConnectorDataTypesTaxiiClient, + TrackedResource, + Ueba, + UrlEntity, + UserInfo, + Watchlist, + WatchlistItem, + WatchlistList +} from "../models/mappers"; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/actions.ts b/sdk/securityinsight/arm-securityinsight/src/operations/actions.ts new file mode 100644 index 000000000000..05cf6aa2903c --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/actions.ts @@ -0,0 +1,389 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/actionsMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a Actions. */ +export class Actions { + private readonly client: SecurityInsightsContext; + + /** + * Create a Actions. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Gets all actions of alert rule. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param [options] The optional parameters + * @returns Promise + */ + listByAlertRule(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param callback The callback + */ + listByAlertRule(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param options The optional parameters + * @param callback The callback + */ + listByAlertRule(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + listByAlertRule(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + ruleId, + options + }, + listByAlertRuleOperationSpec, + callback) as Promise; + } + + /** + * Gets the action of alert rule. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param actionId Action ID + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, actionId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param actionId Action ID + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, actionId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param actionId Action ID + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, actionId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, actionId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + ruleId, + actionId, + options + }, + getOperationSpec, + callback) as Promise; + } + + /** + * Creates or updates the action of alert rule. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param actionId Action ID + * @param action The action + * @param [options] The optional parameters + * @returns Promise + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, actionId: string, action: Models.ActionRequest, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param actionId Action ID + * @param action The action + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, actionId: string, action: Models.ActionRequest, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param actionId Action ID + * @param action The action + * @param options The optional parameters + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, actionId: string, action: Models.ActionRequest, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, actionId: string, action: Models.ActionRequest, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + ruleId, + actionId, + action, + options + }, + createOrUpdateOperationSpec, + callback) as Promise; + } + + /** + * Delete the action of alert rule. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param actionId Action ID + * @param [options] The optional parameters + * @returns Promise + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, actionId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param actionId Action ID + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, actionId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param actionId Action ID + * @param options The optional parameters + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, actionId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, actionId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + ruleId, + actionId, + options + }, + deleteMethodOperationSpec, + callback); + } + + /** + * Gets all actions of alert rule. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listByAlertRuleNext(nextPageLink: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listByAlertRuleNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listByAlertRuleNext(nextPageLink: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + listByAlertRuleNext(nextPageLink: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listByAlertRuleNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listByAlertRuleOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.ruleId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.ActionsList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.ruleId, + Parameters.actionId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.ActionResponse + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const createOrUpdateOperationSpec: msRest.OperationSpec = { + httpMethod: "PUT", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.ruleId, + Parameters.actionId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "action", + mapper: { + ...Mappers.ActionRequest, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.ActionResponse + }, + 201: { + bodyMapper: Mappers.ActionResponse + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const deleteMethodOperationSpec: msRest.OperationSpec = { + httpMethod: "DELETE", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.ruleId, + Parameters.actionId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listByAlertRuleNextOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.ActionsList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/alertRuleTemplates.ts b/sdk/securityinsight/arm-securityinsight/src/operations/alertRuleTemplates.ts new file mode 100644 index 000000000000..e06970faedaa --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/alertRuleTemplates.ts @@ -0,0 +1,216 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/alertRuleTemplatesMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a AlertRuleTemplates. */ +export class AlertRuleTemplates { + private readonly client: SecurityInsightsContext; + + /** + * Create a AlertRuleTemplates. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Gets all alert rule templates. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + options + }, + listOperationSpec, + callback) as Promise; + } + + /** + * Gets the alert rule template. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param alertRuleTemplateId Alert rule template ID + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, alertRuleTemplateId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param alertRuleTemplateId Alert rule template ID + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, alertRuleTemplateId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param alertRuleTemplateId Alert rule template ID + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, alertRuleTemplateId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, alertRuleTemplateId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + alertRuleTemplateId, + options + }, + getOperationSpec, + callback) as Promise; + } + + /** + * Gets all alert rule templates. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listNext(nextPageLink: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRuleTemplates", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.AlertRuleTemplatesList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRuleTemplates/{alertRuleTemplateId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.alertRuleTemplateId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.AlertRuleTemplate + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listNextOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.AlertRuleTemplatesList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/alertRules.ts b/sdk/securityinsight/arm-securityinsight/src/operations/alertRules.ts new file mode 100644 index 000000000000..113887bc5730 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/alertRules.ts @@ -0,0 +1,369 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/alertRulesMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a AlertRules. */ +export class AlertRules { + private readonly client: SecurityInsightsContext; + + /** + * Create a AlertRules. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Gets all alert rules. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + options + }, + listOperationSpec, + callback) as Promise; + } + + /** + * Gets the alert rule. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + ruleId, + options + }, + getOperationSpec, + callback) as Promise; + } + + /** + * Creates or updates the alert rule. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param alertRule The alert rule + * @param [options] The optional parameters + * @returns Promise + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, alertRule: Models.AlertRuleUnion, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param alertRule The alert rule + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, alertRule: Models.AlertRuleUnion, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param alertRule The alert rule + * @param options The optional parameters + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, alertRule: Models.AlertRuleUnion, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, alertRule: Models.AlertRuleUnion, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + ruleId, + alertRule, + options + }, + createOrUpdateOperationSpec, + callback) as Promise; + } + + /** + * Delete the alert rule. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param [options] The optional parameters + * @returns Promise + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param options The optional parameters + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, ruleId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + ruleId, + options + }, + deleteMethodOperationSpec, + callback); + } + + /** + * Gets all alert rules. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listNext(nextPageLink: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.AlertRulesList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.ruleId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.AlertRule + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const createOrUpdateOperationSpec: msRest.OperationSpec = { + httpMethod: "PUT", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.ruleId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "alertRule", + mapper: { + ...Mappers.AlertRule, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.AlertRule + }, + 201: { + bodyMapper: Mappers.AlertRule + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const deleteMethodOperationSpec: msRest.OperationSpec = { + httpMethod: "DELETE", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.ruleId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listNextOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.AlertRulesList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/automationRules.ts b/sdk/securityinsight/arm-securityinsight/src/operations/automationRules.ts new file mode 100644 index 000000000000..280ea58c37fe --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/automationRules.ts @@ -0,0 +1,369 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/automationRulesMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a AutomationRules. */ +export class AutomationRules { + private readonly client: SecurityInsightsContext; + + /** + * Create a AutomationRules. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Gets all automation rules. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + options + }, + listOperationSpec, + callback) as Promise; + } + + /** + * Gets the automation rule. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param automationRuleId Automation rule ID + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, automationRuleId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param automationRuleId Automation rule ID + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, automationRuleId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param automationRuleId Automation rule ID + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, automationRuleId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, automationRuleId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + automationRuleId, + options + }, + getOperationSpec, + callback) as Promise; + } + + /** + * Creates or updates the automation rule. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param automationRuleId Automation rule ID + * @param automationRule The automation rule + * @param [options] The optional parameters + * @returns Promise + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, automationRuleId: string, automationRule: Models.AutomationRule, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param automationRuleId Automation rule ID + * @param automationRule The automation rule + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, automationRuleId: string, automationRule: Models.AutomationRule, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param automationRuleId Automation rule ID + * @param automationRule The automation rule + * @param options The optional parameters + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, automationRuleId: string, automationRule: Models.AutomationRule, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, automationRuleId: string, automationRule: Models.AutomationRule, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + automationRuleId, + automationRule, + options + }, + createOrUpdateOperationSpec, + callback) as Promise; + } + + /** + * Delete the automation rule. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param automationRuleId Automation rule ID + * @param [options] The optional parameters + * @returns Promise + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, automationRuleId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param automationRuleId Automation rule ID + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, automationRuleId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param automationRuleId Automation rule ID + * @param options The optional parameters + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, automationRuleId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, automationRuleId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + automationRuleId, + options + }, + deleteMethodOperationSpec, + callback); + } + + /** + * Gets all automation rules. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listNext(nextPageLink: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/automationRules", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.AutomationRulesList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/automationRules/{automationRuleId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.automationRuleId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.AutomationRule + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const createOrUpdateOperationSpec: msRest.OperationSpec = { + httpMethod: "PUT", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/automationRules/{automationRuleId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.automationRuleId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "automationRule", + mapper: { + ...Mappers.AutomationRule, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.AutomationRule + }, + 201: { + bodyMapper: Mappers.AutomationRule + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const deleteMethodOperationSpec: msRest.OperationSpec = { + httpMethod: "DELETE", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/automationRules/{automationRuleId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.automationRuleId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listNextOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.AutomationRulesList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/bookmarkOperations.ts b/sdk/securityinsight/arm-securityinsight/src/operations/bookmarkOperations.ts new file mode 100644 index 000000000000..9febe4813c93 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/bookmarkOperations.ts @@ -0,0 +1,110 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/bookmarkOperationsMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a BookmarkOperations. */ +export class BookmarkOperations { + private readonly client: SecurityInsightsContext; + + /** + * Create a BookmarkOperations. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Expand an bookmark + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param parameters The parameters required to execute an expand operation on the given bookmark. + * @param [options] The optional parameters + * @returns Promise + */ + expand(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, parameters: Models.BookmarkExpandParameters, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param parameters The parameters required to execute an expand operation on the given bookmark. + * @param callback The callback + */ + expand(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, parameters: Models.BookmarkExpandParameters, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param parameters The parameters required to execute an expand operation on the given bookmark. + * @param options The optional parameters + * @param callback The callback + */ + expand(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, parameters: Models.BookmarkExpandParameters, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + expand(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, parameters: Models.BookmarkExpandParameters, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + bookmarkId, + parameters, + options + }, + expandOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const expandOperationSpec: msRest.OperationSpec = { + httpMethod: "POST", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/expand", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.bookmarkId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "parameters", + mapper: { + ...Mappers.BookmarkExpandParameters, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.BookmarkExpandResponse + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/bookmarkRelations.ts b/sdk/securityinsight/arm-securityinsight/src/operations/bookmarkRelations.ts new file mode 100644 index 000000000000..8b4a155dbeea --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/bookmarkRelations.ts @@ -0,0 +1,397 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/bookmarkRelationsMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a BookmarkRelations. */ +export class BookmarkRelations { + private readonly client: SecurityInsightsContext; + + /** + * Create a BookmarkRelations. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Gets all bookmark relations. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, options?: Models.BookmarkRelationsListOptionalParams): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, options: Models.BookmarkRelationsListOptionalParams, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, options?: Models.BookmarkRelationsListOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + bookmarkId, + options + }, + listOperationSpec, + callback) as Promise; + } + + /** + * Gets a bookmark relation. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param relationName Relation Name + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, relationName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param relationName Relation Name + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, relationName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param relationName Relation Name + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, relationName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, relationName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + bookmarkId, + relationName, + options + }, + getOperationSpec, + callback) as Promise; + } + + /** + * Creates the bookmark relation. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param relationName Relation Name + * @param relation The relation model + * @param [options] The optional parameters + * @returns Promise + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, relationName: string, relation: Models.Relation, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param relationName Relation Name + * @param relation The relation model + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, relationName: string, relation: Models.Relation, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param relationName Relation Name + * @param relation The relation model + * @param options The optional parameters + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, relationName: string, relation: Models.Relation, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, relationName: string, relation: Models.Relation, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + bookmarkId, + relationName, + relation, + options + }, + createOrUpdateOperationSpec, + callback) as Promise; + } + + /** + * Delete the bookmark relation. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param relationName Relation Name + * @param [options] The optional parameters + * @returns Promise + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, relationName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param relationName Relation Name + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, relationName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param relationName Relation Name + * @param options The optional parameters + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, relationName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, relationName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + bookmarkId, + relationName, + options + }, + deleteMethodOperationSpec, + callback); + } + + /** + * Gets all bookmark relations. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listNext(nextPageLink: string, options?: Models.BookmarkRelationsListNextOptionalParams): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listNext(nextPageLink: string, options: Models.BookmarkRelationsListNextOptionalParams, callback: msRest.ServiceCallback): void; + listNext(nextPageLink: string, options?: Models.BookmarkRelationsListNextOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.bookmarkId + ], + queryParameters: [ + Parameters.apiVersion, + Parameters.filter, + Parameters.orderby, + Parameters.top, + Parameters.skipToken + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.RelationList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations/{relationName}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.bookmarkId, + Parameters.relationName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.Relation + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const createOrUpdateOperationSpec: msRest.OperationSpec = { + httpMethod: "PUT", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations/{relationName}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.bookmarkId, + Parameters.relationName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "relation", + mapper: { + ...Mappers.Relation, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.Relation + }, + 201: { + bodyMapper: Mappers.Relation + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const deleteMethodOperationSpec: msRest.OperationSpec = { + httpMethod: "DELETE", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}/relations/{relationName}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.bookmarkId, + Parameters.relationName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listNextOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.apiVersion, + Parameters.filter, + Parameters.orderby, + Parameters.top, + Parameters.skipToken + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.RelationList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/bookmarks.ts b/sdk/securityinsight/arm-securityinsight/src/operations/bookmarks.ts new file mode 100644 index 000000000000..d3ac6d8e78ba --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/bookmarks.ts @@ -0,0 +1,369 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/bookmarksMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a Bookmarks. */ +export class Bookmarks { + private readonly client: SecurityInsightsContext; + + /** + * Create a Bookmarks. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Gets all bookmarks. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + options + }, + listOperationSpec, + callback) as Promise; + } + + /** + * Gets a bookmark. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + bookmarkId, + options + }, + getOperationSpec, + callback) as Promise; + } + + /** + * Creates or updates the bookmark. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param bookmark The bookmark + * @param [options] The optional parameters + * @returns Promise + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, bookmark: Models.Bookmark, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param bookmark The bookmark + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, bookmark: Models.Bookmark, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param bookmark The bookmark + * @param options The optional parameters + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, bookmark: Models.Bookmark, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, bookmark: Models.Bookmark, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + bookmarkId, + bookmark, + options + }, + createOrUpdateOperationSpec, + callback) as Promise; + } + + /** + * Delete the bookmark. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param [options] The optional parameters + * @returns Promise + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param bookmarkId Bookmark ID + * @param options The optional parameters + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, bookmarkId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + bookmarkId, + options + }, + deleteMethodOperationSpec, + callback); + } + + /** + * Gets all bookmarks. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listNext(nextPageLink: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.BookmarkList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.bookmarkId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.Bookmark + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const createOrUpdateOperationSpec: msRest.OperationSpec = { + httpMethod: "PUT", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.bookmarkId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "bookmark", + mapper: { + ...Mappers.Bookmark, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.Bookmark + }, + 201: { + bodyMapper: Mappers.Bookmark + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const deleteMethodOperationSpec: msRest.OperationSpec = { + httpMethod: "DELETE", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.bookmarkId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listNextOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.BookmarkList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/dataConnectors.ts b/sdk/securityinsight/arm-securityinsight/src/operations/dataConnectors.ts new file mode 100644 index 000000000000..0741c407c243 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/dataConnectors.ts @@ -0,0 +1,369 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/dataConnectorsMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a DataConnectors. */ +export class DataConnectors { + private readonly client: SecurityInsightsContext; + + /** + * Create a DataConnectors. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Gets all data connectors. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + options + }, + listOperationSpec, + callback) as Promise; + } + + /** + * Gets a data connector. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param dataConnectorId Connector ID + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, dataConnectorId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param dataConnectorId Connector ID + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, dataConnectorId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param dataConnectorId Connector ID + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, dataConnectorId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, dataConnectorId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + dataConnectorId, + options + }, + getOperationSpec, + callback) as Promise; + } + + /** + * Creates or updates the data connector. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param dataConnectorId Connector ID + * @param dataConnector The data connector + * @param [options] The optional parameters + * @returns Promise + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, dataConnectorId: string, dataConnector: Models.DataConnectorUnion, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param dataConnectorId Connector ID + * @param dataConnector The data connector + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, dataConnectorId: string, dataConnector: Models.DataConnectorUnion, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param dataConnectorId Connector ID + * @param dataConnector The data connector + * @param options The optional parameters + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, dataConnectorId: string, dataConnector: Models.DataConnectorUnion, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, dataConnectorId: string, dataConnector: Models.DataConnectorUnion, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + dataConnectorId, + dataConnector, + options + }, + createOrUpdateOperationSpec, + callback) as Promise; + } + + /** + * Delete the data connector. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param dataConnectorId Connector ID + * @param [options] The optional parameters + * @returns Promise + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, dataConnectorId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param dataConnectorId Connector ID + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, dataConnectorId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param dataConnectorId Connector ID + * @param options The optional parameters + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, dataConnectorId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, dataConnectorId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + dataConnectorId, + options + }, + deleteMethodOperationSpec, + callback); + } + + /** + * Gets all data connectors. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listNext(nextPageLink: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.DataConnectorList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.dataConnectorId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.DataConnector + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const createOrUpdateOperationSpec: msRest.OperationSpec = { + httpMethod: "PUT", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.dataConnectorId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "dataConnector", + mapper: { + ...Mappers.DataConnector, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.DataConnector + }, + 201: { + bodyMapper: Mappers.DataConnector + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const deleteMethodOperationSpec: msRest.OperationSpec = { + httpMethod: "DELETE", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.dataConnectorId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listNextOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.DataConnectorList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/dataConnectorsCheckRequirementsOperations.ts b/sdk/securityinsight/arm-securityinsight/src/operations/dataConnectorsCheckRequirementsOperations.ts new file mode 100644 index 000000000000..02cd1798b16e --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/dataConnectorsCheckRequirementsOperations.ts @@ -0,0 +1,105 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/dataConnectorsCheckRequirementsOperationsMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a DataConnectorsCheckRequirementsOperations. */ +export class DataConnectorsCheckRequirementsOperations { + private readonly client: SecurityInsightsContext; + + /** + * Create a DataConnectorsCheckRequirementsOperations. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Get requirements state for a data connector type. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param dataConnectorsCheckRequirements The parameters for requirements check message + * @param [options] The optional parameters + * @returns Promise + */ + post(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, dataConnectorsCheckRequirements: Models.DataConnectorsCheckRequirementsUnion, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param dataConnectorsCheckRequirements The parameters for requirements check message + * @param callback The callback + */ + post(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, dataConnectorsCheckRequirements: Models.DataConnectorsCheckRequirementsUnion, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param dataConnectorsCheckRequirements The parameters for requirements check message + * @param options The optional parameters + * @param callback The callback + */ + post(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, dataConnectorsCheckRequirements: Models.DataConnectorsCheckRequirementsUnion, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + post(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, dataConnectorsCheckRequirements: Models.DataConnectorsCheckRequirementsUnion, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + dataConnectorsCheckRequirements, + options + }, + postOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const postOperationSpec: msRest.OperationSpec = { + httpMethod: "POST", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectorsCheckRequirements", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "dataConnectorsCheckRequirements", + mapper: { + ...Mappers.DataConnectorsCheckRequirements, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.DataConnectorRequirementsState + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/domainWhois.ts b/sdk/securityinsight/arm-securityinsight/src/operations/domainWhois.ts new file mode 100644 index 000000000000..0c1f24b0f54d --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/domainWhois.ts @@ -0,0 +1,86 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/domainWhoisMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a DomainWhois. */ +export class DomainWhois { + private readonly client: SecurityInsightsContext; + + /** + * Create a DomainWhois. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Get whois information for a single domain name + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param domain Domain name to be enriched + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, domain: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param domain Domain name to be enriched + * @param callback The callback + */ + get(resourceGroupName: string, domain: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param domain Domain name to be enriched + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, domain: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, domain: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + domain, + options + }, + getOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.SecurityInsights/enrichment/domain/whois/", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName + ], + queryParameters: [ + Parameters.apiVersion, + Parameters.domain + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.EnrichmentDomainWhois + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/entities.ts b/sdk/securityinsight/arm-securityinsight/src/operations/entities.ts new file mode 100644 index 000000000000..c6e602d0ff2f --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/entities.ts @@ -0,0 +1,449 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/entitiesMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a Entities. */ +export class Entities { + private readonly client: SecurityInsightsContext; + + /** + * Create a Entities. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Gets all entities. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + options + }, + listOperationSpec, + callback) as Promise; + } + + /** + * Gets an entity. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityId entity ID + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityId entity ID + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityId entity ID + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + entityId, + options + }, + getOperationSpec, + callback) as Promise; + } + + /** + * Expands an entity. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityId entity ID + * @param parameters The parameters required to execute an expand operation on the given entity. + * @param [options] The optional parameters + * @returns Promise + */ + expand(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, parameters: Models.EntityExpandParameters, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityId entity ID + * @param parameters The parameters required to execute an expand operation on the given entity. + * @param callback The callback + */ + expand(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, parameters: Models.EntityExpandParameters, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityId entity ID + * @param parameters The parameters required to execute an expand operation on the given entity. + * @param options The optional parameters + * @param callback The callback + */ + expand(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, parameters: Models.EntityExpandParameters, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + expand(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, parameters: Models.EntityExpandParameters, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + entityId, + parameters, + options + }, + expandOperationSpec, + callback) as Promise; + } + + /** + * Get Insights and Activities for an entity. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityId entity ID + * @param [options] The optional parameters + * @returns Promise + */ + queries(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityId entity ID + * @param callback The callback + */ + queries(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityId entity ID + * @param options The optional parameters + * @param callback The callback + */ + queries(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + queries(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + entityId, + options + }, + queriesOperationSpec, + callback) as Promise; + } + + /** + * Execute Insights for an entity. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityId entity ID + * @param parameters The parameters required to execute insights on the given entity. + * @param [options] The optional parameters + * @returns Promise + */ + getInsights(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, parameters: Models.EntityGetInsightsParameters, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityId entity ID + * @param parameters The parameters required to execute insights on the given entity. + * @param callback The callback + */ + getInsights(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, parameters: Models.EntityGetInsightsParameters, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityId entity ID + * @param parameters The parameters required to execute insights on the given entity. + * @param options The optional parameters + * @param callback The callback + */ + getInsights(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, parameters: Models.EntityGetInsightsParameters, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + getInsights(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, parameters: Models.EntityGetInsightsParameters, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + entityId, + parameters, + options + }, + getInsightsOperationSpec, + callback) as Promise; + } + + /** + * Gets all entities. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listNext(nextPageLink: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.EntityList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.entityId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.Entity + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const expandOperationSpec: msRest.OperationSpec = { + httpMethod: "POST", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/expand", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.entityId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "parameters", + mapper: { + ...Mappers.EntityExpandParameters, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.EntityExpandResponse + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const queriesOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/queries", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.entityId + ], + queryParameters: [ + Parameters.apiVersion, + Parameters.kind1 + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.GetQueriesResponse + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const getInsightsOperationSpec: msRest.OperationSpec = { + httpMethod: "POST", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/getInsights", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.entityId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "parameters", + mapper: { + ...Mappers.EntityGetInsightsParameters, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.EntityGetInsightsResponse + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listNextOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.EntityList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/entitiesGetTimeline.ts b/sdk/securityinsight/arm-securityinsight/src/operations/entitiesGetTimeline.ts new file mode 100644 index 000000000000..bc3af5b8ce83 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/entitiesGetTimeline.ts @@ -0,0 +1,110 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/entitiesGetTimelineMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a EntitiesGetTimeline. */ +export class EntitiesGetTimeline { + private readonly client: SecurityInsightsContext; + + /** + * Create a EntitiesGetTimeline. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Timeline for an entity. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityId entity ID + * @param parameters The parameters required to execute an timeline operation on the given entity. + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, parameters: Models.EntityTimelineParameters, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityId entity ID + * @param parameters The parameters required to execute an timeline operation on the given entity. + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, parameters: Models.EntityTimelineParameters, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityId entity ID + * @param parameters The parameters required to execute an timeline operation on the given entity. + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, parameters: Models.EntityTimelineParameters, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, parameters: Models.EntityTimelineParameters, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + entityId, + parameters, + options + }, + listOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "POST", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/getTimeline", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.entityId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "parameters", + mapper: { + ...Mappers.EntityTimelineParameters, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.EntityTimelineResponse + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/entitiesRelations.ts b/sdk/securityinsight/arm-securityinsight/src/operations/entitiesRelations.ts new file mode 100644 index 000000000000..a14d72b9059e --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/entitiesRelations.ts @@ -0,0 +1,159 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/entitiesRelationsMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a EntitiesRelations. */ +export class EntitiesRelations { + private readonly client: SecurityInsightsContext; + + /** + * Create a EntitiesRelations. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Gets all relations of an entity. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityId entity ID + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, options?: Models.EntitiesRelationsListOptionalParams): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityId entity ID + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityId entity ID + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, options: Models.EntitiesRelationsListOptionalParams, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, options?: Models.EntitiesRelationsListOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + entityId, + options + }, + listOperationSpec, + callback) as Promise; + } + + /** + * Gets all relations of an entity. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listNext(nextPageLink: string, options?: Models.EntitiesRelationsListNextOptionalParams): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listNext(nextPageLink: string, options: Models.EntitiesRelationsListNextOptionalParams, callback: msRest.ServiceCallback): void; + listNext(nextPageLink: string, options?: Models.EntitiesRelationsListNextOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/relations", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.entityId + ], + queryParameters: [ + Parameters.apiVersion, + Parameters.filter, + Parameters.orderby, + Parameters.top, + Parameters.skipToken + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.RelationList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listNextOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.apiVersion, + Parameters.filter, + Parameters.orderby, + Parameters.top, + Parameters.skipToken + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.RelationList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/entityQueries.ts b/sdk/securityinsight/arm-securityinsight/src/operations/entityQueries.ts new file mode 100644 index 000000000000..d23fd2f3ca28 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/entityQueries.ts @@ -0,0 +1,371 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/entityQueriesMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a EntityQueries. */ +export class EntityQueries { + private readonly client: SecurityInsightsContext; + + /** + * Create a EntityQueries. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Gets all entity queries. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: Models.EntityQueriesListOptionalParams): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options: Models.EntityQueriesListOptionalParams, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: Models.EntityQueriesListOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + options + }, + listOperationSpec, + callback) as Promise; + } + + /** + * Gets an entity query. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityQueryId entity query ID + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityQueryId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityQueryId entity query ID + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityQueryId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityQueryId entity query ID + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityQueryId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityQueryId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + entityQueryId, + options + }, + getOperationSpec, + callback) as Promise; + } + + /** + * Creates or updates the entity query. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityQueryId entity query ID + * @param entityQuery The entity query we want to create or update + * @param [options] The optional parameters + * @returns Promise + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityQueryId: string, entityQuery: Models.CustomEntityQueryUnion, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityQueryId entity query ID + * @param entityQuery The entity query we want to create or update + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityQueryId: string, entityQuery: Models.CustomEntityQueryUnion, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityQueryId entity query ID + * @param entityQuery The entity query we want to create or update + * @param options The optional parameters + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityQueryId: string, entityQuery: Models.CustomEntityQueryUnion, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityQueryId: string, entityQuery: Models.CustomEntityQueryUnion, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + entityQueryId, + entityQuery, + options + }, + createOrUpdateOperationSpec, + callback) as Promise; + } + + /** + * Delete the entity query. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityQueryId entity query ID + * @param [options] The optional parameters + * @returns Promise + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityQueryId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityQueryId entity query ID + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityQueryId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityQueryId entity query ID + * @param options The optional parameters + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityQueryId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityQueryId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + entityQueryId, + options + }, + deleteMethodOperationSpec, + callback); + } + + /** + * Gets all entity queries. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listNext(nextPageLink: string, options?: Models.EntityQueriesListNextOptionalParams): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listNext(nextPageLink: string, options: Models.EntityQueriesListNextOptionalParams, callback: msRest.ServiceCallback): void; + listNext(nextPageLink: string, options?: Models.EntityQueriesListNextOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName + ], + queryParameters: [ + Parameters.kind0, + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.EntityQueryList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries/{entityQueryId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.entityQueryId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.EntityQuery + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const createOrUpdateOperationSpec: msRest.OperationSpec = { + httpMethod: "PUT", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries/{entityQueryId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.entityQueryId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "entityQuery", + mapper: { + ...Mappers.CustomEntityQuery, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.EntityQuery + }, + 201: { + bodyMapper: Mappers.EntityQuery + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const deleteMethodOperationSpec: msRest.OperationSpec = { + httpMethod: "DELETE", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueries/{entityQueryId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.entityQueryId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listNextOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.kind0, + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.EntityQueryList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/entityQueryTemplates.ts b/sdk/securityinsight/arm-securityinsight/src/operations/entityQueryTemplates.ts new file mode 100644 index 000000000000..fc0b951b8dbf --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/entityQueryTemplates.ts @@ -0,0 +1,218 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/entityQueryTemplatesMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a EntityQueryTemplates. */ +export class EntityQueryTemplates { + private readonly client: SecurityInsightsContext; + + /** + * Create a EntityQueryTemplates. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Gets all entity query templates. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: Models.EntityQueryTemplatesListOptionalParams): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options: Models.EntityQueryTemplatesListOptionalParams, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: Models.EntityQueryTemplatesListOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + options + }, + listOperationSpec, + callback) as Promise; + } + + /** + * Gets an entity query. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityQueryTemplateId entity query template ID + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityQueryTemplateId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityQueryTemplateId entity query template ID + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityQueryTemplateId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityQueryTemplateId entity query template ID + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityQueryTemplateId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityQueryTemplateId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + entityQueryTemplateId, + options + }, + getOperationSpec, + callback) as Promise; + } + + /** + * Gets all entity query templates. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listNext(nextPageLink: string, options?: Models.EntityQueryTemplatesListNextOptionalParams): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listNext(nextPageLink: string, options: Models.EntityQueryTemplatesListNextOptionalParams, callback: msRest.ServiceCallback): void; + listNext(nextPageLink: string, options?: Models.EntityQueryTemplatesListNextOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueryTemplates", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName + ], + queryParameters: [ + Parameters.kind0, + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.EntityQueryTemplateList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entityQueryTemplates/{entityQueryTemplateId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.entityQueryTemplateId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.EntityQueryTemplate + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listNextOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.kind0, + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.EntityQueryTemplateList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/entityRelations.ts b/sdk/securityinsight/arm-securityinsight/src/operations/entityRelations.ts new file mode 100644 index 000000000000..72deb1aed346 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/entityRelations.ts @@ -0,0 +1,104 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/entityRelationsMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a EntityRelations. */ +export class EntityRelations { + private readonly client: SecurityInsightsContext; + + /** + * Create a EntityRelations. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Gets an entity relation. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityId entity ID + * @param relationName Relation Name + * @param [options] The optional parameters + * @returns Promise + */ + getRelation(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, relationName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityId entity ID + * @param relationName Relation Name + * @param callback The callback + */ + getRelation(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, relationName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param entityId entity ID + * @param relationName Relation Name + * @param options The optional parameters + * @param callback The callback + */ + getRelation(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, relationName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + getRelation(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, entityId: string, relationName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + entityId, + relationName, + options + }, + getRelationOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const getRelationOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/relations/{relationName}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.entityId, + Parameters.relationName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.Relation + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/iPGeodata.ts b/sdk/securityinsight/arm-securityinsight/src/operations/iPGeodata.ts new file mode 100644 index 000000000000..c5ed1476a7b3 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/iPGeodata.ts @@ -0,0 +1,86 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/iPGeodataMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a IPGeodata. */ +export class IPGeodata { + private readonly client: SecurityInsightsContext; + + /** + * Create a IPGeodata. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Get geodata for a single IP address + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param ipAddress IP address (v4 or v6) to be enriched + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, ipAddress: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param ipAddress IP address (v4 or v6) to be enriched + * @param callback The callback + */ + get(resourceGroupName: string, ipAddress: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param ipAddress IP address (v4 or v6) to be enriched + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, ipAddress: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, ipAddress: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + ipAddress, + options + }, + getOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.SecurityInsights/enrichment/ip/geodata/", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName + ], + queryParameters: [ + Parameters.apiVersion, + Parameters.ipAddress + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.EnrichmentIpGeodata + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/incidentComments.ts b/sdk/securityinsight/arm-securityinsight/src/operations/incidentComments.ts new file mode 100644 index 000000000000..6c7504d59419 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/incidentComments.ts @@ -0,0 +1,397 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/incidentCommentsMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a IncidentComments. */ +export class IncidentComments { + private readonly client: SecurityInsightsContext; + + /** + * Create a IncidentComments. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Gets all incident comments. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, options?: Models.IncidentCommentsListOptionalParams): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, options: Models.IncidentCommentsListOptionalParams, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, options?: Models.IncidentCommentsListOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + incidentId, + options + }, + listOperationSpec, + callback) as Promise; + } + + /** + * Gets an incident comment. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param incidentCommentId Incident comment ID + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, incidentCommentId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param incidentCommentId Incident comment ID + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, incidentCommentId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param incidentCommentId Incident comment ID + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, incidentCommentId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, incidentCommentId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + incidentId, + incidentCommentId, + options + }, + getOperationSpec, + callback) as Promise; + } + + /** + * Creates or updates the incident comment. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param incidentCommentId Incident comment ID + * @param incidentComment The incident comment + * @param [options] The optional parameters + * @returns Promise + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, incidentCommentId: string, incidentComment: Models.IncidentComment, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param incidentCommentId Incident comment ID + * @param incidentComment The incident comment + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, incidentCommentId: string, incidentComment: Models.IncidentComment, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param incidentCommentId Incident comment ID + * @param incidentComment The incident comment + * @param options The optional parameters + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, incidentCommentId: string, incidentComment: Models.IncidentComment, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, incidentCommentId: string, incidentComment: Models.IncidentComment, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + incidentId, + incidentCommentId, + incidentComment, + options + }, + createOrUpdateOperationSpec, + callback) as Promise; + } + + /** + * Delete the incident comment. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param incidentCommentId Incident comment ID + * @param [options] The optional parameters + * @returns Promise + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, incidentCommentId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param incidentCommentId Incident comment ID + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, incidentCommentId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param incidentCommentId Incident comment ID + * @param options The optional parameters + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, incidentCommentId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, incidentCommentId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + incidentId, + incidentCommentId, + options + }, + deleteMethodOperationSpec, + callback); + } + + /** + * Gets all incident comments. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listNext(nextPageLink: string, options?: Models.IncidentCommentsListNextOptionalParams): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listNext(nextPageLink: string, options: Models.IncidentCommentsListNextOptionalParams, callback: msRest.ServiceCallback): void; + listNext(nextPageLink: string, options?: Models.IncidentCommentsListNextOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/comments", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.incidentId + ], + queryParameters: [ + Parameters.apiVersion, + Parameters.filter, + Parameters.orderby, + Parameters.top, + Parameters.skipToken + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.IncidentCommentList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/comments/{incidentCommentId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.incidentId, + Parameters.incidentCommentId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.IncidentComment + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const createOrUpdateOperationSpec: msRest.OperationSpec = { + httpMethod: "PUT", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/comments/{incidentCommentId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.incidentId, + Parameters.incidentCommentId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "incidentComment", + mapper: { + ...Mappers.IncidentComment, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.IncidentComment + }, + 201: { + bodyMapper: Mappers.IncidentComment + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const deleteMethodOperationSpec: msRest.OperationSpec = { + httpMethod: "DELETE", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/comments/{incidentCommentId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.incidentId, + Parameters.incidentCommentId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listNextOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.apiVersion, + Parameters.filter, + Parameters.orderby, + Parameters.top, + Parameters.skipToken + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.IncidentCommentList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/incidentRelations.ts b/sdk/securityinsight/arm-securityinsight/src/operations/incidentRelations.ts new file mode 100644 index 000000000000..ce8b0f11725c --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/incidentRelations.ts @@ -0,0 +1,397 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/incidentRelationsMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a IncidentRelations. */ +export class IncidentRelations { + private readonly client: SecurityInsightsContext; + + /** + * Create a IncidentRelations. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Gets all incident relations. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, options?: Models.IncidentRelationsListOptionalParams): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, options: Models.IncidentRelationsListOptionalParams, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, options?: Models.IncidentRelationsListOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + incidentId, + options + }, + listOperationSpec, + callback) as Promise; + } + + /** + * Gets an incident relation. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param relationName Relation Name + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, relationName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param relationName Relation Name + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, relationName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param relationName Relation Name + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, relationName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, relationName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + incidentId, + relationName, + options + }, + getOperationSpec, + callback) as Promise; + } + + /** + * Creates or updates the incident relation. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param relationName Relation Name + * @param relation The relation model + * @param [options] The optional parameters + * @returns Promise + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, relationName: string, relation: Models.Relation, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param relationName Relation Name + * @param relation The relation model + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, relationName: string, relation: Models.Relation, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param relationName Relation Name + * @param relation The relation model + * @param options The optional parameters + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, relationName: string, relation: Models.Relation, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, relationName: string, relation: Models.Relation, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + incidentId, + relationName, + relation, + options + }, + createOrUpdateOperationSpec, + callback) as Promise; + } + + /** + * Delete the incident relation. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param relationName Relation Name + * @param [options] The optional parameters + * @returns Promise + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, relationName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param relationName Relation Name + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, relationName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param relationName Relation Name + * @param options The optional parameters + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, relationName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, relationName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + incidentId, + relationName, + options + }, + deleteMethodOperationSpec, + callback); + } + + /** + * Gets all incident relations. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listNext(nextPageLink: string, options?: Models.IncidentRelationsListNextOptionalParams): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listNext(nextPageLink: string, options: Models.IncidentRelationsListNextOptionalParams, callback: msRest.ServiceCallback): void; + listNext(nextPageLink: string, options?: Models.IncidentRelationsListNextOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/relations", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.incidentId + ], + queryParameters: [ + Parameters.apiVersion, + Parameters.filter, + Parameters.orderby, + Parameters.top, + Parameters.skipToken + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.RelationList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/relations/{relationName}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.incidentId, + Parameters.relationName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.Relation + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const createOrUpdateOperationSpec: msRest.OperationSpec = { + httpMethod: "PUT", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/relations/{relationName}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.incidentId, + Parameters.relationName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "relation", + mapper: { + ...Mappers.Relation, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.Relation + }, + 201: { + bodyMapper: Mappers.Relation + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const deleteMethodOperationSpec: msRest.OperationSpec = { + httpMethod: "DELETE", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/relations/{relationName}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.incidentId, + Parameters.relationName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listNextOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.apiVersion, + Parameters.filter, + Parameters.orderby, + Parameters.top, + Parameters.skipToken + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.RelationList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/incidents.ts b/sdk/securityinsight/arm-securityinsight/src/operations/incidents.ts new file mode 100644 index 000000000000..8df21fdd89e5 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/incidents.ts @@ -0,0 +1,669 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/incidentsMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a Incidents. */ +export class Incidents { + private readonly client: SecurityInsightsContext; + + /** + * Create a Incidents. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Gets all incidents. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: Models.IncidentsListOptionalParams): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options: Models.IncidentsListOptionalParams, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: Models.IncidentsListOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + options + }, + listOperationSpec, + callback) as Promise; + } + + /** + * Gets an incident. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + incidentId, + options + }, + getOperationSpec, + callback) as Promise; + } + + /** + * Creates or updates the incident. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param incident The incident + * @param [options] The optional parameters + * @returns Promise + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, incident: Models.Incident, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param incident The incident + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, incident: Models.Incident, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param incident The incident + * @param options The optional parameters + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, incident: Models.Incident, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, incident: Models.Incident, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + incidentId, + incident, + options + }, + createOrUpdateOperationSpec, + callback) as Promise; + } + + /** + * Delete the incident. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param [options] The optional parameters + * @returns Promise + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param options The optional parameters + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + incidentId, + options + }, + deleteMethodOperationSpec, + callback); + } + + /** + * Creates a Microsoft team to investigate the incident by sharing information and insights between + * participants. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param teamProperties Team properties + * @param [options] The optional parameters + * @returns Promise + */ + createTeam(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, teamProperties: Models.TeamProperties, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param teamProperties Team properties + * @param callback The callback + */ + createTeam(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, teamProperties: Models.TeamProperties, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param teamProperties Team properties + * @param options The optional parameters + * @param callback The callback + */ + createTeam(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, teamProperties: Models.TeamProperties, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + createTeam(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, teamProperties: Models.TeamProperties, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + incidentId, + teamProperties, + options + }, + createTeamOperationSpec, + callback) as Promise; + } + + /** + * Gets all incident alerts. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param [options] The optional parameters + * @returns Promise + */ + listAlerts(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param callback The callback + */ + listAlerts(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param options The optional parameters + * @param callback The callback + */ + listAlerts(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + listAlerts(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + incidentId, + options + }, + listAlertsOperationSpec, + callback) as Promise; + } + + /** + * Gets all incident bookmarks. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param [options] The optional parameters + * @returns Promise + */ + listBookmarks(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param callback The callback + */ + listBookmarks(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param options The optional parameters + * @param callback The callback + */ + listBookmarks(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + listBookmarks(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + incidentId, + options + }, + listBookmarksOperationSpec, + callback) as Promise; + } + + /** + * Gets all incident related entities. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param [options] The optional parameters + * @returns Promise + */ + listEntities(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param callback The callback + */ + listEntities(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param options The optional parameters + * @param callback The callback + */ + listEntities(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + listEntities(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, incidentId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + incidentId, + options + }, + listEntitiesOperationSpec, + callback) as Promise; + } + + /** + * Gets all incidents. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listNext(nextPageLink: string, options?: Models.IncidentsListNextOptionalParams): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listNext(nextPageLink: string, options: Models.IncidentsListNextOptionalParams, callback: msRest.ServiceCallback): void; + listNext(nextPageLink: string, options?: Models.IncidentsListNextOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName + ], + queryParameters: [ + Parameters.apiVersion, + Parameters.filter, + Parameters.orderby, + Parameters.top, + Parameters.skipToken + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.IncidentList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.incidentId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.Incident + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const createOrUpdateOperationSpec: msRest.OperationSpec = { + httpMethod: "PUT", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.incidentId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "incident", + mapper: { + ...Mappers.Incident, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.Incident + }, + 201: { + bodyMapper: Mappers.Incident + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const deleteMethodOperationSpec: msRest.OperationSpec = { + httpMethod: "DELETE", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.incidentId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const createTeamOperationSpec: msRest.OperationSpec = { + httpMethod: "POST", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/createTeam", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.incidentId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "teamProperties", + mapper: { + ...Mappers.TeamProperties, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.TeamInformation + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listAlertsOperationSpec: msRest.OperationSpec = { + httpMethod: "POST", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/alerts", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.incidentId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.IncidentAlertList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listBookmarksOperationSpec: msRest.OperationSpec = { + httpMethod: "POST", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/bookmarks", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.incidentId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.IncidentBookmarkList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listEntitiesOperationSpec: msRest.OperationSpec = { + httpMethod: "POST", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/entities", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.incidentId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.IncidentEntitiesResponse + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listNextOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.apiVersion, + Parameters.filter, + Parameters.orderby, + Parameters.top, + Parameters.skipToken + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.IncidentList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/index.ts b/sdk/securityinsight/arm-securityinsight/src/operations/index.ts new file mode 100644 index 000000000000..c6b38ed5d226 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/index.ts @@ -0,0 +1,41 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +export * from "./alertRules"; +export * from "./actions"; +export * from "./alertRuleTemplates"; +export * from "./automationRules"; +export * from "./bookmarks"; +export * from "./bookmarkRelations"; +export * from "./bookmarkOperations"; +export * from "./iPGeodata"; +export * from "./domainWhois"; +export * from "./entityQueries"; +export * from "./entities"; +export * from "./entitiesGetTimeline"; +export * from "./entitiesRelations"; +export * from "./entityRelations"; +export * from "./incidents"; +export * from "./incidentComments"; +export * from "./incidentRelations"; +export * from "./metadata"; +export * from "./sentinelOnboardingStates"; +export * from "./productSettings"; +export * from "./sourceControlOperations"; +export * from "./sourceControls"; +export * from "./watchlists"; +export * from "./watchlistItems"; +export * from "./dataConnectors"; +export * from "./dataConnectorsCheckRequirementsOperations"; +export * from "./threatIntelligenceIndicator"; +export * from "./threatIntelligenceIndicators"; +export * from "./threatIntelligenceIndicatorMetrics"; +export * from "./operations"; +export * from "./officeConsents"; +export * from "./entityQueryTemplates"; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/metadata.ts b/sdk/securityinsight/arm-securityinsight/src/operations/metadata.ts new file mode 100644 index 000000000000..359fc0389687 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/metadata.ts @@ -0,0 +1,458 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/metadataMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a Metadata. */ +export class Metadata { + private readonly client: SecurityInsightsContext; + + /** + * Create a Metadata. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * List of all metadata + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: Models.MetadataListOptionalParams): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options: Models.MetadataListOptionalParams, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: Models.MetadataListOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + options + }, + listOperationSpec, + callback) as Promise; + } + + /** + * Get a Metadata. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param metadataName The Metadata name. + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, metadataName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param metadataName The Metadata name. + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, metadataName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param metadataName The Metadata name. + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, metadataName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, metadataName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + metadataName, + options + }, + getOperationSpec, + callback) as Promise; + } + + /** + * Delete a Metadata. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param metadataName The Metadata name. + * @param [options] The optional parameters + * @returns Promise + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, metadataName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param metadataName The Metadata name. + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, metadataName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param metadataName The Metadata name. + * @param options The optional parameters + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, metadataName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, metadataName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + metadataName, + options + }, + deleteMethodOperationSpec, + callback); + } + + /** + * Create a Metadata. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param metadataName The Metadata name. + * @param metadata Metadata resource. + * @param [options] The optional parameters + * @returns Promise + */ + create(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, metadataName: string, metadata: Models.MetadataModel, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param metadataName The Metadata name. + * @param metadata Metadata resource. + * @param callback The callback + */ + create(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, metadataName: string, metadata: Models.MetadataModel, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param metadataName The Metadata name. + * @param metadata Metadata resource. + * @param options The optional parameters + * @param callback The callback + */ + create(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, metadataName: string, metadata: Models.MetadataModel, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + create(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, metadataName: string, metadata: Models.MetadataModel, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + metadataName, + metadata, + options + }, + createOperationSpec, + callback) as Promise; + } + + /** + * Update an existing Metadata. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param metadataName The Metadata name. + * @param metadataPatch Partial metadata request. + * @param [options] The optional parameters + * @returns Promise + */ + update(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, metadataName: string, metadataPatch: Models.MetadataPatch, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param metadataName The Metadata name. + * @param metadataPatch Partial metadata request. + * @param callback The callback + */ + update(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, metadataName: string, metadataPatch: Models.MetadataPatch, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param metadataName The Metadata name. + * @param metadataPatch Partial metadata request. + * @param options The optional parameters + * @param callback The callback + */ + update(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, metadataName: string, metadataPatch: Models.MetadataPatch, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + update(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, metadataName: string, metadataPatch: Models.MetadataPatch, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + metadataName, + metadataPatch, + options + }, + updateOperationSpec, + callback) as Promise; + } + + /** + * List of all metadata + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listNext(nextPageLink: string, options?: Models.MetadataListNextOptionalParams): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listNext(nextPageLink: string, options: Models.MetadataListNextOptionalParams, callback: msRest.ServiceCallback): void; + listNext(nextPageLink: string, options?: Models.MetadataListNextOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/metadata", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName + ], + queryParameters: [ + Parameters.apiVersion, + Parameters.filter, + Parameters.orderby, + Parameters.top, + Parameters.skip + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.MetadataList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/metadata/{metadataName}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.metadataName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.MetadataModel + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const deleteMethodOperationSpec: msRest.OperationSpec = { + httpMethod: "DELETE", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/metadata/{metadataName}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.metadataName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const createOperationSpec: msRest.OperationSpec = { + httpMethod: "PUT", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/metadata/{metadataName}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.metadataName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "metadata", + mapper: { + ...Mappers.MetadataModel, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.MetadataModel + }, + 201: { + bodyMapper: Mappers.MetadataModel + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const updateOperationSpec: msRest.OperationSpec = { + httpMethod: "PATCH", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/metadata/{metadataName}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.metadataName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "metadataPatch", + mapper: { + ...Mappers.MetadataPatch, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.MetadataModel + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listNextOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.apiVersion, + Parameters.filter, + Parameters.orderby, + Parameters.top, + Parameters.skip + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.MetadataList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/officeConsents.ts b/sdk/securityinsight/arm-securityinsight/src/operations/officeConsents.ts new file mode 100644 index 000000000000..58d12c400dc1 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/officeConsents.ts @@ -0,0 +1,285 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/officeConsentsMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a OfficeConsents. */ +export class OfficeConsents { + private readonly client: SecurityInsightsContext; + + /** + * Create a OfficeConsents. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Gets all office365 consents. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + options + }, + listOperationSpec, + callback) as Promise; + } + + /** + * Gets an office365 consent. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param consentId consent ID + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, consentId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param consentId consent ID + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, consentId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param consentId consent ID + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, consentId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, consentId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + consentId, + options + }, + getOperationSpec, + callback) as Promise; + } + + /** + * Delete the office365 consent. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param consentId consent ID + * @param [options] The optional parameters + * @returns Promise + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, consentId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param consentId consent ID + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, consentId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param consentId consent ID + * @param options The optional parameters + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, consentId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, consentId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + consentId, + options + }, + deleteMethodOperationSpec, + callback); + } + + /** + * Gets all office365 consents. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listNext(nextPageLink: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/officeConsents", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.OfficeConsentList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/officeConsents/{consentId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.consentId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.OfficeConsent + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const deleteMethodOperationSpec: msRest.OperationSpec = { + httpMethod: "DELETE", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/officeConsents/{consentId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.consentId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listNextOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.OfficeConsentList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/operations.ts b/sdk/securityinsight/arm-securityinsight/src/operations/operations.ts new file mode 100644 index 000000000000..92dcd99d2f23 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/operations.ts @@ -0,0 +1,125 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/operationsMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a Operations. */ +export class Operations { + private readonly client: SecurityInsightsContext; + + /** + * Create a Operations. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Lists all operations available Azure Security Insights Resource Provider. + * @param [options] The optional parameters + * @returns Promise + */ + list(options?: msRest.RequestOptionsBase): Promise; + /** + * @param callback The callback + */ + list(callback: msRest.ServiceCallback): void; + /** + * @param options The optional parameters + * @param callback The callback + */ + list(options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + list(options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + options + }, + listOperationSpec, + callback) as Promise; + } + + /** + * Lists all operations available Azure Security Insights Resource Provider. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listNext(nextPageLink: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "providers/Microsoft.SecurityInsights/operations", + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.OperationsList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listNextOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.OperationsList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/productSettings.ts b/sdk/securityinsight/arm-securityinsight/src/operations/productSettings.ts new file mode 100644 index 000000000000..259bb9105894 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/productSettings.ts @@ -0,0 +1,314 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/productSettingsMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a ProductSettings. */ +export class ProductSettings { + private readonly client: SecurityInsightsContext; + + /** + * Create a ProductSettings. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * List of all the settings + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + options + }, + listOperationSpec, + callback) as Promise; + } + + /** + * Gets a setting. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param settingsName The setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, settingsName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param settingsName The setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, settingsName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param settingsName The setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, settingsName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, settingsName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + settingsName, + options + }, + getOperationSpec, + callback) as Promise; + } + + /** + * Delete setting of the product. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param settingsName The setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba + * @param [options] The optional parameters + * @returns Promise + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, settingsName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param settingsName The setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, settingsName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param settingsName The setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba + * @param options The optional parameters + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, settingsName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, settingsName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + settingsName, + options + }, + deleteMethodOperationSpec, + callback); + } + + /** + * Updates setting. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param settingsName The setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba + * @param settings The setting + * @param [options] The optional parameters + * @returns Promise + */ + update(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, settingsName: string, settings: Models.SettingsUnion, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param settingsName The setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba + * @param settings The setting + * @param callback The callback + */ + update(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, settingsName: string, settings: Models.SettingsUnion, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param settingsName The setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba + * @param settings The setting + * @param options The optional parameters + * @param callback The callback + */ + update(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, settingsName: string, settings: Models.SettingsUnion, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + update(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, settingsName: string, settings: Models.SettingsUnion, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + settingsName, + settings, + options + }, + updateOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.SettingList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings/{settingsName}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.settingsName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.Settings + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const deleteMethodOperationSpec: msRest.OperationSpec = { + httpMethod: "DELETE", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings/{settingsName}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.settingsName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const updateOperationSpec: msRest.OperationSpec = { + httpMethod: "PUT", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/settings/{settingsName}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.settingsName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "settings", + mapper: { + ...Mappers.Settings, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.Settings + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/sentinelOnboardingStates.ts b/sdk/securityinsight/arm-securityinsight/src/operations/sentinelOnboardingStates.ts new file mode 100644 index 000000000000..b198fecb0be1 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/sentinelOnboardingStates.ts @@ -0,0 +1,313 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/sentinelOnboardingStatesMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a SentinelOnboardingStates. */ +export class SentinelOnboardingStates { + private readonly client: SecurityInsightsContext; + + /** + * Create a SentinelOnboardingStates. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Get Sentinel onboarding state + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param sentinelOnboardingStateName The Sentinel onboarding state name. Supports - default + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sentinelOnboardingStateName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param sentinelOnboardingStateName The Sentinel onboarding state name. Supports - default + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sentinelOnboardingStateName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param sentinelOnboardingStateName The Sentinel onboarding state name. Supports - default + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sentinelOnboardingStateName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sentinelOnboardingStateName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + sentinelOnboardingStateName, + options + }, + getOperationSpec, + callback) as Promise; + } + + /** + * Create Sentinel onboarding state + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param sentinelOnboardingStateName The Sentinel onboarding state name. Supports - default + * @param [options] The optional parameters + * @returns Promise + */ + create(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sentinelOnboardingStateName: string, options?: Models.SentinelOnboardingStatesCreateOptionalParams): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param sentinelOnboardingStateName The Sentinel onboarding state name. Supports - default + * @param callback The callback + */ + create(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sentinelOnboardingStateName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param sentinelOnboardingStateName The Sentinel onboarding state name. Supports - default + * @param options The optional parameters + * @param callback The callback + */ + create(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sentinelOnboardingStateName: string, options: Models.SentinelOnboardingStatesCreateOptionalParams, callback: msRest.ServiceCallback): void; + create(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sentinelOnboardingStateName: string, options?: Models.SentinelOnboardingStatesCreateOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + sentinelOnboardingStateName, + options + }, + createOperationSpec, + callback) as Promise; + } + + /** + * Delete Sentinel onboarding state + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param sentinelOnboardingStateName The Sentinel onboarding state name. Supports - default + * @param [options] The optional parameters + * @returns Promise + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sentinelOnboardingStateName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param sentinelOnboardingStateName The Sentinel onboarding state name. Supports - default + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sentinelOnboardingStateName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param sentinelOnboardingStateName The Sentinel onboarding state name. Supports - default + * @param options The optional parameters + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sentinelOnboardingStateName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sentinelOnboardingStateName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + sentinelOnboardingStateName, + options + }, + deleteMethodOperationSpec, + callback); + } + + /** + * Gets all Sentinel onboarding states + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + options + }, + listOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/onboardingStates/{sentinelOnboardingStateName}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.sentinelOnboardingStateName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.SentinelOnboardingState + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const createOperationSpec: msRest.OperationSpec = { + httpMethod: "PUT", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/onboardingStates/{sentinelOnboardingStateName}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.sentinelOnboardingStateName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: [ + "options", + "sentinelOnboardingStateParameter" + ], + mapper: Mappers.SentinelOnboardingState + }, + responses: { + 200: { + bodyMapper: Mappers.SentinelOnboardingState + }, + 201: { + bodyMapper: Mappers.SentinelOnboardingState + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const deleteMethodOperationSpec: msRest.OperationSpec = { + httpMethod: "DELETE", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/onboardingStates/{sentinelOnboardingStateName}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.sentinelOnboardingStateName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/onboardingStates", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.SentinelOnboardingStatesList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/sourceControlOperations.ts b/sdk/securityinsight/arm-securityinsight/src/operations/sourceControlOperations.ts new file mode 100644 index 000000000000..3f54c909eda5 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/sourceControlOperations.ts @@ -0,0 +1,160 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/sourceControlOperationsMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a SourceControlOperations. */ +export class SourceControlOperations { + private readonly client: SecurityInsightsContext; + + /** + * Create a SourceControlOperations. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Gets a list of repositories metadata. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param repoType The repo type. Possible values include: 'Github', 'DevOps' + * @param [options] The optional parameters + * @returns Promise + */ + listRepositories(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, repoType: Models.RepoType, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param repoType The repo type. Possible values include: 'Github', 'DevOps' + * @param callback The callback + */ + listRepositories(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, repoType: Models.RepoType, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param repoType The repo type. Possible values include: 'Github', 'DevOps' + * @param options The optional parameters + * @param callback The callback + */ + listRepositories(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, repoType: Models.RepoType, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + listRepositories(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, repoType: Models.RepoType, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + repoType, + options + }, + listRepositoriesOperationSpec, + callback) as Promise; + } + + /** + * Gets a list of repositories metadata. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listRepositoriesNext(nextPageLink: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listRepositoriesNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listRepositoriesNext(nextPageLink: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + listRepositoriesNext(nextPageLink: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listRepositoriesNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listRepositoriesOperationSpec: msRest.OperationSpec = { + httpMethod: "POST", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/listRepositories", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "repoType", + mapper: { + required: true, + serializedName: "repoType", + type: { + name: "String" + } + } + }, + responses: { + 200: { + bodyMapper: Mappers.RepoList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listRepositoriesNextOperationSpec: msRest.OperationSpec = { + httpMethod: "POST", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.RepoList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/sourceControls.ts b/sdk/securityinsight/arm-securityinsight/src/operations/sourceControls.ts new file mode 100644 index 000000000000..2ba07b179c5d --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/sourceControls.ts @@ -0,0 +1,369 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/sourceControlsMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a SourceControls. */ +export class SourceControls { + private readonly client: SecurityInsightsContext; + + /** + * Create a SourceControls. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Gets all source controls, without source control items. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + options + }, + listOperationSpec, + callback) as Promise; + } + + /** + * Gets a source control byt its identifier. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param sourceControlId Source control Id + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sourceControlId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param sourceControlId Source control Id + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sourceControlId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param sourceControlId Source control Id + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sourceControlId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sourceControlId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + sourceControlId, + options + }, + getOperationSpec, + callback) as Promise; + } + + /** + * Delete a source control. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param sourceControlId Source control Id + * @param [options] The optional parameters + * @returns Promise + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sourceControlId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param sourceControlId Source control Id + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sourceControlId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param sourceControlId Source control Id + * @param options The optional parameters + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sourceControlId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sourceControlId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + sourceControlId, + options + }, + deleteMethodOperationSpec, + callback); + } + + /** + * Creates a source control. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param sourceControlId Source control Id + * @param sourceControl The SourceControl + * @param [options] The optional parameters + * @returns Promise + */ + create(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sourceControlId: string, sourceControl: Models.SourceControl, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param sourceControlId Source control Id + * @param sourceControl The SourceControl + * @param callback The callback + */ + create(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sourceControlId: string, sourceControl: Models.SourceControl, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param sourceControlId Source control Id + * @param sourceControl The SourceControl + * @param options The optional parameters + * @param callback The callback + */ + create(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sourceControlId: string, sourceControl: Models.SourceControl, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + create(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, sourceControlId: string, sourceControl: Models.SourceControl, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + sourceControlId, + sourceControl, + options + }, + createOperationSpec, + callback) as Promise; + } + + /** + * Gets all source controls, without source control items. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listNext(nextPageLink: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/sourcecontrols", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.SourceControlList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/sourcecontrols/{sourceControlId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.sourceControlId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.SourceControl + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const deleteMethodOperationSpec: msRest.OperationSpec = { + httpMethod: "DELETE", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/sourcecontrols/{sourceControlId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.sourceControlId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const createOperationSpec: msRest.OperationSpec = { + httpMethod: "PUT", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/sourcecontrols/{sourceControlId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.sourceControlId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "sourceControl", + mapper: { + ...Mappers.SourceControl, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.SourceControl + }, + 201: { + bodyMapper: Mappers.SourceControl + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listNextOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.SourceControlList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/threatIntelligenceIndicator.ts b/sdk/securityinsight/arm-securityinsight/src/operations/threatIntelligenceIndicator.ts new file mode 100644 index 000000000000..277499adb890 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/threatIntelligenceIndicator.ts @@ -0,0 +1,628 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/threatIntelligenceIndicatorMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a ThreatIntelligenceIndicator. */ +export class ThreatIntelligenceIndicator { + private readonly client: SecurityInsightsContext; + + /** + * Create a ThreatIntelligenceIndicator. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Create a new threat intelligence indicator. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param threatIntelligenceProperties Properties of threat intelligence indicators to create and + * update. + * @param [options] The optional parameters + * @returns Promise + */ + createIndicator(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, threatIntelligenceProperties: Models.ThreatIntelligenceIndicatorModelForRequestBody, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param threatIntelligenceProperties Properties of threat intelligence indicators to create and + * update. + * @param callback The callback + */ + createIndicator(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, threatIntelligenceProperties: Models.ThreatIntelligenceIndicatorModelForRequestBody, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param threatIntelligenceProperties Properties of threat intelligence indicators to create and + * update. + * @param options The optional parameters + * @param callback The callback + */ + createIndicator(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, threatIntelligenceProperties: Models.ThreatIntelligenceIndicatorModelForRequestBody, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + createIndicator(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, threatIntelligenceProperties: Models.ThreatIntelligenceIndicatorModelForRequestBody, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + threatIntelligenceProperties, + options + }, + createIndicatorOperationSpec, + callback) as Promise; + } + + /** + * View a threat intelligence indicator by name. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param name Threat intelligence indicator name field. + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, name: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param name Threat intelligence indicator name field. + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, name: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param name Threat intelligence indicator name field. + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, name: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, name: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + name, + options + }, + getOperationSpec, + callback) as Promise; + } + + /** + * Update a threat Intelligence indicator. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param name Threat intelligence indicator name field. + * @param threatIntelligenceProperties Properties of threat intelligence indicators to create and + * update. + * @param [options] The optional parameters + * @returns Promise + */ + create(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, name: string, threatIntelligenceProperties: Models.ThreatIntelligenceIndicatorModelForRequestBody, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param name Threat intelligence indicator name field. + * @param threatIntelligenceProperties Properties of threat intelligence indicators to create and + * update. + * @param callback The callback + */ + create(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, name: string, threatIntelligenceProperties: Models.ThreatIntelligenceIndicatorModelForRequestBody, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param name Threat intelligence indicator name field. + * @param threatIntelligenceProperties Properties of threat intelligence indicators to create and + * update. + * @param options The optional parameters + * @param callback The callback + */ + create(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, name: string, threatIntelligenceProperties: Models.ThreatIntelligenceIndicatorModelForRequestBody, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + create(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, name: string, threatIntelligenceProperties: Models.ThreatIntelligenceIndicatorModelForRequestBody, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + name, + threatIntelligenceProperties, + options + }, + createOperationSpec, + callback) as Promise; + } + + /** + * Delete a threat intelligence indicator. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param name Threat intelligence indicator name field. + * @param [options] The optional parameters + * @returns Promise + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, name: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param name Threat intelligence indicator name field. + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, name: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param name Threat intelligence indicator name field. + * @param options The optional parameters + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, name: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, name: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + name, + options + }, + deleteMethodOperationSpec, + callback); + } + + /** + * Query threat intelligence indicators as per filtering criteria. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param threatIntelligenceFilteringCriteria Filtering criteria for querying threat intelligence + * indicators. + * @param [options] The optional parameters + * @returns Promise + */ + queryIndicators(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, threatIntelligenceFilteringCriteria: Models.ThreatIntelligenceFilteringCriteria, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param threatIntelligenceFilteringCriteria Filtering criteria for querying threat intelligence + * indicators. + * @param callback The callback + */ + queryIndicators(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, threatIntelligenceFilteringCriteria: Models.ThreatIntelligenceFilteringCriteria, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param threatIntelligenceFilteringCriteria Filtering criteria for querying threat intelligence + * indicators. + * @param options The optional parameters + * @param callback The callback + */ + queryIndicators(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, threatIntelligenceFilteringCriteria: Models.ThreatIntelligenceFilteringCriteria, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + queryIndicators(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, threatIntelligenceFilteringCriteria: Models.ThreatIntelligenceFilteringCriteria, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + threatIntelligenceFilteringCriteria, + options + }, + queryIndicatorsOperationSpec, + callback) as Promise; + } + + /** + * Append tags to a threat intelligence indicator. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param name Threat intelligence indicator name field. + * @param threatIntelligenceAppendTags The threat intelligence append tags request body + * @param [options] The optional parameters + * @returns Promise + */ + appendTags(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, name: string, threatIntelligenceAppendTags: Models.ThreatIntelligenceAppendTags, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param name Threat intelligence indicator name field. + * @param threatIntelligenceAppendTags The threat intelligence append tags request body + * @param callback The callback + */ + appendTags(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, name: string, threatIntelligenceAppendTags: Models.ThreatIntelligenceAppendTags, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param name Threat intelligence indicator name field. + * @param threatIntelligenceAppendTags The threat intelligence append tags request body + * @param options The optional parameters + * @param callback The callback + */ + appendTags(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, name: string, threatIntelligenceAppendTags: Models.ThreatIntelligenceAppendTags, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + appendTags(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, name: string, threatIntelligenceAppendTags: Models.ThreatIntelligenceAppendTags, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + name, + threatIntelligenceAppendTags, + options + }, + appendTagsOperationSpec, + callback); + } + + /** + * Replace tags added to a threat intelligence indicator. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param name Threat intelligence indicator name field. + * @param threatIntelligenceReplaceTags Tags in the threat intelligence indicator to be replaced. + * @param [options] The optional parameters + * @returns Promise + */ + replaceTags(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, name: string, threatIntelligenceReplaceTags: Models.ThreatIntelligenceIndicatorModelForRequestBody, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param name Threat intelligence indicator name field. + * @param threatIntelligenceReplaceTags Tags in the threat intelligence indicator to be replaced. + * @param callback The callback + */ + replaceTags(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, name: string, threatIntelligenceReplaceTags: Models.ThreatIntelligenceIndicatorModelForRequestBody, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param name Threat intelligence indicator name field. + * @param threatIntelligenceReplaceTags Tags in the threat intelligence indicator to be replaced. + * @param options The optional parameters + * @param callback The callback + */ + replaceTags(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, name: string, threatIntelligenceReplaceTags: Models.ThreatIntelligenceIndicatorModelForRequestBody, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + replaceTags(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, name: string, threatIntelligenceReplaceTags: Models.ThreatIntelligenceIndicatorModelForRequestBody, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + name, + threatIntelligenceReplaceTags, + options + }, + replaceTagsOperationSpec, + callback) as Promise; + } + + /** + * Query threat intelligence indicators as per filtering criteria. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + queryIndicatorsNext(nextPageLink: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + queryIndicatorsNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + queryIndicatorsNext(nextPageLink: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + queryIndicatorsNext(nextPageLink: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + queryIndicatorsNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const createIndicatorOperationSpec: msRest.OperationSpec = { + httpMethod: "POST", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/createIndicator", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "threatIntelligenceProperties", + mapper: { + ...Mappers.ThreatIntelligenceIndicatorModelForRequestBody, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.ThreatIntelligenceInformation + }, + 201: { + bodyMapper: Mappers.ThreatIntelligenceInformation + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/{name}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.name + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.ThreatIntelligenceInformation + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const createOperationSpec: msRest.OperationSpec = { + httpMethod: "PUT", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/{name}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.name + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "threatIntelligenceProperties", + mapper: { + ...Mappers.ThreatIntelligenceIndicatorModelForRequestBody, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.ThreatIntelligenceInformation + }, + 201: { + bodyMapper: Mappers.ThreatIntelligenceInformation + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const deleteMethodOperationSpec: msRest.OperationSpec = { + httpMethod: "DELETE", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/{name}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.name + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const queryIndicatorsOperationSpec: msRest.OperationSpec = { + httpMethod: "POST", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/queryIndicators", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "threatIntelligenceFilteringCriteria", + mapper: { + ...Mappers.ThreatIntelligenceFilteringCriteria, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.ThreatIntelligenceInformationList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const appendTagsOperationSpec: msRest.OperationSpec = { + httpMethod: "POST", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/{name}/appendTags", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.name + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "threatIntelligenceAppendTags", + mapper: { + ...Mappers.ThreatIntelligenceAppendTags, + required: true + } + }, + responses: { + 200: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const replaceTagsOperationSpec: msRest.OperationSpec = { + httpMethod: "POST", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/{name}/replaceTags", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.name + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "threatIntelligenceReplaceTags", + mapper: { + ...Mappers.ThreatIntelligenceIndicatorModelForRequestBody, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.ThreatIntelligenceInformation + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const queryIndicatorsNextOperationSpec: msRest.OperationSpec = { + httpMethod: "POST", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.ThreatIntelligenceInformationList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/threatIntelligenceIndicatorMetrics.ts b/sdk/securityinsight/arm-securityinsight/src/operations/threatIntelligenceIndicatorMetrics.ts new file mode 100644 index 000000000000..15b9712957a2 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/threatIntelligenceIndicatorMetrics.ts @@ -0,0 +1,94 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/threatIntelligenceIndicatorMetricsMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a ThreatIntelligenceIndicatorMetrics. */ +export class ThreatIntelligenceIndicatorMetrics { + private readonly client: SecurityInsightsContext; + + /** + * Create a ThreatIntelligenceIndicatorMetrics. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Get threat intelligence indicators metrics (Indicators counts by Type, Threat Type, Source). + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + options + }, + listOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/metrics", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.ThreatIntelligenceMetricsList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/threatIntelligenceIndicators.ts b/sdk/securityinsight/arm-securityinsight/src/operations/threatIntelligenceIndicators.ts new file mode 100644 index 000000000000..a4db505d2ed2 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/threatIntelligenceIndicators.ts @@ -0,0 +1,154 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/threatIntelligenceIndicatorsMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a ThreatIntelligenceIndicators. */ +export class ThreatIntelligenceIndicators { + private readonly client: SecurityInsightsContext; + + /** + * Create a ThreatIntelligenceIndicators. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Get all threat intelligence indicators. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: Models.ThreatIntelligenceIndicatorsListOptionalParams): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options: Models.ThreatIntelligenceIndicatorsListOptionalParams, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: Models.ThreatIntelligenceIndicatorsListOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + options + }, + listOperationSpec, + callback) as Promise; + } + + /** + * Get all threat intelligence indicators. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listNext(nextPageLink: string, options?: Models.ThreatIntelligenceIndicatorsListNextOptionalParams): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listNext(nextPageLink: string, options: Models.ThreatIntelligenceIndicatorsListNextOptionalParams, callback: msRest.ServiceCallback): void; + listNext(nextPageLink: string, options?: Models.ThreatIntelligenceIndicatorsListNextOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName + ], + queryParameters: [ + Parameters.apiVersion, + Parameters.filter, + Parameters.orderby, + Parameters.top, + Parameters.skipToken + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.ThreatIntelligenceInformationList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listNextOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.apiVersion, + Parameters.filter, + Parameters.orderby, + Parameters.top, + Parameters.skipToken + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.ThreatIntelligenceInformationList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/watchlistItems.ts b/sdk/securityinsight/arm-securityinsight/src/operations/watchlistItems.ts new file mode 100644 index 000000000000..f9e4aec1e46f --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/watchlistItems.ts @@ -0,0 +1,389 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/watchlistItemsMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a WatchlistItems. */ +export class WatchlistItems { + private readonly client: SecurityInsightsContext; + + /** + * Create a WatchlistItems. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Gets all watchlist Items. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param watchlistAlias Watchlist Alias + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param watchlistAlias Watchlist Alias + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param watchlistAlias Watchlist Alias + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + watchlistAlias, + options + }, + listOperationSpec, + callback) as Promise; + } + + /** + * Gets a watchlist, without its watchlist items. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param watchlistAlias Watchlist Alias + * @param watchlistItemId Watchlist Item Id (GUID) + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, watchlistItemId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param watchlistAlias Watchlist Alias + * @param watchlistItemId Watchlist Item Id (GUID) + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, watchlistItemId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param watchlistAlias Watchlist Alias + * @param watchlistItemId Watchlist Item Id (GUID) + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, watchlistItemId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, watchlistItemId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + watchlistAlias, + watchlistItemId, + options + }, + getOperationSpec, + callback) as Promise; + } + + /** + * Delete a watchlist item. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param watchlistAlias Watchlist Alias + * @param watchlistItemId Watchlist Item Id (GUID) + * @param [options] The optional parameters + * @returns Promise + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, watchlistItemId: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param watchlistAlias Watchlist Alias + * @param watchlistItemId Watchlist Item Id (GUID) + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, watchlistItemId: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param watchlistAlias Watchlist Alias + * @param watchlistItemId Watchlist Item Id (GUID) + * @param options The optional parameters + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, watchlistItemId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, watchlistItemId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + watchlistAlias, + watchlistItemId, + options + }, + deleteMethodOperationSpec, + callback); + } + + /** + * Creates or updates a watchlist item. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param watchlistAlias Watchlist Alias + * @param watchlistItemId Watchlist Item Id (GUID) + * @param watchlistItem The watchlist item + * @param [options] The optional parameters + * @returns Promise + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, watchlistItemId: string, watchlistItem: Models.WatchlistItem, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param watchlistAlias Watchlist Alias + * @param watchlistItemId Watchlist Item Id (GUID) + * @param watchlistItem The watchlist item + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, watchlistItemId: string, watchlistItem: Models.WatchlistItem, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param watchlistAlias Watchlist Alias + * @param watchlistItemId Watchlist Item Id (GUID) + * @param watchlistItem The watchlist item + * @param options The optional parameters + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, watchlistItemId: string, watchlistItem: Models.WatchlistItem, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, watchlistItemId: string, watchlistItem: Models.WatchlistItem, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + watchlistAlias, + watchlistItemId, + watchlistItem, + options + }, + createOrUpdateOperationSpec, + callback) as Promise; + } + + /** + * Gets all watchlist Items. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listNext(nextPageLink: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}/watchlistItems", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.watchlistAlias + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.WatchlistItemList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}/watchlistItems/{watchlistItemId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.watchlistAlias, + Parameters.watchlistItemId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.WatchlistItem + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const deleteMethodOperationSpec: msRest.OperationSpec = { + httpMethod: "DELETE", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}/watchlistItems/{watchlistItemId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.watchlistAlias, + Parameters.watchlistItemId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const createOrUpdateOperationSpec: msRest.OperationSpec = { + httpMethod: "PUT", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}/watchlistItems/{watchlistItemId}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.watchlistAlias, + Parameters.watchlistItemId + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "watchlistItem", + mapper: { + ...Mappers.WatchlistItem, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.WatchlistItem + }, + 201: { + bodyMapper: Mappers.WatchlistItem + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listNextOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.WatchlistItemList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/watchlists.ts b/sdk/securityinsight/arm-securityinsight/src/operations/watchlists.ts new file mode 100644 index 000000000000..2be6d6919e8f --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/watchlists.ts @@ -0,0 +1,371 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import * as Models from "../models"; +import * as Mappers from "../models/watchlistsMappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsightsContext } from "../securityInsightsContext"; + +/** Class representing a Watchlists. */ +export class Watchlists { + private readonly client: SecurityInsightsContext; + + /** + * Create a Watchlists. + * @param {SecurityInsightsContext} client Reference to the service client. + */ + constructor(client: SecurityInsightsContext) { + this.client = client; + } + + /** + * Gets all watchlists, without watchlist items. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param [options] The optional parameters + * @returns Promise + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param options The optional parameters + * @param callback The callback + */ + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + list(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + options + }, + listOperationSpec, + callback) as Promise; + } + + /** + * Gets a watchlist, without its watchlist items. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param watchlistAlias Watchlist Alias + * @param [options] The optional parameters + * @returns Promise + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param watchlistAlias Watchlist Alias + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param watchlistAlias Watchlist Alias + * @param options The optional parameters + * @param callback The callback + */ + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + get(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + watchlistAlias, + options + }, + getOperationSpec, + callback) as Promise; + } + + /** + * Delete a watchlist. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param watchlistAlias Watchlist Alias + * @param [options] The optional parameters + * @returns Promise + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param watchlistAlias Watchlist Alias + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param watchlistAlias Watchlist Alias + * @param options The optional parameters + * @param callback The callback + */ + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + deleteMethod(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + watchlistAlias, + options + }, + deleteMethodOperationSpec, + callback); + } + + /** + * Creates or updates a watchlist and its watchlist items (bulk creation, e.g. through text/csv + * content type). To create a Watchlist and its items, we should call this endpoint with rawContent + * and contentType properties. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param watchlistAlias Watchlist Alias + * @param watchlist The watchlist + * @param [options] The optional parameters + * @returns Promise + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, watchlist: Models.Watchlist, options?: msRest.RequestOptionsBase): Promise; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param watchlistAlias Watchlist Alias + * @param watchlist The watchlist + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, watchlist: Models.Watchlist, callback: msRest.ServiceCallback): void; + /** + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param operationalInsightsResourceProvider The namespace of workspaces resource provider- + * Microsoft.OperationalInsights. + * @param workspaceName The name of the workspace. + * @param watchlistAlias Watchlist Alias + * @param watchlist The watchlist + * @param options The optional parameters + * @param callback The callback + */ + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, watchlist: Models.Watchlist, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + createOrUpdate(resourceGroupName: string, operationalInsightsResourceProvider: string, workspaceName: string, watchlistAlias: string, watchlist: Models.Watchlist, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + operationalInsightsResourceProvider, + workspaceName, + watchlistAlias, + watchlist, + options + }, + createOrUpdateOperationSpec, + callback) as Promise; + } + + /** + * Gets all watchlists, without watchlist items. + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param [options] The optional parameters + * @returns Promise + */ + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase): Promise; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param callback The callback + */ + listNext(nextPageLink: string, callback: msRest.ServiceCallback): void; + /** + * @param nextPageLink The NextLink from the previous successful call to List operation. + * @param options The optional parameters + * @param callback The callback + */ + listNext(nextPageLink: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void; + listNext(nextPageLink: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise { + return this.client.sendOperationRequest( + { + nextPageLink, + options + }, + listNextOperationSpec, + callback) as Promise; + } +} + +// Operation Specifications +const serializer = new msRest.Serializer(Mappers); +const listOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.WatchlistList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const getOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.watchlistAlias + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.Watchlist + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const deleteMethodOperationSpec: msRest.OperationSpec = { + httpMethod: "DELETE", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.watchlistAlias + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const createOrUpdateOperationSpec: msRest.OperationSpec = { + httpMethod: "PUT", + path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/watchlists/{watchlistAlias}", + urlParameters: [ + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.operationalInsightsResourceProvider, + Parameters.workspaceName, + Parameters.watchlistAlias + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + requestBody: { + parameterPath: "watchlist", + mapper: { + ...Mappers.Watchlist, + required: true + } + }, + responses: { + 200: { + bodyMapper: Mappers.Watchlist + }, + 201: { + bodyMapper: Mappers.Watchlist + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; + +const listNextOperationSpec: msRest.OperationSpec = { + httpMethod: "GET", + baseUrl: "https://management.azure.com", + path: "{nextLink}", + urlParameters: [ + Parameters.nextPageLink + ], + queryParameters: [ + Parameters.apiVersion + ], + headerParameters: [ + Parameters.acceptLanguage + ], + responses: { + 200: { + bodyMapper: Mappers.WatchlistList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/securityInsights.ts b/sdk/securityinsight/arm-securityinsight/src/securityInsights.ts new file mode 100644 index 000000000000..a5d3065e8aaa --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/securityInsights.ts @@ -0,0 +1,110 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as msRest from "@azure/ms-rest-js"; +import { TokenCredential } from "@azure/core-auth"; +import * as Models from "./models"; +import * as Mappers from "./models/mappers"; +import * as operations from "./operations"; +import { SecurityInsightsContext } from "./securityInsightsContext"; + + +class SecurityInsights extends SecurityInsightsContext { + // Operation groups + alertRules: operations.AlertRules; + actions: operations.Actions; + alertRuleTemplates: operations.AlertRuleTemplates; + automationRules: operations.AutomationRules; + bookmarks: operations.Bookmarks; + bookmarkRelations: operations.BookmarkRelations; + bookmark: operations.BookmarkOperations; + iPGeodata: operations.IPGeodata; + domainWhois: operations.DomainWhois; + entityQueries: operations.EntityQueries; + entities: operations.Entities; + entitiesGetTimeline: operations.EntitiesGetTimeline; + entitiesRelations: operations.EntitiesRelations; + entityRelations: operations.EntityRelations; + incidents: operations.Incidents; + incidentComments: operations.IncidentComments; + incidentRelations: operations.IncidentRelations; + metadata: operations.Metadata; + sentinelOnboardingStates: operations.SentinelOnboardingStates; + productSettings: operations.ProductSettings; + sourceControl: operations.SourceControlOperations; + sourceControls: operations.SourceControls; + watchlists: operations.Watchlists; + watchlistItems: operations.WatchlistItems; + dataConnectors: operations.DataConnectors; + dataConnectorsCheckRequirements: operations.DataConnectorsCheckRequirementsOperations; + threatIntelligenceIndicator: operations.ThreatIntelligenceIndicator; + threatIntelligenceIndicators: operations.ThreatIntelligenceIndicators; + threatIntelligenceIndicatorMetrics: operations.ThreatIntelligenceIndicatorMetrics; + operations: operations.Operations; + officeConsents: operations.OfficeConsents; + entityQueryTemplates: operations.EntityQueryTemplates; + + /** + * Initializes a new instance of the SecurityInsights class. + * @param credentials Credentials needed for the client to connect to Azure. Credentials + * implementing the TokenCredential interface from the @azure/identity package are recommended. For + * more information about these credentials, see + * {@link https://www.npmjs.com/package/@azure/identity}. Credentials implementing the + * ServiceClientCredentials interface from the older packages @azure/ms-rest-nodeauth and + * @azure/ms-rest-browserauth are also supported. + * @param subscriptionId The ID of the target subscription. + * @param subscriptionId1 Azure subscription ID + * @param [options] The parameter options + */ + constructor(credentials: msRest.ServiceClientCredentials | TokenCredential, subscriptionId: string, subscriptionId1: string, options?: Models.SecurityInsightsOptions) { + super(credentials, subscriptionId, subscriptionId1, options); + this.alertRules = new operations.AlertRules(this); + this.actions = new operations.Actions(this); + this.alertRuleTemplates = new operations.AlertRuleTemplates(this); + this.automationRules = new operations.AutomationRules(this); + this.bookmarks = new operations.Bookmarks(this); + this.bookmarkRelations = new operations.BookmarkRelations(this); + this.bookmark = new operations.BookmarkOperations(this); + this.iPGeodata = new operations.IPGeodata(this); + this.domainWhois = new operations.DomainWhois(this); + this.entityQueries = new operations.EntityQueries(this); + this.entities = new operations.Entities(this); + this.entitiesGetTimeline = new operations.EntitiesGetTimeline(this); + this.entitiesRelations = new operations.EntitiesRelations(this); + this.entityRelations = new operations.EntityRelations(this); + this.incidents = new operations.Incidents(this); + this.incidentComments = new operations.IncidentComments(this); + this.incidentRelations = new operations.IncidentRelations(this); + this.metadata = new operations.Metadata(this); + this.sentinelOnboardingStates = new operations.SentinelOnboardingStates(this); + this.productSettings = new operations.ProductSettings(this); + this.sourceControl = new operations.SourceControlOperations(this); + this.sourceControls = new operations.SourceControls(this); + this.watchlists = new operations.Watchlists(this); + this.watchlistItems = new operations.WatchlistItems(this); + this.dataConnectors = new operations.DataConnectors(this); + this.dataConnectorsCheckRequirements = new operations.DataConnectorsCheckRequirementsOperations(this); + this.threatIntelligenceIndicator = new operations.ThreatIntelligenceIndicator(this); + this.threatIntelligenceIndicators = new operations.ThreatIntelligenceIndicators(this); + this.threatIntelligenceIndicatorMetrics = new operations.ThreatIntelligenceIndicatorMetrics(this); + this.operations = new operations.Operations(this); + this.officeConsents = new operations.OfficeConsents(this); + this.entityQueryTemplates = new operations.EntityQueryTemplates(this); + } +} + +// Operation Specifications + +export { + SecurityInsights, + SecurityInsightsContext, + Models as SecurityInsightsModels, + Mappers as SecurityInsightsMappers +}; +export * from "./operations"; diff --git a/sdk/securityinsight/arm-securityinsight/src/securityInsightsContext.ts b/sdk/securityinsight/arm-securityinsight/src/securityInsightsContext.ts new file mode 100644 index 000000000000..9856de8f8e52 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/securityInsightsContext.ts @@ -0,0 +1,73 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is + * regenerated. + */ + +import * as Models from "./models"; +import * as msRest from "@azure/ms-rest-js"; +import * as msRestAzure from "@azure/ms-rest-azure-js"; +import { TokenCredential } from "@azure/core-auth"; + +const packageName = "@azure/arm-securityinsight"; +const packageVersion = "1.0.0"; + +export class SecurityInsightsContext extends msRestAzure.AzureServiceClient { + credentials: msRest.ServiceClientCredentials | TokenCredential; + subscriptionId: string; + apiVersion?: string; + subscriptionId1: string; + + /** + * Initializes a new instance of the SecurityInsights class. + * @param credentials Credentials needed for the client to connect to Azure. Credentials + * implementing the TokenCredential interface from the @azure/identity package are recommended. For + * more information about these credentials, see + * {@link https://www.npmjs.com/package/@azure/identity}. Credentials implementing the + * ServiceClientCredentials interface from the older packages @azure/ms-rest-nodeauth and + * @azure/ms-rest-browserauth are also supported. + * @param subscriptionId The ID of the target subscription. + * @param subscriptionId1 Azure subscription ID + * @param [options] The parameter options + */ + constructor(credentials: msRest.ServiceClientCredentials | TokenCredential, subscriptionId: string, subscriptionId1: string, options?: Models.SecurityInsightsOptions) { + if (credentials == undefined) { + throw new Error('\'credentials\' cannot be null.'); + } + if (subscriptionId == undefined) { + throw new Error('\'subscriptionId\' cannot be null.'); + } + if (subscriptionId1 == undefined) { + throw new Error('\'subscriptionId1\' cannot be null.'); + } + + if (!options) { + options = {}; + } + if (!options.userAgent) { + const defaultUserAgent = msRestAzure.getDefaultUserAgentValue(); + options.userAgent = `${packageName}/${packageVersion} ${defaultUserAgent}`; + } + + super(credentials, options); + + this.apiVersion = '2021-09-01-preview'; + this.acceptLanguage = 'en-US'; + this.longRunningOperationRetryTimeout = 30; + this.baseUri = options.baseUri || this.baseUri || "https://management.azure.com"; + this.requestContentType = "application/json; charset=utf-8"; + this.credentials = credentials; + this.subscriptionId = subscriptionId; + this.subscriptionId1 = subscriptionId1; + + if (options.acceptLanguage !== null && options.acceptLanguage !== undefined) { + this.acceptLanguage = options.acceptLanguage; + } + if (options.longRunningOperationRetryTimeout !== null && options.longRunningOperationRetryTimeout !== undefined) { + this.longRunningOperationRetryTimeout = options.longRunningOperationRetryTimeout; + } + } +} diff --git a/sdk/securityinsight/arm-securityinsight/tsconfig.json b/sdk/securityinsight/arm-securityinsight/tsconfig.json new file mode 100644 index 000000000000..422b584abd5e --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/tsconfig.json @@ -0,0 +1,19 @@ +{ + "compilerOptions": { + "module": "es6", + "moduleResolution": "node", + "strict": true, + "target": "es5", + "sourceMap": true, + "declarationMap": true, + "esModuleInterop": true, + "allowSyntheticDefaultImports": true, + "forceConsistentCasingInFileNames": true, + "lib": ["es6", "dom"], + "declaration": true, + "outDir": "./esm", + "importHelpers": true + }, + "include": ["./src/**/*.ts"], + "exclude": ["node_modules"] +}