Package-level declarations
Types
Link copied to clipboard
The Activity query definitions
Link copied to clipboard
Link copied to clipboard
data class AgentSystemResponse(val systemDisplayName: String? = null, val systemResourceName: String? = null)
Describes the configuration of a system inside the agent.
Link copied to clipboard
data class AlertDetailsOverrideResponse(val alertDescriptionFormat: String? = null, val alertDisplayNameFormat: String? = null, val alertDynamicProperties: List<AlertPropertyMappingResponse>? = null, val alertSeverityColumnName: String? = null, val alertTacticsColumnName: String? = null)
Settings for how to dynamically override alert static details
Link copied to clipboard
data class AlertPropertyMappingResponse(val alertProperty: String? = null, val value: String? = null)
A single alert property mapping to override
Link copied to clipboard
data class AlertsDataTypeOfDataConnectorResponse(val alerts: DataConnectorDataTypeCommonResponse? = null)
Alerts data type for data connectors.
Link copied to clipboard
data class AnomalyTimelineItemResponse(val azureResourceId: String, val description: String? = null, val displayName: String, val endTimeUtc: String, val intent: String? = null, val kind: String, val productName: String? = null, val reasons: List<String>? = null, val startTimeUtc: String, val techniques: List<String>? = null, val timeGenerated: String, val vendor: String? = null)
Represents anomaly timeline item.
Link copied to clipboard
An entity describing a content item.
Link copied to clipboard
data class AutomationRuleModifyPropertiesActionResponse(val actionConfiguration: IncidentPropertiesActionResponse? = null, val actionType: String, val order: Int)
Describes an automation rule action to modify an object's properties
Link copied to clipboard
data class AutomationRulePropertyArrayChangedValuesConditionResponse(val arrayType: String? = null, val changeType: String? = null)
Link copied to clipboard
Link copied to clipboard
data class AutomationRulePropertyValuesConditionResponse(val operator: String? = null, val propertyName: String? = null, val propertyValues: List<String>? = null)
Link copied to clipboard
data class AutomationRuleRunPlaybookActionResponse(val actionConfiguration: PlaybookActionPropertiesResponse? = null, val actionType: String, val order: Int)
Describes an automation rule action to run a playbook
Link copied to clipboard
Link copied to clipboard
data class AwsCloudTrailDataConnectorDataTypesResponse(val logs: AwsCloudTrailDataConnectorDataTypesResponseLogs? = null)
The available data types for Amazon Web Services CloudTrail data connector.
Link copied to clipboard
Logs data type.
Link copied to clipboard
data class AzureDevOpsResourceInfoResponse(val pipelineId: String? = null, val serviceConnectionId: String? = null)
Resources created in Azure DevOps repository.
Link copied to clipboard
data class BookmarkTimelineItemResponse(val azureResourceId: String, val createdBy: UserInfoResponse? = null, val displayName: String? = null, val endTimeUtc: String? = null, val eventTime: String? = null, val kind: String, val labels: List<String>? = null, val notes: String? = null, val startTimeUtc: String? = null)
Represents bookmark timeline item.
Link copied to clipboard
data class ClientInfoResponse(val email: String? = null, val name: String? = null, val objectId: String? = null, val userPrincipalName: String? = null)
Information on the client (user or application) that made some action
Link copied to clipboard
The criteria by which we determine whether the connector is connected or not. For Example, use a KQL query to check if the expected data type is flowing).
Link copied to clipboard
The data type which is created by the connector, including a query indicated when was the last time that data type was received in the workspace.
Link copied to clipboard
data class ConnectorDefinitionsAvailabilityResponse(val isPreview: Boolean? = null, val status: Int? = null)
The exposure status of the connector to the customers.
Link copied to clipboard
data class ConnectorDefinitionsPermissionsResponse(val customs: List<CustomPermissionDetailsResponse>? = null, val licenses: List<String>? = null, val resourceProvider: List<ConnectorDefinitionsResourceProviderResponse>? = null, val tenant: List<String>? = null)
The required Permissions for the connector.
Link copied to clipboard
data class ConnectorDefinitionsResourceProviderResponse(val permissionsDisplayText: String, val provider: String, val providerDisplayName: String, val requiredPermissions: ResourceProviderRequiredPermissionsResponse, val scope: String)
The resource provider details include the required permissions for the user to create connections. The user should have the required permissions(Read\Write, ..) in the specified scope ProviderPermissionsScope against the specified resource provider.
Link copied to clipboard
The mapping of content type to a repo path.
Link copied to clipboard
data class CustomizableConnectionsConfigResponse(val templateSpecName: String, val templateSpecVersion: String)
The UiConfig for 'Customizable' connector definition kind.
Link copied to clipboard
data class CustomizableConnectorUiConfigResponse(val availability: ConnectorDefinitionsAvailabilityResponse? = null, val connectivityCriteria: List<ConnectivityCriterionResponse>, val dataTypes: List<ConnectorDataTypeResponse>, val descriptionMarkdown: String, val graphQueries: List<GraphQueryResponse>, val graphQueriesTableName: String? = null, val id: String? = null, val instructionSteps: List<InstructionStepResponse>, val isConnectivityCriteriasMatchSome: Boolean? = null, val logo: String? = null, val permissions: ConnectorDefinitionsPermissionsResponse, val publisher: String, val sampleQueries: List<SampleQueryResponse>, val title: String)
The UiConfig for 'Customizable' connector definition kind.
Link copied to clipboard
The Custom permissions required for the connector.
Link copied to clipboard
Common field for data type in data connectors.
Link copied to clipboard
data class DeploymentInfoResponse(val deployment: DeploymentResponse? = null, val deploymentFetchStatus: String? = null, val message: String? = null)
Information regarding a deployment.
Link copied to clipboard
Link copied to clipboard
data class EnrichmentDomainWhoisContactResponse(val city: String? = null, val country: String? = null, val email: String? = null, val fax: String? = null, val name: String? = null, val org: String? = null, val phone: String? = null, val postal: String? = null, val state: String? = null, val street: List<String>? = null)
An individual contact associated with this domain
Link copied to clipboard
data class EnrichmentDomainWhoisContactsResponse(val admin: EnrichmentDomainWhoisContactResponse? = null, val billing: EnrichmentDomainWhoisContactResponse? = null, val registrant: EnrichmentDomainWhoisContactResponse? = null, val tech: EnrichmentDomainWhoisContactResponse? = null)
The set of contacts associated with this domain
Link copied to clipboard
data class EnrichmentDomainWhoisDetailsResponse(val contacts: EnrichmentDomainWhoisContactsResponse? = null, val nameServers: List<String>? = null, val registrar: EnrichmentDomainWhoisRegistrarDetailsResponse? = null, val statuses: List<String>? = null)
The whois record for a given domain
Link copied to clipboard
Link copied to clipboard
data class EntityInsightItemResponse(val chartQueryResults: List<InsightsTableResultResponse>? = null, val queryId: String? = null, val queryTimeInterval: EntityInsightItemResponseQueryTimeInterval? = null, val tableQueryResults: InsightsTableResultResponse? = null)
Entity insight Item.
Link copied to clipboard
data class EntityInsightItemResponseQueryTimeInterval(val endTime: String? = null, val startTime: String? = null)
The Time interval that the query actually executed on.
Link copied to clipboard
data class EntityMappingResponse(val entityType: String? = null, val fieldMappings: List<FieldMappingResponse>? = null)
Single entity mapping for the alert rule
Link copied to clipboard
Event grouping settings property bag.
Link copied to clipboard
A single field mapping of the mapped entity
Link copied to clipboard
Link copied to clipboard
data class GetAADDataConnectorResult(val dataTypes: AlertsDataTypeOfDataConnectorResponse? = null, val etag: String? = null, val id: String, val kind: String, val name: String, val systemData: SystemDataResponse, val tenantId: String? = null, val type: String)
Represents AAD (Azure Active Directory) data connector.
Link copied to clipboard
data class GetAATPDataConnectorResult(val dataTypes: AlertsDataTypeOfDataConnectorResponse? = null, val etag: String? = null, val id: String, val kind: String, val name: String, val systemData: SystemDataResponse, val tenantId: String? = null, val type: String)
Represents AATP (Azure Advanced Threat Protection) data connector.
Link copied to clipboard
data class GetActionResult(val etag: String? = null, val id: String, val logicAppResourceId: String, val name: String, val systemData: SystemDataResponse, val type: String, val workflowId: String? = null)
Action for alert rule.
Link copied to clipboard
data class GetActivityCustomEntityQueryResult(val content: String? = null, val createdTimeUtc: String, val description: String? = null, val enabled: Boolean? = null, val entitiesFilter: Map<String, List<String>>? = null, val etag: String? = null, val id: String, val inputEntityType: String? = null, val kind: String, val lastModifiedTimeUtc: String, val name: String, val queryDefinitions: ActivityEntityQueriesPropertiesResponseQueryDefinitions? = null, val requiredInputFieldsSets: List<List<String>>? = null, val systemData: SystemDataResponse, val templateName: String? = null, val title: String? = null, val type: String)
Represents Activity entity query.
Link copied to clipboard
data class GetAnomaliesResult(val etag: String? = null, val id: String, val isEnabled: Boolean, val kind: String, val name: String, val systemData: SystemDataResponse, val type: String)
Settings with single toggle.
Link copied to clipboard
data class GetAnomalySecurityMLAnalyticsSettingsResult(val anomalySettingsVersion: Int? = null, val anomalyVersion: String, val customizableObservations: Any? = null, val description: String? = null, val displayName: String, val enabled: Boolean, val etag: String? = null, val frequency: String, val id: String, val isDefaultSettings: Boolean, val kind: String, val lastModifiedUtc: String, val name: String, val requiredDataConnectors: List<SecurityMLAnalyticsSettingsDataSourceResponse>? = null, val settingsDefinitionId: String? = null, val settingsStatus: String, val systemData: SystemDataResponse, val tactics: List<String>? = null, val techniques: List<String>? = null, val type: String)
Represents Anomaly Security ML Analytics Settings
Link copied to clipboard
data class GetASCDataConnectorResult(val dataTypes: AlertsDataTypeOfDataConnectorResponse? = null, val etag: String? = null, val id: String, val kind: String, val name: String, val subscriptionId: String? = null, val systemData: SystemDataResponse, val type: String)
Represents ASC (Azure Security Center) data connector.
Link copied to clipboard
data class GetAutomationRuleResult(val actions: List<Either<AutomationRuleModifyPropertiesActionResponse, AutomationRuleRunPlaybookActionResponse>>, val createdBy: ClientInfoResponse, val createdTimeUtc: String, val displayName: String, val etag: String? = null, val id: String, val lastModifiedBy: ClientInfoResponse, val lastModifiedTimeUtc: String, val name: String, val order: Int, val systemData: SystemDataResponse, val triggeringLogic: AutomationRuleTriggeringLogicResponse, val type: String)
Link copied to clipboard
data class GetAwsCloudTrailDataConnectorResult(val awsRoleArn: String? = null, val dataTypes: AwsCloudTrailDataConnectorDataTypesResponse? = null, val etag: String? = null, val id: String, val kind: String, val name: String, val systemData: SystemDataResponse, val type: String)
Represents Amazon Web Services CloudTrail data connector.
Link copied to clipboard
data class GetBookmarkRelationResult(val etag: String? = null, val id: String, val name: String, val relatedResourceId: String, val relatedResourceKind: String, val relatedResourceName: String, val relatedResourceType: String, val systemData: SystemDataResponse, val type: String)
Represents a relation between two resources
Link copied to clipboard
data class GetBookmarkResult(val created: String? = null, val createdBy: UserInfoResponse? = null, val displayName: String, val etag: String? = null, val eventTime: String? = null, val id: String, val incidentInfo: IncidentInfoResponse? = null, val labels: List<String>? = null, val name: String, val notes: String? = null, val query: String, val queryEndTime: String? = null, val queryResult: String? = null, val queryStartTime: String? = null, val systemData: SystemDataResponse, val type: String, val updated: String? = null, val updatedBy: UserInfoResponse? = null)
Represents a bookmark in Azure Security Insights.
Link copied to clipboard
data class GetBusinessApplicationAgentResult(val agentSystems: List<AgentSystemResponse>, val configuration: SapAgentConfigurationResponse, val displayName: String, val etag: String? = null, val id: String, val lastModifiedTimeUtc: String, val name: String, val systemData: SystemDataResponse, val type: String)
Describes the configuration of a Business Application Agent.
Link copied to clipboard
data class GetContentPackageResult(val author: MetadataAuthorResponse? = null, val categories: MetadataCategoriesResponse? = null, val contentId: String, val contentKind: String, val contentSchemaVersion: String? = null, val dependencies: MetadataDependenciesResponse? = null, val description: String? = null, val displayName: String, val etag: String? = null, val firstPublishDate: String? = null, val icon: String? = null, val id: String, val isFeatured: String? = null, val isNew: String? = null, val isPreview: String? = null, val lastPublishDate: String? = null, val name: String, val providers: List<String>? = null, val publisherDisplayName: String? = null, val source: MetadataSourceResponse? = null, val support: MetadataSupportResponse? = null, val systemData: SystemDataResponse, val threatAnalysisTactics: List<String>? = null, val threatAnalysisTechniques: List<String>? = null, val type: String, val version: String)
Represents a Package in Azure Security Insights.
Link copied to clipboard
data class GetContentTemplateResult(val author: MetadataAuthorResponse? = null, val categories: MetadataCategoriesResponse? = null, val contentId: String, val contentKind: String, val contentSchemaVersion: String? = null, val customVersion: String? = null, val dependencies: MetadataDependenciesResponse? = null, val displayName: String, val etag: String? = null, val firstPublishDate: String? = null, val icon: String? = null, val id: String, val lastPublishDate: String? = null, val mainTemplate: Any? = null, val name: String, val packageId: String, val packageKind: String? = null, val packageName: String? = null, val previewImages: List<String>? = null, val previewImagesDark: List<String>? = null, val providers: List<String>? = null, val source: MetadataSourceResponse, val support: MetadataSupportResponse? = null, val systemData: SystemDataResponse, val threatAnalysisTactics: List<String>? = null, val threatAnalysisTechniques: List<String>? = null, val type: String, val version: String)
Template resource definition.
Link copied to clipboard
data class GetCustomizableConnectorDefinitionResult(val connectionsConfig: CustomizableConnectionsConfigResponse? = null, val connectorUiConfig: CustomizableConnectorUiConfigResponse, val createdTimeUtc: String? = null, val etag: String? = null, val id: String, val kind: String, val lastModifiedUtc: String? = null, val name: String, val systemData: SystemDataResponse, val type: String)
Connector definition for kind 'Customizable'.
Link copied to clipboard
data class GetEntitiesGetTimelineResult(val metaData: TimelineResultsMetadataResponse? = null, val value: List<Any>? = null)
The entity timeline result operation response.
Link copied to clipboard
data class GetEntityAnalyticsResult(val entityProviders: List<String>? = null, val etag: String? = null, val id: String, val kind: String, val name: String, val systemData: SystemDataResponse, val type: String)
Settings with single toggle.
Link copied to clipboard
data class GetEntityInsightsResult(val metaData: GetInsightsResultsMetadataResponse? = null, val value: List<EntityInsightItemResponse>? = null)
The Get Insights result operation response.
Link copied to clipboard
data class GetEyesOnResult(val etag: String? = null, val id: String, val isEnabled: Boolean, val kind: String, val name: String, val systemData: SystemDataResponse, val type: String)
Settings with single toggle.
Link copied to clipboard
data class GetFileImportResult(val contentType: String, val createdTimeUTC: String, val errorFile: FileMetadataResponse, val errorsPreview: List<ValidationErrorResponse>, val filesValidUntilTimeUTC: String, val id: String, val importFile: FileMetadataResponse, val importValidUntilTimeUTC: String, val ingestedRecordCount: Int, val ingestionMode: String, val name: String, val source: String, val state: String, val systemData: SystemDataResponse, val totalRecordCount: Int, val type: String, val validRecordCount: Int)
Represents a file import in Azure Security Insights.
Link copied to clipboard
data class GetFusionAlertRuleResult(val alertRuleTemplateName: String, val description: String, val displayName: String, val enabled: Boolean, val etag: String? = null, val id: String, val kind: String, val lastModifiedUtc: String, val name: String, val severity: String, val systemData: SystemDataResponse, val tactics: List<String>, val techniques: List<String>, val type: String)
Represents Fusion alert rule.
Link copied to clipboard
data class GetHuntCommentResult(val etag: String? = null, val id: String, val message: String, val name: String, val systemData: SystemDataResponse, val type: String)
Represents a Hunt Comment in Azure Security Insights
Link copied to clipboard
data class GetHuntRelationResult(val etag: String? = null, val id: String, val labels: List<String>? = null, val name: String, val relatedResourceId: String, val relatedResourceKind: String, val relatedResourceName: String, val relationType: String, val systemData: SystemDataResponse, val type: String)
Represents a Hunt Relation in Azure Security Insights.
Link copied to clipboard
data class GetHuntResult(val attackTactics: List<String>? = null, val attackTechniques: List<String>? = null, val description: String, val displayName: String, val etag: String? = null, val hypothesisStatus: String? = null, val id: String, val labels: List<String>? = null, val name: String, val owner: HuntOwnerResponse? = null, val status: String? = null, val systemData: SystemDataResponse, val type: String)
Represents a Hunt in Azure Security Insights.
Link copied to clipboard
data class GetIncidentCommentResult(val author: ClientInfoResponse, val createdTimeUtc: String, val etag: String? = null, val id: String, val lastModifiedTimeUtc: String, val message: String, val name: String, val systemData: SystemDataResponse, val type: String)
Represents an incident comment
Link copied to clipboard
data class GetIncidentRelationResult(val etag: String? = null, val id: String, val name: String, val relatedResourceId: String, val relatedResourceKind: String, val relatedResourceName: String, val relatedResourceType: String, val systemData: SystemDataResponse, val type: String)
Represents a relation between two resources
Link copied to clipboard
data class GetIncidentResult(val additionalData: IncidentAdditionalDataResponse, val classification: String? = null, val classificationComment: String? = null, val classificationReason: String? = null, val createdTimeUtc: String, val description: String? = null, val etag: String? = null, val firstActivityTimeUtc: String? = null, val id: String, val incidentNumber: Int, val incidentUrl: String, val labels: List<IncidentLabelResponse>? = null, val lastActivityTimeUtc: String? = null, val lastModifiedTimeUtc: String, val name: String, val owner: IncidentOwnerInfoResponse? = null, val providerIncidentId: String, val providerName: String, val relatedAnalyticRuleIds: List<String>, val severity: String, val status: String, val systemData: SystemDataResponse, val title: String, val type: String)
Represents an incident in Azure Security Insights.
Link copied to clipboard
data class GetIncidentTaskResult(val createdBy: ClientInfoResponse? = null, val createdTimeUtc: String, val description: String? = null, val etag: String? = null, val id: String, val lastModifiedBy: ClientInfoResponse? = null, val lastModifiedTimeUtc: String, val name: String, val status: String, val systemData: SystemDataResponse, val title: String, val type: String)
Link copied to clipboard
data class GetInsightsErrorKindResponse(val errorMessage: String, val kind: String, val queryId: String? = null)
GetInsights Query Errors.
Link copied to clipboard
data class GetInsightsResultsMetadataResponse(val errors: List<GetInsightsErrorKindResponse>? = null, val totalCount: Int)
Get Insights result metadata.
Link copied to clipboard
data class GetMCASDataConnectorResult(val dataTypes: MCASDataConnectorDataTypesResponse? = null, val etag: String? = null, val id: String, val kind: String, val name: String, val systemData: SystemDataResponse, val tenantId: String? = null, val type: String)
Represents MCAS (Microsoft Cloud App Security) data connector.
Link copied to clipboard
data class GetMDATPDataConnectorResult(val dataTypes: AlertsDataTypeOfDataConnectorResponse? = null, val etag: String? = null, val id: String, val kind: String, val name: String, val systemData: SystemDataResponse, val tenantId: String? = null, val type: String)
Represents MDATP (Microsoft Defender Advanced Threat Protection) data connector.
Link copied to clipboard
data class GetMetadataResult(val author: MetadataAuthorResponse? = null, val categories: MetadataCategoriesResponse? = null, val contentId: String? = null, val contentSchemaVersion: String? = null, val customVersion: String? = null, val dependencies: MetadataDependenciesResponse? = null, val etag: String? = null, val firstPublishDate: String? = null, val icon: String? = null, val id: String, val kind: String, val lastPublishDate: String? = null, val name: String, val parentId: String, val previewImages: List<String>? = null, val previewImagesDark: List<String>? = null, val providers: List<String>? = null, val source: MetadataSourceResponse? = null, val support: MetadataSupportResponse? = null, val systemData: SystemDataResponse, val threatAnalysisTactics: List<String>? = null, val threatAnalysisTechniques: List<String>? = null, val type: String, val version: String? = null)
Metadata resource definition.
Link copied to clipboard
data class GetMicrosoftSecurityIncidentCreationAlertRuleResult(val alertRuleTemplateName: String? = null, val description: String? = null, val displayName: String, val displayNamesExcludeFilter: List<String>? = null, val displayNamesFilter: List<String>? = null, val enabled: Boolean, val etag: String? = null, val id: String, val kind: String, val lastModifiedUtc: String, val name: String, val productFilter: String, val severitiesFilter: List<String>? = null, val systemData: SystemDataResponse, val type: String)
Represents MicrosoftSecurityIncidentCreation rule.
Link copied to clipboard
data class GetOfficeDataConnectorResult(val dataTypes: OfficeDataConnectorDataTypesResponse? = null, val etag: String? = null, val id: String, val kind: String, val name: String, val systemData: SystemDataResponse, val tenantId: String? = null, val type: String)
Represents office data connector.
Link copied to clipboard
data class GetScheduledAlertRuleResult(val alertDetailsOverride: AlertDetailsOverrideResponse? = null, val alertRuleTemplateName: String? = null, val customDetails: Map<String, String>? = null, val description: String? = null, val displayName: String, val enabled: Boolean, val entityMappings: List<EntityMappingResponse>? = null, val etag: String? = null, val eventGroupingSettings: EventGroupingSettingsResponse? = null, val id: String, val incidentConfiguration: IncidentConfigurationResponse? = null, val kind: String, val lastModifiedUtc: String, val name: String, val query: String, val queryFrequency: String, val queryPeriod: String, val severity: String, val suppressionDuration: String, val suppressionEnabled: Boolean, val systemData: SystemDataResponse, val tactics: List<String>? = null, val techniques: List<String>? = null, val templateVersion: String? = null, val triggerOperator: String, val triggerThreshold: Int, val type: String)
Represents scheduled alert rule.
Link copied to clipboard
data class GetSentinelOnboardingStateResult(val customerManagedKey: Boolean? = null, val etag: String? = null, val id: String, val name: String, val systemData: SystemDataResponse, val type: String)
Sentinel onboarding state
Link copied to clipboard
data class GetSourceControlResult(val contentTypes: List<String>, val description: String? = null, val displayName: String, val etag: String? = null, val id: String, val lastDeploymentInfo: DeploymentInfoResponse? = null, val name: String, val repoType: String, val repository: RepositoryResponse, val repositoryResourceInfo: RepositoryResourceInfoResponse? = null, val systemData: SystemDataResponse, val type: String, val version: String? = null)
Represents a SourceControl in Azure Security Insights.
Link copied to clipboard
data class GetSystemResult(val configuration: SapSystemsConfigurationResponse, val displayName: String, val etag: String? = null, val id: String, val lastModifiedTimeUtc: String, val name: String, val status: String? = null, val systemData: SystemDataResponse, val type: String)
Describes the system within the agent.
Link copied to clipboard
data class GetThreatIntelligenceIndicatorResult(val etag: String? = null, val id: String, val kind: String, val name: String, val systemData: SystemDataResponse, val type: String)
Threat intelligence information object.
Link copied to clipboard
data class GetTIDataConnectorResult(val dataTypes: TIDataConnectorDataTypesResponse? = null, val etag: String? = null, val id: String, val kind: String, val name: String, val systemData: SystemDataResponse, val tenantId: String? = null, val tipLookbackPeriod: String? = null, val type: String)
Represents threat intelligence data connector.
Link copied to clipboard
data class GetUebaResult(val dataSources: List<String>? = null, val etag: String? = null, val id: String, val kind: String, val name: String, val systemData: SystemDataResponse, val type: String)
Settings with single toggle.
Link copied to clipboard
data class GetWatchlistItemResult(val created: String? = null, val createdBy: WatchlistUserInfoResponse? = null, val entityMapping: Any? = null, val etag: String? = null, val id: String, val isDeleted: Boolean? = null, val itemsKeyValue: Any, val name: String, val systemData: SystemDataResponse, val tenantId: String? = null, val type: String, val updated: String? = null, val updatedBy: WatchlistUserInfoResponse? = null, val watchlistItemId: String? = null, val watchlistItemType: String? = null)
Represents a Watchlist Item in Azure Security Insights.
Link copied to clipboard
data class GetWatchlistResult(val contentType: String? = null, val created: String? = null, val createdBy: WatchlistUserInfoResponse? = null, val defaultDuration: String? = null, val description: String? = null, val displayName: String, val etag: String? = null, val id: String, val isDeleted: Boolean? = null, val itemsSearchKey: String, val labels: List<String>? = null, val name: String, val numberOfLinesToSkip: Int? = null, val provider: String, val rawContent: String? = null, val source: String, val systemData: SystemDataResponse, val tenantId: String? = null, val type: String, val updated: String? = null, val updatedBy: WatchlistUserInfoResponse? = null, val uploadStatus: String? = null, val watchlistAlias: String? = null, val watchlistId: String? = null, val watchlistType: String? = null)
Represents a Watchlist in Azure Security Insights.
Link copied to clipboard
data class GetWorkspaceManagerAssignmentResult(val etag: String, val id: String, val items: List<AssignmentItemResponse>, val lastJobEndTime: String, val lastJobProvisioningState: String, val name: String, val systemData: SystemDataResponse, val targetResourceName: String, val type: String)
The workspace manager assignment
Link copied to clipboard
data class GetWorkspaceManagerConfigurationResult(val etag: String, val id: String, val mode: String, val name: String, val systemData: SystemDataResponse, val type: String)
The workspace manager configuration
Link copied to clipboard
data class GetWorkspaceManagerGroupResult(val description: String? = null, val displayName: String, val etag: String, val id: String, val memberResourceNames: List<String>, val name: String, val systemData: SystemDataResponse, val type: String)
The workspace manager group
Link copied to clipboard
data class GetWorkspaceManagerMemberResult(val etag: String, val id: String, val name: String, val systemData: SystemDataResponse, val targetWorkspaceResourceId: String, val targetWorkspaceTenantId: String, val type: String)
The workspace manager member
Link copied to clipboard
Resources created in GitHub repository.
Link copied to clipboard
The graph query to show the volume of data arriving into the workspace over time.
Link copied to clipboard
data class GroupingConfigurationResponse(val enabled: Boolean, val groupByAlertDetails: List<String>? = null, val groupByCustomDetails: List<String>? = null, val groupByEntities: List<String>? = null, val lookbackDuration: String, val matchingMethod: String, val reopenClosedIncident: Boolean)
Grouping configuration property bag.
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
data class IncidentConfigurationResponse(val createIncident: Boolean, val groupingConfiguration: GroupingConfigurationResponse? = null)
Incident Configuration property bag.
Link copied to clipboard
data class IncidentInfoResponse(val incidentId: String? = null, val relationName: String? = null, val severity: String? = null, val title: String? = null)
Describes related incident information for the bookmark
Link copied to clipboard
Represents an incident label
Link copied to clipboard
Link copied to clipboard
data class IncidentPropertiesActionResponse(val classification: String? = null, val classificationComment: String? = null, val classificationReason: String? = null, val labels: List<IncidentLabelResponse>? = null, val owner: IncidentOwnerInfoResponse? = null, val severity: String? = null, val status: String? = null)
Link copied to clipboard
data class InsightsTableResultResponse(val columns: List<InsightsTableResultResponseColumns>? = null, val rows: List<List<String>>? = null)
Query results for table insights query.
Link copied to clipboard
Link copied to clipboard
Instruction step details, to be displayed in the Instructions steps section in the connector's page in Sentinel Portal.
Link copied to clipboard
data class InstructionStepResponse(val description: String? = null, val innerSteps: List<InstructionStepResponse>? = null, val instructions: List<InstructionStepDetailsResponse>? = null, val title: String? = null)
Instruction steps to enable the connector.
Link copied to clipboard
data class ListGeodataByIpResult(val asn: String? = null, val carrier: String? = null, val city: String? = null, val cityConfidenceFactor: Int? = null, val continent: String? = null, val country: String? = null, val countryConfidenceFactor: Int? = null, val ipAddr: String? = null, val ipRoutingType: String? = null, val latitude: String? = null, val longitude: String? = null, val organization: String? = null, val organizationType: String? = null, val region: String? = null, val state: String? = null, val stateCode: String? = null, val stateConfidenceFactor: Int? = null)
Geodata information for a given IP address
Link copied to clipboard
List all the source controls.
Link copied to clipboard
data class ListSystemActionsResult(val nextLink: String? = null, val value: List<Either<LockUserActionResponse, UnlockUserActionResponse>>)
List all actions for a system to perform.
Link copied to clipboard
data class ListWhoisByDomainResult(val created: String? = null, val domain: String? = null, val expires: String? = null, val parsedWhois: EnrichmentDomainWhoisDetailsResponse? = null, val server: String? = null, val updated: String? = null)
Whois information for a given domain and associated metadata
Link copied to clipboard
data class LockUserActionResponse(val failureReason: String? = null, val kind: String, val user: String? = null)
Represents lock user action.
Link copied to clipboard
Link copied to clipboard
data class MCASDataConnectorDataTypesResponse(val alerts: DataConnectorDataTypeCommonResponse? = null, val discoveryLogs: DataConnectorDataTypeCommonResponse? = null)
The available data types for MCAS (Microsoft Cloud App Security) data connector.
Link copied to clipboard
data class MetadataAuthorResponse(val email: String? = null, val link: String? = null, val name: String? = null)
Publisher or creator of the content item.
Link copied to clipboard
data class MetadataCategoriesResponse(val domains: List<String>? = null, val verticals: List<String>? = null)
ies for the solution content item
Link copied to clipboard
data class MetadataDependenciesResponse(val contentId: String? = null, val criteria: List<MetadataDependenciesResponse>? = null, val kind: String? = null, val name: String? = null, val operator: String? = null, val version: String? = null)
Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies using a recursive/nested structure. For a single dependency an id/kind/version can be supplied or operator/criteria for complex dependencies.
Link copied to clipboard
data class MetadataSourceResponse(val kind: String, val name: String? = null, val sourceId: String? = null)
The original source of the content item, where it comes from.
Link copied to clipboard
data class MetadataSupportResponse(val email: String? = null, val link: String? = null, val name: String? = null, val tier: String)
Support information for the content item.
Link copied to clipboard
data class OfficeDataConnectorDataTypesResponse(val exchange: OfficeDataConnectorDataTypesResponseExchange? = null, val sharePoint: OfficeDataConnectorDataTypesResponseSharePoint? = null, val teams: OfficeDataConnectorDataTypesResponseTeams? = null)
The available data types for office data connector.
Link copied to clipboard
Exchange data type connection.
Link copied to clipboard
SharePoint data type connection.
Link copied to clipboard
Teams data type connection.
Link copied to clipboard
data class PlaybookActionPropertiesResponse(val logicAppResourceId: String, val tenantId: String? = null)
Link copied to clipboard
data class PropertyArrayChangedConditionPropertiesResponse(val conditionProperties: AutomationRulePropertyArrayChangedValuesConditionResponse? = null, val conditionType: String)
Describes an automation rule condition that evaluates an array property's value change
Link copied to clipboard
data class PropertyChangedConditionPropertiesResponse(val conditionProperties: AutomationRulePropertyValuesChangedConditionResponse? = null, val conditionType: String)
Describes an automation rule condition that evaluates a property's value change
Link copied to clipboard
data class PropertyConditionPropertiesResponse(val conditionProperties: AutomationRulePropertyValuesConditionResponse? = null, val conditionType: String)
Describes an automation rule condition that evaluates a property's value
Link copied to clipboard
data class RepoResponse(val branches: List<String>? = null, val fullName: String? = null, val url: String? = null)
Represents a repository.
Link copied to clipboard
data class RepositoryResourceInfoResponse(val azureDevOpsResourceInfo: AzureDevOpsResourceInfoResponse? = null, val gitHubResourceInfo: GitHubResourceInfoResponse? = null, val webhook: WebhookResponse? = null)
Resources created in user's repository for the source-control.
Link copied to clipboard
data class RepositoryResponse(val branch: String? = null, val deploymentLogsUrl: String? = null, val displayUrl: String? = null, val pathMapping: List<ContentPathMapResponse>? = null, val url: String? = null)
metadata of a repository.
Link copied to clipboard
data class ResourceProviderRequiredPermissionsResponse(val action: Boolean? = null, val delete: Boolean? = null, val read: Boolean? = null, val write: Boolean? = null)
Required permissions for the connector resource provider that define in ResourceProviders. For more information about the permissions see
Link copied to clipboard
data class RfcConnectorResponse(val abapServerHost: String? = null, val authenticationType: String? = null, val client: String, val codePage: String? = null, val group: String? = null, val messageServerHost: String? = null, val messageServerService: String? = null, val sncQop: String? = null, val systemId: String, val systemNumber: String, val type: String)
Describes the Rfc connector.
Link copied to clipboard
The sample queries for the connector.
Link copied to clipboard
data class SapAgentConfigurationResponse(val agentContainerName: String? = null, val keyVaultAuthenticationMode: String? = null, val keyVaultResourceId: String? = null, val sdkPath: String? = null, val secretSource: String? = null, val sncPath: String? = null, val type: String)
Describes the configuration of a SAP Docker agent.
Link copied to clipboard
Link copied to clipboard
data class SapSystemsConfigurationResponse(val azureResourceId: String? = null, val connector: Either<RfcConnectorResponse, SapControlConnectorResponse>, val logs: List<LogResponse>? = null, val type: String)
Describes the SAP configuration.
Link copied to clipboard
data class SecurityAlertTimelineItemResponse(val alertType: String, val azureResourceId: String, val description: String? = null, val displayName: String, val endTimeUtc: String, val intent: String, val kind: String, val productName: String? = null, val severity: String, val startTimeUtc: String, val techniques: List<String>? = null, val timeGenerated: String)
Represents security alert timeline item.
Link copied to clipboard
data class SecurityMLAnalyticsSettingsDataSourceResponse(val connectorId: String? = null, val dataTypes: List<String>? = null)
security ml analytics settings data sources
Link copied to clipboard
data class SystemDataResponse(val createdAt: String? = null, val createdBy: String? = null, val createdByType: String? = null, val lastModifiedAt: String? = null, val lastModifiedBy: String? = null, val lastModifiedByType: String? = null)
Metadata pertaining to creation and last modification of the resource.
Link copied to clipboard
data class TIDataConnectorDataTypesResponse(val indicators: TIDataConnectorDataTypesResponseIndicators? = null)
The available data types for TI (Threat Intelligence) data connector.
Link copied to clipboard
Data type for indicators connection.
Link copied to clipboard
timeline aggregation information per kind
Link copied to clipboard
data class TimelineErrorResponse(val errorMessage: String, val kind: String, val queryId: String? = null)
Timeline Query Errors.
Link copied to clipboard
data class TimelineResultsMetadataResponse(val aggregations: List<TimelineAggregationResponse>, val errors: List<TimelineErrorResponse>? = null, val totalCount: Int)
Expansion result metadata.
Link copied to clipboard
data class UnlockUserActionResponse(val failureReason: String? = null, val kind: String, val user: String? = null)
Represents an unlock user action.
Link copied to clipboard
User information that made some action
Link copied to clipboard
Describes an error encountered in the file during validation.
Link copied to clipboard
data class WatchlistUserInfoResponse(val email: String, val name: String, val objectId: String? = null)
User information that made some action
Link copied to clipboard
data class WebhookResponse(val rotateWebhookSecret: Boolean? = null, val webhookId: String? = null, val webhookSecretUpdateTime: String? = null, val webhookUrl: String? = null)
Detail about the webhook object.