All Classes and Interfaces
Class
Description
Represents AAD (Azure Active Directory) requirements check request.
AAD (Azure Active Directory) requirements check properties.
Represents AAD (Azure Active Directory) data connector.
AAD (Azure Active Directory) data connector properties.
Represents AATP (Azure Advanced Threat Protection) requirements check request.
AATP (Azure Advanced Threat Protection) requirements check properties.
Represents AATP (Azure Advanced Threat Protection) data connector.
AATP (Azure Advanced Threat Protection) data connector properties.
Represents an account entity.
Account entity property bag.
Action property bag base.
Action for alert rule.
Action property bag.
An immutable client-side representation of ActionResponse.
The entirety of the ActionResponse definition.
The ActionResponse definition stages.
The first stage of the ActionResponse definition.
The stage of the ActionResponse definition which contains all the minimum required properties for the
resource to be created, but also allows for any other optional properties to be specified.
The stage of the ActionResponse definition allowing to specify etag.
The stage of the ActionResponse definition allowing to specify logicAppResourceId.
The stage of the ActionResponse definition allowing to specify parent resource.
The stage of the ActionResponse definition allowing to specify triggerUri.
The template for ActionResponse update.
The ActionResponse update stages.
The stage of the ActionResponse update allowing to specify etag.
The stage of the ActionResponse update allowing to specify logicAppResourceId.
The stage of the ActionResponse update allowing to specify triggerUri.
Action for alert rule.
Action property bag.
Resource collection API of Actions.
An instance of this class provides access to all the operations defined in ActionsClient.
List all the actions.
The type of the automation rule action.
Represents Activity entity query.
Describes activity entity query properties.
The Activity query definitions.
Represents Activity entity query.
Represents Activity entity query.
Describes activity entity query properties.
The Activity query definitions.
Represents Activity timeline item.
Alert detail.
Settings for how to dynamically override alert static details.
An immutable client-side representation of AlertRule.
Alert rule.
The kind of the alert rule.
Resource collection API of AlertRules.
An instance of this class provides access to all the operations defined in AlertRulesClient.
List all the alert rules.
An immutable client-side representation of AlertRuleTemplate.
alert rule template data sources.
Alert rule template.
Base alert rule template property bag.
Resource collection API of AlertRuleTemplates.
An instance of this class provides access to all the operations defined in AlertRuleTemplatesClient.
List all the alert rule templates.
Alert rule template with MITRE property bag.
Alerts data type for data connectors.
The severity of the alert.
The lifecycle status of the alert.
Settings with single toggle.
Anomalies property bag.
Represents Anomaly Security ML Analytics Settings.
AnomalySecurityMLAnalytics settings base property bag.
Represents anomaly timeline item.
The directionality of this mail message.
Represents Codeless API Polling data connector.
Represents ASC (Azure Security Center) requirements check request.
ASC (Azure Security Center) requirements check properties.
Represents ASC (Azure Security Center) data connector.
ASC (Azure Security Center) data connector properties.
The severity for alerts created by this alert rule.
An immutable client-side representation of AutomationRule.
The entirety of the AutomationRule definition.
The AutomationRule definition stages.
The first stage of the AutomationRule definition.
The stage of the AutomationRule definition allowing to specify actions.
The stage of the AutomationRule definition which contains all the minimum required properties for the
resource to be created, but also allows for any other optional properties to be specified.
The stage of the AutomationRule definition allowing to specify displayName.
The stage of the AutomationRule definition allowing to specify etag.
The stage of the AutomationRule definition allowing to specify order.
The stage of the AutomationRule definition allowing to specify parent resource.
The stage of the AutomationRule definition allowing to specify triggeringLogic.
The template for AutomationRule update.
The AutomationRule update stages.
The stage of the AutomationRule update allowing to specify actions.
The stage of the AutomationRule update allowing to specify displayName.
The stage of the AutomationRule update allowing to specify etag.
The stage of the AutomationRule update allowing to specify order.
The stage of the AutomationRule update allowing to specify triggeringLogic.
Describes an automation rule action.
The AutomationRuleBooleanCondition model.
Defines values for AutomationRuleBooleanConditionSupportedOperator.
Describes an automation rule condition.
The AutomationRule model.
Describes an automation rule action to modify an object's properties.
Automation rule properties.
Defines values for AutomationRulePropertyArrayChangedConditionSupportedArrayType.
Defines values for AutomationRulePropertyArrayChangedConditionSupportedChangeType.
The AutomationRulePropertyArrayChangedValuesCondition model.
Defines values for AutomationRulePropertyArrayConditionSupportedArrayConditionType.
Defines values for AutomationRulePropertyArrayConditionSupportedArrayType.
The AutomationRulePropertyArrayValuesCondition model.
Defines values for AutomationRulePropertyChangedConditionSupportedChangedType.
Defines values for AutomationRulePropertyChangedConditionSupportedPropertyType.
Defines values for AutomationRulePropertyConditionSupportedOperator.
The property to evaluate in an automation rule property condition.
The AutomationRulePropertyValuesChangedCondition model.
The AutomationRulePropertyValuesCondition model.
Describes an automation rule action to run a playbook.
Resource collection API of AutomationRules.
An instance of this class provides access to all the operations defined in AutomationRulesClient.
The AutomationRulesList model.
Describes automation rule triggering logic.
Connector Availability Status.
The connector Availability Status.
Amazon Web Services CloudTrail requirements check request.
Represents Amazon Web Services CloudTrail data connector.
The available data types for Amazon Web Services CloudTrail data connector.
Logs data type.
Amazon Web Services CloudTrail data connector properties.
Amazon Web Services S3 requirements check request.
Represents Amazon Web Services S3 data connector.
The available data types for Amazon Web Services S3 data connector.
Logs data type.
Amazon Web Services S3 data connector properties.
Resources created in Azure DevOps repository.
Represents an azure resource entity.
AzureResource entity property bag.
An immutable client-side representation of Bookmark.
The entirety of the Bookmark definition.
The Bookmark definition stages.
The first stage of the Bookmark definition.
The stage of the Bookmark definition which contains all the minimum required properties for the resource to
be created, but also allows for any other optional properties to be specified.
The stage of the Bookmark definition allowing to specify created.
The stage of the Bookmark definition allowing to specify createdBy.
The stage of the Bookmark definition allowing to specify displayName.
The stage of the Bookmark definition allowing to specify entityMappings.
The stage of the Bookmark definition allowing to specify etag.
The stage of the Bookmark definition allowing to specify eventTime.
The stage of the Bookmark definition allowing to specify incidentInfo.
The stage of the Bookmark definition allowing to specify labels.
The stage of the Bookmark definition allowing to specify notes.
The stage of the Bookmark definition allowing to specify parent resource.
The stage of the Bookmark definition allowing to specify query.
The stage of the Bookmark definition allowing to specify queryEndTime.
The stage of the Bookmark definition allowing to specify queryResult.
The stage of the Bookmark definition allowing to specify queryStartTime.
The stage of the Bookmark definition allowing to specify tactics.
The stage of the Bookmark definition allowing to specify techniques.
The stage of the Bookmark definition allowing to specify updated.
The stage of the Bookmark definition allowing to specify updatedBy.
The template for Bookmark update.
The Bookmark update stages.
The stage of the Bookmark update allowing to specify created.
The stage of the Bookmark update allowing to specify createdBy.
The stage of the Bookmark update allowing to specify displayName.
The stage of the Bookmark update allowing to specify entityMappings.
The stage of the Bookmark update allowing to specify etag.
The stage of the Bookmark update allowing to specify eventTime.
The stage of the Bookmark update allowing to specify incidentInfo.
The stage of the Bookmark update allowing to specify labels.
The stage of the Bookmark update allowing to specify notes.
The stage of the Bookmark update allowing to specify query.
The stage of the Bookmark update allowing to specify queryEndTime.
The stage of the Bookmark update allowing to specify queryResult.
The stage of the Bookmark update allowing to specify queryStartTime.
The stage of the Bookmark update allowing to specify tactics.
The stage of the Bookmark update allowing to specify techniques.
The stage of the Bookmark update allowing to specify updated.
The stage of the Bookmark update allowing to specify updatedBy.
Describes the entity mappings of a single entity.
The parameters required to execute an expand operation on the given bookmark.
An immutable client-side representation of BookmarkExpandResponse.
The entity expansion result operation response.
The expansion result values.
Represents a bookmark in Azure Security Insights.
List all the bookmarks.
Resource collection API of BookmarkOperations.
An instance of this class provides access to all the operations defined in BookmarkOperationsClient.
Describes bookmark properties.
Resource collection API of BookmarkRelations.
An instance of this class provides access to all the operations defined in BookmarkRelationsClient.
Resource collection API of Bookmarks.
An instance of this class provides access to all the operations defined in BookmarksClient.
Represents bookmark timeline item.
Describes an automation rule condition that applies a boolean operator (e.g AND, OR) to conditions.
Information on the client (user or application) that made some action.
Represents a cloud application entity.
CloudApplication entity property bag.
Represents Codeless API Polling data connector.
Describe the authentication properties needed to successfully authenticate with the server.
Config to describe the polling config for API poller connector.
Describe the properties needed to make a pagination call.
Describe the request properties needed to successfully pull from the server.
Describes the response from the external server.
Represents Codeless UI data connector.
Config to describe the instructions blade.
The CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem model.
The CodelessUiConnectorConfigPropertiesDataTypesItem model.
The CodelessUiConnectorConfigPropertiesGraphQueriesItem model.
The CodelessUiConnectorConfigPropertiesInstructionStepsItem model.
The CodelessUiConnectorConfigPropertiesSampleQueriesItem model.
Represents Codeless UI data connector.
Defines values for ConditionType.
The confidence level of this alert.
The confidence score calculation status, i.e.
The authentication kind used to poll the data.
Expansion result connected entities.
Setting for the connector check connectivity.
type of connectivity.
Instruction step details.
Defines values for Constant88.
The mapping of content type to a repo path.
The content type of a source control path.
Specific entity query that supports put requests.
The kind of the entity query that supports put request.
Customs permissions required for the connector.
Customs permissions required for the connector.
An immutable client-side representation of DataConnector.
Describes the state of user's authorization for a connector kind.
Represents Codeless API Polling data connector.
Common field for data type in data connectors.
Data connector.
The kind of the data connector.
Describes the state of user's license for a connector kind.
List all the data connectors.
An immutable client-side representation of DataConnectorRequirementsState.
Data connector requirements status.
Resource collection API of DataConnectors.
Data connector requirements properties.
Resource collection API of DataConnectorsCheckRequirementsOperations.
An instance of this class provides access to all the operations defined in
DataConnectorsCheckRequirementsOperationsClient.
An instance of this class provides access to all the operations defined in DataConnectorsClient.
Properties data connector on tenant level.
Data connector properties.
The data type definition.
Describe whether this data type connection is enabled or not.
Indicates whether the file was deleted from the storage account.
The delivery action of this mail message like Delivered, Blocked, Replaced etc.
The delivery location of this mail message like Inbox, JunkFolder etc.
Description about a deployment.
Status while trying to fetch the deployment information.
Information regarding a deployment.
Status while trying to fetch the deployment information.
The current state of the deployment.
Device importance, determines if the device classified as 'crown jewel'.
Represents a dns entity.
Dns entity property bag.
Resource collection API of DomainWhois.
An instance of this class provides access to all the operations defined in DomainWhoisClient.
Represents Dynamics365 requirements check request.
Dynamics365 requirements check properties.
Represents Dynamics365 data connector.
The available data types for Dynamics365 data connector.
Common Data Service data type connection.
Dynamics365 data connector properties.
The elevation token associated with the process.
An immutable client-side representation of EnrichmentDomainWhois.
An individual contact associated with this domain.
The set of contacts associated with this domain.
The whois record for a given domain.
Whois information for a given domain and associated metadata.
The registrar associated with this domain.
An immutable client-side representation of EnrichmentIpGeodata.
Geodata information for a given IP address.
Resource collection API of Entities.
An instance of this class provides access to all the operations defined in EntitiesClient.
Resource collection API of EntitiesGetTimelines.
An instance of this class provides access to all the operations defined in EntitiesGetTimelinesClient.
Resource collection API of EntitiesRelations.
An instance of this class provides access to all the operations defined in EntitiesRelationsClient.
An immutable client-side representation of Entity.
Settings with single toggle.
EntityAnalytics property bag.
Entity common property bag.
The edge that connects the entity to the other entity.
The parameters required to execute an expand operation on the given entity.
An immutable client-side representation of EntityExpandResponse.
The entity expansion result operation response.
The expansion result values.
Map identifiers of a single entity.
The parameters required to execute insights operation on the given entity.
An immutable client-side representation of EntityGetInsightsResponse.
The Get Insights result operation response.
Specific entity.
Entity insight Item.
The Time interval that the query actually executed on.
Defines values for EntityItemQueryKind.
The kind of the entity.
List of all the entities.
Single entity mapping for the alert rule.
The V3 type of the mapped entity.
The entity provider that is synced.
Resource collection API of EntityQueries.
An instance of this class provides access to all the operations defined in EntityQueriesClient.
Defines values for EntityQueriesKind.
An immutable client-side representation of EntityQuery.
Specific entity query.
An abstract Query item for entity.
An properties abstract Query item for entity.
The EntityQueryItemPropertiesDataTypesItem model.
The kind of the entity query.
List of all the entity queries.
An immutable client-side representation of EntityQueryTemplate.
Specific entity query template.
The kind of the entity query template.
List of all the entity query templates.
Resource collection API of EntityQueryTemplates.
An instance of this class provides access to all the operations defined in EntityQueryTemplatesClient.
Resource collection API of EntityRelations.
An instance of this class provides access to all the operations defined in EntityRelationsClient.
Entity timeline Item.
The entity query kind.
The parameters required to execute s timeline operation on the given entity.
An immutable client-side representation of EntityTimelineResponse.
The entity timeline result operation response.
The type of the entity.
The event grouping aggregation kinds.
Event grouping settings property bag.
Describes expansion entity query properties.
Represents Expansion entity query.
Information of a specific aggregation in the expansion result.
Expansion result metadata.
Settings with single toggle.
EyesOn property bag.
A single field mapping of the mapped entity.
Represents a file entity.
File entity property bag.
The format of the file.
The hash algorithm type.
Represents a file hash entity.
FileHash entity property bag.
An immutable client-side representation of FileImport.
The entirety of the FileImport definition.
The FileImport definition stages.
The first stage of the FileImport definition.
The stage of the FileImport definition allowing to specify contentType.
The stage of the FileImport definition which contains all the minimum required properties for the resource to
be created, but also allows for any other optional properties to be specified.
The stage of the FileImport definition allowing to specify importFile.
The stage of the FileImport definition allowing to specify ingestionMode.
The stage of the FileImport definition allowing to specify parent resource.
The stage of the FileImport definition allowing to specify source.
The content type of this file.
Represents a file import in Azure Security Insights.
List all the file imports.
Describes the FileImport's properties.
Resource collection API of FileImports.
An instance of this class provides access to all the operations defined in FileImportsClient.
The state of the file import.
Represents a file.
Represents Fusion alert rule.
Fusion alert rule base property bag.
Represents Fusion alert rule template.
Fusion alert rule template properties.
Represents a Fusion scenario exclusion patterns in Fusion detection.
Represents a supported source signal configuration in Fusion detection.
Represents a supported source subtype configuration under a source signal in Fusion detection.
Represents severity configuration for a source subtype consumed in Fusion detection.
Represents a Severity filter setting for a given source subtype consumed in Fusion detection.
Represents a source signal consumed in Fusion detection.
Represents a source subtype under a source signal consumed in Fusion detection.
Represents severity configurations available for a source subtype consumed in Fusion detection.
The geo-location context attached to the ip entity.
the query kind.
GetInsights Query Errors.
Get Insights result metadata.
An immutable client-side representation of GetQueriesResponse.
Retrieve queries for entity result operation response.
Resources created in GitHub repository.
The graph query to show the current data status.
Grouping configuration property bag.
Represents a host entity.
Host entity property bag.
Represents a Hunting bookmark entity.
Describes bookmark properties.
An immutable client-side representation of Incident.
The entirety of the Incident definition.
The Incident definition stages.
The first stage of the Incident definition.
The stage of the Incident definition allowing to specify classification.
The stage of the Incident definition allowing to specify classificationComment.
The stage of the Incident definition allowing to specify classificationReason.
The stage of the Incident definition which contains all the minimum required properties for the resource to
be created, but also allows for any other optional properties to be specified.
The stage of the Incident definition allowing to specify description.
The stage of the Incident definition allowing to specify etag.
The stage of the Incident definition allowing to specify firstActivityTimeUtc.
The stage of the Incident definition allowing to specify labels.
The stage of the Incident definition allowing to specify lastActivityTimeUtc.
The stage of the Incident definition allowing to specify owner.
The stage of the Incident definition allowing to specify parent resource.
The stage of the Incident definition allowing to specify providerIncidentId.
The stage of the Incident definition allowing to specify providerName.
The stage of the Incident definition allowing to specify severity.
The stage of the Incident definition allowing to specify status.
The stage of the Incident definition allowing to specify teamInformation.
The stage of the Incident definition allowing to specify title.
The template for Incident update.
The Incident update stages.
The stage of the Incident update allowing to specify classification.
The stage of the Incident update allowing to specify classificationComment.
The stage of the Incident update allowing to specify classificationReason.
The stage of the Incident update allowing to specify description.
The stage of the Incident update allowing to specify etag.
The stage of the Incident update allowing to specify firstActivityTimeUtc.
The stage of the Incident update allowing to specify labels.
The stage of the Incident update allowing to specify lastActivityTimeUtc.
The stage of the Incident update allowing to specify owner.
The stage of the Incident update allowing to specify providerIncidentId.
The stage of the Incident update allowing to specify providerName.
The stage of the Incident update allowing to specify severity.
The stage of the Incident update allowing to specify status.
The stage of the Incident update allowing to specify teamInformation.
The stage of the Incident update allowing to specify title.
Incident additional data property bag.
An immutable client-side representation of IncidentAlertList.
List of incident alerts.
An immutable client-side representation of IncidentBookmarkList.
List of incident bookmarks.
The reason the incident was closed.
The classification reason the incident was closed with.
An immutable client-side representation of IncidentComment.
The entirety of the IncidentComment definition.
The IncidentComment definition stages.
The first stage of the IncidentComment definition.
The stage of the IncidentComment definition which contains all the minimum required properties for the
resource to be created, but also allows for any other optional properties to be specified.
The stage of the IncidentComment definition allowing to specify etag.
The stage of the IncidentComment definition allowing to specify message.
The stage of the IncidentComment definition allowing to specify parent resource.
The template for IncidentComment update.
The IncidentComment update stages.
The stage of the IncidentComment update allowing to specify etag.
The stage of the IncidentComment update allowing to specify message.
Represents an incident comment.
List of incident comments.
Incident comment property bag.
Resource collection API of IncidentComments.
An instance of this class provides access to all the operations defined in IncidentCommentsClient.
Incident Configuration property bag.
An immutable client-side representation of IncidentEntitiesResponse.
The incident related entities response.
Information of a specific aggregation in the incident related entities result.
Describes related incident information for the bookmark.
Represents an incident in Azure Security Insights.
Represents an incident label.
The type of the label.
List all the incidents.
Information on the user an incident is assigned to.
An immutable client-side representation of IncidentProperties.
The IncidentPropertiesAction model.
Describes incident properties.
Resource collection API of IncidentRelations.
An instance of this class provides access to all the operations defined in IncidentRelationsClient.
Resource collection API of Incidents.
An instance of this class provides access to all the operations defined in IncidentsClient.
The severity of the incident.
The status of the incident.
Describes how to ingest the records in the file.
Represents Insight Query.
Represents Insight Query.
The activity query definitions.
The insight chart query.
The insight chart query.
The insight table query.
The InsightQueryItemPropertiesTableQueryColumnsDefinitionsItem model.
The InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem model.
The InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem model.
Query results for table insights query.
The InsightsTableResultColumnsItem model.
Instruction steps to enable the connector.
The InstructionStepsInstructionsItem model.
Represents IoT requirements check request.
IoT requirements check properties.
Represents IoT data connector.
IoT data connector properties.
Represents an IoT device entity.
IoTDevice entity property bag.
Represents an ip entity.
Ip entity property bag.
Resource collection API of IpGeodatas.
An instance of this class provides access to all the operations defined in IpGeodatasClient.
Holds the alert intent stage(s) mapping for this alert.
The kind of content the metadata is for.
Data type for last data received.
Represents a mailbox entity.
Mailbox entity property bag.
Represents a mail cluster entity.
Mail cluster entity property bag.
Represents a mail message entity.
Mail message entity property bag.
Represents a malware entity.
Malware entity property bag.
The ManualTriggerRequestBody model.
Grouping matching method.
Represents MCAS (Microsoft Cloud App Security) requirements check request.
MCAS (Microsoft Cloud App Security) requirements check properties.
Represents MCAS (Microsoft Cloud App Security) data connector.
The available data types for MCAS (Microsoft Cloud App Security) data connector.
MCAS (Microsoft Cloud App Security) data connector properties.
Represents MDATP (Microsoft Defender Advanced Threat Protection) requirements check request.
MDATP (Microsoft Defender Advanced Threat Protection) requirements check properties.
Represents MDATP (Microsoft Defender Advanced Threat Protection) data connector.
MDATP (Microsoft Defender Advanced Threat Protection) data connector properties.
Publisher or creator of the content item.
ies for the solution content item.
Dependencies for the content item, what other content items it requires to work.
List of all the metadata.
An immutable client-side representation of MetadataModel.
The entirety of the MetadataModel definition.
The MetadataModel definition stages.
The first stage of the MetadataModel definition.
The stage of the MetadataModel definition allowing to specify author.
The stage of the MetadataModel definition allowing to specify categories.
The stage of the MetadataModel definition allowing to specify contentId.
The stage of the MetadataModel definition allowing to specify contentSchemaVersion.
The stage of the MetadataModel definition which contains all the minimum required properties for the resource
to be created, but also allows for any other optional properties to be specified.
The stage of the MetadataModel definition allowing to specify customVersion.
The stage of the MetadataModel definition allowing to specify dependencies.
The stage of the MetadataModel definition allowing to specify etag.
The stage of the MetadataModel definition allowing to specify firstPublishDate.
The stage of the MetadataModel definition allowing to specify icon.
The stage of the MetadataModel definition allowing to specify kind.
The stage of the MetadataModel definition allowing to specify lastPublishDate.
The stage of the MetadataModel definition allowing to specify parentId.
The stage of the MetadataModel definition allowing to specify parent resource.
The stage of the MetadataModel definition allowing to specify previewImages.
The stage of the MetadataModel definition allowing to specify previewImagesDark.
The stage of the MetadataModel definition allowing to specify providers.
The stage of the MetadataModel definition allowing to specify source.
The stage of the MetadataModel definition allowing to specify support.
The stage of the MetadataModel definition allowing to specify threatAnalysisTactics.
The stage of the MetadataModel definition allowing to specify threatAnalysisTechniques.
The stage of the MetadataModel definition allowing to specify version.
The template for MetadataModel update.
The MetadataModel update stages.
The stage of the MetadataModel update allowing to specify author.
The stage of the MetadataModel update allowing to specify categories.
The stage of the MetadataModel update allowing to specify contentId.
The stage of the MetadataModel update allowing to specify contentSchemaVersion.
The stage of the MetadataModel update allowing to specify customVersion.
The stage of the MetadataModel update allowing to specify dependencies.
The stage of the MetadataModel update allowing to specify etag.
The stage of the MetadataModel update allowing to specify firstPublishDate.
The stage of the MetadataModel update allowing to specify icon.
The stage of the MetadataModel update allowing to specify kind.
The stage of the MetadataModel update allowing to specify lastPublishDate.
The stage of the MetadataModel update allowing to specify parentId.
The stage of the MetadataModel update allowing to specify previewImages.
The stage of the MetadataModel update allowing to specify previewImagesDark.
The stage of the MetadataModel update allowing to specify providers.
The stage of the MetadataModel update allowing to specify source.
The stage of the MetadataModel update allowing to specify support.
The stage of the MetadataModel update allowing to specify threatAnalysisTactics.
The stage of the MetadataModel update allowing to specify threatAnalysisTechniques.
The stage of the MetadataModel update allowing to specify version.
Metadata resource definition.
Metadata patch request body.
Metadata property bag.
Metadata property bag for patch requests.
Resource collection API of Metadatas.
An instance of this class provides access to all the operations defined in MetadatasClient.
The original source of the content item, where it comes from.
Support information for the content item.
Represents MicrosoftSecurityIncidentCreation rule.
MicrosoftSecurityIncidentCreation rule common property bag.
MicrosoftSecurityIncidentCreation rule property bag.
Represents MicrosoftSecurityIncidentCreation rule template.
MicrosoftSecurityIncidentCreation rule template properties.
The alerts' productName on which the cases will be generated.
Represents MLBehaviorAnalytics alert rule.
MLBehaviorAnalytics alert rule base property bag.
Represents MLBehaviorAnalytics alert rule template.
MLBehaviorAnalytics alert rule template properties.
Represents Microsoft Threat Intelligence requirements check request.
Microsoft Threat Intelligence requirements check properties.
Represents Microsoft Threat Intelligence data connector.
The available data types for Microsoft Threat Intelligence Platforms data connector.
Data type for Microsoft Threat Intelligence Platforms data connector.
Data type for Microsoft Threat Intelligence Platforms data connector.
Microsoft Threat Intelligence data connector properties.
Represents MTP (Microsoft Threat Protection) requirements check request.
MTP (Microsoft Threat Protection) requirements check properties.
Represents MTP (Microsoft Threat Protection) data connector.
The available data types for Microsoft Threat Protection Platforms data connector.
Data type for Microsoft Threat Protection Platforms data connector.
MTP (Microsoft Threat Protection) data connector properties.
Represents an network interface entity.
Nic entity property bag.
Represents NRT alert rule.
Nrt alert rule base property bag.
Represents NRT alert rule template.
NRT alert rule template properties.
Represents Office365 Project requirements check request.
Office365 Project requirements check properties.
The available data types for Office Microsoft Project data connector.
Logs data type.
Represents Office Microsoft Project data connector.
Office Microsoft Project data connector properties.
Represents OfficeATP (Office 365 Advanced Threat Protection) requirements check request.
OfficeATP (Office 365 Advanced Threat Protection) requirements check properties.
Represents OfficeATP (Office 365 Advanced Threat Protection) data connector.
OfficeATP (Office 365 Advanced Threat Protection) data connector properties.
An immutable client-side representation of OfficeConsent.
Consent for Office365 tenant that already made.
List of all the office365 consents.
Consent property bag.
Resource collection API of OfficeConsents.
An instance of this class provides access to all the operations defined in OfficeConsentsClient.
Represents office data connector.
The available data types for office data connector.
Exchange data type connection.
SharePoint data type connection.
Teams data type connection.
Office data connector properties.
Represents OfficeIRM (Microsoft Insider Risk Management) requirements check request.
OfficeIRM (Microsoft Insider Risk Management) requirements check properties.
Represents OfficeIRM (Microsoft Insider Risk Management) data connector.
OfficeIRM (Microsoft Insider Risk Management) data connector properties.
Represents Office PowerBI requirements check request.
Office PowerBI requirements check properties.
The available data types for Office Microsoft PowerBI data connector.
Logs data type.
Represents Office Microsoft PowerBI data connector.
Office Microsoft PowerBI data connector properties.
An immutable client-side representation of Operation.
Properties of the operation.
Operation provided by provider.
Resource collection API of Operations.
An instance of this class provides access to all the operations defined in OperationsClient.
Lists the operations available in the SecurityInsights RP.
Operator used for list of dependencies in criteria array.
The operating system type.
Insights Column type.
The type of the owner the incident is assigned to.
Permission provider scope.
Permissions required for the connector.
The PermissionsCustomsItem model.
The PermissionsResourceProviderItem model.
The PlaybookActionProperties model.
The polling frequency for the TAXII server.
Represents a process entity.
Process entity property bag.
Resource collection API of ProductSettings.
An instance of this class provides access to all the operations defined in ProductSettingsClient.
Describes an automation rule condition that evaluates an array property's value change.
Describes an automation rule condition that evaluates an array property's value.
Describes an automation rule condition that evaluates a property's value change.
Describes an automation rule condition that evaluates a property's value.
Provider name.
Query based alert rule template base property bag.
the hive that holds the registry key.
Represents a registry key entity.
RegistryKey entity property bag.
Represents a registry value entity.
RegistryValue entity property bag.
Specifies the data types to use when storing values in the registry, or identifies the data type of a value in the
registry.
An immutable client-side representation of Relation.
The entirety of the Relation definition.
The Relation definition stages.
The first stage of the Relation definition.
The stage of the Relation definition which contains all the minimum required properties for the resource to
be created, but also allows for any other optional properties to be specified.
The stage of the Relation definition allowing to specify etag.
The stage of the Relation definition allowing to specify parent resource.
The stage of the Relation definition allowing to specify relatedResourceId.
The template for Relation update.
The Relation update stages.
The stage of the Relation update allowing to specify etag.
The stage of the Relation update allowing to specify relatedResourceId.
Represents a relation between two resources.
List of relations.
Relation property bag.
An immutable client-side representation of Repo.
Represents a repository.
List all the source controls.
metadata of a repository.
Resources created in user's repository for the source-control.
The type of repository.
Required permissions for the connector.
Resource provider permissions required for the connector.
An azure resource object with an Etag property.
The sample queries for the connector.
Represents scheduled alert rule.
Scheduled alert rule template property bag.
Scheduled alert rule base property bag.
Represents scheduled alert rule template.
Scheduled alert rule template properties.
Represents a security alert entity.
SecurityAlert entity property bag.
confidence reason item.
Represents security alert timeline item.
Represents a security group entity.
SecurityGroup entity property bag.
The interface for SecurityInsights class.
Entry point to SecurityInsightsManager.
The Configurable allowing configurations to be set.
An immutable client-side representation of SecurityMLAnalyticsSetting.
Security ML Analytics Setting.
Resource collection API of SecurityMLAnalyticsSettings.
An instance of this class provides access to all the operations defined in SecurityMLAnalyticsSettingsClient.
security ml analytics settings data sources.
The kind of security ML analytics settings.
List all the SecurityMLAnalyticsSettings.
An immutable client-side representation of SentinelOnboardingState.
The entirety of the SentinelOnboardingState definition.
The SentinelOnboardingState definition stages.
The first stage of the SentinelOnboardingState definition.
The stage of the SentinelOnboardingState definition which contains all the minimum required properties for
the resource to be created, but also allows for any other optional properties to be specified.
The stage of the SentinelOnboardingState definition allowing to specify customerManagedKey.
The stage of the SentinelOnboardingState definition allowing to specify etag.
The stage of the SentinelOnboardingState definition allowing to specify parent resource.
Sentinel onboarding state.
The Sentinel onboarding state properties.
Resource collection API of SentinelOnboardingStates.
An instance of this class provides access to all the operations defined in SentinelOnboardingStatesClient.
An immutable client-side representation of SentinelOnboardingStatesList.
List of the Sentinel onboarding states.
The kind of the setting.
An immutable client-side representation of SettingList.
List of all the settings.
An immutable client-side representation of Settings.
The Setting.
The anomaly SecurityMLAnalyticsSettings status.
The kind of the setting.
An immutable client-side representation of SourceControl.
The entirety of the SourceControl definition.
The SourceControl definition stages.
The first stage of the SourceControl definition.
The stage of the SourceControl definition allowing to specify contentTypes.
The stage of the SourceControl definition which contains all the minimum required properties for the resource
to be created, but also allows for any other optional properties to be specified.
The stage of the SourceControl definition allowing to specify description.
The stage of the SourceControl definition allowing to specify displayName.
The stage of the SourceControl definition allowing to specify etag.
The stage of the SourceControl definition allowing to specify idPropertiesId.
The stage of the SourceControl definition allowing to specify lastDeploymentInfo.
The stage of the SourceControl definition allowing to specify parent resource.
The stage of the SourceControl definition allowing to specify repository.
The stage of the SourceControl definition allowing to specify repositoryResourceInfo.
The stage of the SourceControl definition allowing to specify repoType.
The stage of the SourceControl definition allowing to specify version.
Represents a SourceControl in Azure Security Insights.
List all the source controls.
Describes source control properties.
Resource collection API of SourceControls.
An instance of this class provides access to all the operations defined in SourceControlsClient.
Resource collection API of SourceControlsOperations.
An instance of this class provides access to all the operations defined in SourceControlsOperationsClient.
Source type of the content.
The sourceType of the watchlist.
Represents a submission mail entity.
Submission mail entity property bag.
Type of support for content item.
An immutable client-side representation of TeamInformation.
Describes team information.
Describes team properties.
The alert rule template status.
ThreatIntelligence property bag.
Represents Threat Intelligence alert rule.
Threat Intelligence alert rule base property bag.
Represents Threat Intelligence alert rule template.
Threat Intelligence alert rule template properties.
Array of tags to be appended to the threat intelligence indicator.
Describes external reference.
Filtering criteria for querying threat intelligence indicators.
Describes threat granular marking model entity.
Resource collection API of ThreatIntelligenceIndicatorMetrics.
An instance of this class provides access to all the operations defined in ThreatIntelligenceIndicatorMetricsClient.
Threat intelligence indicator entity.
Describes threat intelligence entity properties.
Resource collection API of ThreatIntelligenceIndicators.
An instance of this class provides access to all the operations defined in ThreatIntelligenceIndicatorsClient.
Resource collection API of ThreatIntelligenceIndicatorsOperations.
An instance of this class provides access to all the operations defined in
ThreatIntelligenceIndicatorsOperationsClient.
An immutable client-side representation of ThreatIntelligenceInformation.
Threat intelligence information object.
List of all the threat intelligence information objects.
Describes threat kill chain phase entity.
Describes threat intelligence metric.
Describes threat intelligence metric entity.
Threat intelligence metrics.
An immutable client-side representation of ThreatIntelligenceMetricsList.
List of all the threat intelligence metric fields (type/threat type/source).
Describes parsed pattern entity.
Describes threat kill chain phase entity.
The kind of the threat intelligence entity.
List of available columns for sorting.
Sorting order (ascending/descending/unsorted).
Threat Intelligence Platforms data connector check requirements.
Threat Intelligence Platforms data connector required properties.
Represents threat intelligence data connector.
The available data types for TI (Threat Intelligence) data connector.
Data type for indicators connection.
TI (Threat Intelligence) data connector properties.
timeline aggregation information per kind.
Timeline Query Errors.
Expansion result metadata.
Threat Intelligence TAXII data connector check requirements.
Threat Intelligence TAXII data connector required properties.
Data connector to pull Threat intelligence data from TAXII 2.0/2.1 server.
The available data types for Threat Intelligence TAXII data connector.
Data type for TAXII connector.
Threat Intelligence TAXII data connector properties.
The operation against the threshold that triggers alert rule.
Defines values for TriggersOn.
Defines values for TriggersWhen.
Settings with single toggle.
The data source that enriched by ueba.
Ueba property bag.
Represents a url entity.
Url entity property bag.
User information that made some action.
Describes an error encountered in the file during validation.
The version of the source control.
An immutable client-side representation of Watchlist.
The entirety of the Watchlist definition.
The Watchlist definition stages.
The first stage of the Watchlist definition.
The stage of the Watchlist definition allowing to specify contentType.
The stage of the Watchlist definition which contains all the minimum required properties for the resource to
be created, but also allows for any other optional properties to be specified.
The stage of the Watchlist definition allowing to specify created.
The stage of the Watchlist definition allowing to specify createdBy.
The stage of the Watchlist definition allowing to specify defaultDuration.
The stage of the Watchlist definition allowing to specify description.
The stage of the Watchlist definition allowing to specify displayName.
The stage of the Watchlist definition allowing to specify etag.
The stage of the Watchlist definition allowing to specify isDeleted.
The stage of the Watchlist definition allowing to specify itemsSearchKey.
The stage of the Watchlist definition allowing to specify labels.
The stage of the Watchlist definition allowing to specify numberOfLinesToSkip.
The stage of the Watchlist definition allowing to specify parent resource.
The stage of the Watchlist definition allowing to specify provider.
The stage of the Watchlist definition allowing to specify rawContent.
The stage of the Watchlist definition allowing to specify source.
The stage of the Watchlist definition allowing to specify sourceType.
The stage of the Watchlist definition allowing to specify tenantId.
The stage of the Watchlist definition allowing to specify updated.
The stage of the Watchlist definition allowing to specify updatedBy.
The stage of the Watchlist definition allowing to specify uploadStatus.
The stage of the Watchlist definition allowing to specify watchlistAlias.
The stage of the Watchlist definition allowing to specify watchlistId.
The stage of the Watchlist definition allowing to specify watchlistType.
The template for Watchlist update.
The Watchlist update stages.
The stage of the Watchlist update allowing to specify contentType.
The stage of the Watchlist update allowing to specify created.
The stage of the Watchlist update allowing to specify createdBy.
The stage of the Watchlist update allowing to specify defaultDuration.
The stage of the Watchlist update allowing to specify description.
The stage of the Watchlist update allowing to specify displayName.
The stage of the Watchlist update allowing to specify etag.
The stage of the Watchlist update allowing to specify isDeleted.
The stage of the Watchlist update allowing to specify itemsSearchKey.
The stage of the Watchlist update allowing to specify labels.
The stage of the Watchlist update allowing to specify numberOfLinesToSkip.
The stage of the Watchlist update allowing to specify provider.
The stage of the Watchlist update allowing to specify rawContent.
The stage of the Watchlist update allowing to specify source.
The stage of the Watchlist update allowing to specify sourceType.
The stage of the Watchlist update allowing to specify tenantId.
The stage of the Watchlist update allowing to specify updated.
The stage of the Watchlist update allowing to specify updatedBy.
The stage of the Watchlist update allowing to specify uploadStatus.
The stage of the Watchlist update allowing to specify watchlistAlias.
The stage of the Watchlist update allowing to specify watchlistId.
The stage of the Watchlist update allowing to specify watchlistType.
Represents a Watchlist in Azure Security Insights.
An immutable client-side representation of WatchlistItem.
The entirety of the WatchlistItem definition.
The WatchlistItem definition stages.
The first stage of the WatchlistItem definition.
The stage of the WatchlistItem definition which contains all the minimum required properties for the resource
to be created, but also allows for any other optional properties to be specified.
The stage of the WatchlistItem definition allowing to specify created.
The stage of the WatchlistItem definition allowing to specify createdBy.
The stage of the WatchlistItem definition allowing to specify entityMapping.
The stage of the WatchlistItem definition allowing to specify etag.
The stage of the WatchlistItem definition allowing to specify isDeleted.
The stage of the WatchlistItem definition allowing to specify itemsKeyValue.
The stage of the WatchlistItem definition allowing to specify parent resource.
The stage of the WatchlistItem definition allowing to specify tenantId.
The stage of the WatchlistItem definition allowing to specify updated.
The stage of the WatchlistItem definition allowing to specify updatedBy.
The stage of the WatchlistItem definition allowing to specify watchlistItemId.
The stage of the WatchlistItem definition allowing to specify watchlistItemType.
The template for WatchlistItem update.
The WatchlistItem update stages.
The stage of the WatchlistItem update allowing to specify created.
The stage of the WatchlistItem update allowing to specify createdBy.
The stage of the WatchlistItem update allowing to specify entityMapping.
The stage of the WatchlistItem update allowing to specify etag.
The stage of the WatchlistItem update allowing to specify isDeleted.
The stage of the WatchlistItem update allowing to specify itemsKeyValue.
The stage of the WatchlistItem update allowing to specify tenantId.
The stage of the WatchlistItem update allowing to specify updated.
The stage of the WatchlistItem update allowing to specify updatedBy.
The stage of the WatchlistItem update allowing to specify watchlistItemId.
The stage of the WatchlistItem update allowing to specify watchlistItemType.
Represents a Watchlist item in Azure Security Insights.
List all the watchlist items.
Describes watchlist item properties.
Resource collection API of WatchlistItems.
An instance of this class provides access to all the operations defined in WatchlistItemsClient.
List all the watchlists.
Describes watchlist properties.
Resource collection API of Watchlists.
An instance of this class provides access to all the operations defined in WatchlistsClient.
The WatchlistsCreateOrUpdateHeaders model.
Contains all response data for the createOrUpdate operation.
The WatchlistsDeleteHeaders model.
Contains all response data for the delete operation.
Detail about the webhook object.