diff --git a/sdk/securityinsight/arm-securityinsight/LICENSE.txt b/sdk/securityinsight/arm-securityinsight/LICENSE.txt
new file mode 100644
index 000000000000..2d3163745319
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/LICENSE.txt
@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2021 Microsoft
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/sdk/securityinsight/arm-securityinsight/README.md b/sdk/securityinsight/arm-securityinsight/README.md
new file mode 100644
index 000000000000..9c4f74d0f3dd
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/README.md
@@ -0,0 +1,110 @@
+## Azure SecurityInsights SDK for JavaScript
+
+This package contains an isomorphic SDK (runs both in node.js and in browsers) for SecurityInsights.
+
+### Currently supported environments
+
+- [LTS versions of Node.js](https://nodejs.org/about/releases/)
+- Latest versions of Safari, Chrome, Edge and Firefox.
+
+### Prerequisites
+
+You must have an [Azure subscription](https://azure.microsoft.com/free/).
+
+### How to install
+
+To use this SDK in your project, you will need to install two packages.
+- `@azure/arm-securityinsight` that contains the client.
+- `@azure/identity` that provides different mechanisms for the client to authenticate your requests using Azure Active Directory.
+
+Install both packages using the below command:
+```bash
+npm install --save @azure/arm-securityinsight @azure/identity
+```
+> **Note**: You may have used either `@azure/ms-rest-nodeauth` or `@azure/ms-rest-browserauth` in the past. These packages are in maintenance mode receiving critical bug fixes, but no new features.
+If you are on a [Node.js that has LTS status](https://nodejs.org/about/releases/), or are writing a client side browser application, we strongly encourage you to upgrade to `@azure/identity` which uses the latest versions of Azure Active Directory and MSAL APIs and provides more authentication options.
+
+### How to use
+
+- If you are writing a client side browser application,
+ - Follow the instructions in the section on Authenticating client side browser applications in [Azure Identity examples](https://aka.ms/azsdk/js/identity/examples) to register your application in the Microsoft identity platform and set the right permissions.
+ - Copy the client ID and tenant ID from the Overview section of your app registration in Azure portal and use it in the browser sample below.
+- If you are writing a server side application,
+ - [Select a credential from `@azure/identity` based on the authentication method of your choice](https://aka.ms/azsdk/js/identity/examples)
+ - Complete the set up steps required by the credential if any.
+ - Use the credential you picked in the place of `DefaultAzureCredential` in the Node.js sample below.
+
+In the below samples, we pass the credential and the Azure subscription id to instantiate the client.
+Once the client is created, explore the operations on it either in your favorite editor or in our [API reference documentation](https://docs.microsoft.com/javascript/api) to get started.
+#### nodejs - Authentication, client creation, and list alertRules as an example written in JavaScript.
+
+##### Sample code
+
+```javascript
+const { DefaultAzureCredential } = require("@azure/identity");
+const { SecurityInsights } = require("@azure/arm-securityinsight");
+const subscriptionId = process.env["AZURE_SUBSCRIPTION_ID"];
+
+// Use `DefaultAzureCredential` or any other credential of your choice based on https://aka.ms/azsdk/js/identity/examples
+// Please note that you can also use credentials from the `@azure/ms-rest-nodeauth` package instead.
+const creds = new DefaultAzureCredential();
+const client = new SecurityInsights(creds, subscriptionId);
+const resourceGroupName = "testresourceGroupName";
+const workspaceName = "testworkspaceName";
+client.alertRules.list(resourceGroupName, workspaceName).then((result) => {
+ console.log("The result is:");
+ console.log(result);
+}).catch((err) => {
+ console.log("An error occurred:");
+ console.error(err);
+});
+```
+
+#### browser - Authentication, client creation, and list alertRules as an example written in JavaScript.
+
+In browser applications, we recommend using the `InteractiveBrowserCredential` that interactively authenticates using the default system browser.
+ - See [Single-page application: App registration guide](https://docs.microsoft.com/azure/active-directory/develop/scenario-spa-app-registration) to configure your app registration for the browser.
+ - Note down the client Id from the previous step and use it in the browser sample below.
+
+##### Sample code
+
+- index.html
+
+```html
+
+
+
+ @azure/arm-securityinsight sample
+
+
+
+
+
+
+
+```
+
+## Related projects
+
+- [Microsoft Azure SDK for Javascript](https://github.com/Azure/azure-sdk-for-js)
+
+
diff --git a/sdk/securityinsight/arm-securityinsight/package.json b/sdk/securityinsight/arm-securityinsight/package.json
new file mode 100644
index 000000000000..0477c570a3b6
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/package.json
@@ -0,0 +1,59 @@
+{
+ "name": "@azure/arm-securityinsight",
+ "author": "Microsoft Corporation",
+ "description": "SecurityInsights Library with typescript type definitions for node.js and browser.",
+ "version": "1.0.0",
+ "dependencies": {
+ "@azure/ms-rest-azure-js": "^2.1.0",
+ "@azure/ms-rest-js": "^2.2.0",
+ "@azure/core-auth": "^1.1.4",
+ "tslib": "^1.10.0"
+ },
+ "keywords": [
+ "node",
+ "azure",
+ "typescript",
+ "browser",
+ "isomorphic"
+ ],
+ "license": "MIT",
+ "main": "./dist/arm-securityinsight.js",
+ "module": "./esm/securityInsights.js",
+ "types": "./esm/securityInsights.d.ts",
+ "devDependencies": {
+ "typescript": "^3.6.0",
+ "rollup": "^1.18.0",
+ "rollup-plugin-node-resolve": "^5.2.0",
+ "rollup-plugin-sourcemaps": "^0.4.2",
+ "uglify-js": "^3.6.0"
+ },
+ "homepage": "https://github.com/Azure/azure-sdk-for-js/tree/master/sdk/securityinsight/arm-securityinsight",
+ "repository": {
+ "type": "git",
+ "url": "https://github.com/Azure/azure-sdk-for-js.git"
+ },
+ "bugs": {
+ "url": "https://github.com/Azure/azure-sdk-for-js/issues"
+ },
+ "files": [
+ "dist/**/*.js",
+ "dist/**/*.js.map",
+ "dist/**/*.d.ts",
+ "dist/**/*.d.ts.map",
+ "esm/**/*.js",
+ "esm/**/*.js.map",
+ "esm/**/*.d.ts",
+ "esm/**/*.d.ts.map",
+ "src/**/*.ts",
+ "README.md",
+ "rollup.config.js",
+ "tsconfig.json"
+ ],
+ "scripts": {
+ "build": "tsc && rollup -c rollup.config.js && npm run minify",
+ "minify": "uglifyjs -c -m --comments --source-map \"content='./dist/arm-securityinsight.js.map'\" -o ./dist/arm-securityinsight.min.js ./dist/arm-securityinsight.js",
+ "prepack": "npm install && npm run build"
+ },
+ "sideEffects": false,
+ "autoPublish": true
+}
diff --git a/sdk/securityinsight/arm-securityinsight/rollup.config.js b/sdk/securityinsight/arm-securityinsight/rollup.config.js
new file mode 100644
index 000000000000..276048058dba
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/rollup.config.js
@@ -0,0 +1,37 @@
+import rollup from "rollup";
+import nodeResolve from "rollup-plugin-node-resolve";
+import sourcemaps from "rollup-plugin-sourcemaps";
+
+/**
+ * @type {rollup.RollupFileOptions}
+ */
+const config = {
+ input: "./esm/securityInsights.js",
+ external: [
+ "@azure/ms-rest-js",
+ "@azure/ms-rest-azure-js"
+ ],
+ output: {
+ file: "./dist/arm-securityinsight.js",
+ format: "umd",
+ name: "Azure.ArmSecurityinsight",
+ sourcemap: true,
+ globals: {
+ "@azure/ms-rest-js": "msRest",
+ "@azure/ms-rest-azure-js": "msRestAzure"
+ },
+ banner: `/*
+ * Copyright (c) Microsoft Corporation.
+ * Licensed under the MIT License.
+ *
+ * Code generated by Microsoft (R) AutoRest Code Generator.
+ * Changes may cause incorrect behavior and will be lost if the code is regenerated.
+ */`
+ },
+ plugins: [
+ nodeResolve({ mainFields: ['module', 'main'] }),
+ sourcemaps()
+ ]
+};
+
+export default config;
diff --git a/sdk/securityinsight/arm-securityinsight/src/models/actionsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/actionsMappers.ts
new file mode 100644
index 000000000000..4acfd0610e0e
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/src/models/actionsMappers.ts
@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) Microsoft Corporation.
+ * Licensed under the MIT License.
+ *
+ * Code generated by Microsoft (R) AutoRest Code Generator.
+ * Changes may cause incorrect behavior and will be lost if the code is regenerated.
+ */
+
+export {
+ discriminators,
+ AADDataConnector,
+ AATPDataConnector,
+ ActionRequest,
+ ActionResponse,
+ ActionsList,
+ AlertRule,
+ AlertRuleTemplate,
+ AlertRuleTemplateDataSource,
+ AlertsDataTypeOfDataConnector,
+ ASCDataConnector,
+ AwsCloudTrailDataConnector,
+ AwsCloudTrailDataConnectorDataTypes,
+ AwsCloudTrailDataConnectorDataTypesLogs,
+ BaseResource,
+ Bookmark,
+ ClientInfo,
+ CloudError,
+ DataConnector,
+ DataConnectorDataTypeCommon,
+ ErrorAdditionalInfo,
+ ErrorResponse,
+ FusionAlertRule,
+ FusionAlertRuleTemplate,
+ Incident,
+ IncidentAdditionalData,
+ IncidentComment,
+ IncidentInfo,
+ IncidentLabel,
+ IncidentOwnerInfo,
+ MCASDataConnector,
+ MCASDataConnectorDataTypes,
+ MDATPDataConnector,
+ MicrosoftSecurityIncidentCreationAlertRule,
+ MicrosoftSecurityIncidentCreationAlertRuleTemplate,
+ OfficeConsent,
+ OfficeDataConnector,
+ OfficeDataConnectorDataTypes,
+ OfficeDataConnectorDataTypesExchange,
+ OfficeDataConnectorDataTypesSharePoint,
+ OfficeDataConnectorDataTypesTeams,
+ Resource,
+ ResourceWithEtag,
+ ScheduledAlertRule,
+ ScheduledAlertRuleTemplate,
+ TIDataConnector,
+ TIDataConnectorDataTypes,
+ TIDataConnectorDataTypesIndicators,
+ UserInfo
+} from "../models/mappers";
diff --git a/sdk/securityinsight/arm-securityinsight/src/models/alertRuleTemplatesMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/alertRuleTemplatesMappers.ts
new file mode 100644
index 000000000000..13fe746f4537
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/src/models/alertRuleTemplatesMappers.ts
@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) Microsoft Corporation.
+ * Licensed under the MIT License.
+ *
+ * Code generated by Microsoft (R) AutoRest Code Generator.
+ * Changes may cause incorrect behavior and will be lost if the code is regenerated.
+ */
+
+export {
+ discriminators,
+ AADDataConnector,
+ AATPDataConnector,
+ ActionRequest,
+ ActionResponse,
+ AlertRule,
+ AlertRuleTemplate,
+ AlertRuleTemplateDataSource,
+ AlertRuleTemplatesList,
+ AlertsDataTypeOfDataConnector,
+ ASCDataConnector,
+ AwsCloudTrailDataConnector,
+ AwsCloudTrailDataConnectorDataTypes,
+ AwsCloudTrailDataConnectorDataTypesLogs,
+ BaseResource,
+ Bookmark,
+ ClientInfo,
+ CloudError,
+ DataConnector,
+ DataConnectorDataTypeCommon,
+ ErrorAdditionalInfo,
+ ErrorResponse,
+ FusionAlertRule,
+ FusionAlertRuleTemplate,
+ Incident,
+ IncidentAdditionalData,
+ IncidentComment,
+ IncidentInfo,
+ IncidentLabel,
+ IncidentOwnerInfo,
+ MCASDataConnector,
+ MCASDataConnectorDataTypes,
+ MDATPDataConnector,
+ MicrosoftSecurityIncidentCreationAlertRule,
+ MicrosoftSecurityIncidentCreationAlertRuleTemplate,
+ OfficeConsent,
+ OfficeDataConnector,
+ OfficeDataConnectorDataTypes,
+ OfficeDataConnectorDataTypesExchange,
+ OfficeDataConnectorDataTypesSharePoint,
+ OfficeDataConnectorDataTypesTeams,
+ Resource,
+ ResourceWithEtag,
+ ScheduledAlertRule,
+ ScheduledAlertRuleTemplate,
+ TIDataConnector,
+ TIDataConnectorDataTypes,
+ TIDataConnectorDataTypesIndicators,
+ UserInfo
+} from "../models/mappers";
diff --git a/sdk/securityinsight/arm-securityinsight/src/models/alertRulesMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/alertRulesMappers.ts
new file mode 100644
index 000000000000..74ca55491a36
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/src/models/alertRulesMappers.ts
@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) Microsoft Corporation.
+ * Licensed under the MIT License.
+ *
+ * Code generated by Microsoft (R) AutoRest Code Generator.
+ * Changes may cause incorrect behavior and will be lost if the code is regenerated.
+ */
+
+export {
+ discriminators,
+ AADDataConnector,
+ AATPDataConnector,
+ ActionRequest,
+ ActionResponse,
+ AlertRule,
+ AlertRulesList,
+ AlertRuleTemplate,
+ AlertRuleTemplateDataSource,
+ AlertsDataTypeOfDataConnector,
+ ASCDataConnector,
+ AwsCloudTrailDataConnector,
+ AwsCloudTrailDataConnectorDataTypes,
+ AwsCloudTrailDataConnectorDataTypesLogs,
+ BaseResource,
+ Bookmark,
+ ClientInfo,
+ CloudError,
+ DataConnector,
+ DataConnectorDataTypeCommon,
+ ErrorAdditionalInfo,
+ ErrorResponse,
+ FusionAlertRule,
+ FusionAlertRuleTemplate,
+ Incident,
+ IncidentAdditionalData,
+ IncidentComment,
+ IncidentInfo,
+ IncidentLabel,
+ IncidentOwnerInfo,
+ MCASDataConnector,
+ MCASDataConnectorDataTypes,
+ MDATPDataConnector,
+ MicrosoftSecurityIncidentCreationAlertRule,
+ MicrosoftSecurityIncidentCreationAlertRuleTemplate,
+ OfficeConsent,
+ OfficeDataConnector,
+ OfficeDataConnectorDataTypes,
+ OfficeDataConnectorDataTypesExchange,
+ OfficeDataConnectorDataTypesSharePoint,
+ OfficeDataConnectorDataTypesTeams,
+ Resource,
+ ResourceWithEtag,
+ ScheduledAlertRule,
+ ScheduledAlertRuleTemplate,
+ TIDataConnector,
+ TIDataConnectorDataTypes,
+ TIDataConnectorDataTypesIndicators,
+ UserInfo
+} from "../models/mappers";
diff --git a/sdk/securityinsight/arm-securityinsight/src/models/bookmarksMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/bookmarksMappers.ts
new file mode 100644
index 000000000000..2418a6b065dc
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/src/models/bookmarksMappers.ts
@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) Microsoft Corporation.
+ * Licensed under the MIT License.
+ *
+ * Code generated by Microsoft (R) AutoRest Code Generator.
+ * Changes may cause incorrect behavior and will be lost if the code is regenerated.
+ */
+
+export {
+ discriminators,
+ AADDataConnector,
+ AATPDataConnector,
+ ActionRequest,
+ ActionResponse,
+ AlertRule,
+ AlertRuleTemplate,
+ AlertRuleTemplateDataSource,
+ AlertsDataTypeOfDataConnector,
+ ASCDataConnector,
+ AwsCloudTrailDataConnector,
+ AwsCloudTrailDataConnectorDataTypes,
+ AwsCloudTrailDataConnectorDataTypesLogs,
+ BaseResource,
+ Bookmark,
+ BookmarkList,
+ ClientInfo,
+ CloudError,
+ DataConnector,
+ DataConnectorDataTypeCommon,
+ ErrorAdditionalInfo,
+ ErrorResponse,
+ FusionAlertRule,
+ FusionAlertRuleTemplate,
+ Incident,
+ IncidentAdditionalData,
+ IncidentComment,
+ IncidentInfo,
+ IncidentLabel,
+ IncidentOwnerInfo,
+ MCASDataConnector,
+ MCASDataConnectorDataTypes,
+ MDATPDataConnector,
+ MicrosoftSecurityIncidentCreationAlertRule,
+ MicrosoftSecurityIncidentCreationAlertRuleTemplate,
+ OfficeConsent,
+ OfficeDataConnector,
+ OfficeDataConnectorDataTypes,
+ OfficeDataConnectorDataTypesExchange,
+ OfficeDataConnectorDataTypesSharePoint,
+ OfficeDataConnectorDataTypesTeams,
+ Resource,
+ ResourceWithEtag,
+ ScheduledAlertRule,
+ ScheduledAlertRuleTemplate,
+ TIDataConnector,
+ TIDataConnectorDataTypes,
+ TIDataConnectorDataTypesIndicators,
+ UserInfo
+} from "../models/mappers";
diff --git a/sdk/securityinsight/arm-securityinsight/src/models/dataConnectorsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/dataConnectorsMappers.ts
new file mode 100644
index 000000000000..ad706d594864
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/src/models/dataConnectorsMappers.ts
@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) Microsoft Corporation.
+ * Licensed under the MIT License.
+ *
+ * Code generated by Microsoft (R) AutoRest Code Generator.
+ * Changes may cause incorrect behavior and will be lost if the code is regenerated.
+ */
+
+export {
+ discriminators,
+ AADDataConnector,
+ AATPDataConnector,
+ ActionRequest,
+ ActionResponse,
+ AlertRule,
+ AlertRuleTemplate,
+ AlertRuleTemplateDataSource,
+ AlertsDataTypeOfDataConnector,
+ ASCDataConnector,
+ AwsCloudTrailDataConnector,
+ AwsCloudTrailDataConnectorDataTypes,
+ AwsCloudTrailDataConnectorDataTypesLogs,
+ BaseResource,
+ Bookmark,
+ ClientInfo,
+ CloudError,
+ DataConnector,
+ DataConnectorDataTypeCommon,
+ DataConnectorList,
+ ErrorAdditionalInfo,
+ ErrorResponse,
+ FusionAlertRule,
+ FusionAlertRuleTemplate,
+ Incident,
+ IncidentAdditionalData,
+ IncidentComment,
+ IncidentInfo,
+ IncidentLabel,
+ IncidentOwnerInfo,
+ MCASDataConnector,
+ MCASDataConnectorDataTypes,
+ MDATPDataConnector,
+ MicrosoftSecurityIncidentCreationAlertRule,
+ MicrosoftSecurityIncidentCreationAlertRuleTemplate,
+ OfficeConsent,
+ OfficeDataConnector,
+ OfficeDataConnectorDataTypes,
+ OfficeDataConnectorDataTypesExchange,
+ OfficeDataConnectorDataTypesSharePoint,
+ OfficeDataConnectorDataTypesTeams,
+ Resource,
+ ResourceWithEtag,
+ ScheduledAlertRule,
+ ScheduledAlertRuleTemplate,
+ TIDataConnector,
+ TIDataConnectorDataTypes,
+ TIDataConnectorDataTypesIndicators,
+ UserInfo
+} from "../models/mappers";
diff --git a/sdk/securityinsight/arm-securityinsight/src/models/incidentCommentsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/incidentCommentsMappers.ts
new file mode 100644
index 000000000000..9de2c61cc973
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/src/models/incidentCommentsMappers.ts
@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) Microsoft Corporation.
+ * Licensed under the MIT License.
+ *
+ * Code generated by Microsoft (R) AutoRest Code Generator.
+ * Changes may cause incorrect behavior and will be lost if the code is regenerated.
+ */
+
+export {
+ discriminators,
+ AADDataConnector,
+ AATPDataConnector,
+ ActionRequest,
+ ActionResponse,
+ AlertRule,
+ AlertRuleTemplate,
+ AlertRuleTemplateDataSource,
+ AlertsDataTypeOfDataConnector,
+ ASCDataConnector,
+ AwsCloudTrailDataConnector,
+ AwsCloudTrailDataConnectorDataTypes,
+ AwsCloudTrailDataConnectorDataTypesLogs,
+ BaseResource,
+ Bookmark,
+ ClientInfo,
+ CloudError,
+ DataConnector,
+ DataConnectorDataTypeCommon,
+ ErrorAdditionalInfo,
+ ErrorResponse,
+ FusionAlertRule,
+ FusionAlertRuleTemplate,
+ Incident,
+ IncidentAdditionalData,
+ IncidentComment,
+ IncidentCommentList,
+ IncidentInfo,
+ IncidentLabel,
+ IncidentOwnerInfo,
+ MCASDataConnector,
+ MCASDataConnectorDataTypes,
+ MDATPDataConnector,
+ MicrosoftSecurityIncidentCreationAlertRule,
+ MicrosoftSecurityIncidentCreationAlertRuleTemplate,
+ OfficeConsent,
+ OfficeDataConnector,
+ OfficeDataConnectorDataTypes,
+ OfficeDataConnectorDataTypesExchange,
+ OfficeDataConnectorDataTypesSharePoint,
+ OfficeDataConnectorDataTypesTeams,
+ Resource,
+ ResourceWithEtag,
+ ScheduledAlertRule,
+ ScheduledAlertRuleTemplate,
+ TIDataConnector,
+ TIDataConnectorDataTypes,
+ TIDataConnectorDataTypesIndicators,
+ UserInfo
+} from "../models/mappers";
diff --git a/sdk/securityinsight/arm-securityinsight/src/models/incidentsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/incidentsMappers.ts
new file mode 100644
index 000000000000..a298b0fec42d
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/src/models/incidentsMappers.ts
@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) Microsoft Corporation.
+ * Licensed under the MIT License.
+ *
+ * Code generated by Microsoft (R) AutoRest Code Generator.
+ * Changes may cause incorrect behavior and will be lost if the code is regenerated.
+ */
+
+export {
+ discriminators,
+ AADDataConnector,
+ AATPDataConnector,
+ ActionRequest,
+ ActionResponse,
+ AlertRule,
+ AlertRuleTemplate,
+ AlertRuleTemplateDataSource,
+ AlertsDataTypeOfDataConnector,
+ ASCDataConnector,
+ AwsCloudTrailDataConnector,
+ AwsCloudTrailDataConnectorDataTypes,
+ AwsCloudTrailDataConnectorDataTypesLogs,
+ BaseResource,
+ Bookmark,
+ ClientInfo,
+ CloudError,
+ DataConnector,
+ DataConnectorDataTypeCommon,
+ ErrorAdditionalInfo,
+ ErrorResponse,
+ FusionAlertRule,
+ FusionAlertRuleTemplate,
+ Incident,
+ IncidentAdditionalData,
+ IncidentComment,
+ IncidentInfo,
+ IncidentLabel,
+ IncidentList,
+ IncidentOwnerInfo,
+ MCASDataConnector,
+ MCASDataConnectorDataTypes,
+ MDATPDataConnector,
+ MicrosoftSecurityIncidentCreationAlertRule,
+ MicrosoftSecurityIncidentCreationAlertRuleTemplate,
+ OfficeConsent,
+ OfficeDataConnector,
+ OfficeDataConnectorDataTypes,
+ OfficeDataConnectorDataTypesExchange,
+ OfficeDataConnectorDataTypesSharePoint,
+ OfficeDataConnectorDataTypesTeams,
+ Resource,
+ ResourceWithEtag,
+ ScheduledAlertRule,
+ ScheduledAlertRuleTemplate,
+ TIDataConnector,
+ TIDataConnectorDataTypes,
+ TIDataConnectorDataTypesIndicators,
+ UserInfo
+} from "../models/mappers";
diff --git a/sdk/securityinsight/arm-securityinsight/src/models/index.ts b/sdk/securityinsight/arm-securityinsight/src/models/index.ts
new file mode 100644
index 000000000000..894d06830fff
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/src/models/index.ts
@@ -0,0 +1,2466 @@
+/*
+ * Copyright (c) Microsoft Corporation.
+ * Licensed under the MIT License.
+ *
+ * Code generated by Microsoft (R) AutoRest Code Generator.
+ * Changes may cause incorrect behavior and will be lost if the code is regenerated.
+ */
+
+import { BaseResource, CloudError, AzureServiceClientOptions } from "@azure/ms-rest-azure-js";
+import * as msRest from "@azure/ms-rest-js";
+
+export { BaseResource, CloudError };
+
+/**
+ * An azure resource object
+ */
+export interface Resource extends BaseResource {
+ /**
+ * Azure resource Id
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly id?: string;
+ /**
+ * Azure resource name
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly name?: string;
+ /**
+ * Azure resource type
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly type?: string;
+}
+
+/**
+ * Action for alert rule.
+ */
+export interface ActionResponse extends Resource {
+ /**
+ * Etag of the action.
+ */
+ etag?: string;
+ /**
+ * Logic App Resource Id,
+ * /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}.
+ */
+ logicAppResourceId: string;
+ /**
+ * The name of the logic app's workflow.
+ */
+ workflowId?: string;
+}
+
+/**
+ * An azure resource object with an Etag property
+ */
+export interface ResourceWithEtag extends BaseResource {
+ /**
+ * Azure resource Id
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly id?: string;
+ /**
+ * Azure resource name
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly name?: string;
+ /**
+ * Azure resource type
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly type?: string;
+ /**
+ * Etag of the azure resource
+ */
+ etag?: string;
+}
+
+/**
+ * Action for alert rule.
+ */
+export interface ActionRequest extends ResourceWithEtag {
+ /**
+ * Logic App Resource Id,
+ * /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}.
+ */
+ logicAppResourceId: string;
+ /**
+ * Logic App Callback URL for this specific workflow.
+ */
+ triggerUri: string;
+}
+
+/**
+ * Action property bag base.
+ */
+export interface ActionPropertiesBase {
+ /**
+ * Logic App Resource Id,
+ * /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}.
+ */
+ logicAppResourceId: string;
+}
+
+/**
+ * Contains the possible cases for AlertRule.
+ */
+export type AlertRuleUnion = AlertRule | FusionAlertRule | MicrosoftSecurityIncidentCreationAlertRule | ScheduledAlertRule;
+
+/**
+ * Alert rule.
+ */
+export interface AlertRule {
+ /**
+ * Polymorphic Discriminator
+ */
+ kind: "AlertRule";
+ /**
+ * Azure resource Id
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly id?: string;
+ /**
+ * Azure resource name
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly name?: string;
+ /**
+ * Azure resource type
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly type?: string;
+ /**
+ * Etag of the azure resource
+ */
+ etag?: string;
+}
+
+/**
+ * Contains the possible cases for AlertRuleTemplate.
+ */
+export type AlertRuleTemplateUnion = AlertRuleTemplate | FusionAlertRuleTemplate | MicrosoftSecurityIncidentCreationAlertRuleTemplate | ScheduledAlertRuleTemplate;
+
+/**
+ * Alert rule template.
+ */
+export interface AlertRuleTemplate {
+ /**
+ * Polymorphic Discriminator
+ */
+ kind: "AlertRuleTemplate";
+ /**
+ * Azure resource Id
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly id?: string;
+ /**
+ * Azure resource name
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly name?: string;
+ /**
+ * Azure resource type
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly type?: string;
+}
+
+/**
+ * alert rule template data sources
+ */
+export interface AlertRuleTemplateDataSource {
+ /**
+ * The connector id that provides the following data types
+ */
+ connectorId?: string;
+ /**
+ * The data types used by the alert rule template
+ */
+ dataTypes?: string[];
+}
+
+/**
+ * Represents Fusion alert rule.
+ */
+export interface FusionAlertRule {
+ /**
+ * Polymorphic Discriminator
+ */
+ kind: "Fusion";
+ /**
+ * Azure resource Id
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly id?: string;
+ /**
+ * Azure resource name
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly name?: string;
+ /**
+ * Azure resource type
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly type?: string;
+ /**
+ * Etag of the azure resource
+ */
+ etag?: string;
+ /**
+ * The Name of the alert rule template used to create this rule.
+ */
+ alertRuleTemplateName: string;
+ /**
+ * The description of the alert rule.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly description?: string;
+ /**
+ * The display name for alerts created by this alert rule.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly displayName?: string;
+ /**
+ * Determines whether this alert rule is enabled or disabled.
+ */
+ enabled: boolean;
+ /**
+ * The last time that this alert has been modified.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly lastModifiedUtc?: Date;
+ /**
+ * The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium',
+ * 'Low', 'Informational'
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly severity?: AlertSeverity;
+ /**
+ * The tactics of the alert rule
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly tactics?: AttackTactic[];
+}
+
+/**
+ * Represents Fusion alert rule template.
+ */
+export interface FusionAlertRuleTemplate {
+ /**
+ * Polymorphic Discriminator
+ */
+ kind: "Fusion";
+ /**
+ * Azure resource Id
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly id?: string;
+ /**
+ * Azure resource name
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly name?: string;
+ /**
+ * Azure resource type
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly type?: string;
+ /**
+ * the number of alert rules that were created by this template
+ */
+ alertRulesCreatedByTemplateCount?: number;
+ /**
+ * The time that this alert rule template has been added.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly createdDateUTC?: Date;
+ /**
+ * The description of the alert rule template.
+ */
+ description?: string;
+ /**
+ * The display name for alert rule template.
+ */
+ displayName?: string;
+ /**
+ * The required data connectors for this template
+ */
+ requiredDataConnectors?: AlertRuleTemplateDataSource[];
+ /**
+ * The alert rule template status. Possible values include: 'Installed', 'Available',
+ * 'NotAvailable'
+ */
+ status?: TemplateStatus;
+ /**
+ * The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium',
+ * 'Low', 'Informational'
+ */
+ severity?: AlertSeverity;
+ /**
+ * The tactics of the alert rule template
+ */
+ tactics?: AttackTactic[];
+}
+
+/**
+ * Represents MicrosoftSecurityIncidentCreation rule.
+ */
+export interface MicrosoftSecurityIncidentCreationAlertRule {
+ /**
+ * Polymorphic Discriminator
+ */
+ kind: "MicrosoftSecurityIncidentCreation";
+ /**
+ * Azure resource Id
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly id?: string;
+ /**
+ * Azure resource name
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly name?: string;
+ /**
+ * Azure resource type
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly type?: string;
+ /**
+ * Etag of the azure resource
+ */
+ etag?: string;
+ /**
+ * the alerts' displayNames on which the cases will be generated
+ */
+ displayNamesFilter?: string[];
+ /**
+ * the alerts' displayNames on which the cases will not be generated
+ */
+ displayNamesExcludeFilter?: string[];
+ /**
+ * The alerts' productName on which the cases will be generated. Possible values include:
+ * 'Microsoft Cloud App Security', 'Azure Security Center', 'Azure Advanced Threat Protection',
+ * 'Azure Active Directory Identity Protection', 'Azure Security Center for IoT'
+ */
+ productFilter: MicrosoftSecurityProductName;
+ /**
+ * the alerts' severities on which the cases will be generated
+ */
+ severitiesFilter?: AlertSeverity[];
+ /**
+ * The Name of the alert rule template used to create this rule.
+ */
+ alertRuleTemplateName?: string;
+ /**
+ * The description of the alert rule.
+ */
+ description?: string;
+ /**
+ * The display name for alerts created by this alert rule.
+ */
+ displayName: string;
+ /**
+ * Determines whether this alert rule is enabled or disabled.
+ */
+ enabled: boolean;
+ /**
+ * The last time that this alert has been modified.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly lastModifiedUtc?: Date;
+}
+
+/**
+ * MicrosoftSecurityIncidentCreation rule common property bag.
+ */
+export interface MicrosoftSecurityIncidentCreationAlertRuleCommonProperties {
+ /**
+ * the alerts' displayNames on which the cases will be generated
+ */
+ displayNamesFilter?: string[];
+ /**
+ * the alerts' displayNames on which the cases will not be generated
+ */
+ displayNamesExcludeFilter?: string[];
+ /**
+ * The alerts' productName on which the cases will be generated. Possible values include:
+ * 'Microsoft Cloud App Security', 'Azure Security Center', 'Azure Advanced Threat Protection',
+ * 'Azure Active Directory Identity Protection', 'Azure Security Center for IoT'
+ */
+ productFilter: MicrosoftSecurityProductName;
+ /**
+ * the alerts' severities on which the cases will be generated
+ */
+ severitiesFilter?: AlertSeverity[];
+}
+
+/**
+ * Represents MicrosoftSecurityIncidentCreation rule template.
+ */
+export interface MicrosoftSecurityIncidentCreationAlertRuleTemplate {
+ /**
+ * Polymorphic Discriminator
+ */
+ kind: "MicrosoftSecurityIncidentCreation";
+ /**
+ * Azure resource Id
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly id?: string;
+ /**
+ * Azure resource name
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly name?: string;
+ /**
+ * Azure resource type
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly type?: string;
+ /**
+ * the number of alert rules that were created by this template
+ */
+ alertRulesCreatedByTemplateCount?: number;
+ /**
+ * The time that this alert rule template has been added.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly createdDateUTC?: Date;
+ /**
+ * The description of the alert rule template.
+ */
+ description?: string;
+ /**
+ * The display name for alert rule template.
+ */
+ displayName?: string;
+ /**
+ * The required data connectors for this template
+ */
+ requiredDataConnectors?: AlertRuleTemplateDataSource[];
+ /**
+ * The alert rule template status. Possible values include: 'Installed', 'Available',
+ * 'NotAvailable'
+ */
+ status?: TemplateStatus;
+ /**
+ * the alerts' displayNames on which the cases will be generated
+ */
+ displayNamesFilter?: string[];
+ /**
+ * the alerts' displayNames on which the cases will not be generated
+ */
+ displayNamesExcludeFilter?: string[];
+ /**
+ * The alerts' productName on which the cases will be generated. Possible values include:
+ * 'Microsoft Cloud App Security', 'Azure Security Center', 'Azure Advanced Threat Protection',
+ * 'Azure Active Directory Identity Protection', 'Azure Security Center for IoT'
+ */
+ productFilter: MicrosoftSecurityProductName;
+ /**
+ * the alerts' severities on which the cases will be generated
+ */
+ severitiesFilter?: AlertSeverity[];
+}
+
+/**
+ * Represents scheduled alert rule.
+ */
+export interface ScheduledAlertRule {
+ /**
+ * Polymorphic Discriminator
+ */
+ kind: "Scheduled";
+ /**
+ * Azure resource Id
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly id?: string;
+ /**
+ * Azure resource name
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly name?: string;
+ /**
+ * Azure resource type
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly type?: string;
+ /**
+ * Etag of the azure resource
+ */
+ etag?: string;
+ /**
+ * The query that creates alerts for this rule.
+ */
+ query?: string;
+ /**
+ * The frequency (in ISO 8601 duration format) for this alert rule to run.
+ */
+ queryFrequency?: string;
+ /**
+ * The period (in ISO 8601 duration format) that this alert rule looks at.
+ */
+ queryPeriod?: string;
+ /**
+ * The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium',
+ * 'Low', 'Informational'
+ */
+ severity?: AlertSeverity;
+ /**
+ * The operation against the threshold that triggers alert rule. Possible values include:
+ * 'GreaterThan', 'LessThan', 'Equal', 'NotEqual'
+ */
+ triggerOperator?: TriggerOperator;
+ /**
+ * The threshold triggers this alert rule.
+ */
+ triggerThreshold?: number;
+ /**
+ * The Name of the alert rule template used to create this rule.
+ */
+ alertRuleTemplateName?: string;
+ /**
+ * The description of the alert rule.
+ */
+ description?: string;
+ /**
+ * The display name for alerts created by this alert rule.
+ */
+ displayName: string;
+ /**
+ * Determines whether this alert rule is enabled or disabled.
+ */
+ enabled: boolean;
+ /**
+ * The last time that this alert rule has been modified.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly lastModifiedUtc?: Date;
+ /**
+ * The suppression (in ISO 8601 duration format) to wait since last time this alert rule been
+ * triggered.
+ */
+ suppressionDuration: string;
+ /**
+ * Determines whether the suppression for this alert rule is enabled or disabled.
+ */
+ suppressionEnabled: boolean;
+ /**
+ * The tactics of the alert rule
+ */
+ tactics?: AttackTactic[];
+}
+
+/**
+ * Schedule alert rule template property bag.
+ */
+export interface ScheduledAlertRuleCommonProperties {
+ /**
+ * The query that creates alerts for this rule.
+ */
+ query?: string;
+ /**
+ * The frequency (in ISO 8601 duration format) for this alert rule to run.
+ */
+ queryFrequency?: string;
+ /**
+ * The period (in ISO 8601 duration format) that this alert rule looks at.
+ */
+ queryPeriod?: string;
+ /**
+ * The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium',
+ * 'Low', 'Informational'
+ */
+ severity?: AlertSeverity;
+ /**
+ * The operation against the threshold that triggers alert rule. Possible values include:
+ * 'GreaterThan', 'LessThan', 'Equal', 'NotEqual'
+ */
+ triggerOperator?: TriggerOperator;
+ /**
+ * The threshold triggers this alert rule.
+ */
+ triggerThreshold?: number;
+}
+
+/**
+ * Represents scheduled alert rule template.
+ */
+export interface ScheduledAlertRuleTemplate {
+ /**
+ * Polymorphic Discriminator
+ */
+ kind: "Scheduled";
+ /**
+ * Azure resource Id
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly id?: string;
+ /**
+ * Azure resource name
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly name?: string;
+ /**
+ * Azure resource type
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly type?: string;
+ /**
+ * the number of alert rules that were created by this template
+ */
+ alertRulesCreatedByTemplateCount?: number;
+ /**
+ * The time that this alert rule template has been added.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly createdDateUTC?: Date;
+ /**
+ * The description of the alert rule template.
+ */
+ description?: string;
+ /**
+ * The display name for alert rule template.
+ */
+ displayName?: string;
+ /**
+ * The required data connectors for this template
+ */
+ requiredDataConnectors?: AlertRuleTemplateDataSource[];
+ /**
+ * The alert rule template status. Possible values include: 'Installed', 'Available',
+ * 'NotAvailable'
+ */
+ status?: TemplateStatus;
+ /**
+ * The query that creates alerts for this rule.
+ */
+ query?: string;
+ /**
+ * The frequency (in ISO 8601 duration format) for this alert rule to run.
+ */
+ queryFrequency?: string;
+ /**
+ * The period (in ISO 8601 duration format) that this alert rule looks at.
+ */
+ queryPeriod?: string;
+ /**
+ * The severity for alerts created by this alert rule. Possible values include: 'High', 'Medium',
+ * 'Low', 'Informational'
+ */
+ severity?: AlertSeverity;
+ /**
+ * The operation against the threshold that triggers alert rule. Possible values include:
+ * 'GreaterThan', 'LessThan', 'Equal', 'NotEqual'
+ */
+ triggerOperator?: TriggerOperator;
+ /**
+ * The threshold triggers this alert rule.
+ */
+ triggerThreshold?: number;
+ /**
+ * The tactics of the alert rule template
+ */
+ tactics?: AttackTactic[];
+}
+
+/**
+ * Consent for Office365 tenant that already made.
+ */
+export interface OfficeConsent extends Resource {
+ /**
+ * The tenantId of the Office365 with the consent.
+ */
+ tenantId?: string;
+ /**
+ * The tenant name of the Office365 with the consent.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly tenantName?: string;
+}
+
+/**
+ * Information on the client (user or application) that made some action
+ */
+export interface ClientInfo {
+ /**
+ * The email of the client.
+ */
+ email?: string;
+ /**
+ * The name of the client.
+ */
+ name?: string;
+ /**
+ * The object id of the client.
+ */
+ objectId?: string;
+ /**
+ * The user principal name of the client.
+ */
+ userPrincipalName?: string;
+}
+
+/**
+ * Represents an incident comment
+ */
+export interface IncidentComment extends Resource {
+ /**
+ * The time the comment was created
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly createdTimeUtc?: Date;
+ /**
+ * The comment message
+ */
+ message: string;
+ /**
+ * Describes the client that created the comment
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly author?: ClientInfo;
+}
+
+/**
+ * Information on the user an incident is assigned to
+ */
+export interface IncidentOwnerInfo {
+ /**
+ * The email of the user the incident is assigned to.
+ */
+ email?: string;
+ /**
+ * The name of the user the incident is assigned to.
+ */
+ assignedTo?: string;
+ /**
+ * The object id of the user the incident is assigned to.
+ */
+ objectId?: string;
+ /**
+ * The user principal name of the user the incident is assigned to.
+ */
+ userPrincipalName?: string;
+}
+
+/**
+ * Represents an incident label
+ */
+export interface IncidentLabel {
+ /**
+ * The name of the label
+ */
+ labelName: string;
+ /**
+ * The type of the label. Possible values include: 'User', 'System'
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly labelType?: IncidentLabelType;
+}
+
+/**
+ * Incident additional data property bag.
+ */
+export interface IncidentAdditionalData {
+ /**
+ * The number of alerts in the incident
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly alertsCount?: number;
+ /**
+ * The number of bookmarks in the incident
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly bookmarksCount?: number;
+ /**
+ * The number of comments in the incident
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly commentsCount?: number;
+ /**
+ * List of product names of alerts in the incident
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly alertProductNames?: string[];
+ /**
+ * The tactics associated with incident
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly tactics?: AttackTactic[];
+}
+
+/**
+ * Represents an incident in Azure Security Insights.
+ */
+export interface Incident extends ResourceWithEtag {
+ /**
+ * Additional data on the incident
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly additionalData?: IncidentAdditionalData;
+ /**
+ * The reason the incident was closed. Possible values include: 'Undetermined', 'TruePositive',
+ * 'BenignPositive', 'FalsePositive'
+ */
+ classification?: IncidentClassification;
+ /**
+ * Describes the reason the incident was closed
+ */
+ classificationComment?: string;
+ /**
+ * The classification reason the incident was closed with. Possible values include:
+ * 'SuspiciousActivity', 'SuspiciousButExpected', 'IncorrectAlertLogic', 'InaccurateData'
+ */
+ classificationReason?: IncidentClassificationReason;
+ /**
+ * The time the incident was created
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly createdTimeUtc?: Date;
+ /**
+ * The description of the incident
+ */
+ description?: string;
+ /**
+ * The time of the first activity in the incident
+ */
+ firstActivityTimeUtc?: Date;
+ /**
+ * The deep-link url to the incident in Azure portal
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly incidentUrl?: string;
+ /**
+ * A sequential number
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly incidentNumber?: number;
+ /**
+ * List of labels relevant to this incident
+ */
+ labels?: IncidentLabel[];
+ /**
+ * The time of the last activity in the incident
+ */
+ lastActivityTimeUtc?: Date;
+ /**
+ * The last time the incident was updated
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly lastModifiedTimeUtc?: Date;
+ /**
+ * Describes a user that the incident is assigned to
+ */
+ owner?: IncidentOwnerInfo;
+ /**
+ * List of resource ids of Analytic rules related to the incident
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly relatedAnalyticRuleIds?: string[];
+ /**
+ * The severity of the incident. Possible values include: 'High', 'Medium', 'Low',
+ * 'Informational'
+ */
+ severity: IncidentSeverity;
+ /**
+ * The status of the incident. Possible values include: 'New', 'Active', 'Closed'
+ */
+ status: IncidentStatus;
+ /**
+ * The title of the incident
+ */
+ title: string;
+}
+
+/**
+ * The resource management error additional info.
+ */
+export interface ErrorAdditionalInfo {
+ /**
+ * The additional info type.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly type?: string;
+ /**
+ * The additional info.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly info?: any;
+}
+
+/**
+ * Common error response for all Azure Resource Manager APIs to return error details for failed
+ * operations. (This also follows the OData error response format.)
+ * @summary Error Response
+ */
+export interface ErrorResponse {
+ /**
+ * The error code.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly code?: string;
+ /**
+ * The error message.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly message?: string;
+ /**
+ * The error target.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly target?: string;
+ /**
+ * The error details.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly details?: ErrorResponse[];
+ /**
+ * The error additional info.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly additionalInfo?: ErrorAdditionalInfo[];
+}
+
+/**
+ * User information that made some action
+ */
+export interface UserInfo {
+ /**
+ * The email of the user.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly email?: string;
+ /**
+ * The name of the user.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly name?: string;
+ /**
+ * The object id of the user.
+ */
+ objectId: string;
+}
+
+/**
+ * Describes related incident information for the bookmark
+ */
+export interface IncidentInfo {
+ /**
+ * Incident Id
+ */
+ incidentId?: string;
+ /**
+ * The severity of the incident. Possible values include: 'High', 'Medium', 'Low',
+ * 'Informational'
+ */
+ severity?: IncidentSeverity;
+ /**
+ * The title of the incident
+ */
+ title?: string;
+ /**
+ * Relation Name
+ */
+ relationName?: string;
+}
+
+/**
+ * Represents a bookmark in Azure Security Insights.
+ */
+export interface Bookmark extends ResourceWithEtag {
+ /**
+ * The time the bookmark was created
+ */
+ created?: Date;
+ /**
+ * Describes a user that created the bookmark
+ */
+ createdBy?: UserInfo;
+ /**
+ * The display name of the bookmark
+ */
+ displayName: string;
+ /**
+ * List of labels relevant to this bookmark
+ */
+ labels?: string[];
+ /**
+ * The notes of the bookmark
+ */
+ notes?: string;
+ /**
+ * The query of the bookmark.
+ */
+ query: string;
+ /**
+ * The query result of the bookmark.
+ */
+ queryResult?: string;
+ /**
+ * The last time the bookmark was updated
+ */
+ updated?: Date;
+ /**
+ * Describes a user that updated the bookmark
+ */
+ updatedBy?: UserInfo;
+ /**
+ * The bookmark event time
+ */
+ eventTime?: Date;
+ /**
+ * The start time for the query
+ */
+ queryStartTime?: Date;
+ /**
+ * The end time for the query
+ */
+ queryEndTime?: Date;
+ /**
+ * Describes an incident that relates to bookmark
+ */
+ incidentInfo?: IncidentInfo;
+}
+
+/**
+ * Common field for data type in data connectors.
+ */
+export interface DataConnectorDataTypeCommon {
+ /**
+ * Describe whether this data type connection is enabled or not. Possible values include:
+ * 'Enabled', 'Disabled'
+ */
+ state?: DataTypeState;
+}
+
+/**
+ * Alerts data type for data connectors.
+ */
+export interface AlertsDataTypeOfDataConnector {
+ /**
+ * Alerts data type connection.
+ */
+ alerts?: DataConnectorDataTypeCommon;
+}
+
+/**
+ * Contains the possible cases for DataConnector.
+ */
+export type DataConnectorUnion = DataConnector | AADDataConnector | AATPDataConnector | ASCDataConnector | AwsCloudTrailDataConnector | MCASDataConnector | MDATPDataConnector | TIDataConnector | OfficeDataConnector;
+
+/**
+ * Data connector.
+ */
+export interface DataConnector {
+ /**
+ * Polymorphic Discriminator
+ */
+ kind: "DataConnector";
+ /**
+ * Azure resource Id
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly id?: string;
+ /**
+ * Azure resource name
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly name?: string;
+ /**
+ * Azure resource type
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly type?: string;
+ /**
+ * Etag of the azure resource
+ */
+ etag?: string;
+}
+
+/**
+ * Represents AAD (Azure Active Directory) data connector.
+ */
+export interface AADDataConnector {
+ /**
+ * Polymorphic Discriminator
+ */
+ kind: "AzureActiveDirectory";
+ /**
+ * Azure resource Id
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly id?: string;
+ /**
+ * Azure resource name
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly name?: string;
+ /**
+ * Azure resource type
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly type?: string;
+ /**
+ * Etag of the azure resource
+ */
+ etag?: string;
+ /**
+ * The tenant id to connect to, and get the data from.
+ */
+ tenantId?: string;
+ /**
+ * The available data types for the connector.
+ */
+ dataTypes?: AlertsDataTypeOfDataConnector;
+}
+
+/**
+ * Represents AATP (Azure Advanced Threat Protection) data connector.
+ */
+export interface AATPDataConnector {
+ /**
+ * Polymorphic Discriminator
+ */
+ kind: "AzureAdvancedThreatProtection";
+ /**
+ * Azure resource Id
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly id?: string;
+ /**
+ * Azure resource name
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly name?: string;
+ /**
+ * Azure resource type
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly type?: string;
+ /**
+ * Etag of the azure resource
+ */
+ etag?: string;
+ /**
+ * The tenant id to connect to, and get the data from.
+ */
+ tenantId?: string;
+ /**
+ * The available data types for the connector.
+ */
+ dataTypes?: AlertsDataTypeOfDataConnector;
+}
+
+/**
+ * Represents ASC (Azure Security Center) data connector.
+ */
+export interface ASCDataConnector {
+ /**
+ * Polymorphic Discriminator
+ */
+ kind: "AzureSecurityCenter";
+ /**
+ * Azure resource Id
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly id?: string;
+ /**
+ * Azure resource name
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly name?: string;
+ /**
+ * Azure resource type
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly type?: string;
+ /**
+ * Etag of the azure resource
+ */
+ etag?: string;
+ /**
+ * The available data types for the connector.
+ */
+ dataTypes?: AlertsDataTypeOfDataConnector;
+ /**
+ * The subscription id to connect to, and get the data from.
+ */
+ subscriptionId?: string;
+}
+
+/**
+ * Logs data type.
+ */
+export interface AwsCloudTrailDataConnectorDataTypesLogs extends DataConnectorDataTypeCommon {
+}
+
+/**
+ * The available data types for Amazon Web Services CloudTrail data connector.
+ */
+export interface AwsCloudTrailDataConnectorDataTypes {
+ /**
+ * Logs data type.
+ */
+ logs?: AwsCloudTrailDataConnectorDataTypesLogs;
+}
+
+/**
+ * Represents Amazon Web Services CloudTrail data connector.
+ */
+export interface AwsCloudTrailDataConnector {
+ /**
+ * Polymorphic Discriminator
+ */
+ kind: "AmazonWebServicesCloudTrail";
+ /**
+ * Azure resource Id
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly id?: string;
+ /**
+ * Azure resource name
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly name?: string;
+ /**
+ * Azure resource type
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly type?: string;
+ /**
+ * Etag of the azure resource
+ */
+ etag?: string;
+ /**
+ * The Aws Role Arn (with CloudTrailReadOnly policy) that is used to access the Aws account.
+ */
+ awsRoleArn?: string;
+ /**
+ * The available data types for the connector.
+ */
+ dataTypes?: AwsCloudTrailDataConnectorDataTypes;
+}
+
+/**
+ * Properties data connector on tenant level.
+ */
+export interface DataConnectorTenantId {
+ /**
+ * The tenant id to connect to, and get the data from.
+ */
+ tenantId?: string;
+}
+
+/**
+ * Data connector properties.
+ */
+export interface DataConnectorWithAlertsProperties {
+ /**
+ * The available data types for the connector.
+ */
+ dataTypes?: AlertsDataTypeOfDataConnector;
+}
+
+/**
+ * The available data types for MCAS (Microsoft Cloud App Security) data connector.
+ */
+export interface MCASDataConnectorDataTypes extends AlertsDataTypeOfDataConnector {
+ /**
+ * Discovery log data type connection.
+ */
+ discoveryLogs?: DataConnectorDataTypeCommon;
+}
+
+/**
+ * Represents MCAS (Microsoft Cloud App Security) data connector.
+ */
+export interface MCASDataConnector {
+ /**
+ * Polymorphic Discriminator
+ */
+ kind: "MicrosoftCloudAppSecurity";
+ /**
+ * Azure resource Id
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly id?: string;
+ /**
+ * Azure resource name
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly name?: string;
+ /**
+ * Azure resource type
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly type?: string;
+ /**
+ * Etag of the azure resource
+ */
+ etag?: string;
+ /**
+ * The tenant id to connect to, and get the data from.
+ */
+ tenantId?: string;
+ /**
+ * The available data types for the connector.
+ */
+ dataTypes?: MCASDataConnectorDataTypes;
+}
+
+/**
+ * Represents MDATP (Microsoft Defender Advanced Threat Protection) data connector.
+ */
+export interface MDATPDataConnector {
+ /**
+ * Polymorphic Discriminator
+ */
+ kind: "MicrosoftDefenderAdvancedThreatProtection";
+ /**
+ * Azure resource Id
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly id?: string;
+ /**
+ * Azure resource name
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly name?: string;
+ /**
+ * Azure resource type
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly type?: string;
+ /**
+ * Etag of the azure resource
+ */
+ etag?: string;
+ /**
+ * The tenant id to connect to, and get the data from.
+ */
+ tenantId?: string;
+ /**
+ * The available data types for the connector.
+ */
+ dataTypes?: AlertsDataTypeOfDataConnector;
+}
+
+/**
+ * Data type for indicators connection.
+ */
+export interface TIDataConnectorDataTypesIndicators extends DataConnectorDataTypeCommon {
+}
+
+/**
+ * The available data types for TI (Threat Intelligence) data connector.
+ */
+export interface TIDataConnectorDataTypes {
+ /**
+ * Data type for indicators connection.
+ */
+ indicators?: TIDataConnectorDataTypesIndicators;
+}
+
+/**
+ * Represents threat intelligence data connector.
+ */
+export interface TIDataConnector {
+ /**
+ * Polymorphic Discriminator
+ */
+ kind: "ThreatIntelligence";
+ /**
+ * Azure resource Id
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly id?: string;
+ /**
+ * Azure resource name
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly name?: string;
+ /**
+ * Azure resource type
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly type?: string;
+ /**
+ * Etag of the azure resource
+ */
+ etag?: string;
+ /**
+ * The tenant id to connect to, and get the data from.
+ */
+ tenantId?: string;
+ /**
+ * The lookback period for the feed to be imported.
+ */
+ tipLookbackPeriod?: Date;
+ /**
+ * The available data types for the connector.
+ */
+ dataTypes?: TIDataConnectorDataTypes;
+}
+
+/**
+ * Exchange data type connection.
+ */
+export interface OfficeDataConnectorDataTypesExchange extends DataConnectorDataTypeCommon {
+}
+
+/**
+ * SharePoint data type connection.
+ */
+export interface OfficeDataConnectorDataTypesSharePoint extends DataConnectorDataTypeCommon {
+}
+
+/**
+ * Teams data type connection.
+ */
+export interface OfficeDataConnectorDataTypesTeams extends DataConnectorDataTypeCommon {
+}
+
+/**
+ * The available data types for office data connector.
+ */
+export interface OfficeDataConnectorDataTypes {
+ /**
+ * Exchange data type connection.
+ */
+ exchange?: OfficeDataConnectorDataTypesExchange;
+ /**
+ * SharePoint data type connection.
+ */
+ sharePoint?: OfficeDataConnectorDataTypesSharePoint;
+ /**
+ * Teams data type connection.
+ */
+ teams?: OfficeDataConnectorDataTypesTeams;
+}
+
+/**
+ * Represents office data connector.
+ */
+export interface OfficeDataConnector {
+ /**
+ * Polymorphic Discriminator
+ */
+ kind: "Office365";
+ /**
+ * Azure resource Id
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly id?: string;
+ /**
+ * Azure resource name
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly name?: string;
+ /**
+ * Azure resource type
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly type?: string;
+ /**
+ * Etag of the azure resource
+ */
+ etag?: string;
+ /**
+ * The tenant id to connect to, and get the data from.
+ */
+ tenantId?: string;
+ /**
+ * The available data types for the connector.
+ */
+ dataTypes?: OfficeDataConnectorDataTypes;
+}
+
+/**
+ * List of all the office365 consents.
+ */
+export interface OfficeConsentList {
+ /**
+ * URL to fetch the next set of office consents.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly nextLink?: string;
+ /**
+ * Array of the consents.
+ */
+ value: OfficeConsent[];
+}
+
+/**
+ * Properties of the operation
+ */
+export interface OperationDisplay {
+ /**
+ * Description of the operation
+ */
+ description?: string;
+ /**
+ * Operation name
+ */
+ operation?: string;
+ /**
+ * Provider name
+ */
+ provider?: string;
+ /**
+ * Resource name
+ */
+ resource?: string;
+}
+
+/**
+ * Operation provided by provider
+ */
+export interface Operation {
+ /**
+ * Properties of the operation
+ */
+ display?: OperationDisplay;
+ /**
+ * Name of the operation
+ */
+ name?: string;
+ /**
+ * The origin of the operation
+ */
+ origin?: string;
+}
+
+/**
+ * ThreatIntelligence property bag.
+ */
+export interface ThreatIntelligence {
+ /**
+ * Confidence (must be between 0 and 1)
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly confidence?: number;
+ /**
+ * Name of the provider from whom this Threat Intelligence information was received
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly providerName?: string;
+ /**
+ * Report link
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly reportLink?: string;
+ /**
+ * Threat description (free text)
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly threatDescription?: string;
+ /**
+ * Threat name (e.g. "Jedobot malware")
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly threatName?: string;
+ /**
+ * Threat type (e.g. "Botnet")
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly threatType?: string;
+}
+
+/**
+ * Optional Parameters.
+ */
+export interface IncidentsListOptionalParams extends msRest.RequestOptionsBase {
+ /**
+ * Filters the results, based on a Boolean condition. Optional.
+ */
+ filter?: string;
+ /**
+ * Sorts the results. Optional.
+ */
+ orderby?: string;
+ /**
+ * Returns only the first n results. Optional.
+ */
+ top?: number;
+ /**
+ * Skiptoken is only used if a previous operation returned a partial result. If a previous
+ * response contains a nextLink element, the value of the nextLink element will include a
+ * skiptoken parameter that specifies a starting point to use for subsequent calls. Optional.
+ */
+ skipToken?: string;
+}
+
+/**
+ * Optional Parameters.
+ */
+export interface IncidentsListNextOptionalParams extends msRest.RequestOptionsBase {
+ /**
+ * Filters the results, based on a Boolean condition. Optional.
+ */
+ filter?: string;
+ /**
+ * Sorts the results. Optional.
+ */
+ orderby?: string;
+ /**
+ * Returns only the first n results. Optional.
+ */
+ top?: number;
+ /**
+ * Skiptoken is only used if a previous operation returned a partial result. If a previous
+ * response contains a nextLink element, the value of the nextLink element will include a
+ * skiptoken parameter that specifies a starting point to use for subsequent calls. Optional.
+ */
+ skipToken?: string;
+}
+
+/**
+ * Optional Parameters.
+ */
+export interface IncidentCommentsListByIncidentOptionalParams extends msRest.RequestOptionsBase {
+ /**
+ * Filters the results, based on a Boolean condition. Optional.
+ */
+ filter?: string;
+ /**
+ * Sorts the results. Optional.
+ */
+ orderby?: string;
+ /**
+ * Returns only the first n results. Optional.
+ */
+ top?: number;
+ /**
+ * Skiptoken is only used if a previous operation returned a partial result. If a previous
+ * response contains a nextLink element, the value of the nextLink element will include a
+ * skiptoken parameter that specifies a starting point to use for subsequent calls. Optional.
+ */
+ skipToken?: string;
+}
+
+/**
+ * Optional Parameters.
+ */
+export interface IncidentCommentsListByIncidentNextOptionalParams extends msRest.RequestOptionsBase {
+ /**
+ * Filters the results, based on a Boolean condition. Optional.
+ */
+ filter?: string;
+ /**
+ * Sorts the results. Optional.
+ */
+ orderby?: string;
+ /**
+ * Returns only the first n results. Optional.
+ */
+ top?: number;
+ /**
+ * Skiptoken is only used if a previous operation returned a partial result. If a previous
+ * response contains a nextLink element, the value of the nextLink element will include a
+ * skiptoken parameter that specifies a starting point to use for subsequent calls. Optional.
+ */
+ skipToken?: string;
+}
+
+/**
+ * An interface representing SecurityInsightsOptions.
+ */
+export interface SecurityInsightsOptions extends AzureServiceClientOptions {
+ baseUri?: string;
+}
+
+/**
+ * @interface
+ * List all the alert rules.
+ * @extends Array
+ */
+export interface AlertRulesList extends Array {
+ /**
+ * URL to fetch the next set of alert rules.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly nextLink?: string;
+}
+
+/**
+ * @interface
+ * List all the actions.
+ * @extends Array
+ */
+export interface ActionsList extends Array {
+ /**
+ * URL to fetch the next set of actions.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly nextLink?: string;
+}
+
+/**
+ * @interface
+ * List all the alert rule templates.
+ * @extends Array
+ */
+export interface AlertRuleTemplatesList extends Array {
+ /**
+ * URL to fetch the next set of alert rule templates.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly nextLink?: string;
+}
+
+/**
+ * @interface
+ * List all the bookmarks.
+ * @extends Array
+ */
+export interface BookmarkList extends Array {
+ /**
+ * URL to fetch the next set of cases.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly nextLink?: string;
+}
+
+/**
+ * @interface
+ * List all the data connectors.
+ * @extends Array
+ */
+export interface DataConnectorList extends Array {
+ /**
+ * URL to fetch the next set of data connectors.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly nextLink?: string;
+}
+
+/**
+ * @interface
+ * Lists the operations available in the SecurityInsights RP.
+ * @extends Array
+ */
+export interface OperationsList extends Array {
+ /**
+ * URL to fetch the next set of operations.
+ */
+ nextLink?: string;
+}
+
+/**
+ * @interface
+ * List all the incidents.
+ * @extends Array
+ */
+export interface IncidentList extends Array {
+ /**
+ * URL to fetch the next set of incidents.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly nextLink?: string;
+}
+
+/**
+ * @interface
+ * List of incident comments.
+ * @extends Array
+ */
+export interface IncidentCommentList extends Array {
+ /**
+ * URL to fetch the next set of comments.
+ * **NOTE: This property will not be serialized. It can only be populated by the server.**
+ */
+ readonly nextLink?: string;
+}
+
+/**
+ * Defines values for AlertRuleKind.
+ * Possible values include: 'Scheduled', 'MicrosoftSecurityIncidentCreation', 'Fusion'
+ * @readonly
+ * @enum {string}
+ */
+export type AlertRuleKind = 'Scheduled' | 'MicrosoftSecurityIncidentCreation' | 'Fusion';
+
+/**
+ * Defines values for TemplateStatus.
+ * Possible values include: 'Installed', 'Available', 'NotAvailable'
+ * @readonly
+ * @enum {string}
+ */
+export type TemplateStatus = 'Installed' | 'Available' | 'NotAvailable';
+
+/**
+ * Defines values for TriggerOperator.
+ * Possible values include: 'GreaterThan', 'LessThan', 'Equal', 'NotEqual'
+ * @readonly
+ * @enum {string}
+ */
+export type TriggerOperator = 'GreaterThan' | 'LessThan' | 'Equal' | 'NotEqual';
+
+/**
+ * Defines values for AlertSeverity.
+ * Possible values include: 'High', 'Medium', 'Low', 'Informational'
+ * @readonly
+ * @enum {string}
+ */
+export type AlertSeverity = 'High' | 'Medium' | 'Low' | 'Informational';
+
+/**
+ * Defines values for AttackTactic.
+ * Possible values include: 'InitialAccess', 'Execution', 'Persistence', 'PrivilegeEscalation',
+ * 'DefenseEvasion', 'CredentialAccess', 'Discovery', 'LateralMovement', 'Collection',
+ * 'Exfiltration', 'CommandAndControl', 'Impact'
+ * @readonly
+ * @enum {string}
+ */
+export type AttackTactic = 'InitialAccess' | 'Execution' | 'Persistence' | 'PrivilegeEscalation' | 'DefenseEvasion' | 'CredentialAccess' | 'Discovery' | 'LateralMovement' | 'Collection' | 'Exfiltration' | 'CommandAndControl' | 'Impact';
+
+/**
+ * Defines values for MicrosoftSecurityProductName.
+ * Possible values include: 'Microsoft Cloud App Security', 'Azure Security Center', 'Azure
+ * Advanced Threat Protection', 'Azure Active Directory Identity Protection', 'Azure Security
+ * Center for IoT'
+ * @readonly
+ * @enum {string}
+ */
+export type MicrosoftSecurityProductName = 'Microsoft Cloud App Security' | 'Azure Security Center' | 'Azure Advanced Threat Protection' | 'Azure Active Directory Identity Protection' | 'Azure Security Center for IoT';
+
+/**
+ * Defines values for IncidentSeverity.
+ * Possible values include: 'High', 'Medium', 'Low', 'Informational'
+ * @readonly
+ * @enum {string}
+ */
+export type IncidentSeverity = 'High' | 'Medium' | 'Low' | 'Informational';
+
+/**
+ * Defines values for IncidentLabelType.
+ * Possible values include: 'User', 'System'
+ * @readonly
+ * @enum {string}
+ */
+export type IncidentLabelType = 'User' | 'System';
+
+/**
+ * Defines values for IncidentClassification.
+ * Possible values include: 'Undetermined', 'TruePositive', 'BenignPositive', 'FalsePositive'
+ * @readonly
+ * @enum {string}
+ */
+export type IncidentClassification = 'Undetermined' | 'TruePositive' | 'BenignPositive' | 'FalsePositive';
+
+/**
+ * Defines values for IncidentClassificationReason.
+ * Possible values include: 'SuspiciousActivity', 'SuspiciousButExpected', 'IncorrectAlertLogic',
+ * 'InaccurateData'
+ * @readonly
+ * @enum {string}
+ */
+export type IncidentClassificationReason = 'SuspiciousActivity' | 'SuspiciousButExpected' | 'IncorrectAlertLogic' | 'InaccurateData';
+
+/**
+ * Defines values for IncidentStatus.
+ * Possible values include: 'New', 'Active', 'Closed'
+ * @readonly
+ * @enum {string}
+ */
+export type IncidentStatus = 'New' | 'Active' | 'Closed';
+
+/**
+ * Defines values for DataTypeState.
+ * Possible values include: 'Enabled', 'Disabled'
+ * @readonly
+ * @enum {string}
+ */
+export type DataTypeState = 'Enabled' | 'Disabled';
+
+/**
+ * Defines values for DataConnectorKind.
+ * Possible values include: 'AzureActiveDirectory', 'AzureSecurityCenter',
+ * 'MicrosoftCloudAppSecurity', 'ThreatIntelligence', 'Office365', 'AmazonWebServicesCloudTrail',
+ * 'AzureAdvancedThreatProtection', 'MicrosoftDefenderAdvancedThreatProtection'
+ * @readonly
+ * @enum {string}
+ */
+export type DataConnectorKind = 'AzureActiveDirectory' | 'AzureSecurityCenter' | 'MicrosoftCloudAppSecurity' | 'ThreatIntelligence' | 'Office365' | 'AmazonWebServicesCloudTrail' | 'AzureAdvancedThreatProtection' | 'MicrosoftDefenderAdvancedThreatProtection';
+
+/**
+ * Contains response data for the list operation.
+ */
+export type AlertRulesListResponse = AlertRulesList & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: AlertRulesList;
+ };
+};
+
+/**
+ * Contains response data for the get operation.
+ */
+export type AlertRulesGetResponse = AlertRuleUnion & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: AlertRuleUnion;
+ };
+};
+
+/**
+ * Contains response data for the createOrUpdate operation.
+ */
+export type AlertRulesCreateOrUpdateResponse = AlertRuleUnion & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: AlertRuleUnion;
+ };
+};
+
+/**
+ * Contains response data for the listNext operation.
+ */
+export type AlertRulesListNextResponse = AlertRulesList & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: AlertRulesList;
+ };
+};
+
+/**
+ * Contains response data for the listByAlertRule operation.
+ */
+export type ActionsListByAlertRuleResponse = ActionsList & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: ActionsList;
+ };
+};
+
+/**
+ * Contains response data for the get operation.
+ */
+export type ActionsGetResponse = ActionResponse & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: ActionResponse;
+ };
+};
+
+/**
+ * Contains response data for the createOrUpdate operation.
+ */
+export type ActionsCreateOrUpdateResponse = ActionResponse & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: ActionResponse;
+ };
+};
+
+/**
+ * Contains response data for the listByAlertRuleNext operation.
+ */
+export type ActionsListByAlertRuleNextResponse = ActionsList & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: ActionsList;
+ };
+};
+
+/**
+ * Contains response data for the list operation.
+ */
+export type AlertRuleTemplatesListResponse = AlertRuleTemplatesList & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: AlertRuleTemplatesList;
+ };
+};
+
+/**
+ * Contains response data for the get operation.
+ */
+export type AlertRuleTemplatesGetResponse = AlertRuleTemplateUnion & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: AlertRuleTemplateUnion;
+ };
+};
+
+/**
+ * Contains response data for the listNext operation.
+ */
+export type AlertRuleTemplatesListNextResponse = AlertRuleTemplatesList & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: AlertRuleTemplatesList;
+ };
+};
+
+/**
+ * Contains response data for the list operation.
+ */
+export type BookmarksListResponse = BookmarkList & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: BookmarkList;
+ };
+};
+
+/**
+ * Contains response data for the get operation.
+ */
+export type BookmarksGetResponse = Bookmark & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: Bookmark;
+ };
+};
+
+/**
+ * Contains response data for the createOrUpdate operation.
+ */
+export type BookmarksCreateOrUpdateResponse = Bookmark & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: Bookmark;
+ };
+};
+
+/**
+ * Contains response data for the listNext operation.
+ */
+export type BookmarksListNextResponse = BookmarkList & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: BookmarkList;
+ };
+};
+
+/**
+ * Contains response data for the list operation.
+ */
+export type DataConnectorsListResponse = DataConnectorList & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: DataConnectorList;
+ };
+};
+
+/**
+ * Contains response data for the get operation.
+ */
+export type DataConnectorsGetResponse = DataConnectorUnion & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: DataConnectorUnion;
+ };
+};
+
+/**
+ * Contains response data for the createOrUpdate operation.
+ */
+export type DataConnectorsCreateOrUpdateResponse = DataConnectorUnion & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: DataConnectorUnion;
+ };
+};
+
+/**
+ * Contains response data for the listNext operation.
+ */
+export type DataConnectorsListNextResponse = DataConnectorList & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: DataConnectorList;
+ };
+};
+
+/**
+ * Contains response data for the list operation.
+ */
+export type OperationsListResponse = OperationsList & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: OperationsList;
+ };
+};
+
+/**
+ * Contains response data for the listNext operation.
+ */
+export type OperationsListNextResponse = OperationsList & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: OperationsList;
+ };
+};
+
+/**
+ * Contains response data for the list operation.
+ */
+export type IncidentsListResponse = IncidentList & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: IncidentList;
+ };
+};
+
+/**
+ * Contains response data for the get operation.
+ */
+export type IncidentsGetResponse = Incident & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: Incident;
+ };
+};
+
+/**
+ * Contains response data for the createOrUpdate operation.
+ */
+export type IncidentsCreateOrUpdateResponse = Incident & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: Incident;
+ };
+};
+
+/**
+ * Contains response data for the listNext operation.
+ */
+export type IncidentsListNextResponse = IncidentList & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: IncidentList;
+ };
+};
+
+/**
+ * Contains response data for the listByIncident operation.
+ */
+export type IncidentCommentsListByIncidentResponse = IncidentCommentList & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: IncidentCommentList;
+ };
+};
+
+/**
+ * Contains response data for the get operation.
+ */
+export type IncidentCommentsGetResponse = IncidentComment & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: IncidentComment;
+ };
+};
+
+/**
+ * Contains response data for the createComment operation.
+ */
+export type IncidentCommentsCreateCommentResponse = IncidentComment & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: IncidentComment;
+ };
+};
+
+/**
+ * Contains response data for the listByIncidentNext operation.
+ */
+export type IncidentCommentsListByIncidentNextResponse = IncidentCommentList & {
+ /**
+ * The underlying HTTP response.
+ */
+ _response: msRest.HttpResponse & {
+ /**
+ * The response body as text (string format)
+ */
+ bodyAsText: string;
+
+ /**
+ * The response body as parsed JSON or XML
+ */
+ parsedBody: IncidentCommentList;
+ };
+};
diff --git a/sdk/securityinsight/arm-securityinsight/src/models/mappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/mappers.ts
new file mode 100644
index 000000000000..e73533e95dec
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/src/models/mappers.ts
@@ -0,0 +1,2304 @@
+/*
+ * Copyright (c) Microsoft Corporation.
+ * Licensed under the MIT License.
+ *
+ * Code generated by Microsoft (R) AutoRest Code Generator.
+ * Changes may cause incorrect behavior and will be lost if the code is regenerated.
+ */
+
+import { CloudErrorMapper, BaseResourceMapper } from "@azure/ms-rest-azure-js";
+import * as msRest from "@azure/ms-rest-js";
+
+export const CloudError = CloudErrorMapper;
+export const BaseResource = BaseResourceMapper;
+
+export const Resource: msRest.CompositeMapper = {
+ serializedName: "Resource",
+ type: {
+ name: "Composite",
+ className: "Resource",
+ modelProperties: {
+ id: {
+ readOnly: true,
+ serializedName: "id",
+ type: {
+ name: "String"
+ }
+ },
+ name: {
+ readOnly: true,
+ serializedName: "name",
+ type: {
+ name: "String"
+ }
+ },
+ type: {
+ readOnly: true,
+ serializedName: "type",
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+};
+
+export const ActionResponse: msRest.CompositeMapper = {
+ serializedName: "ActionResponse",
+ type: {
+ name: "Composite",
+ className: "ActionResponse",
+ modelProperties: {
+ ...Resource.type.modelProperties,
+ etag: {
+ serializedName: "etag",
+ type: {
+ name: "String"
+ }
+ },
+ logicAppResourceId: {
+ required: true,
+ serializedName: "properties.logicAppResourceId",
+ type: {
+ name: "String"
+ }
+ },
+ workflowId: {
+ serializedName: "properties.workflowId",
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+};
+
+export const ResourceWithEtag: msRest.CompositeMapper = {
+ serializedName: "ResourceWithEtag",
+ type: {
+ name: "Composite",
+ className: "ResourceWithEtag",
+ modelProperties: {
+ id: {
+ readOnly: true,
+ serializedName: "id",
+ type: {
+ name: "String"
+ }
+ },
+ name: {
+ readOnly: true,
+ serializedName: "name",
+ type: {
+ name: "String"
+ }
+ },
+ type: {
+ readOnly: true,
+ serializedName: "type",
+ type: {
+ name: "String"
+ }
+ },
+ etag: {
+ serializedName: "etag",
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+};
+
+export const ActionRequest: msRest.CompositeMapper = {
+ serializedName: "ActionRequest",
+ type: {
+ name: "Composite",
+ className: "ActionRequest",
+ modelProperties: {
+ ...ResourceWithEtag.type.modelProperties,
+ logicAppResourceId: {
+ required: true,
+ serializedName: "properties.logicAppResourceId",
+ type: {
+ name: "String"
+ }
+ },
+ triggerUri: {
+ required: true,
+ serializedName: "properties.triggerUri",
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+};
+
+export const ActionPropertiesBase: msRest.CompositeMapper = {
+ serializedName: "ActionPropertiesBase",
+ type: {
+ name: "Composite",
+ className: "ActionPropertiesBase",
+ modelProperties: {
+ logicAppResourceId: {
+ required: true,
+ serializedName: "logicAppResourceId",
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+};
+
+export const AlertRule: msRest.CompositeMapper = {
+ serializedName: "AlertRule",
+ type: {
+ name: "Composite",
+ polymorphicDiscriminator: {
+ serializedName: "kind",
+ clientName: "kind"
+ },
+ uberParent: "AlertRule",
+ className: "AlertRule",
+ modelProperties: {
+ ...ResourceWithEtag.type.modelProperties,
+ kind: {
+ required: true,
+ serializedName: "kind",
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+};
+
+export const AlertRuleTemplate: msRest.CompositeMapper = {
+ serializedName: "AlertRuleTemplate",
+ type: {
+ name: "Composite",
+ polymorphicDiscriminator: {
+ serializedName: "kind",
+ clientName: "kind"
+ },
+ uberParent: "AlertRuleTemplate",
+ className: "AlertRuleTemplate",
+ modelProperties: {
+ ...Resource.type.modelProperties,
+ kind: {
+ required: true,
+ serializedName: "kind",
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+};
+
+export const AlertRuleTemplateDataSource: msRest.CompositeMapper = {
+ serializedName: "AlertRuleTemplateDataSource",
+ type: {
+ name: "Composite",
+ className: "AlertRuleTemplateDataSource",
+ modelProperties: {
+ connectorId: {
+ serializedName: "connectorId",
+ type: {
+ name: "String"
+ }
+ },
+ dataTypes: {
+ serializedName: "dataTypes",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+ }
+ }
+};
+
+export const FusionAlertRule: msRest.CompositeMapper = {
+ serializedName: "Fusion",
+ type: {
+ name: "Composite",
+ polymorphicDiscriminator: AlertRule.type.polymorphicDiscriminator,
+ uberParent: "AlertRule",
+ className: "FusionAlertRule",
+ modelProperties: {
+ ...AlertRule.type.modelProperties,
+ alertRuleTemplateName: {
+ required: true,
+ serializedName: "properties.alertRuleTemplateName",
+ type: {
+ name: "String"
+ }
+ },
+ description: {
+ readOnly: true,
+ serializedName: "properties.description",
+ type: {
+ name: "String"
+ }
+ },
+ displayName: {
+ readOnly: true,
+ serializedName: "properties.displayName",
+ type: {
+ name: "String"
+ }
+ },
+ enabled: {
+ required: true,
+ serializedName: "properties.enabled",
+ type: {
+ name: "Boolean"
+ }
+ },
+ lastModifiedUtc: {
+ readOnly: true,
+ serializedName: "properties.lastModifiedUtc",
+ type: {
+ name: "DateTime"
+ }
+ },
+ severity: {
+ readOnly: true,
+ serializedName: "properties.severity",
+ type: {
+ name: "String"
+ }
+ },
+ tactics: {
+ readOnly: true,
+ serializedName: "properties.tactics",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+ }
+ }
+};
+
+export const FusionAlertRuleTemplate: msRest.CompositeMapper = {
+ serializedName: "Fusion",
+ type: {
+ name: "Composite",
+ polymorphicDiscriminator: AlertRuleTemplate.type.polymorphicDiscriminator,
+ uberParent: "AlertRuleTemplate",
+ className: "FusionAlertRuleTemplate",
+ modelProperties: {
+ ...AlertRuleTemplate.type.modelProperties,
+ alertRulesCreatedByTemplateCount: {
+ serializedName: "properties.alertRulesCreatedByTemplateCount",
+ type: {
+ name: "Number"
+ }
+ },
+ createdDateUTC: {
+ readOnly: true,
+ serializedName: "properties.createdDateUTC",
+ type: {
+ name: "DateTime"
+ }
+ },
+ description: {
+ serializedName: "properties.description",
+ type: {
+ name: "String"
+ }
+ },
+ displayName: {
+ serializedName: "properties.displayName",
+ type: {
+ name: "String"
+ }
+ },
+ requiredDataConnectors: {
+ serializedName: "properties.requiredDataConnectors",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "Composite",
+ className: "AlertRuleTemplateDataSource"
+ }
+ }
+ }
+ },
+ status: {
+ serializedName: "properties.status",
+ type: {
+ name: "String"
+ }
+ },
+ severity: {
+ serializedName: "properties.severity",
+ type: {
+ name: "String"
+ }
+ },
+ tactics: {
+ serializedName: "properties.tactics",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+ }
+ }
+};
+
+export const MicrosoftSecurityIncidentCreationAlertRule: msRest.CompositeMapper = {
+ serializedName: "MicrosoftSecurityIncidentCreation",
+ type: {
+ name: "Composite",
+ polymorphicDiscriminator: AlertRule.type.polymorphicDiscriminator,
+ uberParent: "AlertRule",
+ className: "MicrosoftSecurityIncidentCreationAlertRule",
+ modelProperties: {
+ ...AlertRule.type.modelProperties,
+ displayNamesFilter: {
+ serializedName: "properties.displayNamesFilter",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "String"
+ }
+ }
+ }
+ },
+ displayNamesExcludeFilter: {
+ serializedName: "properties.displayNamesExcludeFilter",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "String"
+ }
+ }
+ }
+ },
+ productFilter: {
+ required: true,
+ serializedName: "properties.productFilter",
+ type: {
+ name: "String"
+ }
+ },
+ severitiesFilter: {
+ serializedName: "properties.severitiesFilter",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "String"
+ }
+ }
+ }
+ },
+ alertRuleTemplateName: {
+ serializedName: "properties.alertRuleTemplateName",
+ type: {
+ name: "String"
+ }
+ },
+ description: {
+ serializedName: "properties.description",
+ type: {
+ name: "String"
+ }
+ },
+ displayName: {
+ required: true,
+ serializedName: "properties.displayName",
+ type: {
+ name: "String"
+ }
+ },
+ enabled: {
+ required: true,
+ serializedName: "properties.enabled",
+ type: {
+ name: "Boolean"
+ }
+ },
+ lastModifiedUtc: {
+ readOnly: true,
+ serializedName: "properties.lastModifiedUtc",
+ type: {
+ name: "DateTime"
+ }
+ }
+ }
+ }
+};
+
+export const MicrosoftSecurityIncidentCreationAlertRuleCommonProperties: msRest.CompositeMapper = {
+ serializedName: "MicrosoftSecurityIncidentCreationAlertRuleCommonProperties",
+ type: {
+ name: "Composite",
+ className: "MicrosoftSecurityIncidentCreationAlertRuleCommonProperties",
+ modelProperties: {
+ displayNamesFilter: {
+ serializedName: "displayNamesFilter",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "String"
+ }
+ }
+ }
+ },
+ displayNamesExcludeFilter: {
+ serializedName: "displayNamesExcludeFilter",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "String"
+ }
+ }
+ }
+ },
+ productFilter: {
+ required: true,
+ serializedName: "productFilter",
+ type: {
+ name: "String"
+ }
+ },
+ severitiesFilter: {
+ serializedName: "severitiesFilter",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+ }
+ }
+};
+
+export const MicrosoftSecurityIncidentCreationAlertRuleTemplate: msRest.CompositeMapper = {
+ serializedName: "MicrosoftSecurityIncidentCreation",
+ type: {
+ name: "Composite",
+ polymorphicDiscriminator: AlertRuleTemplate.type.polymorphicDiscriminator,
+ uberParent: "AlertRuleTemplate",
+ className: "MicrosoftSecurityIncidentCreationAlertRuleTemplate",
+ modelProperties: {
+ ...AlertRuleTemplate.type.modelProperties,
+ alertRulesCreatedByTemplateCount: {
+ serializedName: "properties.alertRulesCreatedByTemplateCount",
+ type: {
+ name: "Number"
+ }
+ },
+ createdDateUTC: {
+ readOnly: true,
+ serializedName: "properties.createdDateUTC",
+ type: {
+ name: "DateTime"
+ }
+ },
+ description: {
+ serializedName: "properties.description",
+ type: {
+ name: "String"
+ }
+ },
+ displayName: {
+ serializedName: "properties.displayName",
+ type: {
+ name: "String"
+ }
+ },
+ requiredDataConnectors: {
+ serializedName: "properties.requiredDataConnectors",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "Composite",
+ className: "AlertRuleTemplateDataSource"
+ }
+ }
+ }
+ },
+ status: {
+ serializedName: "properties.status",
+ type: {
+ name: "String"
+ }
+ },
+ displayNamesFilter: {
+ serializedName: "properties.displayNamesFilter",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "String"
+ }
+ }
+ }
+ },
+ displayNamesExcludeFilter: {
+ serializedName: "properties.displayNamesExcludeFilter",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "String"
+ }
+ }
+ }
+ },
+ productFilter: {
+ required: true,
+ serializedName: "properties.productFilter",
+ type: {
+ name: "String"
+ }
+ },
+ severitiesFilter: {
+ serializedName: "properties.severitiesFilter",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+ }
+ }
+};
+
+export const ScheduledAlertRule: msRest.CompositeMapper = {
+ serializedName: "Scheduled",
+ type: {
+ name: "Composite",
+ polymorphicDiscriminator: AlertRule.type.polymorphicDiscriminator,
+ uberParent: "AlertRule",
+ className: "ScheduledAlertRule",
+ modelProperties: {
+ ...AlertRule.type.modelProperties,
+ query: {
+ serializedName: "properties.query",
+ type: {
+ name: "String"
+ }
+ },
+ queryFrequency: {
+ serializedName: "properties.queryFrequency",
+ type: {
+ name: "TimeSpan"
+ }
+ },
+ queryPeriod: {
+ serializedName: "properties.queryPeriod",
+ type: {
+ name: "TimeSpan"
+ }
+ },
+ severity: {
+ serializedName: "properties.severity",
+ type: {
+ name: "String"
+ }
+ },
+ triggerOperator: {
+ serializedName: "properties.triggerOperator",
+ type: {
+ name: "Enum",
+ allowedValues: [
+ "GreaterThan",
+ "LessThan",
+ "Equal",
+ "NotEqual"
+ ]
+ }
+ },
+ triggerThreshold: {
+ serializedName: "properties.triggerThreshold",
+ type: {
+ name: "Number"
+ }
+ },
+ alertRuleTemplateName: {
+ serializedName: "properties.alertRuleTemplateName",
+ type: {
+ name: "String"
+ }
+ },
+ description: {
+ serializedName: "properties.description",
+ type: {
+ name: "String"
+ }
+ },
+ displayName: {
+ required: true,
+ serializedName: "properties.displayName",
+ type: {
+ name: "String"
+ }
+ },
+ enabled: {
+ required: true,
+ serializedName: "properties.enabled",
+ type: {
+ name: "Boolean"
+ }
+ },
+ lastModifiedUtc: {
+ readOnly: true,
+ serializedName: "properties.lastModifiedUtc",
+ type: {
+ name: "DateTime"
+ }
+ },
+ suppressionDuration: {
+ required: true,
+ serializedName: "properties.suppressionDuration",
+ type: {
+ name: "TimeSpan"
+ }
+ },
+ suppressionEnabled: {
+ required: true,
+ serializedName: "properties.suppressionEnabled",
+ type: {
+ name: "Boolean"
+ }
+ },
+ tactics: {
+ serializedName: "properties.tactics",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+ }
+ }
+};
+
+export const ScheduledAlertRuleCommonProperties: msRest.CompositeMapper = {
+ serializedName: "ScheduledAlertRuleCommonProperties",
+ type: {
+ name: "Composite",
+ className: "ScheduledAlertRuleCommonProperties",
+ modelProperties: {
+ query: {
+ serializedName: "query",
+ type: {
+ name: "String"
+ }
+ },
+ queryFrequency: {
+ serializedName: "queryFrequency",
+ type: {
+ name: "TimeSpan"
+ }
+ },
+ queryPeriod: {
+ serializedName: "queryPeriod",
+ type: {
+ name: "TimeSpan"
+ }
+ },
+ severity: {
+ serializedName: "severity",
+ type: {
+ name: "String"
+ }
+ },
+ triggerOperator: {
+ serializedName: "triggerOperator",
+ type: {
+ name: "Enum",
+ allowedValues: [
+ "GreaterThan",
+ "LessThan",
+ "Equal",
+ "NotEqual"
+ ]
+ }
+ },
+ triggerThreshold: {
+ serializedName: "triggerThreshold",
+ type: {
+ name: "Number"
+ }
+ }
+ }
+ }
+};
+
+export const ScheduledAlertRuleTemplate: msRest.CompositeMapper = {
+ serializedName: "Scheduled",
+ type: {
+ name: "Composite",
+ polymorphicDiscriminator: AlertRuleTemplate.type.polymorphicDiscriminator,
+ uberParent: "AlertRuleTemplate",
+ className: "ScheduledAlertRuleTemplate",
+ modelProperties: {
+ ...AlertRuleTemplate.type.modelProperties,
+ alertRulesCreatedByTemplateCount: {
+ serializedName: "properties.alertRulesCreatedByTemplateCount",
+ type: {
+ name: "Number"
+ }
+ },
+ createdDateUTC: {
+ readOnly: true,
+ serializedName: "properties.createdDateUTC",
+ type: {
+ name: "DateTime"
+ }
+ },
+ description: {
+ serializedName: "properties.description",
+ type: {
+ name: "String"
+ }
+ },
+ displayName: {
+ serializedName: "properties.displayName",
+ type: {
+ name: "String"
+ }
+ },
+ requiredDataConnectors: {
+ serializedName: "properties.requiredDataConnectors",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "Composite",
+ className: "AlertRuleTemplateDataSource"
+ }
+ }
+ }
+ },
+ status: {
+ serializedName: "properties.status",
+ type: {
+ name: "String"
+ }
+ },
+ query: {
+ serializedName: "properties.query",
+ type: {
+ name: "String"
+ }
+ },
+ queryFrequency: {
+ serializedName: "properties.queryFrequency",
+ type: {
+ name: "TimeSpan"
+ }
+ },
+ queryPeriod: {
+ serializedName: "properties.queryPeriod",
+ type: {
+ name: "TimeSpan"
+ }
+ },
+ severity: {
+ serializedName: "properties.severity",
+ type: {
+ name: "String"
+ }
+ },
+ triggerOperator: {
+ serializedName: "properties.triggerOperator",
+ type: {
+ name: "Enum",
+ allowedValues: [
+ "GreaterThan",
+ "LessThan",
+ "Equal",
+ "NotEqual"
+ ]
+ }
+ },
+ triggerThreshold: {
+ serializedName: "properties.triggerThreshold",
+ type: {
+ name: "Number"
+ }
+ },
+ tactics: {
+ serializedName: "properties.tactics",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+ }
+ }
+};
+
+export const OfficeConsent: msRest.CompositeMapper = {
+ serializedName: "OfficeConsent",
+ type: {
+ name: "Composite",
+ className: "OfficeConsent",
+ modelProperties: {
+ ...Resource.type.modelProperties,
+ tenantId: {
+ serializedName: "properties.tenantId",
+ type: {
+ name: "String"
+ }
+ },
+ tenantName: {
+ readOnly: true,
+ serializedName: "properties.tenantName",
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+};
+
+export const ClientInfo: msRest.CompositeMapper = {
+ serializedName: "ClientInfo",
+ type: {
+ name: "Composite",
+ className: "ClientInfo",
+ modelProperties: {
+ email: {
+ serializedName: "email",
+ type: {
+ name: "String"
+ }
+ },
+ name: {
+ serializedName: "name",
+ type: {
+ name: "String"
+ }
+ },
+ objectId: {
+ serializedName: "objectId",
+ type: {
+ name: "Uuid"
+ }
+ },
+ userPrincipalName: {
+ serializedName: "userPrincipalName",
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+};
+
+export const IncidentComment: msRest.CompositeMapper = {
+ serializedName: "IncidentComment",
+ type: {
+ name: "Composite",
+ className: "IncidentComment",
+ modelProperties: {
+ ...Resource.type.modelProperties,
+ createdTimeUtc: {
+ readOnly: true,
+ serializedName: "properties.createdTimeUtc",
+ type: {
+ name: "DateTime"
+ }
+ },
+ message: {
+ required: true,
+ serializedName: "properties.message",
+ type: {
+ name: "String"
+ }
+ },
+ author: {
+ readOnly: true,
+ serializedName: "properties.author",
+ type: {
+ name: "Composite",
+ className: "ClientInfo"
+ }
+ }
+ }
+ }
+};
+
+export const IncidentOwnerInfo: msRest.CompositeMapper = {
+ serializedName: "IncidentOwnerInfo",
+ type: {
+ name: "Composite",
+ className: "IncidentOwnerInfo",
+ modelProperties: {
+ email: {
+ serializedName: "email",
+ type: {
+ name: "String"
+ }
+ },
+ assignedTo: {
+ serializedName: "assignedTo",
+ type: {
+ name: "String"
+ }
+ },
+ objectId: {
+ serializedName: "objectId",
+ type: {
+ name: "Uuid"
+ }
+ },
+ userPrincipalName: {
+ serializedName: "userPrincipalName",
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+};
+
+export const IncidentLabel: msRest.CompositeMapper = {
+ serializedName: "IncidentLabel",
+ type: {
+ name: "Composite",
+ className: "IncidentLabel",
+ modelProperties: {
+ labelName: {
+ required: true,
+ serializedName: "labelName",
+ type: {
+ name: "String"
+ }
+ },
+ labelType: {
+ readOnly: true,
+ serializedName: "labelType",
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+};
+
+export const IncidentAdditionalData: msRest.CompositeMapper = {
+ serializedName: "IncidentAdditionalData",
+ type: {
+ name: "Composite",
+ className: "IncidentAdditionalData",
+ modelProperties: {
+ alertsCount: {
+ readOnly: true,
+ serializedName: "alertsCount",
+ type: {
+ name: "Number"
+ }
+ },
+ bookmarksCount: {
+ readOnly: true,
+ serializedName: "bookmarksCount",
+ type: {
+ name: "Number"
+ }
+ },
+ commentsCount: {
+ readOnly: true,
+ serializedName: "commentsCount",
+ type: {
+ name: "Number"
+ }
+ },
+ alertProductNames: {
+ readOnly: true,
+ serializedName: "alertProductNames",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "String"
+ }
+ }
+ }
+ },
+ tactics: {
+ readOnly: true,
+ serializedName: "tactics",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+ }
+ }
+};
+
+export const Incident: msRest.CompositeMapper = {
+ serializedName: "Incident",
+ type: {
+ name: "Composite",
+ className: "Incident",
+ modelProperties: {
+ ...ResourceWithEtag.type.modelProperties,
+ additionalData: {
+ readOnly: true,
+ serializedName: "properties.additionalData",
+ type: {
+ name: "Composite",
+ className: "IncidentAdditionalData"
+ }
+ },
+ classification: {
+ serializedName: "properties.classification",
+ type: {
+ name: "String"
+ }
+ },
+ classificationComment: {
+ serializedName: "properties.classificationComment",
+ type: {
+ name: "String"
+ }
+ },
+ classificationReason: {
+ serializedName: "properties.classificationReason",
+ type: {
+ name: "String"
+ }
+ },
+ createdTimeUtc: {
+ readOnly: true,
+ serializedName: "properties.createdTimeUtc",
+ type: {
+ name: "DateTime"
+ }
+ },
+ description: {
+ serializedName: "properties.description",
+ type: {
+ name: "String"
+ }
+ },
+ firstActivityTimeUtc: {
+ serializedName: "properties.firstActivityTimeUtc",
+ type: {
+ name: "DateTime"
+ }
+ },
+ incidentUrl: {
+ readOnly: true,
+ serializedName: "properties.incidentUrl",
+ type: {
+ name: "String"
+ }
+ },
+ incidentNumber: {
+ readOnly: true,
+ serializedName: "properties.incidentNumber",
+ type: {
+ name: "Number"
+ }
+ },
+ labels: {
+ serializedName: "properties.labels",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "Composite",
+ className: "IncidentLabel"
+ }
+ }
+ }
+ },
+ lastActivityTimeUtc: {
+ serializedName: "properties.lastActivityTimeUtc",
+ type: {
+ name: "DateTime"
+ }
+ },
+ lastModifiedTimeUtc: {
+ readOnly: true,
+ serializedName: "properties.lastModifiedTimeUtc",
+ type: {
+ name: "DateTime"
+ }
+ },
+ owner: {
+ serializedName: "properties.owner",
+ type: {
+ name: "Composite",
+ className: "IncidentOwnerInfo"
+ }
+ },
+ relatedAnalyticRuleIds: {
+ readOnly: true,
+ serializedName: "properties.relatedAnalyticRuleIds",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "String"
+ }
+ }
+ }
+ },
+ severity: {
+ required: true,
+ serializedName: "properties.severity",
+ type: {
+ name: "String"
+ }
+ },
+ status: {
+ required: true,
+ serializedName: "properties.status",
+ type: {
+ name: "String"
+ }
+ },
+ title: {
+ required: true,
+ serializedName: "properties.title",
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+};
+
+export const ErrorAdditionalInfo: msRest.CompositeMapper = {
+ serializedName: "ErrorAdditionalInfo",
+ type: {
+ name: "Composite",
+ className: "ErrorAdditionalInfo",
+ modelProperties: {
+ type: {
+ readOnly: true,
+ serializedName: "type",
+ type: {
+ name: "String"
+ }
+ },
+ info: {
+ readOnly: true,
+ serializedName: "info",
+ type: {
+ name: "Object"
+ }
+ }
+ }
+ }
+};
+
+export const ErrorResponse: msRest.CompositeMapper = {
+ serializedName: "ErrorResponse",
+ type: {
+ name: "Composite",
+ className: "ErrorResponse",
+ modelProperties: {
+ code: {
+ readOnly: true,
+ serializedName: "code",
+ type: {
+ name: "String"
+ }
+ },
+ message: {
+ readOnly: true,
+ serializedName: "message",
+ type: {
+ name: "String"
+ }
+ },
+ target: {
+ readOnly: true,
+ serializedName: "target",
+ type: {
+ name: "String"
+ }
+ },
+ details: {
+ readOnly: true,
+ serializedName: "details",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "Composite",
+ className: "ErrorResponse"
+ }
+ }
+ }
+ },
+ additionalInfo: {
+ readOnly: true,
+ serializedName: "additionalInfo",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "Composite",
+ className: "ErrorAdditionalInfo"
+ }
+ }
+ }
+ }
+ }
+ }
+};
+
+export const UserInfo: msRest.CompositeMapper = {
+ serializedName: "UserInfo",
+ type: {
+ name: "Composite",
+ className: "UserInfo",
+ modelProperties: {
+ email: {
+ readOnly: true,
+ serializedName: "email",
+ type: {
+ name: "String"
+ }
+ },
+ name: {
+ readOnly: true,
+ serializedName: "name",
+ type: {
+ name: "String"
+ }
+ },
+ objectId: {
+ required: true,
+ nullable: true,
+ serializedName: "objectId",
+ type: {
+ name: "Uuid"
+ }
+ }
+ }
+ }
+};
+
+export const IncidentInfo: msRest.CompositeMapper = {
+ serializedName: "IncidentInfo",
+ type: {
+ name: "Composite",
+ className: "IncidentInfo",
+ modelProperties: {
+ incidentId: {
+ serializedName: "incidentId",
+ type: {
+ name: "String"
+ }
+ },
+ severity: {
+ serializedName: "severity",
+ type: {
+ name: "String"
+ }
+ },
+ title: {
+ serializedName: "title",
+ type: {
+ name: "String"
+ }
+ },
+ relationName: {
+ serializedName: "relationName",
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+};
+
+export const Bookmark: msRest.CompositeMapper = {
+ serializedName: "Bookmark",
+ type: {
+ name: "Composite",
+ className: "Bookmark",
+ modelProperties: {
+ ...ResourceWithEtag.type.modelProperties,
+ created: {
+ serializedName: "properties.created",
+ type: {
+ name: "DateTime"
+ }
+ },
+ createdBy: {
+ serializedName: "properties.createdBy",
+ type: {
+ name: "Composite",
+ className: "UserInfo"
+ }
+ },
+ displayName: {
+ required: true,
+ serializedName: "properties.displayName",
+ type: {
+ name: "String"
+ }
+ },
+ labels: {
+ serializedName: "properties.labels",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "String"
+ }
+ }
+ }
+ },
+ notes: {
+ serializedName: "properties.notes",
+ type: {
+ name: "String"
+ }
+ },
+ query: {
+ required: true,
+ serializedName: "properties.query",
+ type: {
+ name: "String"
+ }
+ },
+ queryResult: {
+ serializedName: "properties.queryResult",
+ type: {
+ name: "String"
+ }
+ },
+ updated: {
+ serializedName: "properties.updated",
+ type: {
+ name: "DateTime"
+ }
+ },
+ updatedBy: {
+ serializedName: "properties.updatedBy",
+ type: {
+ name: "Composite",
+ className: "UserInfo"
+ }
+ },
+ eventTime: {
+ serializedName: "properties.eventTime",
+ type: {
+ name: "DateTime"
+ }
+ },
+ queryStartTime: {
+ serializedName: "properties.queryStartTime",
+ type: {
+ name: "DateTime"
+ }
+ },
+ queryEndTime: {
+ serializedName: "properties.queryEndTime",
+ type: {
+ name: "DateTime"
+ }
+ },
+ incidentInfo: {
+ serializedName: "properties.incidentInfo",
+ type: {
+ name: "Composite",
+ className: "IncidentInfo"
+ }
+ }
+ }
+ }
+};
+
+export const DataConnectorDataTypeCommon: msRest.CompositeMapper = {
+ serializedName: "DataConnectorDataTypeCommon",
+ type: {
+ name: "Composite",
+ className: "DataConnectorDataTypeCommon",
+ modelProperties: {
+ state: {
+ serializedName: "state",
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+};
+
+export const AlertsDataTypeOfDataConnector: msRest.CompositeMapper = {
+ serializedName: "AlertsDataTypeOfDataConnector",
+ type: {
+ name: "Composite",
+ className: "AlertsDataTypeOfDataConnector",
+ modelProperties: {
+ alerts: {
+ serializedName: "alerts",
+ type: {
+ name: "Composite",
+ className: "DataConnectorDataTypeCommon"
+ }
+ }
+ }
+ }
+};
+
+export const DataConnector: msRest.CompositeMapper = {
+ serializedName: "DataConnector",
+ type: {
+ name: "Composite",
+ polymorphicDiscriminator: {
+ serializedName: "kind",
+ clientName: "kind"
+ },
+ uberParent: "DataConnector",
+ className: "DataConnector",
+ modelProperties: {
+ ...ResourceWithEtag.type.modelProperties,
+ kind: {
+ required: true,
+ serializedName: "kind",
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+};
+
+export const AADDataConnector: msRest.CompositeMapper = {
+ serializedName: "AzureActiveDirectory",
+ type: {
+ name: "Composite",
+ polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator,
+ uberParent: "DataConnector",
+ className: "AADDataConnector",
+ modelProperties: {
+ ...DataConnector.type.modelProperties,
+ tenantId: {
+ serializedName: "properties.tenantId",
+ type: {
+ name: "String"
+ }
+ },
+ dataTypes: {
+ serializedName: "properties.dataTypes",
+ type: {
+ name: "Composite",
+ className: "AlertsDataTypeOfDataConnector"
+ }
+ }
+ }
+ }
+};
+
+export const AATPDataConnector: msRest.CompositeMapper = {
+ serializedName: "AzureAdvancedThreatProtection",
+ type: {
+ name: "Composite",
+ polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator,
+ uberParent: "DataConnector",
+ className: "AATPDataConnector",
+ modelProperties: {
+ ...DataConnector.type.modelProperties,
+ tenantId: {
+ serializedName: "properties.tenantId",
+ type: {
+ name: "String"
+ }
+ },
+ dataTypes: {
+ serializedName: "properties.dataTypes",
+ type: {
+ name: "Composite",
+ className: "AlertsDataTypeOfDataConnector"
+ }
+ }
+ }
+ }
+};
+
+export const ASCDataConnector: msRest.CompositeMapper = {
+ serializedName: "AzureSecurityCenter",
+ type: {
+ name: "Composite",
+ polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator,
+ uberParent: "DataConnector",
+ className: "ASCDataConnector",
+ modelProperties: {
+ ...DataConnector.type.modelProperties,
+ dataTypes: {
+ serializedName: "properties.dataTypes",
+ type: {
+ name: "Composite",
+ className: "AlertsDataTypeOfDataConnector"
+ }
+ },
+ subscriptionId: {
+ serializedName: "properties.subscriptionId",
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+};
+
+export const AwsCloudTrailDataConnectorDataTypesLogs: msRest.CompositeMapper = {
+ serializedName: "AwsCloudTrailDataConnectorDataTypes_logs",
+ type: {
+ name: "Composite",
+ className: "AwsCloudTrailDataConnectorDataTypesLogs",
+ modelProperties: {
+ ...DataConnectorDataTypeCommon.type.modelProperties
+ }
+ }
+};
+
+export const AwsCloudTrailDataConnectorDataTypes: msRest.CompositeMapper = {
+ serializedName: "AwsCloudTrailDataConnectorDataTypes",
+ type: {
+ name: "Composite",
+ className: "AwsCloudTrailDataConnectorDataTypes",
+ modelProperties: {
+ logs: {
+ serializedName: "logs",
+ type: {
+ name: "Composite",
+ className: "AwsCloudTrailDataConnectorDataTypesLogs"
+ }
+ }
+ }
+ }
+};
+
+export const AwsCloudTrailDataConnector: msRest.CompositeMapper = {
+ serializedName: "AmazonWebServicesCloudTrail",
+ type: {
+ name: "Composite",
+ polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator,
+ uberParent: "DataConnector",
+ className: "AwsCloudTrailDataConnector",
+ modelProperties: {
+ ...DataConnector.type.modelProperties,
+ awsRoleArn: {
+ serializedName: "properties.awsRoleArn",
+ type: {
+ name: "String"
+ }
+ },
+ dataTypes: {
+ serializedName: "properties.dataTypes",
+ type: {
+ name: "Composite",
+ className: "AwsCloudTrailDataConnectorDataTypes"
+ }
+ }
+ }
+ }
+};
+
+export const DataConnectorTenantId: msRest.CompositeMapper = {
+ serializedName: "DataConnectorTenantId",
+ type: {
+ name: "Composite",
+ className: "DataConnectorTenantId",
+ modelProperties: {
+ tenantId: {
+ serializedName: "tenantId",
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+};
+
+export const DataConnectorWithAlertsProperties: msRest.CompositeMapper = {
+ serializedName: "DataConnectorWithAlertsProperties",
+ type: {
+ name: "Composite",
+ className: "DataConnectorWithAlertsProperties",
+ modelProperties: {
+ dataTypes: {
+ serializedName: "dataTypes",
+ type: {
+ name: "Composite",
+ className: "AlertsDataTypeOfDataConnector"
+ }
+ }
+ }
+ }
+};
+
+export const MCASDataConnectorDataTypes: msRest.CompositeMapper = {
+ serializedName: "MCASDataConnectorDataTypes",
+ type: {
+ name: "Composite",
+ className: "MCASDataConnectorDataTypes",
+ modelProperties: {
+ ...AlertsDataTypeOfDataConnector.type.modelProperties,
+ discoveryLogs: {
+ serializedName: "discoveryLogs",
+ type: {
+ name: "Composite",
+ className: "DataConnectorDataTypeCommon"
+ }
+ }
+ }
+ }
+};
+
+export const MCASDataConnector: msRest.CompositeMapper = {
+ serializedName: "MicrosoftCloudAppSecurity",
+ type: {
+ name: "Composite",
+ polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator,
+ uberParent: "DataConnector",
+ className: "MCASDataConnector",
+ modelProperties: {
+ ...DataConnector.type.modelProperties,
+ tenantId: {
+ serializedName: "properties.tenantId",
+ type: {
+ name: "String"
+ }
+ },
+ dataTypes: {
+ serializedName: "properties.dataTypes",
+ type: {
+ name: "Composite",
+ className: "MCASDataConnectorDataTypes"
+ }
+ }
+ }
+ }
+};
+
+export const MDATPDataConnector: msRest.CompositeMapper = {
+ serializedName: "MicrosoftDefenderAdvancedThreatProtection",
+ type: {
+ name: "Composite",
+ polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator,
+ uberParent: "DataConnector",
+ className: "MDATPDataConnector",
+ modelProperties: {
+ ...DataConnector.type.modelProperties,
+ tenantId: {
+ serializedName: "properties.tenantId",
+ type: {
+ name: "String"
+ }
+ },
+ dataTypes: {
+ serializedName: "properties.dataTypes",
+ type: {
+ name: "Composite",
+ className: "AlertsDataTypeOfDataConnector"
+ }
+ }
+ }
+ }
+};
+
+export const TIDataConnectorDataTypesIndicators: msRest.CompositeMapper = {
+ serializedName: "TIDataConnectorDataTypes_indicators",
+ type: {
+ name: "Composite",
+ className: "TIDataConnectorDataTypesIndicators",
+ modelProperties: {
+ ...DataConnectorDataTypeCommon.type.modelProperties
+ }
+ }
+};
+
+export const TIDataConnectorDataTypes: msRest.CompositeMapper = {
+ serializedName: "TIDataConnectorDataTypes",
+ type: {
+ name: "Composite",
+ className: "TIDataConnectorDataTypes",
+ modelProperties: {
+ indicators: {
+ serializedName: "indicators",
+ type: {
+ name: "Composite",
+ className: "TIDataConnectorDataTypesIndicators"
+ }
+ }
+ }
+ }
+};
+
+export const TIDataConnector: msRest.CompositeMapper = {
+ serializedName: "ThreatIntelligence",
+ type: {
+ name: "Composite",
+ polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator,
+ uberParent: "DataConnector",
+ className: "TIDataConnector",
+ modelProperties: {
+ ...DataConnector.type.modelProperties,
+ tenantId: {
+ serializedName: "properties.tenantId",
+ type: {
+ name: "String"
+ }
+ },
+ tipLookbackPeriod: {
+ nullable: true,
+ serializedName: "properties.tipLookbackPeriod",
+ type: {
+ name: "DateTime"
+ }
+ },
+ dataTypes: {
+ serializedName: "properties.dataTypes",
+ type: {
+ name: "Composite",
+ className: "TIDataConnectorDataTypes"
+ }
+ }
+ }
+ }
+};
+
+export const OfficeDataConnectorDataTypesExchange: msRest.CompositeMapper = {
+ serializedName: "OfficeDataConnectorDataTypes_exchange",
+ type: {
+ name: "Composite",
+ className: "OfficeDataConnectorDataTypesExchange",
+ modelProperties: {
+ ...DataConnectorDataTypeCommon.type.modelProperties
+ }
+ }
+};
+
+export const OfficeDataConnectorDataTypesSharePoint: msRest.CompositeMapper = {
+ serializedName: "OfficeDataConnectorDataTypes_sharePoint",
+ type: {
+ name: "Composite",
+ className: "OfficeDataConnectorDataTypesSharePoint",
+ modelProperties: {
+ ...DataConnectorDataTypeCommon.type.modelProperties
+ }
+ }
+};
+
+export const OfficeDataConnectorDataTypesTeams: msRest.CompositeMapper = {
+ serializedName: "OfficeDataConnectorDataTypes_teams",
+ type: {
+ name: "Composite",
+ className: "OfficeDataConnectorDataTypesTeams",
+ modelProperties: {
+ ...DataConnectorDataTypeCommon.type.modelProperties
+ }
+ }
+};
+
+export const OfficeDataConnectorDataTypes: msRest.CompositeMapper = {
+ serializedName: "OfficeDataConnectorDataTypes",
+ type: {
+ name: "Composite",
+ className: "OfficeDataConnectorDataTypes",
+ modelProperties: {
+ exchange: {
+ serializedName: "exchange",
+ type: {
+ name: "Composite",
+ className: "OfficeDataConnectorDataTypesExchange"
+ }
+ },
+ sharePoint: {
+ serializedName: "sharePoint",
+ type: {
+ name: "Composite",
+ className: "OfficeDataConnectorDataTypesSharePoint"
+ }
+ },
+ teams: {
+ serializedName: "teams",
+ type: {
+ name: "Composite",
+ className: "OfficeDataConnectorDataTypesTeams"
+ }
+ }
+ }
+ }
+};
+
+export const OfficeDataConnector: msRest.CompositeMapper = {
+ serializedName: "Office365",
+ type: {
+ name: "Composite",
+ polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator,
+ uberParent: "DataConnector",
+ className: "OfficeDataConnector",
+ modelProperties: {
+ ...DataConnector.type.modelProperties,
+ tenantId: {
+ serializedName: "properties.tenantId",
+ type: {
+ name: "String"
+ }
+ },
+ dataTypes: {
+ serializedName: "properties.dataTypes",
+ type: {
+ name: "Composite",
+ className: "OfficeDataConnectorDataTypes"
+ }
+ }
+ }
+ }
+};
+
+export const OfficeConsentList: msRest.CompositeMapper = {
+ serializedName: "OfficeConsentList",
+ type: {
+ name: "Composite",
+ className: "OfficeConsentList",
+ modelProperties: {
+ nextLink: {
+ readOnly: true,
+ serializedName: "nextLink",
+ type: {
+ name: "String"
+ }
+ },
+ value: {
+ required: true,
+ serializedName: "value",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "Composite",
+ className: "OfficeConsent"
+ }
+ }
+ }
+ }
+ }
+ }
+};
+
+export const OperationDisplay: msRest.CompositeMapper = {
+ serializedName: "Operation_display",
+ type: {
+ name: "Composite",
+ className: "OperationDisplay",
+ modelProperties: {
+ description: {
+ serializedName: "description",
+ type: {
+ name: "String"
+ }
+ },
+ operation: {
+ serializedName: "operation",
+ type: {
+ name: "String"
+ }
+ },
+ provider: {
+ serializedName: "provider",
+ type: {
+ name: "String"
+ }
+ },
+ resource: {
+ serializedName: "resource",
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+};
+
+export const Operation: msRest.CompositeMapper = {
+ serializedName: "Operation",
+ type: {
+ name: "Composite",
+ className: "Operation",
+ modelProperties: {
+ display: {
+ serializedName: "display",
+ type: {
+ name: "Composite",
+ className: "OperationDisplay"
+ }
+ },
+ name: {
+ serializedName: "name",
+ type: {
+ name: "String"
+ }
+ },
+ origin: {
+ serializedName: "origin",
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+};
+
+export const ThreatIntelligence: msRest.CompositeMapper = {
+ serializedName: "ThreatIntelligence",
+ type: {
+ name: "Composite",
+ className: "ThreatIntelligence",
+ modelProperties: {
+ confidence: {
+ readOnly: true,
+ serializedName: "confidence",
+ type: {
+ name: "Number"
+ }
+ },
+ providerName: {
+ readOnly: true,
+ serializedName: "providerName",
+ type: {
+ name: "String"
+ }
+ },
+ reportLink: {
+ readOnly: true,
+ serializedName: "reportLink",
+ type: {
+ name: "String"
+ }
+ },
+ threatDescription: {
+ readOnly: true,
+ serializedName: "threatDescription",
+ type: {
+ name: "String"
+ }
+ },
+ threatName: {
+ readOnly: true,
+ serializedName: "threatName",
+ type: {
+ name: "String"
+ }
+ },
+ threatType: {
+ readOnly: true,
+ serializedName: "threatType",
+ type: {
+ name: "String"
+ }
+ }
+ }
+ }
+};
+
+export const AlertRulesList: msRest.CompositeMapper = {
+ serializedName: "AlertRulesList",
+ type: {
+ name: "Composite",
+ className: "AlertRulesList",
+ modelProperties: {
+ nextLink: {
+ readOnly: true,
+ serializedName: "nextLink",
+ type: {
+ name: "String"
+ }
+ },
+ value: {
+ required: true,
+ serializedName: "",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "Composite",
+ className: "AlertRule"
+ }
+ }
+ }
+ }
+ }
+ }
+};
+
+export const ActionsList: msRest.CompositeMapper = {
+ serializedName: "ActionsList",
+ type: {
+ name: "Composite",
+ className: "ActionsList",
+ modelProperties: {
+ nextLink: {
+ readOnly: true,
+ serializedName: "nextLink",
+ type: {
+ name: "String"
+ }
+ },
+ value: {
+ required: true,
+ serializedName: "",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "Composite",
+ className: "ActionResponse"
+ }
+ }
+ }
+ }
+ }
+ }
+};
+
+export const AlertRuleTemplatesList: msRest.CompositeMapper = {
+ serializedName: "AlertRuleTemplatesList",
+ type: {
+ name: "Composite",
+ className: "AlertRuleTemplatesList",
+ modelProperties: {
+ nextLink: {
+ readOnly: true,
+ serializedName: "nextLink",
+ type: {
+ name: "String"
+ }
+ },
+ value: {
+ required: true,
+ serializedName: "",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "Composite",
+ className: "AlertRuleTemplate"
+ }
+ }
+ }
+ }
+ }
+ }
+};
+
+export const BookmarkList: msRest.CompositeMapper = {
+ serializedName: "BookmarkList",
+ type: {
+ name: "Composite",
+ className: "BookmarkList",
+ modelProperties: {
+ nextLink: {
+ readOnly: true,
+ serializedName: "nextLink",
+ type: {
+ name: "String"
+ }
+ },
+ value: {
+ required: true,
+ serializedName: "",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "Composite",
+ className: "Bookmark"
+ }
+ }
+ }
+ }
+ }
+ }
+};
+
+export const DataConnectorList: msRest.CompositeMapper = {
+ serializedName: "DataConnectorList",
+ type: {
+ name: "Composite",
+ className: "DataConnectorList",
+ modelProperties: {
+ nextLink: {
+ readOnly: true,
+ serializedName: "nextLink",
+ type: {
+ name: "String"
+ }
+ },
+ value: {
+ required: true,
+ serializedName: "",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "Composite",
+ className: "DataConnector"
+ }
+ }
+ }
+ }
+ }
+ }
+};
+
+export const OperationsList: msRest.CompositeMapper = {
+ serializedName: "OperationsList",
+ type: {
+ name: "Composite",
+ className: "OperationsList",
+ modelProperties: {
+ nextLink: {
+ serializedName: "nextLink",
+ type: {
+ name: "String"
+ }
+ },
+ value: {
+ required: true,
+ serializedName: "",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "Composite",
+ className: "Operation"
+ }
+ }
+ }
+ }
+ }
+ }
+};
+
+export const IncidentList: msRest.CompositeMapper = {
+ serializedName: "IncidentList",
+ type: {
+ name: "Composite",
+ className: "IncidentList",
+ modelProperties: {
+ nextLink: {
+ readOnly: true,
+ serializedName: "nextLink",
+ type: {
+ name: "String"
+ }
+ },
+ value: {
+ required: true,
+ serializedName: "",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "Composite",
+ className: "Incident"
+ }
+ }
+ }
+ }
+ }
+ }
+};
+
+export const IncidentCommentList: msRest.CompositeMapper = {
+ serializedName: "IncidentCommentList",
+ type: {
+ name: "Composite",
+ className: "IncidentCommentList",
+ modelProperties: {
+ nextLink: {
+ readOnly: true,
+ serializedName: "nextLink",
+ type: {
+ name: "String"
+ }
+ },
+ value: {
+ required: true,
+ serializedName: "",
+ type: {
+ name: "Sequence",
+ element: {
+ type: {
+ name: "Composite",
+ className: "IncidentComment"
+ }
+ }
+ }
+ }
+ }
+ }
+};
+
+export const discriminators = {
+ 'AlertRule' : AlertRule,
+ 'AlertRuleTemplate' : AlertRuleTemplate,
+ 'AlertRule.Fusion' : FusionAlertRule,
+ 'AlertRuleTemplate.Fusion' : FusionAlertRuleTemplate,
+ 'AlertRule.MicrosoftSecurityIncidentCreation' : MicrosoftSecurityIncidentCreationAlertRule,
+ 'AlertRuleTemplate.MicrosoftSecurityIncidentCreation' : MicrosoftSecurityIncidentCreationAlertRuleTemplate,
+ 'AlertRule.Scheduled' : ScheduledAlertRule,
+ 'AlertRuleTemplate.Scheduled' : ScheduledAlertRuleTemplate,
+ 'DataConnector.AzureActiveDirectory' : AADDataConnector,
+ 'DataConnector.AzureAdvancedThreatProtection' : AATPDataConnector,
+ 'DataConnector.AzureSecurityCenter' : ASCDataConnector,
+ 'DataConnector.AmazonWebServicesCloudTrail' : AwsCloudTrailDataConnector,
+ 'DataConnector' : DataConnector,
+ 'DataConnector.MicrosoftCloudAppSecurity' : MCASDataConnector,
+ 'DataConnector.MicrosoftDefenderAdvancedThreatProtection' : MDATPDataConnector,
+ 'DataConnector.ThreatIntelligence' : TIDataConnector,
+ 'DataConnector.Office365' : OfficeDataConnector
+
+};
diff --git a/sdk/securityinsight/arm-securityinsight/src/models/operationsMappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/operationsMappers.ts
new file mode 100644
index 000000000000..500c0fc2dfe3
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/src/models/operationsMappers.ts
@@ -0,0 +1,17 @@
+/*
+ * Copyright (c) Microsoft Corporation.
+ * Licensed under the MIT License.
+ *
+ * Code generated by Microsoft (R) AutoRest Code Generator.
+ * Changes may cause incorrect behavior and will be lost if the code is regenerated.
+ */
+
+export {
+ discriminators,
+ CloudError,
+ ErrorAdditionalInfo,
+ ErrorResponse,
+ Operation,
+ OperationDisplay,
+ OperationsList
+} from "../models/mappers";
diff --git a/sdk/securityinsight/arm-securityinsight/src/models/parameters.ts b/sdk/securityinsight/arm-securityinsight/src/models/parameters.ts
new file mode 100644
index 000000000000..f2e35b188ab0
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/src/models/parameters.ts
@@ -0,0 +1,204 @@
+/*
+ * Copyright (c) Microsoft Corporation.
+ * Licensed under the MIT License.
+ *
+ * Code generated by Microsoft (R) AutoRest Code Generator.
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+import * as msRest from "@azure/ms-rest-js";
+
+export const acceptLanguage: msRest.OperationParameter = {
+ parameterPath: "acceptLanguage",
+ mapper: {
+ serializedName: "accept-language",
+ defaultValue: 'en-US',
+ type: {
+ name: "String"
+ }
+ }
+};
+export const actionId: msRest.OperationURLParameter = {
+ parameterPath: "actionId",
+ mapper: {
+ required: true,
+ serializedName: "actionId",
+ type: {
+ name: "String"
+ }
+ }
+};
+export const alertRuleTemplateId: msRest.OperationURLParameter = {
+ parameterPath: "alertRuleTemplateId",
+ mapper: {
+ required: true,
+ serializedName: "alertRuleTemplateId",
+ type: {
+ name: "String"
+ }
+ }
+};
+export const apiVersion: msRest.OperationQueryParameter = {
+ parameterPath: "apiVersion",
+ mapper: {
+ required: true,
+ isConstant: true,
+ serializedName: "api-version",
+ defaultValue: '2020-01-01',
+ type: {
+ name: "String"
+ }
+ }
+};
+export const bookmarkId: msRest.OperationURLParameter = {
+ parameterPath: "bookmarkId",
+ mapper: {
+ required: true,
+ serializedName: "bookmarkId",
+ type: {
+ name: "String"
+ }
+ }
+};
+export const dataConnectorId: msRest.OperationURLParameter = {
+ parameterPath: "dataConnectorId",
+ mapper: {
+ required: true,
+ serializedName: "dataConnectorId",
+ type: {
+ name: "String"
+ }
+ }
+};
+export const filter: msRest.OperationQueryParameter = {
+ parameterPath: [
+ "options",
+ "filter"
+ ],
+ mapper: {
+ serializedName: "$filter",
+ type: {
+ name: "String"
+ }
+ }
+};
+export const incidentCommentId: msRest.OperationURLParameter = {
+ parameterPath: "incidentCommentId",
+ mapper: {
+ required: true,
+ serializedName: "incidentCommentId",
+ type: {
+ name: "String"
+ }
+ }
+};
+export const incidentId: msRest.OperationURLParameter = {
+ parameterPath: "incidentId",
+ mapper: {
+ required: true,
+ serializedName: "incidentId",
+ type: {
+ name: "String"
+ }
+ }
+};
+export const nextPageLink: msRest.OperationURLParameter = {
+ parameterPath: "nextPageLink",
+ mapper: {
+ required: true,
+ serializedName: "nextLink",
+ type: {
+ name: "String"
+ }
+ },
+ skipEncoding: true
+};
+export const orderby: msRest.OperationQueryParameter = {
+ parameterPath: [
+ "options",
+ "orderby"
+ ],
+ mapper: {
+ serializedName: "$orderby",
+ type: {
+ name: "String"
+ }
+ }
+};
+export const resourceGroupName: msRest.OperationURLParameter = {
+ parameterPath: "resourceGroupName",
+ mapper: {
+ required: true,
+ serializedName: "resourceGroupName",
+ constraints: {
+ MaxLength: 90,
+ MinLength: 1,
+ Pattern: /^[-\w\._\(\)]+$/
+ },
+ type: {
+ name: "String"
+ }
+ }
+};
+export const ruleId: msRest.OperationURLParameter = {
+ parameterPath: "ruleId",
+ mapper: {
+ required: true,
+ serializedName: "ruleId",
+ type: {
+ name: "String"
+ }
+ }
+};
+export const skipToken: msRest.OperationQueryParameter = {
+ parameterPath: [
+ "options",
+ "skipToken"
+ ],
+ mapper: {
+ serializedName: "$skipToken",
+ type: {
+ name: "String"
+ }
+ }
+};
+export const subscriptionId: msRest.OperationURLParameter = {
+ parameterPath: "subscriptionId",
+ mapper: {
+ required: true,
+ serializedName: "subscriptionId",
+ constraints: {
+ Pattern: /^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$/
+ },
+ type: {
+ name: "String"
+ }
+ }
+};
+export const top: msRest.OperationQueryParameter = {
+ parameterPath: [
+ "options",
+ "top"
+ ],
+ mapper: {
+ serializedName: "$top",
+ type: {
+ name: "Number"
+ }
+ }
+};
+export const workspaceName: msRest.OperationURLParameter = {
+ parameterPath: "workspaceName",
+ mapper: {
+ required: true,
+ serializedName: "workspaceName",
+ constraints: {
+ MaxLength: 90,
+ MinLength: 1
+ },
+ type: {
+ name: "String"
+ }
+ }
+};
diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/actions.ts b/sdk/securityinsight/arm-securityinsight/src/operations/actions.ts
new file mode 100644
index 000000000000..b136b6c353dd
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/src/operations/actions.ts
@@ -0,0 +1,369 @@
+/*
+ * Copyright (c) Microsoft Corporation.
+ * Licensed under the MIT License.
+ *
+ * Code generated by Microsoft (R) AutoRest Code Generator.
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+import * as msRest from "@azure/ms-rest-js";
+import * as Models from "../models";
+import * as Mappers from "../models/actionsMappers";
+import * as Parameters from "../models/parameters";
+import { SecurityInsightsContext } from "../securityInsightsContext";
+
+/** Class representing a Actions. */
+export class Actions {
+ private readonly client: SecurityInsightsContext;
+
+ /**
+ * Create a Actions.
+ * @param {SecurityInsightsContext} client Reference to the service client.
+ */
+ constructor(client: SecurityInsightsContext) {
+ this.client = client;
+ }
+
+ /**
+ * Gets all actions of alert rule.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ listByAlertRule(resourceGroupName: string, workspaceName: string, ruleId: string, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID
+ * @param callback The callback
+ */
+ listByAlertRule(resourceGroupName: string, workspaceName: string, ruleId: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ listByAlertRule(resourceGroupName: string, workspaceName: string, ruleId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ listByAlertRule(resourceGroupName: string, workspaceName: string, ruleId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ ruleId,
+ options
+ },
+ listByAlertRuleOperationSpec,
+ callback) as Promise;
+ }
+
+ /**
+ * Gets the action of alert rule.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID
+ * @param actionId Action ID
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ get(resourceGroupName: string, workspaceName: string, ruleId: string, actionId: string, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID
+ * @param actionId Action ID
+ * @param callback The callback
+ */
+ get(resourceGroupName: string, workspaceName: string, ruleId: string, actionId: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID
+ * @param actionId Action ID
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ get(resourceGroupName: string, workspaceName: string, ruleId: string, actionId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ get(resourceGroupName: string, workspaceName: string, ruleId: string, actionId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ ruleId,
+ actionId,
+ options
+ },
+ getOperationSpec,
+ callback) as Promise;
+ }
+
+ /**
+ * Creates or updates the action of alert rule.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID
+ * @param actionId Action ID
+ * @param action The action
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ createOrUpdate(resourceGroupName: string, workspaceName: string, ruleId: string, actionId: string, action: Models.ActionRequest, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID
+ * @param actionId Action ID
+ * @param action The action
+ * @param callback The callback
+ */
+ createOrUpdate(resourceGroupName: string, workspaceName: string, ruleId: string, actionId: string, action: Models.ActionRequest, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID
+ * @param actionId Action ID
+ * @param action The action
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ createOrUpdate(resourceGroupName: string, workspaceName: string, ruleId: string, actionId: string, action: Models.ActionRequest, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ createOrUpdate(resourceGroupName: string, workspaceName: string, ruleId: string, actionId: string, action: Models.ActionRequest, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ ruleId,
+ actionId,
+ action,
+ options
+ },
+ createOrUpdateOperationSpec,
+ callback) as Promise;
+ }
+
+ /**
+ * Delete the action of alert rule.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID
+ * @param actionId Action ID
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ deleteMethod(resourceGroupName: string, workspaceName: string, ruleId: string, actionId: string, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID
+ * @param actionId Action ID
+ * @param callback The callback
+ */
+ deleteMethod(resourceGroupName: string, workspaceName: string, ruleId: string, actionId: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID
+ * @param actionId Action ID
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ deleteMethod(resourceGroupName: string, workspaceName: string, ruleId: string, actionId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ deleteMethod(resourceGroupName: string, workspaceName: string, ruleId: string, actionId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ ruleId,
+ actionId,
+ options
+ },
+ deleteMethodOperationSpec,
+ callback);
+ }
+
+ /**
+ * Gets all actions of alert rule.
+ * @param nextPageLink The NextLink from the previous successful call to List operation.
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ listByAlertRuleNext(nextPageLink: string, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param nextPageLink The NextLink from the previous successful call to List operation.
+ * @param callback The callback
+ */
+ listByAlertRuleNext(nextPageLink: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param nextPageLink The NextLink from the previous successful call to List operation.
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ listByAlertRuleNext(nextPageLink: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ listByAlertRuleNext(nextPageLink: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ nextPageLink,
+ options
+ },
+ listByAlertRuleNextOperationSpec,
+ callback) as Promise;
+ }
+}
+
+// Operation Specifications
+const serializer = new msRest.Serializer(Mappers);
+const listByAlertRuleOperationSpec: msRest.OperationSpec = {
+ httpMethod: "GET",
+ path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions",
+ urlParameters: [
+ Parameters.subscriptionId,
+ Parameters.resourceGroupName,
+ Parameters.workspaceName,
+ Parameters.ruleId
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {
+ bodyMapper: Mappers.ActionsList
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
+
+const getOperationSpec: msRest.OperationSpec = {
+ httpMethod: "GET",
+ path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}",
+ urlParameters: [
+ Parameters.subscriptionId,
+ Parameters.resourceGroupName,
+ Parameters.workspaceName,
+ Parameters.ruleId,
+ Parameters.actionId
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {
+ bodyMapper: Mappers.ActionResponse
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
+
+const createOrUpdateOperationSpec: msRest.OperationSpec = {
+ httpMethod: "PUT",
+ path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}",
+ urlParameters: [
+ Parameters.subscriptionId,
+ Parameters.resourceGroupName,
+ Parameters.workspaceName,
+ Parameters.ruleId,
+ Parameters.actionId
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ requestBody: {
+ parameterPath: "action",
+ mapper: {
+ ...Mappers.ActionRequest,
+ required: true
+ }
+ },
+ responses: {
+ 200: {
+ bodyMapper: Mappers.ActionResponse
+ },
+ 201: {
+ bodyMapper: Mappers.ActionResponse
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
+
+const deleteMethodOperationSpec: msRest.OperationSpec = {
+ httpMethod: "DELETE",
+ path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}",
+ urlParameters: [
+ Parameters.subscriptionId,
+ Parameters.resourceGroupName,
+ Parameters.workspaceName,
+ Parameters.ruleId,
+ Parameters.actionId
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {},
+ 204: {},
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
+
+const listByAlertRuleNextOperationSpec: msRest.OperationSpec = {
+ httpMethod: "GET",
+ baseUrl: "https://management.azure.com",
+ path: "{nextLink}",
+ urlParameters: [
+ Parameters.nextPageLink
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {
+ bodyMapper: Mappers.ActionsList
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/alertRuleTemplates.ts b/sdk/securityinsight/arm-securityinsight/src/operations/alertRuleTemplates.ts
new file mode 100644
index 000000000000..44ef5981e258
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/src/operations/alertRuleTemplates.ts
@@ -0,0 +1,206 @@
+/*
+ * Copyright (c) Microsoft Corporation.
+ * Licensed under the MIT License.
+ *
+ * Code generated by Microsoft (R) AutoRest Code Generator.
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+import * as msRest from "@azure/ms-rest-js";
+import * as Models from "../models";
+import * as Mappers from "../models/alertRuleTemplatesMappers";
+import * as Parameters from "../models/parameters";
+import { SecurityInsightsContext } from "../securityInsightsContext";
+
+/** Class representing a AlertRuleTemplates. */
+export class AlertRuleTemplates {
+ private readonly client: SecurityInsightsContext;
+
+ /**
+ * Create a AlertRuleTemplates.
+ * @param {SecurityInsightsContext} client Reference to the service client.
+ */
+ constructor(client: SecurityInsightsContext) {
+ this.client = client;
+ }
+
+ /**
+ * Gets all alert rule templates.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ list(resourceGroupName: string, workspaceName: string, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param callback The callback
+ */
+ list(resourceGroupName: string, workspaceName: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ list(resourceGroupName: string, workspaceName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ list(resourceGroupName: string, workspaceName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ options
+ },
+ listOperationSpec,
+ callback) as Promise;
+ }
+
+ /**
+ * Gets the alert rule template.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param alertRuleTemplateId Alert rule template ID
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ get(resourceGroupName: string, workspaceName: string, alertRuleTemplateId: string, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param alertRuleTemplateId Alert rule template ID
+ * @param callback The callback
+ */
+ get(resourceGroupName: string, workspaceName: string, alertRuleTemplateId: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param alertRuleTemplateId Alert rule template ID
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ get(resourceGroupName: string, workspaceName: string, alertRuleTemplateId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ get(resourceGroupName: string, workspaceName: string, alertRuleTemplateId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ alertRuleTemplateId,
+ options
+ },
+ getOperationSpec,
+ callback) as Promise;
+ }
+
+ /**
+ * Gets all alert rule templates.
+ * @param nextPageLink The NextLink from the previous successful call to List operation.
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ listNext(nextPageLink: string, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param nextPageLink The NextLink from the previous successful call to List operation.
+ * @param callback The callback
+ */
+ listNext(nextPageLink: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param nextPageLink The NextLink from the previous successful call to List operation.
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ listNext(nextPageLink: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ listNext(nextPageLink: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ nextPageLink,
+ options
+ },
+ listNextOperationSpec,
+ callback) as Promise;
+ }
+}
+
+// Operation Specifications
+const serializer = new msRest.Serializer(Mappers);
+const listOperationSpec: msRest.OperationSpec = {
+ httpMethod: "GET",
+ path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRuleTemplates",
+ urlParameters: [
+ Parameters.subscriptionId,
+ Parameters.resourceGroupName,
+ Parameters.workspaceName
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {
+ bodyMapper: Mappers.AlertRuleTemplatesList
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
+
+const getOperationSpec: msRest.OperationSpec = {
+ httpMethod: "GET",
+ path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRuleTemplates/{alertRuleTemplateId}",
+ urlParameters: [
+ Parameters.subscriptionId,
+ Parameters.resourceGroupName,
+ Parameters.workspaceName,
+ Parameters.alertRuleTemplateId
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {
+ bodyMapper: Mappers.AlertRuleTemplate
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
+
+const listNextOperationSpec: msRest.OperationSpec = {
+ httpMethod: "GET",
+ baseUrl: "https://management.azure.com",
+ path: "{nextLink}",
+ urlParameters: [
+ Parameters.nextPageLink
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {
+ bodyMapper: Mappers.AlertRuleTemplatesList
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/alertRules.ts b/sdk/securityinsight/arm-securityinsight/src/operations/alertRules.ts
new file mode 100644
index 000000000000..4b3b1d0c71ee
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/src/operations/alertRules.ts
@@ -0,0 +1,349 @@
+/*
+ * Copyright (c) Microsoft Corporation.
+ * Licensed under the MIT License.
+ *
+ * Code generated by Microsoft (R) AutoRest Code Generator.
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+import * as msRest from "@azure/ms-rest-js";
+import * as Models from "../models";
+import * as Mappers from "../models/alertRulesMappers";
+import * as Parameters from "../models/parameters";
+import { SecurityInsightsContext } from "../securityInsightsContext";
+
+/** Class representing a AlertRules. */
+export class AlertRules {
+ private readonly client: SecurityInsightsContext;
+
+ /**
+ * Create a AlertRules.
+ * @param {SecurityInsightsContext} client Reference to the service client.
+ */
+ constructor(client: SecurityInsightsContext) {
+ this.client = client;
+ }
+
+ /**
+ * Gets all alert rules.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ list(resourceGroupName: string, workspaceName: string, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param callback The callback
+ */
+ list(resourceGroupName: string, workspaceName: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ list(resourceGroupName: string, workspaceName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ list(resourceGroupName: string, workspaceName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ options
+ },
+ listOperationSpec,
+ callback) as Promise;
+ }
+
+ /**
+ * Gets the alert rule.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ get(resourceGroupName: string, workspaceName: string, ruleId: string, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID
+ * @param callback The callback
+ */
+ get(resourceGroupName: string, workspaceName: string, ruleId: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ get(resourceGroupName: string, workspaceName: string, ruleId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ get(resourceGroupName: string, workspaceName: string, ruleId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ ruleId,
+ options
+ },
+ getOperationSpec,
+ callback) as Promise;
+ }
+
+ /**
+ * Creates or updates the alert rule.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID
+ * @param alertRule The alert rule
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ createOrUpdate(resourceGroupName: string, workspaceName: string, ruleId: string, alertRule: Models.AlertRuleUnion, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID
+ * @param alertRule The alert rule
+ * @param callback The callback
+ */
+ createOrUpdate(resourceGroupName: string, workspaceName: string, ruleId: string, alertRule: Models.AlertRuleUnion, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID
+ * @param alertRule The alert rule
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ createOrUpdate(resourceGroupName: string, workspaceName: string, ruleId: string, alertRule: Models.AlertRuleUnion, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ createOrUpdate(resourceGroupName: string, workspaceName: string, ruleId: string, alertRule: Models.AlertRuleUnion, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ ruleId,
+ alertRule,
+ options
+ },
+ createOrUpdateOperationSpec,
+ callback) as Promise;
+ }
+
+ /**
+ * Delete the alert rule.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ deleteMethod(resourceGroupName: string, workspaceName: string, ruleId: string, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID
+ * @param callback The callback
+ */
+ deleteMethod(resourceGroupName: string, workspaceName: string, ruleId: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ deleteMethod(resourceGroupName: string, workspaceName: string, ruleId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ deleteMethod(resourceGroupName: string, workspaceName: string, ruleId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ ruleId,
+ options
+ },
+ deleteMethodOperationSpec,
+ callback);
+ }
+
+ /**
+ * Gets all alert rules.
+ * @param nextPageLink The NextLink from the previous successful call to List operation.
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ listNext(nextPageLink: string, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param nextPageLink The NextLink from the previous successful call to List operation.
+ * @param callback The callback
+ */
+ listNext(nextPageLink: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param nextPageLink The NextLink from the previous successful call to List operation.
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ listNext(nextPageLink: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ listNext(nextPageLink: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ nextPageLink,
+ options
+ },
+ listNextOperationSpec,
+ callback) as Promise;
+ }
+}
+
+// Operation Specifications
+const serializer = new msRest.Serializer(Mappers);
+const listOperationSpec: msRest.OperationSpec = {
+ httpMethod: "GET",
+ path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules",
+ urlParameters: [
+ Parameters.subscriptionId,
+ Parameters.resourceGroupName,
+ Parameters.workspaceName
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {
+ bodyMapper: Mappers.AlertRulesList
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
+
+const getOperationSpec: msRest.OperationSpec = {
+ httpMethod: "GET",
+ path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}",
+ urlParameters: [
+ Parameters.subscriptionId,
+ Parameters.resourceGroupName,
+ Parameters.workspaceName,
+ Parameters.ruleId
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {
+ bodyMapper: Mappers.AlertRule
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
+
+const createOrUpdateOperationSpec: msRest.OperationSpec = {
+ httpMethod: "PUT",
+ path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}",
+ urlParameters: [
+ Parameters.subscriptionId,
+ Parameters.resourceGroupName,
+ Parameters.workspaceName,
+ Parameters.ruleId
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ requestBody: {
+ parameterPath: "alertRule",
+ mapper: {
+ ...Mappers.AlertRule,
+ required: true
+ }
+ },
+ responses: {
+ 200: {
+ bodyMapper: Mappers.AlertRule
+ },
+ 201: {
+ bodyMapper: Mappers.AlertRule
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
+
+const deleteMethodOperationSpec: msRest.OperationSpec = {
+ httpMethod: "DELETE",
+ path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}",
+ urlParameters: [
+ Parameters.subscriptionId,
+ Parameters.resourceGroupName,
+ Parameters.workspaceName,
+ Parameters.ruleId
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {},
+ 204: {},
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
+
+const listNextOperationSpec: msRest.OperationSpec = {
+ httpMethod: "GET",
+ baseUrl: "https://management.azure.com",
+ path: "{nextLink}",
+ urlParameters: [
+ Parameters.nextPageLink
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {
+ bodyMapper: Mappers.AlertRulesList
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/bookmarks.ts b/sdk/securityinsight/arm-securityinsight/src/operations/bookmarks.ts
new file mode 100644
index 000000000000..9894a60d4204
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/src/operations/bookmarks.ts
@@ -0,0 +1,349 @@
+/*
+ * Copyright (c) Microsoft Corporation.
+ * Licensed under the MIT License.
+ *
+ * Code generated by Microsoft (R) AutoRest Code Generator.
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+import * as msRest from "@azure/ms-rest-js";
+import * as Models from "../models";
+import * as Mappers from "../models/bookmarksMappers";
+import * as Parameters from "../models/parameters";
+import { SecurityInsightsContext } from "../securityInsightsContext";
+
+/** Class representing a Bookmarks. */
+export class Bookmarks {
+ private readonly client: SecurityInsightsContext;
+
+ /**
+ * Create a Bookmarks.
+ * @param {SecurityInsightsContext} client Reference to the service client.
+ */
+ constructor(client: SecurityInsightsContext) {
+ this.client = client;
+ }
+
+ /**
+ * Gets all bookmarks.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ list(resourceGroupName: string, workspaceName: string, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param callback The callback
+ */
+ list(resourceGroupName: string, workspaceName: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ list(resourceGroupName: string, workspaceName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ list(resourceGroupName: string, workspaceName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ options
+ },
+ listOperationSpec,
+ callback) as Promise;
+ }
+
+ /**
+ * Gets a bookmark.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param bookmarkId Bookmark ID
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ get(resourceGroupName: string, workspaceName: string, bookmarkId: string, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param bookmarkId Bookmark ID
+ * @param callback The callback
+ */
+ get(resourceGroupName: string, workspaceName: string, bookmarkId: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param bookmarkId Bookmark ID
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ get(resourceGroupName: string, workspaceName: string, bookmarkId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ get(resourceGroupName: string, workspaceName: string, bookmarkId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ bookmarkId,
+ options
+ },
+ getOperationSpec,
+ callback) as Promise;
+ }
+
+ /**
+ * Creates or updates the bookmark.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param bookmarkId Bookmark ID
+ * @param bookmark The bookmark
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ createOrUpdate(resourceGroupName: string, workspaceName: string, bookmarkId: string, bookmark: Models.Bookmark, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param bookmarkId Bookmark ID
+ * @param bookmark The bookmark
+ * @param callback The callback
+ */
+ createOrUpdate(resourceGroupName: string, workspaceName: string, bookmarkId: string, bookmark: Models.Bookmark, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param bookmarkId Bookmark ID
+ * @param bookmark The bookmark
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ createOrUpdate(resourceGroupName: string, workspaceName: string, bookmarkId: string, bookmark: Models.Bookmark, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ createOrUpdate(resourceGroupName: string, workspaceName: string, bookmarkId: string, bookmark: Models.Bookmark, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ bookmarkId,
+ bookmark,
+ options
+ },
+ createOrUpdateOperationSpec,
+ callback) as Promise;
+ }
+
+ /**
+ * Delete the bookmark.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param bookmarkId Bookmark ID
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ deleteMethod(resourceGroupName: string, workspaceName: string, bookmarkId: string, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param bookmarkId Bookmark ID
+ * @param callback The callback
+ */
+ deleteMethod(resourceGroupName: string, workspaceName: string, bookmarkId: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param bookmarkId Bookmark ID
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ deleteMethod(resourceGroupName: string, workspaceName: string, bookmarkId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ deleteMethod(resourceGroupName: string, workspaceName: string, bookmarkId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ bookmarkId,
+ options
+ },
+ deleteMethodOperationSpec,
+ callback);
+ }
+
+ /**
+ * Gets all bookmarks.
+ * @param nextPageLink The NextLink from the previous successful call to List operation.
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ listNext(nextPageLink: string, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param nextPageLink The NextLink from the previous successful call to List operation.
+ * @param callback The callback
+ */
+ listNext(nextPageLink: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param nextPageLink The NextLink from the previous successful call to List operation.
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ listNext(nextPageLink: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ listNext(nextPageLink: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ nextPageLink,
+ options
+ },
+ listNextOperationSpec,
+ callback) as Promise;
+ }
+}
+
+// Operation Specifications
+const serializer = new msRest.Serializer(Mappers);
+const listOperationSpec: msRest.OperationSpec = {
+ httpMethod: "GET",
+ path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks",
+ urlParameters: [
+ Parameters.subscriptionId,
+ Parameters.resourceGroupName,
+ Parameters.workspaceName
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {
+ bodyMapper: Mappers.BookmarkList
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
+
+const getOperationSpec: msRest.OperationSpec = {
+ httpMethod: "GET",
+ path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}",
+ urlParameters: [
+ Parameters.subscriptionId,
+ Parameters.resourceGroupName,
+ Parameters.workspaceName,
+ Parameters.bookmarkId
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {
+ bodyMapper: Mappers.Bookmark
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
+
+const createOrUpdateOperationSpec: msRest.OperationSpec = {
+ httpMethod: "PUT",
+ path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}",
+ urlParameters: [
+ Parameters.subscriptionId,
+ Parameters.resourceGroupName,
+ Parameters.workspaceName,
+ Parameters.bookmarkId
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ requestBody: {
+ parameterPath: "bookmark",
+ mapper: {
+ ...Mappers.Bookmark,
+ required: true
+ }
+ },
+ responses: {
+ 200: {
+ bodyMapper: Mappers.Bookmark
+ },
+ 201: {
+ bodyMapper: Mappers.Bookmark
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
+
+const deleteMethodOperationSpec: msRest.OperationSpec = {
+ httpMethod: "DELETE",
+ path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}",
+ urlParameters: [
+ Parameters.subscriptionId,
+ Parameters.resourceGroupName,
+ Parameters.workspaceName,
+ Parameters.bookmarkId
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {},
+ 204: {},
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
+
+const listNextOperationSpec: msRest.OperationSpec = {
+ httpMethod: "GET",
+ baseUrl: "https://management.azure.com",
+ path: "{nextLink}",
+ urlParameters: [
+ Parameters.nextPageLink
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {
+ bodyMapper: Mappers.BookmarkList
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/dataConnectors.ts b/sdk/securityinsight/arm-securityinsight/src/operations/dataConnectors.ts
new file mode 100644
index 000000000000..377b5ceaddc8
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/src/operations/dataConnectors.ts
@@ -0,0 +1,349 @@
+/*
+ * Copyright (c) Microsoft Corporation.
+ * Licensed under the MIT License.
+ *
+ * Code generated by Microsoft (R) AutoRest Code Generator.
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+import * as msRest from "@azure/ms-rest-js";
+import * as Models from "../models";
+import * as Mappers from "../models/dataConnectorsMappers";
+import * as Parameters from "../models/parameters";
+import { SecurityInsightsContext } from "../securityInsightsContext";
+
+/** Class representing a DataConnectors. */
+export class DataConnectors {
+ private readonly client: SecurityInsightsContext;
+
+ /**
+ * Create a DataConnectors.
+ * @param {SecurityInsightsContext} client Reference to the service client.
+ */
+ constructor(client: SecurityInsightsContext) {
+ this.client = client;
+ }
+
+ /**
+ * Gets all data connectors.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ list(resourceGroupName: string, workspaceName: string, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param callback The callback
+ */
+ list(resourceGroupName: string, workspaceName: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ list(resourceGroupName: string, workspaceName: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ list(resourceGroupName: string, workspaceName: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ options
+ },
+ listOperationSpec,
+ callback) as Promise;
+ }
+
+ /**
+ * Gets a data connector.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param dataConnectorId Connector ID
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ get(resourceGroupName: string, workspaceName: string, dataConnectorId: string, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param dataConnectorId Connector ID
+ * @param callback The callback
+ */
+ get(resourceGroupName: string, workspaceName: string, dataConnectorId: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param dataConnectorId Connector ID
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ get(resourceGroupName: string, workspaceName: string, dataConnectorId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ get(resourceGroupName: string, workspaceName: string, dataConnectorId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ dataConnectorId,
+ options
+ },
+ getOperationSpec,
+ callback) as Promise;
+ }
+
+ /**
+ * Creates or updates the data connector.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param dataConnectorId Connector ID
+ * @param dataConnector The data connector
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ createOrUpdate(resourceGroupName: string, workspaceName: string, dataConnectorId: string, dataConnector: Models.DataConnectorUnion, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param dataConnectorId Connector ID
+ * @param dataConnector The data connector
+ * @param callback The callback
+ */
+ createOrUpdate(resourceGroupName: string, workspaceName: string, dataConnectorId: string, dataConnector: Models.DataConnectorUnion, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param dataConnectorId Connector ID
+ * @param dataConnector The data connector
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ createOrUpdate(resourceGroupName: string, workspaceName: string, dataConnectorId: string, dataConnector: Models.DataConnectorUnion, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ createOrUpdate(resourceGroupName: string, workspaceName: string, dataConnectorId: string, dataConnector: Models.DataConnectorUnion, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ dataConnectorId,
+ dataConnector,
+ options
+ },
+ createOrUpdateOperationSpec,
+ callback) as Promise;
+ }
+
+ /**
+ * Delete the data connector.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param dataConnectorId Connector ID
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ deleteMethod(resourceGroupName: string, workspaceName: string, dataConnectorId: string, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param dataConnectorId Connector ID
+ * @param callback The callback
+ */
+ deleteMethod(resourceGroupName: string, workspaceName: string, dataConnectorId: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param dataConnectorId Connector ID
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ deleteMethod(resourceGroupName: string, workspaceName: string, dataConnectorId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ deleteMethod(resourceGroupName: string, workspaceName: string, dataConnectorId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ dataConnectorId,
+ options
+ },
+ deleteMethodOperationSpec,
+ callback);
+ }
+
+ /**
+ * Gets all data connectors.
+ * @param nextPageLink The NextLink from the previous successful call to List operation.
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ listNext(nextPageLink: string, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param nextPageLink The NextLink from the previous successful call to List operation.
+ * @param callback The callback
+ */
+ listNext(nextPageLink: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param nextPageLink The NextLink from the previous successful call to List operation.
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ listNext(nextPageLink: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ listNext(nextPageLink: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ nextPageLink,
+ options
+ },
+ listNextOperationSpec,
+ callback) as Promise;
+ }
+}
+
+// Operation Specifications
+const serializer = new msRest.Serializer(Mappers);
+const listOperationSpec: msRest.OperationSpec = {
+ httpMethod: "GET",
+ path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors",
+ urlParameters: [
+ Parameters.subscriptionId,
+ Parameters.resourceGroupName,
+ Parameters.workspaceName
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {
+ bodyMapper: Mappers.DataConnectorList
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
+
+const getOperationSpec: msRest.OperationSpec = {
+ httpMethod: "GET",
+ path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}",
+ urlParameters: [
+ Parameters.subscriptionId,
+ Parameters.resourceGroupName,
+ Parameters.workspaceName,
+ Parameters.dataConnectorId
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {
+ bodyMapper: Mappers.DataConnector
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
+
+const createOrUpdateOperationSpec: msRest.OperationSpec = {
+ httpMethod: "PUT",
+ path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}",
+ urlParameters: [
+ Parameters.subscriptionId,
+ Parameters.resourceGroupName,
+ Parameters.workspaceName,
+ Parameters.dataConnectorId
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ requestBody: {
+ parameterPath: "dataConnector",
+ mapper: {
+ ...Mappers.DataConnector,
+ required: true
+ }
+ },
+ responses: {
+ 200: {
+ bodyMapper: Mappers.DataConnector
+ },
+ 201: {
+ bodyMapper: Mappers.DataConnector
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
+
+const deleteMethodOperationSpec: msRest.OperationSpec = {
+ httpMethod: "DELETE",
+ path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors/{dataConnectorId}",
+ urlParameters: [
+ Parameters.subscriptionId,
+ Parameters.resourceGroupName,
+ Parameters.workspaceName,
+ Parameters.dataConnectorId
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {},
+ 204: {},
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
+
+const listNextOperationSpec: msRest.OperationSpec = {
+ httpMethod: "GET",
+ baseUrl: "https://management.azure.com",
+ path: "{nextLink}",
+ urlParameters: [
+ Parameters.nextPageLink
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {
+ bodyMapper: Mappers.DataConnectorList
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/incidentComments.ts b/sdk/securityinsight/arm-securityinsight/src/operations/incidentComments.ts
new file mode 100644
index 000000000000..4e0c7e126dac
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/src/operations/incidentComments.ts
@@ -0,0 +1,305 @@
+/*
+ * Copyright (c) Microsoft Corporation.
+ * Licensed under the MIT License.
+ *
+ * Code generated by Microsoft (R) AutoRest Code Generator.
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+import * as msRest from "@azure/ms-rest-js";
+import * as Models from "../models";
+import * as Mappers from "../models/incidentCommentsMappers";
+import * as Parameters from "../models/parameters";
+import { SecurityInsightsContext } from "../securityInsightsContext";
+
+/** Class representing a IncidentComments. */
+export class IncidentComments {
+ private readonly client: SecurityInsightsContext;
+
+ /**
+ * Create a IncidentComments.
+ * @param {SecurityInsightsContext} client Reference to the service client.
+ */
+ constructor(client: SecurityInsightsContext) {
+ this.client = client;
+ }
+
+ /**
+ * Gets all incident comments.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param incidentId Incident ID
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ listByIncident(resourceGroupName: string, workspaceName: string, incidentId: string, options?: Models.IncidentCommentsListByIncidentOptionalParams): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param incidentId Incident ID
+ * @param callback The callback
+ */
+ listByIncident(resourceGroupName: string, workspaceName: string, incidentId: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param incidentId Incident ID
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ listByIncident(resourceGroupName: string, workspaceName: string, incidentId: string, options: Models.IncidentCommentsListByIncidentOptionalParams, callback: msRest.ServiceCallback): void;
+ listByIncident(resourceGroupName: string, workspaceName: string, incidentId: string, options?: Models.IncidentCommentsListByIncidentOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ incidentId,
+ options
+ },
+ listByIncidentOperationSpec,
+ callback) as Promise;
+ }
+
+ /**
+ * Gets an incident comment.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param incidentId Incident ID
+ * @param incidentCommentId Incident comment ID
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ get(resourceGroupName: string, workspaceName: string, incidentId: string, incidentCommentId: string, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param incidentId Incident ID
+ * @param incidentCommentId Incident comment ID
+ * @param callback The callback
+ */
+ get(resourceGroupName: string, workspaceName: string, incidentId: string, incidentCommentId: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param incidentId Incident ID
+ * @param incidentCommentId Incident comment ID
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ get(resourceGroupName: string, workspaceName: string, incidentId: string, incidentCommentId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ get(resourceGroupName: string, workspaceName: string, incidentId: string, incidentCommentId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ incidentId,
+ incidentCommentId,
+ options
+ },
+ getOperationSpec,
+ callback) as Promise;
+ }
+
+ /**
+ * Creates the incident comment.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param incidentId Incident ID
+ * @param incidentCommentId Incident comment ID
+ * @param incidentComment The incident comment
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ createComment(resourceGroupName: string, workspaceName: string, incidentId: string, incidentCommentId: string, incidentComment: Models.IncidentComment, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param incidentId Incident ID
+ * @param incidentCommentId Incident comment ID
+ * @param incidentComment The incident comment
+ * @param callback The callback
+ */
+ createComment(resourceGroupName: string, workspaceName: string, incidentId: string, incidentCommentId: string, incidentComment: Models.IncidentComment, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param incidentId Incident ID
+ * @param incidentCommentId Incident comment ID
+ * @param incidentComment The incident comment
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ createComment(resourceGroupName: string, workspaceName: string, incidentId: string, incidentCommentId: string, incidentComment: Models.IncidentComment, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ createComment(resourceGroupName: string, workspaceName: string, incidentId: string, incidentCommentId: string, incidentComment: Models.IncidentComment, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ incidentId,
+ incidentCommentId,
+ incidentComment,
+ options
+ },
+ createCommentOperationSpec,
+ callback) as Promise;
+ }
+
+ /**
+ * Gets all incident comments.
+ * @param nextPageLink The NextLink from the previous successful call to List operation.
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ listByIncidentNext(nextPageLink: string, options?: Models.IncidentCommentsListByIncidentNextOptionalParams): Promise;
+ /**
+ * @param nextPageLink The NextLink from the previous successful call to List operation.
+ * @param callback The callback
+ */
+ listByIncidentNext(nextPageLink: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param nextPageLink The NextLink from the previous successful call to List operation.
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ listByIncidentNext(nextPageLink: string, options: Models.IncidentCommentsListByIncidentNextOptionalParams, callback: msRest.ServiceCallback): void;
+ listByIncidentNext(nextPageLink: string, options?: Models.IncidentCommentsListByIncidentNextOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ nextPageLink,
+ options
+ },
+ listByIncidentNextOperationSpec,
+ callback) as Promise;
+ }
+}
+
+// Operation Specifications
+const serializer = new msRest.Serializer(Mappers);
+const listByIncidentOperationSpec: msRest.OperationSpec = {
+ httpMethod: "GET",
+ path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/comments",
+ urlParameters: [
+ Parameters.subscriptionId,
+ Parameters.resourceGroupName,
+ Parameters.workspaceName,
+ Parameters.incidentId
+ ],
+ queryParameters: [
+ Parameters.apiVersion,
+ Parameters.filter,
+ Parameters.orderby,
+ Parameters.top,
+ Parameters.skipToken
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {
+ bodyMapper: Mappers.IncidentCommentList
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
+
+const getOperationSpec: msRest.OperationSpec = {
+ httpMethod: "GET",
+ path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/comments/{incidentCommentId}",
+ urlParameters: [
+ Parameters.subscriptionId,
+ Parameters.resourceGroupName,
+ Parameters.workspaceName,
+ Parameters.incidentId,
+ Parameters.incidentCommentId
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {
+ bodyMapper: Mappers.IncidentComment
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
+
+const createCommentOperationSpec: msRest.OperationSpec = {
+ httpMethod: "PUT",
+ path: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/comments/{incidentCommentId}",
+ urlParameters: [
+ Parameters.subscriptionId,
+ Parameters.resourceGroupName,
+ Parameters.workspaceName,
+ Parameters.incidentId,
+ Parameters.incidentCommentId
+ ],
+ queryParameters: [
+ Parameters.apiVersion
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ requestBody: {
+ parameterPath: "incidentComment",
+ mapper: {
+ ...Mappers.IncidentComment,
+ required: true
+ }
+ },
+ responses: {
+ 201: {
+ bodyMapper: Mappers.IncidentComment
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
+
+const listByIncidentNextOperationSpec: msRest.OperationSpec = {
+ httpMethod: "GET",
+ baseUrl: "https://management.azure.com",
+ path: "{nextLink}",
+ urlParameters: [
+ Parameters.nextPageLink
+ ],
+ queryParameters: [
+ Parameters.apiVersion,
+ Parameters.filter,
+ Parameters.orderby,
+ Parameters.top,
+ Parameters.skipToken
+ ],
+ headerParameters: [
+ Parameters.acceptLanguage
+ ],
+ responses: {
+ 200: {
+ bodyMapper: Mappers.IncidentCommentList
+ },
+ default: {
+ bodyMapper: Mappers.CloudError
+ }
+ },
+ serializer
+};
diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/incidents.ts b/sdk/securityinsight/arm-securityinsight/src/operations/incidents.ts
new file mode 100644
index 000000000000..a64b6780fd5d
--- /dev/null
+++ b/sdk/securityinsight/arm-securityinsight/src/operations/incidents.ts
@@ -0,0 +1,357 @@
+/*
+ * Copyright (c) Microsoft Corporation.
+ * Licensed under the MIT License.
+ *
+ * Code generated by Microsoft (R) AutoRest Code Generator.
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+import * as msRest from "@azure/ms-rest-js";
+import * as Models from "../models";
+import * as Mappers from "../models/incidentsMappers";
+import * as Parameters from "../models/parameters";
+import { SecurityInsightsContext } from "../securityInsightsContext";
+
+/** Class representing a Incidents. */
+export class Incidents {
+ private readonly client: SecurityInsightsContext;
+
+ /**
+ * Create a Incidents.
+ * @param {SecurityInsightsContext} client Reference to the service client.
+ */
+ constructor(client: SecurityInsightsContext) {
+ this.client = client;
+ }
+
+ /**
+ * Gets all incidents.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ list(resourceGroupName: string, workspaceName: string, options?: Models.IncidentsListOptionalParams): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param callback The callback
+ */
+ list(resourceGroupName: string, workspaceName: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ list(resourceGroupName: string, workspaceName: string, options: Models.IncidentsListOptionalParams, callback: msRest.ServiceCallback): void;
+ list(resourceGroupName: string, workspaceName: string, options?: Models.IncidentsListOptionalParams | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ options
+ },
+ listOperationSpec,
+ callback) as Promise;
+ }
+
+ /**
+ * Gets an incident.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param incidentId Incident ID
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ get(resourceGroupName: string, workspaceName: string, incidentId: string, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param incidentId Incident ID
+ * @param callback The callback
+ */
+ get(resourceGroupName: string, workspaceName: string, incidentId: string, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param incidentId Incident ID
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ get(resourceGroupName: string, workspaceName: string, incidentId: string, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ get(resourceGroupName: string, workspaceName: string, incidentId: string, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ incidentId,
+ options
+ },
+ getOperationSpec,
+ callback) as Promise;
+ }
+
+ /**
+ * Creates or updates the incident.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param incidentId Incident ID
+ * @param incident The incident
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ createOrUpdate(resourceGroupName: string, workspaceName: string, incidentId: string, incident: Models.Incident, options?: msRest.RequestOptionsBase): Promise;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param incidentId Incident ID
+ * @param incident The incident
+ * @param callback The callback
+ */
+ createOrUpdate(resourceGroupName: string, workspaceName: string, incidentId: string, incident: Models.Incident, callback: msRest.ServiceCallback): void;
+ /**
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param incidentId Incident ID
+ * @param incident The incident
+ * @param options The optional parameters
+ * @param callback The callback
+ */
+ createOrUpdate(resourceGroupName: string, workspaceName: string, incidentId: string, incident: Models.Incident, options: msRest.RequestOptionsBase, callback: msRest.ServiceCallback): void;
+ createOrUpdate(resourceGroupName: string, workspaceName: string, incidentId: string, incident: Models.Incident, options?: msRest.RequestOptionsBase | msRest.ServiceCallback, callback?: msRest.ServiceCallback): Promise {
+ return this.client.sendOperationRequest(
+ {
+ resourceGroupName,
+ workspaceName,
+ incidentId,
+ incident,
+ options
+ },
+ createOrUpdateOperationSpec,
+ callback) as Promise;
+ }
+
+ /**
+ * Delete the incident.
+ * @param resourceGroupName The name of the resource group within the user's subscription. The name
+ * is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param incidentId Incident ID
+ * @param [options] The optional parameters
+ * @returns Promise
+ */
+ deleteMethod(resourceGroupName: string, workspaceName: string, incidentId: string, options?: msRest.RequestOptionsBase): Promise