diff --git a/sdk/securityinsight/arm-securityinsight/CHANGELOG.md b/sdk/securityinsight/arm-securityinsight/CHANGELOG.md index 7f6adeea4ce4..705d355586a7 100644 --- a/sdk/securityinsight/arm-securityinsight/CHANGELOG.md +++ b/sdk/securityinsight/arm-securityinsight/CHANGELOG.md @@ -1,5 +1,216 @@ # Release History +## 1.0.0-beta.5 (2022-07-22) + +**Features** + + - Added Type Alias AADCheckRequirements + - Added Type Alias AADCheckRequirementsProperties + - Added Type Alias AADDataConnector + - Added Type Alias AADDataConnectorProperties + - Added Type Alias AatpCheckRequirements + - Added Type Alias AatpCheckRequirementsProperties + - Added Type Alias AatpDataConnector + - Added Type Alias AatpDataConnectorProperties + - Added Type Alias AccountEntity + - Added Type Alias AccountEntityProperties + - Added Type Alias ActionRequest + - Added Type Alias ActionRequestProperties + - Added Type Alias ActionResponse + - Added Type Alias ActionResponseProperties + - Added Type Alias ActivityCustomEntityQuery + - Added Type Alias ActivityEntityQuery + - Added Type Alias ActivityEntityQueryTemplate + - Added Type Alias ActivityTimelineItem + - Added Type Alias AlertRule + - Added Type Alias AlertRuleTemplate + - Added Type Alias AlertRuleTemplateWithMitreProperties + - Added Type Alias Anomalies + - Added Type Alias AnomalySecurityMLAnalyticsSettings + - Added Type Alias AnomalyTimelineItem + - Added Type Alias ASCCheckRequirements + - Added Type Alias ASCDataConnector + - Added Type Alias ASCDataConnectorProperties + - Added Type Alias AutomationRule + - Added Type Alias AutomationRuleModifyPropertiesAction + - Added Type Alias AutomationRuleRunPlaybookAction + - Added Type Alias AwsCloudTrailCheckRequirements + - Added Type Alias AwsCloudTrailDataConnector + - Added Type Alias AwsCloudTrailDataConnectorDataTypesLogs + - Added Type Alias AwsS3CheckRequirements + - Added Type Alias AwsS3DataConnector + - Added Type Alias AwsS3DataConnectorDataTypesLogs + - Added Type Alias AzureResourceEntity + - Added Type Alias AzureResourceEntityProperties + - Added Type Alias Bookmark + - Added Type Alias BookmarkTimelineItem + - Added Type Alias CloudApplicationEntity + - Added Type Alias CloudApplicationEntityProperties + - Added Type Alias CodelessApiPollingDataConnector + - Added Type Alias CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem + - Added Type Alias CodelessUiConnectorConfigPropertiesDataTypesItem + - Added Type Alias CodelessUiConnectorConfigPropertiesGraphQueriesItem + - Added Type Alias CodelessUiConnectorConfigPropertiesInstructionStepsItem + - Added Type Alias CodelessUiConnectorConfigPropertiesSampleQueriesItem + - Added Type Alias CodelessUiDataConnector + - Added Type Alias CustomEntityQuery + - Added Type Alias Customs + - Added Type Alias DataConnector + - Added Type Alias DnsEntity + - Added Type Alias DnsEntityProperties + - Added Type Alias Dynamics365CheckRequirements + - Added Type Alias Dynamics365CheckRequirementsProperties + - Added Type Alias Dynamics365DataConnector + - Added Type Alias Dynamics365DataConnectorDataTypesDynamics365CdsActivities + - Added Type Alias Dynamics365DataConnectorProperties + - Added Type Alias Entity + - Added Type Alias EntityAnalytics + - Added Type Alias EntityQuery + - Added Type Alias EntityQueryTemplate + - Added Type Alias ExpansionEntityQuery + - Added Type Alias EyesOn + - Added Type Alias FileEntity + - Added Type Alias FileEntityProperties + - Added Type Alias FileHashEntity + - Added Type Alias FileHashEntityProperties + - Added Type Alias FusionAlertRule + - Added Type Alias FusionAlertRuleTemplate + - Added Type Alias HostEntity + - Added Type Alias HostEntityProperties + - Added Type Alias HuntingBookmark + - Added Type Alias HuntingBookmarkProperties + - Added Type Alias Incident + - Added Type Alias IncidentComment + - Added Type Alias InsightQueryItem + - Added Type Alias InsightQueryItemProperties + - Added Type Alias InstructionStepsInstructionsItem + - Added Type Alias IoTCheckRequirements + - Added Type Alias IoTDataConnector + - Added Type Alias IoTDataConnectorProperties + - Added Type Alias IoTDeviceEntity + - Added Type Alias IoTDeviceEntityProperties + - Added Type Alias IpEntity + - Added Type Alias IpEntityProperties + - Added Type Alias MailboxEntity + - Added Type Alias MailboxEntityProperties + - Added Type Alias MailClusterEntity + - Added Type Alias MailClusterEntityProperties + - Added Type Alias MailMessageEntity + - Added Type Alias MailMessageEntityProperties + - Added Type Alias MalwareEntity + - Added Type Alias MalwareEntityProperties + - Added Type Alias McasCheckRequirements + - Added Type Alias McasCheckRequirementsProperties + - Added Type Alias McasDataConnector + - Added Type Alias McasDataConnectorDataTypes + - Added Type Alias McasDataConnectorProperties + - Added Type Alias MdatpCheckRequirements + - Added Type Alias MdatpCheckRequirementsProperties + - Added Type Alias MdatpDataConnector + - Added Type Alias MdatpDataConnectorProperties + - Added Type Alias MetadataModel + - Added Type Alias MetadataPatch + - Added Type Alias MicrosoftSecurityIncidentCreationAlertRule + - Added Type Alias MicrosoftSecurityIncidentCreationAlertRuleProperties + - Added Type Alias MicrosoftSecurityIncidentCreationAlertRuleTemplate + - Added Type Alias MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties + - Added Type Alias MLBehaviorAnalyticsAlertRule + - Added Type Alias MLBehaviorAnalyticsAlertRuleTemplate + - Added Type Alias MLBehaviorAnalyticsAlertRuleTemplateProperties + - Added Type Alias MstiCheckRequirements + - Added Type Alias MstiCheckRequirementsProperties + - Added Type Alias MstiDataConnector + - Added Type Alias MstiDataConnectorDataTypesBingSafetyPhishingURL + - Added Type Alias MstiDataConnectorDataTypesMicrosoftEmergingThreatFeed + - Added Type Alias MstiDataConnectorProperties + - Added Type Alias MtpCheckRequirements + - Added Type Alias MTPCheckRequirementsProperties + - Added Type Alias MTPDataConnector + - Added Type Alias MTPDataConnectorDataTypesIncidents + - Added Type Alias MTPDataConnectorProperties + - Added Type Alias NicEntity + - Added Type Alias NicEntityProperties + - Added Type Alias NrtAlertRule + - Added Type Alias NrtAlertRuleTemplate + - Added Type Alias NrtAlertRuleTemplateProperties + - Added Type Alias Office365ProjectCheckRequirements + - Added Type Alias Office365ProjectCheckRequirementsProperties + - Added Type Alias Office365ProjectConnectorDataTypesLogs + - Added Type Alias Office365ProjectDataConnector + - Added Type Alias Office365ProjectDataConnectorProperties + - Added Type Alias OfficeATPCheckRequirements + - Added Type Alias OfficeATPCheckRequirementsProperties + - Added Type Alias OfficeATPDataConnector + - Added Type Alias OfficeATPDataConnectorProperties + - Added Type Alias OfficeConsent + - Added Type Alias OfficeDataConnector + - Added Type Alias OfficeDataConnectorDataTypesExchange + - Added Type Alias OfficeDataConnectorDataTypesSharePoint + - Added Type Alias OfficeDataConnectorDataTypesTeams + - Added Type Alias OfficeDataConnectorProperties + - Added Type Alias OfficeIRMCheckRequirements + - Added Type Alias OfficeIRMCheckRequirementsProperties + - Added Type Alias OfficeIRMDataConnector + - Added Type Alias OfficeIRMDataConnectorProperties + - Added Type Alias OfficePowerBICheckRequirements + - Added Type Alias OfficePowerBICheckRequirementsProperties + - Added Type Alias OfficePowerBIConnectorDataTypesLogs + - Added Type Alias OfficePowerBIDataConnector + - Added Type Alias OfficePowerBIDataConnectorProperties + - Added Type Alias PermissionsCustomsItem + - Added Type Alias PermissionsResourceProviderItem + - Added Type Alias ProcessEntity + - Added Type Alias ProcessEntityProperties + - Added Type Alias PropertyArrayChangedConditionProperties + - Added Type Alias PropertyChangedConditionProperties + - Added Type Alias PropertyConditionProperties + - Added Type Alias RegistryKeyEntity + - Added Type Alias RegistryKeyEntityProperties + - Added Type Alias RegistryValueEntity + - Added Type Alias RegistryValueEntityProperties + - Added Type Alias Relation + - Added Type Alias ResourceWithEtag + - Added Type Alias ScheduledAlertRule + - Added Type Alias ScheduledAlertRuleProperties + - Added Type Alias ScheduledAlertRuleTemplate + - Added Type Alias SecurityAlert + - Added Type Alias SecurityAlertProperties + - Added Type Alias SecurityAlertTimelineItem + - Added Type Alias SecurityGroupEntity + - Added Type Alias SecurityGroupEntityProperties + - Added Type Alias SecurityMLAnalyticsSetting + - Added Type Alias SentinelOnboardingState + - Added Type Alias Settings + - Added Type Alias SourceControl + - Added Type Alias SubmissionMailEntity + - Added Type Alias SubmissionMailEntityProperties + - Added Type Alias ThreatIntelligenceAlertRule + - Added Type Alias ThreatIntelligenceAlertRuleTemplate + - Added Type Alias ThreatIntelligenceAlertRuleTemplateProperties + - Added Type Alias ThreatIntelligenceIndicatorModel + - Added Type Alias ThreatIntelligenceIndicatorProperties + - Added Type Alias ThreatIntelligenceInformation + - Added Type Alias TICheckRequirements + - Added Type Alias TICheckRequirementsProperties + - Added Type Alias TIDataConnector + - Added Type Alias TIDataConnectorDataTypesIndicators + - Added Type Alias TIDataConnectorProperties + - Added Type Alias TiTaxiiCheckRequirements + - Added Type Alias TiTaxiiCheckRequirementsProperties + - Added Type Alias TiTaxiiDataConnector + - Added Type Alias TiTaxiiDataConnectorDataTypesTaxiiClient + - Added Type Alias TiTaxiiDataConnectorProperties + - Added Type Alias Ueba + - Added Type Alias UrlEntity + - Added Type Alias UrlEntityProperties + - Added Type Alias Watchlist + - Added Type Alias WatchlistItem + +**Breaking Changes** + + - Parameter logicAppsResourceId of interface ManualTriggerRequestBody is now required + + ## 1.0.0-beta.4 (2022-07-11) **Features** diff --git a/sdk/securityinsight/arm-securityinsight/README.md b/sdk/securityinsight/arm-securityinsight/README.md index 7181392099b1..1035849b20ee 100644 --- a/sdk/securityinsight/arm-securityinsight/README.md +++ b/sdk/securityinsight/arm-securityinsight/README.md @@ -1,6 +1,6 @@ -# Azure SecurityInsights client library for JavaScript +# Azure Service client library for JavaScript -This package contains an isomorphic SDK (runs both in Node.js and in browsers) for Azure SecurityInsights client. +This package contains an isomorphic SDK (runs both in Node.js and in browsers) for Azure Service client. API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider @@ -24,7 +24,7 @@ See our [support policy](https://github.com/Azure/azure-sdk-for-js/blob/main/SUP ### Install the `@azure/arm-securityinsight` package -Install the Azure SecurityInsights client library for JavaScript with `npm`: +Install the Azure Service client library for JavaScript with `npm`: ```bash npm install @azure/arm-securityinsight @@ -32,8 +32,8 @@ npm install @azure/arm-securityinsight ### Create and authenticate a `SecurityInsights` -To create a client object to access the Azure SecurityInsights API, you will need the `endpoint` of your Azure SecurityInsights resource and a `credential`. The Azure SecurityInsights client can use Azure Active Directory credentials to authenticate. -You can find the endpoint for your Azure SecurityInsights resource in the [Azure Portal][azure_portal]. +To create a client object to access the Azure Service API, you will need the `endpoint` of your Azure Service resource and a `credential`. The Azure Service client can use Azure Active Directory credentials to authenticate. +You can find the endpoint for your Azure Service resource in the [Azure Portal][azure_portal]. You can authenticate with Azure Active Directory using a credential from the [@azure/identity][azure_identity] library or [an existing AAD Token](https://github.com/Azure/azure-sdk-for-js/blob/master/sdk/identity/identity/samples/AzureIdentityExamples.md#authenticating-with-a-pre-fetched-access-token). @@ -43,7 +43,7 @@ To use the [DefaultAzureCredential][defaultazurecredential] provider shown below npm install @azure/identity ``` -You will also need to **register a new AAD application and grant access to Azure SecurityInsights** by assigning the suitable role to your service principal (note: roles such as `"Owner"` will not grant the necessary permissions). +You will also need to **register a new AAD application and grant access to Azure Service** by assigning the suitable role to your service principal (note: roles such as `"Owner"` will not grant the necessary permissions). Set the values of the client ID, tenant ID, and client secret of the AAD application as environment variables: `AZURE_CLIENT_ID`, `AZURE_TENANT_ID`, `AZURE_CLIENT_SECRET`. For more information about how to create an Azure AD Application check out [this guide](https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal). @@ -72,7 +72,7 @@ To use this client library in the browser, first you need to use a bundler. For ### SecurityInsights -`SecurityInsights` is the primary interface for developers using the Azure SecurityInsights client library. Explore the methods on this client object to understand the different features of the Azure SecurityInsights service that you can access. +`SecurityInsights` is the primary interface for developers using the Azure Service client library. Explore the methods on this client object to understand the different features of the Azure Service service that you can access. ## Troubleshooting diff --git a/sdk/securityinsight/arm-securityinsight/_meta.json b/sdk/securityinsight/arm-securityinsight/_meta.json index 3a1a3722b6bc..1fa7061352b8 100644 --- a/sdk/securityinsight/arm-securityinsight/_meta.json +++ b/sdk/securityinsight/arm-securityinsight/_meta.json @@ -1,8 +1,8 @@ { - "commit": "64496bd64b0376dc4b45e3193a39f7bcdd4b28da", + "commit": "293adda93b649c857acaca173916e8a98a8308b1", "readme": "specification/securityinsights/resource-manager/readme.md", - "autorest_command": "autorest --version=3.7.3 --typescript --modelerfour.lenient-model-deduplication --azure-arm --head-as-boolean=true --license-header=MICROSOFT_MIT_NO_VERSION --generate-test --typescript-sdks-folder=D:\\Git\\azure-sdk-for-js ..\\azure-rest-api-specs\\specification\\securityinsights\\resource-manager\\readme.md --use=@autorest/typescript@6.0.0-rc.1.20220707.1 --generate-sample=true", + "autorest_command": "autorest --version=3.7.3 --typescript --modelerfour.lenient-model-deduplication --azure-arm --head-as-boolean=true --license-header=MICROSOFT_MIT_NO_VERSION --generate-test --typescript-sdks-folder=/mnt/vss/_work/1/s/azure-sdk-for-js ../azure-rest-api-specs/specification/securityinsights/resource-manager/readme.md --use=@autorest/typescript@6.0.0-alpha.19.20220425.1", "repository_url": "https://github.com/Azure/azure-rest-api-specs.git", "release_tool": "@azure-tools/js-sdk-release-tools@2.4.0", - "use": "@autorest/typescript@6.0.0-rc.1.20220707.1" + "use": "@autorest/typescript@6.0.0-alpha.19.20220425.1" } \ No newline at end of file diff --git a/sdk/securityinsight/arm-securityinsight/package.json b/sdk/securityinsight/arm-securityinsight/package.json index 65eef11c5416..3bffdacc856d 100644 --- a/sdk/securityinsight/arm-securityinsight/package.json +++ b/sdk/securityinsight/arm-securityinsight/package.json @@ -3,7 +3,7 @@ "sdk-type": "mgmt", "author": "Microsoft Corporation", "description": "A generated SDK for SecurityInsights.", - "version": "1.0.0-beta.4", + "version": "1.0.0-beta.5", "engines": { "node": ">=12.0.0" }, @@ -41,8 +41,6 @@ "@azure-tools/test-recorder": "^2.0.0", "@azure-tools/test-credential": "^1.0.0", "mocha": "^7.1.1", - "@types/chai": "^4.2.8", - "chai": "^4.2.0", "cross-env": "^7.0.2", "@azure/dev-tool": "^1.0.0" }, @@ -96,7 +94,8 @@ "unit-test:browser": "echo skipped", "integration-test": "npm run integration-test:node && npm run integration-test:browser", "integration-test:node": "dev-tool run test:node-ts-input -- --timeout 1200000 'test/*.ts'", - "integration-test:browser": "echo skipped" + "integration-test:browser": "echo skipped", + "docs": "echo skipped" }, "sideEffects": false, "//metadata": { @@ -107,13 +106,5 @@ } ] }, - "autoPublish": true, - "//sampleConfiguration": { - "productName": "", - "productSlugs": [ - "azure" - ], - "disableDocsMs": true, - "apiRefLink": "https://docs.microsoft.com/javascript/api/@azure/arm-securityinsight?view=azure-node-preview" - } + "autoPublish": true } \ No newline at end of file diff --git a/sdk/securityinsight/arm-securityinsight/review/arm-securityinsight.api.md b/sdk/securityinsight/arm-securityinsight/review/arm-securityinsight.api.md index 0fc0b87afde0..a2cb1e934936 100644 --- a/sdk/securityinsight/arm-securityinsight/review/arm-securityinsight.api.md +++ b/sdk/securityinsight/arm-securityinsight/review/arm-securityinsight.api.md @@ -9,56 +9,51 @@ import * as coreClient from '@azure/core-client'; import { PagedAsyncIterableIterator } from '@azure/core-paging'; // @public -export interface AADCheckRequirements extends DataConnectorsCheckRequirements { +export type AADCheckRequirements = DataConnectorsCheckRequirements & { kind: "AzureActiveDirectory"; tenantId?: string; -} +}; // @public -export interface AADCheckRequirementsProperties extends DataConnectorTenantId { -} +export type AADCheckRequirementsProperties = DataConnectorTenantId & {}; // @public -export interface AADDataConnector extends DataConnector { - dataTypes?: AlertsDataTypeOfDataConnector; +export type AADDataConnector = DataConnector & { tenantId?: string; -} + dataTypes?: AlertsDataTypeOfDataConnector; +}; // @public -export interface AADDataConnectorProperties extends DataConnectorTenantId, DataConnectorWithAlertsProperties { -} +export type AADDataConnectorProperties = DataConnectorTenantId & DataConnectorWithAlertsProperties & {}; // @public -export interface AatpCheckRequirements extends DataConnectorsCheckRequirements { +export type AatpCheckRequirements = DataConnectorsCheckRequirements & { kind: "AzureAdvancedThreatProtection"; tenantId?: string; -} +}; // @public -export interface AatpCheckRequirementsProperties extends DataConnectorTenantId { -} +export type AatpCheckRequirementsProperties = DataConnectorTenantId & {}; // @public -export interface AatpDataConnector extends DataConnector { - dataTypes?: AlertsDataTypeOfDataConnector; +export type AatpDataConnector = DataConnector & { tenantId?: string; -} + dataTypes?: AlertsDataTypeOfDataConnector; +}; // @public -export interface AatpDataConnectorProperties extends DataConnectorTenantId, DataConnectorWithAlertsProperties { -} +export type AatpDataConnectorProperties = DataConnectorTenantId & DataConnectorWithAlertsProperties & {}; // @public -export interface AccountEntity extends Entity { - readonly aadTenantId?: string; - readonly aadUserId?: string; - readonly accountName?: string; +export type AccountEntity = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; - readonly displayName?: string; - readonly dnsDomain?: string; readonly friendlyName?: string; + readonly aadTenantId?: string; + readonly aadUserId?: string; + readonly accountName?: string; + readonly displayName?: string; readonly hostEntityId?: string; readonly isDomainJoined?: boolean; readonly ntDomain?: string; @@ -66,15 +61,15 @@ export interface AccountEntity extends Entity { readonly puid?: string; readonly sid?: string; readonly upnSuffix?: string; -} + readonly dnsDomain?: string; +}; // @public -export interface AccountEntityProperties extends EntityCommonProperties { +export type AccountEntityProperties = EntityCommonProperties & { readonly aadTenantId?: string; readonly aadUserId?: string; readonly accountName?: string; readonly displayName?: string; - readonly dnsDomain?: string; readonly hostEntityId?: string; readonly isDomainJoined?: boolean; readonly ntDomain?: string; @@ -82,7 +77,8 @@ export interface AccountEntityProperties extends EntityCommonProperties { readonly puid?: string; readonly sid?: string; readonly upnSuffix?: string; -} + readonly dnsDomain?: string; +}; // @public export interface ActionPropertiesBase { @@ -90,26 +86,26 @@ export interface ActionPropertiesBase { } // @public -export interface ActionRequest extends ResourceWithEtag { +export type ActionRequest = ResourceWithEtag & { logicAppResourceId?: string; triggerUri?: string; -} +}; // @public -export interface ActionRequestProperties extends ActionPropertiesBase { +export type ActionRequestProperties = ActionPropertiesBase & { triggerUri: string; -} +}; // @public -export interface ActionResponse extends ResourceWithEtag { +export type ActionResponse = ResourceWithEtag & { logicAppResourceId?: string; workflowId?: string; -} +}; // @public -export interface ActionResponseProperties extends ActionPropertiesBase { +export type ActionResponseProperties = ActionPropertiesBase & { workflowId?: string; -} +}; // @public export interface Actions { @@ -161,21 +157,21 @@ export type ActionsListByAlertRuleResponse = ActionsList; export type ActionType = string; // @public -export interface ActivityCustomEntityQuery extends CustomEntityQuery { +export type ActivityCustomEntityQuery = CustomEntityQuery & { + title?: string; content?: string; - readonly createdTimeUtc?: Date; description?: string; - enabled?: boolean; + queryDefinitions?: ActivityEntityQueriesPropertiesQueryDefinitions; + inputEntityType?: EntityType; + requiredInputFieldsSets?: string[][]; entitiesFilter?: { [propertyName: string]: string[]; }; - inputEntityType?: EntityType; - readonly lastModifiedTimeUtc?: Date; - queryDefinitions?: ActivityEntityQueriesPropertiesQueryDefinitions; - requiredInputFieldsSets?: string[][]; templateName?: string; - title?: string; -} + enabled?: boolean; + readonly createdTimeUtc?: Date; + readonly lastModifiedTimeUtc?: Date; +}; // @public export interface ActivityEntityQueriesPropertiesQueryDefinitions { @@ -183,35 +179,35 @@ export interface ActivityEntityQueriesPropertiesQueryDefinitions { } // @public -export interface ActivityEntityQuery extends EntityQuery { +export type ActivityEntityQuery = EntityQuery & { + title?: string; content?: string; - readonly createdTimeUtc?: Date; description?: string; - enabled?: boolean; + queryDefinitions?: ActivityEntityQueriesPropertiesQueryDefinitions; + inputEntityType?: EntityType; + requiredInputFieldsSets?: string[][]; entitiesFilter?: { [propertyName: string]: string[]; }; - inputEntityType?: EntityType; - readonly lastModifiedTimeUtc?: Date; - queryDefinitions?: ActivityEntityQueriesPropertiesQueryDefinitions; - requiredInputFieldsSets?: string[][]; templateName?: string; - title?: string; -} + enabled?: boolean; + readonly createdTimeUtc?: Date; + readonly lastModifiedTimeUtc?: Date; +}; // @public -export interface ActivityEntityQueryTemplate extends EntityQueryTemplate { +export type ActivityEntityQueryTemplate = EntityQueryTemplate & { + title?: string; content?: string; - dataTypes?: DataTypeDefinitions[]; description?: string; + queryDefinitions?: ActivityEntityQueryTemplatePropertiesQueryDefinitions; + dataTypes?: DataTypeDefinitions[]; + inputEntityType?: EntityType; + requiredInputFieldsSets?: string[][]; entitiesFilter?: { [propertyName: string]: string[]; }; - inputEntityType?: EntityType; - queryDefinitions?: ActivityEntityQueryTemplatePropertiesQueryDefinitions; - requiredInputFieldsSets?: string[][]; - title?: string; -} +}; // @public export interface ActivityEntityQueryTemplatePropertiesQueryDefinitions { @@ -220,16 +216,16 @@ export interface ActivityEntityQueryTemplatePropertiesQueryDefinitions { } // @public -export interface ActivityTimelineItem extends EntityTimelineItem { - bucketEndTimeUTC: Date; +export type ActivityTimelineItem = EntityTimelineItem & { + kind: "Activity"; + queryId: string; bucketStartTimeUTC: Date; - content: string; + bucketEndTimeUTC: Date; firstActivityTimeUTC: Date; - kind: "Activity"; lastActivityTimeUTC: Date; - queryId: string; + content: string; title: string; -} +}; // @public export type AlertDetail = string; @@ -243,9 +239,9 @@ export interface AlertDetailsOverride { } // @public -export interface AlertRule extends ResourceWithEtag { +export type AlertRule = ResourceWithEtag & { kind: AlertRuleKind; -} +}; // @public export type AlertRuleKind = string; @@ -297,9 +293,9 @@ export interface AlertRulesListOptionalParams extends coreClient.OperationOption export type AlertRulesListResponse = AlertRulesList; // @public -export interface AlertRuleTemplate extends Resource { +export type AlertRuleTemplate = Resource & { kind: AlertRuleKind; -} +}; // @public export interface AlertRuleTemplateDataSource { @@ -355,10 +351,10 @@ export type AlertRuleTemplatesListResponse = AlertRuleTemplatesList; export type AlertRuleTemplateUnion = AlertRuleTemplate | MLBehaviorAnalyticsAlertRuleTemplate | FusionAlertRuleTemplate | ThreatIntelligenceAlertRuleTemplate | MicrosoftSecurityIncidentCreationAlertRuleTemplate | ScheduledAlertRuleTemplate | NrtAlertRuleTemplate; // @public -export interface AlertRuleTemplateWithMitreProperties extends AlertRuleTemplatePropertiesBase { +export type AlertRuleTemplateWithMitreProperties = AlertRuleTemplatePropertiesBase & { tactics?: AttackTactic[]; techniques?: string[]; -} +}; // @public (undocumented) export type AlertRuleUnion = AlertRule | MLBehaviorAnalyticsAlertRule | FusionAlertRule | ThreatIntelligenceAlertRule | MicrosoftSecurityIncidentCreationAlertRule | ScheduledAlertRule | NrtAlertRule; @@ -375,78 +371,78 @@ export type AlertSeverity = string; export type AlertStatus = string; // @public -export interface Anomalies extends Settings { +export type Anomalies = Settings & { readonly isEnabled?: boolean; -} +}; // @public -export interface AnomalySecurityMLAnalyticsSettings extends SecurityMLAnalyticsSetting { - anomalySettingsVersion?: number; - anomalyVersion?: string; - customizableObservations?: Record; +export type AnomalySecurityMLAnalyticsSettings = SecurityMLAnalyticsSetting & { description?: string; displayName?: string; enabled?: boolean; - frequency?: string; - isDefaultSettings?: boolean; readonly lastModifiedUtc?: Date; requiredDataConnectors?: SecurityMLAnalyticsSettingsDataSource[]; - settingsDefinitionId?: string; - settingsStatus?: SettingsStatus; tactics?: AttackTactic[]; techniques?: string[]; -} + anomalyVersion?: string; + customizableObservations?: Record; + frequency?: string; + settingsStatus?: SettingsStatus; + isDefaultSettings?: boolean; + anomalySettingsVersion?: number; + settingsDefinitionId?: string; +}; // @public -export interface AnomalyTimelineItem extends EntityTimelineItem { +export type AnomalyTimelineItem = EntityTimelineItem & { + kind: "Anomaly"; azureResourceId: string; + productName?: string; description?: string; displayName: string; endTimeUtc: Date; - intent?: string; - kind: "Anomaly"; - productName?: string; - reasons?: string[]; startTimeUtc: Date; - techniques?: string[]; timeGenerated: Date; vendor?: string; -} + intent?: string; + techniques?: string[]; + reasons?: string[]; +}; // @public export type AntispamMailDirection = string; // @public -export interface ASCCheckRequirements extends DataConnectorsCheckRequirements { +export type ASCCheckRequirements = DataConnectorsCheckRequirements & { kind: "AzureSecurityCenter"; subscriptionId?: string; -} +}; // @public -export interface ASCDataConnector extends DataConnector { +export type ASCDataConnector = DataConnector & { dataTypes?: AlertsDataTypeOfDataConnector; subscriptionId?: string; -} +}; // @public -export interface ASCDataConnectorProperties extends DataConnectorWithAlertsProperties { +export type ASCDataConnectorProperties = DataConnectorWithAlertsProperties & { subscriptionId?: string; -} +}; // @public export type AttackTactic = string; // @public (undocumented) -export interface AutomationRule extends ResourceWithEtag { - actions: AutomationRuleActionUnion[]; - readonly createdBy?: ClientInfo; - readonly createdTimeUtc?: Date; +export type AutomationRule = ResourceWithEtag & { displayName: string; - readonly lastModifiedBy?: ClientInfo; - readonly lastModifiedTimeUtc?: Date; order: number; triggeringLogic: AutomationRuleTriggeringLogic; -} + actions: AutomationRuleActionUnion[]; + readonly lastModifiedTimeUtc?: Date; + readonly createdTimeUtc?: Date; + readonly lastModifiedBy?: ClientInfo; + readonly createdBy?: ClientInfo; +}; // @public export interface AutomationRuleAction { @@ -467,11 +463,10 @@ export interface AutomationRuleCondition { export type AutomationRuleConditionUnion = AutomationRuleCondition | PropertyArrayChangedConditionProperties | PropertyChangedConditionProperties | PropertyConditionProperties; // @public -export interface AutomationRuleModifyPropertiesAction extends AutomationRuleAction { - // (undocumented) - actionConfiguration?: IncidentPropertiesAction; +export type AutomationRuleModifyPropertiesAction = AutomationRuleAction & { actionType: "ModifyProperties"; -} + actionConfiguration?: IncidentPropertiesAction; +}; // @public export type AutomationRulePropertyArrayChangedConditionSupportedArrayType = string; @@ -521,11 +516,10 @@ export interface AutomationRulePropertyValuesCondition { } // @public -export interface AutomationRuleRunPlaybookAction extends AutomationRuleAction { - // (undocumented) - actionConfiguration?: PlaybookActionProperties; +export type AutomationRuleRunPlaybookAction = AutomationRuleAction & { actionType: "RunPlaybook"; -} + actionConfiguration?: PlaybookActionProperties; +}; // @public export interface AutomationRules { @@ -597,15 +591,15 @@ export interface Availability { } // @public -export interface AwsCloudTrailCheckRequirements extends DataConnectorsCheckRequirements { +export type AwsCloudTrailCheckRequirements = DataConnectorsCheckRequirements & { kind: "AmazonWebServicesCloudTrail"; -} +}; // @public -export interface AwsCloudTrailDataConnector extends DataConnector { +export type AwsCloudTrailDataConnector = DataConnector & { awsRoleArn?: string; dataTypes?: AwsCloudTrailDataConnectorDataTypes; -} +}; // @public export interface AwsCloudTrailDataConnectorDataTypes { @@ -613,21 +607,20 @@ export interface AwsCloudTrailDataConnectorDataTypes { } // @public -export interface AwsCloudTrailDataConnectorDataTypesLogs extends DataConnectorDataTypeCommon { -} +export type AwsCloudTrailDataConnectorDataTypesLogs = DataConnectorDataTypeCommon & {}; // @public -export interface AwsS3CheckRequirements extends DataConnectorsCheckRequirements { +export type AwsS3CheckRequirements = DataConnectorsCheckRequirements & { kind: "AmazonWebServicesS3"; -} +}; // @public -export interface AwsS3DataConnector extends DataConnector { - dataTypes?: AwsS3DataConnectorDataTypes; +export type AwsS3DataConnector = DataConnector & { destinationTable?: string; - roleArn?: string; sqsUrls?: string[]; -} + roleArn?: string; + dataTypes?: AwsS3DataConnectorDataTypes; +}; // @public export interface AwsS3DataConnectorDataTypes { @@ -635,8 +628,7 @@ export interface AwsS3DataConnectorDataTypes { } // @public -export interface AwsS3DataConnectorDataTypesLogs extends DataConnectorDataTypeCommon { -} +export type AwsS3DataConnectorDataTypesLogs = DataConnectorDataTypeCommon & {}; // @public export interface AzureDevOpsResourceInfo { @@ -645,40 +637,40 @@ export interface AzureDevOpsResourceInfo { } // @public -export interface AzureResourceEntity extends Entity { +export type AzureResourceEntity = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; readonly friendlyName?: string; readonly resourceId?: string; readonly subscriptionId?: string; -} +}; // @public -export interface AzureResourceEntityProperties extends EntityCommonProperties { +export type AzureResourceEntityProperties = EntityCommonProperties & { readonly resourceId?: string; readonly subscriptionId?: string; -} +}; // @public -export interface Bookmark extends ResourceWithEtag { +export type Bookmark = ResourceWithEtag & { created?: Date; createdBy?: UserInfo; displayName?: string; - entityMappings?: BookmarkEntityMappings[]; - eventTime?: Date; - incidentInfo?: IncidentInfo; labels?: string[]; notes?: string; query?: string; - queryEndTime?: Date; queryResult?: string; + updated?: Date; + updatedBy?: UserInfo; + eventTime?: Date; queryStartTime?: Date; + queryEndTime?: Date; + incidentInfo?: IncidentInfo; + entityMappings?: BookmarkEntityMappings[]; tactics?: AttackTactic[]; techniques?: string[]; - updated?: Date; - updatedBy?: UserInfo; -} +}; // @public export interface BookmarkEntityMappings { @@ -812,17 +804,17 @@ export interface BookmarksListOptionalParams extends coreClient.OperationOptions export type BookmarksListResponse = BookmarkList; // @public -export interface BookmarkTimelineItem extends EntityTimelineItem { +export type BookmarkTimelineItem = EntityTimelineItem & { + kind: "Bookmark"; azureResourceId: string; - createdBy?: UserInfo; displayName?: string; + notes?: string; endTimeUtc?: Date; + startTimeUtc?: Date; eventTime?: Date; - kind: "Bookmark"; + createdBy?: UserInfo; labels?: string[]; - notes?: string; - startTimeUtc?: Date; -} +}; // @public export interface ClientInfo { @@ -833,22 +825,22 @@ export interface ClientInfo { } // @public -export interface CloudApplicationEntity extends Entity { +export type CloudApplicationEntity = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; + readonly friendlyName?: string; readonly appId?: number; readonly appName?: string; - readonly friendlyName?: string; readonly instanceName?: string; -} +}; // @public -export interface CloudApplicationEntityProperties extends EntityCommonProperties { +export type CloudApplicationEntityProperties = EntityCommonProperties & { readonly appId?: number; readonly appName?: string; readonly instanceName?: string; -} +}; // @public export interface CloudError { @@ -862,10 +854,10 @@ export interface CloudErrorBody { } // @public -export interface CodelessApiPollingDataConnector extends DataConnector { +export type CodelessApiPollingDataConnector = DataConnector & { connectorUiConfig?: CodelessUiConnectorConfigProperties; pollingConfig?: CodelessConnectorPollingConfigProperties; -} +}; // @public export interface CodelessConnectorPollingAuthProperties { @@ -947,29 +939,24 @@ export interface CodelessUiConnectorConfigProperties { } // @public (undocumented) -export interface CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem extends ConnectivityCriteria { -} +export type CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem = ConnectivityCriteria & {}; // @public (undocumented) -export interface CodelessUiConnectorConfigPropertiesDataTypesItem extends LastDataReceivedDataType { -} +export type CodelessUiConnectorConfigPropertiesDataTypesItem = LastDataReceivedDataType & {}; // @public (undocumented) -export interface CodelessUiConnectorConfigPropertiesGraphQueriesItem extends GraphQueries { -} +export type CodelessUiConnectorConfigPropertiesGraphQueriesItem = GraphQueries & {}; // @public (undocumented) -export interface CodelessUiConnectorConfigPropertiesInstructionStepsItem extends InstructionSteps { -} +export type CodelessUiConnectorConfigPropertiesInstructionStepsItem = InstructionSteps & {}; // @public (undocumented) -export interface CodelessUiConnectorConfigPropertiesSampleQueriesItem extends SampleQueries { -} +export type CodelessUiConnectorConfigPropertiesSampleQueriesItem = SampleQueries & {}; // @public -export interface CodelessUiDataConnector extends DataConnector { +export type CodelessUiDataConnector = DataConnector & { connectorUiConfig?: CodelessUiConnectorConfigProperties; -} +}; // @public export type ConditionType = string; @@ -1017,9 +1004,9 @@ export type ContentType = string; export type CreatedByType = string; // @public -export interface CustomEntityQuery extends ResourceWithEtag { +export type CustomEntityQuery = ResourceWithEtag & { kind: CustomEntityQueryKind; -} +}; // @public export type CustomEntityQueryKind = string; @@ -1028,8 +1015,7 @@ export type CustomEntityQueryKind = string; export type CustomEntityQueryUnion = CustomEntityQuery | ActivityCustomEntityQuery; // @public -export interface Customs extends CustomsPermission { -} +export type Customs = CustomsPermission & {}; // @public export interface CustomsPermission { @@ -1038,9 +1024,9 @@ export interface CustomsPermission { } // @public -export interface DataConnector extends ResourceWithEtag { +export type DataConnector = ResourceWithEtag & { kind: DataConnectorKind; -} +}; // @public export type DataConnectorAuthorizationState = string; @@ -1210,24 +1196,24 @@ export type DeploymentState = string; export type DeviceImportance = string; // @public -export interface DnsEntity extends Entity { +export type DnsEntity = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; + readonly friendlyName?: string; readonly dnsServerIpEntityId?: string; readonly domainName?: string; - readonly friendlyName?: string; readonly hostIpAddressEntityId?: string; readonly ipAddressEntityIds?: string[]; -} +}; // @public -export interface DnsEntityProperties extends EntityCommonProperties { +export type DnsEntityProperties = EntityCommonProperties & { readonly dnsServerIpEntityId?: string; readonly domainName?: string; readonly hostIpAddressEntityId?: string; readonly ipAddressEntityIds?: string[]; -} +}; // @public export interface DomainWhois { @@ -1242,20 +1228,19 @@ export interface DomainWhoisGetOptionalParams extends coreClient.OperationOption export type DomainWhoisGetResponse = EnrichmentDomainWhois; // @public -export interface Dynamics365CheckRequirements extends DataConnectorsCheckRequirements { +export type Dynamics365CheckRequirements = DataConnectorsCheckRequirements & { kind: "Dynamics365"; tenantId?: string; -} +}; // @public -export interface Dynamics365CheckRequirementsProperties extends DataConnectorTenantId { -} +export type Dynamics365CheckRequirementsProperties = DataConnectorTenantId & {}; // @public -export interface Dynamics365DataConnector extends DataConnector { - dataTypes?: Dynamics365DataConnectorDataTypes; +export type Dynamics365DataConnector = DataConnector & { tenantId?: string; -} + dataTypes?: Dynamics365DataConnectorDataTypes; +}; // @public export interface Dynamics365DataConnectorDataTypes { @@ -1263,13 +1248,12 @@ export interface Dynamics365DataConnectorDataTypes { } // @public -export interface Dynamics365DataConnectorDataTypesDynamics365CdsActivities extends DataConnectorDataTypeCommon { -} +export type Dynamics365DataConnectorDataTypesDynamics365CdsActivities = DataConnectorDataTypeCommon & {}; // @public -export interface Dynamics365DataConnectorProperties extends DataConnectorTenantId { +export type Dynamics365DataConnectorProperties = DataConnectorTenantId & { dataTypes: Dynamics365DataConnectorDataTypes; -} +}; // @public export type ElevationToken = "Default" | "Full" | "Limited"; @@ -1436,14 +1420,14 @@ export interface EntitiesRelationsListOptionalParams extends coreClient.Operatio export type EntitiesRelationsListResponse = RelationList; // @public -export interface Entity extends Resource { +export type Entity = Resource & { kind: EntityKind; -} +}; // @public -export interface EntityAnalytics extends Settings { +export type EntityAnalytics = Settings & { entityProviders?: EntityProviders[]; -} +}; // @public export interface EntityCommonProperties { @@ -1581,9 +1565,9 @@ export interface EntityQueriesListOptionalParams extends coreClient.OperationOpt export type EntityQueriesListResponse = EntityQueryList; // @public -export interface EntityQuery extends ResourceWithEtag { +export type EntityQuery = ResourceWithEtag & { kind: EntityQueryKind; -} +}; // @public export interface EntityQueryItem { @@ -1619,9 +1603,9 @@ export interface EntityQueryList { } // @public -export interface EntityQueryTemplate extends Resource { +export type EntityQueryTemplate = Resource & { kind: EntityQueryTemplateKind; -} +}; // @public export type EntityQueryTemplateKind = string; @@ -1720,14 +1704,14 @@ export interface EventGroupingSettings { } // @public -export interface ExpansionEntityQuery extends EntityQuery { +export type ExpansionEntityQuery = EntityQuery & { dataSources?: string[]; displayName?: string; inputEntityType?: EntityType; inputFields?: string[]; outputEntityTypes?: EntityType[]; queryTemplate?: string; -} +}; // @public export interface ExpansionResultAggregation { @@ -1743,9 +1727,9 @@ export interface ExpansionResultsMetadata { } // @public -export interface EyesOn extends Settings { +export type EyesOn = Settings & { readonly isEnabled?: boolean; -} +}; // @public export interface FieldMapping { @@ -1754,72 +1738,72 @@ export interface FieldMapping { } // @public -export interface FileEntity extends Entity { +export type FileEntity = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; + readonly friendlyName?: string; readonly directory?: string; readonly fileHashEntityIds?: string[]; readonly fileName?: string; - readonly friendlyName?: string; readonly hostEntityId?: string; -} +}; // @public -export interface FileEntityProperties extends EntityCommonProperties { +export type FileEntityProperties = EntityCommonProperties & { readonly directory?: string; readonly fileHashEntityIds?: string[]; readonly fileName?: string; readonly hostEntityId?: string; -} +}; // @public export type FileHashAlgorithm = string; // @public -export interface FileHashEntity extends Entity { +export type FileHashEntity = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; - readonly algorithm?: FileHashAlgorithm; readonly friendlyName?: string; + readonly algorithm?: FileHashAlgorithm; readonly hashValue?: string; -} +}; // @public -export interface FileHashEntityProperties extends EntityCommonProperties { +export type FileHashEntityProperties = EntityCommonProperties & { readonly algorithm?: FileHashAlgorithm; readonly hashValue?: string; -} +}; // @public -export interface FusionAlertRule extends AlertRule { +export type FusionAlertRule = AlertRule & { alertRuleTemplateName?: string; readonly description?: string; readonly displayName?: string; enabled?: boolean; - readonly lastModifiedUtc?: Date; + sourceSettings?: FusionSourceSettings[]; scenarioExclusionPatterns?: FusionScenarioExclusionPattern[]; + readonly lastModifiedUtc?: Date; readonly severity?: AlertSeverity; - sourceSettings?: FusionSourceSettings[]; readonly tactics?: AttackTactic[]; readonly techniques?: string[]; -} +}; // @public -export interface FusionAlertRuleTemplate extends AlertRuleTemplate { +export type FusionAlertRuleTemplate = AlertRuleTemplate & { alertRulesCreatedByTemplateCount?: number; readonly createdDateUTC?: Date; + readonly lastUpdatedDateUTC?: Date; description?: string; displayName?: string; - readonly lastUpdatedDateUTC?: Date; requiredDataConnectors?: AlertRuleTemplateDataSource[]; - severity?: AlertSeverity; - sourceSettings?: FusionTemplateSourceSetting[]; status?: TemplateStatus; + severity?: AlertSeverity; tactics?: AttackTactic[]; techniques?: string[]; -} + sourceSettings?: FusionTemplateSourceSetting[]; +}; // @public export interface FusionScenarioExclusionPattern { @@ -1929,13 +1913,13 @@ export interface GroupingConfiguration { } // @public -export interface HostEntity extends Entity { +export type HostEntity = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; + readonly friendlyName?: string; readonly azureID?: string; readonly dnsDomain?: string; - readonly friendlyName?: string; readonly hostName?: string; readonly isDomainJoined?: boolean; readonly netBiosName?: string; @@ -1943,10 +1927,10 @@ export interface HostEntity extends Entity { readonly omsAgentID?: string; osFamily?: OSFamily; readonly osVersion?: string; -} +}; // @public -export interface HostEntityProperties extends EntityCommonProperties { +export type HostEntityProperties = EntityCommonProperties & { readonly azureID?: string; readonly dnsDomain?: string; readonly hostName?: string; @@ -1956,44 +1940,44 @@ export interface HostEntityProperties extends EntityCommonProperties { readonly omsAgentID?: string; osFamily?: OSFamily; readonly osVersion?: string; -} +}; // @public -export interface HuntingBookmark extends Entity { +export type HuntingBookmark = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; + readonly friendlyName?: string; created?: Date; createdBy?: UserInfo; displayName?: string; eventTime?: Date; - readonly friendlyName?: string; - incidentInfo?: IncidentInfo; labels?: string[]; notes?: string; query?: string; queryResult?: string; updated?: Date; updatedBy?: UserInfo; -} + incidentInfo?: IncidentInfo; +}; // @public -export interface HuntingBookmarkProperties extends EntityCommonProperties { +export type HuntingBookmarkProperties = EntityCommonProperties & { created?: Date; createdBy?: UserInfo; displayName: string; eventTime?: Date; - incidentInfo?: IncidentInfo; labels?: string[]; notes?: string; query: string; queryResult?: string; updated?: Date; updatedBy?: UserInfo; -} + incidentInfo?: IncidentInfo; +}; // @public -export interface Incident extends ResourceWithEtag { +export type Incident = ResourceWithEtag & { readonly additionalData?: IncidentAdditionalData; classification?: IncidentClassification; classificationComment?: string; @@ -2001,20 +1985,20 @@ export interface Incident extends ResourceWithEtag { readonly createdTimeUtc?: Date; description?: string; firstActivityTimeUtc?: Date; - readonly incidentNumber?: number; readonly incidentUrl?: string; + readonly incidentNumber?: number; labels?: IncidentLabel[]; + providerName?: string; + providerIncidentId?: string; lastActivityTimeUtc?: Date; readonly lastModifiedTimeUtc?: Date; owner?: IncidentOwnerInfo; - providerIncidentId?: string; - providerName?: string; readonly relatedAnalyticRuleIds?: string[]; severity?: IncidentSeverity; status?: IncidentStatus; teamInformation?: TeamInformation; title?: string; -} +}; // @public export interface IncidentAdditionalData { @@ -2044,12 +2028,12 @@ export type IncidentClassification = string; export type IncidentClassificationReason = string; // @public -export interface IncidentComment extends ResourceWithEtag { - readonly author?: ClientInfo; +export type IncidentComment = ResourceWithEtag & { readonly createdTimeUtc?: Date; readonly lastModifiedTimeUtc?: Date; message?: string; -} + readonly author?: ClientInfo; +}; // @public export interface IncidentCommentList { @@ -2311,22 +2295,22 @@ export type IncidentsRunPlaybookResponse = Record; export type IncidentStatus = string; // @public -export interface InsightQueryItem extends EntityQueryItem { +export type InsightQueryItem = EntityQueryItem & { kind: "Insight"; properties?: InsightQueryItemProperties; -} +}; // @public -export interface InsightQueryItemProperties extends EntityQueryItemProperties { - additionalQuery?: InsightQueryItemPropertiesAdditionalQuery; +export type InsightQueryItemProperties = EntityQueryItemProperties & { + displayName?: string; + description?: string; baseQuery?: string; + tableQuery?: InsightQueryItemPropertiesTableQuery; chartQuery?: Record; + additionalQuery?: InsightQueryItemPropertiesAdditionalQuery; defaultTimeRange?: InsightQueryItemPropertiesDefaultTimeRange; - description?: string; - displayName?: string; referenceTimeRange?: InsightQueryItemPropertiesReferenceTimeRange; - tableQuery?: InsightQueryItemPropertiesTableQuery; -} +}; // @public export interface InsightQueryItemPropertiesAdditionalQuery { @@ -2392,111 +2376,110 @@ export interface InstructionSteps { } // @public (undocumented) -export interface InstructionStepsInstructionsItem extends ConnectorInstructionModelBase { -} +export type InstructionStepsInstructionsItem = ConnectorInstructionModelBase & {}; // @public -export interface IoTCheckRequirements extends DataConnectorsCheckRequirements { +export type IoTCheckRequirements = DataConnectorsCheckRequirements & { kind: "IOT"; subscriptionId?: string; -} +}; // @public -export interface IoTDataConnector extends DataConnector { +export type IoTDataConnector = DataConnector & { dataTypes?: AlertsDataTypeOfDataConnector; subscriptionId?: string; -} +}; // @public -export interface IoTDataConnectorProperties extends DataConnectorWithAlertsProperties { +export type IoTDataConnectorProperties = DataConnectorWithAlertsProperties & { subscriptionId?: string; -} +}; // @public -export interface IoTDeviceEntity extends Entity { +export type IoTDeviceEntity = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; + readonly friendlyName?: string; readonly deviceId?: string; readonly deviceName?: string; - readonly deviceSubType?: string; - readonly deviceType?: string; - readonly edgeId?: string; - readonly firmwareVersion?: string; - readonly friendlyName?: string; - readonly hostEntityId?: string; - importance?: DeviceImportance; - readonly iotHubEntityId?: string; + readonly source?: string; readonly iotSecurityAgentId?: string; - readonly ipAddressEntityId?: string; - readonly isAuthorized?: boolean; - readonly isProgramming?: boolean; - readonly isScanner?: boolean; + readonly deviceType?: string; + readonly vendor?: string; + readonly edgeId?: string; readonly macAddress?: string; readonly model?: string; - readonly nicEntityIds?: string[]; + readonly serialNumber?: string; + readonly firmwareVersion?: string; readonly operatingSystem?: string; - readonly owners?: string[]; + readonly iotHubEntityId?: string; + readonly hostEntityId?: string; + readonly ipAddressEntityId?: string; + readonly threatIntelligence?: ThreatIntelligence[]; readonly protocols?: string[]; - readonly purdueLayer?: string; - readonly sensor?: string; - readonly serialNumber?: string; + readonly owners?: string[]; + readonly nicEntityIds?: string[]; readonly site?: string; - readonly source?: string; - readonly threatIntelligence?: ThreatIntelligence[]; - readonly vendor?: string; readonly zone?: string; -} + readonly sensor?: string; + readonly deviceSubType?: string; + importance?: DeviceImportance; + readonly purdueLayer?: string; + readonly isAuthorized?: boolean; + readonly isProgramming?: boolean; + readonly isScanner?: boolean; +}; // @public -export interface IoTDeviceEntityProperties extends EntityCommonProperties { +export type IoTDeviceEntityProperties = EntityCommonProperties & { readonly deviceId?: string; readonly deviceName?: string; - readonly deviceSubType?: string; + readonly source?: string; + readonly iotSecurityAgentId?: string; readonly deviceType?: string; + readonly vendor?: string; readonly edgeId?: string; - readonly firmwareVersion?: string; - readonly hostEntityId?: string; - importance?: DeviceImportance; - readonly iotHubEntityId?: string; - readonly iotSecurityAgentId?: string; - readonly ipAddressEntityId?: string; - readonly isAuthorized?: boolean; - readonly isProgramming?: boolean; - readonly isScanner?: boolean; readonly macAddress?: string; readonly model?: string; - readonly nicEntityIds?: string[]; + readonly serialNumber?: string; + readonly firmwareVersion?: string; readonly operatingSystem?: string; - readonly owners?: string[]; + readonly iotHubEntityId?: string; + readonly hostEntityId?: string; + readonly ipAddressEntityId?: string; + readonly threatIntelligence?: ThreatIntelligence[]; readonly protocols?: string[]; - readonly purdueLayer?: string; - readonly sensor?: string; - readonly serialNumber?: string; + readonly owners?: string[]; + readonly nicEntityIds?: string[]; readonly site?: string; - readonly source?: string; - readonly threatIntelligence?: ThreatIntelligence[]; - readonly vendor?: string; readonly zone?: string; -} + readonly sensor?: string; + readonly deviceSubType?: string; + importance?: DeviceImportance; + readonly purdueLayer?: string; + readonly isAuthorized?: boolean; + readonly isProgramming?: boolean; + readonly isScanner?: boolean; +}; // @public -export interface IpEntity extends Entity { +export type IpEntity = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; - readonly address?: string; readonly friendlyName?: string; + readonly address?: string; readonly location?: GeoLocation; readonly threatIntelligence?: ThreatIntelligence[]; -} +}; // @public -export interface IpEntityProperties extends EntityCommonProperties { +export type IpEntityProperties = EntityCommonProperties & { readonly address?: string; readonly location?: GeoLocation; readonly threatIntelligence?: ThreatIntelligence[]; -} +}; // @public export interface IPGeodata { @@ -2530,11 +2513,17 @@ export enum KnownAlertDetail { // @public export enum KnownAlertRuleKind { + // (undocumented) Fusion = "Fusion", + // (undocumented) MicrosoftSecurityIncidentCreation = "MicrosoftSecurityIncidentCreation", + // (undocumented) MLBehaviorAnalytics = "MLBehaviorAnalytics", + // (undocumented) NRT = "NRT", + // (undocumented) Scheduled = "Scheduled", + // (undocumented) ThreatIntelligence = "ThreatIntelligence" } @@ -2565,22 +2554,39 @@ export enum KnownAntispamMailDirection { // @public export enum KnownAttackTactic { + // (undocumented) Collection = "Collection", + // (undocumented) CommandAndControl = "CommandAndControl", + // (undocumented) CredentialAccess = "CredentialAccess", + // (undocumented) DefenseEvasion = "DefenseEvasion", + // (undocumented) Discovery = "Discovery", + // (undocumented) Execution = "Execution", + // (undocumented) Exfiltration = "Exfiltration", + // (undocumented) Impact = "Impact", + // (undocumented) ImpairProcessControl = "ImpairProcessControl", + // (undocumented) InhibitResponseFunction = "InhibitResponseFunction", + // (undocumented) InitialAccess = "InitialAccess", + // (undocumented) LateralMovement = "LateralMovement", + // (undocumented) Persistence = "Persistence", + // (undocumented) PreAttack = "PreAttack", + // (undocumented) PrivilegeEscalation = "PrivilegeEscalation", + // (undocumented) Reconnaissance = "Reconnaissance", + // (undocumented) ResourceDevelopment = "ResourceDevelopment" } @@ -2705,97 +2711,145 @@ export enum KnownConfidenceScoreStatus { // @public export enum KnownConnectAuthKind { + // (undocumented) APIKey = "APIKey", + // (undocumented) Basic = "Basic", + // (undocumented) OAuth2 = "OAuth2" } // @public export enum KnownConnectivityType { + // (undocumented) IsConnectedQuery = "IsConnectedQuery" } // @public export enum KnownContentType { + // (undocumented) AnalyticRule = "AnalyticRule", + // (undocumented) Workbook = "Workbook" } // @public export enum KnownCreatedByType { + // (undocumented) Application = "Application", + // (undocumented) Key = "Key", + // (undocumented) ManagedIdentity = "ManagedIdentity", + // (undocumented) User = "User" } // @public export enum KnownCustomEntityQueryKind { + // (undocumented) Activity = "Activity" } // @public export enum KnownDataConnectorAuthorizationState { + // (undocumented) Invalid = "Invalid", + // (undocumented) Valid = "Valid" } // @public export enum KnownDataConnectorKind { + // (undocumented) AmazonWebServicesCloudTrail = "AmazonWebServicesCloudTrail", + // (undocumented) AmazonWebServicesS3 = "AmazonWebServicesS3", + // (undocumented) APIPolling = "APIPolling", + // (undocumented) AzureActiveDirectory = "AzureActiveDirectory", + // (undocumented) AzureAdvancedThreatProtection = "AzureAdvancedThreatProtection", + // (undocumented) AzureSecurityCenter = "AzureSecurityCenter", + // (undocumented) Dynamics365 = "Dynamics365", + // (undocumented) GenericUI = "GenericUI", + // (undocumented) IOT = "IOT", + // (undocumented) MicrosoftCloudAppSecurity = "MicrosoftCloudAppSecurity", + // (undocumented) MicrosoftDefenderAdvancedThreatProtection = "MicrosoftDefenderAdvancedThreatProtection", + // (undocumented) MicrosoftThreatIntelligence = "MicrosoftThreatIntelligence", + // (undocumented) MicrosoftThreatProtection = "MicrosoftThreatProtection", + // (undocumented) Office365 = "Office365", + // (undocumented) Office365Project = "Office365Project", + // (undocumented) OfficeATP = "OfficeATP", + // (undocumented) OfficeIRM = "OfficeIRM", + // (undocumented) OfficePowerBI = "OfficePowerBI", + // (undocumented) ThreatIntelligence = "ThreatIntelligence", + // (undocumented) ThreatIntelligenceTaxii = "ThreatIntelligenceTaxii" } // @public export enum KnownDataConnectorLicenseState { + // (undocumented) Invalid = "Invalid", + // (undocumented) Unknown = "Unknown", + // (undocumented) Valid = "Valid" } // @public export enum KnownDataTypeState { + // (undocumented) Disabled = "Disabled", + // (undocumented) Enabled = "Enabled" } // @public export enum KnownDeploymentFetchStatus { + // (undocumented) NotFound = "NotFound", + // (undocumented) Success = "Success", + // (undocumented) Unauthorized = "Unauthorized" } // @public export enum KnownDeploymentResult { + // (undocumented) Canceled = "Canceled", + // (undocumented) Failed = "Failed", + // (undocumented) Success = "Success" } // @public export enum KnownDeploymentState { + // (undocumented) Canceling = "Canceling", + // (undocumented) Completed = "Completed", + // (undocumented) InProgress = "In_Progress", + // (undocumented) Queued = "Queued" } @@ -2862,19 +2916,25 @@ export enum KnownEntityMappingType { // @public export enum KnownEntityProviders { + // (undocumented) ActiveDirectory = "ActiveDirectory", + // (undocumented) AzureActiveDirectory = "AzureActiveDirectory" } // @public export enum KnownEntityQueryKind { + // (undocumented) Activity = "Activity", + // (undocumented) Expansion = "Expansion", + // (undocumented) Insight = "Insight" } // @public export enum KnownEntityQueryTemplateKind { + // (undocumented) Activity = "Activity" } @@ -2914,13 +2974,17 @@ export enum KnownEntityType { // @public export enum KnownEnum13 { + // (undocumented) Activity = "Activity", + // (undocumented) Expansion = "Expansion" } // @public export enum KnownEventGroupingAggregationKind { + // (undocumented) AlertPerResult = "AlertPerResult", + // (undocumented) SingleAlert = "SingleAlert" } @@ -2935,6 +2999,7 @@ export enum KnownFileHashAlgorithm { // @public export enum KnownGetInsightsError { + // (undocumented) Insight = "Insight" } @@ -2995,22 +3060,39 @@ export enum KnownKillChainIntent { // @public export enum KnownKind { + // (undocumented) AnalyticsRule = "AnalyticsRule", + // (undocumented) AnalyticsRuleTemplate = "AnalyticsRuleTemplate", + // (undocumented) AutomationRule = "AutomationRule", + // (undocumented) AzureFunction = "AzureFunction", + // (undocumented) DataConnector = "DataConnector", + // (undocumented) DataType = "DataType", + // (undocumented) HuntingQuery = "HuntingQuery", + // (undocumented) InvestigationQuery = "InvestigationQuery", + // (undocumented) LogicAppsCustomConnector = "LogicAppsCustomConnector", + // (undocumented) Parser = "Parser", + // (undocumented) Playbook = "Playbook", + // (undocumented) PlaybookTemplate = "PlaybookTemplate", + // (undocumented) Solution = "Solution", + // (undocumented) Watchlist = "Watchlist", + // (undocumented) WatchlistTemplate = "WatchlistTemplate", + // (undocumented) Workbook = "Workbook", + // (undocumented) WorkbookTemplate = "WorkbookTemplate" } @@ -3023,26 +3105,39 @@ export enum KnownMatchingMethod { // @public export enum KnownMicrosoftSecurityProductName { + // (undocumented) AzureActiveDirectoryIdentityProtection = "Azure Active Directory Identity Protection", + // (undocumented) AzureAdvancedThreatProtection = "Azure Advanced Threat Protection", + // (undocumented) AzureSecurityCenter = "Azure Security Center", + // (undocumented) AzureSecurityCenterForIoT = "Azure Security Center for IoT", + // (undocumented) MicrosoftCloudAppSecurity = "Microsoft Cloud App Security", + // (undocumented) MicrosoftDefenderAdvancedThreatProtection = "Microsoft Defender Advanced Threat Protection", + // (undocumented) Office365AdvancedThreatProtection = "Office 365 Advanced Threat Protection" } // @public export enum KnownOperator { + // (undocumented) AND = "AND", + // (undocumented) OR = "OR" } // @public export enum KnownOutputType { + // (undocumented) Date = "Date", + // (undocumented) Entity = "Entity", + // (undocumented) Number = "Number", + // (undocumented) String = "String" } @@ -3055,8 +3150,11 @@ export enum KnownOwnerType { // @public export enum KnownPermissionProviderScope { + // (undocumented) ResourceGroup = "ResourceGroup", + // (undocumented) Subscription = "Subscription", + // (undocumented) Workspace = "Workspace" } @@ -3069,11 +3167,17 @@ export enum KnownPollingFrequency { // @public export enum KnownProviderName { + // (undocumented) MicrosoftAadiamDiagnosticSettings = "microsoft.aadiam/diagnosticSettings", + // (undocumented) MicrosoftAuthorizationPolicyAssignments = "Microsoft.Authorization/policyAssignments", + // (undocumented) MicrosoftOperationalInsightsSolutions = "Microsoft.OperationalInsights/solutions", + // (undocumented) MicrosoftOperationalInsightsWorkspaces = "Microsoft.OperationalInsights/workspaces", + // (undocumented) MicrosoftOperationalInsightsWorkspacesDatasources = "Microsoft.OperationalInsights/workspaces/datasources", + // (undocumented) MicrosoftOperationalInsightsWorkspacesSharedKeys = "Microsoft.OperationalInsights/workspaces/sharedKeys" } @@ -3105,20 +3209,27 @@ export enum KnownRegistryValueKind { // @public export enum KnownRepoType { + // (undocumented) DevOps = "DevOps", + // (undocumented) Github = "Github" } // @public export enum KnownSecurityMLAnalyticsSettingsKind { + // (undocumented) Anomaly = "Anomaly" } // @public export enum KnownSettingKind { + // (undocumented) Anomalies = "Anomalies", + // (undocumented) EntityAnalytics = "EntityAnalytics", + // (undocumented) EyesOn = "EyesOn", + // (undocumented) Ueba = "Ueba" } @@ -3130,29 +3241,41 @@ export enum KnownSettingsStatus { // @public export enum KnownSettingType { + // (undocumented) CopyableLabel = "CopyableLabel", + // (undocumented) InfoMessage = "InfoMessage", + // (undocumented) InstructionStepsGroup = "InstructionStepsGroup" } // @public export enum KnownSourceKind { + // (undocumented) Community = "Community", + // (undocumented) LocalWorkspace = "LocalWorkspace", + // (undocumented) Solution = "Solution", + // (undocumented) SourceRepository = "SourceRepository" } // @public export enum KnownSourceType { + // (undocumented) LocalFile = "Local file", + // (undocumented) RemoteStorage = "Remote storage" } // @public export enum KnownSupportTier { + // (undocumented) Community = "Community", + // (undocumented) Microsoft = "Microsoft", + // (undocumented) Partner = "Partner" } @@ -3170,8 +3293,11 @@ export enum KnownThreatIntelligenceResourceKindEnum { // @public export enum KnownThreatIntelligenceSortingCriteriaEnum { + // (undocumented) Ascending = "ascending", + // (undocumented) Descending = "descending", + // (undocumented) Unsorted = "unsorted" } @@ -3189,15 +3315,21 @@ export enum KnownTriggersWhen { // @public export enum KnownUebaDataSources { + // (undocumented) AuditLogs = "AuditLogs", + // (undocumented) AzureActivity = "AzureActivity", + // (undocumented) SecurityEvent = "SecurityEvent", + // (undocumented) SigninLogs = "SigninLogs" } // @public export enum KnownVersion { + // (undocumented) V1 = "V1", + // (undocumented) V2 = "V2" } @@ -3208,153 +3340,153 @@ export interface LastDataReceivedDataType { } // @public -export interface MailboxEntity extends Entity { +export type MailboxEntity = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; - readonly displayName?: string; - readonly externalDirectoryObjectId?: string; readonly friendlyName?: string; readonly mailboxPrimaryAddress?: string; + readonly displayName?: string; readonly upn?: string; -} + readonly externalDirectoryObjectId?: string; +}; // @public -export interface MailboxEntityProperties extends EntityCommonProperties { - readonly displayName?: string; - readonly externalDirectoryObjectId?: string; +export type MailboxEntityProperties = EntityCommonProperties & { readonly mailboxPrimaryAddress?: string; + readonly displayName?: string; readonly upn?: string; -} + readonly externalDirectoryObjectId?: string; +}; // @public -export interface MailClusterEntity extends Entity { +export type MailClusterEntity = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; - readonly clusterGroup?: string; - readonly clusterQueryEndTime?: Date; - readonly clusterQueryStartTime?: Date; - readonly clusterSourceIdentifier?: string; - readonly clusterSourceType?: string; - readonly countByDeliveryStatus?: Record; - readonly countByProtectionStatus?: Record; - readonly countByThreatType?: Record; readonly friendlyName?: string; - readonly isVolumeAnomaly?: boolean; - readonly mailCount?: number; readonly networkMessageIds?: string[]; + readonly countByDeliveryStatus?: Record; + readonly countByThreatType?: Record; + readonly countByProtectionStatus?: Record; + readonly threats?: string[]; readonly query?: string; readonly queryTime?: Date; + readonly mailCount?: number; + readonly isVolumeAnomaly?: boolean; readonly source?: string; - readonly threats?: string[]; -} - -// @public -export interface MailClusterEntityProperties extends EntityCommonProperties { - readonly clusterGroup?: string; - readonly clusterQueryEndTime?: Date; - readonly clusterQueryStartTime?: Date; readonly clusterSourceIdentifier?: string; readonly clusterSourceType?: string; + readonly clusterQueryStartTime?: Date; + readonly clusterQueryEndTime?: Date; + readonly clusterGroup?: string; +}; + +// @public +export type MailClusterEntityProperties = EntityCommonProperties & { + readonly networkMessageIds?: string[]; readonly countByDeliveryStatus?: Record; - readonly countByProtectionStatus?: Record; readonly countByThreatType?: Record; - readonly isVolumeAnomaly?: boolean; - readonly mailCount?: number; - readonly networkMessageIds?: string[]; + readonly countByProtectionStatus?: Record; + readonly threats?: string[]; readonly query?: string; readonly queryTime?: Date; + readonly mailCount?: number; + readonly isVolumeAnomaly?: boolean; readonly source?: string; - readonly threats?: string[]; -} + readonly clusterSourceIdentifier?: string; + readonly clusterSourceType?: string; + readonly clusterQueryStartTime?: Date; + readonly clusterQueryEndTime?: Date; + readonly clusterGroup?: string; +}; // @public -export interface MailMessageEntity extends Entity { +export type MailMessageEntity = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; - antispamDirection?: AntispamMailDirection; - bodyFingerprintBin1?: number; - bodyFingerprintBin2?: number; - bodyFingerprintBin3?: number; - bodyFingerprintBin4?: number; - bodyFingerprintBin5?: number; - deliveryAction?: DeliveryAction; - deliveryLocation?: DeliveryLocation; - readonly fileEntityIds?: string[]; readonly friendlyName?: string; - readonly internetMessageId?: string; - readonly language?: string; - readonly networkMessageId?: string; + readonly fileEntityIds?: string[]; + readonly recipient?: string; + readonly urls?: string[]; + readonly threats?: string[]; readonly p1Sender?: string; readonly p1SenderDisplayName?: string; readonly p1SenderDomain?: string; + readonly senderIP?: string; readonly p2Sender?: string; readonly p2SenderDisplayName?: string; readonly p2SenderDomain?: string; readonly receiveDate?: Date; - readonly recipient?: string; - readonly senderIP?: string; + readonly networkMessageId?: string; + readonly internetMessageId?: string; readonly subject?: string; + readonly language?: string; readonly threatDetectionMethods?: string[]; - readonly threats?: string[]; - readonly urls?: string[]; -} - -// @public -export interface MailMessageEntityProperties extends EntityCommonProperties { - antispamDirection?: AntispamMailDirection; bodyFingerprintBin1?: number; bodyFingerprintBin2?: number; bodyFingerprintBin3?: number; bodyFingerprintBin4?: number; bodyFingerprintBin5?: number; + antispamDirection?: AntispamMailDirection; deliveryAction?: DeliveryAction; deliveryLocation?: DeliveryLocation; +}; + +// @public +export type MailMessageEntityProperties = EntityCommonProperties & { readonly fileEntityIds?: string[]; - readonly internetMessageId?: string; - readonly language?: string; - readonly networkMessageId?: string; + readonly recipient?: string; + readonly urls?: string[]; + readonly threats?: string[]; readonly p1Sender?: string; readonly p1SenderDisplayName?: string; readonly p1SenderDomain?: string; + readonly senderIP?: string; readonly p2Sender?: string; readonly p2SenderDisplayName?: string; readonly p2SenderDomain?: string; readonly receiveDate?: Date; - readonly recipient?: string; - readonly senderIP?: string; + readonly networkMessageId?: string; + readonly internetMessageId?: string; readonly subject?: string; + readonly language?: string; readonly threatDetectionMethods?: string[]; - readonly threats?: string[]; - readonly urls?: string[]; -} + bodyFingerprintBin1?: number; + bodyFingerprintBin2?: number; + bodyFingerprintBin3?: number; + bodyFingerprintBin4?: number; + bodyFingerprintBin5?: number; + antispamDirection?: AntispamMailDirection; + deliveryAction?: DeliveryAction; + deliveryLocation?: DeliveryLocation; +}; // @public -export interface MalwareEntity extends Entity { +export type MalwareEntity = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; + readonly friendlyName?: string; readonly category?: string; readonly fileEntityIds?: string[]; - readonly friendlyName?: string; readonly malwareName?: string; readonly processEntityIds?: string[]; -} +}; // @public -export interface MalwareEntityProperties extends EntityCommonProperties { +export type MalwareEntityProperties = EntityCommonProperties & { readonly category?: string; readonly fileEntityIds?: string[]; readonly malwareName?: string; readonly processEntityIds?: string[]; -} +}; // @public (undocumented) export interface ManualTriggerRequestBody { // (undocumented) - logicAppsResourceId?: string; + logicAppsResourceId: string; // (undocumented) tenantId?: string; } @@ -3363,50 +3495,47 @@ export interface ManualTriggerRequestBody { export type MatchingMethod = string; // @public -export interface McasCheckRequirements extends DataConnectorsCheckRequirements { +export type McasCheckRequirements = DataConnectorsCheckRequirements & { kind: "MicrosoftCloudAppSecurity"; tenantId?: string; -} +}; // @public -export interface McasCheckRequirementsProperties extends DataConnectorTenantId { -} +export type McasCheckRequirementsProperties = DataConnectorTenantId & {}; // @public -export interface McasDataConnector extends DataConnector { - dataTypes?: McasDataConnectorDataTypes; +export type McasDataConnector = DataConnector & { tenantId?: string; -} + dataTypes?: McasDataConnectorDataTypes; +}; // @public -export interface McasDataConnectorDataTypes extends AlertsDataTypeOfDataConnector { +export type McasDataConnectorDataTypes = AlertsDataTypeOfDataConnector & { discoveryLogs?: DataConnectorDataTypeCommon; -} +}; // @public -export interface McasDataConnectorProperties extends DataConnectorTenantId { +export type McasDataConnectorProperties = DataConnectorTenantId & { dataTypes: McasDataConnectorDataTypes; -} +}; // @public -export interface MdatpCheckRequirements extends DataConnectorsCheckRequirements { +export type MdatpCheckRequirements = DataConnectorsCheckRequirements & { kind: "MicrosoftDefenderAdvancedThreatProtection"; tenantId?: string; -} +}; // @public -export interface MdatpCheckRequirementsProperties extends DataConnectorTenantId { -} +export type MdatpCheckRequirementsProperties = DataConnectorTenantId & {}; // @public -export interface MdatpDataConnector extends DataConnector { - dataTypes?: AlertsDataTypeOfDataConnector; +export type MdatpDataConnector = DataConnector & { tenantId?: string; -} + dataTypes?: AlertsDataTypeOfDataConnector; +}; // @public -export interface MdatpDataConnectorProperties extends DataConnectorTenantId, DataConnectorWithAlertsProperties { -} +export type MdatpDataConnectorProperties = DataConnectorTenantId & DataConnectorWithAlertsProperties & {}; // @public export interface Metadata { @@ -3487,50 +3616,50 @@ export interface MetadataListOptionalParams extends coreClient.OperationOptions export type MetadataListResponse = MetadataList; // @public -export interface MetadataModel extends ResourceWithEtag { - author?: MetadataAuthor; - categories?: MetadataCategories; +export type MetadataModel = ResourceWithEtag & { contentId?: string; - contentSchemaVersion?: string; - customVersion?: string; - dependencies?: MetadataDependencies; - firstPublishDate?: Date; - icon?: string; - kind?: Kind; - lastPublishDate?: Date; parentId?: string; - previewImages?: string[]; - previewImagesDark?: string[]; - providers?: string[]; + version?: string; + kind?: Kind; source?: MetadataSource; + author?: MetadataAuthor; support?: MetadataSupport; + dependencies?: MetadataDependencies; + categories?: MetadataCategories; + providers?: string[]; + firstPublishDate?: Date; + lastPublishDate?: Date; + customVersion?: string; + contentSchemaVersion?: string; + icon?: string; threatAnalysisTactics?: string[]; threatAnalysisTechniques?: string[]; - version?: string; -} + previewImages?: string[]; + previewImagesDark?: string[]; +}; // @public -export interface MetadataPatch extends ResourceWithEtag { - author?: MetadataAuthor; - categories?: MetadataCategories; +export type MetadataPatch = ResourceWithEtag & { contentId?: string; - contentSchemaVersion?: string; - customVersion?: string; - dependencies?: MetadataDependencies; - firstPublishDate?: Date; - icon?: string; - kind?: Kind; - lastPublishDate?: Date; parentId?: string; - previewImages?: string[]; - previewImagesDark?: string[]; - providers?: string[]; + version?: string; + kind?: Kind; source?: MetadataSource; + author?: MetadataAuthor; support?: MetadataSupport; + dependencies?: MetadataDependencies; + categories?: MetadataCategories; + providers?: string[]; + firstPublishDate?: Date; + lastPublishDate?: Date; + customVersion?: string; + contentSchemaVersion?: string; + icon?: string; threatAnalysisTactics?: string[]; threatAnalysisTechniques?: string[]; - version?: string; -} + previewImages?: string[]; + previewImagesDark?: string[]; +}; // @public export interface MetadataSource { @@ -3555,17 +3684,17 @@ export interface MetadataUpdateOptionalParams extends coreClient.OperationOption export type MetadataUpdateResponse = MetadataModel; // @public -export interface MicrosoftSecurityIncidentCreationAlertRule extends AlertRule { +export type MicrosoftSecurityIncidentCreationAlertRule = AlertRule & { + displayNamesFilter?: string[]; + displayNamesExcludeFilter?: string[]; + productFilter?: MicrosoftSecurityProductName; + severitiesFilter?: AlertSeverity[]; alertRuleTemplateName?: string; description?: string; displayName?: string; - displayNamesExcludeFilter?: string[]; - displayNamesFilter?: string[]; enabled?: boolean; readonly lastModifiedUtc?: Date; - productFilter?: MicrosoftSecurityProductName; - severitiesFilter?: AlertSeverity[]; -} +}; // @public export interface MicrosoftSecurityIncidentCreationAlertRuleCommonProperties { @@ -3576,42 +3705,42 @@ export interface MicrosoftSecurityIncidentCreationAlertRuleCommonProperties { } // @public -export interface MicrosoftSecurityIncidentCreationAlertRuleProperties extends MicrosoftSecurityIncidentCreationAlertRuleCommonProperties { +export type MicrosoftSecurityIncidentCreationAlertRuleProperties = MicrosoftSecurityIncidentCreationAlertRuleCommonProperties & { alertRuleTemplateName?: string; description?: string; displayName: string; enabled: boolean; readonly lastModifiedUtc?: Date; -} +}; // @public -export interface MicrosoftSecurityIncidentCreationAlertRuleTemplate extends AlertRuleTemplate { +export type MicrosoftSecurityIncidentCreationAlertRuleTemplate = AlertRuleTemplate & { alertRulesCreatedByTemplateCount?: number; + readonly lastUpdatedDateUTC?: Date; readonly createdDateUTC?: Date; description?: string; displayName?: string; - displayNamesExcludeFilter?: string[]; + requiredDataConnectors?: AlertRuleTemplateDataSource[]; + status?: TemplateStatus; displayNamesFilter?: string[]; - readonly lastUpdatedDateUTC?: Date; + displayNamesExcludeFilter?: string[]; productFilter?: MicrosoftSecurityProductName; - requiredDataConnectors?: AlertRuleTemplateDataSource[]; severitiesFilter?: AlertSeverity[]; - status?: TemplateStatus; -} +}; // @public -export interface MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties extends AlertRuleTemplatePropertiesBase { - displayNamesExcludeFilter?: string[]; +export type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties = AlertRuleTemplatePropertiesBase & { displayNamesFilter?: string[]; + displayNamesExcludeFilter?: string[]; productFilter?: MicrosoftSecurityProductName; severitiesFilter?: AlertSeverity[]; -} +}; // @public export type MicrosoftSecurityProductName = string; // @public -export interface MLBehaviorAnalyticsAlertRule extends AlertRule { +export type MLBehaviorAnalyticsAlertRule = AlertRule & { alertRuleTemplateName?: string; readonly description?: string; readonly displayName?: string; @@ -3620,42 +3749,41 @@ export interface MLBehaviorAnalyticsAlertRule extends AlertRule { readonly severity?: AlertSeverity; readonly tactics?: AttackTactic[]; readonly techniques?: string[]; -} +}; // @public -export interface MLBehaviorAnalyticsAlertRuleTemplate extends AlertRuleTemplate { +export type MLBehaviorAnalyticsAlertRuleTemplate = AlertRuleTemplate & { alertRulesCreatedByTemplateCount?: number; + readonly lastUpdatedDateUTC?: Date; readonly createdDateUTC?: Date; description?: string; displayName?: string; - readonly lastUpdatedDateUTC?: Date; requiredDataConnectors?: AlertRuleTemplateDataSource[]; - severity?: AlertSeverity; status?: TemplateStatus; tactics?: AttackTactic[]; techniques?: string[]; -} + severity?: AlertSeverity; +}; // @public -export interface MLBehaviorAnalyticsAlertRuleTemplateProperties extends AlertRuleTemplateWithMitreProperties { +export type MLBehaviorAnalyticsAlertRuleTemplateProperties = AlertRuleTemplateWithMitreProperties & { severity: AlertSeverity; -} +}; // @public -export interface MstiCheckRequirements extends DataConnectorsCheckRequirements { +export type MstiCheckRequirements = DataConnectorsCheckRequirements & { kind: "MicrosoftThreatIntelligence"; tenantId?: string; -} +}; // @public -export interface MstiCheckRequirementsProperties extends DataConnectorTenantId { -} +export type MstiCheckRequirementsProperties = DataConnectorTenantId & {}; // @public -export interface MstiDataConnector extends DataConnector { - dataTypes?: MstiDataConnectorDataTypes; +export type MstiDataConnector = DataConnector & { tenantId?: string; -} + dataTypes?: MstiDataConnectorDataTypes; +}; // @public export interface MstiDataConnectorDataTypes { @@ -3664,35 +3792,34 @@ export interface MstiDataConnectorDataTypes { } // @public -export interface MstiDataConnectorDataTypesBingSafetyPhishingURL extends DataConnectorDataTypeCommon { +export type MstiDataConnectorDataTypesBingSafetyPhishingURL = DataConnectorDataTypeCommon & { lookbackPeriod: string; -} +}; // @public -export interface MstiDataConnectorDataTypesMicrosoftEmergingThreatFeed extends DataConnectorDataTypeCommon { +export type MstiDataConnectorDataTypesMicrosoftEmergingThreatFeed = DataConnectorDataTypeCommon & { lookbackPeriod: string; -} +}; // @public -export interface MstiDataConnectorProperties extends DataConnectorTenantId { +export type MstiDataConnectorProperties = DataConnectorTenantId & { dataTypes: MstiDataConnectorDataTypes; -} +}; // @public -export interface MtpCheckRequirements extends DataConnectorsCheckRequirements { +export type MtpCheckRequirements = DataConnectorsCheckRequirements & { kind: "MicrosoftThreatProtection"; tenantId?: string; -} +}; // @public -export interface MTPCheckRequirementsProperties extends DataConnectorTenantId { -} +export type MTPCheckRequirementsProperties = DataConnectorTenantId & {}; // @public -export interface MTPDataConnector extends DataConnector { - dataTypes?: MTPDataConnectorDataTypes; +export type MTPDataConnector = DataConnector & { tenantId?: string; -} + dataTypes?: MTPDataConnectorDataTypes; +}; // @public export interface MTPDataConnectorDataTypes { @@ -3700,88 +3827,85 @@ export interface MTPDataConnectorDataTypes { } // @public -export interface MTPDataConnectorDataTypesIncidents extends DataConnectorDataTypeCommon { -} +export type MTPDataConnectorDataTypesIncidents = DataConnectorDataTypeCommon & {}; // @public -export interface MTPDataConnectorProperties extends DataConnectorTenantId { +export type MTPDataConnectorProperties = DataConnectorTenantId & { dataTypes: MTPDataConnectorDataTypes; -} +}; // @public -export interface NicEntity extends Entity { +export type NicEntity = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; readonly friendlyName?: string; - readonly ipAddressEntityId?: string; readonly macAddress?: string; + readonly ipAddressEntityId?: string; readonly vlans?: string[]; -} +}; // @public -export interface NicEntityProperties extends EntityCommonProperties { - readonly ipAddressEntityId?: string; +export type NicEntityProperties = EntityCommonProperties & { readonly macAddress?: string; + readonly ipAddressEntityId?: string; readonly vlans?: string[]; -} +}; // @public -export interface NrtAlertRule extends AlertRule { - alertDetailsOverride?: AlertDetailsOverride; +export type NrtAlertRule = AlertRule & { alertRuleTemplateName?: string; - customDetails?: { - [propertyName: string]: string; - }; + templateVersion?: string; description?: string; + query?: string; + tactics?: AttackTactic[]; + techniques?: string[]; displayName?: string; enabled?: boolean; - entityMappings?: EntityMapping[]; - incidentConfiguration?: IncidentConfiguration; readonly lastModifiedUtc?: Date; - query?: string; - severity?: AlertSeverity; suppressionDuration?: string; suppressionEnabled?: boolean; - tactics?: AttackTactic[]; - techniques?: string[]; - templateVersion?: string; -} + severity?: AlertSeverity; + incidentConfiguration?: IncidentConfiguration; + customDetails?: { + [propertyName: string]: string; + }; + entityMappings?: EntityMapping[]; + alertDetailsOverride?: AlertDetailsOverride; +}; // @public -export interface NrtAlertRuleTemplate extends AlertRuleTemplate { - alertDetailsOverride?: AlertDetailsOverride; +export type NrtAlertRuleTemplate = AlertRuleTemplate & { alertRulesCreatedByTemplateCount?: number; + readonly lastUpdatedDateUTC?: Date; readonly createdDateUTC?: Date; - customDetails?: { - [propertyName: string]: string; - }; description?: string; displayName?: string; - entityMappings?: EntityMapping[]; - readonly lastUpdatedDateUTC?: Date; - query?: string; requiredDataConnectors?: AlertRuleTemplateDataSource[]; - severity?: AlertSeverity; status?: TemplateStatus; tactics?: AttackTactic[]; techniques?: string[]; + query?: string; + severity?: AlertSeverity; version?: string; -} + customDetails?: { + [propertyName: string]: string; + }; + entityMappings?: EntityMapping[]; + alertDetailsOverride?: AlertDetailsOverride; +}; // @public -export interface NrtAlertRuleTemplateProperties extends AlertRuleTemplateWithMitreProperties, QueryBasedAlertRuleTemplateProperties { -} +export type NrtAlertRuleTemplateProperties = AlertRuleTemplateWithMitreProperties & QueryBasedAlertRuleTemplateProperties & {}; // @public -export interface Office365ProjectCheckRequirements extends DataConnectorsCheckRequirements { +export type Office365ProjectCheckRequirements = DataConnectorsCheckRequirements & { kind: "Office365Project"; tenantId?: string; -} +}; // @public -export interface Office365ProjectCheckRequirementsProperties extends DataConnectorTenantId { -} +export type Office365ProjectCheckRequirementsProperties = DataConnectorTenantId & {}; // @public export interface Office365ProjectConnectorDataTypes { @@ -3789,45 +3913,42 @@ export interface Office365ProjectConnectorDataTypes { } // @public -export interface Office365ProjectConnectorDataTypesLogs extends DataConnectorDataTypeCommon { -} +export type Office365ProjectConnectorDataTypesLogs = DataConnectorDataTypeCommon & {}; // @public -export interface Office365ProjectDataConnector extends DataConnector { - dataTypes?: Office365ProjectConnectorDataTypes; +export type Office365ProjectDataConnector = DataConnector & { tenantId?: string; -} + dataTypes?: Office365ProjectConnectorDataTypes; +}; // @public -export interface Office365ProjectDataConnectorProperties extends DataConnectorTenantId { +export type Office365ProjectDataConnectorProperties = DataConnectorTenantId & { dataTypes: Office365ProjectConnectorDataTypes; -} +}; // @public -export interface OfficeATPCheckRequirements extends DataConnectorsCheckRequirements { +export type OfficeATPCheckRequirements = DataConnectorsCheckRequirements & { kind: "OfficeATP"; tenantId?: string; -} +}; // @public -export interface OfficeATPCheckRequirementsProperties extends DataConnectorTenantId { -} +export type OfficeATPCheckRequirementsProperties = DataConnectorTenantId & {}; // @public -export interface OfficeATPDataConnector extends DataConnector { - dataTypes?: AlertsDataTypeOfDataConnector; +export type OfficeATPDataConnector = DataConnector & { tenantId?: string; -} + dataTypes?: AlertsDataTypeOfDataConnector; +}; // @public -export interface OfficeATPDataConnectorProperties extends DataConnectorTenantId, DataConnectorWithAlertsProperties { -} +export type OfficeATPDataConnectorProperties = DataConnectorTenantId & DataConnectorWithAlertsProperties & {}; // @public -export interface OfficeConsent extends Resource { - consentId?: string; +export type OfficeConsent = Resource & { tenantId?: string; -} + consentId?: string; +}; // @public export interface OfficeConsentList { @@ -3868,10 +3989,10 @@ export interface OfficeConsentsListOptionalParams extends coreClient.OperationOp export type OfficeConsentsListResponse = OfficeConsentList; // @public -export interface OfficeDataConnector extends DataConnector { - dataTypes?: OfficeDataConnectorDataTypes; +export type OfficeDataConnector = DataConnector & { tenantId?: string; -} + dataTypes?: OfficeDataConnectorDataTypes; +}; // @public export interface OfficeDataConnectorDataTypes { @@ -3881,51 +4002,45 @@ export interface OfficeDataConnectorDataTypes { } // @public -export interface OfficeDataConnectorDataTypesExchange extends DataConnectorDataTypeCommon { -} +export type OfficeDataConnectorDataTypesExchange = DataConnectorDataTypeCommon & {}; // @public -export interface OfficeDataConnectorDataTypesSharePoint extends DataConnectorDataTypeCommon { -} +export type OfficeDataConnectorDataTypesSharePoint = DataConnectorDataTypeCommon & {}; // @public -export interface OfficeDataConnectorDataTypesTeams extends DataConnectorDataTypeCommon { -} +export type OfficeDataConnectorDataTypesTeams = DataConnectorDataTypeCommon & {}; // @public -export interface OfficeDataConnectorProperties extends DataConnectorTenantId { +export type OfficeDataConnectorProperties = DataConnectorTenantId & { dataTypes: OfficeDataConnectorDataTypes; -} +}; // @public -export interface OfficeIRMCheckRequirements extends DataConnectorsCheckRequirements { +export type OfficeIRMCheckRequirements = DataConnectorsCheckRequirements & { kind: "OfficeIRM"; tenantId?: string; -} +}; // @public -export interface OfficeIRMCheckRequirementsProperties extends DataConnectorTenantId { -} +export type OfficeIRMCheckRequirementsProperties = DataConnectorTenantId & {}; // @public -export interface OfficeIRMDataConnector extends DataConnector { - dataTypes?: AlertsDataTypeOfDataConnector; +export type OfficeIRMDataConnector = DataConnector & { tenantId?: string; -} + dataTypes?: AlertsDataTypeOfDataConnector; +}; // @public -export interface OfficeIRMDataConnectorProperties extends DataConnectorTenantId, DataConnectorWithAlertsProperties { -} +export type OfficeIRMDataConnectorProperties = DataConnectorTenantId & DataConnectorWithAlertsProperties & {}; // @public -export interface OfficePowerBICheckRequirements extends DataConnectorsCheckRequirements { +export type OfficePowerBICheckRequirements = DataConnectorsCheckRequirements & { kind: "OfficePowerBI"; tenantId?: string; -} +}; // @public -export interface OfficePowerBICheckRequirementsProperties extends DataConnectorTenantId { -} +export type OfficePowerBICheckRequirementsProperties = DataConnectorTenantId & {}; // @public export interface OfficePowerBIConnectorDataTypes { @@ -3933,19 +4048,18 @@ export interface OfficePowerBIConnectorDataTypes { } // @public -export interface OfficePowerBIConnectorDataTypesLogs extends DataConnectorDataTypeCommon { -} +export type OfficePowerBIConnectorDataTypesLogs = DataConnectorDataTypeCommon & {}; // @public -export interface OfficePowerBIDataConnector extends DataConnector { - dataTypes?: OfficePowerBIConnectorDataTypes; +export type OfficePowerBIDataConnector = DataConnector & { tenantId?: string; -} + dataTypes?: OfficePowerBIConnectorDataTypes; +}; // @public -export interface OfficePowerBIDataConnectorProperties extends DataConnectorTenantId { +export type OfficePowerBIDataConnectorProperties = DataConnectorTenantId & { dataTypes: OfficePowerBIConnectorDataTypes; -} +}; // @public export interface Operation { @@ -4011,12 +4125,10 @@ interface Permissions_2 { export { Permissions_2 as Permissions } // @public (undocumented) -export interface PermissionsCustomsItem extends Customs { -} +export type PermissionsCustomsItem = Customs & {}; // @public (undocumented) -export interface PermissionsResourceProviderItem extends ResourceProvider { -} +export type PermissionsResourceProviderItem = ResourceProvider & {}; // @public (undocumented) export interface PlaybookActionProperties { @@ -4028,24 +4140,24 @@ export interface PlaybookActionProperties { export type PollingFrequency = string; // @public -export interface ProcessEntity extends Entity { - readonly accountEntityId?: string; +export type ProcessEntity = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; + readonly friendlyName?: string; + readonly accountEntityId?: string; readonly commandLine?: string; readonly creationTimeUtc?: Date; elevationToken?: ElevationToken; - readonly friendlyName?: string; readonly hostEntityId?: string; readonly hostLogonSessionEntityId?: string; readonly imageFileEntityId?: string; readonly parentProcessEntityId?: string; readonly processId?: string; -} +}; // @public -export interface ProcessEntityProperties extends EntityCommonProperties { +export type ProcessEntityProperties = EntityCommonProperties & { readonly accountEntityId?: string; readonly commandLine?: string; readonly creationTimeUtc?: Date; @@ -4055,7 +4167,7 @@ export interface ProcessEntityProperties extends EntityCommonProperties { readonly imageFileEntityId?: string; readonly parentProcessEntityId?: string; readonly processId?: string; -} +}; // @public export interface ProductSettings { @@ -4091,25 +4203,22 @@ export interface ProductSettingsUpdateOptionalParams extends coreClient.Operatio export type ProductSettingsUpdateResponse = SettingsUnion; // @public -export interface PropertyArrayChangedConditionProperties extends AutomationRuleCondition { - // (undocumented) - conditionProperties?: AutomationRulePropertyArrayChangedValuesCondition; +export type PropertyArrayChangedConditionProperties = AutomationRuleCondition & { conditionType: "PropertyArrayChanged"; -} + conditionProperties?: AutomationRulePropertyArrayChangedValuesCondition; +}; // @public -export interface PropertyChangedConditionProperties extends AutomationRuleCondition { - // (undocumented) - conditionProperties?: AutomationRulePropertyValuesChangedCondition; +export type PropertyChangedConditionProperties = AutomationRuleCondition & { conditionType: "PropertyChanged"; -} + conditionProperties?: AutomationRulePropertyValuesChangedCondition; +}; // @public -export interface PropertyConditionProperties extends AutomationRuleCondition { - // (undocumented) - conditionProperties?: AutomationRulePropertyValuesCondition; +export type PropertyConditionProperties = AutomationRuleCondition & { conditionType: "Property"; -} + conditionProperties?: AutomationRulePropertyValuesCondition; +}; // @public export type ProviderName = string; @@ -4130,23 +4239,23 @@ export interface QueryBasedAlertRuleTemplateProperties { export type RegistryHive = string; // @public -export interface RegistryKeyEntity extends Entity { +export type RegistryKeyEntity = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; readonly friendlyName?: string; readonly hive?: RegistryHive; readonly key?: string; -} +}; // @public -export interface RegistryKeyEntityProperties extends EntityCommonProperties { +export type RegistryKeyEntityProperties = EntityCommonProperties & { readonly hive?: RegistryHive; readonly key?: string; -} +}; // @public -export interface RegistryValueEntity extends Entity { +export type RegistryValueEntity = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; @@ -4155,26 +4264,26 @@ export interface RegistryValueEntity extends Entity { readonly valueData?: string; readonly valueName?: string; readonly valueType?: RegistryValueKind; -} +}; // @public -export interface RegistryValueEntityProperties extends EntityCommonProperties { +export type RegistryValueEntityProperties = EntityCommonProperties & { readonly keyEntityId?: string; readonly valueData?: string; readonly valueName?: string; readonly valueType?: RegistryValueKind; -} +}; // @public export type RegistryValueKind = string; // @public -export interface Relation extends ResourceWithEtag { +export type Relation = ResourceWithEtag & { relatedResourceId?: string; - readonly relatedResourceKind?: string; readonly relatedResourceName?: string; readonly relatedResourceType?: string; -} + readonly relatedResourceKind?: string; +}; // @public export interface RelationList { @@ -4240,9 +4349,9 @@ export interface ResourceProvider { } // @public -export interface ResourceWithEtag extends Resource { +export type ResourceWithEtag = Resource & { etag?: string; -} +}; // @public export interface SampleQueries { @@ -4251,31 +4360,31 @@ export interface SampleQueries { } // @public -export interface ScheduledAlertRule extends AlertRule { - alertDetailsOverride?: AlertDetailsOverride; - alertRuleTemplateName?: string; +export type ScheduledAlertRule = AlertRule & { + query?: string; + queryFrequency?: string; + queryPeriod?: string; + severity?: AlertSeverity; + triggerOperator?: TriggerOperator; + triggerThreshold?: number; + eventGroupingSettings?: EventGroupingSettings; customDetails?: { [propertyName: string]: string; }; + entityMappings?: EntityMapping[]; + alertDetailsOverride?: AlertDetailsOverride; + alertRuleTemplateName?: string; + templateVersion?: string; description?: string; displayName?: string; enabled?: boolean; - entityMappings?: EntityMapping[]; - eventGroupingSettings?: EventGroupingSettings; - incidentConfiguration?: IncidentConfiguration; readonly lastModifiedUtc?: Date; - query?: string; - queryFrequency?: string; - queryPeriod?: string; - severity?: AlertSeverity; suppressionDuration?: string; suppressionEnabled?: boolean; tactics?: AttackTactic[]; techniques?: string[]; - templateVersion?: string; - triggerOperator?: TriggerOperator; - triggerThreshold?: number; -} + incidentConfiguration?: IncidentConfiguration; +}; // @public export interface ScheduledAlertRuleCommonProperties { @@ -4294,53 +4403,53 @@ export interface ScheduledAlertRuleCommonProperties { } // @public -export interface ScheduledAlertRuleProperties extends ScheduledAlertRuleCommonProperties { +export type ScheduledAlertRuleProperties = ScheduledAlertRuleCommonProperties & { alertRuleTemplateName?: string; + templateVersion?: string; description?: string; displayName: string; enabled: boolean; - incidentConfiguration?: IncidentConfiguration; readonly lastModifiedUtc?: Date; suppressionDuration: string; suppressionEnabled: boolean; tactics?: AttackTactic[]; techniques?: string[]; - templateVersion?: string; -} + incidentConfiguration?: IncidentConfiguration; +}; // @public -export interface ScheduledAlertRuleTemplate extends AlertRuleTemplate { - alertDetailsOverride?: AlertDetailsOverride; +export type ScheduledAlertRuleTemplate = AlertRuleTemplate & { alertRulesCreatedByTemplateCount?: number; readonly createdDateUTC?: Date; - customDetails?: { - [propertyName: string]: string; - }; + readonly lastUpdatedDateUTC?: Date; description?: string; displayName?: string; - entityMappings?: EntityMapping[]; - eventGroupingSettings?: EventGroupingSettings; - readonly lastUpdatedDateUTC?: Date; + requiredDataConnectors?: AlertRuleTemplateDataSource[]; + status?: TemplateStatus; query?: string; queryFrequency?: string; queryPeriod?: string; - requiredDataConnectors?: AlertRuleTemplateDataSource[]; severity?: AlertSeverity; - status?: TemplateStatus; - tactics?: AttackTactic[]; - techniques?: string[]; triggerOperator?: TriggerOperator; triggerThreshold?: number; + tactics?: AttackTactic[]; + techniques?: string[]; version?: string; -} + eventGroupingSettings?: EventGroupingSettings; + customDetails?: { + [propertyName: string]: string; + }; + entityMappings?: EntityMapping[]; + alertDetailsOverride?: AlertDetailsOverride; +}; // @public -export interface SecurityAlert extends Entity { +export type SecurityAlert = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; + readonly friendlyName?: string; readonly alertDisplayName?: string; - readonly alertLink?: string; readonly alertType?: string; readonly compromisedEntity?: string; readonly confidenceLevel?: ConfidenceLevel; @@ -4349,15 +4458,13 @@ export interface SecurityAlert extends Entity { readonly confidenceScoreStatus?: ConfidenceScoreStatus; readonly description?: string; readonly endTimeUtc?: Date; - readonly friendlyName?: string; readonly intent?: KillChainIntent; + readonly providerAlertId?: string; readonly processingEndTime?: Date; readonly productComponentName?: string; readonly productName?: string; readonly productVersion?: string; - readonly providerAlertId?: string; readonly remediationSteps?: string[]; - readonly resourceIdentifiers?: Record[]; severity?: AlertSeverity; readonly startTimeUtc?: Date; readonly status?: AlertStatus; @@ -4365,12 +4472,13 @@ export interface SecurityAlert extends Entity { readonly tactics?: AttackTactic[]; readonly timeGenerated?: Date; readonly vendorName?: string; -} + readonly alertLink?: string; + readonly resourceIdentifiers?: Record[]; +}; // @public -export interface SecurityAlertProperties extends EntityCommonProperties { +export type SecurityAlertProperties = EntityCommonProperties & { readonly alertDisplayName?: string; - readonly alertLink?: string; readonly alertType?: string; readonly compromisedEntity?: string; readonly confidenceLevel?: ConfidenceLevel; @@ -4380,13 +4488,12 @@ export interface SecurityAlertProperties extends EntityCommonProperties { readonly description?: string; readonly endTimeUtc?: Date; readonly intent?: KillChainIntent; + readonly providerAlertId?: string; readonly processingEndTime?: Date; readonly productComponentName?: string; readonly productName?: string; readonly productVersion?: string; - readonly providerAlertId?: string; readonly remediationSteps?: string[]; - readonly resourceIdentifiers?: Record[]; severity?: AlertSeverity; readonly startTimeUtc?: Date; readonly status?: AlertStatus; @@ -4394,7 +4501,9 @@ export interface SecurityAlertProperties extends EntityCommonProperties { readonly tactics?: AttackTactic[]; readonly timeGenerated?: Date; readonly vendorName?: string; -} + readonly alertLink?: string; + readonly resourceIdentifiers?: Record[]; +}; // @public export interface SecurityAlertPropertiesConfidenceReasonsItem { @@ -4403,36 +4512,36 @@ export interface SecurityAlertPropertiesConfidenceReasonsItem { } // @public -export interface SecurityAlertTimelineItem extends EntityTimelineItem { - alertType: string; +export type SecurityAlertTimelineItem = EntityTimelineItem & { + kind: "SecurityAlert"; azureResourceId: string; + productName?: string; description?: string; displayName: string; - endTimeUtc: Date; - kind: "SecurityAlert"; - productName?: string; severity: AlertSeverity; + endTimeUtc: Date; startTimeUtc: Date; timeGenerated: Date; -} + alertType: string; +}; // @public -export interface SecurityGroupEntity extends Entity { +export type SecurityGroupEntity = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; - readonly distinguishedName?: string; readonly friendlyName?: string; + readonly distinguishedName?: string; readonly objectGuid?: string; readonly sid?: string; -} +}; // @public -export interface SecurityGroupEntityProperties extends EntityCommonProperties { +export type SecurityGroupEntityProperties = EntityCommonProperties & { readonly distinguishedName?: string; readonly objectGuid?: string; readonly sid?: string; -} +}; // @public (undocumented) export class SecurityInsights extends coreClient.ServiceClient { @@ -4519,9 +4628,9 @@ export interface SecurityInsightsOptionalParams extends coreClient.ServiceClient } // @public -export interface SecurityMLAnalyticsSetting extends ResourceWithEtag { +export type SecurityMLAnalyticsSetting = ResourceWithEtag & { kind: SecurityMLAnalyticsSettingsKind; -} +}; // @public export interface SecurityMLAnalyticsSettings { @@ -4582,9 +4691,9 @@ export type SecurityMLAnalyticsSettingsListResponse = SecurityMLAnalyticsSetting export type SecurityMLAnalyticsSettingUnion = SecurityMLAnalyticsSetting | AnomalySecurityMLAnalyticsSettings; // @public -export interface SentinelOnboardingState extends ResourceWithEtag { +export type SentinelOnboardingState = ResourceWithEtag & { customerManagedKey?: boolean; -} +}; // @public export interface SentinelOnboardingStates { @@ -4634,9 +4743,9 @@ export interface SettingList { } // @public -export interface Settings extends ResourceWithEtag { +export type Settings = ResourceWithEtag & { kind: SettingKind; -} +}; // @public export type SettingsStatus = string; @@ -4648,17 +4757,17 @@ export type SettingsUnion = Settings | Anomalies | EyesOn | EntityAnalytics | Ue export type SettingType = string; // @public -export interface SourceControl extends ResourceWithEtag { - contentTypes?: ContentType[]; - description?: string; - displayName?: string; +export type SourceControl = ResourceWithEtag & { idPropertiesId?: string; - lastDeploymentInfo?: DeploymentInfo; + version?: Version; + displayName?: string; + description?: string; + repoType?: RepoType; + contentTypes?: ContentType[]; repository?: Repository; repositoryResourceInfo?: RepositoryResourceInfo; - repoType?: RepoType; - version?: Version; -} + lastDeploymentInfo?: DeploymentInfo; +}; // @public export interface SourceControlList { @@ -4732,36 +4841,36 @@ export type SourceKind = string; export type SourceType = string; // @public -export interface SubmissionMailEntity extends Entity { +export type SubmissionMailEntity = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; readonly friendlyName?: string; readonly networkMessageId?: string; + readonly submissionId?: string; + readonly submitter?: string; + readonly submissionDate?: Date; + readonly timestamp?: Date; readonly recipient?: string; - readonly reportType?: string; readonly sender?: string; readonly senderIp?: string; readonly subject?: string; - readonly submissionDate?: Date; - readonly submissionId?: string; - readonly submitter?: string; - readonly timestamp?: Date; -} + readonly reportType?: string; +}; // @public -export interface SubmissionMailEntityProperties extends EntityCommonProperties { +export type SubmissionMailEntityProperties = EntityCommonProperties & { readonly networkMessageId?: string; + readonly submissionId?: string; + readonly submitter?: string; + readonly submissionDate?: Date; + readonly timestamp?: Date; readonly recipient?: string; - readonly reportType?: string; readonly sender?: string; readonly senderIp?: string; readonly subject?: string; - readonly submissionDate?: Date; - readonly submissionId?: string; - readonly submitter?: string; - readonly timestamp?: Date; -} + readonly reportType?: string; +}; // @public export type SupportTier = string; @@ -4807,7 +4916,7 @@ export interface ThreatIntelligence { } // @public -export interface ThreatIntelligenceAlertRule extends AlertRule { +export type ThreatIntelligenceAlertRule = AlertRule & { alertRuleTemplateName?: string; readonly description?: string; readonly displayName?: string; @@ -4816,26 +4925,26 @@ export interface ThreatIntelligenceAlertRule extends AlertRule { readonly severity?: AlertSeverity; readonly tactics?: AttackTactic[]; readonly techniques?: string[]; -} +}; // @public -export interface ThreatIntelligenceAlertRuleTemplate extends AlertRuleTemplate { +export type ThreatIntelligenceAlertRuleTemplate = AlertRuleTemplate & { alertRulesCreatedByTemplateCount?: number; + readonly lastUpdatedDateUTC?: Date; readonly createdDateUTC?: Date; description?: string; displayName?: string; - readonly lastUpdatedDateUTC?: Date; requiredDataConnectors?: AlertRuleTemplateDataSource[]; - severity?: AlertSeverity; status?: TemplateStatus; tactics?: AttackTactic[]; techniques?: string[]; -} + severity?: AlertSeverity; +}; // @public -export interface ThreatIntelligenceAlertRuleTemplateProperties extends AlertRuleTemplateWithMitreProperties { +export type ThreatIntelligenceAlertRuleTemplateProperties = AlertRuleTemplateWithMitreProperties & { severity: AlertSeverity; -} +}; // @public export interface ThreatIntelligenceAppendTags { @@ -4930,76 +5039,76 @@ export interface ThreatIntelligenceIndicatorMetricsListOptionalParams extends co export type ThreatIntelligenceIndicatorMetricsListResponse = ThreatIntelligenceMetricsList; // @public -export interface ThreatIntelligenceIndicatorModel extends ThreatIntelligenceInformation { +export type ThreatIntelligenceIndicatorModel = ThreatIntelligenceInformation & { readonly additionalData?: { [propertyName: string]: Record; }; - confidence?: number; - created?: string; - createdByRef?: string; - defanged?: boolean; - description?: string; + readonly friendlyName?: string; + threatIntelligenceTags?: string[]; + lastUpdatedTimeUtc?: string; + source?: string; displayName?: string; - extensions?: { - [propertyName: string]: any; - }; + description?: string; + indicatorTypes?: string[]; + pattern?: string; + patternType?: string; + patternVersion?: string; + killChainPhases?: ThreatIntelligenceKillChainPhase[]; + parsedPattern?: ThreatIntelligenceParsedPattern[]; externalId?: string; + createdByRef?: string; + defanged?: boolean; externalLastUpdatedTimeUtc?: string; externalReferences?: ThreatIntelligenceExternalReference[]; - readonly friendlyName?: string; granularMarkings?: ThreatIntelligenceGranularMarkingModel[]; - indicatorTypes?: string[]; - killChainPhases?: ThreatIntelligenceKillChainPhase[]; labels?: string[]; - language?: string; - lastUpdatedTimeUtc?: string; - modified?: string; - objectMarkingRefs?: string[]; - parsedPattern?: ThreatIntelligenceParsedPattern[]; - pattern?: string; - patternType?: string; - patternVersion?: string; revoked?: boolean; - source?: string; - threatIntelligenceTags?: string[]; + confidence?: number; + objectMarkingRefs?: string[]; + language?: string; threatTypes?: string[]; validFrom?: string; validUntil?: string; -} - -// @public -export interface ThreatIntelligenceIndicatorProperties extends EntityCommonProperties { - confidence?: number; created?: string; - createdByRef?: string; - defanged?: boolean; - description?: string; - displayName?: string; + modified?: string; extensions?: { [propertyName: string]: any; }; +}; + +// @public +export type ThreatIntelligenceIndicatorProperties = EntityCommonProperties & { + threatIntelligenceTags?: string[]; + lastUpdatedTimeUtc?: string; + source?: string; + displayName?: string; + description?: string; + indicatorTypes?: string[]; + pattern?: string; + patternType?: string; + patternVersion?: string; + killChainPhases?: ThreatIntelligenceKillChainPhase[]; + parsedPattern?: ThreatIntelligenceParsedPattern[]; externalId?: string; + createdByRef?: string; + defanged?: boolean; externalLastUpdatedTimeUtc?: string; externalReferences?: ThreatIntelligenceExternalReference[]; granularMarkings?: ThreatIntelligenceGranularMarkingModel[]; - indicatorTypes?: string[]; - killChainPhases?: ThreatIntelligenceKillChainPhase[]; labels?: string[]; - language?: string; - lastUpdatedTimeUtc?: string; - modified?: string; - objectMarkingRefs?: string[]; - parsedPattern?: ThreatIntelligenceParsedPattern[]; - pattern?: string; - patternType?: string; - patternVersion?: string; revoked?: boolean; - source?: string; - threatIntelligenceTags?: string[]; + confidence?: number; + objectMarkingRefs?: string[]; + language?: string; threatTypes?: string[]; validFrom?: string; validUntil?: string; -} + created?: string; + modified?: string; + extensions?: { + [propertyName: string]: any; + }; +}; // @public export interface ThreatIntelligenceIndicatorQueryIndicatorsNextOptionalParams extends coreClient.OperationOptions { @@ -5050,9 +5159,9 @@ export interface ThreatIntelligenceIndicatorsListOptionalParams extends coreClie export type ThreatIntelligenceIndicatorsListResponse = ThreatIntelligenceInformationList; // @public -export interface ThreatIntelligenceInformation extends ResourceWithEtag { +export type ThreatIntelligenceInformation = ResourceWithEtag & { kind: ThreatIntelligenceResourceKindEnum; -} +}; // @public export interface ThreatIntelligenceInformationList { @@ -5118,21 +5227,20 @@ export interface ThreatIntelligenceSortingCriteria { export type ThreatIntelligenceSortingCriteriaEnum = string; // @public -export interface TICheckRequirements extends DataConnectorsCheckRequirements { +export type TICheckRequirements = DataConnectorsCheckRequirements & { kind: "ThreatIntelligence"; tenantId?: string; -} +}; // @public -export interface TICheckRequirementsProperties extends DataConnectorTenantId { -} +export type TICheckRequirementsProperties = DataConnectorTenantId & {}; // @public -export interface TIDataConnector extends DataConnector { - dataTypes?: TIDataConnectorDataTypes; +export type TIDataConnector = DataConnector & { tenantId?: string; tipLookbackPeriod?: Date; -} + dataTypes?: TIDataConnectorDataTypes; +}; // @public export interface TIDataConnectorDataTypes { @@ -5140,14 +5248,13 @@ export interface TIDataConnectorDataTypes { } // @public -export interface TIDataConnectorDataTypesIndicators extends DataConnectorDataTypeCommon { -} +export type TIDataConnectorDataTypesIndicators = DataConnectorDataTypeCommon & {}; // @public -export interface TIDataConnectorProperties extends DataConnectorTenantId { - dataTypes: TIDataConnectorDataTypes; +export type TIDataConnectorProperties = DataConnectorTenantId & { tipLookbackPeriod?: Date; -} + dataTypes: TIDataConnectorDataTypes; +}; // @public export interface TimelineAggregation { @@ -5170,28 +5277,27 @@ export interface TimelineResultsMetadata { } // @public -export interface TiTaxiiCheckRequirements extends DataConnectorsCheckRequirements { +export type TiTaxiiCheckRequirements = DataConnectorsCheckRequirements & { kind: "ThreatIntelligenceTaxii"; tenantId?: string; -} +}; // @public -export interface TiTaxiiCheckRequirementsProperties extends DataConnectorTenantId { -} +export type TiTaxiiCheckRequirementsProperties = DataConnectorTenantId & {}; // @public -export interface TiTaxiiDataConnector extends DataConnector { - collectionId?: string; - dataTypes?: TiTaxiiDataConnectorDataTypes; +export type TiTaxiiDataConnector = DataConnector & { + tenantId?: string; + workspaceId?: string; friendlyName?: string; - password?: string; - pollingFrequency?: PollingFrequency; - taxiiLookbackPeriod?: Date; taxiiServer?: string; - tenantId?: string; + collectionId?: string; userName?: string; - workspaceId?: string; -} + password?: string; + taxiiLookbackPeriod?: Date; + pollingFrequency?: PollingFrequency; + dataTypes?: TiTaxiiDataConnectorDataTypes; +}; // @public export interface TiTaxiiDataConnectorDataTypes { @@ -5199,21 +5305,20 @@ export interface TiTaxiiDataConnectorDataTypes { } // @public -export interface TiTaxiiDataConnectorDataTypesTaxiiClient extends DataConnectorDataTypeCommon { -} +export type TiTaxiiDataConnectorDataTypesTaxiiClient = DataConnectorDataTypeCommon & {}; // @public -export interface TiTaxiiDataConnectorProperties extends DataConnectorTenantId { - collectionId?: string; - dataTypes: TiTaxiiDataConnectorDataTypes; +export type TiTaxiiDataConnectorProperties = DataConnectorTenantId & { + workspaceId?: string; friendlyName?: string; - password?: string; - pollingFrequency: PollingFrequency | null; - taxiiLookbackPeriod?: Date; taxiiServer?: string; + collectionId?: string; userName?: string; - workspaceId?: string; -} + password?: string; + taxiiLookbackPeriod?: Date; + pollingFrequency: PollingFrequency | null; + dataTypes: TiTaxiiDataConnectorDataTypes; +}; // @public export type TriggerOperator = "GreaterThan" | "LessThan" | "Equal" | "NotEqual"; @@ -5225,26 +5330,26 @@ export type TriggersOn = string; export type TriggersWhen = string; // @public -export interface Ueba extends Settings { +export type Ueba = Settings & { dataSources?: UebaDataSources[]; -} +}; // @public export type UebaDataSources = string; // @public -export interface UrlEntity extends Entity { +export type UrlEntity = Entity & { readonly additionalData?: { [propertyName: string]: Record; }; readonly friendlyName?: string; readonly url?: string; -} +}; // @public -export interface UrlEntityProperties extends EntityCommonProperties { +export type UrlEntityProperties = EntityCommonProperties & { readonly url?: string; -} +}; // @public export interface UserInfo { @@ -5257,47 +5362,47 @@ export interface UserInfo { export type Version = string; // @public -export interface Watchlist extends ResourceWithEtag { - contentType?: string; +export type Watchlist = ResourceWithEtag & { + watchlistId?: string; + displayName?: string; + provider?: string; + source?: string; + sourceType?: SourceType; created?: Date; + updated?: Date; createdBy?: UserInfo; - defaultDuration?: string; + updatedBy?: UserInfo; description?: string; - displayName?: string; + watchlistType?: string; + watchlistAlias?: string; isDeleted?: boolean; - itemsSearchKey?: string; labels?: string[]; + defaultDuration?: string; + tenantId?: string; numberOfLinesToSkip?: number; - provider?: string; rawContent?: string; - source?: string; - sourceType?: SourceType; - tenantId?: string; - updated?: Date; - updatedBy?: UserInfo; + itemsSearchKey?: string; + contentType?: string; uploadStatus?: string; - watchlistAlias?: string; - watchlistId?: string; - watchlistType?: string; -} +}; // @public -export interface WatchlistItem extends ResourceWithEtag { +export type WatchlistItem = ResourceWithEtag & { + watchlistItemType?: string; + watchlistItemId?: string; + tenantId?: string; + isDeleted?: boolean; created?: Date; + updated?: Date; createdBy?: UserInfo; - entityMapping?: { + updatedBy?: UserInfo; + itemsKeyValue?: { [propertyName: string]: any; }; - isDeleted?: boolean; - itemsKeyValue?: { + entityMapping?: { [propertyName: string]: any; }; - tenantId?: string; - updated?: Date; - updatedBy?: UserInfo; - watchlistItemId?: string; - watchlistItemType?: string; -} +}; // @public export interface WatchlistItemList { diff --git a/sdk/securityinsight/arm-securityinsight/src/models/index.ts b/sdk/securityinsight/arm-securityinsight/src/models/index.ts index 955be7527e0d..e2929e2d1cc9 100644 --- a/sdk/securityinsight/arm-securityinsight/src/models/index.ts +++ b/sdk/securityinsight/arm-securityinsight/src/models/index.ts @@ -271,7 +271,7 @@ export interface AutomationRulesList { export interface ManualTriggerRequestBody { tenantId?: string; - logicAppsResourceId?: string; + logicAppsResourceId: string; } /** List all the bookmarks. */ @@ -2152,89 +2152,86 @@ export interface GeoLocation { } /** An azure resource object with an Etag property */ -export interface ResourceWithEtag extends Resource { +export type ResourceWithEtag = Resource & { /** Etag of the azure resource */ etag?: string; -} +}; /** Alert rule template. */ -export interface AlertRuleTemplate extends Resource { +export type AlertRuleTemplate = Resource & { /** The kind of the alert rule */ kind: AlertRuleKind; -} +}; /** Specific entity. */ -export interface Entity extends Resource { +export type Entity = Resource & { /** The kind of the entity. */ kind: EntityKind; -} +}; /** Specific entity query template. */ -export interface EntityQueryTemplate extends Resource { +export type EntityQueryTemplate = Resource & { /** the entity query template kind */ kind: EntityQueryTemplateKind; -} +}; /** Consent for Office365 tenant that already made. */ -export interface OfficeConsent extends Resource { +export type OfficeConsent = Resource & { /** The tenantId of the Office365 with the consent. */ tenantId?: string; /** Help to easily cascade among the data layers. */ consentId?: string; -} +}; /** Action property bag. */ -export interface ActionResponseProperties extends ActionPropertiesBase { +export type ActionResponseProperties = ActionPropertiesBase & { /** The name of the logic app's workflow. */ workflowId?: string; -} +}; /** Action property bag. */ -export interface ActionRequestProperties extends ActionPropertiesBase { +export type ActionRequestProperties = ActionPropertiesBase & { /** Logic App Callback URL for this specific workflow. */ triggerUri: string; -} +}; /** Describes an automation rule condition that evaluates an array property's value change */ -export interface PropertyArrayChangedConditionProperties - extends AutomationRuleCondition { +export type PropertyArrayChangedConditionProperties = AutomationRuleCondition & { /** Polymorphic discriminator, which specifies the different types this object can be */ conditionType: "PropertyArrayChanged"; conditionProperties?: AutomationRulePropertyArrayChangedValuesCondition; -} +}; /** Describes an automation rule condition that evaluates a property's value change */ -export interface PropertyChangedConditionProperties - extends AutomationRuleCondition { +export type PropertyChangedConditionProperties = AutomationRuleCondition & { /** Polymorphic discriminator, which specifies the different types this object can be */ conditionType: "PropertyChanged"; conditionProperties?: AutomationRulePropertyValuesChangedCondition; -} +}; /** Describes an automation rule condition that evaluates a property's value */ -export interface PropertyConditionProperties extends AutomationRuleCondition { +export type PropertyConditionProperties = AutomationRuleCondition & { /** Polymorphic discriminator, which specifies the different types this object can be */ conditionType: "Property"; conditionProperties?: AutomationRulePropertyValuesCondition; -} +}; /** Describes an automation rule action to modify an object's properties */ -export interface AutomationRuleModifyPropertiesAction - extends AutomationRuleAction { +export type AutomationRuleModifyPropertiesAction = AutomationRuleAction & { /** Polymorphic discriminator, which specifies the different types this object can be */ actionType: "ModifyProperties"; actionConfiguration?: IncidentPropertiesAction; -} +}; /** Describes an automation rule action to run a playbook */ -export interface AutomationRuleRunPlaybookAction extends AutomationRuleAction { +export type AutomationRuleRunPlaybookAction = AutomationRuleAction & { /** Polymorphic discriminator, which specifies the different types this object can be */ actionType: "RunPlaybook"; actionConfiguration?: PlaybookActionProperties; -} +}; /** Represents Activity timeline item. */ -export interface ActivityTimelineItem extends EntityTimelineItem { +export type ActivityTimelineItem = EntityTimelineItem & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "Activity"; /** The activity query id. */ @@ -2251,10 +2248,10 @@ export interface ActivityTimelineItem extends EntityTimelineItem { content: string; /** The activity timeline title. */ title: string; -} +}; /** Represents bookmark timeline item. */ -export interface BookmarkTimelineItem extends EntityTimelineItem { +export type BookmarkTimelineItem = EntityTimelineItem & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "Bookmark"; /** The bookmark azure resource id. */ @@ -2273,10 +2270,10 @@ export interface BookmarkTimelineItem extends EntityTimelineItem { createdBy?: UserInfo; /** List of labels relevant to this bookmark */ labels?: string[]; -} +}; /** Represents anomaly timeline item. */ -export interface AnomalyTimelineItem extends EntityTimelineItem { +export type AnomalyTimelineItem = EntityTimelineItem & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "Anomaly"; /** The anomaly azure resource id. */ @@ -2301,10 +2298,10 @@ export interface AnomalyTimelineItem extends EntityTimelineItem { techniques?: string[]; /** The reasons that cause the anomaly. */ reasons?: string[]; -} +}; /** Represents security alert timeline item. */ -export interface SecurityAlertTimelineItem extends EntityTimelineItem { +export type SecurityAlertTimelineItem = EntityTimelineItem & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "SecurityAlert"; /** The alert azure resource id. */ @@ -2325,18 +2322,18 @@ export interface SecurityAlertTimelineItem extends EntityTimelineItem { timeGenerated: Date; /** The name of the alert type. */ alertType: string; -} +}; /** Represents Insight Query. */ -export interface InsightQueryItem extends EntityQueryItem { +export type InsightQueryItem = EntityQueryItem & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "Insight"; /** Properties bag for InsightQueryItem */ properties?: InsightQueryItemProperties; -} +}; /** SecurityAlert entity property bag. */ -export interface SecurityAlertProperties extends EntityCommonProperties { +export type SecurityAlertProperties = EntityCommonProperties & { /** * The display name of the alert. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -2459,10 +2456,10 @@ export interface SecurityAlertProperties extends EntityCommonProperties { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly resourceIdentifiers?: Record[]; -} +}; /** Describes bookmark properties */ -export interface HuntingBookmarkProperties extends EntityCommonProperties { +export type HuntingBookmarkProperties = EntityCommonProperties & { /** The time the bookmark was created */ created?: Date; /** Describes a user that created the bookmark */ @@ -2485,11 +2482,10 @@ export interface HuntingBookmarkProperties extends EntityCommonProperties { updatedBy?: UserInfo; /** Describes an incident that relates to bookmark */ incidentInfo?: IncidentInfo; -} +}; /** Describes threat intelligence entity properties */ -export interface ThreatIntelligenceIndicatorProperties - extends EntityCommonProperties { +export type ThreatIntelligenceIndicatorProperties = EntityCommonProperties & { /** List of tags */ threatIntelligenceTags?: string[]; /** Last updated time in UTC */ @@ -2546,10 +2542,10 @@ export interface ThreatIntelligenceIndicatorProperties modified?: string; /** Extensions map */ extensions?: { [propertyName: string]: any }; -} +}; /** Account entity property bag. */ -export interface AccountEntityProperties extends EntityCommonProperties { +export type AccountEntityProperties = EntityCommonProperties & { /** * The Azure Active Directory tenant id. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -2610,10 +2606,10 @@ export interface AccountEntityProperties extends EntityCommonProperties { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly dnsDomain?: string; -} +}; /** AzureResource entity property bag. */ -export interface AzureResourceEntityProperties extends EntityCommonProperties { +export type AzureResourceEntityProperties = EntityCommonProperties & { /** * The azure resource id of the resource * NOTE: This property will not be serialized. It can only be populated by the server. @@ -2624,11 +2620,10 @@ export interface AzureResourceEntityProperties extends EntityCommonProperties { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly subscriptionId?: string; -} +}; /** CloudApplication entity property bag. */ -export interface CloudApplicationEntityProperties - extends EntityCommonProperties { +export type CloudApplicationEntityProperties = EntityCommonProperties & { /** * The technical identifier of the application. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -2644,10 +2639,10 @@ export interface CloudApplicationEntityProperties * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly instanceName?: string; -} +}; /** Dns entity property bag. */ -export interface DnsEntityProperties extends EntityCommonProperties { +export type DnsEntityProperties = EntityCommonProperties & { /** * An ip entity id for the dns server resolving the request * NOTE: This property will not be serialized. It can only be populated by the server. @@ -2668,10 +2663,10 @@ export interface DnsEntityProperties extends EntityCommonProperties { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly ipAddressEntityIds?: string[]; -} +}; /** File entity property bag. */ -export interface FileEntityProperties extends EntityCommonProperties { +export type FileEntityProperties = EntityCommonProperties & { /** * The full path to the file. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -2692,10 +2687,10 @@ export interface FileEntityProperties extends EntityCommonProperties { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly hostEntityId?: string; -} +}; /** FileHash entity property bag. */ -export interface FileHashEntityProperties extends EntityCommonProperties { +export type FileHashEntityProperties = EntityCommonProperties & { /** * The hash algorithm type. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -2706,10 +2701,10 @@ export interface FileHashEntityProperties extends EntityCommonProperties { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly hashValue?: string; -} +}; /** Host entity property bag. */ -export interface HostEntityProperties extends EntityCommonProperties { +export type HostEntityProperties = EntityCommonProperties & { /** * The azure resource id of the VM. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -2752,10 +2747,10 @@ export interface HostEntityProperties extends EntityCommonProperties { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly osVersion?: string; -} +}; /** IoTDevice entity property bag. */ -export interface IoTDeviceEntityProperties extends EntityCommonProperties { +export type IoTDeviceEntityProperties = EntityCommonProperties & { /** * The ID of the IoT Device in the IoT Hub * NOTE: This property will not be serialized. It can only be populated by the server. @@ -2893,10 +2888,10 @@ export interface IoTDeviceEntityProperties extends EntityCommonProperties { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly isScanner?: boolean; -} +}; /** Ip entity property bag. */ -export interface IpEntityProperties extends EntityCommonProperties { +export type IpEntityProperties = EntityCommonProperties & { /** * The IP address as string, e.g. 127.0.0.1 (either in Ipv4 or Ipv6) * NOTE: This property will not be serialized. It can only be populated by the server. @@ -2912,10 +2907,10 @@ export interface IpEntityProperties extends EntityCommonProperties { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly threatIntelligence?: ThreatIntelligence[]; -} +}; /** Mailbox entity property bag. */ -export interface MailboxEntityProperties extends EntityCommonProperties { +export type MailboxEntityProperties = EntityCommonProperties & { /** * The mailbox's primary address * NOTE: This property will not be serialized. It can only be populated by the server. @@ -2936,10 +2931,10 @@ export interface MailboxEntityProperties extends EntityCommonProperties { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly externalDirectoryObjectId?: string; -} +}; /** Mail cluster entity property bag. */ -export interface MailClusterEntityProperties extends EntityCommonProperties { +export type MailClusterEntityProperties = EntityCommonProperties & { /** * The mail message IDs that are part of the mail cluster * NOTE: This property will not be serialized. It can only be populated by the server. @@ -3015,10 +3010,10 @@ export interface MailClusterEntityProperties extends EntityCommonProperties { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly clusterGroup?: string; -} +}; /** Mail message entity property bag. */ -export interface MailMessageEntityProperties extends EntityCommonProperties { +export type MailMessageEntityProperties = EntityCommonProperties & { /** * The File entity ids of this mail message's attachments * NOTE: This property will not be serialized. It can only be populated by the server. @@ -3120,10 +3115,10 @@ export interface MailMessageEntityProperties extends EntityCommonProperties { deliveryAction?: DeliveryAction; /** The delivery location of this mail message like Inbox, JunkFolder etc */ deliveryLocation?: DeliveryLocation; -} +}; /** Malware entity property bag. */ -export interface MalwareEntityProperties extends EntityCommonProperties { +export type MalwareEntityProperties = EntityCommonProperties & { /** * The malware category by the vendor, e.g. Trojan * NOTE: This property will not be serialized. It can only be populated by the server. @@ -3144,10 +3139,10 @@ export interface MalwareEntityProperties extends EntityCommonProperties { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly processEntityIds?: string[]; -} +}; /** Process entity property bag. */ -export interface ProcessEntityProperties extends EntityCommonProperties { +export type ProcessEntityProperties = EntityCommonProperties & { /** * The account entity id running the processes. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -3190,10 +3185,10 @@ export interface ProcessEntityProperties extends EntityCommonProperties { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly processId?: string; -} +}; /** RegistryKey entity property bag. */ -export interface RegistryKeyEntityProperties extends EntityCommonProperties { +export type RegistryKeyEntityProperties = EntityCommonProperties & { /** * the hive that holds the registry key. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -3204,10 +3199,10 @@ export interface RegistryKeyEntityProperties extends EntityCommonProperties { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly key?: string; -} +}; /** RegistryValue entity property bag. */ -export interface RegistryValueEntityProperties extends EntityCommonProperties { +export type RegistryValueEntityProperties = EntityCommonProperties & { /** * The registry key entity id. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -3228,10 +3223,10 @@ export interface RegistryValueEntityProperties extends EntityCommonProperties { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly valueType?: RegistryValueKind; -} +}; /** SecurityGroup entity property bag. */ -export interface SecurityGroupEntityProperties extends EntityCommonProperties { +export type SecurityGroupEntityProperties = EntityCommonProperties & { /** * The group distinguished name * NOTE: This property will not be serialized. It can only be populated by the server. @@ -3247,10 +3242,10 @@ export interface SecurityGroupEntityProperties extends EntityCommonProperties { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly sid?: string; -} +}; /** Submission mail entity property bag. */ -export interface SubmissionMailEntityProperties extends EntityCommonProperties { +export type SubmissionMailEntityProperties = EntityCommonProperties & { /** * The network message id of email to which submission belongs * NOTE: This property will not be serialized. It can only be populated by the server. @@ -3301,19 +3296,19 @@ export interface SubmissionMailEntityProperties extends EntityCommonProperties { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly reportType?: string; -} +}; /** Url entity property bag. */ -export interface UrlEntityProperties extends EntityCommonProperties { +export type UrlEntityProperties = EntityCommonProperties & { /** * A full URL the entity points to * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly url?: string; -} +}; /** Nic entity property bag. */ -export interface NicEntityProperties extends EntityCommonProperties { +export type NicEntityProperties = EntityCommonProperties & { /** * The MAC address of this network interface * NOTE: This property will not be serialized. It can only be populated by the server. @@ -3329,161 +3324,150 @@ export interface NicEntityProperties extends EntityCommonProperties { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly vlans?: string[]; -} +}; /** Represents AAD (Azure Active Directory) requirements check request. */ -export interface AADCheckRequirements extends DataConnectorsCheckRequirements { +export type AADCheckRequirements = DataConnectorsCheckRequirements & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "AzureActiveDirectory"; /** The tenant id to connect to, and get the data from. */ tenantId?: string; -} +}; /** Represents AATP (Azure Advanced Threat Protection) requirements check request. */ -export interface AatpCheckRequirements extends DataConnectorsCheckRequirements { +export type AatpCheckRequirements = DataConnectorsCheckRequirements & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "AzureAdvancedThreatProtection"; /** The tenant id to connect to, and get the data from. */ tenantId?: string; -} +}; /** Represents ASC (Azure Security Center) requirements check request. */ -export interface ASCCheckRequirements extends DataConnectorsCheckRequirements { +export type ASCCheckRequirements = DataConnectorsCheckRequirements & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "AzureSecurityCenter"; /** The subscription id to connect to, and get the data from. */ subscriptionId?: string; -} +}; /** Amazon Web Services CloudTrail requirements check request. */ -export interface AwsCloudTrailCheckRequirements - extends DataConnectorsCheckRequirements { +export type AwsCloudTrailCheckRequirements = DataConnectorsCheckRequirements & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "AmazonWebServicesCloudTrail"; -} +}; /** Amazon Web Services S3 requirements check request. */ -export interface AwsS3CheckRequirements - extends DataConnectorsCheckRequirements { +export type AwsS3CheckRequirements = DataConnectorsCheckRequirements & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "AmazonWebServicesS3"; -} +}; /** Represents Dynamics365 requirements check request. */ -export interface Dynamics365CheckRequirements - extends DataConnectorsCheckRequirements { +export type Dynamics365CheckRequirements = DataConnectorsCheckRequirements & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "Dynamics365"; /** The tenant id to connect to, and get the data from. */ tenantId?: string; -} +}; /** Represents MCAS (Microsoft Cloud App Security) requirements check request. */ -export interface McasCheckRequirements extends DataConnectorsCheckRequirements { +export type McasCheckRequirements = DataConnectorsCheckRequirements & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "MicrosoftCloudAppSecurity"; /** The tenant id to connect to, and get the data from. */ tenantId?: string; -} +}; /** Represents MDATP (Microsoft Defender Advanced Threat Protection) requirements check request. */ -export interface MdatpCheckRequirements - extends DataConnectorsCheckRequirements { +export type MdatpCheckRequirements = DataConnectorsCheckRequirements & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "MicrosoftDefenderAdvancedThreatProtection"; /** The tenant id to connect to, and get the data from. */ tenantId?: string; -} +}; /** Represents Microsoft Threat Intelligence requirements check request. */ -export interface MstiCheckRequirements extends DataConnectorsCheckRequirements { +export type MstiCheckRequirements = DataConnectorsCheckRequirements & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "MicrosoftThreatIntelligence"; /** The tenant id to connect to, and get the data from. */ tenantId?: string; -} +}; /** Represents MTP (Microsoft Threat Protection) requirements check request. */ -export interface MtpCheckRequirements extends DataConnectorsCheckRequirements { +export type MtpCheckRequirements = DataConnectorsCheckRequirements & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "MicrosoftThreatProtection"; /** The tenant id to connect to, and get the data from. */ tenantId?: string; -} +}; /** Represents OfficeATP (Office 365 Advanced Threat Protection) requirements check request. */ -export interface OfficeATPCheckRequirements - extends DataConnectorsCheckRequirements { +export type OfficeATPCheckRequirements = DataConnectorsCheckRequirements & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "OfficeATP"; /** The tenant id to connect to, and get the data from. */ tenantId?: string; -} +}; /** Represents OfficeIRM (Microsoft Insider Risk Management) requirements check request. */ -export interface OfficeIRMCheckRequirements - extends DataConnectorsCheckRequirements { +export type OfficeIRMCheckRequirements = DataConnectorsCheckRequirements & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "OfficeIRM"; /** The tenant id to connect to, and get the data from. */ tenantId?: string; -} +}; /** Represents Office365 Project requirements check request. */ -export interface Office365ProjectCheckRequirements - extends DataConnectorsCheckRequirements { +export type Office365ProjectCheckRequirements = DataConnectorsCheckRequirements & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "Office365Project"; /** The tenant id to connect to, and get the data from. */ tenantId?: string; -} +}; /** Represents Office PowerBI requirements check request. */ -export interface OfficePowerBICheckRequirements - extends DataConnectorsCheckRequirements { +export type OfficePowerBICheckRequirements = DataConnectorsCheckRequirements & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "OfficePowerBI"; /** The tenant id to connect to, and get the data from. */ tenantId?: string; -} +}; /** Threat Intelligence Platforms data connector check requirements */ -export interface TICheckRequirements extends DataConnectorsCheckRequirements { +export type TICheckRequirements = DataConnectorsCheckRequirements & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "ThreatIntelligence"; /** The tenant id to connect to, and get the data from. */ tenantId?: string; -} +}; /** Threat Intelligence TAXII data connector check requirements */ -export interface TiTaxiiCheckRequirements - extends DataConnectorsCheckRequirements { +export type TiTaxiiCheckRequirements = DataConnectorsCheckRequirements & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "ThreatIntelligenceTaxii"; /** The tenant id to connect to, and get the data from. */ tenantId?: string; -} +}; /** Represents IoT requirements check request. */ -export interface IoTCheckRequirements extends DataConnectorsCheckRequirements { +export type IoTCheckRequirements = DataConnectorsCheckRequirements & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "IOT"; /** The subscription id to connect to, and get the data from. */ subscriptionId?: string; -} +}; /** Alert rule template with MITRE property bag. */ -export interface AlertRuleTemplateWithMitreProperties - extends AlertRuleTemplatePropertiesBase { +export type AlertRuleTemplateWithMitreProperties = AlertRuleTemplatePropertiesBase & { /** The tactics of the alert rule */ tactics?: AttackTactic[]; /** The techniques of the alert rule */ techniques?: string[]; -} +}; /** MicrosoftSecurityIncidentCreation rule template properties */ -export interface MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties - extends AlertRuleTemplatePropertiesBase { +export type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties = AlertRuleTemplatePropertiesBase & { /** the alerts' displayNames on which the cases will be generated */ displayNamesFilter?: string[]; /** the alerts' displayNames on which the cases will not be generated */ @@ -3492,16 +3476,14 @@ export interface MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties productFilter?: MicrosoftSecurityProductName; /** the alerts' severities on which the cases will be generated */ severitiesFilter?: AlertSeverity[]; -} +}; /** NRT alert rule template properties */ -export interface NrtAlertRuleTemplateProperties - extends AlertRuleTemplateWithMitreProperties, - QueryBasedAlertRuleTemplateProperties {} +export type NrtAlertRuleTemplateProperties = AlertRuleTemplateWithMitreProperties & + QueryBasedAlertRuleTemplateProperties & {}; /** MicrosoftSecurityIncidentCreation rule property bag. */ -export interface MicrosoftSecurityIncidentCreationAlertRuleProperties - extends MicrosoftSecurityIncidentCreationAlertRuleCommonProperties { +export type MicrosoftSecurityIncidentCreationAlertRuleProperties = MicrosoftSecurityIncidentCreationAlertRuleCommonProperties & { /** The Name of the alert rule template used to create this rule. */ alertRuleTemplateName?: string; /** The description of the alert rule. */ @@ -3515,11 +3497,10 @@ export interface MicrosoftSecurityIncidentCreationAlertRuleProperties * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly lastModifiedUtc?: Date; -} +}; /** Scheduled alert rule base property bag. */ -export interface ScheduledAlertRuleProperties - extends ScheduledAlertRuleCommonProperties { +export type ScheduledAlertRuleProperties = ScheduledAlertRuleCommonProperties & { /** The Name of the alert rule template used to create this rule. */ alertRuleTemplateName?: string; /** The version of the alert rule template used to create this rule - in format , where all are numbers, for example 0 <1.0.2> */ @@ -3545,10 +3526,10 @@ export interface ScheduledAlertRuleProperties techniques?: string[]; /** The settings of the incidents that created from alerts triggered by this analytics rule */ incidentConfiguration?: IncidentConfiguration; -} +}; /** Represents Insight Query. */ -export interface InsightQueryItemProperties extends EntityQueryItemProperties { +export type InsightQueryItemProperties = EntityQueryItemProperties & { /** The insight display name. */ displayName?: string; /** The insight description. */ @@ -3565,137 +3546,119 @@ export interface InsightQueryItemProperties extends EntityQueryItemProperties { defaultTimeRange?: InsightQueryItemPropertiesDefaultTimeRange; /** The insight chart query. */ referenceTimeRange?: InsightQueryItemPropertiesReferenceTimeRange; -} +}; /** AAD (Azure Active Directory) requirements check properties. */ -export interface AADCheckRequirementsProperties extends DataConnectorTenantId {} +export type AADCheckRequirementsProperties = DataConnectorTenantId & {}; /** AATP (Azure Advanced Threat Protection) requirements check properties. */ -export interface AatpCheckRequirementsProperties - extends DataConnectorTenantId {} +export type AatpCheckRequirementsProperties = DataConnectorTenantId & {}; /** Dynamics365 requirements check properties. */ -export interface Dynamics365CheckRequirementsProperties - extends DataConnectorTenantId {} +export type Dynamics365CheckRequirementsProperties = DataConnectorTenantId & {}; /** MCAS (Microsoft Cloud App Security) requirements check properties. */ -export interface McasCheckRequirementsProperties - extends DataConnectorTenantId {} +export type McasCheckRequirementsProperties = DataConnectorTenantId & {}; /** MDATP (Microsoft Defender Advanced Threat Protection) requirements check properties. */ -export interface MdatpCheckRequirementsProperties - extends DataConnectorTenantId {} +export type MdatpCheckRequirementsProperties = DataConnectorTenantId & {}; /** Microsoft Threat Intelligence requirements check properties. */ -export interface MstiCheckRequirementsProperties - extends DataConnectorTenantId {} +export type MstiCheckRequirementsProperties = DataConnectorTenantId & {}; /** MTP (Microsoft Threat Protection) requirements check properties. */ -export interface MTPCheckRequirementsProperties extends DataConnectorTenantId {} +export type MTPCheckRequirementsProperties = DataConnectorTenantId & {}; /** OfficeATP (Office 365 Advanced Threat Protection) requirements check properties. */ -export interface OfficeATPCheckRequirementsProperties - extends DataConnectorTenantId {} +export type OfficeATPCheckRequirementsProperties = DataConnectorTenantId & {}; /** OfficeIRM (Microsoft Insider Risk Management) requirements check properties. */ -export interface OfficeIRMCheckRequirementsProperties - extends DataConnectorTenantId {} +export type OfficeIRMCheckRequirementsProperties = DataConnectorTenantId & {}; /** Office365 Project requirements check properties. */ -export interface Office365ProjectCheckRequirementsProperties - extends DataConnectorTenantId {} +export type Office365ProjectCheckRequirementsProperties = DataConnectorTenantId & {}; /** Office PowerBI requirements check properties. */ -export interface OfficePowerBICheckRequirementsProperties - extends DataConnectorTenantId {} +export type OfficePowerBICheckRequirementsProperties = DataConnectorTenantId & {}; /** Threat Intelligence Platforms data connector required properties. */ -export interface TICheckRequirementsProperties extends DataConnectorTenantId {} +export type TICheckRequirementsProperties = DataConnectorTenantId & {}; /** Threat Intelligence TAXII data connector required properties. */ -export interface TiTaxiiCheckRequirementsProperties - extends DataConnectorTenantId {} +export type TiTaxiiCheckRequirementsProperties = DataConnectorTenantId & {}; /** AAD (Azure Active Directory) data connector properties. */ -export interface AADDataConnectorProperties - extends DataConnectorTenantId, - DataConnectorWithAlertsProperties {} +export type AADDataConnectorProperties = DataConnectorTenantId & + DataConnectorWithAlertsProperties & {}; /** Microsoft Threat Intelligence data connector properties. */ -export interface MstiDataConnectorProperties extends DataConnectorTenantId { +export type MstiDataConnectorProperties = DataConnectorTenantId & { /** The available data types for the connector. */ dataTypes: MstiDataConnectorDataTypes; -} +}; /** MTP (Microsoft Threat Protection) data connector properties. */ -export interface MTPDataConnectorProperties extends DataConnectorTenantId { +export type MTPDataConnectorProperties = DataConnectorTenantId & { /** The available data types for the connector. */ dataTypes: MTPDataConnectorDataTypes; -} +}; /** AATP (Azure Advanced Threat Protection) data connector properties. */ -export interface AatpDataConnectorProperties - extends DataConnectorTenantId, - DataConnectorWithAlertsProperties {} +export type AatpDataConnectorProperties = DataConnectorTenantId & + DataConnectorWithAlertsProperties & {}; /** MCAS (Microsoft Cloud App Security) data connector properties. */ -export interface McasDataConnectorProperties extends DataConnectorTenantId { +export type McasDataConnectorProperties = DataConnectorTenantId & { /** The available data types for the connector. */ dataTypes: McasDataConnectorDataTypes; -} +}; /** Dynamics365 data connector properties. */ -export interface Dynamics365DataConnectorProperties - extends DataConnectorTenantId { +export type Dynamics365DataConnectorProperties = DataConnectorTenantId & { /** The available data types for the connector. */ dataTypes: Dynamics365DataConnectorDataTypes; -} +}; /** OfficeATP (Office 365 Advanced Threat Protection) data connector properties. */ -export interface OfficeATPDataConnectorProperties - extends DataConnectorTenantId, - DataConnectorWithAlertsProperties {} +export type OfficeATPDataConnectorProperties = DataConnectorTenantId & + DataConnectorWithAlertsProperties & {}; /** Office Microsoft Project data connector properties. */ -export interface Office365ProjectDataConnectorProperties - extends DataConnectorTenantId { +export type Office365ProjectDataConnectorProperties = DataConnectorTenantId & { /** The available data types for the connector. */ dataTypes: Office365ProjectConnectorDataTypes; -} +}; /** Office Microsoft PowerBI data connector properties. */ -export interface OfficePowerBIDataConnectorProperties - extends DataConnectorTenantId { +export type OfficePowerBIDataConnectorProperties = DataConnectorTenantId & { /** The available data types for the connector. */ dataTypes: OfficePowerBIConnectorDataTypes; -} +}; /** OfficeIRM (Microsoft Insider Risk Management) data connector properties. */ -export interface OfficeIRMDataConnectorProperties - extends DataConnectorTenantId, - DataConnectorWithAlertsProperties {} +export type OfficeIRMDataConnectorProperties = DataConnectorTenantId & + DataConnectorWithAlertsProperties & {}; /** MDATP (Microsoft Defender Advanced Threat Protection) data connector properties. */ -export interface MdatpDataConnectorProperties - extends DataConnectorTenantId, - DataConnectorWithAlertsProperties {} +export type MdatpDataConnectorProperties = DataConnectorTenantId & + DataConnectorWithAlertsProperties & {}; /** Office data connector properties. */ -export interface OfficeDataConnectorProperties extends DataConnectorTenantId { +export type OfficeDataConnectorProperties = DataConnectorTenantId & { /** The available data types for the connector. */ dataTypes: OfficeDataConnectorDataTypes; -} +}; /** TI (Threat Intelligence) data connector properties. */ -export interface TIDataConnectorProperties extends DataConnectorTenantId { +export type TIDataConnectorProperties = DataConnectorTenantId & { /** The lookback period for the feed to be imported. */ tipLookbackPeriod?: Date; /** The available data types for the connector. */ dataTypes: TIDataConnectorDataTypes; -} +}; /** Threat Intelligence TAXII data connector properties. */ -export interface TiTaxiiDataConnectorProperties extends DataConnectorTenantId { +export type TiTaxiiDataConnectorProperties = DataConnectorTenantId & { /** The workspace id. */ workspaceId?: string; /** The friendly name for the TAXII server. */ @@ -3714,133 +3677,111 @@ export interface TiTaxiiDataConnectorProperties extends DataConnectorTenantId { pollingFrequency: PollingFrequency | null; /** The available data types for Threat Intelligence TAXII data connector. */ dataTypes: TiTaxiiDataConnectorDataTypes; -} +}; /** ASC (Azure Security Center) data connector properties. */ -export interface ASCDataConnectorProperties - extends DataConnectorWithAlertsProperties { +export type ASCDataConnectorProperties = DataConnectorWithAlertsProperties & { /** The subscription id to connect to, and get the data from. */ subscriptionId?: string; -} +}; /** IoT data connector properties. */ -export interface IoTDataConnectorProperties - extends DataConnectorWithAlertsProperties { +export type IoTDataConnectorProperties = DataConnectorWithAlertsProperties & { /** The subscription id to connect to, and get the data from. */ subscriptionId?: string; -} +}; /** The available data types for MCAS (Microsoft Cloud App Security) data connector. */ -export interface McasDataConnectorDataTypes - extends AlertsDataTypeOfDataConnector { +export type McasDataConnectorDataTypes = AlertsDataTypeOfDataConnector & { /** Discovery log data type connection. */ discoveryLogs?: DataConnectorDataTypeCommon; -} +}; /** Data type for Microsoft Threat Intelligence Platforms data connector. */ -export interface MstiDataConnectorDataTypesBingSafetyPhishingURL - extends DataConnectorDataTypeCommon { +export type MstiDataConnectorDataTypesBingSafetyPhishingURL = DataConnectorDataTypeCommon & { /** lookback period */ lookbackPeriod: string; -} +}; /** Data type for Microsoft Threat Intelligence Platforms data connector. */ -export interface MstiDataConnectorDataTypesMicrosoftEmergingThreatFeed - extends DataConnectorDataTypeCommon { +export type MstiDataConnectorDataTypesMicrosoftEmergingThreatFeed = DataConnectorDataTypeCommon & { /** lookback period */ lookbackPeriod: string; -} +}; /** Data type for Microsoft Threat Protection Platforms data connector. */ -export interface MTPDataConnectorDataTypesIncidents - extends DataConnectorDataTypeCommon {} +export type MTPDataConnectorDataTypesIncidents = DataConnectorDataTypeCommon & {}; /** Logs data type. */ -export interface AwsCloudTrailDataConnectorDataTypesLogs - extends DataConnectorDataTypeCommon {} +export type AwsCloudTrailDataConnectorDataTypesLogs = DataConnectorDataTypeCommon & {}; /** Logs data type. */ -export interface AwsS3DataConnectorDataTypesLogs - extends DataConnectorDataTypeCommon {} +export type AwsS3DataConnectorDataTypesLogs = DataConnectorDataTypeCommon & {}; /** Common Data Service data type connection. */ -export interface Dynamics365DataConnectorDataTypesDynamics365CdsActivities - extends DataConnectorDataTypeCommon {} +export type Dynamics365DataConnectorDataTypesDynamics365CdsActivities = DataConnectorDataTypeCommon & {}; /** Logs data type. */ -export interface Office365ProjectConnectorDataTypesLogs - extends DataConnectorDataTypeCommon {} +export type Office365ProjectConnectorDataTypesLogs = DataConnectorDataTypeCommon & {}; /** Logs data type. */ -export interface OfficePowerBIConnectorDataTypesLogs - extends DataConnectorDataTypeCommon {} +export type OfficePowerBIConnectorDataTypesLogs = DataConnectorDataTypeCommon & {}; /** Exchange data type connection. */ -export interface OfficeDataConnectorDataTypesExchange - extends DataConnectorDataTypeCommon {} +export type OfficeDataConnectorDataTypesExchange = DataConnectorDataTypeCommon & {}; /** SharePoint data type connection. */ -export interface OfficeDataConnectorDataTypesSharePoint - extends DataConnectorDataTypeCommon {} +export type OfficeDataConnectorDataTypesSharePoint = DataConnectorDataTypeCommon & {}; /** Teams data type connection. */ -export interface OfficeDataConnectorDataTypesTeams - extends DataConnectorDataTypeCommon {} +export type OfficeDataConnectorDataTypesTeams = DataConnectorDataTypeCommon & {}; /** Data type for indicators connection. */ -export interface TIDataConnectorDataTypesIndicators - extends DataConnectorDataTypeCommon {} +export type TIDataConnectorDataTypesIndicators = DataConnectorDataTypeCommon & {}; /** Data type for TAXII connector. */ -export interface TiTaxiiDataConnectorDataTypesTaxiiClient - extends DataConnectorDataTypeCommon {} +export type TiTaxiiDataConnectorDataTypesTaxiiClient = DataConnectorDataTypeCommon & {}; -export interface CodelessUiConnectorConfigPropertiesGraphQueriesItem - extends GraphQueries {} +export type CodelessUiConnectorConfigPropertiesGraphQueriesItem = GraphQueries & {}; -export interface CodelessUiConnectorConfigPropertiesSampleQueriesItem - extends SampleQueries {} +export type CodelessUiConnectorConfigPropertiesSampleQueriesItem = SampleQueries & {}; -export interface CodelessUiConnectorConfigPropertiesDataTypesItem - extends LastDataReceivedDataType {} +export type CodelessUiConnectorConfigPropertiesDataTypesItem = LastDataReceivedDataType & {}; -export interface CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem - extends ConnectivityCriteria {} +export type CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem = ConnectivityCriteria & {}; -export interface PermissionsResourceProviderItem extends ResourceProvider {} +export type PermissionsResourceProviderItem = ResourceProvider & {}; /** Customs permissions required for the connector */ -export interface Customs extends CustomsPermission {} +export type Customs = CustomsPermission & {}; -export interface CodelessUiConnectorConfigPropertiesInstructionStepsItem - extends InstructionSteps {} +export type CodelessUiConnectorConfigPropertiesInstructionStepsItem = InstructionSteps & {}; -export interface InstructionStepsInstructionsItem - extends ConnectorInstructionModelBase {} +export type InstructionStepsInstructionsItem = ConnectorInstructionModelBase & {}; /** Alert rule. */ -export interface AlertRule extends ResourceWithEtag { +export type AlertRule = ResourceWithEtag & { /** The kind of the alert rule */ kind: AlertRuleKind; -} +}; /** Action for alert rule. */ -export interface ActionResponse extends ResourceWithEtag { +export type ActionResponse = ResourceWithEtag & { /** Logic App Resource Id, /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}. */ logicAppResourceId?: string; /** The name of the logic app's workflow. */ workflowId?: string; -} +}; /** Action for alert rule. */ -export interface ActionRequest extends ResourceWithEtag { +export type ActionRequest = ResourceWithEtag & { /** Logic App Resource Id, /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}. */ logicAppResourceId?: string; /** Logic App Callback URL for this specific workflow. */ triggerUri?: string; -} +}; -export interface AutomationRule extends ResourceWithEtag { +export type AutomationRule = ResourceWithEtag & { /** The display name of the automation rule. */ displayName: string; /** The order of execution of the automation rule. */ @@ -3869,10 +3810,10 @@ export interface AutomationRule extends ResourceWithEtag { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly createdBy?: ClientInfo; -} +}; /** Represents a bookmark in Azure Security Insights. */ -export interface Bookmark extends ResourceWithEtag { +export type Bookmark = ResourceWithEtag & { /** The time the bookmark was created */ created?: Date; /** Describes a user that created the bookmark */ @@ -3905,10 +3846,10 @@ export interface Bookmark extends ResourceWithEtag { tactics?: AttackTactic[]; /** A list of relevant mitre techniques */ techniques?: string[]; -} +}; /** Represents a relation between two resources */ -export interface Relation extends ResourceWithEtag { +export type Relation = ResourceWithEtag & { /** The resource ID of the related resource */ relatedResourceId?: string; /** @@ -3926,22 +3867,22 @@ export interface Relation extends ResourceWithEtag { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly relatedResourceKind?: string; -} +}; /** Specific entity query. */ -export interface EntityQuery extends ResourceWithEtag { +export type EntityQuery = ResourceWithEtag & { /** the entity query kind */ kind: EntityQueryKind; -} +}; /** Specific entity query that supports put requests. */ -export interface CustomEntityQuery extends ResourceWithEtag { +export type CustomEntityQuery = ResourceWithEtag & { /** the entity query kind */ kind: CustomEntityQueryKind; -} +}; /** Represents an incident in Azure Security Insights. */ -export interface Incident extends ResourceWithEtag { +export type Incident = ResourceWithEtag & { /** * Additional data on the incident * NOTE: This property will not be serialized. It can only be populated by the server. @@ -4000,10 +3941,10 @@ export interface Incident extends ResourceWithEtag { teamInformation?: TeamInformation; /** The title of the incident */ title?: string; -} +}; /** Represents an incident comment */ -export interface IncidentComment extends ResourceWithEtag { +export type IncidentComment = ResourceWithEtag & { /** * The time the comment was created * NOTE: This property will not be serialized. It can only be populated by the server. @@ -4021,10 +3962,10 @@ export interface IncidentComment extends ResourceWithEtag { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly author?: ClientInfo; -} +}; /** Metadata resource definition. */ -export interface MetadataModel extends ResourceWithEtag { +export type MetadataModel = ResourceWithEtag & { /** Static ID for the content. Used to identify dependencies and content from solutions or community. Hard-coded/static for out of the box content and solutions. Dynamic for user-created. This is the resource name */ contentId?: string; /** Full parent resource ID of the content item the metadata is for. This is the full resource ID including the scope (subscription and resource group) */ @@ -4063,10 +4004,10 @@ export interface MetadataModel extends ResourceWithEtag { previewImages?: string[]; /** preview image file names. These will be taken from the solution artifacts. used for dark theme support */ previewImagesDark?: string[]; -} +}; /** Metadata patch request body. */ -export interface MetadataPatch extends ResourceWithEtag { +export type MetadataPatch = ResourceWithEtag & { /** Static ID for the content. Used to identify dependencies and content from solutions or community. Hard-coded/static for out of the box content and solutions. Dynamic for user-created. This is the resource name */ contentId?: string; /** Full parent resource ID of the content item the metadata is for. This is the full resource ID including the scope (subscription and resource group) */ @@ -4105,28 +4046,28 @@ export interface MetadataPatch extends ResourceWithEtag { previewImages?: string[]; /** preview image file names. These will be taken from the solution artifacts. used for dark theme support */ previewImagesDark?: string[]; -} +}; /** Sentinel onboarding state */ -export interface SentinelOnboardingState extends ResourceWithEtag { +export type SentinelOnboardingState = ResourceWithEtag & { /** Flag that indicates the status of the CMK setting */ customerManagedKey?: boolean; -} +}; /** Security ML Analytics Setting */ -export interface SecurityMLAnalyticsSetting extends ResourceWithEtag { +export type SecurityMLAnalyticsSetting = ResourceWithEtag & { /** The kind of security ML Analytics Settings */ kind: SecurityMLAnalyticsSettingsKind; -} +}; /** The Setting. */ -export interface Settings extends ResourceWithEtag { +export type Settings = ResourceWithEtag & { /** The kind of the setting */ kind: SettingKind; -} +}; /** Represents a SourceControl in Azure Security Insights. */ -export interface SourceControl extends ResourceWithEtag { +export type SourceControl = ResourceWithEtag & { /** The id (a Guid) of the source control */ idPropertiesId?: string; /** The version number associated with the source control */ @@ -4145,16 +4086,16 @@ export interface SourceControl extends ResourceWithEtag { repositoryResourceInfo?: RepositoryResourceInfo; /** Information regarding the latest deployment for the source control. */ lastDeploymentInfo?: DeploymentInfo; -} +}; /** Threat intelligence information object. */ -export interface ThreatIntelligenceInformation extends ResourceWithEtag { +export type ThreatIntelligenceInformation = ResourceWithEtag & { /** The kind of the entity. */ kind: ThreatIntelligenceResourceKindEnum; -} +}; /** Represents a Watchlist in Azure Security Insights. */ -export interface Watchlist extends ResourceWithEtag { +export type Watchlist = ResourceWithEtag & { /** The id (a Guid) of the watchlist */ watchlistId?: string; /** The display name of the watchlist */ @@ -4197,10 +4138,10 @@ export interface Watchlist extends ResourceWithEtag { contentType?: string; /** The status of the Watchlist upload : New, InProgress or Complete. Pls note : When a Watchlist upload status is equal to InProgress, the Watchlist cannot be deleted */ uploadStatus?: string; -} +}; /** Represents a Watchlist item in Azure Security Insights. */ -export interface WatchlistItem extends ResourceWithEtag { +export type WatchlistItem = ResourceWithEtag & { /** The type of the watchlist item */ watchlistItemType?: string; /** The id (a Guid) of the watchlist item */ @@ -4221,17 +4162,16 @@ export interface WatchlistItem extends ResourceWithEtag { itemsKeyValue?: { [propertyName: string]: any }; /** key-value pairs for a watchlist item entity mapping */ entityMapping?: { [propertyName: string]: any }; -} +}; /** Data connector */ -export interface DataConnector extends ResourceWithEtag { +export type DataConnector = ResourceWithEtag & { /** The data connector kind */ kind: DataConnectorKind; -} +}; /** Represents MLBehaviorAnalytics alert rule template. */ -export interface MLBehaviorAnalyticsAlertRuleTemplate - extends AlertRuleTemplate { +export type MLBehaviorAnalyticsAlertRuleTemplate = AlertRuleTemplate & { /** the number of alert rules that were created by this template */ alertRulesCreatedByTemplateCount?: number; /** @@ -4258,10 +4198,10 @@ export interface MLBehaviorAnalyticsAlertRuleTemplate techniques?: string[]; /** The severity for alerts created by this alert rule. */ severity?: AlertSeverity; -} +}; /** Represents Fusion alert rule template. */ -export interface FusionAlertRuleTemplate extends AlertRuleTemplate { +export type FusionAlertRuleTemplate = AlertRuleTemplate & { /** the number of alert rules that were created by this template */ alertRulesCreatedByTemplateCount?: number; /** @@ -4290,10 +4230,10 @@ export interface FusionAlertRuleTemplate extends AlertRuleTemplate { techniques?: string[]; /** All supported source signal configurations consumed in fusion detection. */ sourceSettings?: FusionTemplateSourceSetting[]; -} +}; /** Represents Threat Intelligence alert rule template. */ -export interface ThreatIntelligenceAlertRuleTemplate extends AlertRuleTemplate { +export type ThreatIntelligenceAlertRuleTemplate = AlertRuleTemplate & { /** the number of alert rules that were created by this template */ alertRulesCreatedByTemplateCount?: number; /** @@ -4320,11 +4260,10 @@ export interface ThreatIntelligenceAlertRuleTemplate extends AlertRuleTemplate { techniques?: string[]; /** The severity for alerts created by this alert rule. */ severity?: AlertSeverity; -} +}; /** Represents MicrosoftSecurityIncidentCreation rule template. */ -export interface MicrosoftSecurityIncidentCreationAlertRuleTemplate - extends AlertRuleTemplate { +export type MicrosoftSecurityIncidentCreationAlertRuleTemplate = AlertRuleTemplate & { /** the number of alert rules that were created by this template */ alertRulesCreatedByTemplateCount?: number; /** @@ -4353,10 +4292,10 @@ export interface MicrosoftSecurityIncidentCreationAlertRuleTemplate productFilter?: MicrosoftSecurityProductName; /** the alerts' severities on which the cases will be generated */ severitiesFilter?: AlertSeverity[]; -} +}; /** Represents scheduled alert rule template. */ -export interface ScheduledAlertRuleTemplate extends AlertRuleTemplate { +export type ScheduledAlertRuleTemplate = AlertRuleTemplate & { /** the number of alert rules that were created by this template */ alertRulesCreatedByTemplateCount?: number; /** @@ -4403,10 +4342,10 @@ export interface ScheduledAlertRuleTemplate extends AlertRuleTemplate { entityMappings?: EntityMapping[]; /** The alert details override settings */ alertDetailsOverride?: AlertDetailsOverride; -} +}; /** Represents NRT alert rule template. */ -export interface NrtAlertRuleTemplate extends AlertRuleTemplate { +export type NrtAlertRuleTemplate = AlertRuleTemplate & { /** the number of alert rules that were created by this template */ alertRulesCreatedByTemplateCount?: number; /** @@ -4443,10 +4382,10 @@ export interface NrtAlertRuleTemplate extends AlertRuleTemplate { entityMappings?: EntityMapping[]; /** The alert details override settings */ alertDetailsOverride?: AlertDetailsOverride; -} +}; /** Represents a security alert entity. */ -export interface SecurityAlert extends Entity { +export type SecurityAlert = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -4579,10 +4518,10 @@ export interface SecurityAlert extends Entity { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly resourceIdentifiers?: Record[]; -} +}; /** Represents a Hunting bookmark entity. */ -export interface HuntingBookmark extends Entity { +export type HuntingBookmark = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -4615,10 +4554,10 @@ export interface HuntingBookmark extends Entity { updatedBy?: UserInfo; /** Describes an incident that relates to bookmark */ incidentInfo?: IncidentInfo; -} +}; /** Represents an account entity. */ -export interface AccountEntity extends Entity { +export type AccountEntity = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -4689,10 +4628,10 @@ export interface AccountEntity extends Entity { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly dnsDomain?: string; -} +}; /** Represents an azure resource entity. */ -export interface AzureResourceEntity extends Entity { +export type AzureResourceEntity = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -4713,10 +4652,10 @@ export interface AzureResourceEntity extends Entity { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly subscriptionId?: string; -} +}; /** Represents a cloud application entity. */ -export interface CloudApplicationEntity extends Entity { +export type CloudApplicationEntity = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -4742,10 +4681,10 @@ export interface CloudApplicationEntity extends Entity { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly instanceName?: string; -} +}; /** Represents a dns entity. */ -export interface DnsEntity extends Entity { +export type DnsEntity = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -4776,10 +4715,10 @@ export interface DnsEntity extends Entity { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly ipAddressEntityIds?: string[]; -} +}; /** Represents a file entity. */ -export interface FileEntity extends Entity { +export type FileEntity = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -4810,10 +4749,10 @@ export interface FileEntity extends Entity { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly hostEntityId?: string; -} +}; /** Represents a file hash entity. */ -export interface FileHashEntity extends Entity { +export type FileHashEntity = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -4834,10 +4773,10 @@ export interface FileHashEntity extends Entity { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly hashValue?: string; -} +}; /** Represents a host entity. */ -export interface HostEntity extends Entity { +export type HostEntity = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -4890,10 +4829,10 @@ export interface HostEntity extends Entity { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly osVersion?: string; -} +}; /** Represents an IoT device entity. */ -export interface IoTDeviceEntity extends Entity { +export type IoTDeviceEntity = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5041,10 +4980,10 @@ export interface IoTDeviceEntity extends Entity { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly isScanner?: boolean; -} +}; /** Represents an ip entity. */ -export interface IpEntity extends Entity { +export type IpEntity = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5070,10 +5009,10 @@ export interface IpEntity extends Entity { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly threatIntelligence?: ThreatIntelligence[]; -} +}; /** Represents a mailbox entity. */ -export interface MailboxEntity extends Entity { +export type MailboxEntity = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5104,10 +5043,10 @@ export interface MailboxEntity extends Entity { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly externalDirectoryObjectId?: string; -} +}; /** Represents a mail cluster entity. */ -export interface MailClusterEntity extends Entity { +export type MailClusterEntity = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5193,10 +5132,10 @@ export interface MailClusterEntity extends Entity { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly clusterGroup?: string; -} +}; /** Represents a mail message entity. */ -export interface MailMessageEntity extends Entity { +export type MailMessageEntity = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5308,10 +5247,10 @@ export interface MailMessageEntity extends Entity { deliveryAction?: DeliveryAction; /** The delivery location of this mail message like Inbox, JunkFolder etc */ deliveryLocation?: DeliveryLocation; -} +}; /** Represents a malware entity. */ -export interface MalwareEntity extends Entity { +export type MalwareEntity = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5342,10 +5281,10 @@ export interface MalwareEntity extends Entity { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly processEntityIds?: string[]; -} +}; /** Represents a process entity. */ -export interface ProcessEntity extends Entity { +export type ProcessEntity = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5398,10 +5337,10 @@ export interface ProcessEntity extends Entity { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly processId?: string; -} +}; /** Represents a registry key entity. */ -export interface RegistryKeyEntity extends Entity { +export type RegistryKeyEntity = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5422,10 +5361,10 @@ export interface RegistryKeyEntity extends Entity { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly key?: string; -} +}; /** Represents a registry value entity. */ -export interface RegistryValueEntity extends Entity { +export type RegistryValueEntity = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5456,10 +5395,10 @@ export interface RegistryValueEntity extends Entity { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly valueType?: RegistryValueKind; -} +}; /** Represents a security group entity. */ -export interface SecurityGroupEntity extends Entity { +export type SecurityGroupEntity = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5485,10 +5424,10 @@ export interface SecurityGroupEntity extends Entity { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly sid?: string; -} +}; /** Represents a submission mail entity. */ -export interface SubmissionMailEntity extends Entity { +export type SubmissionMailEntity = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5549,10 +5488,10 @@ export interface SubmissionMailEntity extends Entity { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly reportType?: string; -} +}; /** Represents a url entity. */ -export interface UrlEntity extends Entity { +export type UrlEntity = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5568,10 +5507,10 @@ export interface UrlEntity extends Entity { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly url?: string; -} +}; /** Represents an network interface entity. */ -export interface NicEntity extends Entity { +export type NicEntity = Entity & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5597,10 +5536,10 @@ export interface NicEntity extends Entity { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly vlans?: string[]; -} +}; /** Represents Activity entity query. */ -export interface ActivityEntityQueryTemplate extends EntityQueryTemplate { +export type ActivityEntityQueryTemplate = EntityQueryTemplate & { /** The entity query title */ title?: string; /** The entity query content to display in timeline */ @@ -5617,26 +5556,24 @@ export interface ActivityEntityQueryTemplate extends EntityQueryTemplate { requiredInputFieldsSets?: string[][]; /** The query applied only to entities matching to all filters */ entitiesFilter?: { [propertyName: string]: string[] }; -} +}; /** MLBehaviorAnalytics alert rule template properties. */ -export interface MLBehaviorAnalyticsAlertRuleTemplateProperties - extends AlertRuleTemplateWithMitreProperties { +export type MLBehaviorAnalyticsAlertRuleTemplateProperties = AlertRuleTemplateWithMitreProperties & { /** The severity for alerts created by this alert rule. */ severity: AlertSeverity; -} +}; /** Threat Intelligence alert rule template properties */ -export interface ThreatIntelligenceAlertRuleTemplateProperties - extends AlertRuleTemplateWithMitreProperties { +export type ThreatIntelligenceAlertRuleTemplateProperties = AlertRuleTemplateWithMitreProperties & { /** The severity for alerts created by this alert rule. */ severity: AlertSeverity; -} +}; -export interface PermissionsCustomsItem extends Customs {} +export type PermissionsCustomsItem = Customs & {}; /** Represents MLBehaviorAnalytics alert rule. */ -export interface MLBehaviorAnalyticsAlertRule extends AlertRule { +export type MLBehaviorAnalyticsAlertRule = AlertRule & { /** The Name of the alert rule template used to create this rule. */ alertRuleTemplateName?: string; /** @@ -5671,10 +5608,10 @@ export interface MLBehaviorAnalyticsAlertRule extends AlertRule { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly techniques?: string[]; -} +}; /** Represents Fusion alert rule. */ -export interface FusionAlertRule extends AlertRule { +export type FusionAlertRule = AlertRule & { /** The Name of the alert rule template used to create this rule. */ alertRuleTemplateName?: string; /** @@ -5713,10 +5650,10 @@ export interface FusionAlertRule extends AlertRule { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly techniques?: string[]; -} +}; /** Represents Threat Intelligence alert rule. */ -export interface ThreatIntelligenceAlertRule extends AlertRule { +export type ThreatIntelligenceAlertRule = AlertRule & { /** The Name of the alert rule template used to create this rule. */ alertRuleTemplateName?: string; /** @@ -5751,10 +5688,10 @@ export interface ThreatIntelligenceAlertRule extends AlertRule { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly techniques?: string[]; -} +}; /** Represents MicrosoftSecurityIncidentCreation rule. */ -export interface MicrosoftSecurityIncidentCreationAlertRule extends AlertRule { +export type MicrosoftSecurityIncidentCreationAlertRule = AlertRule & { /** the alerts' displayNames on which the cases will be generated */ displayNamesFilter?: string[]; /** the alerts' displayNames on which the cases will not be generated */ @@ -5776,10 +5713,10 @@ export interface MicrosoftSecurityIncidentCreationAlertRule extends AlertRule { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly lastModifiedUtc?: Date; -} +}; /** Represents scheduled alert rule. */ -export interface ScheduledAlertRule extends AlertRule { +export type ScheduledAlertRule = AlertRule & { /** The query that creates alerts for this rule. */ query?: string; /** The frequency (in ISO 8601 duration format) for this alert rule to run. */ @@ -5825,10 +5762,10 @@ export interface ScheduledAlertRule extends AlertRule { techniques?: string[]; /** The settings of the incidents that created from alerts triggered by this analytics rule */ incidentConfiguration?: IncidentConfiguration; -} +}; /** Represents NRT alert rule. */ -export interface NrtAlertRule extends AlertRule { +export type NrtAlertRule = AlertRule & { /** The Name of the alert rule template used to create this rule. */ alertRuleTemplateName?: string; /** The version of the alert rule template used to create this rule - in format , where all are numbers, for example 0 <1.0.2> */ @@ -5864,10 +5801,10 @@ export interface NrtAlertRule extends AlertRule { entityMappings?: EntityMapping[]; /** The alert details override settings */ alertDetailsOverride?: AlertDetailsOverride; -} +}; /** Represents Expansion entity query. */ -export interface ExpansionEntityQuery extends EntityQuery { +export type ExpansionEntityQuery = EntityQuery & { /** List of the data sources that are required to run the query */ dataSources?: string[]; /** The query display name */ @@ -5880,10 +5817,10 @@ export interface ExpansionEntityQuery extends EntityQuery { outputEntityTypes?: EntityType[]; /** The template query string to be parsed and formatted */ queryTemplate?: string; -} +}; /** Represents Activity entity query. */ -export interface ActivityEntityQuery extends EntityQuery { +export type ActivityEntityQuery = EntityQuery & { /** The entity query title */ title?: string; /** The entity query content to display in timeline */ @@ -5912,10 +5849,10 @@ export interface ActivityEntityQuery extends EntityQuery { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly lastModifiedTimeUtc?: Date; -} +}; /** Represents Activity entity query. */ -export interface ActivityCustomEntityQuery extends CustomEntityQuery { +export type ActivityCustomEntityQuery = CustomEntityQuery & { /** The entity query title */ title?: string; /** The entity query content to display in timeline */ @@ -5944,11 +5881,10 @@ export interface ActivityCustomEntityQuery extends CustomEntityQuery { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly lastModifiedTimeUtc?: Date; -} +}; /** Represents Anomaly Security ML Analytics Settings */ -export interface AnomalySecurityMLAnalyticsSettings - extends SecurityMLAnalyticsSetting { +export type AnomalySecurityMLAnalyticsSettings = SecurityMLAnalyticsSetting & { /** The description of the SecurityMLAnalyticsSettings. */ description?: string; /** The display name for settings created by this SecurityMLAnalyticsSettings. */ @@ -5980,41 +5916,40 @@ export interface AnomalySecurityMLAnalyticsSettings anomalySettingsVersion?: number; /** The anomaly settings definition Id */ settingsDefinitionId?: string; -} +}; /** Settings with single toggle. */ -export interface Anomalies extends Settings { +export type Anomalies = Settings & { /** * Determines whether the setting is enable or disabled. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly isEnabled?: boolean; -} +}; /** Settings with single toggle. */ -export interface EyesOn extends Settings { +export type EyesOn = Settings & { /** * Determines whether the setting is enable or disabled. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly isEnabled?: boolean; -} +}; /** Settings with single toggle. */ -export interface EntityAnalytics extends Settings { +export type EntityAnalytics = Settings & { /** The relevant entity providers that are synced */ entityProviders?: EntityProviders[]; -} +}; /** Settings with single toggle. */ -export interface Ueba extends Settings { +export type Ueba = Settings & { /** The relevant data sources that enriched by ueba */ dataSources?: UebaDataSources[]; -} +}; /** Threat intelligence indicator entity. */ -export interface ThreatIntelligenceIndicatorModel - extends ThreatIntelligenceInformation { +export type ThreatIntelligenceIndicatorModel = ThreatIntelligenceInformation & { /** * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -6081,58 +6016,58 @@ export interface ThreatIntelligenceIndicatorModel modified?: string; /** Extensions map */ extensions?: { [propertyName: string]: any }; -} +}; /** Represents AAD (Azure Active Directory) data connector. */ -export interface AADDataConnector extends DataConnector { +export type AADDataConnector = DataConnector & { /** The tenant id to connect to, and get the data from. */ tenantId?: string; /** The available data types for the connector. */ dataTypes?: AlertsDataTypeOfDataConnector; -} +}; /** Represents Microsoft Threat Intelligence data connector. */ -export interface MstiDataConnector extends DataConnector { +export type MstiDataConnector = DataConnector & { /** The tenant id to connect to, and get the data from. */ tenantId?: string; /** The available data types for the connector. */ dataTypes?: MstiDataConnectorDataTypes; -} +}; /** Represents MTP (Microsoft Threat Protection) data connector. */ -export interface MTPDataConnector extends DataConnector { +export type MTPDataConnector = DataConnector & { /** The tenant id to connect to, and get the data from. */ tenantId?: string; /** The available data types for the connector. */ dataTypes?: MTPDataConnectorDataTypes; -} +}; /** Represents AATP (Azure Advanced Threat Protection) data connector. */ -export interface AatpDataConnector extends DataConnector { +export type AatpDataConnector = DataConnector & { /** The tenant id to connect to, and get the data from. */ tenantId?: string; /** The available data types for the connector. */ dataTypes?: AlertsDataTypeOfDataConnector; -} +}; /** Represents ASC (Azure Security Center) data connector. */ -export interface ASCDataConnector extends DataConnector { +export type ASCDataConnector = DataConnector & { /** The available data types for the connector. */ dataTypes?: AlertsDataTypeOfDataConnector; /** The subscription id to connect to, and get the data from. */ subscriptionId?: string; -} +}; /** Represents Amazon Web Services CloudTrail data connector. */ -export interface AwsCloudTrailDataConnector extends DataConnector { +export type AwsCloudTrailDataConnector = DataConnector & { /** The Aws Role Arn (with CloudTrailReadOnly policy) that is used to access the Aws account. */ awsRoleArn?: string; /** The available data types for the connector. */ dataTypes?: AwsCloudTrailDataConnectorDataTypes; -} +}; /** Represents Amazon Web Services S3 data connector. */ -export interface AwsS3DataConnector extends DataConnector { +export type AwsS3DataConnector = DataConnector & { /** The logs destination table name in LogAnalytics. */ destinationTable?: string; /** The AWS sqs urls for the connector. */ @@ -6141,84 +6076,84 @@ export interface AwsS3DataConnector extends DataConnector { roleArn?: string; /** The available data types for the connector. */ dataTypes?: AwsS3DataConnectorDataTypes; -} +}; /** Represents MCAS (Microsoft Cloud App Security) data connector. */ -export interface McasDataConnector extends DataConnector { +export type McasDataConnector = DataConnector & { /** The tenant id to connect to, and get the data from. */ tenantId?: string; /** The available data types for the connector. */ dataTypes?: McasDataConnectorDataTypes; -} +}; /** Represents Dynamics365 data connector. */ -export interface Dynamics365DataConnector extends DataConnector { +export type Dynamics365DataConnector = DataConnector & { /** The tenant id to connect to, and get the data from. */ tenantId?: string; /** The available data types for the connector. */ dataTypes?: Dynamics365DataConnectorDataTypes; -} +}; /** Represents OfficeATP (Office 365 Advanced Threat Protection) data connector. */ -export interface OfficeATPDataConnector extends DataConnector { +export type OfficeATPDataConnector = DataConnector & { /** The tenant id to connect to, and get the data from. */ tenantId?: string; /** The available data types for the connector. */ dataTypes?: AlertsDataTypeOfDataConnector; -} +}; /** Represents Office Microsoft Project data connector. */ -export interface Office365ProjectDataConnector extends DataConnector { +export type Office365ProjectDataConnector = DataConnector & { /** The tenant id to connect to, and get the data from. */ tenantId?: string; /** The available data types for the connector. */ dataTypes?: Office365ProjectConnectorDataTypes; -} +}; /** Represents Office Microsoft PowerBI data connector. */ -export interface OfficePowerBIDataConnector extends DataConnector { +export type OfficePowerBIDataConnector = DataConnector & { /** The tenant id to connect to, and get the data from. */ tenantId?: string; /** The available data types for the connector. */ dataTypes?: OfficePowerBIConnectorDataTypes; -} +}; /** Represents OfficeIRM (Microsoft Insider Risk Management) data connector. */ -export interface OfficeIRMDataConnector extends DataConnector { +export type OfficeIRMDataConnector = DataConnector & { /** The tenant id to connect to, and get the data from. */ tenantId?: string; /** The available data types for the connector. */ dataTypes?: AlertsDataTypeOfDataConnector; -} +}; /** Represents MDATP (Microsoft Defender Advanced Threat Protection) data connector. */ -export interface MdatpDataConnector extends DataConnector { +export type MdatpDataConnector = DataConnector & { /** The tenant id to connect to, and get the data from. */ tenantId?: string; /** The available data types for the connector. */ dataTypes?: AlertsDataTypeOfDataConnector; -} +}; /** Represents office data connector. */ -export interface OfficeDataConnector extends DataConnector { +export type OfficeDataConnector = DataConnector & { /** The tenant id to connect to, and get the data from. */ tenantId?: string; /** The available data types for the connector. */ dataTypes?: OfficeDataConnectorDataTypes; -} +}; /** Represents threat intelligence data connector. */ -export interface TIDataConnector extends DataConnector { +export type TIDataConnector = DataConnector & { /** The tenant id to connect to, and get the data from. */ tenantId?: string; /** The lookback period for the feed to be imported. */ tipLookbackPeriod?: Date; /** The available data types for the connector. */ dataTypes?: TIDataConnectorDataTypes; -} +}; /** Data connector to pull Threat intelligence data from TAXII 2.0/2.1 server */ -export interface TiTaxiiDataConnector extends DataConnector { +export type TiTaxiiDataConnector = DataConnector & { /** The tenant id to connect to, and get the data from. */ tenantId?: string; /** The workspace id. */ @@ -6239,29 +6174,29 @@ export interface TiTaxiiDataConnector extends DataConnector { pollingFrequency?: PollingFrequency; /** The available data types for Threat Intelligence TAXII data connector. */ dataTypes?: TiTaxiiDataConnectorDataTypes; -} +}; /** Represents IoT data connector. */ -export interface IoTDataConnector extends DataConnector { +export type IoTDataConnector = DataConnector & { /** The available data types for the connector. */ dataTypes?: AlertsDataTypeOfDataConnector; /** The subscription id to connect to, and get the data from. */ subscriptionId?: string; -} +}; /** Represents Codeless UI data connector. */ -export interface CodelessUiDataConnector extends DataConnector { +export type CodelessUiDataConnector = DataConnector & { /** Config to describe the instructions blade */ connectorUiConfig?: CodelessUiConnectorConfigProperties; -} +}; /** Represents Codeless API Polling data connector. */ -export interface CodelessApiPollingDataConnector extends DataConnector { +export type CodelessApiPollingDataConnector = DataConnector & { /** Config to describe the instructions blade */ connectorUiConfig?: CodelessUiConnectorConfigProperties; /** Config to describe the polling instructions */ pollingConfig?: CodelessConnectorPollingConfigProperties; -} +}; /** Defines headers for Watchlists_delete operation. */ export interface WatchlistsDeleteHeaders { @@ -6277,17 +6212,11 @@ export interface WatchlistsCreateOrUpdateHeaders { /** Known values of {@link AlertRuleKind} that the service accepts. */ export enum KnownAlertRuleKind { - /** Scheduled */ Scheduled = "Scheduled", - /** MicrosoftSecurityIncidentCreation */ MicrosoftSecurityIncidentCreation = "MicrosoftSecurityIncidentCreation", - /** Fusion */ Fusion = "Fusion", - /** MLBehaviorAnalytics */ MLBehaviorAnalytics = "MLBehaviorAnalytics", - /** ThreatIntelligence */ ThreatIntelligence = "ThreatIntelligence", - /** NRT */ NRT = "NRT" } @@ -6307,13 +6236,9 @@ export type AlertRuleKind = string; /** Known values of {@link CreatedByType} that the service accepts. */ export enum KnownCreatedByType { - /** User */ User = "User", - /** Application */ Application = "Application", - /** ManagedIdentity */ ManagedIdentity = "ManagedIdentity", - /** Key */ Key = "Key" } @@ -6430,39 +6355,22 @@ export type IncidentSeverity = string; /** Known values of {@link AttackTactic} that the service accepts. */ export enum KnownAttackTactic { - /** Reconnaissance */ Reconnaissance = "Reconnaissance", - /** ResourceDevelopment */ ResourceDevelopment = "ResourceDevelopment", - /** InitialAccess */ InitialAccess = "InitialAccess", - /** Execution */ Execution = "Execution", - /** Persistence */ Persistence = "Persistence", - /** PrivilegeEscalation */ PrivilegeEscalation = "PrivilegeEscalation", - /** DefenseEvasion */ DefenseEvasion = "DefenseEvasion", - /** CredentialAccess */ CredentialAccess = "CredentialAccess", - /** Discovery */ Discovery = "Discovery", - /** LateralMovement */ LateralMovement = "LateralMovement", - /** Collection */ Collection = "Collection", - /** Exfiltration */ Exfiltration = "Exfiltration", - /** CommandAndControl */ CommandAndControl = "CommandAndControl", - /** Impact */ Impact = "Impact", - /** PreAttack */ PreAttack = "PreAttack", - /** ImpairProcessControl */ ImpairProcessControl = "ImpairProcessControl", - /** InhibitResponseFunction */ InhibitResponseFunction = "InhibitResponseFunction" } @@ -6610,11 +6518,8 @@ export type EntityItemQueryKind = string; /** Known values of {@link EntityQueryKind} that the service accepts. */ export enum KnownEntityQueryKind { - /** Expansion */ Expansion = "Expansion", - /** Insight */ Insight = "Insight", - /** Activity */ Activity = "Activity" } @@ -6631,7 +6536,6 @@ export type EntityQueryKind = string; /** Known values of {@link GetInsightsError} that the service accepts. */ export enum KnownGetInsightsError { - /** Insight */ Insight = "Insight" } @@ -6646,9 +6550,7 @@ export type GetInsightsError = string; /** Known values of {@link Enum13} that the service accepts. */ export enum KnownEnum13 { - /** Expansion */ Expansion = "Expansion", - /** Activity */ Activity = "Activity" } @@ -6664,7 +6566,6 @@ export type Enum13 = string; /** Known values of {@link CustomEntityQueryKind} that the service accepts. */ export enum KnownCustomEntityQueryKind { - /** Activity */ Activity = "Activity" } @@ -6679,7 +6580,6 @@ export type CustomEntityQueryKind = string; /** Known values of {@link EntityQueryTemplateKind} that the service accepts. */ export enum KnownEntityQueryTemplateKind { - /** Activity */ Activity = "Activity" } @@ -6952,39 +6852,22 @@ export type AlertStatus = string; /** Known values of {@link Kind} that the service accepts. */ export enum KnownKind { - /** DataConnector */ DataConnector = "DataConnector", - /** DataType */ DataType = "DataType", - /** Workbook */ Workbook = "Workbook", - /** WorkbookTemplate */ WorkbookTemplate = "WorkbookTemplate", - /** Playbook */ Playbook = "Playbook", - /** PlaybookTemplate */ PlaybookTemplate = "PlaybookTemplate", - /** AnalyticsRuleTemplate */ AnalyticsRuleTemplate = "AnalyticsRuleTemplate", - /** AnalyticsRule */ AnalyticsRule = "AnalyticsRule", - /** HuntingQuery */ HuntingQuery = "HuntingQuery", - /** InvestigationQuery */ InvestigationQuery = "InvestigationQuery", - /** Parser */ Parser = "Parser", - /** Watchlist */ Watchlist = "Watchlist", - /** WatchlistTemplate */ WatchlistTemplate = "WatchlistTemplate", - /** Solution */ Solution = "Solution", - /** AzureFunction */ AzureFunction = "AzureFunction", - /** LogicAppsCustomConnector */ LogicAppsCustomConnector = "LogicAppsCustomConnector", - /** AutomationRule */ AutomationRule = "AutomationRule" } @@ -7015,13 +6898,9 @@ export type Kind = string; /** Known values of {@link SourceKind} that the service accepts. */ export enum KnownSourceKind { - /** LocalWorkspace */ LocalWorkspace = "LocalWorkspace", - /** Community */ Community = "Community", - /** Solution */ Solution = "Solution", - /** SourceRepository */ SourceRepository = "SourceRepository" } @@ -7039,11 +6918,8 @@ export type SourceKind = string; /** Known values of {@link SupportTier} that the service accepts. */ export enum KnownSupportTier { - /** Microsoft */ Microsoft = "Microsoft", - /** Partner */ Partner = "Partner", - /** Community */ Community = "Community" } @@ -7060,9 +6936,7 @@ export type SupportTier = string; /** Known values of {@link Operator} that the service accepts. */ export enum KnownOperator { - /** AND */ AND = "AND", - /** OR */ OR = "OR" } @@ -7078,7 +6952,6 @@ export type Operator = string; /** Known values of {@link SecurityMLAnalyticsSettingsKind} that the service accepts. */ export enum KnownSecurityMLAnalyticsSettingsKind { - /** Anomaly */ Anomaly = "Anomaly" } @@ -7093,13 +6966,9 @@ export type SecurityMLAnalyticsSettingsKind = string; /** Known values of {@link SettingKind} that the service accepts. */ export enum KnownSettingKind { - /** Anomalies */ Anomalies = "Anomalies", - /** EyesOn */ EyesOn = "EyesOn", - /** EntityAnalytics */ EntityAnalytics = "EntityAnalytics", - /** Ueba */ Ueba = "Ueba" } @@ -7117,9 +6986,7 @@ export type SettingKind = string; /** Known values of {@link RepoType} that the service accepts. */ export enum KnownRepoType { - /** Github */ Github = "Github", - /** DevOps */ DevOps = "DevOps" } @@ -7135,9 +7002,7 @@ export type RepoType = string; /** Known values of {@link Version} that the service accepts. */ export enum KnownVersion { - /** V1 */ V1 = "V1", - /** V2 */ V2 = "V2" } @@ -7153,9 +7018,7 @@ export type Version = string; /** Known values of {@link ContentType} that the service accepts. */ export enum KnownContentType { - /** AnalyticRule */ AnalyticRule = "AnalyticRule", - /** Workbook */ Workbook = "Workbook" } @@ -7171,11 +7034,8 @@ export type ContentType = string; /** Known values of {@link DeploymentFetchStatus} that the service accepts. */ export enum KnownDeploymentFetchStatus { - /** Success */ Success = "Success", - /** Unauthorized */ Unauthorized = "Unauthorized", - /** NotFound */ NotFound = "NotFound" } @@ -7192,13 +7052,9 @@ export type DeploymentFetchStatus = string; /** Known values of {@link DeploymentState} that the service accepts. */ export enum KnownDeploymentState { - /** InProgress */ InProgress = "In_Progress", - /** Completed */ Completed = "Completed", - /** Queued */ Queued = "Queued", - /** Canceling */ Canceling = "Canceling" } @@ -7216,11 +7072,8 @@ export type DeploymentState = string; /** Known values of {@link DeploymentResult} that the service accepts. */ export enum KnownDeploymentResult { - /** Success */ Success = "Success", - /** Canceled */ Canceled = "Canceled", - /** Failed */ Failed = "Failed" } @@ -7252,11 +7105,8 @@ export type ThreatIntelligenceResourceKindEnum = string; /** Known values of {@link ThreatIntelligenceSortingCriteriaEnum} that the service accepts. */ export enum KnownThreatIntelligenceSortingCriteriaEnum { - /** Unsorted */ Unsorted = "unsorted", - /** Ascending */ Ascending = "ascending", - /** Descending */ Descending = "descending" } @@ -7273,9 +7123,7 @@ export type ThreatIntelligenceSortingCriteriaEnum = string; /** Known values of {@link SourceType} that the service accepts. */ export enum KnownSourceType { - /** LocalFile */ LocalFile = "Local file", - /** RemoteStorage */ RemoteStorage = "Remote storage" } @@ -7291,45 +7139,25 @@ export type SourceType = string; /** Known values of {@link DataConnectorKind} that the service accepts. */ export enum KnownDataConnectorKind { - /** AzureActiveDirectory */ AzureActiveDirectory = "AzureActiveDirectory", - /** AzureSecurityCenter */ AzureSecurityCenter = "AzureSecurityCenter", - /** MicrosoftCloudAppSecurity */ MicrosoftCloudAppSecurity = "MicrosoftCloudAppSecurity", - /** ThreatIntelligence */ ThreatIntelligence = "ThreatIntelligence", - /** ThreatIntelligenceTaxii */ ThreatIntelligenceTaxii = "ThreatIntelligenceTaxii", - /** Office365 */ Office365 = "Office365", - /** OfficeATP */ OfficeATP = "OfficeATP", - /** OfficeIRM */ OfficeIRM = "OfficeIRM", - /** Office365Project */ Office365Project = "Office365Project", - /** OfficePowerBI */ OfficePowerBI = "OfficePowerBI", - /** AmazonWebServicesCloudTrail */ AmazonWebServicesCloudTrail = "AmazonWebServicesCloudTrail", - /** AmazonWebServicesS3 */ AmazonWebServicesS3 = "AmazonWebServicesS3", - /** AzureAdvancedThreatProtection */ AzureAdvancedThreatProtection = "AzureAdvancedThreatProtection", - /** MicrosoftDefenderAdvancedThreatProtection */ MicrosoftDefenderAdvancedThreatProtection = "MicrosoftDefenderAdvancedThreatProtection", - /** Dynamics365 */ Dynamics365 = "Dynamics365", - /** MicrosoftThreatProtection */ MicrosoftThreatProtection = "MicrosoftThreatProtection", - /** MicrosoftThreatIntelligence */ MicrosoftThreatIntelligence = "MicrosoftThreatIntelligence", - /** GenericUI */ GenericUI = "GenericUI", - /** APIPolling */ APIPolling = "APIPolling", - /** IOT */ IOT = "IOT" } @@ -7363,11 +7191,8 @@ export type DataConnectorKind = string; /** Known values of {@link ConnectAuthKind} that the service accepts. */ export enum KnownConnectAuthKind { - /** Basic */ Basic = "Basic", - /** OAuth2 */ OAuth2 = "OAuth2", - /** APIKey */ APIKey = "APIKey" } @@ -7384,9 +7209,7 @@ export type ConnectAuthKind = string; /** Known values of {@link DataConnectorAuthorizationState} that the service accepts. */ export enum KnownDataConnectorAuthorizationState { - /** Valid */ Valid = "Valid", - /** Invalid */ Invalid = "Invalid" } @@ -7402,11 +7225,8 @@ export type DataConnectorAuthorizationState = string; /** Known values of {@link DataConnectorLicenseState} that the service accepts. */ export enum KnownDataConnectorLicenseState { - /** Valid */ Valid = "Valid", - /** Invalid */ Invalid = "Invalid", - /** Unknown */ Unknown = "Unknown" } @@ -7510,19 +7330,12 @@ export type EntityMappingType = string; /** Known values of {@link MicrosoftSecurityProductName} that the service accepts. */ export enum KnownMicrosoftSecurityProductName { - /** MicrosoftCloudAppSecurity */ MicrosoftCloudAppSecurity = "Microsoft Cloud App Security", - /** AzureSecurityCenter */ AzureSecurityCenter = "Azure Security Center", - /** AzureAdvancedThreatProtection */ AzureAdvancedThreatProtection = "Azure Advanced Threat Protection", - /** AzureActiveDirectoryIdentityProtection */ AzureActiveDirectoryIdentityProtection = "Azure Active Directory Identity Protection", - /** AzureSecurityCenterForIoT */ AzureSecurityCenterForIoT = "Azure Security Center for IoT", - /** Office365AdvancedThreatProtection */ Office365AdvancedThreatProtection = "Office 365 Advanced Threat Protection", - /** MicrosoftDefenderAdvancedThreatProtection */ MicrosoftDefenderAdvancedThreatProtection = "Microsoft Defender Advanced Threat Protection" } @@ -7582,9 +7395,7 @@ export type AlertDetail = string; /** Known values of {@link EventGroupingAggregationKind} that the service accepts. */ export enum KnownEventGroupingAggregationKind { - /** SingleAlert */ SingleAlert = "SingleAlert", - /** AlertPerResult */ AlertPerResult = "AlertPerResult" } @@ -7969,13 +7780,9 @@ export type EntityType = string; /** Known values of {@link OutputType} that the service accepts. */ export enum KnownOutputType { - /** Number */ Number = "Number", - /** String */ String = "String", - /** Date */ Date = "Date", - /** Entity */ Entity = "Entity" } @@ -8011,9 +7818,7 @@ export type SettingsStatus = string; /** Known values of {@link EntityProviders} that the service accepts. */ export enum KnownEntityProviders { - /** ActiveDirectory */ ActiveDirectory = "ActiveDirectory", - /** AzureActiveDirectory */ AzureActiveDirectory = "AzureActiveDirectory" } @@ -8029,13 +7834,9 @@ export type EntityProviders = string; /** Known values of {@link UebaDataSources} that the service accepts. */ export enum KnownUebaDataSources { - /** AuditLogs */ AuditLogs = "AuditLogs", - /** AzureActivity */ AzureActivity = "AzureActivity", - /** SecurityEvent */ SecurityEvent = "SecurityEvent", - /** SigninLogs */ SigninLogs = "SigninLogs" } @@ -8053,9 +7854,7 @@ export type UebaDataSources = string; /** Known values of {@link DataTypeState} that the service accepts. */ export enum KnownDataTypeState { - /** Enabled */ Enabled = "Enabled", - /** Disabled */ Disabled = "Disabled" } @@ -8092,7 +7891,6 @@ export type PollingFrequency = string; /** Known values of {@link ConnectivityType} that the service accepts. */ export enum KnownConnectivityType { - /** IsConnectedQuery */ IsConnectedQuery = "IsConnectedQuery" } @@ -8107,17 +7905,11 @@ export type ConnectivityType = string; /** Known values of {@link ProviderName} that the service accepts. */ export enum KnownProviderName { - /** MicrosoftOperationalInsightsSolutions */ MicrosoftOperationalInsightsSolutions = "Microsoft.OperationalInsights/solutions", - /** MicrosoftOperationalInsightsWorkspaces */ MicrosoftOperationalInsightsWorkspaces = "Microsoft.OperationalInsights/workspaces", - /** MicrosoftOperationalInsightsWorkspacesDatasources */ MicrosoftOperationalInsightsWorkspacesDatasources = "Microsoft.OperationalInsights/workspaces/datasources", - /** MicrosoftAadiamDiagnosticSettings */ MicrosoftAadiamDiagnosticSettings = "microsoft.aadiam/diagnosticSettings", - /** MicrosoftOperationalInsightsWorkspacesSharedKeys */ MicrosoftOperationalInsightsWorkspacesSharedKeys = "Microsoft.OperationalInsights/workspaces/sharedKeys", - /** MicrosoftAuthorizationPolicyAssignments */ MicrosoftAuthorizationPolicyAssignments = "Microsoft.Authorization/policyAssignments" } @@ -8137,11 +7929,8 @@ export type ProviderName = string; /** Known values of {@link PermissionProviderScope} that the service accepts. */ export enum KnownPermissionProviderScope { - /** ResourceGroup */ ResourceGroup = "ResourceGroup", - /** Subscription */ Subscription = "Subscription", - /** Workspace */ Workspace = "Workspace" } @@ -8158,11 +7947,8 @@ export type PermissionProviderScope = string; /** Known values of {@link SettingType} that the service accepts. */ export enum KnownSettingType { - /** CopyableLabel */ CopyableLabel = "CopyableLabel", - /** InstructionStepsGroup */ InstructionStepsGroup = "InstructionStepsGroup", - /** InfoMessage */ InfoMessage = "InfoMessage" } diff --git a/sdk/securityinsight/arm-securityinsight/src/models/mappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/mappers.ts index 6a5a7d831fa4..ce4a1b43b227 100644 --- a/sdk/securityinsight/arm-securityinsight/src/models/mappers.ts +++ b/sdk/securityinsight/arm-securityinsight/src/models/mappers.ts @@ -405,6 +405,7 @@ export const ManualTriggerRequestBody: coreClient.CompositeMapper = { }, logicAppsResourceId: { serializedName: "logicAppsResourceId", + required: true, type: { name: "String" } diff --git a/sdk/securityinsight/arm-securityinsight/src/securityInsights.ts b/sdk/securityinsight/arm-securityinsight/src/securityInsights.ts index 8bdfe0d3b316..6e9c023b7a3e 100644 --- a/sdk/securityinsight/arm-securityinsight/src/securityInsights.ts +++ b/sdk/securityinsight/arm-securityinsight/src/securityInsights.ts @@ -118,7 +118,7 @@ export class SecurityInsights extends coreClient.ServiceClient { credential: credentials }; - const packageDetails = `azsdk-js-arm-securityinsight/1.0.0-beta.4`; + const packageDetails = `azsdk-js-arm-securityinsight/1.0.0-beta.5`; const userAgentPrefix = options.userAgentOptions && options.userAgentOptions.userAgentPrefix ? `${options.userAgentOptions.userAgentPrefix} ${packageDetails}` @@ -138,34 +138,27 @@ export class SecurityInsights extends coreClient.ServiceClient { }; super(optionsWithDefaults); - let bearerTokenAuthenticationPolicyFound: boolean = false; if (options?.pipeline && options.pipeline.getOrderedPolicies().length > 0) { const pipelinePolicies: coreRestPipeline.PipelinePolicy[] = options.pipeline.getOrderedPolicies(); - bearerTokenAuthenticationPolicyFound = pipelinePolicies.some( + const bearerTokenAuthenticationPolicyFound = pipelinePolicies.some( (pipelinePolicy) => pipelinePolicy.name === coreRestPipeline.bearerTokenAuthenticationPolicyName ); - } - if ( - !options || - !options.pipeline || - options.pipeline.getOrderedPolicies().length == 0 || - !bearerTokenAuthenticationPolicyFound - ) { - this.pipeline.removePolicy({ - name: coreRestPipeline.bearerTokenAuthenticationPolicyName - }); - this.pipeline.addPolicy( - coreRestPipeline.bearerTokenAuthenticationPolicy({ - credential: credentials, - scopes: `${optionsWithDefaults.credentialScopes}`, - challengeCallbacks: { - authorizeRequestOnChallenge: - coreClient.authorizeRequestOnClaimChallenge - } - }) - ); + if (!bearerTokenAuthenticationPolicyFound) { + this.pipeline.removePolicy({ + name: coreRestPipeline.bearerTokenAuthenticationPolicyName + }); + this.pipeline.addPolicy( + coreRestPipeline.bearerTokenAuthenticationPolicy({ + scopes: `${optionsWithDefaults.baseUri}/.default`, + challengeCallbacks: { + authorizeRequestOnChallenge: + coreClient.authorizeRequestOnClaimChallenge + } + }) + ); + } } // Parameter assignments this.subscriptionId = subscriptionId; @@ -234,7 +227,7 @@ export class SecurityInsights extends coreClient.ServiceClient { if (param.length > 1) { const newParams = param[1].split("&").map((item) => { if (item.indexOf("api-version") > -1) { - return "api-version=" + apiVersion; + return item.replace(/(?<==).*$/, apiVersion); } else { return item; } diff --git a/sdk/securityinsight/arm-securityinsight/tsconfig.json b/sdk/securityinsight/arm-securityinsight/tsconfig.json index 6c7875caddba..3e6ae96443f3 100644 --- a/sdk/securityinsight/arm-securityinsight/tsconfig.json +++ b/sdk/securityinsight/arm-securityinsight/tsconfig.json @@ -15,17 +15,11 @@ ], "declaration": true, "outDir": "./dist-esm", - "importHelpers": true, - "paths": { - "@azure/arm-securityinsight": [ - "./src/index" - ] - } + "importHelpers": true }, "include": [ "./src/**/*.ts", - "./test/**/*.ts", - "samples-dev/**/*.ts" + "./test/**/*.ts" ], "exclude": [ "node_modules"