Skip to content

Commit

Permalink
Alert simulator security microsoft.security 2021 01 01 (#12614)
Browse files Browse the repository at this point in the history 
* Alert Simulator

* Added AlertSimulator

* removed alert simulator

* rebase squash

* Added AlertSimulator

* rebase squash

* Fix

* removing alert simulator from old API

* removed example from old API

* Updated response to be 202

* Added discriminator

* Prettier

* Prettier

* readme fix

* readme fix

* readme fix

* readme fix

* readme fix

* readme fix

* Fixes

* Fixes

* Duplication fix

* Added 2 new bundles

* reverted change

* Changed readme

* Changed readme

* Changed simulation kind to kind

* Added x-ms-long-running-operation

* Prettier

Co-authored-by: t-yucohe <t-yucohe@microsoft.com>
  • Loading branch information
@yuvi123yuvi
yuvi123yuvi and t-yucohe authored Feb 23, 2021
1 parent a978363 commit 605f17b
Show file tree
Hide file tree
Showing 16 changed files with 1,920 additions and 2 deletions.
1,120 changes: 1,120 additions & 0 deletions specification/security/resource-manager/Microsoft.Security/stable/2021-01-01/alerts.json
View file

Large diffs are not rendered by default.

79 changes: 79 additions & 0 deletions ...oft.Security/stable/2021-01-01/examples/Alerts/GetAlertResourceGroupLocation_example.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
{
"parameters": {
"api-version": "2020-01-01",
"subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23",
"resourceGroupName": "myRg1",
"ascLocation": "westeurope",
"alertName": "2518298467986649999_4d25bfef-2d77-4a08-adc0-3e35715cc92a"
},
"responses": {
"200": {
"body": {
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA",
"name": "2518298467986649999_4d25bfef-2d77-4a08-adc0-3e35715cc92a",
"type": "Microsoft.Security/Locations/alerts",
"properties": {
"alertType": "VM_EICAR",
"systemAlertId": "2518298467986649999_4d25bfef-2d77-4a08-adc0-3e35715cc92a",
"productComponentName": "",
"alertDisplayName": "Azure Security Center test alert (not a threat)",
"description": "This is a test alert generated by Azure Security Center. No further action is needed.",
"severity": "High",
"intent": "Execution",
"startTimeUtc": "2020-02-22T00:00:00.0000000Z",
"endTimeUtc": "2020-02-22T00:00:00.0000000Z",
"resourceIdentifiers": [
{
"azureResourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1",
"type": "AzureResource"
},
{
"workspaceId": "f419f624-acad-4d89-b86d-f62fa387f019",
"workspaceSubscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23",
"workspaceResourceGroup": "myRg1",
"agentId": "75724a01-f021-4aa8-9ec2-329792373e6e",
"type": "LogAnalytics"
}
],
"remediationSteps": [
"No further action is needed."
],
"vendorName": "Microsoft",
"status": "New",
"extendedLinks": [
{
"Category": "threat_reports",
"Label": "Report: RDP Brute Forcing",
"Href": "https://contoso.com/reports/DisplayReport",
"Type": "webLink"
}
],
"alertUri": "https://portal.azure.com/#blade/Microsoft_Azure_Security/AlertBlade/alertId/2518298467986649999_4d25bfef-2d77-4a08-adc0-3e35715cc92a/subscriptionId/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroup/myRg1/referencedFrom/alertDeepLink/location/westeurope",
"timeGeneratedUtc": "2020-02-23T13:47:58.0000000Z",
"productName": "Azure Security Center",
"processingEndTimeUtc": "2020-02-23T13:47:58.9205584Z",
"entities": [
{
"address": "192.0.2.1",
"location": {
"countryCode": "gb",
"state": "wokingham",
"city": "sonning",
"longitude": -0.909,
"latitude": 51.468,
"asn": 6584
},
"type": "ip"
}
],
"isIncident": true,
"correlationKey": "kso0LFWxzCll5tqrk5hmrBJ+MY1BX806W6q6+0s9Lk=",
"extendedProperties": {
"Property1": "Property1 information"
},
"compromisedEntity": "vm1"
}
}
}
}
}
78 changes: 78 additions & 0 deletions ...soft.Security/stable/2021-01-01/examples/Alerts/GetAlertSubscriptionLocation_example.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
{
"parameters": {
"api-version": "2020-01-01",
"subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23",
"ascLocation": "westeurope",
"alertName": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA"
},
"responses": {
"200": {
"body": {
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA",
"name": "2518298467986649999_4d25bfef-2d77-4a08-adc0-3e35715cc92a",
"type": "Microsoft.Security/Locations/alerts",
"properties": {
"alertType": "VM_EICAR",
"systemAlertId": "2518298467986649999_4d25bfef-2d77-4a08-adc0-3e35715cc92a",
"productComponentName": "",
"alertDisplayName": "Azure Security Center test alert (not a threat)",
"description": "This is a test alert generated by Azure Security Center. No further action is needed.",
"severity": "High",
"intent": "Execution",
"startTimeUtc": "2020-02-22T00:00:00.0000000Z",
"endTimeUtc": "2020-02-22T00:00:00.0000000Z",
"resourceIdentifiers": [
{
"azureResourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1",
"type": "AzureResource"
},
{
"workspaceId": "f419f624-acad-4d89-b86d-f62fa387f019",
"workspaceSubscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23",
"workspaceResourceGroup": "myRg1",
"agentId": "75724a01-f021-4aa8-9ec2-329792373e6e",
"type": "LogAnalytics"
}
],
"remediationSteps": [
"No further action is needed."
],
"vendorName": "Microsoft",
"status": "New",
"extendedLinks": [
{
"Category": "threat_reports",
"Label": "Report: RDP Brute Forcing",
"Href": "https://contoso.com/reports/DisplayReport",
"Type": "webLink"
}
],
"alertUri": "https://portal.azure.com/#blade/Microsoft_Azure_Security/AlertBlade/alertId/2518298467986649999_4d25bfef-2d77-4a08-adc0-3e35715cc92a/subscriptionId/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroup/myRg1/referencedFrom/alertDeepLink/location/westeurope",
"timeGeneratedUtc": "2020-02-23T13:47:58.0000000Z",
"productName": "Azure Security Center",
"processingEndTimeUtc": "2020-02-23T13:47:58.9205584Z",
"entities": [
{
"address": "192.0.2.1",
"location": {
"countryCode": "gb",
"state": "wokingham",
"city": "sonning",
"longitude": -0.909,
"latitude": 51.468,
"asn": 6584
},
"type": "ip"
}
],
"isIncident": true,
"correlationKey": "kso0LFWxzCll5tqrk5hmrBJ+MY1BX806W6q6+0s9Lk=",
"extendedProperties": {
"Property1": "Property1 information"
},
"compromisedEntity": "vm1"
}
}
}
}
}
82 changes: 82 additions & 0 deletions ...ft.Security/stable/2021-01-01/examples/Alerts/GetAlertsResourceGroupLocation_example.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
{
"parameters": {
"api-version": "2020-01-01",
"subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23",
"resourceGroupName": "myRg1",
"ascLocation": "westeurope"
},
"responses": {
"200": {
"body": {
"value": [
{
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA",
"name": "2518298467986649999_4d25bfef-2d77-4a08-adc0-3e35715cc92a",
"type": "Microsoft.Security/Locations/alerts",
"properties": {
"alertType": "VM_EICAR",
"systemAlertId": "2518298467986649999_4d25bfef-2d77-4a08-adc0-3e35715cc92a",
"productComponentName": "",
"alertDisplayName": "Azure Security Center test alert (not a threat)",
"description": "This is a test alert generated by Azure Security Center. No further action is needed.",
"severity": "High",
"intent": "Execution",
"startTimeUtc": "2020-02-22T00:00:00.0000000Z",
"endTimeUtc": "2020-02-22T00:00:00.0000000Z",
"resourceIdentifiers": [
{
"azureResourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1",
"type": "AzureResource"
},
{
"workspaceId": "f419f624-acad-4d89-b86d-f62fa387f019",
"workspaceSubscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23",
"workspaceResourceGroup": "myRg1",
"agentId": "75724a01-f021-4aa8-9ec2-329792373e6e",
"type": "LogAnalytics"
}
],
"remediationSteps": [
"No further action is needed."
],
"vendorName": "Microsoft",
"status": "New",
"extendedLinks": [
{
"Category": "threat_reports",
"Label": "Report: RDP Brute Forcing",
"Href": "https://contoso.com/reports/DisplayReport",
"Type": "webLink"
}
],
"alertUri": "https://portal.azure.com/#blade/Microsoft_Azure_Security/AlertBlade/alertId/2518298467986649999_4d25bfef-2d77-4a08-adc0-3e35715cc92a/subscriptionId/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroup/myRg1/referencedFrom/alertDeepLink/location/westeurope",
"timeGeneratedUtc": "2020-02-23T13:47:58.0000000Z",
"productName": "Azure Security Center",
"processingEndTimeUtc": "2020-02-23T13:47:58.9205584Z",
"entities": [
{
"address": "192.0.2.1",
"location": {
"countryCode": "gb",
"state": "wokingham",
"city": "sonning",
"longitude": -0.909,
"latitude": 51.468,
"asn": 6584
},
"type": "ip"
}
],
"isIncident": true,
"correlationKey": "kso0LFWxzCll5tqrk5hmrBJ+MY1BX806W6q6+0s9Lk=",
"extendedProperties": {
"Property1": "Property1 information"
},
"compromisedEntity": "vm1"
}
}
]
}
}
}
}
81 changes: 81 additions & 0 deletions .../Microsoft.Security/stable/2021-01-01/examples/Alerts/GetAlertsResourceGroup_example.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
{
"parameters": {
"api-version": "2020-01-01",
"subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23",
"resourceGroupName": "myRg1"
},
"responses": {
"200": {
"body": {
"value": [
{
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA",
"name": "2518298467986649999_4d25bfef-2d77-4a08-adc0-3e35715cc92a",
"type": "Microsoft.Security/Locations/alerts",
"properties": {
"alertType": "VM_EICAR",
"systemAlertId": "2518298467986649999_4d25bfef-2d77-4a08-adc0-3e35715cc92a",
"productComponentName": "",
"alertDisplayName": "Azure Security Center test alert (not a threat)",
"description": "This is a test alert generated by Azure Security Center. No further action is needed.",
"severity": "High",
"intent": "Execution",
"startTimeUtc": "2020-02-22T00:00:00.0000000Z",
"endTimeUtc": "2020-02-22T00:00:00.0000000Z",
"resourceIdentifiers": [
{
"azureResourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1",
"type": "AzureResource"
},
{
"workspaceId": "f419f624-acad-4d89-b86d-f62fa387f019",
"workspaceSubscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23",
"workspaceResourceGroup": "myRg1",
"agentId": "75724a01-f021-4aa8-9ec2-329792373e6e",
"type": "LogAnalytics"
}
],
"remediationSteps": [
"No further action is needed."
],
"vendorName": "Microsoft",
"status": "New",
"extendedLinks": [
{
"Category": "threat_reports",
"Label": "Report: RDP Brute Forcing",
"Href": "https://contoso.com/reports/DisplayReport",
"Type": "webLink"
}
],
"alertUri": "https://portal.azure.com/#blade/Microsoft_Azure_Security/AlertBlade/alertId/2518298467986649999_4d25bfef-2d77-4a08-adc0-3e35715cc92a/subscriptionId/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroup/myRg1/referencedFrom/alertDeepLink/location/westeurope",
"timeGeneratedUtc": "2020-02-23T13:47:58.0000000Z",
"productName": "Azure Security Center",
"processingEndTimeUtc": "2020-02-23T13:47:58.9205584Z",
"entities": [
{
"address": "192.0.2.1",
"location": {
"countryCode": "gb",
"state": "wokingham",
"city": "sonning",
"longitude": -0.909,
"latitude": 51.468,
"asn": 6584
},
"type": "ip"
}
],
"isIncident": true,
"correlationKey": "kso0LFWxzCll5tqrk5hmrBJ+MY1BX806W6q6+0s9Lk=",
"extendedProperties": {
"Property1": "Property1 information"
},
"compromisedEntity": "vm1"
}
}
]
}
}
}
}
Loading

0 comments on commit 605f17b

Please sign in to comment.