diff --git a/sdk/securityinsights/azure-resourcemanager-securityinsights/CHANGELOG.md b/sdk/securityinsights/azure-resourcemanager-securityinsights/CHANGELOG.md
index 51d1f53d44663..16aa7e5584f88 100644
--- a/sdk/securityinsights/azure-resourcemanager-securityinsights/CHANGELOG.md
+++ b/sdk/securityinsights/azure-resourcemanager-securityinsights/CHANGELOG.md
@@ -1,6 +1,8 @@
# Release History
-## 1.0.0-beta.5 (Unreleased)
+## 1.0.0-beta.1 (2023-09-18)
+
+- Azure Resource Manager SecurityInsights client library for Java. This package contains Microsoft Azure SDK for SecurityInsights Management SDK. API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider. Package tag package-preview-2023-09. For documentation on how to use this package, please see [Azure Management Libraries for Java](https://aka.ms/azsdk/java/mgmt).
### Features Added
diff --git a/sdk/securityinsights/azure-resourcemanager-securityinsights/README.md b/sdk/securityinsights/azure-resourcemanager-securityinsights/README.md
index be7cd5eb6b9ee..a58df94496a2b 100644
--- a/sdk/securityinsights/azure-resourcemanager-securityinsights/README.md
+++ b/sdk/securityinsights/azure-resourcemanager-securityinsights/README.md
@@ -2,7 +2,7 @@
Azure Resource Manager SecurityInsights client library for Java.
-This package contains Microsoft Azure SDK for SecurityInsights Management SDK. API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider. Package tag package-preview-2022-09. For documentation on how to use this package, please see [Azure Management Libraries for Java](https://aka.ms/azsdk/java/mgmt).
+This package contains Microsoft Azure SDK for SecurityInsights Management SDK. API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider. Package tag package-preview-2023-09. For documentation on how to use this package, please see [Azure Management Libraries for Java](https://aka.ms/azsdk/java/mgmt).
## We'd love to hear your feedback
@@ -32,7 +32,7 @@ Various documentation is available to help you get started
com.azure.resourcemanager
azure-resourcemanager-securityinsights
- 1.0.0-beta.4
+ 1.0.0-beta.5
```
[//]: # ({x-version-update-end})
@@ -41,19 +41,19 @@ Various documentation is available to help you get started
Azure Management Libraries require a `TokenCredential` implementation for authentication and an `HttpClient` implementation for HTTP client.
-[Azure Identity][azure_identity] package and [Azure Core Netty HTTP][azure_core_http_netty] package provide the default implementation.
+[Azure Identity][azure_identity] and [Azure Core Netty HTTP][azure_core_http_netty] packages provide the default implementation.
### Authentication
-By default, Azure Active Directory token authentication depends on correct configure of following environment variables.
+By default, Azure Active Directory token authentication depends on correct configuration of the following environment variables.
- `AZURE_CLIENT_ID` for Azure client ID.
- `AZURE_TENANT_ID` for Azure tenant ID.
- `AZURE_CLIENT_SECRET` or `AZURE_CLIENT_CERTIFICATE_PATH` for client secret or client certificate.
-In addition, Azure subscription ID can be configured via environment variable `AZURE_SUBSCRIPTION_ID`.
+In addition, Azure subscription ID can be configured via `AZURE_SUBSCRIPTION_ID` environment variable.
-With above configuration, `azure` client can be authenticated by following code:
+With above configuration, `azure` client can be authenticated using the following code:
```java
AzureProfile profile = new AzureProfile(AzureEnvironment.AZURE);
@@ -83,13 +83,13 @@ See [API design][design] for general introduction on design and key concepts on
## Contributing
-For details on contributing to this repository, see the [contributing guide](https://github.com/Azure/azure-sdk-for-java/blob/main/CONTRIBUTING.md).
+For details on contributing to this repository, see the [contributing guide][cg].
-1. Fork it
-1. Create your feature branch (`git checkout -b my-new-feature`)
-1. Commit your changes (`git commit -am 'Add some feature'`)
-1. Push to the branch (`git push origin my-new-feature`)
-1. Create new Pull Request
+This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit .
+
+When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repositories using our CLA.
+
+This project has adopted the [Microsoft Open Source Code of Conduct][coc]. For more information see the [Code of Conduct FAQ][coc_faq] or contact with any additional questions or comments.
[survey]: https://microsoft.qualtrics.com/jfe/form/SV_ehN0lIk2FKEBkwd?Q_CHL=DOCS
@@ -100,3 +100,8 @@ For details on contributing to this repository, see the [contributing guide](htt
[azure_core_http_netty]: https://github.com/Azure/azure-sdk-for-java/blob/main/sdk/core/azure-core-http-netty
[authenticate]: https://github.com/Azure/azure-sdk-for-java/blob/main/sdk/resourcemanager/docs/AUTH.md
[design]: https://github.com/Azure/azure-sdk-for-java/blob/main/sdk/resourcemanager/docs/DESIGN.md
+[cg]: https://github.com/Azure/azure-sdk-for-java/blob/main/CONTRIBUTING.md
+[coc]: https://opensource.microsoft.com/codeofconduct/
+[coc_faq]: https://opensource.microsoft.com/codeofconduct/faq/
+
+
diff --git a/sdk/securityinsights/azure-resourcemanager-securityinsights/SAMPLE.md b/sdk/securityinsights/azure-resourcemanager-securityinsights/SAMPLE.md
index de287165b2a01..5b551beca3371 100644
--- a/sdk/securityinsights/azure-resourcemanager-securityinsights/SAMPLE.md
+++ b/sdk/securityinsights/azure-resourcemanager-securityinsights/SAMPLE.md
@@ -8,6 +8,10 @@
- [Get](#actions_get)
- [ListByAlertRule](#actions_listbyalertrule)
+## AlertRuleOperation
+
+- [TriggerRuleRun](#alertruleoperation_triggerrulerun)
+
## AlertRuleTemplates
- [Get](#alertruletemplates_get)
@@ -27,6 +31,11 @@
- [Get](#automationrules_get)
- [List](#automationrules_list)
+## BillingStatistics
+
+- [Get](#billingstatistics_get)
+- [List](#billingstatistics_list)
+
## BookmarkOperation
- [Expand](#bookmarkoperation_expand)
@@ -45,6 +54,33 @@
- [Get](#bookmarks_get)
- [List](#bookmarks_list)
+## ContentPackageOperation
+
+- [Install](#contentpackageoperation_install)
+- [Uninstall](#contentpackageoperation_uninstall)
+
+## ContentPackages
+
+- [Get](#contentpackages_get)
+- [List](#contentpackages_list)
+
+## ContentTemplateOperation
+
+- [Delete](#contenttemplateoperation_delete)
+- [Get](#contenttemplateoperation_get)
+- [Install](#contenttemplateoperation_install)
+
+## ContentTemplates
+
+- [List](#contenttemplates_list)
+
+## DataConnectorDefinitions
+
+- [CreateOrUpdate](#dataconnectordefinitions_createorupdate)
+- [Delete](#dataconnectordefinitions_delete)
+- [Get](#dataconnectordefinitions_get)
+- [List](#dataconnectordefinitions_list)
+
## DataConnectors
- [Connect](#dataconnectors_connect)
@@ -69,6 +105,7 @@
- [GetInsights](#entities_getinsights)
- [List](#entities_list)
- [Queries](#entities_queries)
+- [RunPlaybook](#entities_runplaybook)
## EntitiesGetTimeline
@@ -101,6 +138,39 @@
- [Get](#fileimports_get)
- [List](#fileimports_list)
+## Get
+
+- [SingleRecommendation](#get_singlerecommendation)
+
+## GetRecommendations
+
+- [List](#getrecommendations_list)
+
+## GetTriggeredAnalyticsRuleRuns
+
+- [List](#gettriggeredanalyticsruleruns_list)
+
+## HuntComments
+
+- [CreateOrUpdate](#huntcomments_createorupdate)
+- [Delete](#huntcomments_delete)
+- [Get](#huntcomments_get)
+- [List](#huntcomments_list)
+
+## HuntRelations
+
+- [CreateOrUpdate](#huntrelations_createorupdate)
+- [Delete](#huntrelations_delete)
+- [Get](#huntrelations_get)
+- [List](#huntrelations_list)
+
+## Hunts
+
+- [CreateOrUpdate](#hunts_createorupdate)
+- [Delete](#hunts_delete)
+- [Get](#hunts_get)
+- [List](#hunts_list)
+
## IncidentComments
- [CreateOrUpdate](#incidentcomments_createorupdate)
@@ -115,6 +185,13 @@
- [Get](#incidentrelations_get)
- [List](#incidentrelations_list)
+## IncidentTasks
+
+- [CreateOrUpdate](#incidenttasks_createorupdate)
+- [Delete](#incidenttasks_delete)
+- [Get](#incidenttasks_get)
+- [List](#incidenttasks_list)
+
## Incidents
- [CreateOrUpdate](#incidents_createorupdate)
@@ -149,6 +226,14 @@
- [List](#operations_list)
+## ProductPackageOperation
+
+- [Get](#productpackageoperation_get)
+
+## ProductPackages
+
+- [List](#productpackages_list)
+
## ProductSettings
- [Delete](#productsettings_delete)
@@ -156,6 +241,14 @@
- [List](#productsettings_list)
- [Update](#productsettings_update)
+## ProductTemplateOperation
+
+- [Get](#producttemplateoperation_get)
+
+## ProductTemplates
+
+- [List](#producttemplates_list)
+
## SecurityMLAnalyticsSettings
- [CreateOrUpdate](#securitymlanalyticssettings_createorupdate)
@@ -199,6 +292,14 @@
- [List](#threatintelligenceindicatorsoperation_list)
+## TriggeredAnalyticsRuleRunOperation
+
+- [Get](#triggeredanalyticsrulerunoperation_get)
+
+## Update
+
+- [Recommendation](#update_recommendation)
+
## WatchlistItems
- [CreateOrUpdate](#watchlistitems_createorupdate)
@@ -212,13 +313,48 @@
- [Delete](#watchlists_delete)
- [Get](#watchlists_get)
- [List](#watchlists_list)
+
+## WorkspaceManagerAssignmentJobs
+
+- [Create](#workspacemanagerassignmentjobs_create)
+- [Delete](#workspacemanagerassignmentjobs_delete)
+- [Get](#workspacemanagerassignmentjobs_get)
+- [List](#workspacemanagerassignmentjobs_list)
+
+## WorkspaceManagerAssignments
+
+- [CreateOrUpdate](#workspacemanagerassignments_createorupdate)
+- [Delete](#workspacemanagerassignments_delete)
+- [Get](#workspacemanagerassignments_get)
+- [List](#workspacemanagerassignments_list)
+
+## WorkspaceManagerConfigurations
+
+- [CreateOrUpdate](#workspacemanagerconfigurations_createorupdate)
+- [Delete](#workspacemanagerconfigurations_delete)
+- [Get](#workspacemanagerconfigurations_get)
+- [List](#workspacemanagerconfigurations_list)
+
+## WorkspaceManagerGroups
+
+- [CreateOrUpdate](#workspacemanagergroups_createorupdate)
+- [Delete](#workspacemanagergroups_delete)
+- [Get](#workspacemanagergroups_get)
+- [List](#workspacemanagergroups_list)
+
+## WorkspaceManagerMembers
+
+- [CreateOrUpdate](#workspacemanagermembers_createorupdate)
+- [Delete](#workspacemanagermembers_delete)
+- [Get](#workspacemanagermembers_get)
+- [List](#workspacemanagermembers_list)
### Actions_CreateOrUpdate
```java
/** Samples for Actions CreateOrUpdate. */
public final class ActionsCreateOrUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/actions/CreateActionOfAlertRule.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/actions/CreateActionOfAlertRule.json
*/
/**
* Sample code: Creates or updates an action of alert rule.
@@ -244,12 +380,10 @@ public final class ActionsCreateOrUpdateSamples {
### Actions_Delete
```java
-import com.azure.core.util.Context;
-
/** Samples for Actions Delete. */
public final class ActionsDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/actions/DeleteActionOfAlertRule.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/actions/DeleteActionOfAlertRule.json
*/
/**
* Sample code: Delete an action of alert rule.
@@ -265,7 +399,7 @@ public final class ActionsDeleteSamples {
"myWorkspace",
"73e01a99-5cd7-4139-a149-9f2736ff2ab5",
"912bec42-cb66-4c03-ac63-1761b6898c3e",
- Context.NONE);
+ com.azure.core.util.Context.NONE);
}
}
```
@@ -273,12 +407,10 @@ public final class ActionsDeleteSamples {
### Actions_Get
```java
-import com.azure.core.util.Context;
-
/** Samples for Actions Get. */
public final class ActionsGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/actions/GetActionOfAlertRuleById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/actions/GetActionOfAlertRuleById.json
*/
/**
* Sample code: Get an action of alert rule.
@@ -294,7 +426,7 @@ public final class ActionsGetSamples {
"myWorkspace",
"73e01a99-5cd7-4139-a149-9f2736ff2ab5",
"912bec42-cb66-4c03-ac63-1761b6898c3e",
- Context.NONE);
+ com.azure.core.util.Context.NONE);
}
}
```
@@ -302,12 +434,10 @@ public final class ActionsGetSamples {
### Actions_ListByAlertRule
```java
-import com.azure.core.util.Context;
-
/** Samples for Actions ListByAlertRule. */
public final class ActionsListByAlertRuleSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/actions/GetAllActionsByAlertRule.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/actions/GetAllActionsByAlertRule.json
*/
/**
* Sample code: Get all actions of alert rule.
@@ -316,20 +446,50 @@ public final class ActionsListByAlertRuleSamples {
*/
public static void getAllActionsOfAlertRule(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.actions().listByAlertRule("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", Context.NONE);
+ manager
+ .actions()
+ .listByAlertRule(
+ "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
}
}
```
-### AlertRuleTemplates_Get
+### AlertRuleOperation_TriggerRuleRun
```java
-import com.azure.core.util.Context;
+import com.azure.resourcemanager.securityinsights.models.AnalyticsRuleRunTrigger;
+import java.time.OffsetDateTime;
+
+/** Samples for AlertRuleOperation TriggerRuleRun. */
+public final class AlertRuleOperationTriggerRuleRunSamples {
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/triggeredAnalyticsRuleRuns/triggerRuleRun_Post.json
+ */
+ /**
+ * Sample code: triggerRuleRun_Post.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void triggerRuleRunPost(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .alertRuleOperations()
+ .triggerRuleRun(
+ "myRg",
+ "myWorkspace",
+ "65360bb0-8986-4ade-a89d-af3cf44d28aa",
+ new AnalyticsRuleRunTrigger().withExecutionTimeUtc(OffsetDateTime.parse("2022-12-22T15:37:03.074Z")),
+ com.azure.core.util.Context.NONE);
+ }
+}
+```
+
+### AlertRuleTemplates_Get
+```java
/** Samples for AlertRuleTemplates Get. */
public final class AlertRuleTemplatesGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRuleTemplates/GetAlertRuleTemplateById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/alertRuleTemplates/GetAlertRuleTemplateById.json
*/
/**
* Sample code: Get alert rule template by Id.
@@ -340,7 +500,8 @@ public final class AlertRuleTemplatesGetSamples {
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
.alertRuleTemplates()
- .getWithResponse("myRg", "myWorkspace", "65360bb0-8986-4ade-a89d-af3cf44d28aa", Context.NONE);
+ .getWithResponse(
+ "myRg", "myWorkspace", "65360bb0-8986-4ade-a89d-af3cf44d28aa", com.azure.core.util.Context.NONE);
}
}
```
@@ -348,12 +509,10 @@ public final class AlertRuleTemplatesGetSamples {
### AlertRuleTemplates_List
```java
-import com.azure.core.util.Context;
-
/** Samples for AlertRuleTemplates List. */
public final class AlertRuleTemplatesListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRuleTemplates/GetAlertRuleTemplates.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/alertRuleTemplates/GetAlertRuleTemplates.json
*/
/**
* Sample code: Get all alert rule templates.
@@ -362,7 +521,7 @@ public final class AlertRuleTemplatesListSamples {
*/
public static void getAllAlertRuleTemplates(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.alertRuleTemplates().list("myRg", "myWorkspace", Context.NONE);
+ manager.alertRuleTemplates().list("myRg", "myWorkspace", com.azure.core.util.Context.NONE);
}
}
```
@@ -370,9 +529,10 @@ public final class AlertRuleTemplatesListSamples {
### AlertRules_CreateOrUpdate
```java
-import com.azure.core.util.Context;
import com.azure.resourcemanager.securityinsights.models.AlertDetail;
import com.azure.resourcemanager.securityinsights.models.AlertDetailsOverride;
+import com.azure.resourcemanager.securityinsights.models.AlertProperty;
+import com.azure.resourcemanager.securityinsights.models.AlertPropertyMapping;
import com.azure.resourcemanager.securityinsights.models.AlertSeverity;
import com.azure.resourcemanager.securityinsights.models.AttackTactic;
import com.azure.resourcemanager.securityinsights.models.EntityMapping;
@@ -392,6 +552,7 @@ import com.azure.resourcemanager.securityinsights.models.MicrosoftSecurityIncide
import com.azure.resourcemanager.securityinsights.models.MicrosoftSecurityProductName;
import com.azure.resourcemanager.securityinsights.models.NrtAlertRule;
import com.azure.resourcemanager.securityinsights.models.ScheduledAlertRule;
+import com.azure.resourcemanager.securityinsights.models.SentinelEntityMapping;
import com.azure.resourcemanager.securityinsights.models.TriggerOperator;
import java.time.Duration;
import java.util.Arrays;
@@ -401,7 +562,7 @@ import java.util.Map;
/** Samples for AlertRules CreateOrUpdate. */
public final class AlertRulesCreateOrUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/CreateFusionAlertRule.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/alertRules/CreateFusionAlertRule.json
*/
/**
* Sample code: Creates or updates a Fusion alert rule.
@@ -620,11 +781,11 @@ public final class AlertRulesCreateOrUpdateSamples {
.withEnabled(true)
.withSourceSubTypeName("Palo Alto Networks")
.withSeverityFilters(new FusionSubTypeSeverityFilter()))))),
- Context.NONE);
+ com.azure.core.util.Context.NONE);
}
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/CreateMicrosoftSecurityIncidentCreationAlertRule.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/alertRules/CreateMicrosoftSecurityIncidentCreationAlertRule.json
*/
/**
* Sample code: Creates or updates a MicrosoftSecurityIncidentCreation rule.
@@ -644,11 +805,11 @@ public final class AlertRulesCreateOrUpdateSamples {
.withDisplayName("testing displayname")
.withEnabled(true)
.withProductFilter(MicrosoftSecurityProductName.MICROSOFT_CLOUD_APP_SECURITY),
- Context.NONE);
+ com.azure.core.util.Context.NONE);
}
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/CreateScheduledAlertRule.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/alertRules/CreateScheduledAlertRule.json
*/
/**
* Sample code: Creates or updates a Scheduled alert rule.
@@ -716,12 +877,26 @@ public final class AlertRulesCreateOrUpdateSamples {
.withAlertDetailsOverride(
new AlertDetailsOverride()
.withAlertDisplayNameFormat("Alert from {{Computer}}")
- .withAlertDescriptionFormat("Suspicious activity was made by {{ComputerIP}}")),
- Context.NONE);
+ .withAlertDescriptionFormat("Suspicious activity was made by {{ComputerIP}}")
+ .withAlertDynamicProperties(
+ Arrays
+ .asList(
+ new AlertPropertyMapping()
+ .withAlertProperty(AlertProperty.PRODUCT_COMPONENT_NAME)
+ .withValue("ProductComponentNameCustomColumn"),
+ new AlertPropertyMapping()
+ .withAlertProperty(AlertProperty.PRODUCT_NAME)
+ .withValue("ProductNameCustomColumn"),
+ new AlertPropertyMapping()
+ .withAlertProperty(AlertProperty.ALERT_LINK)
+ .withValue("Link"))))
+ .withSentinelEntitiesMappings(
+ Arrays.asList(new SentinelEntityMapping().withColumnName("Entities"))),
+ com.azure.core.util.Context.NONE);
}
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/CreateFusionAlertRuleWithFusionScenarioExclusion.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/alertRules/CreateFusionAlertRuleWithFusionScenarioExclusion.json
*/
/**
* Sample code: Creates or updates a Fusion alert rule with scenario exclusion pattern.
@@ -940,11 +1115,11 @@ public final class AlertRulesCreateOrUpdateSamples {
.withEnabled(true)
.withSourceSubTypeName("Palo Alto Networks")
.withSeverityFilters(new FusionSubTypeSeverityFilter()))))),
- Context.NONE);
+ com.azure.core.util.Context.NONE);
}
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/CreateNrtAlertRule.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/alertRules/CreateNrtAlertRule.json
*/
/**
* Sample code: Creates or updates a Nrt alert rule.
@@ -985,9 +1160,10 @@ public final class AlertRulesCreateOrUpdateSamples {
Arrays.asList(EntityMappingType.HOST, EntityMappingType.ACCOUNT))))
.withEventGroupingSettings(
new EventGroupingSettings().withAggregationKind(EventGroupingAggregationKind.ALERT_PER_RESULT)),
- Context.NONE);
+ com.azure.core.util.Context.NONE);
}
+ // Use "Map.of" if available
@SuppressWarnings("unchecked")
private static Map mapOf(Object... inputs) {
Map map = new HashMap<>();
@@ -1004,12 +1180,10 @@ public final class AlertRulesCreateOrUpdateSamples {
### AlertRules_Delete
```java
-import com.azure.core.util.Context;
-
/** Samples for AlertRules Delete. */
public final class AlertRulesDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/DeleteAlertRule.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/alertRules/DeleteAlertRule.json
*/
/**
* Sample code: Delete an alert rule.
@@ -1019,7 +1193,8 @@ public final class AlertRulesDeleteSamples {
public static void deleteAnAlertRule(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
.alertRules()
- .deleteWithResponse("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", Context.NONE);
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
}
}
```
@@ -1027,12 +1202,10 @@ public final class AlertRulesDeleteSamples {
### AlertRules_Get
```java
-import com.azure.core.util.Context;
-
/** Samples for AlertRules Get. */
public final class AlertRulesGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/GetScheduledAlertRule.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/alertRules/GetScheduledAlertRule.json
*/
/**
* Sample code: Get a Scheduled alert rule.
@@ -1043,11 +1216,12 @@ public final class AlertRulesGetSamples {
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
.alertRules()
- .getWithResponse("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", Context.NONE);
+ .getWithResponse(
+ "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
}
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/GetNrtAlertRule.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/alertRules/GetNrtAlertRule.json
*/
/**
* Sample code: Get an Nrt alert rule.
@@ -1057,11 +1231,12 @@ public final class AlertRulesGetSamples {
public static void getAnNrtAlertRule(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
.alertRules()
- .getWithResponse("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", Context.NONE);
+ .getWithResponse(
+ "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
}
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/GetFusionAlertRule.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/alertRules/GetFusionAlertRule.json
*/
/**
* Sample code: Get a Fusion alert rule.
@@ -1069,11 +1244,13 @@ public final class AlertRulesGetSamples {
* @param manager Entry point to SecurityInsightsManager.
*/
public static void getAFusionAlertRule(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.alertRules().getWithResponse("myRg", "myWorkspace", "myFirstFusionRule", Context.NONE);
+ manager
+ .alertRules()
+ .getWithResponse("myRg", "myWorkspace", "myFirstFusionRule", com.azure.core.util.Context.NONE);
}
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/GetMicrosoftSecurityIncidentCreationAlertRule.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/alertRules/GetMicrosoftSecurityIncidentCreationAlertRule.json
*/
/**
* Sample code: Get a MicrosoftSecurityIncidentCreation rule.
@@ -1084,7 +1261,11 @@ public final class AlertRulesGetSamples {
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
.alertRules()
- .getWithResponse("myRg", "myWorkspace", "microsoftSecurityIncidentCreationRuleExample", Context.NONE);
+ .getWithResponse(
+ "myRg",
+ "myWorkspace",
+ "microsoftSecurityIncidentCreationRuleExample",
+ com.azure.core.util.Context.NONE);
}
}
```
@@ -1092,12 +1273,10 @@ public final class AlertRulesGetSamples {
### AlertRules_List
```java
-import com.azure.core.util.Context;
-
/** Samples for AlertRules List. */
public final class AlertRulesListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/alertRules/GetAllAlertRules.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/alertRules/GetAllAlertRules.json
*/
/**
* Sample code: Get all alert rules.
@@ -1105,7 +1284,7 @@ public final class AlertRulesListSamples {
* @param manager Entry point to SecurityInsightsManager.
*/
public static void getAllAlertRules(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.alertRules().list("myRg", "myWorkspace", Context.NONE);
+ manager.alertRules().list("myRg", "myWorkspace", com.azure.core.util.Context.NONE);
}
}
```
@@ -1120,7 +1299,7 @@ import java.util.List;
/** Samples for AutomationRules CreateOrUpdate. */
public final class AutomationRulesCreateOrUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/automationRules/AutomationRules_CreateOrUpdate.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/automationRules/AutomationRules_CreateOrUpdate.json
*/
/**
* Sample code: AutomationRules_CreateOrUpdate.
@@ -1145,12 +1324,10 @@ public final class AutomationRulesCreateOrUpdateSamples {
### AutomationRules_Delete
```java
-import com.azure.core.util.Context;
-
/** Samples for AutomationRules Delete. */
public final class AutomationRulesDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/automationRules/AutomationRules_Delete.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/automationRules/AutomationRules_Delete.json
*/
/**
* Sample code: AutomationRules_Delete.
@@ -1161,7 +1338,8 @@ public final class AutomationRulesDeleteSamples {
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
.automationRules()
- .deleteWithResponse("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", Context.NONE);
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
}
}
```
@@ -1169,12 +1347,10 @@ public final class AutomationRulesDeleteSamples {
### AutomationRules_Get
```java
-import com.azure.core.util.Context;
-
/** Samples for AutomationRules Get. */
public final class AutomationRulesGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/automationRules/AutomationRules_Get.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/automationRules/AutomationRules_Get.json
*/
/**
* Sample code: AutomationRules_Get.
@@ -1184,7 +1360,8 @@ public final class AutomationRulesGetSamples {
public static void automationRulesGet(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
.automationRules()
- .getWithResponse("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", Context.NONE);
+ .getWithResponse(
+ "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
}
}
```
@@ -1192,12 +1369,10 @@ public final class AutomationRulesGetSamples {
### AutomationRules_List
```java
-import com.azure.core.util.Context;
-
/** Samples for AutomationRules List. */
public final class AutomationRulesListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/automationRules/AutomationRules_List.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/automationRules/AutomationRules_List.json
*/
/**
* Sample code: AutomationRules_List.
@@ -1205,7 +1380,49 @@ public final class AutomationRulesListSamples {
* @param manager Entry point to SecurityInsightsManager.
*/
public static void automationRulesList(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.automationRules().list("myRg", "myWorkspace", Context.NONE);
+ manager.automationRules().list("myRg", "myWorkspace", com.azure.core.util.Context.NONE);
+ }
+}
+```
+
+### BillingStatistics_Get
+
+```java
+/** Samples for BillingStatistics Get. */
+public final class BillingStatisticsGetSamples {
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/billingStatistics/GetBillingStatistic.json
+ */
+ /**
+ * Sample code: Get a billing statistic.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getABillingStatistic(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .billingStatistics()
+ .getWithResponse("myRg", "myWorkspace", "sapSolutionUsage", com.azure.core.util.Context.NONE);
+ }
+}
+```
+
+### BillingStatistics_List
+
+```java
+/** Samples for BillingStatistics List. */
+public final class BillingStatisticsListSamples {
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/billingStatistics/GetAllBillingStatistics.json
+ */
+ /**
+ * Sample code: Get all Microsoft Sentinel billing statistics.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAllMicrosoftSentinelBillingStatistics(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager.billingStatistics().list("myRg", "myWorkspace", com.azure.core.util.Context.NONE);
}
}
```
@@ -1213,7 +1430,6 @@ public final class AutomationRulesListSamples {
### BookmarkOperation_Expand
```java
-import com.azure.core.util.Context;
import com.azure.resourcemanager.securityinsights.models.BookmarkExpandParameters;
import java.time.OffsetDateTime;
import java.util.UUID;
@@ -1221,7 +1437,7 @@ import java.util.UUID;
/** Samples for BookmarkOperation Expand. */
public final class BookmarkOperationExpandSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/bookmarks/expand/PostExpandBookmark.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/bookmarks/expand/PostExpandBookmark.json
*/
/**
* Sample code: Expand an bookmark.
@@ -1239,7 +1455,7 @@ public final class BookmarkOperationExpandSamples {
.withEndTime(OffsetDateTime.parse("2020-01-24T17:21:00.000Z"))
.withExpansionId(UUID.fromString("27f76e63-c41b-480f-bb18-12ad2e011d49"))
.withStartTime(OffsetDateTime.parse("2019-12-25T17:21:00.000Z")),
- Context.NONE);
+ com.azure.core.util.Context.NONE);
}
}
```
@@ -1250,7 +1466,7 @@ public final class BookmarkOperationExpandSamples {
/** Samples for BookmarkRelations CreateOrUpdate. */
public final class BookmarkRelationsCreateOrUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/bookmarks/relations/CreateBookmarkRelation.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/bookmarks/relations/CreateBookmarkRelation.json
*/
/**
* Sample code: Creates or updates a bookmark relation.
@@ -1273,12 +1489,10 @@ public final class BookmarkRelationsCreateOrUpdateSamples {
### BookmarkRelations_Delete
```java
-import com.azure.core.util.Context;
-
/** Samples for BookmarkRelations Delete. */
public final class BookmarkRelationsDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/bookmarks/relations/DeleteBookmarkRelation.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/bookmarks/relations/DeleteBookmarkRelation.json
*/
/**
* Sample code: Delete the bookmark relation.
@@ -1294,7 +1508,7 @@ public final class BookmarkRelationsDeleteSamples {
"myWorkspace",
"2216d0e1-91e3-4902-89fd-d2df8c535096",
"4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014",
- Context.NONE);
+ com.azure.core.util.Context.NONE);
}
}
```
@@ -1302,12 +1516,10 @@ public final class BookmarkRelationsDeleteSamples {
### BookmarkRelations_Get
```java
-import com.azure.core.util.Context;
-
/** Samples for BookmarkRelations Get. */
public final class BookmarkRelationsGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/bookmarks/relations/GetBookmarkRelationByName.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/bookmarks/relations/GetBookmarkRelationByName.json
*/
/**
* Sample code: Get a bookmark relation.
@@ -1323,7 +1535,7 @@ public final class BookmarkRelationsGetSamples {
"myWorkspace",
"2216d0e1-91e3-4902-89fd-d2df8c535096",
"4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014",
- Context.NONE);
+ com.azure.core.util.Context.NONE);
}
}
```
@@ -1331,12 +1543,10 @@ public final class BookmarkRelationsGetSamples {
### BookmarkRelations_List
```java
-import com.azure.core.util.Context;
-
/** Samples for BookmarkRelations List. */
public final class BookmarkRelationsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/bookmarks/relations/GetAllBookmarkRelations.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/bookmarks/relations/GetAllBookmarkRelations.json
*/
/**
* Sample code: Get all bookmark relations.
@@ -1347,7 +1557,15 @@ public final class BookmarkRelationsListSamples {
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
.bookmarkRelations()
- .list("myRg", "myWorkspace", "2216d0e1-91e3-4902-89fd-d2df8c535096", null, null, null, null, Context.NONE);
+ .list(
+ "myRg",
+ "myWorkspace",
+ "2216d0e1-91e3-4902-89fd-d2df8c535096",
+ null,
+ null,
+ null,
+ null,
+ com.azure.core.util.Context.NONE);
}
}
```
@@ -1366,7 +1584,7 @@ import java.util.UUID;
/** Samples for Bookmarks CreateOrUpdate. */
public final class BookmarksCreateOrUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/bookmarks/CreateBookmark.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/bookmarks/CreateBookmark.json
*/
/**
* Sample code: Creates or updates a bookmark.
@@ -1410,12 +1628,10 @@ public final class BookmarksCreateOrUpdateSamples {
### Bookmarks_Delete
```java
-import com.azure.core.util.Context;
-
/** Samples for Bookmarks Delete. */
public final class BookmarksDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/bookmarks/DeleteBookmark.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/bookmarks/DeleteBookmark.json
*/
/**
* Sample code: Delete a bookmark.
@@ -1425,7 +1641,8 @@ public final class BookmarksDeleteSamples {
public static void deleteABookmark(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
.bookmarks()
- .deleteWithResponse("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", Context.NONE);
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
}
}
```
@@ -1433,12 +1650,10 @@ public final class BookmarksDeleteSamples {
### Bookmarks_Get
```java
-import com.azure.core.util.Context;
-
/** Samples for Bookmarks Get. */
public final class BookmarksGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/bookmarks/GetBookmarkById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/bookmarks/GetBookmarkById.json
*/
/**
* Sample code: Get a bookmark.
@@ -1448,7 +1663,8 @@ public final class BookmarksGetSamples {
public static void getABookmark(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
.bookmarks()
- .getWithResponse("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", Context.NONE);
+ .getWithResponse(
+ "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
}
}
```
@@ -1456,12 +1672,10 @@ public final class BookmarksGetSamples {
### Bookmarks_List
```java
-import com.azure.core.util.Context;
-
/** Samples for Bookmarks List. */
public final class BookmarksListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/bookmarks/GetBookmarks.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/bookmarks/GetBookmarks.json
*/
/**
* Sample code: Get all bookmarks.
@@ -1469,4109 +1683,6034 @@ public final class BookmarksListSamples {
* @param manager Entry point to SecurityInsightsManager.
*/
public static void getAllBookmarks(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.bookmarks().list("myRg", "myWorkspace", Context.NONE);
+ manager.bookmarks().list("myRg", "myWorkspace", com.azure.core.util.Context.NONE);
}
}
```
-### DataConnectors_Connect
+### ContentPackageOperation_Install
```java
-import com.azure.core.management.serializer.SerializerFactory;
-import com.azure.core.util.Context;
-import com.azure.core.util.serializer.SerializerEncoding;
-import com.azure.resourcemanager.securityinsights.models.ConnectAuthKind;
-import com.azure.resourcemanager.securityinsights.models.DataConnectorConnectBody;
-import java.io.IOException;
-import java.util.Arrays;
+import com.azure.resourcemanager.securityinsights.models.PackageKind;
-/** Samples for DataConnectors Connect. */
-public final class DataConnectorsConnectSamples {
+/** Samples for ContentPackageOperation Install. */
+public final class ContentPackageOperationInstallSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/ConnectAPIPollingV2Logs.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/contentPackages/InstallPackage.json
*/
/**
- * Sample code: Connect an APIPolling V2 logs data connector.
+ * Sample code: Install a package to the workspace.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void connectAnAPIPollingV2LogsDataConnector(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) throws IOException {
+ public static void installAPackageToTheWorkspace(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .connectWithResponse(
- "myRg",
- "myWorkspace",
- "316ec55e-7138-4d63-ab18-90c8a60fd1c8",
- new DataConnectorConnectBody()
- .withKind(ConnectAuthKind.APIKEY)
- .withApiKey("fakeKeyPlaceholder")
- .withDataCollectionEndpoint("https://test.eastus.ingest.monitor.azure.com")
- .withDataCollectionRuleImmutableId("dcr-34adsj9o7d6f9de204478b9cgb43b631")
- .withOutputStream("Custom-MyTableRawData")
- .withRequestConfigUserInputValues(
- Arrays
- .asList(
- SerializerFactory
- .createDefaultManagementSerializerAdapter()
- .deserialize(
- "{\"displayText\":\"Organization"
- + " Name\",\"placeHolderName\":\"{{placeHolder1}}\",\"placeHolderValue\":\"somePlaceHolderValue\",\"requestObjectKey\":\"apiEndpoint\"}",
- Object.class,
- SerializerEncoding.JSON))),
- Context.NONE);
+ .contentPackageOperations()
+ .define("str.azure-sentinel-solution-str")
+ .withExistingWorkspace("myRg", "myWorkspace")
+ .withContentId("str.azure-sentinel-solution-str")
+ .withContentProductId("str.azure-sentinel-solution-str-sl-igl6jawr4gwmu")
+ .withContentKind(PackageKind.SOLUTION)
+ .withVersion("2.0.0")
+ .withDisplayName("str")
+ .create();
}
+}
+```
+
+### ContentPackageOperation_Uninstall
+```java
+/** Samples for ContentPackageOperation Uninstall. */
+public final class ContentPackageOperationUninstallSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/ConnectAPIPolling.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/contentPackages/UninstallPackage.json
*/
/**
- * Sample code: Connect an APIPolling data connector.
+ * Sample code: Uninstall a package from the workspace.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void connectAnAPIPollingDataConnector(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) throws IOException {
+ public static void uninstallAPackageFromTheWorkspace(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .connectWithResponse(
- "myRg",
- "myWorkspace",
- "316ec55e-7138-4d63-ab18-90c8a60fd1c8",
- new DataConnectorConnectBody()
- .withKind(ConnectAuthKind.APIKEY)
- .withApiKey("fakeKeyPlaceholder")
- .withRequestConfigUserInputValues(
- Arrays
- .asList(
- SerializerFactory
- .createDefaultManagementSerializerAdapter()
- .deserialize(
- "{\"displayText\":\"Organization"
- + " Name\",\"placeHolderName\":\"{{placeHolder1}}\",\"placeHolderValue\":\"somePlaceHolderValue\",\"requestObjectKey\":\"apiEndpoint\"}",
- Object.class,
- SerializerEncoding.JSON))),
- Context.NONE);
+ .contentPackageOperations()
+ .uninstallWithResponse(
+ "myRg", "myWorkspace", "str.azure-sentinel-solution-str", com.azure.core.util.Context.NONE);
}
}
```
-### DataConnectors_CreateOrUpdate
+### ContentPackages_Get
```java
-import com.azure.core.management.serializer.SerializerFactory;
-import com.azure.core.util.Context;
-import com.azure.core.util.serializer.SerializerEncoding;
-import com.azure.resourcemanager.securityinsights.models.Availability;
-import com.azure.resourcemanager.securityinsights.models.AvailabilityStatus;
-import com.azure.resourcemanager.securityinsights.models.CodelessApiPollingDataConnector;
-import com.azure.resourcemanager.securityinsights.models.CodelessConnectorPollingAuthProperties;
-import com.azure.resourcemanager.securityinsights.models.CodelessConnectorPollingConfigProperties;
-import com.azure.resourcemanager.securityinsights.models.CodelessConnectorPollingPagingProperties;
-import com.azure.resourcemanager.securityinsights.models.CodelessConnectorPollingRequestProperties;
-import com.azure.resourcemanager.securityinsights.models.CodelessConnectorPollingResponseProperties;
-import com.azure.resourcemanager.securityinsights.models.CodelessUiConnectorConfigProperties;
-import com.azure.resourcemanager.securityinsights.models.CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem;
-import com.azure.resourcemanager.securityinsights.models.CodelessUiConnectorConfigPropertiesDataTypesItem;
-import com.azure.resourcemanager.securityinsights.models.CodelessUiConnectorConfigPropertiesGraphQueriesItem;
-import com.azure.resourcemanager.securityinsights.models.CodelessUiConnectorConfigPropertiesInstructionStepsItem;
-import com.azure.resourcemanager.securityinsights.models.CodelessUiConnectorConfigPropertiesSampleQueriesItem;
-import com.azure.resourcemanager.securityinsights.models.CodelessUiDataConnector;
-import com.azure.resourcemanager.securityinsights.models.ConnectivityType;
-import com.azure.resourcemanager.securityinsights.models.DataTypeState;
-import com.azure.resourcemanager.securityinsights.models.Dynamics365DataConnector;
-import com.azure.resourcemanager.securityinsights.models.Dynamics365DataConnectorDataTypes;
-import com.azure.resourcemanager.securityinsights.models.Dynamics365DataConnectorDataTypesDynamics365CdsActivities;
-import com.azure.resourcemanager.securityinsights.models.InstructionStepsInstructionsItem;
-import com.azure.resourcemanager.securityinsights.models.Office365ProjectConnectorDataTypes;
-import com.azure.resourcemanager.securityinsights.models.Office365ProjectConnectorDataTypesLogs;
-import com.azure.resourcemanager.securityinsights.models.Office365ProjectDataConnector;
-import com.azure.resourcemanager.securityinsights.models.OfficeDataConnector;
-import com.azure.resourcemanager.securityinsights.models.OfficeDataConnectorDataTypes;
-import com.azure.resourcemanager.securityinsights.models.OfficeDataConnectorDataTypesExchange;
-import com.azure.resourcemanager.securityinsights.models.OfficeDataConnectorDataTypesSharePoint;
-import com.azure.resourcemanager.securityinsights.models.OfficeDataConnectorDataTypesTeams;
-import com.azure.resourcemanager.securityinsights.models.OfficePowerBIConnectorDataTypes;
-import com.azure.resourcemanager.securityinsights.models.OfficePowerBIConnectorDataTypesLogs;
-import com.azure.resourcemanager.securityinsights.models.OfficePowerBIDataConnector;
-import com.azure.resourcemanager.securityinsights.models.PermissionProviderScope;
-import com.azure.resourcemanager.securityinsights.models.Permissions;
-import com.azure.resourcemanager.securityinsights.models.PermissionsCustomsItem;
-import com.azure.resourcemanager.securityinsights.models.PermissionsResourceProviderItem;
-import com.azure.resourcemanager.securityinsights.models.PollingFrequency;
-import com.azure.resourcemanager.securityinsights.models.ProviderName;
-import com.azure.resourcemanager.securityinsights.models.RequiredPermissions;
-import com.azure.resourcemanager.securityinsights.models.SettingType;
-import com.azure.resourcemanager.securityinsights.models.TIDataConnector;
-import com.azure.resourcemanager.securityinsights.models.TIDataConnectorDataTypes;
-import com.azure.resourcemanager.securityinsights.models.TIDataConnectorDataTypesIndicators;
-import com.azure.resourcemanager.securityinsights.models.TiTaxiiDataConnector;
-import com.azure.resourcemanager.securityinsights.models.TiTaxiiDataConnectorDataTypes;
-import com.azure.resourcemanager.securityinsights.models.TiTaxiiDataConnectorDataTypesTaxiiClient;
-import java.io.IOException;
-import java.time.OffsetDateTime;
-import java.util.Arrays;
-
-/** Samples for DataConnectors CreateOrUpdate. */
-public final class DataConnectorsCreateOrUpdateSamples {
+/** Samples for ContentPackages Get. */
+public final class ContentPackagesGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CreateOfficeDataConnetor.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/contentPackages/GetPackageById.json
*/
/**
- * Sample code: Creates or updates an Office365 data connector.
+ * Sample code: Get installed packages by id.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createsOrUpdatesAnOffice365DataConnector(
+ public static void getInstalledPackagesById(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .createOrUpdateWithResponse(
- "myRg",
- "myWorkspace",
- "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
- new OfficeDataConnector()
- .withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\"")
- .withDataTypes(
- new OfficeDataConnectorDataTypes()
- .withExchange(new OfficeDataConnectorDataTypesExchange().withState(DataTypeState.ENABLED))
- .withSharePoint(
- new OfficeDataConnectorDataTypesSharePoint().withState(DataTypeState.ENABLED))
- .withTeams(new OfficeDataConnectorDataTypesTeams().withState(DataTypeState.ENABLED)))
- .withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
- Context.NONE);
+ .contentPackages()
+ .getWithResponse(
+ "myRg", "myWorkspace", "str.azure-sentinel-solution-str", com.azure.core.util.Context.NONE);
}
+}
+```
+### ContentPackages_List
+
+```java
+/** Samples for ContentPackages List. */
+public final class ContentPackagesListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CreateOfficePowerBIDataConnector.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/contentPackages/GetPackages.json
*/
/**
- * Sample code: Creates or updates an Office PowerBI data connector.
+ * Sample code: Get all available packages.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createsOrUpdatesAnOfficePowerBIDataConnector(
+ public static void getAllAvailablePackages(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager.contentPackages().list("myRg", "myWorkspace", null, null, null, null, com.azure.core.util.Context.NONE);
+ }
+}
+```
+
+### ContentTemplateOperation_Delete
+
+```java
+/** Samples for ContentTemplateOperation Delete. */
+public final class ContentTemplateOperationDeleteSamples {
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/contentTemplates/DeleteTemplate.json
+ */
+ /**
+ * Sample code: Delete metadata.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void deleteMetadata(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .createOrUpdateWithResponse(
- "myRg",
- "myWorkspace",
- "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
- new OfficePowerBIDataConnector()
- .withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\"")
- .withDataTypes(
- new OfficePowerBIConnectorDataTypes()
- .withLogs(new OfficePowerBIConnectorDataTypesLogs().withState(DataTypeState.ENABLED)))
- .withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
- Context.NONE);
+ .contentTemplateOperations()
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "8365ebfe-a381-45b7-ad08-7d818070e11f", com.azure.core.util.Context.NONE);
}
+}
+```
+### ContentTemplateOperation_Get
+
+```java
+/** Samples for ContentTemplateOperation Get. */
+public final class ContentTemplateOperationGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CreateThreatIntelligenceTaxiiDataConnector.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/contentTemplates/GetTemplateById.json
*/
/**
- * Sample code: Creates or updates a Threat Intelligence Taxii data connector.
+ * Sample code: Get a template.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createsOrUpdatesAThreatIntelligenceTaxiiDataConnector(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void getATemplate(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .createOrUpdateWithResponse(
- "myRg",
- "myWorkspace",
- "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
- new TiTaxiiDataConnector()
- .withEtag("d12423f6-a60b-4ca5-88c0-feb1a182d0f0")
- .withWorkspaceId("dd124572-4962-4495-9bd2-9dade12314b4")
- .withFriendlyName("testTaxii")
- .withTaxiiServer("https://limo.anomali.com/api/v1/taxii2/feeds")
- .withCollectionId("135")
- .withUsername("--")
- .withPassword("--")
- .withTaxiiLookbackPeriod(OffsetDateTime.parse("2020-01-01T13:00:30.123Z"))
- .withPollingFrequency(PollingFrequency.ONCE_ADAY)
- .withDataTypes(
- new TiTaxiiDataConnectorDataTypes()
- .withTaxiiClient(
- new TiTaxiiDataConnectorDataTypesTaxiiClient().withState(DataTypeState.ENABLED)))
- .withTenantId("06b3ccb8-1384-4bcc-aec7-852f6d57161b"),
- Context.NONE);
+ .contentTemplateOperations()
+ .getWithResponse(
+ "myRg", "myWorkspace", "8365ebfe-a381-45b7-ad08-7d818070e11f", com.azure.core.util.Context.NONE);
}
+}
+```
+
+### ContentTemplateOperation_Install
+
+```java
+import com.azure.core.management.serializer.SerializerFactory;
+import com.azure.core.util.serializer.SerializerEncoding;
+import com.azure.resourcemanager.securityinsights.models.Kind;
+import com.azure.resourcemanager.securityinsights.models.MetadataAuthor;
+import com.azure.resourcemanager.securityinsights.models.MetadataSource;
+import com.azure.resourcemanager.securityinsights.models.MetadataSupport;
+import com.azure.resourcemanager.securityinsights.models.PackageKind;
+import com.azure.resourcemanager.securityinsights.models.SourceKind;
+import com.azure.resourcemanager.securityinsights.models.SupportTier;
+import java.io.IOException;
+/** Samples for ContentTemplateOperation Install. */
+public final class ContentTemplateOperationInstallSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CreateThreatIntelligenceDataConnector.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/contentTemplates/InstallTemplate.json
*/
/**
- * Sample code: Creates or updates an Threat Intelligence Platform data connector.
+ * Sample code: Get a template.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createsOrUpdatesAnThreatIntelligencePlatformDataConnector(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void getATemplate(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager)
+ throws IOException {
manager
- .dataConnectors()
- .createOrUpdateWithResponse(
- "myRg",
- "myWorkspace",
- "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
- new TIDataConnector()
- .withTipLookbackPeriod(OffsetDateTime.parse("2020-01-01T13:00:30.123Z"))
- .withDataTypes(
- new TIDataConnectorDataTypes()
- .withIndicators(new TIDataConnectorDataTypesIndicators().withState(DataTypeState.ENABLED)))
- .withTenantId("06b3ccb8-1384-4bcc-aec7-852f6d57161b"),
- Context.NONE);
+ .contentTemplateOperations()
+ .define("str.azure-sentinel-solution-str")
+ .withExistingWorkspace("myRg", "myWorkspace")
+ .withMainTemplate(
+ SerializerFactory
+ .createDefaultManagementSerializerAdapter()
+ .deserialize(
+ "{\"$schema\":\"https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#\",\"contentVersion\":\"1.0.1\",\"resources\":[{\"name\":\"8365ebfe-a381-45b7-ad08-7d818070e11f\",\"type\":\"Microsoft.SecurityInsights/AlertRuleTemplates\",\"apiVersion\":\"2022-04-01-preview\",\"kind\":\"Scheduled\",\"location\":\"[parameters('workspace-location')]\",\"properties\":{\"description\":\"Creates"
+ + " an incident when a large number of Critical/High severity CrowdStrike Falcon sensor"
+ + " detections is triggered by a single user\",\"displayName\":\"Critical or High Severity"
+ + " Detections by"
+ + " User\",\"enabled\":false,\"query\":\"...\",\"queryFrequency\":\"PT1H\",\"queryPeriod\":\"PT1H\",\"severity\":\"High\",\"status\":\"Available\",\"suppressionDuration\":\"PT1H\",\"suppressionEnabled\":false,\"triggerOperator\":\"GreaterThan\",\"triggerThreshold\":0}},{\"name\":\"[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-',"
+ + " last(split([resourceId('Microsoft.SecurityInsights/AlertRuleTemplates',"
+ + " 8365ebfe-a381-45b7-ad08-7d818070e11f)],'/'))))]\",\"type\":\"Microsoft.OperationalInsights/workspaces/providers/metadata\",\"apiVersion\":\"2022-01-01-preview\",\"properties\":{\"description\":\"CrowdStrike"
+ + " Falcon Endpoint Protection Analytics Rule"
+ + " 1\",\"author\":{\"name\":\"Microsoft\",\"email\":\"support@microsoft.com\"},\"contentId\":\"4465ebde-b381-45f7-ad08-7d818070a11c\",\"kind\":\"AnalyticsRule\",\"parentId\":\"[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates',"
+ + " 8365ebfe-a381-45b7-ad08-7d818070e11f)]\",\"source\":{\"name\":\"str\",\"kind\":\"Solution\",\"sourceId\":\"str.azure-sentinel-solution-str\"},\"support\":{\"name\":\"Microsoft"
+ + " Corporation\",\"email\":\"support@microsoft.com\",\"link\":\"https://support.microsoft.com/\",\"tier\":\"Microsoft\"},\"version\":\"1.0.0\"}}]}",
+ Object.class,
+ SerializerEncoding.JSON))
+ .withContentId("8365ebfe-a381-45b7-ad08-7d818070e11f")
+ .withContentProductId("str.azure-sentinel-solution-str-ar-cbfe4fndz66bi")
+ .withPackageVersion("1.0.0")
+ .withVersion("1.0.1")
+ .withDisplayName("API Protection workbook template")
+ .withContentKind(Kind.ANALYTICS_RULE)
+ .withSource(
+ new MetadataSource()
+ .withKind(SourceKind.SOLUTION)
+ .withName("str")
+ .withSourceId("str.azure-sentinel-solution-str"))
+ .withAuthor(new MetadataAuthor().withName("Microsoft").withEmail("support@microsoft.com"))
+ .withSupport(
+ new MetadataSupport()
+ .withTier(SupportTier.MICROSOFT)
+ .withName("Microsoft Corporation")
+ .withEmail("support@microsoft.com")
+ .withLink("https://support.microsoft.com/"))
+ .withPackageId("str.azure-sentinel-solution-str")
+ .withPackageKind(PackageKind.SOLUTION)
+ .withPackageName("str")
+ .create();
}
+}
+```
+### ContentTemplates_List
+
+```java
+/** Samples for ContentTemplates List. */
+public final class ContentTemplatesListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CreateDynamics365DataConnetor.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/contentTemplates/GetTemplates.json
*/
/**
- * Sample code: Creates or updates a Dynamics365 data connector.
+ * Sample code: Get all installed templates.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createsOrUpdatesADynamics365DataConnector(
+ public static void getAllInstalledTemplates(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .createOrUpdateWithResponse(
- "myRg",
- "myWorkspace",
- "c2541efb-c9a6-47fe-9501-87d1017d1512",
- new Dynamics365DataConnector()
- .withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\"")
- .withDataTypes(
- new Dynamics365DataConnectorDataTypes()
- .withDynamics365CdsActivities(
- new Dynamics365DataConnectorDataTypesDynamics365CdsActivities()
- .withState(DataTypeState.ENABLED)))
- .withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
- Context.NONE);
+ .contentTemplates()
+ .list("myRg", "myWorkspace", null, null, null, null, com.azure.core.util.Context.NONE);
}
+}
+```
+
+### DataConnectorDefinitions_CreateOrUpdate
+
+```java
+import com.azure.core.management.serializer.SerializerFactory;
+import com.azure.core.util.serializer.SerializerEncoding;
+import com.azure.resourcemanager.securityinsights.models.ConnectivityCriterion;
+import com.azure.resourcemanager.securityinsights.models.ConnectorDataType;
+import com.azure.resourcemanager.securityinsights.models.ConnectorDefinitionsAvailability;
+import com.azure.resourcemanager.securityinsights.models.ConnectorDefinitionsPermissions;
+import com.azure.resourcemanager.securityinsights.models.ConnectorDefinitionsResourceProvider;
+import com.azure.resourcemanager.securityinsights.models.CustomPermissionDetails;
+import com.azure.resourcemanager.securityinsights.models.CustomizableConnectorDefinition;
+import com.azure.resourcemanager.securityinsights.models.CustomizableConnectorUiConfig;
+import com.azure.resourcemanager.securityinsights.models.GraphQuery;
+import com.azure.resourcemanager.securityinsights.models.InstructionStep;
+import com.azure.resourcemanager.securityinsights.models.InstructionStepDetails;
+import com.azure.resourcemanager.securityinsights.models.ProviderPermissionsScope;
+import com.azure.resourcemanager.securityinsights.models.ResourceProviderRequiredPermissions;
+import com.azure.resourcemanager.securityinsights.models.SampleQuery;
+import java.io.IOException;
+import java.util.Arrays;
+/** Samples for DataConnectorDefinitions CreateOrUpdate. */
+public final class DataConnectorDefinitionsCreateOrUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CreateGenericUI.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectorDefinitions/CreateCustomizableDataConnectorDefinition.json
*/
/**
- * Sample code: Creates or updates a GenericUI data connector.
+ * Sample code: Create data connector definition.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createsOrUpdatesAGenericUIDataConnector(
+ public static void createDataConnectorDefinition(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) throws IOException {
manager
- .dataConnectors()
+ .dataConnectorDefinitions()
.createOrUpdateWithResponse(
"myRg",
"myWorkspace",
- "316ec55e-7138-4d63-ab18-90c8a60fd1c8",
- new CodelessUiDataConnector()
+ "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
+ new CustomizableConnectorDefinition()
+ .withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\"")
.withConnectorUiConfig(
- new CodelessUiConnectorConfigProperties()
- .withTitle("Qualys Vulnerability Management (CCP DEMO)")
- .withPublisher("Qualys")
+ new CustomizableConnectorUiConfig()
+ .withTitle("GitHub Enterprise Audit Log")
+ .withPublisher("GitHub")
.withDescriptionMarkdown(
- "The [Qualys Vulnerability Management"
- + " (VM)](https://www.qualys.com/apps/vulnerability-management/) data connector"
- + " provides the capability to ingest vulnerability host detection data into Azure"
- + " Sentinel through the Qualys API. The connector provides visibility into host"
- + " detection data from vulerability scans. This connector provides Azure Sentinel"
- + " the capability to view dashboards, create custom alerts, and improve"
- + " investigation ")
- .withGraphQueriesTableName("QualysHostDetection_CL")
+ "The GitHub audit log connector provides the capability to ingest GitHub logs into"
+ + " Azure Sentinel. By connecting GitHub audit logs into Azure Sentinel, you can"
+ + " view this data in workbooks, use it to create custom alerts, and improve your"
+ + " investigation process.")
.withGraphQueries(
Arrays
.asList(
- new CodelessUiConnectorConfigPropertiesGraphQueriesItem()
- .withMetricName("Total data received")
- .withLegend("{{graphQueriesTableName}}")
- .withBaseQuery("{{graphQueriesTableName}}")))
+ new GraphQuery()
+ .withMetricName("Total events received")
+ .withLegend("GitHub audit log events")
+ .withBaseQuery("GitHubAuditLogPolling_CL")))
.withSampleQueries(
Arrays
.asList(
- new CodelessUiConnectorConfigPropertiesSampleQueriesItem()
- .withDescription("Top 10 Vulerabilities detected")
- .withQuery(
- "{{graphQueriesTableName}}\n"
- + " | mv-expand todynamic(Detections_s)\n"
- + " | extend Vulnerability = tostring(Detections_s.Results)\n"
- + " | summarize count() by Vulnerability\n"
- + " | top 10 by count_")))
+ new SampleQuery()
+ .withDescription("All logs")
+ .withQuery("GitHubAuditLogPolling_CL \n | take 10")))
.withDataTypes(
Arrays
.asList(
- new CodelessUiConnectorConfigPropertiesDataTypesItem()
- .withName("{{graphQueriesTableName}}")
+ new ConnectorDataType()
+ .withName("GitHubAuditLogPolling_CL")
.withLastDataReceivedQuery(
- "{{graphQueriesTableName}}\n"
+ "GitHubAuditLogPolling_CL \n"
+ " | summarize Time = max(TimeGenerated)\n"
+ " | where isnotempty(Time)")))
.withConnectivityCriteria(
Arrays
.asList(
- new CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem()
- .withType(ConnectivityType.IS_CONNECTED_QUERY)
+ new ConnectivityCriterion()
+ .withType("IsConnectedQuery")
.withValue(
Arrays
.asList(
- "{{graphQueriesTableName}}\n"
- + " | summarize LastLogReceived ="
- + " max(TimeGenerated)\n"
- + " | project IsConnected = LastLogReceived >"
- + " ago(30d)"))))
- .withAvailability(new Availability().withStatus(AvailabilityStatus.ONE).withIsPreview(true))
+ "GitHubAuditLogPolling_CL \n"
+ + " | summarize LastLogReceived = max(TimeGenerated)\n"
+ + " | project IsConnected = LastLogReceived > ago(30d)"))))
+ .withAvailability(new ConnectorDefinitionsAvailability().withStatus(1).withIsPreview(false))
.withPermissions(
- new Permissions()
+ new ConnectorDefinitionsPermissions()
.withResourceProvider(
Arrays
.asList(
- new PermissionsResourceProviderItem()
- .withProvider(
- ProviderName.MICROSOFT_OPERATIONAL_INSIGHTS_WORKSPACES)
+ new ConnectorDefinitionsResourceProvider()
+ .withProvider("Microsoft.OperationalInsights/workspaces")
.withPermissionsDisplayText(
- "read and write permissions on the workspace are required.")
+ "read and write permissions are required.")
.withProviderDisplayName("Workspace")
- .withScope(PermissionProviderScope.WORKSPACE)
+ .withScope(ProviderPermissionsScope.WORKSPACE)
.withRequiredPermissions(
- new RequiredPermissions()
+ new ResourceProviderRequiredPermissions()
+ .withRead(false)
.withWrite(true)
- .withRead(true)
- .withDelete(true)),
- new PermissionsResourceProviderItem()
- .withProvider(
- ProviderName
- .MICROSOFT_OPERATIONAL_INSIGHTS_WORKSPACES_SHARED_KEYS)
- .withPermissionsDisplayText(
- "read permissions to shared keys for the workspace are"
- + " required. [See the documentation to learn more about"
- + " workspace"
- + " keys](https://docs.microsoft.com/azure/azure-monitor/platform/agent-windows#obtain-workspace-id-and-key).")
- .withProviderDisplayName("Keys")
- .withScope(PermissionProviderScope.WORKSPACE)
- .withRequiredPermissions(
- new RequiredPermissions().withAction(true))))
+ .withDelete(false)
+ .withAction(false))))
.withCustoms(
Arrays
.asList(
- new PermissionsCustomsItem()
- .withName("Microsoft.Web/sites permissions")
- .withDescription(
- "Read and write permissions to Azure Functions to create a"
- + " Function App is required. [See the documentation to"
- + " learn more about Azure"
- + " Functions](https://docs.microsoft.com/azure/azure-functions/)."),
- new PermissionsCustomsItem()
- .withName("Qualys API Key")
+ new CustomPermissionDetails()
+ .withName("GitHub API personal token Key")
.withDescription(
- "A Qualys VM API username and password is required. [See the"
- + " documentation to learn more about Qualys VM"
- + " API](https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf)."))))
+ "You need access to GitHub personal token, the key should have"
+ + " 'admin:org' scope"))))
.withInstructionSteps(
Arrays
.asList(
- new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
- .withTitle("")
- .withDescription(
- ">**NOTE:** This connector uses Azure Functions to connect to Qualys VM"
- + " to pull its logs into Azure Sentinel. This might result in"
- + " additional data ingestion costs. Check the [Azure Functions"
- + " pricing"
- + " page](https://azure.microsoft.com/pricing/details/functions/)"
- + " for details."),
- new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
- .withTitle("")
- .withDescription(
- ">**(Optional Step)** Securely store workspace and API authorization"
- + " key(s) or token(s) in Azure Key Vault. Azure Key Vault provides"
- + " a secure mechanism to store and retrieve key values. [Follow"
- + " these"
- + " instructions](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references)"
- + " to use Azure Key Vault with an Azure Function App."),
- new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
- .withTitle("")
+ new InstructionStep()
+ .withTitle("Connect GitHub Enterprise Audit Log to Azure Sentinel")
.withDescription(
- "**STEP 1 - Configuration steps for the Qualys VM API**\n\n"
- + "1. Log into the Qualys Vulnerability Management console with an"
- + " administrator account, select the **Users** tab and the"
- + " **Users** subtab. \n"
- + "2. Click on the **New** drop-down menu and select **Users..**\n"
- + "3. Create a username and password for the API account. \n"
- + "4. In the **User Roles** tab, ensure the account role is set to"
- + " **Manager** and access is allowed to **GUI** and **API**\n"
- + "4. Log out of the administrator account and log into the console"
- + " with the new API credentials for validation, then log out of"
- + " the API account. \n"
- + "5. Log back into the console using an administrator account and"
- + " modify the API accounts User Roles, removing access to **GUI**."
- + " \n"
- + "6. Save all changes."),
- new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
- .withTitle("")
- .withDescription(
- "**STEP 2 - Choose ONE from the following two deployment options to"
- + " deploy the connector and the associated Azure Function**\n\n"
- + ">**IMPORTANT:** Before deploying the Qualys VM connector, have"
- + " the Workspace ID and Workspace Primary Key (can be copied from"
- + " the following), as well as the Qualys VM API Authorization"
- + " Key(s), readily available.")
+ "Enable GitHub audit Logs. \n"
+ + " Follow"
+ + " [this](https://docs.github.com/en/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token)"
+ + " to create or find your personal key")
.withInstructions(
Arrays
.asList(
- new InstructionStepsInstructionsItem()
- .withParameters(
- SerializerFactory
- .createDefaultManagementSerializerAdapter()
- .deserialize(
- "{\"fillWith\":[\"WorkspaceId\"],\"label\":\"Workspace"
- + " ID\"}",
- Object.class,
- SerializerEncoding.JSON))
- .withType(SettingType.COPYABLE_LABEL),
- new InstructionStepsInstructionsItem()
+ new InstructionStepDetails()
.withParameters(
SerializerFactory
.createDefaultManagementSerializerAdapter()
.deserialize(
- "{\"fillWith\":[\"PrimaryKey\"],\"label\":\"Primary"
- + " Key\"}",
+ "{\"clientIdLabel\":\"Client"
+ + " ID\",\"clientSecretLabel\":\"Client"
+ + " Secret\",\"connectButtonLabel\":\"Connect\",\"disconnectButtonLabel\":\"Disconnect\"}",
Object.class,
SerializerEncoding.JSON))
- .withType(SettingType.COPYABLE_LABEL))),
- new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
- .withTitle("Option 1 - Azure Resource Manager (ARM) Template")
- .withDescription(
- "Use this method for automated deployment of the Qualys VM connector"
- + " using an ARM Tempate.\n\n"
- + "1. Click the **Deploy to Azure** button below. \n\n"
- + "\t[](https://aka.ms/sentinelqualysvmazuredeploy)\n"
- + "2. Select the preferred **Subscription**, **Resource Group** and"
- + " **Location**. \n"
- + "3. Enter the **Workspace ID**, **Workspace Key**, **API"
- + " Username**, **API Password** , update the **URI**, and any"
- + " additional URI **Filter Parameters** (each filter should be"
- + " separated by an \"&\" symbol, no spaces.) \n"
- + "> - Enter the URI that corresponds to your region. The complete"
- + " list of API Server URLs can be [found"
- + " here](https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf#G4.735348)"
- + " -- There is no need to add a time suffix to the URI, the"
- + " Function App will dynamically append the Time Value to the URI"
- + " in the proper format. \n"
- + " - The default **Time Interval** is set to pull the last five"
- + " (5) minutes of data. If the time interval needs to be modified,"
- + " it is recommended to change the Function App Timer Trigger"
- + " accordingly (in the function.json file, post deployment) to"
- + " prevent overlapping data ingestion. \n"
- + "> - Note: If using Azure Key Vault secrets for any of the values"
- + " above, use the`@Microsoft.KeyVault(SecretUri={Security"
- + " Identifier})`schema in place of the string values. Refer to"
- + " [Key Vault references"
- + " documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references)"
- + " for further details. \n"
- + "4. Mark the checkbox labeled **I agree to the terms and"
- + " conditions stated above**. \n"
- + "5. Click **Purchase** to deploy."),
- new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
- .withTitle("Option 2 - Manual Deployment of Azure Functions")
- .withDescription(
- "Use the following step-by-step instructions to deploy the Quayls VM"
- + " connector manually with Azure Functions."),
- new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
- .withTitle("")
- .withDescription(
- "**1. Create a Function App**\n\n"
- + "1. From the Azure Portal, navigate to [Function"
- + " App](https://portal.azure.com/#blade/HubsExtension/BrowseResource/resourceType/Microsoft.Web%2Fsites/kind/functionapp),"
- + " and select **+ Add**.\n"
- + "2. In the **Basics** tab, ensure Runtime stack is set to"
- + " **Powershell Core**. \n"
- + "3. In the **Hosting** tab, ensure the **Consumption"
- + " (Serverless)** plan type is selected.\n"
- + "4. Make other preferrable configuration changes, if needed, then"
- + " click **Create**."),
- new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
- .withTitle("")
- .withDescription(
- "**2. Import Function App Code**\n\n"
- + "1. In the newly created Function App, select **Functions** on"
- + " the left pane and click **+ New Function**.\n"
- + "2. Select **Timer Trigger**.\n"
- + "3. Enter a unique Function **Name** and leave the default cron"
- + " schedule of every 5 minutes, then click **Create**.\n"
- + "5. Click on **Code + Test** on the left pane. \n"
- + "6. Copy the [Function App"
- + " Code](https://aka.ms/sentinelqualysvmazurefunctioncode) and"
- + " paste into the Function App `run.ps1` editor.\n"
- + "7. Click **Save**."),
- new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
- .withTitle("")
- .withDescription(
- "**3. Configure the Function App**\n\n"
- + "1. In the Function App, select the Function App Name and select"
- + " **Configuration**.\n"
- + "2. In the **Application settings** tab, select **+ New"
- + " application setting**.\n"
- + "3. Add each of the following seven (7) application settings"
- + " individually, with their respective string values"
- + " (case-sensitive): \n"
- + "\t\tapiUsername\n"
- + "\t\tapiPassword\n"
- + "\t\tworkspaceID\n"
- + "\t\tworkspaceKey\n"
- + "\t\turi\n"
- + "\t\tfilterParameters\n"
- + "\t\ttimeInterval\n"
- + "> - Enter the URI that corresponds to your region. The complete"
- + " list of API Server URLs can be [found"
- + " here](https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf#G4.735348)."
- + " The `uri` value must follow the following schema: `https:///api/2.0/fo/asset/host/vm/detection/?action=list&vm_processed_after=`"
- + " -- There is no need to add a time suffix to the URI, the"
- + " Function App will dynamically append the Time Value to the URI"
- + " in the proper format.\n"
- + "> - Add any additional filter parameters, for the"
- + " `filterParameters` variable, that need to be appended to the"
- + " URI. Each parameter should be seperated by an \"&\" symbol and"
- + " should not include any spaces.\n"
- + "> - Set the `timeInterval` (in minutes) to the value of `5` to"
- + " correspond to the Timer Trigger of every `5` minutes. If the"
- + " time interval needs to be modified, it is recommended to change"
- + " the Function App Timer Trigger accordingly to prevent"
- + " overlapping data ingestion.\n"
- + "> - Note: If using Azure Key Vault, use"
- + " the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema"
- + " in place of the string values. Refer to [Key Vault references"
- + " documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references)"
- + " for further details.\n"
- + "4. Once all application settings have been entered, click"
- + " **Save**."),
- new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
- .withTitle("")
- .withDescription(
- "**4. Configure the host.json**.\n\n"
- + "Due to the potentially large amount of Qualys host detection"
- + " data being ingested, it can cause the execution time to surpass"
- + " the default Function App timeout of five (5) minutes. Increase"
- + " the default timeout duration to the maximum of ten (10)"
- + " minutes, under the Consumption Plan, to allow more time for the"
- + " Function App to execute.\n\n"
- + "1. In the Function App, select the Function App Name and select"
- + " the **App Service Editor** blade.\n"
- + "2. Click **Go** to open the editor, then select the"
- + " **host.json** file under the **wwwroot** directory.\n"
- + "3. Add the line `\"functionTimeout\": \"00:10:00\",` above the"
- + " `managedDependancy` line \n"
- + "4. Ensure **SAVED** appears on the top right corner of the"
- + " editor, then exit the editor.\n\n"
- + "> NOTE: If a longer timeout duration is required, consider"
- + " upgrading to an [App Service"
- + " Plan](https://docs.microsoft.com/azure/azure-functions/functions-scale#timeout)")))),
- Context.NONE);
+ .withType("OAuthForm")))))),
+ com.azure.core.util.Context.NONE);
+ }
+}
+```
+
+### DataConnectorDefinitions_Delete
+
+```java
+/** Samples for DataConnectorDefinitions Delete. */
+public final class DataConnectorDefinitionsDeleteSamples {
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectorDefinitions/DeleteDataConnectorDefinitionById.json
+ */
+ /**
+ * Sample code: Delete data connector definition.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void deleteDataConnectorDefinition(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectorDefinitions()
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
+ }
+}
+```
+
+### DataConnectorDefinitions_Get
+
+```java
+/** Samples for DataConnectorDefinitions Get. */
+public final class DataConnectorDefinitionsGetSamples {
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectorDefinitions/GetCustomizableDataConnectoeDefinitionById.json
+ */
+ /**
+ * Sample code: Get customize data connector definition.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getCustomizeDataConnectorDefinition(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectorDefinitions()
+ .getWithResponse(
+ "myRg", "myWorkspace", "763f9fa1-c2d3-4fa2-93e9-bccd4899aa12", com.azure.core.util.Context.NONE);
+ }
+}
+```
+
+### DataConnectorDefinitions_List
+
+```java
+/** Samples for DataConnectorDefinitions List. */
+public final class DataConnectorDefinitionsListSamples {
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectorDefinitions/GetDataConnectorDefinitions.json
+ */
+ /**
+ * Sample code: Get all data connector definitions.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAllDataConnectorDefinitions(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager.dataConnectorDefinitions().list("myRg", "myWorkspace", com.azure.core.util.Context.NONE);
+ }
+}
+```
+
+### DataConnectors_Connect
+
+```java
+import com.azure.core.management.serializer.SerializerFactory;
+import com.azure.core.util.serializer.SerializerEncoding;
+import com.azure.resourcemanager.securityinsights.models.ConnectAuthKind;
+import com.azure.resourcemanager.securityinsights.models.DataConnectorConnectBody;
+import java.io.IOException;
+import java.util.Arrays;
+
+/** Samples for DataConnectors Connect. */
+public final class DataConnectorsConnectSamples {
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/ConnectAPIPollingV2Logs.json
+ */
+ /**
+ * Sample code: Connect an APIPolling V2 logs data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void connectAnAPIPollingV2LogsDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) throws IOException {
+ manager
+ .dataConnectors()
+ .connectWithResponse(
+ "myRg",
+ "myWorkspace",
+ "316ec55e-7138-4d63-ab18-90c8a60fd1c8",
+ new DataConnectorConnectBody()
+ .withKind(ConnectAuthKind.APIKEY)
+ .withApiKey("fakeTokenPlaceholder")
+ .withDataCollectionEndpoint("https://test.eastus.ingest.monitor.azure.com")
+ .withDataCollectionRuleImmutableId("dcr-34adsj9o7d6f9de204478b9cgb43b631")
+ .withOutputStream("Custom-MyTableRawData")
+ .withRequestConfigUserInputValues(
+ Arrays
+ .asList(
+ SerializerFactory
+ .createDefaultManagementSerializerAdapter()
+ .deserialize(
+ "{\"displayText\":\"Organization"
+ + " Name\",\"placeHolderName\":\"{{placeHolder1}}\",\"placeHolderValue\":\"somePlaceHolderValue\",\"requestObjectKey\":\"apiEndpoint\"}",
+ Object.class,
+ SerializerEncoding.JSON))),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/ConnectAPIPolling.json
+ */
+ /**
+ * Sample code: Connect an APIPolling data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void connectAnAPIPollingDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) throws IOException {
+ manager
+ .dataConnectors()
+ .connectWithResponse(
+ "myRg",
+ "myWorkspace",
+ "316ec55e-7138-4d63-ab18-90c8a60fd1c8",
+ new DataConnectorConnectBody()
+ .withKind(ConnectAuthKind.APIKEY)
+ .withApiKey("fakeTokenPlaceholder")
+ .withRequestConfigUserInputValues(
+ Arrays
+ .asList(
+ SerializerFactory
+ .createDefaultManagementSerializerAdapter()
+ .deserialize(
+ "{\"displayText\":\"Organization"
+ + " Name\",\"placeHolderName\":\"{{placeHolder1}}\",\"placeHolderValue\":\"somePlaceHolderValue\",\"requestObjectKey\":\"apiEndpoint\"}",
+ Object.class,
+ SerializerEncoding.JSON))),
+ com.azure.core.util.Context.NONE);
+ }
+}
+```
+
+### DataConnectors_CreateOrUpdate
+
+```java
+import com.azure.core.management.serializer.SerializerFactory;
+import com.azure.core.util.serializer.SerializerEncoding;
+import com.azure.resourcemanager.securityinsights.models.Availability;
+import com.azure.resourcemanager.securityinsights.models.AvailabilityStatus;
+import com.azure.resourcemanager.securityinsights.models.CodelessApiPollingDataConnector;
+import com.azure.resourcemanager.securityinsights.models.CodelessConnectorPollingAuthProperties;
+import com.azure.resourcemanager.securityinsights.models.CodelessConnectorPollingConfigProperties;
+import com.azure.resourcemanager.securityinsights.models.CodelessConnectorPollingPagingProperties;
+import com.azure.resourcemanager.securityinsights.models.CodelessConnectorPollingRequestProperties;
+import com.azure.resourcemanager.securityinsights.models.CodelessConnectorPollingResponseProperties;
+import com.azure.resourcemanager.securityinsights.models.CodelessUiConnectorConfigProperties;
+import com.azure.resourcemanager.securityinsights.models.CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem;
+import com.azure.resourcemanager.securityinsights.models.CodelessUiConnectorConfigPropertiesDataTypesItem;
+import com.azure.resourcemanager.securityinsights.models.CodelessUiConnectorConfigPropertiesGraphQueriesItem;
+import com.azure.resourcemanager.securityinsights.models.CodelessUiConnectorConfigPropertiesInstructionStepsItem;
+import com.azure.resourcemanager.securityinsights.models.CodelessUiConnectorConfigPropertiesSampleQueriesItem;
+import com.azure.resourcemanager.securityinsights.models.CodelessUiDataConnector;
+import com.azure.resourcemanager.securityinsights.models.ConnectivityType;
+import com.azure.resourcemanager.securityinsights.models.DataTypeState;
+import com.azure.resourcemanager.securityinsights.models.DcrConfiguration;
+import com.azure.resourcemanager.securityinsights.models.Dynamics365DataConnector;
+import com.azure.resourcemanager.securityinsights.models.Dynamics365DataConnectorDataTypes;
+import com.azure.resourcemanager.securityinsights.models.Dynamics365DataConnectorDataTypesDynamics365CdsActivities;
+import com.azure.resourcemanager.securityinsights.models.GcpAuthProperties;
+import com.azure.resourcemanager.securityinsights.models.GcpDataConnector;
+import com.azure.resourcemanager.securityinsights.models.GcpRequestProperties;
+import com.azure.resourcemanager.securityinsights.models.InstructionStepsInstructionsItem;
+import com.azure.resourcemanager.securityinsights.models.MicrosoftPurviewInformationProtectionConnectorDataTypes;
+import com.azure.resourcemanager.securityinsights.models.MicrosoftPurviewInformationProtectionConnectorDataTypesLogs;
+import com.azure.resourcemanager.securityinsights.models.MicrosoftPurviewInformationProtectionDataConnector;
+import com.azure.resourcemanager.securityinsights.models.MstiDataConnector;
+import com.azure.resourcemanager.securityinsights.models.MstiDataConnectorDataTypes;
+import com.azure.resourcemanager.securityinsights.models.MstiDataConnectorDataTypesMicrosoftEmergingThreatFeed;
+import com.azure.resourcemanager.securityinsights.models.MtpDataConnector;
+import com.azure.resourcemanager.securityinsights.models.MtpDataConnectorDataTypes;
+import com.azure.resourcemanager.securityinsights.models.MtpDataConnectorDataTypesAlerts;
+import com.azure.resourcemanager.securityinsights.models.MtpDataConnectorDataTypesIncidents;
+import com.azure.resourcemanager.securityinsights.models.MtpFilteredProviders;
+import com.azure.resourcemanager.securityinsights.models.MtpProvider;
+import com.azure.resourcemanager.securityinsights.models.Office365ProjectConnectorDataTypes;
+import com.azure.resourcemanager.securityinsights.models.Office365ProjectConnectorDataTypesLogs;
+import com.azure.resourcemanager.securityinsights.models.Office365ProjectDataConnector;
+import com.azure.resourcemanager.securityinsights.models.OfficeDataConnector;
+import com.azure.resourcemanager.securityinsights.models.OfficeDataConnectorDataTypes;
+import com.azure.resourcemanager.securityinsights.models.OfficeDataConnectorDataTypesExchange;
+import com.azure.resourcemanager.securityinsights.models.OfficeDataConnectorDataTypesSharePoint;
+import com.azure.resourcemanager.securityinsights.models.OfficeDataConnectorDataTypesTeams;
+import com.azure.resourcemanager.securityinsights.models.OfficePowerBIConnectorDataTypes;
+import com.azure.resourcemanager.securityinsights.models.OfficePowerBIConnectorDataTypesLogs;
+import com.azure.resourcemanager.securityinsights.models.OfficePowerBIDataConnector;
+import com.azure.resourcemanager.securityinsights.models.PermissionProviderScope;
+import com.azure.resourcemanager.securityinsights.models.Permissions;
+import com.azure.resourcemanager.securityinsights.models.PermissionsCustomsItem;
+import com.azure.resourcemanager.securityinsights.models.PermissionsResourceProviderItem;
+import com.azure.resourcemanager.securityinsights.models.PollingFrequency;
+import com.azure.resourcemanager.securityinsights.models.ProviderName;
+import com.azure.resourcemanager.securityinsights.models.RequiredPermissions;
+import com.azure.resourcemanager.securityinsights.models.SettingType;
+import com.azure.resourcemanager.securityinsights.models.TIDataConnector;
+import com.azure.resourcemanager.securityinsights.models.TIDataConnectorDataTypes;
+import com.azure.resourcemanager.securityinsights.models.TIDataConnectorDataTypesIndicators;
+import com.azure.resourcemanager.securityinsights.models.TiTaxiiDataConnector;
+import com.azure.resourcemanager.securityinsights.models.TiTaxiiDataConnectorDataTypes;
+import com.azure.resourcemanager.securityinsights.models.TiTaxiiDataConnectorDataTypesTaxiiClient;
+import java.io.IOException;
+import java.time.OffsetDateTime;
+import java.util.Arrays;
+
+/** Samples for DataConnectors CreateOrUpdate. */
+public final class DataConnectorsCreateOrUpdateSamples {
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CreateMicrosoftPurviewInformationProtectionDataConnetor.json
+ */
+ /**
+ * Sample code: Creates or updates an MicrosoftPurviewInformationProtection data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void createsOrUpdatesAnMicrosoftPurviewInformationProtectionDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .createOrUpdateWithResponse(
+ "myRg",
+ "myWorkspace",
+ "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
+ new MicrosoftPurviewInformationProtectionDataConnector()
+ .withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\"")
+ .withDataTypes(
+ new MicrosoftPurviewInformationProtectionConnectorDataTypes()
+ .withLogs(
+ new MicrosoftPurviewInformationProtectionConnectorDataTypesLogs()
+ .withState(DataTypeState.ENABLED)))
+ .withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CreateOfficeDataConnetor.json
+ */
+ /**
+ * Sample code: Creates or updates an Office365 data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void createsOrUpdatesAnOffice365DataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .createOrUpdateWithResponse(
+ "myRg",
+ "myWorkspace",
+ "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
+ new OfficeDataConnector()
+ .withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\"")
+ .withDataTypes(
+ new OfficeDataConnectorDataTypes()
+ .withExchange(new OfficeDataConnectorDataTypesExchange().withState(DataTypeState.ENABLED))
+ .withSharePoint(
+ new OfficeDataConnectorDataTypesSharePoint().withState(DataTypeState.ENABLED))
+ .withTeams(new OfficeDataConnectorDataTypesTeams().withState(DataTypeState.ENABLED)))
+ .withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CreateMicrosoftThreatProtectionDataConnetor.json
+ */
+ /**
+ * Sample code: Creates or updates a MicrosoftThreatProtection data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void createsOrUpdatesAMicrosoftThreatProtectionDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .createOrUpdateWithResponse(
+ "myRg",
+ "myWorkspace",
+ "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
+ new MtpDataConnector()
+ .withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\"")
+ .withDataTypes(
+ new MtpDataConnectorDataTypes()
+ .withIncidents(new MtpDataConnectorDataTypesIncidents().withState(DataTypeState.DISABLED))
+ .withAlerts(new MtpDataConnectorDataTypesAlerts().withState(DataTypeState.ENABLED)))
+ .withFilteredProviders(
+ new MtpFilteredProviders()
+ .withAlerts(Arrays.asList(MtpProvider.MICROSOFT_DEFENDER_FOR_CLOUD_APPS)))
+ .withTenantId("178265c4-3136-4ff6-8ed1-b5b62b4cb5f5"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CreateOfficePowerBIDataConnector.json
+ */
+ /**
+ * Sample code: Creates or updates an Office PowerBI data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void createsOrUpdatesAnOfficePowerBIDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .createOrUpdateWithResponse(
+ "myRg",
+ "myWorkspace",
+ "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
+ new OfficePowerBIDataConnector()
+ .withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\"")
+ .withDataTypes(
+ new OfficePowerBIConnectorDataTypes()
+ .withLogs(new OfficePowerBIConnectorDataTypesLogs().withState(DataTypeState.ENABLED)))
+ .withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CreateThreatIntelligenceTaxiiDataConnector.json
+ */
+ /**
+ * Sample code: Creates or updates a Threat Intelligence Taxii data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void createsOrUpdatesAThreatIntelligenceTaxiiDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .createOrUpdateWithResponse(
+ "myRg",
+ "myWorkspace",
+ "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
+ new TiTaxiiDataConnector()
+ .withEtag("d12423f6-a60b-4ca5-88c0-feb1a182d0f0")
+ .withWorkspaceId("dd124572-4962-4495-9bd2-9dade12314b4")
+ .withFriendlyName("testTaxii")
+ .withTaxiiServer("https://limo.anomali.com/api/v1/taxii2/feeds")
+ .withCollectionId("135")
+ .withUsername("--")
+ .withPassword("fakeTokenPlaceholder")
+ .withTaxiiLookbackPeriod(OffsetDateTime.parse("2020-01-01T13:00:30.123Z"))
+ .withPollingFrequency(PollingFrequency.ONCE_ADAY)
+ .withDataTypes(
+ new TiTaxiiDataConnectorDataTypes()
+ .withTaxiiClient(
+ new TiTaxiiDataConnectorDataTypesTaxiiClient().withState(DataTypeState.ENABLED)))
+ .withTenantId("06b3ccb8-1384-4bcc-aec7-852f6d57161b"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CreateThreatIntelligenceDataConnector.json
+ */
+ /**
+ * Sample code: Creates or updates an Threat Intelligence Platform data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void createsOrUpdatesAnThreatIntelligencePlatformDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .createOrUpdateWithResponse(
+ "myRg",
+ "myWorkspace",
+ "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
+ new TIDataConnector()
+ .withTipLookbackPeriod(OffsetDateTime.parse("2020-01-01T13:00:30.123Z"))
+ .withDataTypes(
+ new TIDataConnectorDataTypes()
+ .withIndicators(new TIDataConnectorDataTypesIndicators().withState(DataTypeState.ENABLED)))
+ .withTenantId("06b3ccb8-1384-4bcc-aec7-852f6d57161b"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CreateDynamics365DataConnetor.json
+ */
+ /**
+ * Sample code: Creates or updates a Dynamics365 data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void createsOrUpdatesADynamics365DataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .createOrUpdateWithResponse(
+ "myRg",
+ "myWorkspace",
+ "c2541efb-c9a6-47fe-9501-87d1017d1512",
+ new Dynamics365DataConnector()
+ .withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\"")
+ .withDataTypes(
+ new Dynamics365DataConnectorDataTypes()
+ .withDynamics365CdsActivities(
+ new Dynamics365DataConnectorDataTypesDynamics365CdsActivities()
+ .withState(DataTypeState.ENABLED)))
+ .withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CreateGenericUI.json
+ */
+ /**
+ * Sample code: Creates or updates a GenericUI data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void createsOrUpdatesAGenericUIDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) throws IOException {
+ manager
+ .dataConnectors()
+ .createOrUpdateWithResponse(
+ "myRg",
+ "myWorkspace",
+ "316ec55e-7138-4d63-ab18-90c8a60fd1c8",
+ new CodelessUiDataConnector()
+ .withConnectorUiConfig(
+ new CodelessUiConnectorConfigProperties()
+ .withTitle("Qualys Vulnerability Management (CCP DEMO)")
+ .withPublisher("Qualys")
+ .withDescriptionMarkdown(
+ "The [Qualys Vulnerability Management"
+ + " (VM)](https://www.qualys.com/apps/vulnerability-management/) data connector"
+ + " provides the capability to ingest vulnerability host detection data into Azure"
+ + " Sentinel through the Qualys API. The connector provides visibility into host"
+ + " detection data from vulerability scans. This connector provides Azure Sentinel"
+ + " the capability to view dashboards, create custom alerts, and improve"
+ + " investigation ")
+ .withGraphQueriesTableName("QualysHostDetection_CL")
+ .withGraphQueries(
+ Arrays
+ .asList(
+ new CodelessUiConnectorConfigPropertiesGraphQueriesItem()
+ .withMetricName("Total data received")
+ .withLegend("{{graphQueriesTableName}}")
+ .withBaseQuery("{{graphQueriesTableName}}")))
+ .withSampleQueries(
+ Arrays
+ .asList(
+ new CodelessUiConnectorConfigPropertiesSampleQueriesItem()
+ .withDescription("Top 10 Vulerabilities detected")
+ .withQuery(
+ "{{graphQueriesTableName}}\n"
+ + " | mv-expand todynamic(Detections_s)\n"
+ + " | extend Vulnerability = tostring(Detections_s.Results)\n"
+ + " | summarize count() by Vulnerability\n"
+ + " | top 10 by count_")))
+ .withDataTypes(
+ Arrays
+ .asList(
+ new CodelessUiConnectorConfigPropertiesDataTypesItem()
+ .withName("{{graphQueriesTableName}}")
+ .withLastDataReceivedQuery(
+ "{{graphQueriesTableName}}\n"
+ + " | summarize Time = max(TimeGenerated)\n"
+ + " | where isnotempty(Time)")))
+ .withConnectivityCriteria(
+ Arrays
+ .asList(
+ new CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem()
+ .withType(ConnectivityType.IS_CONNECTED_QUERY)
+ .withValue(
+ Arrays
+ .asList(
+ "{{graphQueriesTableName}}\n"
+ + " | summarize LastLogReceived ="
+ + " max(TimeGenerated)\n"
+ + " | project IsConnected = LastLogReceived >"
+ + " ago(30d)"))))
+ .withAvailability(new Availability().withStatus(AvailabilityStatus.ONE).withIsPreview(true))
+ .withPermissions(
+ new Permissions()
+ .withResourceProvider(
+ Arrays
+ .asList(
+ new PermissionsResourceProviderItem()
+ .withProvider(
+ ProviderName.MICROSOFT_OPERATIONAL_INSIGHTS_WORKSPACES)
+ .withPermissionsDisplayText(
+ "read and write permissions on the workspace are required.")
+ .withProviderDisplayName("Workspace")
+ .withScope(PermissionProviderScope.WORKSPACE)
+ .withRequiredPermissions(
+ new RequiredPermissions()
+ .withWrite(true)
+ .withRead(true)
+ .withDelete(true)),
+ new PermissionsResourceProviderItem()
+ .withProvider(
+ ProviderName
+ .MICROSOFT_OPERATIONAL_INSIGHTS_WORKSPACES_SHARED_KEYS)
+ .withPermissionsDisplayText(
+ "read permissions to shared keys for the workspace are"
+ + " required. [See the documentation to learn more about"
+ + " workspace"
+ + " keys](https://docs.microsoft.com/azure/azure-monitor/platform/agent-windows#obtain-workspace-id-and-key).")
+ .withProviderDisplayName("Keys")
+ .withScope(PermissionProviderScope.WORKSPACE)
+ .withRequiredPermissions(
+ new RequiredPermissions().withAction(true))))
+ .withCustoms(
+ Arrays
+ .asList(
+ new PermissionsCustomsItem()
+ .withName("Microsoft.Web/sites permissions")
+ .withDescription(
+ "Read and write permissions to Azure Functions to create a"
+ + " Function App is required. [See the documentation to"
+ + " learn more about Azure"
+ + " Functions](https://docs.microsoft.com/azure/azure-functions/)."),
+ new PermissionsCustomsItem()
+ .withName("Qualys API Key")
+ .withDescription(
+ "A Qualys VM API username and password is required. [See the"
+ + " documentation to learn more about Qualys VM"
+ + " API](https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf)."))))
+ .withInstructionSteps(
+ Arrays
+ .asList(
+ new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
+ .withTitle("")
+ .withDescription(
+ ">**NOTE:** This connector uses Azure Functions to connect to Qualys VM"
+ + " to pull its logs into Azure Sentinel. This might result in"
+ + " additional data ingestion costs. Check the [Azure Functions"
+ + " pricing"
+ + " page](https://azure.microsoft.com/pricing/details/functions/)"
+ + " for details."),
+ new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
+ .withTitle("")
+ .withDescription(
+ ">**(Optional Step)** Securely store workspace and API authorization"
+ + " key(s) or token(s) in Azure Key Vault. Azure Key Vault provides"
+ + " a secure mechanism to store and retrieve key values. [Follow"
+ + " these"
+ + " instructions](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references)"
+ + " to use Azure Key Vault with an Azure Function App."),
+ new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
+ .withTitle("")
+ .withDescription(
+ "**STEP 1 - Configuration steps for the Qualys VM API**\n\n"
+ + "1. Log into the Qualys Vulnerability Management console with an"
+ + " administrator account, select the **Users** tab and the"
+ + " **Users** subtab. \n"
+ + "2. Click on the **New** drop-down menu and select **Users..**\n"
+ + "3. Create a username and password for the API account. \n"
+ + "4. In the **User Roles** tab, ensure the account role is set to"
+ + " **Manager** and access is allowed to **GUI** and **API**\n"
+ + "4. Log out of the administrator account and log into the console"
+ + " with the new API credentials for validation, then log out of"
+ + " the API account. \n"
+ + "5. Log back into the console using an administrator account and"
+ + " modify the API accounts User Roles, removing access to **GUI**."
+ + " \n"
+ + "6. Save all changes."),
+ new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
+ .withTitle("")
+ .withDescription(
+ "**STEP 2 - Choose ONE from the following two deployment options to"
+ + " deploy the connector and the associated Azure Function**\n\n"
+ + ">**IMPORTANT:** Before deploying the Qualys VM connector, have"
+ + " the Workspace ID and Workspace Primary Key (can be copied from"
+ + " the following), as well as the Qualys VM API Authorization"
+ + " Key(s), readily available.")
+ .withInstructions(
+ Arrays
+ .asList(
+ new InstructionStepsInstructionsItem()
+ .withParameters(
+ SerializerFactory
+ .createDefaultManagementSerializerAdapter()
+ .deserialize(
+ "{\"fillWith\":[\"WorkspaceId\"],\"label\":\"Workspace"
+ + " ID\"}",
+ Object.class,
+ SerializerEncoding.JSON))
+ .withType(SettingType.COPYABLE_LABEL),
+ new InstructionStepsInstructionsItem()
+ .withParameters(
+ SerializerFactory
+ .createDefaultManagementSerializerAdapter()
+ .deserialize(
+ "{\"fillWith\":[\"PrimaryKey\"],\"label\":\"Primary"
+ + " Key\"}",
+ Object.class,
+ SerializerEncoding.JSON))
+ .withType(SettingType.COPYABLE_LABEL))),
+ new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
+ .withTitle("Option 1 - Azure Resource Manager (ARM) Template")
+ .withDescription(
+ "Use this method for automated deployment of the Qualys VM connector"
+ + " using an ARM Tempate.\n\n"
+ + "1. Click the **Deploy to Azure** button below. \n\n"
+ + "\t[](https://aka.ms/sentinelqualysvmazuredeploy)\n"
+ + "2. Select the preferred **Subscription**, **Resource Group** and"
+ + " **Location**. \n"
+ + "3. Enter the **Workspace ID**, **Workspace Key**, **API"
+ + " Username**, **API Password** , update the **URI**, and any"
+ + " additional URI **Filter Parameters** (each filter should be"
+ + " separated by an \"&\" symbol, no spaces.) \n"
+ + "> - Enter the URI that corresponds to your region. The complete"
+ + " list of API Server URLs can be [found"
+ + " here](https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf#G4.735348)"
+ + " -- There is no need to add a time suffix to the URI, the"
+ + " Function App will dynamically append the Time Value to the URI"
+ + " in the proper format. \n"
+ + " - The default **Time Interval** is set to pull the last five"
+ + " (5) minutes of data. If the time interval needs to be modified,"
+ + " it is recommended to change the Function App Timer Trigger"
+ + " accordingly (in the function.json file, post deployment) to"
+ + " prevent overlapping data ingestion. \n"
+ + "> - Note: If using Azure Key Vault secrets for any of the values"
+ + " above, use the`@Microsoft.KeyVault(SecretUri={Security"
+ + " Identifier})`schema in place of the string values. Refer to"
+ + " [Key Vault references"
+ + " documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references)"
+ + " for further details. \n"
+ + "4. Mark the checkbox labeled **I agree to the terms and"
+ + " conditions stated above**. \n"
+ + "5. Click **Purchase** to deploy."),
+ new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
+ .withTitle("Option 2 - Manual Deployment of Azure Functions")
+ .withDescription(
+ "Use the following step-by-step instructions to deploy the Quayls VM"
+ + " connector manually with Azure Functions."),
+ new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
+ .withTitle("")
+ .withDescription(
+ "**1. Create a Function App**\n\n"
+ + "1. From the Azure Portal, navigate to [Function"
+ + " App](https://portal.azure.com/#blade/HubsExtension/BrowseResource/resourceType/Microsoft.Web%2Fsites/kind/functionapp),"
+ + " and select **+ Add**.\n"
+ + "2. In the **Basics** tab, ensure Runtime stack is set to"
+ + " **Powershell Core**. \n"
+ + "3. In the **Hosting** tab, ensure the **Consumption"
+ + " (Serverless)** plan type is selected.\n"
+ + "4. Make other preferrable configuration changes, if needed, then"
+ + " click **Create**."),
+ new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
+ .withTitle("")
+ .withDescription(
+ "**2. Import Function App Code**\n\n"
+ + "1. In the newly created Function App, select **Functions** on"
+ + " the left pane and click **+ New Function**.\n"
+ + "2. Select **Timer Trigger**.\n"
+ + "3. Enter a unique Function **Name** and leave the default cron"
+ + " schedule of every 5 minutes, then click **Create**.\n"
+ + "5. Click on **Code + Test** on the left pane. \n"
+ + "6. Copy the [Function App"
+ + " Code](https://aka.ms/sentinelqualysvmazurefunctioncode) and"
+ + " paste into the Function App `run.ps1` editor.\n"
+ + "7. Click **Save**."),
+ new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
+ .withTitle("")
+ .withDescription(
+ "**3. Configure the Function App**\n\n"
+ + "1. In the Function App, select the Function App Name and select"
+ + " **Configuration**.\n"
+ + "2. In the **Application settings** tab, select **+ New"
+ + " application setting**.\n"
+ + "3. Add each of the following seven (7) application settings"
+ + " individually, with their respective string values"
+ + " (case-sensitive): \n"
+ + "\t\tapiUsername\n"
+ + "\t\tapiPassword\n"
+ + "\t\tworkspaceID\n"
+ + "\t\tworkspaceKey\n"
+ + "\t\turi\n"
+ + "\t\tfilterParameters\n"
+ + "\t\ttimeInterval\n"
+ + "> - Enter the URI that corresponds to your region. The complete"
+ + " list of API Server URLs can be [found"
+ + " here](https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf#G4.735348)."
+ + " The `uri` value must follow the following schema: `https:///api/2.0/fo/asset/host/vm/detection/?action=list&vm_processed_after=`"
+ + " -- There is no need to add a time suffix to the URI, the"
+ + " Function App will dynamically append the Time Value to the URI"
+ + " in the proper format.\n"
+ + "> - Add any additional filter parameters, for the"
+ + " `filterParameters` variable, that need to be appended to the"
+ + " URI. Each parameter should be seperated by an \"&\" symbol and"
+ + " should not include any spaces.\n"
+ + "> - Set the `timeInterval` (in minutes) to the value of `5` to"
+ + " correspond to the Timer Trigger of every `5` minutes. If the"
+ + " time interval needs to be modified, it is recommended to change"
+ + " the Function App Timer Trigger accordingly to prevent"
+ + " overlapping data ingestion.\n"
+ + "> - Note: If using Azure Key Vault, use"
+ + " the`@Microsoft.KeyVault(SecretUri={Security Identifier})`schema"
+ + " in place of the string values. Refer to [Key Vault references"
+ + " documentation](https://docs.microsoft.com/azure/app-service/app-service-key-vault-references)"
+ + " for further details.\n"
+ + "4. Once all application settings have been entered, click"
+ + " **Save**."),
+ new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
+ .withTitle("")
+ .withDescription(
+ "**4. Configure the host.json**.\n\n"
+ + "Due to the potentially large amount of Qualys host detection"
+ + " data being ingested, it can cause the execution time to surpass"
+ + " the default Function App timeout of five (5) minutes. Increase"
+ + " the default timeout duration to the maximum of ten (10)"
+ + " minutes, under the Consumption Plan, to allow more time for the"
+ + " Function App to execute.\n\n"
+ + "1. In the Function App, select the Function App Name and select"
+ + " the **App Service Editor** blade.\n"
+ + "2. Click **Go** to open the editor, then select the"
+ + " **host.json** file under the **wwwroot** directory.\n"
+ + "3. Add the line `\"functionTimeout\": \"00:10:00\",` above the"
+ + " `managedDependancy` line \n"
+ + "4. Ensure **SAVED** appears on the top right corner of the"
+ + " editor, then exit the editor.\n\n"
+ + "> NOTE: If a longer timeout duration is required, consider"
+ + " upgrading to an [App Service"
+ + " Plan](https://docs.microsoft.com/azure/azure-functions/functions-scale#timeout)")))),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CreateOffice365ProjectDataConnetor.json
+ */
+ /**
+ * Sample code: Creates or updates an Office365 Project data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void createsOrUpdatesAnOffice365ProjectDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .createOrUpdateWithResponse(
+ "myRg",
+ "myWorkspace",
+ "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
+ new Office365ProjectDataConnector()
+ .withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\"")
+ .withDataTypes(
+ new Office365ProjectConnectorDataTypes()
+ .withLogs(new Office365ProjectConnectorDataTypesLogs().withState(DataTypeState.ENABLED)))
+ .withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CreateGoogleCloudPlatform.json
+ */
+ /**
+ * Sample code: Creates or updates a GCP data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void createsOrUpdatesAGCPDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .createOrUpdateWithResponse(
+ "myRg",
+ "myWorkspace",
+ "GCP_fce27b90-d6f5-4d30-991a-af509a2b50a1",
+ new GcpDataConnector()
+ .withConnectorDefinitionName("GcpConnector")
+ .withAuth(
+ new GcpAuthProperties()
+ .withServiceAccountEmail("sentinel-service-account@project-id.iam.gserviceaccount.com")
+ .withProjectNumber("123456789012")
+ .withWorkloadIdentityProviderId("sentinel-identity-provider"))
+ .withRequest(
+ new GcpRequestProperties()
+ .withProjectId("project-id")
+ .withSubscriptionNames(Arrays.asList("sentinel-subscription")))
+ .withDcrConfig(
+ new DcrConfiguration()
+ .withDataCollectionEndpoint(
+ "https://microsoft-sentinel-datacollectionendpoint-123m.westeurope-1.ingest.monitor.azure.com")
+ .withDataCollectionRuleImmutableId("dcr-de21b053bd5a44beb99a256c9db85023")
+ .withStreamName("SENTINEL_GCP_AUDIT_LOGS")),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CreateMicrosoftThreatIntelligenceDataConnector.json
+ */
+ /**
+ * Sample code: Creates or updates a Microsoft Threat Intelligence data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void createsOrUpdatesAMicrosoftThreatIntelligenceDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .createOrUpdateWithResponse(
+ "myRg",
+ "myWorkspace",
+ "c345bf40-8509-4ed2-b947-50cb773aaf04",
+ new MstiDataConnector()
+ .withDataTypes(
+ new MstiDataConnectorDataTypes()
+ .withMicrosoftEmergingThreatFeed(
+ new MstiDataConnectorDataTypesMicrosoftEmergingThreatFeed()
+ .withState(DataTypeState.ENABLED)
+ .withLookbackPeriod("1970-01-01T00:00:00.000Z")))
+ .withTenantId("06b3ccb8-1384-4bcc-aec7-852f6d57161b"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CreateAPIPolling.json
+ */
+ /**
+ * Sample code: Creates or updates a APIPolling data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void createsOrUpdatesAAPIPollingDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) throws IOException {
+ manager
+ .dataConnectors()
+ .createOrUpdateWithResponse(
+ "myRg",
+ "myWorkspace",
+ "316ec55e-7138-4d63-ab18-90c8a60fd1c8",
+ new CodelessApiPollingDataConnector()
+ .withConnectorUiConfig(
+ new CodelessUiConnectorConfigProperties()
+ .withTitle("GitHub Enterprise Audit Log")
+ .withPublisher("GitHub")
+ .withDescriptionMarkdown(
+ "The GitHub audit log connector provides the capability to ingest GitHub logs into"
+ + " Azure Sentinel. By connecting GitHub audit logs into Azure Sentinel, you can"
+ + " view this data in workbooks, use it to create custom alerts, and improve your"
+ + " investigation process.")
+ .withGraphQueriesTableName("GitHubAuditLogPolling_CL")
+ .withGraphQueries(
+ Arrays
+ .asList(
+ new CodelessUiConnectorConfigPropertiesGraphQueriesItem()
+ .withMetricName("Total events received")
+ .withLegend("GitHub audit log events")
+ .withBaseQuery("{{graphQueriesTableName}}")))
+ .withSampleQueries(
+ Arrays
+ .asList(
+ new CodelessUiConnectorConfigPropertiesSampleQueriesItem()
+ .withDescription("All logs")
+ .withQuery("{{graphQueriesTableName}}\n | take 10 ")))
+ .withDataTypes(
+ Arrays
+ .asList(
+ new CodelessUiConnectorConfigPropertiesDataTypesItem()
+ .withName("{{graphQueriesTableName}}")
+ .withLastDataReceivedQuery(
+ "{{graphQueriesTableName}}\n"
+ + " | summarize Time = max(TimeGenerated)\n"
+ + " | where isnotempty(Time)")))
+ .withConnectivityCriteria(
+ Arrays
+ .asList(
+ new CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem()
+ .withType(ConnectivityType.fromString("SentinelKindsV2"))
+ .withValue(Arrays.asList())))
+ .withAvailability(new Availability().withStatus(AvailabilityStatus.ONE).withIsPreview(true))
+ .withPermissions(
+ new Permissions()
+ .withResourceProvider(
+ Arrays
+ .asList(
+ new PermissionsResourceProviderItem()
+ .withProvider(
+ ProviderName.MICROSOFT_OPERATIONAL_INSIGHTS_WORKSPACES)
+ .withPermissionsDisplayText(
+ "read and write permissions are required.")
+ .withProviderDisplayName("Workspace")
+ .withScope(PermissionProviderScope.WORKSPACE)
+ .withRequiredPermissions(
+ new RequiredPermissions()
+ .withWrite(true)
+ .withRead(true)
+ .withDelete(true))))
+ .withCustoms(
+ Arrays
+ .asList(
+ new PermissionsCustomsItem()
+ .withName("GitHub API personal token Key")
+ .withDescription(
+ "You need access to GitHub personal token, the key should have"
+ + " 'admin:org' scope"))))
+ .withInstructionSteps(
+ Arrays
+ .asList(
+ new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
+ .withTitle("Connect GitHub Enterprise Audit Log to Azure Sentinel")
+ .withDescription(
+ "Enable GitHub audit Logs. \n"
+ + " Follow"
+ + " [this](https://docs.github.com/en/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token)"
+ + " to create or find your personal key")
+ .withInstructions(
+ Arrays
+ .asList(
+ new InstructionStepsInstructionsItem()
+ .withParameters(
+ SerializerFactory
+ .createDefaultManagementSerializerAdapter()
+ .deserialize(
+ "{\"enable\":\"true\",\"userRequestPlaceHoldersInput\":[{\"displayText\":\"Organization"
+ + " Name\",\"placeHolderName\":\"{{placeHolder1}}\",\"placeHolderValue\":\"\",\"requestObjectKey\":\"apiEndpoint\"}]}",
+ Object.class,
+ SerializerEncoding.JSON))
+ .withType(SettingType.fromString("APIKey")))))))
+ .withPollingConfig(
+ new CodelessConnectorPollingConfigProperties()
+ .withAuth(
+ new CodelessConnectorPollingAuthProperties()
+ .withAuthType("APIKey")
+ .withApiKeyName("fakeTokenPlaceholder")
+ .withApiKeyIdentifier("fakeTokenPlaceholder"))
+ .withRequest(
+ new CodelessConnectorPollingRequestProperties()
+ .withApiEndpoint("https://api.github.com/organizations/{{placeHolder1}}/audit-log")
+ .withRateLimitQps(50)
+ .withQueryWindowInMin(15)
+ .withHttpMethod("Get")
+ .withQueryTimeFormat("yyyy-MM-ddTHH:mm:ssZ")
+ .withRetryCount(2)
+ .withTimeoutInSeconds(60)
+ .withHeaders(
+ SerializerFactory
+ .createDefaultManagementSerializerAdapter()
+ .deserialize(
+ "{\"Accept\":\"application/json\",\"User-Agent\":\"Scuba\"}",
+ Object.class,
+ SerializerEncoding.JSON))
+ .withQueryParameters(
+ SerializerFactory
+ .createDefaultManagementSerializerAdapter()
+ .deserialize(
+ "{\"phrase\":\"created:{_QueryWindowStartTime}..{_QueryWindowEndTime}\"}",
+ Object.class,
+ SerializerEncoding.JSON)))
+ .withPaging(
+ new CodelessConnectorPollingPagingProperties()
+ .withPagingType("LinkHeader")
+ .withPageSizeParaName("per_page"))
+ .withResponse(
+ new CodelessConnectorPollingResponseProperties()
+ .withEventsJsonPaths(Arrays.asList("$")))),
+ com.azure.core.util.Context.NONE);
+ }
+}
+```
+
+### DataConnectors_Delete
+
+```java
+/** Samples for DataConnectors Delete. */
+public final class DataConnectorsDeleteSamples {
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/DeleteOffice365ProjectDataConnetor.json
+ */
+ /**
+ * Sample code: Delete an Office365 Project data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void deleteAnOffice365ProjectDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/DeleteMicrosoftPurviewInformationProtectionDataConnetor.json
+ */
+ /**
+ * Sample code: Delete an MicrosoftPurviewInformationProtection data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void deleteAnMicrosoftPurviewInformationProtectionDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/DeleteGoogleCloudPlatform.json
+ */
+ /**
+ * Sample code: Delete a GCP data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void deleteAGCPDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "GCP_fce27b90-d6f5-4d30-991a-af509a2b50a1", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/DeleteGenericUI.json
+ */
+ /**
+ * Sample code: Delete a GenericUI data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void deleteAGenericUIDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "316ec55e-7138-4d63-ab18-90c8a60fd1c8", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/DeleteOfficeDataConnetor.json
+ */
+ /**
+ * Sample code: Delete an Office365 data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void deleteAnOffice365DataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/DeleteOfficePowerBIDataConnetor.json
+ */
+ /**
+ * Sample code: Delete an Office PowerBI data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void deleteAnOfficePowerBIDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/DeleteAPIPolling.json
+ */
+ /**
+ * Sample code: Delete a APIPolling data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void deleteAAPIPollingDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "316ec55e-7138-4d63-ab18-90c8a60fd1c8", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/DeleteMicrosoftThreatIntelligenceDataConnector.json
+ */
+ /**
+ * Sample code: Delete an MicrosoftThreatIntelligence data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void deleteAnMicrosoftThreatIntelligenceDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "c345bf40-8509-4ed2-b947-50cb773aaf04", com.azure.core.util.Context.NONE);
+ }
+}
+```
+
+### DataConnectors_Disconnect
+
+```java
+/** Samples for DataConnectors Disconnect. */
+public final class DataConnectorsDisconnectSamples {
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/DisconnectAPIPolling.json
+ */
+ /**
+ * Sample code: Disconnect an APIPolling data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void disconnectAnAPIPollingDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .disconnectWithResponse(
+ "myRg", "myWorkspace", "316ec55e-7138-4d63-ab18-90c8a60fd1c8", com.azure.core.util.Context.NONE);
+ }
+}
+```
+
+### DataConnectors_Get
+
+```java
+/** Samples for DataConnectors Get. */
+public final class DataConnectorsGetSamples {
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetAzureActiveDirectoryById.json
+ */
+ /**
+ * Sample code: Get an AADIP (Azure Active Directory Identity Protection) data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAnAADIPAzureActiveDirectoryIdentityProtectionDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "f0cd27d2-5f03-4c06-ba31-d2dc82dcb51d", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetOffice365ProjectDataConnetorById.json
+ */
+ /**
+ * Sample code: Get an Office365 Project data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAnOffice365ProjectDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetGenericUI.json
+ */
+ /**
+ * Sample code: Get a GenericUI data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAGenericUIDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "316ec55e-7138-4d63-ab18-90c8a60fd1c8", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetOffice365AdvancedThreatProtectionById.json
+ */
+ /**
+ * Sample code: Get an Office ATP data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAnOfficeATPDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "3d3e955e-33eb-401d-89a7-251c81ddd660", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetIoTById.json
+ */
+ /**
+ * Sample code: Get a IoT data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAIoTDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "d2e5dc7a-f3a2-429d-954b-939fa8c2932e", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetMicrosoftCloudAppSecurityById.json
+ */
+ /**
+ * Sample code: Get a MCAS data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAMCASDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "b96d014d-b5c2-4a01-9aba-a8058f629d42", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetThreatIntelligenceTaxiiById.json
+ */
+ /**
+ * Sample code: Get a TI Taxii data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getATITaxiiDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "c39bb458-02a7-4b3f-b0c8-71a1d2692652", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetMicrosoftThreatIntelligenceById.json
+ */
+ /**
+ * Sample code: Get a MicrosoftThreatIntelligence data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAMicrosoftThreatIntelligenceDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "c345bf40-8509-4ed2-b947-50cb773aaf04", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetAzureSecurityCenterById.json
+ */
+ /**
+ * Sample code: Get a ASC data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAASCDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "763f9fa1-c2d3-4fa2-93e9-bccd4899aa12", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetThreatIntelligenceById.json
+ */
+ /**
+ * Sample code: Get a TI data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getATIDataConnector(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "c345bf40-8509-4ed2-b947-50cb773aaf04", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetAmazonWebServicesCloudTrailById.json
+ */
+ /**
+ * Sample code: Get an AwsCloudTrail data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAnAwsCloudTrailDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "c345bf40-8509-4ed2-b947-50cb773aaf04", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetMicrosoftDefenderAdvancedThreatProtectionById.json
+ */
+ /**
+ * Sample code: Get a MDATP data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAMDATPDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "06b3ccb8-1384-4bcc-aec7-852f6d57161b", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetMicrosoftThreatProtectionById.json
+ */
+ /**
+ * Sample code: Get a MicrosoftThreatProtection data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAMicrosoftThreatProtectionDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "c345bf40-8509-4ed2-b947-50cb773aaf04", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetMicrosoftPurviewInformationProtectionDataConnetorById.json
+ */
+ /**
+ * Sample code: Get a MicrosoftPurviewInformationProtection data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAMicrosoftPurviewInformationProtectionDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetAzureAdvancedThreatProtectionById.json
+ */
+ /**
+ * Sample code: Get an AATP data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAnAATPDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "07e42cb3-e658-4e90-801c-efa0f29d3d44", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetAPIPolling.json
+ */
+ /**
+ * Sample code: Get a APIPolling data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAAPIPollingDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "316ec55e-7138-4d63-ab18-90c8a60fd1c8", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetMicrosoftInsiderRiskManagementById.json
+ */
+ /**
+ * Sample code: Get an Office IRM data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAnOfficeIRMDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "3d3e955e-33eb-401d-89a7-251c81ddd660", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetDynamics365DataConnectorById.json
+ */
+ /**
+ * Sample code: Get a Dynamics365 data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getADynamics365DataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "c2541efb-c9a6-47fe-9501-87d1017d1512", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetOfficeDataConnetorById.json
+ */
+ /**
+ * Sample code: Get an Office365 data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAnOffice365DataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetGoogleCloudPlatformById.json
+ */
+ /**
+ * Sample code: Get a GCP data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAGCPDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "GCP_fce27b90-d6f5-4d30-991a-af509a2b50a1", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetAmazonWebServicesS3ById.json
+ */
+ /**
+ * Sample code: Get an Aws S3 data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAnAwsS3DataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "afef3743-0c88-469c-84ff-ca2e87dc1e48", com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetOfficePowerBIDataConnetorById.json
+ */
+ /**
+ * Sample code: Get an Office365 PowerBI data connector.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAnOffice365PowerBIDataConnector(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectors()
+ .getWithResponse(
+ "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
+ }
+}
+```
+
+### DataConnectors_List
+
+```java
+/** Samples for DataConnectors List. */
+public final class DataConnectorsListSamples {
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/GetDataConnectors.json
+ */
+ /**
+ * Sample code: Get all data connectors.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAllDataConnectors(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager.dataConnectors().list("myRg", "myWorkspace", com.azure.core.util.Context.NONE);
+ }
+}
+```
+
+### DataConnectorsCheckRequirementsOperation_Post
+
+```java
+import com.azure.resourcemanager.securityinsights.models.AadCheckRequirements;
+import com.azure.resourcemanager.securityinsights.models.AscCheckRequirements;
+import com.azure.resourcemanager.securityinsights.models.Dynamics365CheckRequirements;
+import com.azure.resourcemanager.securityinsights.models.IoTCheckRequirements;
+import com.azure.resourcemanager.securityinsights.models.McasCheckRequirements;
+import com.azure.resourcemanager.securityinsights.models.MicrosoftPurviewInformationProtectionCheckRequirements;
+import com.azure.resourcemanager.securityinsights.models.MstiCheckRequirements;
+import com.azure.resourcemanager.securityinsights.models.MtpCheckRequirements;
+import com.azure.resourcemanager.securityinsights.models.Office365ProjectCheckRequirements;
+import com.azure.resourcemanager.securityinsights.models.OfficeAtpCheckRequirements;
+import com.azure.resourcemanager.securityinsights.models.OfficeIrmCheckRequirements;
+import com.azure.resourcemanager.securityinsights.models.OfficePowerBICheckRequirements;
+import com.azure.resourcemanager.securityinsights.models.TICheckRequirements;
+import com.azure.resourcemanager.securityinsights.models.TiTaxiiCheckRequirements;
+
+/** Samples for DataConnectorsCheckRequirementsOperation Post. */
+public final class DataConnectorsCheckRequirementsOperationPostSamples {
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CheckRequirementsOfficeATP.json
+ */
+ /**
+ * Sample code: Check requirements for OfficeATP.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void checkRequirementsForOfficeATP(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectorsCheckRequirementsOperations()
+ .postWithResponse(
+ "myRg",
+ "myWorkspace",
+ new OfficeAtpCheckRequirements().withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CheckRequirementsOffice365Project.json
+ */
+ /**
+ * Sample code: Check requirements for Office365Project.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void checkRequirementsForOffice365Project(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectorsCheckRequirementsOperations()
+ .postWithResponse(
+ "myRg",
+ "myWorkspace",
+ new Office365ProjectCheckRequirements().withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CheckRequirementsAzureActiveDirectoryNoAuthorization.json
+ */
+ /**
+ * Sample code: Check requirements for AADIP (Azure Active Directory Identity Protection) - no authorization.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void checkRequirementsForAADIPAzureActiveDirectoryIdentityProtectionNoAuthorization(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectorsCheckRequirementsOperations()
+ .postWithResponse(
+ "myRg",
+ "myWorkspace",
+ new AadCheckRequirements().withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CheckRequirementsMicrosoftCloudAppSecurity.json
+ */
+ /**
+ * Sample code: Check requirements for Mcas.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void checkRequirementsForMcas(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectorsCheckRequirementsOperations()
+ .postWithResponse(
+ "myRg",
+ "myWorkspace",
+ new McasCheckRequirements().withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CheckRequirementsIoT.json
+ */
+ /**
+ * Sample code: Check requirements for IoT.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void checkRequirementsForIoT(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectorsCheckRequirementsOperations()
+ .postWithResponse(
+ "myRg",
+ "myWorkspace",
+ new IoTCheckRequirements().withSubscriptionId("c0688291-89d7-4bed-87a2-a7b1bff43f4c"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CheckRequirementsMdatp.json
+ */
+ /**
+ * Sample code: Check requirements for Mdatp.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void checkRequirementsForMdatp(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectorsCheckRequirementsOperations()
+ .postWithResponse(
+ "myRg",
+ "myWorkspace",
+ new McasCheckRequirements().withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CheckRequirementsAzureSecurityCenter.json
+ */
+ /**
+ * Sample code: Check requirements for ASC.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void checkRequirementsForASC(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectorsCheckRequirementsOperations()
+ .postWithResponse(
+ "myRg",
+ "myWorkspace",
+ new AscCheckRequirements().withSubscriptionId("c0688291-89d7-4bed-87a2-a7b1bff43f4c"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CheckRequirementsMicrosoftPurviewInformationProtection.json
+ */
+ /**
+ * Sample code: Check requirements for MicrosoftPurviewInformationProtection.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void checkRequirementsForMicrosoftPurviewInformationProtection(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectorsCheckRequirementsOperations()
+ .postWithResponse(
+ "myRg",
+ "myWorkspace",
+ new MicrosoftPurviewInformationProtectionCheckRequirements()
+ .withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CheckRequirementsMicrosoftThreatProtection.json
+ */
+ /**
+ * Sample code: Check requirements for MicrosoftThreatProtection.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void checkRequirementsForMicrosoftThreatProtection(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectorsCheckRequirementsOperations()
+ .postWithResponse(
+ "myRg",
+ "myWorkspace",
+ new MtpCheckRequirements().withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CheckRequirementsThreatIntelligenceTaxii.json
+ */
+ /**
+ * Sample code: Check requirements for TI Taxii.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void checkRequirementsForTITaxii(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectorsCheckRequirementsOperations()
+ .postWithResponse(
+ "myRg",
+ "myWorkspace",
+ new TiTaxiiCheckRequirements().withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CheckRequirementsOfficeIRM.json
+ */
+ /**
+ * Sample code: Check requirements for OfficeIRM.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void checkRequirementsForOfficeIRM(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectorsCheckRequirementsOperations()
+ .postWithResponse(
+ "myRg",
+ "myWorkspace",
+ new OfficeIrmCheckRequirements().withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CheckRequirementsMicrosoftThreatIntelligence.json
+ */
+ /**
+ * Sample code: Check requirements for MicrosoftThreatIntelligence.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void checkRequirementsForMicrosoftThreatIntelligence(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectorsCheckRequirementsOperations()
+ .postWithResponse(
+ "myRg",
+ "myWorkspace",
+ new MstiCheckRequirements().withTenantId("06b3ccb8-1384-4bcc-aec7-852f6d57161b"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CheckRequirementsAzureActiveDirectory.json
+ */
+ /**
+ * Sample code: Check requirements for AADIP (Azure Active Directory Identity Protection).
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void checkRequirementsForAADIPAzureActiveDirectoryIdentityProtection(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectorsCheckRequirementsOperations()
+ .postWithResponse(
+ "myRg",
+ "myWorkspace",
+ new AadCheckRequirements().withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CheckRequirementsOfficePowerBI.json
+ */
+ /**
+ * Sample code: Check requirements for OfficePowerBI.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void checkRequirementsForOfficePowerBI(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectorsCheckRequirementsOperations()
+ .postWithResponse(
+ "myRg",
+ "myWorkspace",
+ new OfficePowerBICheckRequirements().withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CheckRequirementsDynamics365.json
+ */
+ /**
+ * Sample code: Check requirements for Dynamics365.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void checkRequirementsForDynamics365(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectorsCheckRequirementsOperations()
+ .postWithResponse(
+ "myRg",
+ "myWorkspace",
+ new Dynamics365CheckRequirements().withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CheckRequirementsAzureActiveDirectoryNoLicense.json
+ */
+ /**
+ * Sample code: Check requirements for AADIP (Azure Active Directory Identity Protection) - no license.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void checkRequirementsForAADIPAzureActiveDirectoryIdentityProtectionNoLicense(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectorsCheckRequirementsOperations()
+ .postWithResponse(
+ "myRg",
+ "myWorkspace",
+ new AadCheckRequirements().withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
+ com.azure.core.util.Context.NONE);
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/dataConnectors/CheckRequirementsThreatIntelligence.json
+ */
+ /**
+ * Sample code: Check requirements for TI.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void checkRequirementsForTI(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .dataConnectorsCheckRequirementsOperations()
+ .postWithResponse(
+ "myRg",
+ "myWorkspace",
+ new TICheckRequirements().withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
+ com.azure.core.util.Context.NONE);
+ }
+}
+```
+
+### DomainWhois_Get
+
+```java
+/** Samples for DomainWhois Get. */
+public final class DomainWhoisGetSamples {
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/enrichment/GetWhoisByDomainName.json
+ */
+ /**
+ * Sample code: Get whois information for a single domain name.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getWhoisInformationForASingleDomainName(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager.domainWhois().getWithResponse("myRg", "microsoft.com", com.azure.core.util.Context.NONE);
+ }
+}
+```
+
+### Entities_Expand
+
+```java
+import com.azure.resourcemanager.securityinsights.models.EntityExpandParameters;
+import java.time.OffsetDateTime;
+import java.util.UUID;
+
+/** Samples for Entities Expand. */
+public final class EntitiesExpandSamples {
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/expand/PostExpandEntity.json
+ */
+ /**
+ * Sample code: Expand an entity.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void expandAnEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .entities()
+ .expandWithResponse(
+ "myRg",
+ "myWorkspace",
+ "e1d3d618-e11f-478b-98e3-bb381539a8e1",
+ new EntityExpandParameters()
+ .withEndTime(OffsetDateTime.parse("2019-05-26T00:00:00.000Z"))
+ .withExpansionId(UUID.fromString("a77992f3-25e9-4d01-99a4-5ff606cc410a"))
+ .withStartTime(OffsetDateTime.parse("2019-04-25T00:00:00.000Z")),
+ com.azure.core.util.Context.NONE);
}
+}
+```
+
+### Entities_Get
+```java
+/** Samples for Entities Get. */
+public final class EntitiesGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CreateOffice365ProjectDataConnetor.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetSubmissionMailEntityById.json
*/
/**
- * Sample code: Creates or updates an Office365 Project data connector.
+ * Sample code: Get a submissionMail entity.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createsOrUpdatesAnOffice365ProjectDataConnector(
+ public static void getASubmissionMailEntity(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .createOrUpdateWithResponse(
- "myRg",
- "myWorkspace",
- "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
- new Office365ProjectDataConnector()
- .withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\"")
- .withDataTypes(
- new Office365ProjectConnectorDataTypes()
- .withLogs(new Office365ProjectConnectorDataTypesLogs().withState(DataTypeState.ENABLED)))
- .withTenantId("2070ecc9-b4d5-4ae4-adaa-936fa1954fa8"),
- Context.NONE);
+ .entities()
+ .getWithResponse(
+ "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", com.azure.core.util.Context.NONE);
}
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CreateAPIPolling.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetDnsEntityById.json
*/
/**
- * Sample code: Creates or updates a APIPolling data connector.
+ * Sample code: Get a dns entity.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createsOrUpdatesAAPIPollingDataConnector(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) throws IOException {
+ public static void getADnsEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .createOrUpdateWithResponse(
- "myRg",
- "myWorkspace",
- "316ec55e-7138-4d63-ab18-90c8a60fd1c8",
- new CodelessApiPollingDataConnector()
- .withConnectorUiConfig(
- new CodelessUiConnectorConfigProperties()
- .withTitle("GitHub Enterprise Audit Log")
- .withPublisher("GitHub")
- .withDescriptionMarkdown(
- "The GitHub audit log connector provides the capability to ingest GitHub logs into"
- + " Azure Sentinel. By connecting GitHub audit logs into Azure Sentinel, you can"
- + " view this data in workbooks, use it to create custom alerts, and improve your"
- + " investigation process.")
- .withGraphQueriesTableName("GitHubAuditLogPolling_CL")
- .withGraphQueries(
- Arrays
- .asList(
- new CodelessUiConnectorConfigPropertiesGraphQueriesItem()
- .withMetricName("Total events received")
- .withLegend("GitHub audit log events")
- .withBaseQuery("{{graphQueriesTableName}}")))
- .withSampleQueries(
- Arrays
- .asList(
- new CodelessUiConnectorConfigPropertiesSampleQueriesItem()
- .withDescription("All logs")
- .withQuery("{{graphQueriesTableName}}\n | take 10 ")))
- .withDataTypes(
- Arrays
- .asList(
- new CodelessUiConnectorConfigPropertiesDataTypesItem()
- .withName("{{graphQueriesTableName}}")
- .withLastDataReceivedQuery(
- "{{graphQueriesTableName}}\n"
- + " | summarize Time = max(TimeGenerated)\n"
- + " | where isnotempty(Time)")))
- .withConnectivityCriteria(
- Arrays
- .asList(
- new CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem()
- .withType(ConnectivityType.fromString("SentinelKindsV2"))
- .withValue(Arrays.asList())))
- .withAvailability(new Availability().withStatus(AvailabilityStatus.ONE).withIsPreview(true))
- .withPermissions(
- new Permissions()
- .withResourceProvider(
- Arrays
- .asList(
- new PermissionsResourceProviderItem()
- .withProvider(
- ProviderName.MICROSOFT_OPERATIONAL_INSIGHTS_WORKSPACES)
- .withPermissionsDisplayText(
- "read and write permissions are required.")
- .withProviderDisplayName("Workspace")
- .withScope(PermissionProviderScope.WORKSPACE)
- .withRequiredPermissions(
- new RequiredPermissions()
- .withWrite(true)
- .withRead(true)
- .withDelete(true))))
- .withCustoms(
- Arrays
- .asList(
- new PermissionsCustomsItem()
- .withName("GitHub API personal token Key")
- .withDescription(
- "You need access to GitHub personal token, the key should have"
- + " 'admin:org' scope"))))
- .withInstructionSteps(
- Arrays
- .asList(
- new CodelessUiConnectorConfigPropertiesInstructionStepsItem()
- .withTitle("Connect GitHub Enterprise Audit Log to Azure Sentinel")
- .withDescription(
- "Enable GitHub audit Logs. \n"
- + " Follow"
- + " [this](https://docs.github.com/en/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token)"
- + " to create or find your personal key")
- .withInstructions(
- Arrays
- .asList(
- new InstructionStepsInstructionsItem()
- .withParameters(
- SerializerFactory
- .createDefaultManagementSerializerAdapter()
- .deserialize(
- "{\"enable\":\"true\",\"userRequestPlaceHoldersInput\":[{\"displayText\":\"Organization"
- + " Name\",\"placeHolderName\":\"{{placeHolder1}}\",\"placeHolderValue\":\"\",\"requestObjectKey\":\"apiEndpoint\"}]}",
- Object.class,
- SerializerEncoding.JSON))
- .withType(SettingType.fromString("APIKey")))))))
- .withPollingConfig(
- new CodelessConnectorPollingConfigProperties()
- .withAuth(
- new CodelessConnectorPollingAuthProperties()
- .withAuthType("APIKey")
- .withApiKeyName("Authorization")
- .withApiKeyIdentifier("token"))
- .withRequest(
- new CodelessConnectorPollingRequestProperties()
- .withApiEndpoint("https://api.github.com/organizations/{{placeHolder1}}/audit-log")
- .withRateLimitQps(50)
- .withQueryWindowInMin(15)
- .withHttpMethod("Get")
- .withQueryTimeFormat("yyyy-MM-ddTHH:mm:ssZ")
- .withRetryCount(2)
- .withTimeoutInSeconds(60)
- .withHeaders(
- SerializerFactory
- .createDefaultManagementSerializerAdapter()
- .deserialize(
- "{\"Accept\":\"application/json\",\"User-Agent\":\"Scuba\"}",
- Object.class,
- SerializerEncoding.JSON))
- .withQueryParameters(
- SerializerFactory
- .createDefaultManagementSerializerAdapter()
- .deserialize(
- "{\"phrase\":\"created:{_QueryWindowStartTime}..{_QueryWindowEndTime}\"}",
- Object.class,
- SerializerEncoding.JSON)))
- .withPaging(
- new CodelessConnectorPollingPagingProperties()
- .withPagingType("LinkHeader")
- .withPageSizeParaName("per_page"))
- .withResponse(
- new CodelessConnectorPollingResponseProperties()
- .withEventsJsonPaths(Arrays.asList("$")))),
- Context.NONE);
+ .entities()
+ .getWithResponse(
+ "myRg", "myWorkspace", "f4e74920-f2c0-4412-a45f-66d94fdf01f8", com.azure.core.util.Context.NONE);
}
-}
-```
-
-### DataConnectors_Delete
-```java
-import com.azure.core.util.Context;
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetFileHashEntityById.json
+ */
+ /**
+ * Sample code: Get a file hash entity.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAFileHashEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .entities()
+ .getWithResponse(
+ "myRg", "myWorkspace", "ea359fa6-c1e5-f878-e105-6344f3e399a1", com.azure.core.util.Context.NONE);
+ }
-/** Samples for DataConnectors Delete. */
-public final class DataConnectorsDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/DeleteOffice365ProjectDataConnetor.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetIoTDeviceEntityById.json
*/
/**
- * Sample code: Delete an Office365 Project data connector.
+ * Sample code: Get an IoT device entity.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void deleteAnOffice365ProjectDataConnector(
+ public static void getAnIoTDeviceEntity(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .deleteWithResponse("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", Context.NONE);
+ .entities()
+ .getWithResponse(
+ "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", com.azure.core.util.Context.NONE);
}
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/DeleteGenericUI.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetRegistryKeyEntityById.json
*/
/**
- * Sample code: Delete a GenericUI data connector.
+ * Sample code: Get a registry key entity.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void deleteAGenericUIDataConnector(
+ public static void getARegistryKeyEntity(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .deleteWithResponse("myRg", "myWorkspace", "316ec55e-7138-4d63-ab18-90c8a60fd1c8", Context.NONE);
+ .entities()
+ .getWithResponse(
+ "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", com.azure.core.util.Context.NONE);
}
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/DeleteOfficeDataConnetor.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetMailboxEntityById.json
*/
/**
- * Sample code: Delete an Office365 data connector.
+ * Sample code: Get a mailbox entity.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void deleteAnOffice365DataConnector(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void getAMailboxEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .deleteWithResponse("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", Context.NONE);
+ .entities()
+ .getWithResponse(
+ "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", com.azure.core.util.Context.NONE);
}
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/DeleteOfficePowerBIDataConnetor.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetMalwareEntityById.json
*/
/**
- * Sample code: Delete an Office PowerBI data connector.
+ * Sample code: Get a malware entity.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void deleteAnOfficePowerBIDataConnector(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void getAMalwareEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .deleteWithResponse("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", Context.NONE);
+ .entities()
+ .getWithResponse(
+ "myRg", "myWorkspace", "af378b21-b4aa-4fe7-bc70-13f8621a322f", com.azure.core.util.Context.NONE);
}
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/DeleteAPIPolling.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetSecurityAlertEntityById.json
*/
/**
- * Sample code: Delete a APIPolling data connector.
+ * Sample code: Get a security alert entity.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void deleteAAPIPollingDataConnector(
+ public static void getASecurityAlertEntity(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .deleteWithResponse("myRg", "myWorkspace", "316ec55e-7138-4d63-ab18-90c8a60fd1c8", Context.NONE);
+ .entities()
+ .getWithResponse(
+ "myRg", "myWorkspace", "4aa486e0-6f85-41af-99ea-7acdce7be6c8", com.azure.core.util.Context.NONE);
}
-}
-```
-### DataConnectors_Disconnect
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetIpEntityById.json
+ */
+ /**
+ * Sample code: Get an ip entity.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAnIpEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .entities()
+ .getWithResponse(
+ "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", com.azure.core.util.Context.NONE);
+ }
-```java
-import com.azure.core.util.Context;
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetAccountEntityById.json
+ */
+ /**
+ * Sample code: Get an account entity.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAnAccountEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .entities()
+ .getWithResponse(
+ "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", com.azure.core.util.Context.NONE);
+ }
-/** Samples for DataConnectors Disconnect. */
-public final class DataConnectorsDisconnectSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/DisconnectAPIPolling.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetCloudApplicationEntityById.json
*/
/**
- * Sample code: Disconnect an APIPolling data connector.
+ * Sample code: Get a cloud application entity.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void disconnectAnAPIPollingDataConnector(
+ public static void getACloudApplicationEntity(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .disconnectWithResponse("myRg", "myWorkspace", "316ec55e-7138-4d63-ab18-90c8a60fd1c8", Context.NONE);
+ .entities()
+ .getWithResponse(
+ "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", com.azure.core.util.Context.NONE);
}
-}
-```
-
-### DataConnectors_Get
-```java
-import com.azure.core.util.Context;
-
-/** Samples for DataConnectors Get. */
-public final class DataConnectorsGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetOffice365ProjectDataConnetorById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetFileEntityById.json
*/
/**
- * Sample code: Get an Office365 Project data connector.
+ * Sample code: Get a file entity.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAnOffice365ProjectDataConnector(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void getAFileEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .getWithResponse("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", Context.NONE);
+ .entities()
+ .getWithResponse(
+ "myRg", "myWorkspace", "af378b21-b4aa-4fe7-bc70-13f8621a322f", com.azure.core.util.Context.NONE);
}
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetGenericUI.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetRegistryValueEntityById.json
*/
/**
- * Sample code: Get a GenericUI data connector.
+ * Sample code: Get a registry value entity.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAGenericUIDataConnector(
+ public static void getARegistryValueEntity(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .getWithResponse("myRg", "myWorkspace", "316ec55e-7138-4d63-ab18-90c8a60fd1c8", Context.NONE);
+ .entities()
+ .getWithResponse(
+ "myRg", "myWorkspace", "dc44bd11-b348-4d76-ad29-37bf7aa41356", com.azure.core.util.Context.NONE);
}
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetOffice365AdvancedThreatProtectionById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetUrlEntityById.json
*/
/**
- * Sample code: Get an Office ATP data connector.
+ * Sample code: Get a url entity.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAnOfficeATPDataConnector(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void getAUrlEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .getWithResponse("myRg", "myWorkspace", "3d3e955e-33eb-401d-89a7-251c81ddd660", Context.NONE);
+ .entities()
+ .getWithResponse(
+ "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", com.azure.core.util.Context.NONE);
}
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetIoTById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetMailClusterEntityById.json
*/
/**
- * Sample code: Get a IoT data connector.
+ * Sample code: Get a mailCluster entity.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAIoTDataConnector(
+ public static void getAMailClusterEntity(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .getWithResponse("myRg", "myWorkspace", "d2e5dc7a-f3a2-429d-954b-939fa8c2932e", Context.NONE);
+ .entities()
+ .getWithResponse(
+ "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", com.azure.core.util.Context.NONE);
}
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetMicrosoftCloudAppSecurityById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetSecurityGroupEntityById.json
*/
/**
- * Sample code: Get a MCAS data connector.
+ * Sample code: Get a security group entity.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAMCASDataConnector(
+ public static void getASecurityGroupEntity(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .getWithResponse("myRg", "myWorkspace", "b96d014d-b5c2-4a01-9aba-a8058f629d42", Context.NONE);
+ .entities()
+ .getWithResponse(
+ "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", com.azure.core.util.Context.NONE);
}
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetThreatIntelligenceTaxiiById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetMailMessageEntityById.json
*/
/**
- * Sample code: Get a TI Taxii data connector.
+ * Sample code: Get a mailMessage entity.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getATITaxiiDataConnector(
+ public static void getAMailMessageEntity(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .getWithResponse("myRg", "myWorkspace", "c39bb458-02a7-4b3f-b0c8-71a1d2692652", Context.NONE);
+ .entities()
+ .getWithResponse(
+ "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", com.azure.core.util.Context.NONE);
}
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetMicrosoftThreatIntelligenceById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetAzureResourceEntityById.json
*/
/**
- * Sample code: Get a MicrosoftThreatIntelligence data connector.
+ * Sample code: Get an azure resource entity.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAMicrosoftThreatIntelligenceDataConnector(
+ public static void getAnAzureResourceEntity(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .getWithResponse("myRg", "myWorkspace", "c345bf40-8509-4ed2-b947-50cb773aaf04", Context.NONE);
+ .entities()
+ .getWithResponse(
+ "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", com.azure.core.util.Context.NONE);
}
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetAzureSecurityCenterById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetHostEntityById.json
*/
/**
- * Sample code: Get a ASC data connector.
+ * Sample code: Get a host entity.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAASCDataConnector(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void getAHostEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .getWithResponse("myRg", "myWorkspace", "763f9fa1-c2d3-4fa2-93e9-bccd4899aa12", Context.NONE);
+ .entities()
+ .getWithResponse(
+ "myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", com.azure.core.util.Context.NONE);
}
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetThreatIntelligenceById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetProcessEntityById.json
*/
/**
- * Sample code: Get a TI data connector.
+ * Sample code: Get a process entity.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getATIDataConnector(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void getAProcessEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .getWithResponse("myRg", "myWorkspace", "c345bf40-8509-4ed2-b947-50cb773aaf04", Context.NONE);
+ .entities()
+ .getWithResponse(
+ "myRg", "myWorkspace", "7264685c-038c-42c6-948c-38e14ef1fb98", com.azure.core.util.Context.NONE);
}
+}
+```
+
+### Entities_GetInsights
+
+```java
+import com.azure.resourcemanager.securityinsights.models.EntityGetInsightsParameters;
+import java.time.OffsetDateTime;
+import java.util.Arrays;
+import java.util.UUID;
+/** Samples for Entities GetInsights. */
+public final class EntitiesGetInsightsSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetAmazonWebServicesCloudTrailById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/insights/PostGetInsights.json
*/
/**
- * Sample code: Get an AwsCloudTrail data connector.
+ * Sample code: Entity Insight.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAnAwsCloudTrailDataConnector(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void entityInsight(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .getWithResponse("myRg", "myWorkspace", "c345bf40-8509-4ed2-b947-50cb773aaf04", Context.NONE);
+ .entities()
+ .getInsightsWithResponse(
+ "myRg",
+ "myWorkspace",
+ "e1d3d618-e11f-478b-98e3-bb381539a8e1",
+ new EntityGetInsightsParameters()
+ .withStartTime(OffsetDateTime.parse("2021-09-01T00:00:00.000Z"))
+ .withEndTime(OffsetDateTime.parse("2021-10-01T00:00:00.000Z"))
+ .withAddDefaultExtendedTimeRange(false)
+ .withInsightQueryIds(Arrays.asList(UUID.fromString("cae8d0aa-aa45-4d53-8d88-17dd64ffd4e4"))),
+ com.azure.core.util.Context.NONE);
}
+}
+```
+### Entities_List
+
+```java
+/** Samples for Entities List. */
+public final class EntitiesListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetMicrosoftDefenderAdvancedThreatProtectionById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetEntities.json
*/
/**
- * Sample code: Get a MDATP data connector.
+ * Sample code: Get all entities.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAMDATPDataConnector(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager
- .dataConnectors()
- .getWithResponse("myRg", "myWorkspace", "06b3ccb8-1384-4bcc-aec7-852f6d57161b", Context.NONE);
+ public static void getAllEntities(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager.entities().list("myRg", "myWorkspace", com.azure.core.util.Context.NONE);
}
+}
+```
+
+### Entities_Queries
+```java
+import com.azure.resourcemanager.securityinsights.models.EntityItemQueryKind;
+
+/** Samples for Entities Queries. */
+public final class EntitiesQueriesSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetMicrosoftThreatProtectionById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/GetQueries.json
*/
/**
- * Sample code: Get a MicrosoftThreatProtection data connector.
+ * Sample code: Get Entity Query.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAMicrosoftThreatProtectionDataConnector(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void getEntityQuery(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .getWithResponse("myRg", "myWorkspace", "c345bf40-8509-4ed2-b947-50cb773aaf04", Context.NONE);
+ .entities()
+ .queriesWithResponse(
+ "myRg",
+ "myWorkspace",
+ "e1d3d618-e11f-478b-98e3-bb381539a8e1",
+ EntityItemQueryKind.INSIGHT,
+ com.azure.core.util.Context.NONE);
}
+}
+```
+
+### Entities_RunPlaybook
+```java
+/** Samples for Entities RunPlaybook. */
+public final class EntitiesRunPlaybookSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetAzureActiveDirectoryById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/manualTrigger/Entities_RunPlaybook.json
*/
/**
- * Sample code: Get an AAD data connector.
+ * Sample code: Entities_RunPlaybook.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAnAADDataConnector(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void entitiesRunPlaybook(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .getWithResponse("myRg", "myWorkspace", "f0cd27d2-5f03-4c06-ba31-d2dc82dcb51d", Context.NONE);
+ .entities()
+ .runPlaybookWithResponse(
+ "myRg", "myWorkspace", "72e01a22-5cd2-4139-a149-9f2736ff2ar2", null, com.azure.core.util.Context.NONE);
}
+}
+```
+
+### EntitiesGetTimeline_List
+
+```java
+import com.azure.resourcemanager.securityinsights.models.EntityTimelineParameters;
+import java.time.OffsetDateTime;
+/** Samples for EntitiesGetTimeline List. */
+public final class EntitiesGetTimelineListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetAzureAdvancedThreatProtectionById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/timeline/PostTimelineEntity.json
*/
/**
- * Sample code: Get an AATP data connector.
+ * Sample code: Entity timeline.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAnAATPDataConnector(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void entityTimeline(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .getWithResponse("myRg", "myWorkspace", "07e42cb3-e658-4e90-801c-efa0f29d3d44", Context.NONE);
+ .entitiesGetTimelines()
+ .listWithResponse(
+ "myRg",
+ "myWorkspace",
+ "e1d3d618-e11f-478b-98e3-bb381539a8e1",
+ new EntityTimelineParameters()
+ .withStartTime(OffsetDateTime.parse("2021-09-01T00:00:00.000Z"))
+ .withEndTime(OffsetDateTime.parse("2021-10-01T00:00:00.000Z"))
+ .withNumberOfBucket(4),
+ com.azure.core.util.Context.NONE);
}
+}
+```
+
+### EntitiesRelations_List
+```java
+/** Samples for EntitiesRelations List. */
+public final class EntitiesRelationsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetAPIPolling.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/relations/GetAllEntityRelations.json
*/
/**
- * Sample code: Get a APIPolling data connector.
+ * Sample code: Get all relations of an entity.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAAPIPollingDataConnector(
+ public static void getAllRelationsOfAnEntity(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .getWithResponse("myRg", "myWorkspace", "316ec55e-7138-4d63-ab18-90c8a60fd1c8", Context.NONE);
+ .entitiesRelations()
+ .list(
+ "myRg",
+ "myWorkspace",
+ "afbd324f-6c48-459c-8710-8d1e1cd03812",
+ null,
+ null,
+ null,
+ null,
+ com.azure.core.util.Context.NONE);
}
+}
+```
+
+### EntityQueries_CreateOrUpdate
+
+```java
+import com.azure.resourcemanager.securityinsights.models.ActivityCustomEntityQuery;
+import com.azure.resourcemanager.securityinsights.models.ActivityEntityQueriesPropertiesQueryDefinitions;
+import com.azure.resourcemanager.securityinsights.models.EntityType;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+/** Samples for EntityQueries CreateOrUpdate. */
+public final class EntityQueriesCreateOrUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetMicrosoftInsiderRiskManagementById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entityQueries/CreateEntityQueryActivity.json
*/
/**
- * Sample code: Get an Office IRM data connector.
+ * Sample code: Creates or updates an Activity entity query.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAnOfficeIRMDataConnector(
+ public static void createsOrUpdatesAnActivityEntityQuery(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .getWithResponse("myRg", "myWorkspace", "3d3e955e-33eb-401d-89a7-251c81ddd660", Context.NONE);
+ .entityQueries()
+ .createOrUpdateWithResponse(
+ "myRg",
+ "myWorkspace",
+ "07da3cc8-c8ad-4710-a44e-334cdcb7882b",
+ new ActivityCustomEntityQuery()
+ .withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\"")
+ .withTitle("An account was deleted on this host")
+ .withContent("On '{{Computer}}' the account '{{TargetAccount}}' was deleted by '{{AddedBy}}'")
+ .withDescription("Account deleted on host")
+ .withQueryDefinitions(
+ new ActivityEntityQueriesPropertiesQueryDefinitions()
+ .withQuery(
+ "let GetAccountActions = (v_Host_Name:string, v_Host_NTDomain:string,"
+ + " v_Host_DnsDomain:string, v_Host_AzureID:string, v_Host_OMSAgentID:string){\n"
+ + "SecurityEvent\n"
+ + "| where EventID in (4725, 4726, 4767, 4720, 4722, 4723, 4724)\n"
+ + "// parsing for Host to handle variety of conventions coming from data\n"
+ + "| extend Host_HostName = case(\n"
+ + "Computer has '@', tostring(split(Computer, '@')[0]),\n"
+ + "Computer has '\\\\', tostring(split(Computer, '\\\\')[1]),\n"
+ + "Computer has '.', tostring(split(Computer, '.')[0]),\n"
+ + "Computer\n"
+ + ")\n"
+ + "| extend Host_NTDomain = case(\n"
+ + "Computer has '\\\\', tostring(split(Computer, '\\\\')[0]), \n"
+ + "Computer has '.', tostring(split(Computer, '.')[-2]), \n"
+ + "Computer\n"
+ + ")\n"
+ + "| extend Host_DnsDomain = case(\n"
+ + "Computer has '\\\\', tostring(split(Computer, '\\\\')[0]), \n"
+ + "Computer has '.', strcat_array(array_slice(split(Computer,'.'),-2,-1),'.'), \n"
+ + "Computer\n"
+ + ")\n"
+ + "| where (Host_HostName =~ v_Host_Name and Host_NTDomain =~ v_Host_NTDomain) \n"
+ + "or (Host_HostName =~ v_Host_Name and Host_DnsDomain =~ v_Host_DnsDomain) \n"
+ + "or v_Host_AzureID =~ _ResourceId \n"
+ + "or v_Host_OMSAgentID == SourceComputerId\n"
+ + "| project TimeGenerated, EventID, Activity, Computer, TargetAccount,"
+ + " TargetUserName, TargetDomainName, TargetSid, SubjectUserName, SubjectUserSid,"
+ + " _ResourceId, SourceComputerId\n"
+ + "| extend AddedBy = SubjectUserName\n"
+ + "// Future support for Activities\n"
+ + "| extend timestamp = TimeGenerated, HostCustomEntity = Computer,"
+ + " AccountCustomEntity = TargetAccount\n"
+ + "};\n"
+ + "GetAccountActions('{{Host_HostName}}', '{{Host_NTDomain}}',"
+ + " '{{Host_DnsDomain}}', '{{Host_AzureID}}', '{{Host_OMSAgentID}}')\n"
+ + " \n"
+ + "| where EventID == 4726 "))
+ .withInputEntityType(EntityType.HOST)
+ .withRequiredInputFieldsSets(
+ Arrays
+ .asList(
+ Arrays.asList("Host_HostName", "Host_NTDomain"),
+ Arrays.asList("Host_HostName", "Host_DnsDomain"),
+ Arrays.asList("Host_AzureID"),
+ Arrays.asList("Host_OMSAgentID")))
+ .withEntitiesFilter(mapOf("Host_OsFamily", Arrays.asList("Windows")))
+ .withEnabled(true),
+ com.azure.core.util.Context.NONE);
}
- /*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetDynamics365DataConnectorById.json
- */
- /**
- * Sample code: Get a Dynamics365 data connector.
- *
- * @param manager Entry point to SecurityInsightsManager.
- */
- public static void getADynamics365DataConnector(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager
- .dataConnectors()
- .getWithResponse("myRg", "myWorkspace", "c2541efb-c9a6-47fe-9501-87d1017d1512", Context.NONE);
+ // Use "Map.of" if available
+ @SuppressWarnings("unchecked")
+ private static Map mapOf(Object... inputs) {
+ Map map = new HashMap<>();
+ for (int i = 0; i < inputs.length; i += 2) {
+ String key = (String) inputs[i];
+ T value = (T) inputs[i + 1];
+ map.put(key, value);
+ }
+ return map;
}
+}
+```
+
+### EntityQueries_Delete
+```java
+/** Samples for EntityQueries Delete. */
+public final class EntityQueriesDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetOfficeDataConnetorById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entityQueries/DeleteEntityQuery.json
*/
/**
- * Sample code: Get an Office365 data connector.
+ * Sample code: Delete an entity query.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAnOffice365DataConnector(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void deleteAnEntityQuery(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .getWithResponse("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", Context.NONE);
+ .entityQueries()
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "07da3cc8-c8ad-4710-a44e-334cdcb7882b", com.azure.core.util.Context.NONE);
}
+}
+```
+
+### EntityQueries_Get
+```java
+/** Samples for EntityQueries Get. */
+public final class EntityQueriesGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetAmazonWebServicesS3ById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entityQueries/GetActivityEntityQueryById.json
*/
/**
- * Sample code: Get an Aws S3 data connector.
+ * Sample code: Get an Activity entity query.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAnAwsS3DataConnector(
+ public static void getAnActivityEntityQuery(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .getWithResponse("myRg", "myWorkspace", "afef3743-0c88-469c-84ff-ca2e87dc1e48", Context.NONE);
+ .entityQueries()
+ .getWithResponse(
+ "myRg", "myWorkspace", "07da3cc8-c8ad-4710-a44e-334cdcb7882b", com.azure.core.util.Context.NONE);
}
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetOfficePowerBIDataConnetorById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entityQueries/GetExpansionEntityQueryById.json
*/
/**
- * Sample code: Get an Office365 PowerBI data connector.
+ * Sample code: Get an Expansion entity query.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAnOffice365PowerBIDataConnector(
+ public static void getAnExpansionEntityQuery(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectors()
- .getWithResponse("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", Context.NONE);
+ .entityQueries()
+ .getWithResponse(
+ "myRg", "myWorkspace", "07da3cc8-c8ad-4710-a44e-334cdcb7882b", com.azure.core.util.Context.NONE);
}
}
```
-### DataConnectors_List
+### EntityQueries_List
```java
-import com.azure.core.util.Context;
+import com.azure.resourcemanager.securityinsights.models.EntityQueriesKind;
-/** Samples for DataConnectors List. */
-public final class DataConnectorsListSamples {
+/** Samples for EntityQueries List. */
+public final class EntityQueriesListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/GetDataConnectors.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entityQueries/GetEntityQueries.json
*/
/**
- * Sample code: Get all data connectors.
+ * Sample code: Get all entity queries.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllDataConnectors(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.dataConnectors().list("myRg", "myWorkspace", Context.NONE);
+ public static void getAllEntityQueries(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .entityQueries()
+ .list("myRg", "myWorkspace", EntityQueriesKind.EXPANSION, com.azure.core.util.Context.NONE);
}
}
```
-### DataConnectorsCheckRequirementsOperation_Post
+### EntityQueryTemplates_Get
```java
-import com.azure.core.util.Context;
-import com.azure.resourcemanager.securityinsights.models.AadCheckRequirements;
-import com.azure.resourcemanager.securityinsights.models.AscCheckRequirements;
-import com.azure.resourcemanager.securityinsights.models.Dynamics365CheckRequirements;
-import com.azure.resourcemanager.securityinsights.models.IoTCheckRequirements;
-import com.azure.resourcemanager.securityinsights.models.McasCheckRequirements;
-import com.azure.resourcemanager.securityinsights.models.MstiCheckRequirements;
-import com.azure.resourcemanager.securityinsights.models.MtpCheckRequirements;
-import com.azure.resourcemanager.securityinsights.models.Office365ProjectCheckRequirements;
-import com.azure.resourcemanager.securityinsights.models.OfficeAtpCheckRequirements;
-import com.azure.resourcemanager.securityinsights.models.OfficeIrmCheckRequirements;
-import com.azure.resourcemanager.securityinsights.models.OfficePowerBICheckRequirements;
-import com.azure.resourcemanager.securityinsights.models.TICheckRequirements;
-import com.azure.resourcemanager.securityinsights.models.TiTaxiiCheckRequirements;
-
-/** Samples for DataConnectorsCheckRequirementsOperation Post. */
-public final class DataConnectorsCheckRequirementsOperationPostSamples {
+/** Samples for EntityQueryTemplates Get. */
+public final class EntityQueryTemplatesGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsOfficeATP.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entityQueryTemplates/GetActivityEntityQueryTemplateById.json
*/
/**
- * Sample code: Check requirements for OfficeATP.
+ * Sample code: Get an Activity entity query template.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void checkRequirementsForOfficeATP(
+ public static void getAnActivityEntityQueryTemplate(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectorsCheckRequirementsOperations()
- .postWithResponse("myRg", "myWorkspace", new OfficeAtpCheckRequirements(), Context.NONE);
+ .entityQueryTemplates()
+ .getWithResponse(
+ "myRg", "myWorkspace", "07da3cc8-c8ad-4710-a44e-334cdcb7882b", com.azure.core.util.Context.NONE);
}
+}
+```
- /*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsOffice365Project.json
- */
- /**
- * Sample code: Check requirements for Office365Project.
- *
- * @param manager Entry point to SecurityInsightsManager.
- */
- public static void checkRequirementsForOffice365Project(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager
- .dataConnectorsCheckRequirementsOperations()
- .postWithResponse("myRg", "myWorkspace", new Office365ProjectCheckRequirements(), Context.NONE);
- }
+### EntityQueryTemplates_List
- /*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsAzureActiveDirectory.json
- */
- /**
- * Sample code: Check requirements for AAD.
- *
- * @param manager Entry point to SecurityInsightsManager.
- */
- public static void checkRequirementsForAAD(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager
- .dataConnectorsCheckRequirementsOperations()
- .postWithResponse("myRg", "myWorkspace", new AadCheckRequirements(), Context.NONE);
- }
+```java
+import com.azure.resourcemanager.securityinsights.models.Constant106;
+/** Samples for EntityQueryTemplates List. */
+public final class EntityQueryTemplatesListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsMicrosoftCloudAppSecurity.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entityQueryTemplates/GetEntityQueryTemplates.json
*/
/**
- * Sample code: Check requirements for Mcas.
+ * Sample code: Get all entity query templates.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void checkRequirementsForMcas(
+ public static void getAllEntityQueryTemplates(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectorsCheckRequirementsOperations()
- .postWithResponse("myRg", "myWorkspace", new McasCheckRequirements(), Context.NONE);
+ .entityQueryTemplates()
+ .list("myRg", "myWorkspace", Constant106.ACTIVITY, com.azure.core.util.Context.NONE);
}
+}
+```
+
+### EntityRelations_GetRelation
+```java
+/** Samples for EntityRelations GetRelation. */
+public final class EntityRelationsGetRelationSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsIoT.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/entities/relations/GetEntityRelationByName.json
*/
/**
- * Sample code: Check requirements for IoT.
+ * Sample code: Get an entity relation.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void checkRequirementsForIoT(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void getAnEntityRelation(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectorsCheckRequirementsOperations()
- .postWithResponse(
+ .entityRelations()
+ .getRelationWithResponse(
"myRg",
"myWorkspace",
- new IoTCheckRequirements().withSubscriptionId("c0688291-89d7-4bed-87a2-a7b1bff43f4c"),
- Context.NONE);
+ "afbd324f-6c48-459c-8710-8d1e1cd03812",
+ "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014",
+ com.azure.core.util.Context.NONE);
}
+}
+```
- /*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsMdatp.json
- */
- /**
- * Sample code: Check requirements for Mdatp.
- *
- * @param manager Entry point to SecurityInsightsManager.
- */
- public static void checkRequirementsForMdatp(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager
- .dataConnectorsCheckRequirementsOperations()
- .postWithResponse("myRg", "myWorkspace", new McasCheckRequirements(), Context.NONE);
- }
+### FileImports_Create
- /*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsAzureActiveDirectoryNoAuthorization.json
- */
- /**
- * Sample code: Check requirements for AAD - no authorization.
- *
- * @param manager Entry point to SecurityInsightsManager.
- */
- public static void checkRequirementsForAADNoAuthorization(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager
- .dataConnectorsCheckRequirementsOperations()
- .postWithResponse("myRg", "myWorkspace", new AadCheckRequirements(), Context.NONE);
- }
+```java
+import com.azure.resourcemanager.securityinsights.models.FileFormat;
+import com.azure.resourcemanager.securityinsights.models.FileImportContentType;
+import com.azure.resourcemanager.securityinsights.models.FileMetadata;
+import com.azure.resourcemanager.securityinsights.models.IngestionMode;
+/** Samples for FileImports Create. */
+public final class FileImportsCreateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsAzureSecurityCenter.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/fileImports/CreateFileImport.json
*/
/**
- * Sample code: Check requirements for ASC.
+ * Sample code: Create a file import.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void checkRequirementsForASC(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void createAFileImport(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectorsCheckRequirementsOperations()
- .postWithResponse(
- "myRg",
- "myWorkspace",
- new AscCheckRequirements().withSubscriptionId("c0688291-89d7-4bed-87a2-a7b1bff43f4c"),
- Context.NONE);
+ .fileImports()
+ .define("73e01a99-5cd7-4139-a149-9f2736ff2ab5")
+ .withExistingWorkspace("myRg", "myWorkspace")
+ .withIngestionMode(IngestionMode.INGEST_ANY_VALID_RECORDS)
+ .withContentType(FileImportContentType.STIX_INDICATOR)
+ .withImportFile(
+ new FileMetadata().withFileFormat(FileFormat.JSON).withFileName("myFile.json").withFileSize(4653))
+ .withSource("mySource")
+ .create();
}
+}
+```
+
+### FileImports_Delete
+```java
+/** Samples for FileImports Delete. */
+public final class FileImportsDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsMicrosoftThreatProtection.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/fileImports/DeleteFileImport.json
*/
/**
- * Sample code: Check requirements for MicrosoftThreatProtection.
+ * Sample code: Delete a file import.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void checkRequirementsForMicrosoftThreatProtection(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void deleteAFileImport(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectorsCheckRequirementsOperations()
- .postWithResponse("myRg", "myWorkspace", new MtpCheckRequirements(), Context.NONE);
+ .fileImports()
+ .delete("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
}
+}
+```
+
+### FileImports_Get
+```java
+/** Samples for FileImports Get. */
+public final class FileImportsGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsThreatIntelligenceTaxii.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/fileImports/GetFileImportById.json
*/
/**
- * Sample code: Check requirements for TI Taxii.
+ * Sample code: Get a file import.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void checkRequirementsForTITaxii(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void getAFileImport(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectorsCheckRequirementsOperations()
- .postWithResponse("myRg", "myWorkspace", new TiTaxiiCheckRequirements(), Context.NONE);
+ .fileImports()
+ .getWithResponse(
+ "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
}
+}
+```
+### FileImports_List
+
+```java
+/** Samples for FileImports List. */
+public final class FileImportsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsOfficeIRM.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/fileImports/GetFileImports.json
*/
/**
- * Sample code: Check requirements for OfficeIRM.
+ * Sample code: Get all file imports.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void checkRequirementsForOfficeIRM(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void getAllFileImports(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectorsCheckRequirementsOperations()
- .postWithResponse("myRg", "myWorkspace", new OfficeIrmCheckRequirements(), Context.NONE);
+ .fileImports()
+ .list(
+ "myRg",
+ "myWorkspace",
+ null,
+ "properties/createdTimeUtc desc",
+ 1,
+ null,
+ com.azure.core.util.Context.NONE);
}
+}
+```
+### Get_SingleRecommendation
+
+```java
+import java.util.UUID;
+
+/** Samples for Get SingleRecommendation. */
+public final class GetSingleRecommendationSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsMicrosoftThreatIntelligence.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/recommendations/GetRecommendation.json
*/
/**
- * Sample code: Check requirements for MicrosoftThreatIntelligence.
+ * Sample code: Get a recommendation.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void checkRequirementsForMicrosoftThreatIntelligence(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void getARecommendation(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectorsCheckRequirementsOperations()
- .postWithResponse("myRg", "myWorkspace", new MstiCheckRequirements(), Context.NONE);
+ .gets()
+ .singleRecommendationWithResponse(
+ "myRg",
+ "myWorkspace",
+ UUID.fromString("6d4b54eb-8684-4aa3-a156-3aa37b8014bc"),
+ com.azure.core.util.Context.NONE);
}
+}
+```
+### GetRecommendations_List
+
+```java
+/** Samples for GetRecommendations List. */
+public final class GetRecommendationsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsOfficePowerBI.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/recommendations/GetRecommendations.json
*/
/**
- * Sample code: Check requirements for OfficePowerBI.
+ * Sample code: Get Recommendations list.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void checkRequirementsForOfficePowerBI(
+ public static void getRecommendationsList(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager
- .dataConnectorsCheckRequirementsOperations()
- .postWithResponse("myRg", "myWorkspace", new OfficePowerBICheckRequirements(), Context.NONE);
+ manager.getRecommendations().listWithResponse("myRg", "myWorkspace", com.azure.core.util.Context.NONE);
}
+}
+```
+### GetTriggeredAnalyticsRuleRuns_List
+
+```java
+/** Samples for GetTriggeredAnalyticsRuleRuns List. */
+public final class GetTriggeredAnalyticsRuleRunsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsDynamics365.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/triggeredAnalyticsRuleRuns/triggeredAnalyticsRuleRuns_Get.json
*/
/**
- * Sample code: Check requirements for Dynamics365.
+ * Sample code: triggeredAnalyticsRuleRuns_Get.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void checkRequirementsForDynamics365(
+ public static void triggeredAnalyticsRuleRunsGet(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager
- .dataConnectorsCheckRequirementsOperations()
- .postWithResponse("myRg", "myWorkspace", new Dynamics365CheckRequirements(), Context.NONE);
+ manager.getTriggeredAnalyticsRuleRuns().list("myRg", "myWorkspace", com.azure.core.util.Context.NONE);
}
+}
+```
+### HuntComments_CreateOrUpdate
+
+```java
+/** Samples for HuntComments CreateOrUpdate. */
+public final class HuntCommentsCreateOrUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsAzureActiveDirectoryNoLicense.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/hunts/CreateHuntComment.json
*/
/**
- * Sample code: Check requirements for AAD - no license.
+ * Sample code: Creates or updates a hunt comment.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void checkRequirementsForAADNoLicense(
+ public static void createsOrUpdatesAHuntComment(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectorsCheckRequirementsOperations()
- .postWithResponse("myRg", "myWorkspace", new AadCheckRequirements(), Context.NONE);
+ .huntComments()
+ .define("2216d0e1-91e3-4902-89fd-d2df8c535096")
+ .withExistingHunt("myRg", "myWorkspace", "163e7b2a-a2ec-4041-aaba-d878a38f265f")
+ .withMessage("This is a test comment.")
+ .create();
}
+}
+```
+### HuntComments_Delete
+
+```java
+/** Samples for HuntComments Delete. */
+public final class HuntCommentsDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/dataConnectors/CheckRequirementsThreatIntelligence.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/hunts/DeleteHuntComment.json
*/
/**
- * Sample code: Check requirements for TI.
+ * Sample code: Delete a hunt comment.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void checkRequirementsForTI(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void deleteAHuntComment(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .dataConnectorsCheckRequirementsOperations()
- .postWithResponse("myRg", "myWorkspace", new TICheckRequirements(), Context.NONE);
+ .huntComments()
+ .deleteWithResponse(
+ "myRg",
+ "myWorkspace",
+ "163e7b2a-a2ec-4041-aaba-d878a38f265f",
+ "2216d0e1-91e3-4902-89fd-d2df8c123456",
+ com.azure.core.util.Context.NONE);
}
}
```
-### DomainWhois_Get
+### HuntComments_Get
```java
-import com.azure.core.util.Context;
-
-/** Samples for DomainWhois Get. */
-public final class DomainWhoisGetSamples {
+/** Samples for HuntComments Get. */
+public final class HuntCommentsGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/enrichment/GetWhoisByDomainName.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/hunts/GetHuntCommentById.json
*/
/**
- * Sample code: Get whois information for a single domain name.
+ * Sample code: Get a hunt comment.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getWhoisInformationForASingleDomainName(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.domainWhois().getWithResponse("myRg", "microsoft.com", Context.NONE);
+ public static void getAHuntComment(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .huntComments()
+ .getWithResponse(
+ "myRg",
+ "myWorkspace",
+ "163e7b2a-a2ec-4041-aaba-d878a38f265f",
+ "2216d0e1-91e3-4902-89fd-d2df8c535096",
+ com.azure.core.util.Context.NONE);
}
}
```
-### Entities_Expand
+### HuntComments_List
```java
-import com.azure.core.util.Context;
-import com.azure.resourcemanager.securityinsights.models.EntityExpandParameters;
-import java.time.OffsetDateTime;
-import java.util.UUID;
-
-/** Samples for Entities Expand. */
-public final class EntitiesExpandSamples {
+/** Samples for HuntComments List. */
+public final class HuntCommentsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/expand/PostExpandEntity.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/hunts/GetHuntComments.json
*/
/**
- * Sample code: Expand an entity.
+ * Sample code: Get all hunt comments.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void expandAnEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void getAllHuntComments(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .entities()
- .expandWithResponse(
+ .huntComments()
+ .list(
"myRg",
"myWorkspace",
- "e1d3d618-e11f-478b-98e3-bb381539a8e1",
- new EntityExpandParameters()
- .withEndTime(OffsetDateTime.parse("2019-05-26T00:00:00.000Z"))
- .withExpansionId(UUID.fromString("a77992f3-25e9-4d01-99a4-5ff606cc410a"))
- .withStartTime(OffsetDateTime.parse("2019-04-25T00:00:00.000Z")),
- Context.NONE);
+ "163e7b2a-a2ec-4041-aaba-d878a38f265f",
+ null,
+ null,
+ null,
+ null,
+ com.azure.core.util.Context.NONE);
}
}
```
-### Entities_Get
+### HuntRelations_CreateOrUpdate
```java
-import com.azure.core.util.Context;
+import java.util.Arrays;
-/** Samples for Entities Get. */
-public final class EntitiesGetSamples {
+/** Samples for HuntRelations CreateOrUpdate. */
+public final class HuntRelationsCreateOrUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetSubmissionMailEntityById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/hunts/CreateHuntRelation.json
*/
/**
- * Sample code: Get a submissionMail entity.
+ * Sample code: Creates or updates a hunt relation.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getASubmissionMailEntity(
+ public static void createsOrUpdatesAHuntRelation(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entities().getWithResponse("myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", Context.NONE);
+ manager
+ .huntRelations()
+ .define("2216d0e1-91e3-4902-89fd-d2df8c535096")
+ .withExistingHunt("myRg", "myWorkspace", "163e7b2a-a2ec-4041-aaba-d878a38f265f")
+ .withRelatedResourceId(
+ "/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/mms-eus/providers/Microsoft.OperationalInsights/workspaces/avdvirint/providers/Microsoft.SecurityInsights/Bookmarks/2216d0e1-91e3-4902-89fd-d2df8c535096")
+ .withLabels(Arrays.asList("Test Label"))
+ .create();
}
+}
+```
+### HuntRelations_Delete
+
+```java
+/** Samples for HuntRelations Delete. */
+public final class HuntRelationsDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetDnsEntityById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/hunts/DeleteHuntRelation.json
*/
/**
- * Sample code: Get a dns entity.
+ * Sample code: Delete a hunt relation.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getADnsEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entities().getWithResponse("myRg", "myWorkspace", "f4e74920-f2c0-4412-a45f-66d94fdf01f8", Context.NONE);
+ public static void deleteAHuntRelation(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .huntRelations()
+ .deleteWithResponse(
+ "myRg",
+ "myWorkspace",
+ "163e7b2a-a2ec-4041-aaba-d878a38f265f",
+ "2216d0e1-91e3-4902-89fd-d2df8c535096",
+ com.azure.core.util.Context.NONE);
}
+}
+```
+
+### HuntRelations_Get
+```java
+/** Samples for HuntRelations Get. */
+public final class HuntRelationsGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetFileHashEntityById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/hunts/GetHuntRelationById.json
*/
/**
- * Sample code: Get a file hash entity.
+ * Sample code: Get a hunt relation.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAFileHashEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entities().getWithResponse("myRg", "myWorkspace", "ea359fa6-c1e5-f878-e105-6344f3e399a1", Context.NONE);
+ public static void getAHuntRelation(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .huntRelations()
+ .getWithResponse(
+ "myRg",
+ "myWorkspace",
+ "163e7b2a-a2ec-4041-aaba-d878a38f265f",
+ "2216d0e1-91e3-4902-89fd-d2df8c535096",
+ com.azure.core.util.Context.NONE);
}
+}
+```
+### HuntRelations_List
+
+```java
+/** Samples for HuntRelations List. */
+public final class HuntRelationsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetIoTDeviceEntityById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/hunts/GetHuntRelations.json
*/
/**
- * Sample code: Get an IoT device entity.
+ * Sample code: Get all hunt relations.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAnIoTDeviceEntity(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entities().getWithResponse("myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", Context.NONE);
+ public static void getAllHuntRelations(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .huntRelations()
+ .list(
+ "myRg",
+ "myWorkspace",
+ "163e7b2a-a2ec-4041-aaba-d878a38f265f",
+ null,
+ null,
+ null,
+ null,
+ com.azure.core.util.Context.NONE);
}
+}
+```
+
+### Hunts_CreateOrUpdate
+
+```java
+import com.azure.resourcemanager.securityinsights.models.AttackTactic;
+import com.azure.resourcemanager.securityinsights.models.HuntOwner;
+import com.azure.resourcemanager.securityinsights.models.HypothesisStatus;
+import com.azure.resourcemanager.securityinsights.models.Status;
+import java.util.Arrays;
+import java.util.UUID;
+/** Samples for Hunts CreateOrUpdate. */
+public final class HuntsCreateOrUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetRegistryKeyEntityById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/hunts/CreateHunt.json
*/
/**
- * Sample code: Get a registry key entity.
+ * Sample code: Creates or updates a hunt.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getARegistryKeyEntity(
+ public static void createsOrUpdatesAHunt(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entities().getWithResponse("myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", Context.NONE);
+ manager
+ .hunts()
+ .define("163e7b2a-a2ec-4041-aaba-d878a38f265f")
+ .withExistingWorkspace("myRg", "myWorkspace")
+ .withDisplayName("Log4J new hunt")
+ .withDescription("Log4J Hunt Description")
+ .withStatus(Status.NEW)
+ .withHypothesisStatus(HypothesisStatus.UNKNOWN)
+ .withAttackTactics(Arrays.asList(AttackTactic.RECONNAISSANCE))
+ .withAttackTechniques(Arrays.asList("T1595"))
+ .withLabels(Arrays.asList("Label1", "Label2"))
+ .withOwner(new HuntOwner().withObjectId(UUID.fromString("873b5263-5d34-4149-b356-ad341b01e123")))
+ .create();
}
+}
+```
- /*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetMailboxEntityById.json
- */
- /**
- * Sample code: Get a mailbox entity.
- *
- * @param manager Entry point to SecurityInsightsManager.
- */
- public static void getAMailboxEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entities().getWithResponse("myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", Context.NONE);
- }
+### Hunts_Delete
+```java
+/** Samples for Hunts Delete. */
+public final class HuntsDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetMalwareEntityById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/hunts/DeleteHunt.json
*/
/**
- * Sample code: Get a malware entity.
+ * Sample code: Delete a hunt.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAMalwareEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entities().getWithResponse("myRg", "myWorkspace", "af378b21-b4aa-4fe7-bc70-13f8621a322f", Context.NONE);
+ public static void deleteAHunt(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .hunts()
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "163e7b2a-a2ec-4041-aaba-d878a38f265f", com.azure.core.util.Context.NONE);
}
+}
+```
+
+### Hunts_Get
+```java
+/** Samples for Hunts Get. */
+public final class HuntsGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetSecurityAlertEntityById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/hunts/GetHuntById.json
*/
/**
- * Sample code: Get a security alert entity.
+ * Sample code: Get a hunt.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getASecurityAlertEntity(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entities().getWithResponse("myRg", "myWorkspace", "4aa486e0-6f85-41af-99ea-7acdce7be6c8", Context.NONE);
+ public static void getAHunt(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .hunts()
+ .getWithResponse(
+ "myRg", "myWorkspace", "163e7b2a-a2ec-4041-aaba-d878a38f265f", com.azure.core.util.Context.NONE);
}
+}
+```
+### Hunts_List
+
+```java
+/** Samples for Hunts List. */
+public final class HuntsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetIpEntityById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/hunts/GetHunts.json
*/
/**
- * Sample code: Get an ip entity.
+ * Sample code: Get all hunts.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAnIpEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entities().getWithResponse("myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", Context.NONE);
+ public static void getAllHunts(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager.hunts().list("myRg", "myWorkspace", null, null, null, null, com.azure.core.util.Context.NONE);
}
+}
+```
+
+### IncidentComments_CreateOrUpdate
+```java
+/** Samples for IncidentComments CreateOrUpdate. */
+public final class IncidentCommentsCreateOrUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetAccountEntityById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/incidents/IncidentComments/IncidentComments_CreateOrUpdate.json
*/
/**
- * Sample code: Get an account entity.
+ * Sample code: IncidentComments_CreateOrUpdate.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAnAccountEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entities().getWithResponse("myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", Context.NONE);
+ public static void incidentCommentsCreateOrUpdate(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .incidentComments()
+ .define("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014")
+ .withExistingIncident("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5")
+ .withMessage("Some message")
+ .create();
}
+}
+```
+
+### IncidentComments_Delete
+```java
+/** Samples for IncidentComments Delete. */
+public final class IncidentCommentsDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetCloudApplicationEntityById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/incidents/IncidentComments/IncidentComments_Delete.json
*/
/**
- * Sample code: Get a cloud application entity.
+ * Sample code: IncidentComments_Delete.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getACloudApplicationEntity(
+ public static void incidentCommentsDelete(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entities().getWithResponse("myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", Context.NONE);
+ manager
+ .incidentComments()
+ .deleteWithResponse(
+ "myRg",
+ "myWorkspace",
+ "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
+ "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014",
+ com.azure.core.util.Context.NONE);
}
+}
+```
+
+### IncidentComments_Get
+```java
+/** Samples for IncidentComments Get. */
+public final class IncidentCommentsGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetFileEntityById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/incidents/IncidentComments/IncidentComments_Get.json
*/
/**
- * Sample code: Get a file entity.
+ * Sample code: IncidentComments_Get.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAFileEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entities().getWithResponse("myRg", "myWorkspace", "af378b21-b4aa-4fe7-bc70-13f8621a322f", Context.NONE);
+ public static void incidentCommentsGet(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .incidentComments()
+ .getWithResponse(
+ "myRg",
+ "myWorkspace",
+ "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
+ "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014",
+ com.azure.core.util.Context.NONE);
}
+}
+```
+
+### IncidentComments_List
+```java
+/** Samples for IncidentComments List. */
+public final class IncidentCommentsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetRegistryValueEntityById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/incidents/IncidentComments/IncidentComments_List.json
*/
/**
- * Sample code: Get a registry value entity.
+ * Sample code: IncidentComments_List.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getARegistryValueEntity(
+ public static void incidentCommentsList(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entities().getWithResponse("myRg", "myWorkspace", "dc44bd11-b348-4d76-ad29-37bf7aa41356", Context.NONE);
+ manager
+ .incidentComments()
+ .list(
+ "myRg",
+ "myWorkspace",
+ "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
+ null,
+ null,
+ null,
+ null,
+ com.azure.core.util.Context.NONE);
}
+}
+```
- /*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetUrlEntityById.json
- */
- /**
- * Sample code: Get a url entity.
- *
- * @param manager Entry point to SecurityInsightsManager.
- */
- public static void getAUrlEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entities().getWithResponse("myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", Context.NONE);
- }
+### IncidentRelations_CreateOrUpdate
+
+```java
+import com.azure.resourcemanager.securityinsights.fluent.models.RelationInner;
+/** Samples for IncidentRelations CreateOrUpdate. */
+public final class IncidentRelationsCreateOrUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetMailClusterEntityById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/incidents/relations/CreateIncidentRelation.json
*/
/**
- * Sample code: Get a mailCluster entity.
+ * Sample code: Creates or updates an incident relation.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAMailClusterEntity(
+ public static void createsOrUpdatesAnIncidentRelation(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entities().getWithResponse("myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", Context.NONE);
+ manager
+ .incidentRelations()
+ .createOrUpdateWithResponse(
+ "myRg",
+ "myWorkspace",
+ "afbd324f-6c48-459c-8710-8d1e1cd03812",
+ "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014",
+ new RelationInner()
+ .withRelatedResourceId(
+ "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/2216d0e1-91e3-4902-89fd-d2df8c535096"),
+ com.azure.core.util.Context.NONE);
}
+}
+```
+
+### IncidentRelations_Delete
+```java
+/** Samples for IncidentRelations Delete. */
+public final class IncidentRelationsDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetSecurityGroupEntityById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/incidents/relations/DeleteIncidentRelation.json
*/
/**
- * Sample code: Get a security group entity.
+ * Sample code: Delete the incident relation.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getASecurityGroupEntity(
+ public static void deleteTheIncidentRelation(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entities().getWithResponse("myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", Context.NONE);
+ manager
+ .incidentRelations()
+ .deleteWithResponse(
+ "myRg",
+ "myWorkspace",
+ "afbd324f-6c48-459c-8710-8d1e1cd03812",
+ "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014",
+ com.azure.core.util.Context.NONE);
}
+}
+```
+
+### IncidentRelations_Get
+```java
+/** Samples for IncidentRelations Get. */
+public final class IncidentRelationsGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetMailMessageEntityById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/incidents/relations/GetIncidentRelationByName.json
*/
/**
- * Sample code: Get a mailMessage entity.
+ * Sample code: Get an incident relation.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAMailMessageEntity(
+ public static void getAnIncidentRelation(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entities().getWithResponse("myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", Context.NONE);
+ manager
+ .incidentRelations()
+ .getWithResponse(
+ "myRg",
+ "myWorkspace",
+ "afbd324f-6c48-459c-8710-8d1e1cd03812",
+ "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014",
+ com.azure.core.util.Context.NONE);
}
+}
+```
+
+### IncidentRelations_List
+```java
+/** Samples for IncidentRelations List. */
+public final class IncidentRelationsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetAzureResourceEntityById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/incidents/relations/GetAllIncidentRelations.json
*/
/**
- * Sample code: Get an azure resource entity.
+ * Sample code: Get all incident relations.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAnAzureResourceEntity(
+ public static void getAllIncidentRelations(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entities().getWithResponse("myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", Context.NONE);
+ manager
+ .incidentRelations()
+ .list(
+ "myRg",
+ "myWorkspace",
+ "afbd324f-6c48-459c-8710-8d1e1cd03812",
+ null,
+ null,
+ null,
+ null,
+ com.azure.core.util.Context.NONE);
}
+}
+```
+
+### IncidentTasks_CreateOrUpdate
+```java
+import com.azure.resourcemanager.securityinsights.models.IncidentTaskStatus;
+
+/** Samples for IncidentTasks CreateOrUpdate. */
+public final class IncidentTasksCreateOrUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetHostEntityById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/incidents/IncidentTasks/IncidentTasks_CreateOrUpdate.json
*/
/**
- * Sample code: Get a host entity.
+ * Sample code: IncidentTasks_CreateOrUpdate.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAHostEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entities().getWithResponse("myRg", "myWorkspace", "e1d3d618-e11f-478b-98e3-bb381539a8e1", Context.NONE);
+ public static void incidentTasksCreateOrUpdate(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .incidentTasks()
+ .define("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014")
+ .withExistingIncident("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5")
+ .withTitle("Task title")
+ .withStatus(IncidentTaskStatus.NEW)
+ .withDescription("Task description")
+ .create();
}
+}
+```
+
+### IncidentTasks_Delete
+```java
+/** Samples for IncidentTasks Delete. */
+public final class IncidentTasksDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetProcessEntityById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/incidents/IncidentTasks/IncidentTasks_Delete.json
*/
/**
- * Sample code: Get a process entity.
+ * Sample code: IncidentTasks_Delete.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAProcessEntity(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entities().getWithResponse("myRg", "myWorkspace", "7264685c-038c-42c6-948c-38e14ef1fb98", Context.NONE);
+ public static void incidentTasksDelete(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .incidentTasks()
+ .deleteWithResponse(
+ "myRg",
+ "myWorkspace",
+ "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
+ "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014",
+ com.azure.core.util.Context.NONE);
}
}
```
-### Entities_GetInsights
+### IncidentTasks_Get
```java
-import com.azure.core.util.Context;
-import com.azure.resourcemanager.securityinsights.models.EntityGetInsightsParameters;
-import java.time.OffsetDateTime;
-import java.util.Arrays;
-import java.util.UUID;
-
-/** Samples for Entities GetInsights. */
-public final class EntitiesGetInsightsSamples {
+/** Samples for IncidentTasks Get. */
+public final class IncidentTasksGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/insights/PostGetInsights.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/incidents/IncidentTasks/IncidentTasks_Get.json
*/
/**
- * Sample code: Entity Insight.
+ * Sample code: IncidentTasks_Get.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void entityInsight(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void incidentTasksGet(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .entities()
- .getInsightsWithResponse(
+ .incidentTasks()
+ .getWithResponse(
"myRg",
"myWorkspace",
- "e1d3d618-e11f-478b-98e3-bb381539a8e1",
- new EntityGetInsightsParameters()
- .withStartTime(OffsetDateTime.parse("2021-09-01T00:00:00.000Z"))
- .withEndTime(OffsetDateTime.parse("2021-10-01T00:00:00.000Z"))
- .withAddDefaultExtendedTimeRange(false)
- .withInsightQueryIds(Arrays.asList(UUID.fromString("cae8d0aa-aa45-4d53-8d88-17dd64ffd4e4"))),
- Context.NONE);
+ "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
+ "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014",
+ com.azure.core.util.Context.NONE);
}
}
```
-### Entities_List
+### IncidentTasks_List
```java
-import com.azure.core.util.Context;
-
-/** Samples for Entities List. */
-public final class EntitiesListSamples {
+/** Samples for IncidentTasks List. */
+public final class IncidentTasksListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetEntities.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/incidents/IncidentTasks/IncidentTasks_List.json
*/
/**
- * Sample code: Get all entities.
+ * Sample code: IncidentTasks_List.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllEntities(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entities().list("myRg", "myWorkspace", Context.NONE);
+ public static void incidentTasksList(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .incidentTasks()
+ .list("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
}
}
```
-### Entities_Queries
+### Incidents_CreateOrUpdate
```java
-import com.azure.core.util.Context;
-import com.azure.resourcemanager.securityinsights.models.EntityItemQueryKind;
+import com.azure.resourcemanager.securityinsights.models.IncidentClassification;
+import com.azure.resourcemanager.securityinsights.models.IncidentClassificationReason;
+import com.azure.resourcemanager.securityinsights.models.IncidentOwnerInfo;
+import com.azure.resourcemanager.securityinsights.models.IncidentSeverity;
+import com.azure.resourcemanager.securityinsights.models.IncidentStatus;
+import java.time.OffsetDateTime;
+import java.util.UUID;
-/** Samples for Entities Queries. */
-public final class EntitiesQueriesSamples {
+/** Samples for Incidents CreateOrUpdate. */
+public final class IncidentsCreateOrUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/GetQueries.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/incidents/Incidents_CreateOrUpdate.json
*/
/**
- * Sample code: Get Entity Query.
+ * Sample code: Incidents_CreateOrUpdate.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getEntityQuery(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void incidentsCreateOrUpdate(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .entities()
- .queriesWithResponse(
- "myRg",
- "myWorkspace",
- "e1d3d618-e11f-478b-98e3-bb381539a8e1",
- EntityItemQueryKind.INSIGHT,
- Context.NONE);
+ .incidents()
+ .define("73e01a99-5cd7-4139-a149-9f2736ff2ab5")
+ .withExistingWorkspace("myRg", "myWorkspace")
+ .withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\"")
+ .withTitle("My incident")
+ .withDescription("This is a demo incident")
+ .withSeverity(IncidentSeverity.HIGH)
+ .withStatus(IncidentStatus.CLOSED)
+ .withClassification(IncidentClassification.FALSE_POSITIVE)
+ .withClassificationReason(IncidentClassificationReason.INACCURATE_DATA)
+ .withClassificationComment("Not a malicious activity")
+ .withOwner(new IncidentOwnerInfo().withObjectId(UUID.fromString("2046feea-040d-4a46-9e2b-91c2941bfa70")))
+ .withFirstActivityTimeUtc(OffsetDateTime.parse("2019-01-01T13:00:30Z"))
+ .withLastActivityTimeUtc(OffsetDateTime.parse("2019-01-01T13:05:30Z"))
+ .create();
}
}
```
-### EntitiesGetTimeline_List
+### Incidents_CreateTeam
```java
-import com.azure.core.util.Context;
-import com.azure.resourcemanager.securityinsights.models.EntityTimelineParameters;
-import java.time.OffsetDateTime;
+import com.azure.resourcemanager.securityinsights.fluent.models.TeamInformationInner;
-/** Samples for EntitiesGetTimeline List. */
-public final class EntitiesGetTimelineListSamples {
+/** Samples for Incidents CreateTeam. */
+public final class IncidentsCreateTeamSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/timeline/PostTimelineEntity.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/incidents/IncidentTeam/Incidents_CreateTeam.json
*/
/**
- * Sample code: Entity timeline.
+ * Sample code: Incidents_CreateTeam.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void entityTimeline(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void incidentsCreateTeam(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .entitiesGetTimelines()
- .listWithResponse(
+ .incidents()
+ .createTeamWithResponse(
"myRg",
"myWorkspace",
- "e1d3d618-e11f-478b-98e3-bb381539a8e1",
- new EntityTimelineParameters()
- .withStartTime(OffsetDateTime.parse("2021-09-01T00:00:00.000Z"))
- .withEndTime(OffsetDateTime.parse("2021-10-01T00:00:00.000Z"))
- .withNumberOfBucket(4),
- Context.NONE);
+ "69a30280-6a4c-4aa7-9af0-5d63f335d600",
+ new TeamInformationInner(),
+ com.azure.core.util.Context.NONE);
}
}
```
-### EntitiesRelations_List
+### Incidents_Delete
```java
-import com.azure.core.util.Context;
-
-/** Samples for EntitiesRelations List. */
-public final class EntitiesRelationsListSamples {
+/** Samples for Incidents Delete. */
+public final class IncidentsDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/relations/GetAllEntityRelations.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/incidents/Incidents_Delete.json
*/
/**
- * Sample code: Get all relations of an entity.
+ * Sample code: Incidents_Delete.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllRelationsOfAnEntity(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void incidentsDelete(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .entitiesRelations()
- .list("myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", null, null, null, null, Context.NONE);
+ .incidents()
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
}
}
```
-### EntityQueries_CreateOrUpdate
+### Incidents_Get
```java
-import com.azure.core.util.Context;
-import com.azure.resourcemanager.securityinsights.models.ActivityCustomEntityQuery;
-import com.azure.resourcemanager.securityinsights.models.ActivityEntityQueriesPropertiesQueryDefinitions;
-import com.azure.resourcemanager.securityinsights.models.EntityType;
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.Map;
-
-/** Samples for EntityQueries CreateOrUpdate. */
-public final class EntityQueriesCreateOrUpdateSamples {
+/** Samples for Incidents Get. */
+public final class IncidentsGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entityQueries/CreateEntityQueryActivity.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/incidents/Incidents_Get.json
*/
/**
- * Sample code: Creates or updates an Activity entity query.
+ * Sample code: Incidents_Get.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createsOrUpdatesAnActivityEntityQuery(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void incidentsGet(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .entityQueries()
- .createOrUpdateWithResponse(
- "myRg",
- "myWorkspace",
- "07da3cc8-c8ad-4710-a44e-334cdcb7882b",
- new ActivityCustomEntityQuery()
- .withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\"")
- .withTitle("An account was deleted on this host")
- .withContent("On '{{Computer}}' the account '{{TargetAccount}}' was deleted by '{{AddedBy}}'")
- .withDescription("Account deleted on host")
- .withQueryDefinitions(
- new ActivityEntityQueriesPropertiesQueryDefinitions()
- .withQuery(
- "let GetAccountActions = (v_Host_Name:string, v_Host_NTDomain:string,"
- + " v_Host_DnsDomain:string, v_Host_AzureID:string, v_Host_OMSAgentID:string){\n"
- + "SecurityEvent\n"
- + "| where EventID in (4725, 4726, 4767, 4720, 4722, 4723, 4724)\n"
- + "// parsing for Host to handle variety of conventions coming from data\n"
- + "| extend Host_HostName = case(\n"
- + "Computer has '@', tostring(split(Computer, '@')[0]),\n"
- + "Computer has '\\\\', tostring(split(Computer, '\\\\')[1]),\n"
- + "Computer has '.', tostring(split(Computer, '.')[0]),\n"
- + "Computer\n"
- + ")\n"
- + "| extend Host_NTDomain = case(\n"
- + "Computer has '\\\\', tostring(split(Computer, '\\\\')[0]), \n"
- + "Computer has '.', tostring(split(Computer, '.')[-2]), \n"
- + "Computer\n"
- + ")\n"
- + "| extend Host_DnsDomain = case(\n"
- + "Computer has '\\\\', tostring(split(Computer, '\\\\')[0]), \n"
- + "Computer has '.', strcat_array(array_slice(split(Computer,'.'),-2,-1),'.'), \n"
- + "Computer\n"
- + ")\n"
- + "| where (Host_HostName =~ v_Host_Name and Host_NTDomain =~ v_Host_NTDomain) \n"
- + "or (Host_HostName =~ v_Host_Name and Host_DnsDomain =~ v_Host_DnsDomain) \n"
- + "or v_Host_AzureID =~ _ResourceId \n"
- + "or v_Host_OMSAgentID == SourceComputerId\n"
- + "| project TimeGenerated, EventID, Activity, Computer, TargetAccount,"
- + " TargetUserName, TargetDomainName, TargetSid, SubjectUserName, SubjectUserSid,"
- + " _ResourceId, SourceComputerId\n"
- + "| extend AddedBy = SubjectUserName\n"
- + "// Future support for Activities\n"
- + "| extend timestamp = TimeGenerated, HostCustomEntity = Computer,"
- + " AccountCustomEntity = TargetAccount\n"
- + "};\n"
- + "GetAccountActions('{{Host_HostName}}', '{{Host_NTDomain}}',"
- + " '{{Host_DnsDomain}}', '{{Host_AzureID}}', '{{Host_OMSAgentID}}')\n"
- + " \n"
- + "| where EventID == 4726 "))
- .withInputEntityType(EntityType.HOST)
- .withRequiredInputFieldsSets(
- Arrays
- .asList(
- Arrays.asList("Host_HostName", "Host_NTDomain"),
- Arrays.asList("Host_HostName", "Host_DnsDomain"),
- Arrays.asList("Host_AzureID"),
- Arrays.asList("Host_OMSAgentID")))
- .withEntitiesFilter(mapOf("Host_OsFamily", Arrays.asList("Windows")))
- .withEnabled(true),
- Context.NONE);
- }
-
- @SuppressWarnings("unchecked")
- private static Map mapOf(Object... inputs) {
- Map map = new HashMap<>();
- for (int i = 0; i < inputs.length; i += 2) {
- String key = (String) inputs[i];
- T value = (T) inputs[i + 1];
- map.put(key, value);
- }
- return map;
+ .incidents()
+ .getWithResponse(
+ "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", com.azure.core.util.Context.NONE);
}
}
```
-### EntityQueries_Delete
+### Incidents_List
```java
-import com.azure.core.util.Context;
-
-/** Samples for EntityQueries Delete. */
-public final class EntityQueriesDeleteSamples {
+/** Samples for Incidents List. */
+public final class IncidentsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entityQueries/DeleteEntityQuery.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/incidents/Incidents_List.json
*/
/**
- * Sample code: Delete an entity query.
+ * Sample code: Incidents_List.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void deleteAnEntityQuery(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void incidentsList(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .entityQueries()
- .deleteWithResponse("myRg", "myWorkspace", "07da3cc8-c8ad-4710-a44e-334cdcb7882b", Context.NONE);
+ .incidents()
+ .list(
+ "myRg",
+ "myWorkspace",
+ null,
+ "properties/createdTimeUtc desc",
+ 1,
+ null,
+ com.azure.core.util.Context.NONE);
}
}
```
-### EntityQueries_Get
+### Incidents_ListAlerts
```java
-import com.azure.core.util.Context;
-
-/** Samples for EntityQueries Get. */
-public final class EntityQueriesGetSamples {
+/** Samples for Incidents ListAlerts. */
+public final class IncidentsListAlertsSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entityQueries/GetActivityEntityQueryById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/incidents/IncidentAlerts/Incidents_ListAlerts.json
*/
/**
- * Sample code: Get an Activity entity query.
+ * Sample code: Incidents_ListAlerts.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAnActivityEntityQuery(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void incidentsListAlerts(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .entityQueries()
- .getWithResponse("myRg", "myWorkspace", "07da3cc8-c8ad-4710-a44e-334cdcb7882b", Context.NONE);
+ .incidents()
+ .listAlertsWithResponse(
+ "myRg", "myWorkspace", "69a30280-6a4c-4aa7-9af0-5d63f335d600", com.azure.core.util.Context.NONE);
}
+}
+```
+
+### Incidents_ListBookmarks
+```java
+/** Samples for Incidents ListBookmarks. */
+public final class IncidentsListBookmarksSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entityQueries/GetExpansionEntityQueryById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/incidents/IncidentBookmarks/Incidents_ListBookmarks.json
*/
/**
- * Sample code: Get an Expansion entity query.
+ * Sample code: Incidents_ListBookmarks.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAnExpansionEntityQuery(
+ public static void incidentsListBookmarks(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .entityQueries()
- .getWithResponse("myRg", "myWorkspace", "07da3cc8-c8ad-4710-a44e-334cdcb7882b", Context.NONE);
+ .incidents()
+ .listBookmarksWithResponse(
+ "myRg", "myWorkspace", "69a30280-6a4c-4aa7-9af0-5d63f335d600", com.azure.core.util.Context.NONE);
}
}
```
-### EntityQueries_List
+### Incidents_ListEntities
```java
-import com.azure.core.util.Context;
-import com.azure.resourcemanager.securityinsights.models.EntityQueriesKind;
-
-/** Samples for EntityQueries List. */
-public final class EntityQueriesListSamples {
+/** Samples for Incidents ListEntities. */
+public final class IncidentsListEntitiesSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entityQueries/GetEntityQueries.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/incidents/IncidentEntities/Incidents_ListEntities.json
*/
/**
- * Sample code: Get all entity queries.
+ * Sample code: Incidents_ListEntities.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllEntityQueries(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entityQueries().list("myRg", "myWorkspace", EntityQueriesKind.EXPANSION, Context.NONE);
+ public static void incidentsListEntities(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .incidents()
+ .listEntitiesWithResponse(
+ "myRg", "myWorkspace", "69a30280-6a4c-4aa7-9af0-5d63f335d600", com.azure.core.util.Context.NONE);
}
}
```
-### EntityQueryTemplates_Get
+### Incidents_RunPlaybook
```java
-import com.azure.core.util.Context;
-
-/** Samples for EntityQueryTemplates Get. */
-public final class EntityQueryTemplatesGetSamples {
+/** Samples for Incidents RunPlaybook. */
+public final class IncidentsRunPlaybookSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entityQueryTemplates/GetActivityEntityQueryTemplateById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/manualTrigger/Incidents_RunPlaybook.json
*/
/**
- * Sample code: Get an Activity entity query template.
+ * Sample code: Incidents_RunPlaybook.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAnActivityEntityQueryTemplate(
+ public static void incidentsRunPlaybook(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .entityQueryTemplates()
- .getWithResponse("myRg", "myWorkspace", "07da3cc8-c8ad-4710-a44e-334cdcb7882b", Context.NONE);
+ .incidents()
+ .runPlaybookWithResponse(
+ "myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ar4", null, com.azure.core.util.Context.NONE);
}
}
```
-### EntityQueryTemplates_List
+### IpGeodata_Get
```java
-import com.azure.core.util.Context;
-import com.azure.resourcemanager.securityinsights.models.Constant88;
-
-/** Samples for EntityQueryTemplates List. */
-public final class EntityQueryTemplatesListSamples {
+/** Samples for IpGeodata Get. */
+public final class IpGeodataGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entityQueryTemplates/GetEntityQueryTemplates.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/enrichment/GetGeodataByIp.json
*/
/**
- * Sample code: Get all entity query templates.
+ * Sample code: Get geodata for a single IP address.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllEntityQueryTemplates(
+ public static void getGeodataForASingleIPAddress(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.entityQueryTemplates().list("myRg", "myWorkspace", Constant88.ACTIVITY, Context.NONE);
+ manager.ipGeodatas().getWithResponse("myRg", "1.2.3.4", com.azure.core.util.Context.NONE);
}
}
```
-### EntityRelations_GetRelation
+### Metadata_Create
```java
-import com.azure.core.util.Context;
+import com.azure.resourcemanager.securityinsights.models.Kind;
+import com.azure.resourcemanager.securityinsights.models.MetadataAuthor;
+import com.azure.resourcemanager.securityinsights.models.MetadataCategories;
+import com.azure.resourcemanager.securityinsights.models.MetadataDependencies;
+import com.azure.resourcemanager.securityinsights.models.MetadataSource;
+import com.azure.resourcemanager.securityinsights.models.MetadataSupport;
+import com.azure.resourcemanager.securityinsights.models.Operator;
+import com.azure.resourcemanager.securityinsights.models.SourceKind;
+import com.azure.resourcemanager.securityinsights.models.SupportTier;
+import java.time.LocalDate;
+import java.util.Arrays;
-/** Samples for EntityRelations GetRelation. */
-public final class EntityRelationsGetRelationSamples {
+/** Samples for Metadata Create. */
+public final class MetadataCreateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/entities/relations/GetEntityRelationByName.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/metadata/PutMetadata.json
*/
/**
- * Sample code: Get an entity relation.
+ * Sample code: Create/update full metadata.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAnEntityRelation(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void createUpdateFullMetadata(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .entityRelations()
- .getRelationWithResponse(
- "myRg",
- "myWorkspace",
- "afbd324f-6c48-459c-8710-8d1e1cd03812",
- "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014",
- Context.NONE);
+ .metadatas()
+ .define("metadataName")
+ .withExistingWorkspace("myRg", "myWorkspace")
+ .withContentId("c00ee137-7475-47c8-9cce-ec6f0f1bedd0")
+ .withParentId(
+ "/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/ruleName")
+ .withVersion("1.0.0.0")
+ .withKind("AnalyticsRule")
+ .withSource(
+ new MetadataSource()
+ .withKind(SourceKind.SOLUTION)
+ .withName("Contoso Solution 1.0")
+ .withSourceId("b688a130-76f4-4a07-bf57-762222a3cadf"))
+ .withAuthor(new MetadataAuthor().withName("User Name").withEmail("email@microsoft.com"))
+ .withSupport(
+ new MetadataSupport()
+ .withTier(SupportTier.PARTNER)
+ .withName("Microsoft")
+ .withEmail("support@microsoft.com")
+ .withLink("https://support.microsoft.com/"))
+ .withDependencies(
+ new MetadataDependencies()
+ .withOperator(Operator.AND)
+ .withCriteria(
+ Arrays
+ .asList(
+ new MetadataDependencies()
+ .withOperator(Operator.OR)
+ .withCriteria(
+ Arrays
+ .asList(
+ new MetadataDependencies()
+ .withContentId("045d06d0-ee72-4794-aba4-cf5646e4c756")
+ .withKind(Kind.DATA_CONNECTOR)
+ .withName("Microsoft Defender for Endpoint"),
+ new MetadataDependencies()
+ .withContentId("dbfcb2cc-d782-40ef-8d94-fe7af58a6f2d")
+ .withKind(Kind.DATA_CONNECTOR),
+ new MetadataDependencies()
+ .withContentId("de4dca9b-eb37-47d6-a56f-b8b06b261593")
+ .withKind(Kind.DATA_CONNECTOR)
+ .withVersion("2.0"))),
+ new MetadataDependencies()
+ .withContentId("31ee11cc-9989-4de8-b176-5e0ef5c4dbab")
+ .withKind(Kind.PLAYBOOK)
+ .withVersion("1.0"),
+ new MetadataDependencies()
+ .withContentId("21ba424a-9438-4444-953a-7059539a7a1b")
+ .withKind(Kind.PARSER))))
+ .withCategories(
+ new MetadataCategories()
+ .withDomains(Arrays.asList("Application", "Security – Insider Threat"))
+ .withVerticals(Arrays.asList("Healthcare")))
+ .withProviders(Arrays.asList("Amazon", "Microsoft"))
+ .withFirstPublishDate(LocalDate.parse("2021-05-18"))
+ .withLastPublishDate(LocalDate.parse("2021-05-18"))
+ .withCustomVersion("1.0")
+ .withContentSchemaVersion("2.0")
+ .withThreatAnalysisTactics(Arrays.asList("reconnaissance", "commandandcontrol"))
+ .withThreatAnalysisTechniques(Arrays.asList("T1548", "T1548.001"))
+ .withPreviewImages(Arrays.asList("firstImage.png", "secondImage.jpeg"))
+ .withPreviewImagesDark(Arrays.asList("firstImageDark.png", "secondImageDark.jpeg"))
+ .create();
}
-}
-```
-
-### FileImports_Create
-
-```java
-import com.azure.resourcemanager.securityinsights.models.FileFormat;
-import com.azure.resourcemanager.securityinsights.models.FileImportContentType;
-import com.azure.resourcemanager.securityinsights.models.FileMetadata;
-import com.azure.resourcemanager.securityinsights.models.IngestionMode;
-/** Samples for FileImports Create. */
-public final class FileImportsCreateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/fileImports/CreateFileImport.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/metadata/PutMetadataMinimal.json
*/
/**
- * Sample code: Create a file import.
+ * Sample code: Create/update minimal metadata.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createAFileImport(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void createUpdateMinimalMetadata(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .fileImports()
- .define("73e01a99-5cd7-4139-a149-9f2736ff2ab5")
+ .metadatas()
+ .define("metadataName")
.withExistingWorkspace("myRg", "myWorkspace")
- .withIngestionMode(IngestionMode.INGEST_ANY_VALID_RECORDS)
- .withContentType(FileImportContentType.STIX_INDICATOR)
- .withImportFile(
- new FileMetadata().withFileFormat(FileFormat.JSON).withFileName("myFile.json").withFileSize(4653))
- .withSource("mySource")
+ .withContentId("c00ee137-7475-47c8-9cce-ec6f0f1bedd0")
+ .withParentId(
+ "/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/ruleName")
+ .withKind("AnalyticsRule")
.create();
}
}
```
-### FileImports_Delete
+### Metadata_Delete
```java
-import com.azure.core.util.Context;
+/** Samples for Metadata Delete. */
+public final class MetadataDeleteSamples {
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/metadata/DeleteMetadata.json
+ */
+ /**
+ * Sample code: Delete metadata.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void deleteMetadata(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager.metadatas().deleteWithResponse("myRg", "myWorkspace", "metadataName", com.azure.core.util.Context.NONE);
+ }
+}
+```
-/** Samples for FileImports Delete. */
-public final class FileImportsDeleteSamples {
+### Metadata_Get
+
+```java
+/** Samples for Metadata Get. */
+public final class MetadataGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/fileImports/DeleteFileImport.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/metadata/GetMetadata.json
*/
/**
- * Sample code: Delete a file import.
+ * Sample code: Get single metadata by name.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void deleteAFileImport(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.fileImports().delete("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", Context.NONE);
+ public static void getSingleMetadataByName(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager.metadatas().getWithResponse("myRg", "myWorkspace", "metadataName", com.azure.core.util.Context.NONE);
}
}
```
-### FileImports_Get
+### Metadata_List
```java
-import com.azure.core.util.Context;
+/** Samples for Metadata List. */
+public final class MetadataListSamples {
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/metadata/GetAllMetadata.json
+ */
+ /**
+ * Sample code: Get all metadata.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void getAllMetadata(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager.metadatas().list("myRg", "myWorkspace", null, null, null, null, com.azure.core.util.Context.NONE);
+ }
-/** Samples for FileImports Get. */
-public final class FileImportsGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/fileImports/GetFileImportById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/metadata/GetAllMetadataOData.json
*/
/**
- * Sample code: Get a file import.
+ * Sample code: Get all metadata with OData filter/orderby/skip/top.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAFileImport(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager
- .fileImports()
- .getWithResponse("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", Context.NONE);
+ public static void getAllMetadataWithODataFilterOrderbySkipTop(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager.metadatas().list("myRg", "myWorkspace", null, null, null, null, com.azure.core.util.Context.NONE);
}
}
```
-### FileImports_List
+### Metadata_Update
```java
-import com.azure.core.util.Context;
+import com.azure.resourcemanager.securityinsights.models.MetadataAuthor;
+import com.azure.resourcemanager.securityinsights.models.MetadataModel;
-/** Samples for FileImports List. */
-public final class FileImportsListSamples {
+/** Samples for Metadata Update. */
+public final class MetadataUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/fileImports/GetFileImports.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/metadata/PatchMetadata.json
*/
/**
- * Sample code: Get all file imports.
+ * Sample code: Update metadata.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllFileImports(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager
- .fileImports()
- .list("myRg", "myWorkspace", null, "properties/createdTimeUtc desc", 1, null, Context.NONE);
+ public static void updateMetadata(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ MetadataModel resource =
+ manager
+ .metadatas()
+ .getWithResponse("myRg", "myWorkspace", "metadataName", com.azure.core.util.Context.NONE)
+ .getValue();
+ resource
+ .update()
+ .withAuthor(new MetadataAuthor().withName("User Name").withEmail("email@microsoft.com"))
+ .apply();
}
}
```
-### IncidentComments_CreateOrUpdate
+### OfficeConsents_Delete
```java
-/** Samples for IncidentComments CreateOrUpdate. */
-public final class IncidentCommentsCreateOrUpdateSamples {
+/** Samples for OfficeConsents Delete. */
+public final class OfficeConsentsDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/comments/CreateIncidentComment.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/officeConsents/DeleteOfficeConsents.json
*/
/**
- * Sample code: Creates or updates an incident comment.
+ * Sample code: Delete an office consent.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createsOrUpdatesAnIncidentComment(
+ public static void deleteAnOfficeConsent(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .incidentComments()
- .define("4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014")
- .withExistingIncident("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5")
- .withMessage("Some message")
- .create();
+ .officeConsents()
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "04e5fd05-ff86-4b97-b8d2-1c20933cb46c", com.azure.core.util.Context.NONE);
}
}
```
-### IncidentComments_Delete
+### OfficeConsents_Get
```java
-import com.azure.core.util.Context;
-
-/** Samples for IncidentComments Delete. */
-public final class IncidentCommentsDeleteSamples {
+/** Samples for OfficeConsents Get. */
+public final class OfficeConsentsGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/comments/DeleteIncidentComment.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/officeConsents/GetOfficeConsentsById.json
*/
/**
- * Sample code: Delete the incident comment.
+ * Sample code: Get an office consent.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void deleteTheIncidentComment(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void getAnOfficeConsent(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .incidentComments()
- .deleteWithResponse(
- "myRg",
- "myWorkspace",
- "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
- "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014",
- Context.NONE);
+ .officeConsents()
+ .getWithResponse(
+ "myRg", "myWorkspace", "04e5fd05-ff86-4b97-b8d2-1c20933cb46c", com.azure.core.util.Context.NONE);
}
}
```
-### IncidentComments_Get
+### OfficeConsents_List
```java
-import com.azure.core.util.Context;
-
-/** Samples for IncidentComments Get. */
-public final class IncidentCommentsGetSamples {
+/** Samples for OfficeConsents List. */
+public final class OfficeConsentsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/comments/GetIncidentCommentById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/officeConsents/GetOfficeConsents.json
*/
/**
- * Sample code: Get an incident comment.
+ * Sample code: Get all office consents.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAnIncidentComment(
+ public static void getAllOfficeConsents(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager
- .incidentComments()
- .getWithResponse(
- "myRg",
- "myWorkspace",
- "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
- "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014",
- Context.NONE);
+ manager.officeConsents().list("myRg", "myWorkspace", com.azure.core.util.Context.NONE);
}
}
```
-### IncidentComments_List
+### Operations_List
```java
-import com.azure.core.util.Context;
-
-/** Samples for IncidentComments List. */
-public final class IncidentCommentsListSamples {
+/** Samples for Operations List. */
+public final class OperationsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/comments/GetAllIncidentComments.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/operations/ListOperations.json
*/
/**
- * Sample code: Get all incident comments.
+ * Sample code: Get all operations.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllIncidentComments(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager
- .incidentComments()
- .list("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", null, null, null, null, Context.NONE);
+ public static void getAllOperations(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager.operations().list(com.azure.core.util.Context.NONE);
}
}
```
-### IncidentRelations_CreateOrUpdate
+### ProductPackageOperation_Get
```java
-import com.azure.core.util.Context;
-import com.azure.resourcemanager.securityinsights.fluent.models.RelationInner;
-
-/** Samples for IncidentRelations CreateOrUpdate. */
-public final class IncidentRelationsCreateOrUpdateSamples {
+/** Samples for ProductPackageOperation Get. */
+public final class ProductPackageOperationGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/relations/CreateIncidentRelation.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/contentPackages/GetProductPackageById.json
*/
/**
- * Sample code: Creates or updates an incident relation.
+ * Sample code: Get a package.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createsOrUpdatesAnIncidentRelation(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void getAPackage(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .incidentRelations()
- .createOrUpdateWithResponse(
- "myRg",
- "myWorkspace",
- "afbd324f-6c48-459c-8710-8d1e1cd03812",
- "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014",
- new RelationInner()
- .withRelatedResourceId(
- "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/2216d0e1-91e3-4902-89fd-d2df8c535096"),
- Context.NONE);
+ .productPackageOperations()
+ .getWithResponse(
+ "myRg", "myWorkspace", "str.azure-sentinel-solution-str", com.azure.core.util.Context.NONE);
}
}
```
-### IncidentRelations_Delete
+### ProductPackages_List
```java
-import com.azure.core.util.Context;
-
-/** Samples for IncidentRelations Delete. */
-public final class IncidentRelationsDeleteSamples {
+/** Samples for ProductPackages List. */
+public final class ProductPackagesListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/relations/DeleteIncidentRelation.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/contentPackages/GetProductPackages.json
*/
/**
- * Sample code: Delete the incident relation.
+ * Sample code: Get all available packages.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void deleteTheIncidentRelation(
+ public static void getAllAvailablePackages(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager
- .incidentRelations()
- .deleteWithResponse(
- "myRg",
- "myWorkspace",
- "afbd324f-6c48-459c-8710-8d1e1cd03812",
- "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014",
- Context.NONE);
+ manager.productPackages().list("myRg", "myWorkspace", null, null, null, null, com.azure.core.util.Context.NONE);
}
}
```
-### IncidentRelations_Get
+### ProductSettings_Delete
```java
-import com.azure.core.util.Context;
-
-/** Samples for IncidentRelations Get. */
-public final class IncidentRelationsGetSamples {
+/** Samples for ProductSettings Delete. */
+public final class ProductSettingsDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/relations/GetIncidentRelationByName.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/settings/DeleteEyesOnSetting.json
*/
/**
- * Sample code: Get an incident relation.
+ * Sample code: Delete EyesOn settings.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAnIncidentRelation(
+ public static void deleteEyesOnSettings(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager
- .incidentRelations()
- .getWithResponse(
- "myRg",
- "myWorkspace",
- "afbd324f-6c48-459c-8710-8d1e1cd03812",
- "4bb36b7b-26ff-4d1c-9cbe-0d8ab3da0014",
- Context.NONE);
+ manager.productSettings().deleteWithResponse("myRg", "myWorkspace", "EyesOn", com.azure.core.util.Context.NONE);
}
}
```
-### IncidentRelations_List
+### ProductSettings_Get
```java
-import com.azure.core.util.Context;
-
-/** Samples for IncidentRelations List. */
-public final class IncidentRelationsListSamples {
+/** Samples for ProductSettings Get. */
+public final class ProductSettingsGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/relations/GetAllIncidentRelations.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/settings/GetEyesOnSetting.json
*/
/**
- * Sample code: Get all incident relations.
+ * Sample code: Get EyesOn settings.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllIncidentRelations(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager
- .incidentRelations()
- .list("myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", null, null, null, null, Context.NONE);
+ public static void getEyesOnSettings(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager.productSettings().getWithResponse("myRg", "myWorkspace", "EyesOn", com.azure.core.util.Context.NONE);
}
}
```
-### Incidents_CreateOrUpdate
+### ProductSettings_List
```java
-import com.azure.resourcemanager.securityinsights.models.IncidentClassification;
-import com.azure.resourcemanager.securityinsights.models.IncidentClassificationReason;
-import com.azure.resourcemanager.securityinsights.models.IncidentOwnerInfo;
-import com.azure.resourcemanager.securityinsights.models.IncidentSeverity;
-import com.azure.resourcemanager.securityinsights.models.IncidentStatus;
-import java.time.OffsetDateTime;
-import java.util.UUID;
-
-/** Samples for Incidents CreateOrUpdate. */
-public final class IncidentsCreateOrUpdateSamples {
+/** Samples for ProductSettings List. */
+public final class ProductSettingsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/CreateIncident.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/settings/GetAllSettings.json
*/
/**
- * Sample code: Creates or updates an incident.
+ * Sample code: Get all settings.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createsOrUpdatesAnIncident(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager
- .incidents()
- .define("73e01a99-5cd7-4139-a149-9f2736ff2ab5")
- .withExistingWorkspace("myRg", "myWorkspace")
- .withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\"")
- .withClassification(IncidentClassification.FALSE_POSITIVE)
- .withClassificationComment("Not a malicious activity")
- .withClassificationReason(IncidentClassificationReason.INCORRECT_ALERT_LOGIC)
- .withDescription("This is a demo incident")
- .withFirstActivityTimeUtc(OffsetDateTime.parse("2019-01-01T13:00:30Z"))
- .withLastActivityTimeUtc(OffsetDateTime.parse("2019-01-01T13:05:30Z"))
- .withOwner(new IncidentOwnerInfo().withObjectId(UUID.fromString("2046feea-040d-4a46-9e2b-91c2941bfa70")))
- .withSeverity(IncidentSeverity.HIGH)
- .withStatus(IncidentStatus.CLOSED)
- .withTitle("My incident")
- .create();
+ public static void getAllSettings(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager.productSettings().listWithResponse("myRg", "myWorkspace", com.azure.core.util.Context.NONE);
}
}
```
-### Incidents_CreateTeam
+### ProductSettings_Update
```java
-import com.azure.core.util.Context;
-import com.azure.resourcemanager.securityinsights.models.TeamProperties;
+import com.azure.resourcemanager.securityinsights.models.EyesOn;
-/** Samples for Incidents CreateTeam. */
-public final class IncidentsCreateTeamSamples {
+/** Samples for ProductSettings Update. */
+public final class ProductSettingsUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/CreateTeam.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/settings/UpdateEyesOnSetting.json
*/
/**
- * Sample code: Creates incident teams group.
+ * Sample code: Update EyesOn settings.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createsIncidentTeamsGroup(
+ public static void updateEyesOnSettings(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .incidents()
- .createTeamWithResponse(
- "ambawolvese5resourcegroup",
- "AmbaE5WestCentralUS",
- "69a30280-6a4c-4aa7-9af0-5d63f335d600",
- new TeamProperties().withTeamName("Team name").withTeamDescription("Team description"),
- Context.NONE);
+ .productSettings()
+ .updateWithResponse(
+ "myRg",
+ "myWorkspace",
+ "EyesOn",
+ new EyesOn().withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\""),
+ com.azure.core.util.Context.NONE);
}
}
```
-### Incidents_Delete
+### ProductTemplateOperation_Get
```java
-import com.azure.core.util.Context;
-
-/** Samples for Incidents Delete. */
-public final class IncidentsDeleteSamples {
+/** Samples for ProductTemplateOperation Get. */
+public final class ProductTemplateOperationGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/DeleteIncident.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/contentTemplates/GetProductTemplateById.json
*/
/**
- * Sample code: Delete an incident.
+ * Sample code: Get a template.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void deleteAnIncident(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void getATemplate(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .incidents()
- .deleteWithResponse("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", Context.NONE);
+ .productTemplateOperations()
+ .getWithResponse(
+ "myRg", "myWorkspace", "8365ebfe-a381-45b7-ad08-7d818070e11f", com.azure.core.util.Context.NONE);
}
}
```
-### Incidents_Get
+### ProductTemplates_List
```java
-import com.azure.core.util.Context;
-
-/** Samples for Incidents Get. */
-public final class IncidentsGetSamples {
+/** Samples for ProductTemplates List. */
+public final class ProductTemplatesListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/GetIncidentById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/contentTemplates/GetProductTemplates.json
*/
/**
- * Sample code: Get an incident.
+ * Sample code: Get all installed templates.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAnIncident(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void getAllInstalledTemplates(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .incidents()
- .getWithResponse("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ab5", Context.NONE);
+ .productTemplates()
+ .list("myRg", "myWorkspace", null, null, null, null, com.azure.core.util.Context.NONE);
}
}
```
-### Incidents_List
+### SecurityMLAnalyticsSettings_CreateOrUpdate
```java
-import com.azure.core.util.Context;
+import com.azure.core.management.serializer.SerializerFactory;
+import com.azure.core.util.serializer.SerializerEncoding;
+import com.azure.resourcemanager.securityinsights.models.AnomalySecurityMLAnalyticsSettings;
+import com.azure.resourcemanager.securityinsights.models.AttackTactic;
+import com.azure.resourcemanager.securityinsights.models.SecurityMLAnalyticsSettingsDataSource;
+import com.azure.resourcemanager.securityinsights.models.SettingsStatus;
+import java.io.IOException;
+import java.time.Duration;
+import java.util.Arrays;
+import java.util.UUID;
-/** Samples for Incidents List. */
-public final class IncidentsListSamples {
+/** Samples for SecurityMLAnalyticsSettings CreateOrUpdate. */
+public final class SecurityMLAnalyticsSettingsCreateOrUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/GetIncidents.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/securityMLAnalyticsSettings/CreateAnomalySecurityMLAnalyticsSetting.json
*/
/**
- * Sample code: Get all incidents.
+ * Sample code: Creates or updates a Anomaly Security ML Analytics Settings.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllIncidents(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.incidents().list("myRg", "myWorkspace", null, "properties/createdTimeUtc desc", 1, null, Context.NONE);
+ public static void createsOrUpdatesAAnomalySecurityMLAnalyticsSettings(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) throws IOException {
+ manager
+ .securityMLAnalyticsSettings()
+ .createOrUpdateWithResponse(
+ "myRg",
+ "myWorkspace",
+ "f209187f-1d17-4431-94af-c141bf5f23db",
+ new AnomalySecurityMLAnalyticsSettings()
+ .withEtag("\"260090e2-0000-0d00-0000-5d6fb8670000\"")
+ .withDescription(
+ "When account logs from a source region that has rarely been logged in from during the last 14"
+ + " days, an anomaly is triggered.")
+ .withDisplayName("Login from unusual region")
+ .withEnabled(true)
+ .withRequiredDataConnectors(
+ Arrays
+ .asList(
+ new SecurityMLAnalyticsSettingsDataSource()
+ .withConnectorId("AWS")
+ .withDataTypes(Arrays.asList("AWSCloudTrail"))))
+ .withTactics(Arrays.asList(AttackTactic.EXFILTRATION, AttackTactic.COMMAND_AND_CONTROL))
+ .withTechniques(Arrays.asList("T1037", "T1021"))
+ .withAnomalyVersion("1.0.5")
+ .withCustomizableObservations(
+ SerializerFactory
+ .createDefaultManagementSerializerAdapter()
+ .deserialize(
+ "{\"multiSelectObservations\":null,\"prioritizeExcludeObservations\":null,\"singleSelectObservations\":[{\"name\":\"Device"
+ + " vendor\",\"description\":\"Select device vendor of network connection logs from"
+ + " CommonSecurityLog\",\"rerun\":\"RerunAlways\",\"sequenceNumber\":1,\"supportedValues\":[\"Palo"
+ + " Alto Networks\",\"Fortinet\",\"Check"
+ + " Point\"],\"supportedValuesKql\":null,\"value\":[\"Palo Alto"
+ + " Networks\"],\"valuesKql\":null}],\"singleValueObservations\":null,\"thresholdObservations\":[{\"name\":\"Daily"
+ + " data transfer threshold in MB\",\"description\":\"Suppress anomalies when daily"
+ + " data transfered (in MB) per hour is less than the chosen"
+ + " value\",\"maximum\":\"100\",\"minimum\":\"1\",\"rerun\":\"RerunAlways\",\"sequenceNumber\":1,\"value\":\"25\"},{\"name\":\"Number"
+ + " of standard deviations\",\"description\":\"Triggers anomalies when number of"
+ + " standard deviations is greater than the chosen"
+ + " value\",\"maximum\":\"10\",\"minimum\":\"2\",\"rerun\":\"RerunAlways\",\"sequenceNumber\":2,\"value\":\"3\"}]}",
+ Object.class,
+ SerializerEncoding.JSON))
+ .withFrequency(Duration.parse("PT1H"))
+ .withSettingsStatus(SettingsStatus.PRODUCTION)
+ .withIsDefaultSettings(true)
+ .withAnomalySettingsVersion(0)
+ .withSettingsDefinitionId(UUID.fromString("f209187f-1d17-4431-94af-c141bf5f23db")),
+ com.azure.core.util.Context.NONE);
}
}
```
-### Incidents_ListAlerts
+### SecurityMLAnalyticsSettings_Delete
```java
-import com.azure.core.util.Context;
-
-/** Samples for Incidents ListAlerts. */
-public final class IncidentsListAlertsSamples {
+/** Samples for SecurityMLAnalyticsSettings Delete. */
+public final class SecurityMLAnalyticsSettingsDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/GetAllIncidentAlerts.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/securityMLAnalyticsSettings/DeleteSecurityMLAnalyticsSetting.json
*/
/**
- * Sample code: Get all incident alerts.
+ * Sample code: Delete a Security ML Analytics Settings.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllIncidentAlerts(
+ public static void deleteASecurityMLAnalyticsSettings(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .incidents()
- .listAlertsWithResponse("myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", Context.NONE);
+ .securityMLAnalyticsSettings()
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "f209187f-1d17-4431-94af-c141bf5f23db", com.azure.core.util.Context.NONE);
}
}
```
-### Incidents_ListBookmarks
+### SecurityMLAnalyticsSettings_Get
```java
-import com.azure.core.util.Context;
-
-/** Samples for Incidents ListBookmarks. */
-public final class IncidentsListBookmarksSamples {
+/** Samples for SecurityMLAnalyticsSettings Get. */
+public final class SecurityMLAnalyticsSettingsGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/GetAllIncidentBookmarks.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/securityMLAnalyticsSettings/GetAnomalySecurityMLAnalyticsSetting.json
*/
/**
- * Sample code: Get all incident bookmarks.
+ * Sample code: Get a Anomaly Security ML Analytics Settings.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllIncidentBookmarks(
+ public static void getAAnomalySecurityMLAnalyticsSettings(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .incidents()
- .listBookmarksWithResponse("myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", Context.NONE);
+ .securityMLAnalyticsSettings()
+ .getWithResponse("myRg", "myWorkspace", "myFirstAnomalySettings", com.azure.core.util.Context.NONE);
}
}
```
-### Incidents_ListEntities
+### SecurityMLAnalyticsSettings_List
```java
-import com.azure.core.util.Context;
-
-/** Samples for Incidents ListEntities. */
-public final class IncidentsListEntitiesSamples {
+/** Samples for SecurityMLAnalyticsSettings List. */
+public final class SecurityMLAnalyticsSettingsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/incidents/entities/GetAllIncidentEntities.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/securityMLAnalyticsSettings/GetAllSecurityMLAnalyticsSettings.json
*/
/**
- * Sample code: Gets all incident related entities.
+ * Sample code: Get all Security ML Analytics Settings.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getsAllIncidentRelatedEntities(
+ public static void getAllSecurityMLAnalyticsSettings(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager
- .incidents()
- .listEntitiesWithResponse("myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", Context.NONE);
+ manager.securityMLAnalyticsSettings().list("myRg", "myWorkspace", com.azure.core.util.Context.NONE);
}
}
```
-### Incidents_RunPlaybook
+### SentinelOnboardingStates_Create
```java
-import com.azure.core.util.Context;
-
-/** Samples for Incidents RunPlaybook. */
-public final class IncidentsRunPlaybookSamples {
+/** Samples for SentinelOnboardingStates Create. */
+public final class SentinelOnboardingStatesCreateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/manualTrigger/Incidents_RunPlaybook.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/onboardingStates/CreateSentinelOnboardingState.json
*/
/**
- * Sample code: Incidents_RunPlaybook.
+ * Sample code: Create Sentinel onboarding state.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void incidentsRunPlaybook(
+ public static void createSentinelOnboardingState(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .incidents()
- .runPlaybookWithResponse("myRg", "myWorkspace", "73e01a99-5cd7-4139-a149-9f2736ff2ar4", null, Context.NONE);
+ .sentinelOnboardingStates()
+ .define("default")
+ .withExistingWorkspace("myRg", "myWorkspace")
+ .withCustomerManagedKey(false)
+ .create();
}
}
```
-### IpGeodata_Get
+### SentinelOnboardingStates_Delete
```java
-import com.azure.core.util.Context;
-
-/** Samples for IpGeodata Get. */
-public final class IpGeodataGetSamples {
+/** Samples for SentinelOnboardingStates Delete. */
+public final class SentinelOnboardingStatesDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/enrichment/GetGeodataByIp.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/onboardingStates/DeleteSentinelOnboardingState.json
*/
/**
- * Sample code: Get geodata for a single IP address.
+ * Sample code: Delete Sentinel onboarding state.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getGeodataForASingleIPAddress(
+ public static void deleteSentinelOnboardingState(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.ipGeodatas().getWithResponse("myRg", "1.2.3.4", Context.NONE);
+ manager
+ .sentinelOnboardingStates()
+ .deleteWithResponse("myRg", "myWorkspace", "default", com.azure.core.util.Context.NONE);
}
}
```
-### Metadata_Create
+### SentinelOnboardingStates_Get
```java
-import com.azure.resourcemanager.securityinsights.models.Kind;
-import com.azure.resourcemanager.securityinsights.models.MetadataAuthor;
-import com.azure.resourcemanager.securityinsights.models.MetadataCategories;
-import com.azure.resourcemanager.securityinsights.models.MetadataDependencies;
-import com.azure.resourcemanager.securityinsights.models.MetadataSource;
-import com.azure.resourcemanager.securityinsights.models.MetadataSupport;
-import com.azure.resourcemanager.securityinsights.models.Operator;
-import com.azure.resourcemanager.securityinsights.models.SourceKind;
-import com.azure.resourcemanager.securityinsights.models.SupportTier;
-import java.time.LocalDate;
-import java.util.Arrays;
-
-/** Samples for Metadata Create. */
-public final class MetadataCreateSamples {
+/** Samples for SentinelOnboardingStates Get. */
+public final class SentinelOnboardingStatesGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/metadata/PutMetadata.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/onboardingStates/GetSentinelOnboardingState.json
*/
/**
- * Sample code: Create/update full metadata.
+ * Sample code: Get Sentinel onboarding state.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createUpdateFullMetadata(
+ public static void getSentinelOnboardingState(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .metadatas()
- .define("metadataName")
- .withExistingWorkspace("myRg", "myWorkspace")
- .withContentId("c00ee137-7475-47c8-9cce-ec6f0f1bedd0")
- .withParentId(
- "/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/ruleName")
- .withVersion("1.0.0.0")
- .withKind(Kind.ANALYTICS_RULE)
- .withSource(
- new MetadataSource()
- .withKind(SourceKind.SOLUTION)
- .withName("Contoso Solution 1.0")
- .withSourceId("b688a130-76f4-4a07-bf57-762222a3cadf"))
- .withAuthor(new MetadataAuthor().withName("User Name").withEmail("email@microsoft.com"))
- .withSupport(
- new MetadataSupport()
- .withTier(SupportTier.PARTNER)
- .withName("Microsoft")
- .withEmail("support@microsoft.com")
- .withLink("https://support.microsoft.com/"))
- .withDependencies(
- new MetadataDependencies()
- .withOperator(Operator.AND)
- .withCriteria(
- Arrays
- .asList(
- new MetadataDependencies()
- .withOperator(Operator.OR)
- .withCriteria(
- Arrays
- .asList(
- new MetadataDependencies()
- .withContentId("045d06d0-ee72-4794-aba4-cf5646e4c756")
- .withKind(Kind.DATA_CONNECTOR)
- .withName("Microsoft Defender for Endpoint"),
- new MetadataDependencies()
- .withContentId("dbfcb2cc-d782-40ef-8d94-fe7af58a6f2d")
- .withKind(Kind.DATA_CONNECTOR),
- new MetadataDependencies()
- .withContentId("de4dca9b-eb37-47d6-a56f-b8b06b261593")
- .withKind(Kind.DATA_CONNECTOR)
- .withVersion("2.0"))),
- new MetadataDependencies()
- .withContentId("31ee11cc-9989-4de8-b176-5e0ef5c4dbab")
- .withKind(Kind.PLAYBOOK)
- .withVersion("1.0"),
- new MetadataDependencies()
- .withContentId("21ba424a-9438-4444-953a-7059539a7a1b")
- .withKind(Kind.PARSER))))
- .withCategories(
- new MetadataCategories()
- .withDomains(Arrays.asList("Application", "Security – Insider Threat"))
- .withVerticals(Arrays.asList("Healthcare")))
- .withProviders(Arrays.asList("Amazon", "Microsoft"))
- .withFirstPublishDate(LocalDate.parse("2021-05-18"))
- .withLastPublishDate(LocalDate.parse("2021-05-18"))
- .withCustomVersion("1.0")
- .withContentSchemaVersion("2.0")
- .withThreatAnalysisTactics(Arrays.asList("reconnaissance", "commandandcontrol"))
- .withThreatAnalysisTechniques(Arrays.asList("T1548", "T1548.001"))
- .withPreviewImages(Arrays.asList("firstImage.png", "secondImage.jpeg"))
- .withPreviewImagesDark(Arrays.asList("firstImageDark.png", "secondImageDark.jpeg"))
- .create();
+ .sentinelOnboardingStates()
+ .getWithResponse("myRg", "myWorkspace", "default", com.azure.core.util.Context.NONE);
}
+}
+```
+
+### SentinelOnboardingStates_List
+```java
+/** Samples for SentinelOnboardingStates List. */
+public final class SentinelOnboardingStatesListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/metadata/PutMetadataMinimal.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/onboardingStates/GetAllSentinelOnboardingStates.json
*/
/**
- * Sample code: Create/update minimal metadata.
+ * Sample code: Get all Sentinel onboarding states.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createUpdateMinimalMetadata(
+ public static void getAllSentinelOnboardingStates(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager
- .metadatas()
- .define("metadataName")
- .withExistingWorkspace("myRg", "myWorkspace")
- .withContentId("c00ee137-7475-47c8-9cce-ec6f0f1bedd0")
- .withParentId(
- "/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/ruleName")
- .withKind(Kind.ANALYTICS_RULE)
- .create();
+ manager.sentinelOnboardingStates().listWithResponse("myRg", "myWorkspace", com.azure.core.util.Context.NONE);
}
}
```
-### Metadata_Delete
+### SourceControl_ListRepositories
```java
-import com.azure.core.util.Context;
+import com.azure.resourcemanager.securityinsights.models.RepoType;
-/** Samples for Metadata Delete. */
-public final class MetadataDeleteSamples {
+/** Samples for SourceControl ListRepositories. */
+public final class SourceControlListRepositoriesSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/metadata/DeleteMetadata.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/repositories/GetRepositories.json
*/
/**
- * Sample code: Delete metadata.
+ * Sample code: Get repository list.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void deleteMetadata(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.metadatas().deleteWithResponse("myRg", "myWorkspace", "metadataName", Context.NONE);
+ public static void getRepositoryList(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .sourceControls()
+ .listRepositories("myRg", "myWorkspace", RepoType.GITHUB, com.azure.core.util.Context.NONE);
}
}
```
-### Metadata_Get
+### SourceControlsOperation_Create
```java
-import com.azure.core.util.Context;
+import com.azure.resourcemanager.securityinsights.models.ContentType;
+import com.azure.resourcemanager.securityinsights.models.RepoType;
+import com.azure.resourcemanager.securityinsights.models.Repository;
+import com.azure.resourcemanager.securityinsights.models.RepositoryAccess;
+import com.azure.resourcemanager.securityinsights.models.RepositoryAccessKind;
+import java.util.Arrays;
-/** Samples for Metadata Get. */
-public final class MetadataGetSamples {
+/** Samples for SourceControlsOperation Create. */
+public final class SourceControlsOperationCreateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/metadata/GetMetadata.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/sourcecontrols/CreateSourceControl.json
*/
/**
- * Sample code: Get single metadata by name.
+ * Sample code: Creates or updates a source control.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getSingleMetadataByName(
+ public static void createsOrUpdatesASourceControl(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.metadatas().getWithResponse("myRg", "myWorkspace", "metadataName", Context.NONE);
+ manager
+ .sourceControlsOperations()
+ .define("789e0c1f-4a3d-43ad-809c-e713b677b04a")
+ .withExistingWorkspace("myRg", "myWorkspace")
+ .withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\"")
+ .withDisplayName("My Source Control")
+ .withDescription("This is a source control")
+ .withRepoType(RepoType.GITHUB)
+ .withContentTypes(Arrays.asList(ContentType.fromString("AnalyticRules"), ContentType.WORKBOOK))
+ .withRepository(
+ new Repository()
+ .withUrl("https://github.com/user/repo")
+ .withBranch("master")
+ .withDisplayUrl("https://github.com/user/repo"))
+ .withRepositoryAccess(
+ new RepositoryAccess()
+ .withKind(RepositoryAccessKind.OAUTH)
+ .withCode("fakeTokenPlaceholder")
+ .withState("state")
+ .withClientId("54b3c2c0-1f48-4a1c-af9f-6399c3240b73"))
+ .create();
}
}
```
-### Metadata_List
+### SourceControlsOperation_Delete
```java
-import com.azure.core.util.Context;
+import com.azure.resourcemanager.securityinsights.models.RepositoryAccess;
+import com.azure.resourcemanager.securityinsights.models.RepositoryAccessKind;
+import com.azure.resourcemanager.securityinsights.models.SourceControlsDeleteRequestBody;
-/** Samples for Metadata List. */
-public final class MetadataListSamples {
+/** Samples for SourceControlsOperation Delete. */
+public final class SourceControlsOperationDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/metadata/GetAllMetadata.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/sourcecontrols/DeleteSourceControl.json
*/
/**
- * Sample code: Get all metadata.
+ * Sample code: Delete a source control.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllMetadata(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.metadatas().list("myRg", "myWorkspace", null, null, null, null, Context.NONE);
+ public static void deleteASourceControl(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .sourceControlsOperations()
+ .deleteWithResponse(
+ "myRg",
+ "myWorkspace",
+ "789e0c1f-4a3d-43ad-809c-e713b677b04a",
+ new SourceControlsDeleteRequestBody()
+ .withRepositoryAccess(
+ new RepositoryAccess()
+ .withKind(RepositoryAccessKind.OAUTH)
+ .withCode("fakeTokenPlaceholder")
+ .withState("state")
+ .withClientId("54b3c2c0-1f48-4a1c-af9f-6399c3240b73")),
+ com.azure.core.util.Context.NONE);
}
+}
+```
+
+### SourceControlsOperation_Get
+```java
+/** Samples for SourceControlsOperation Get. */
+public final class SourceControlsOperationGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/metadata/GetAllMetadataOData.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/sourcecontrols/GetSourceControlById.json
*/
/**
- * Sample code: Get all metadata with OData filter/orderby/skip/top.
+ * Sample code: Get a source control.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllMetadataWithODataFilterOrderbySkipTop(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.metadatas().list("myRg", "myWorkspace", null, null, null, null, Context.NONE);
+ public static void getASourceControl(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .sourceControlsOperations()
+ .getWithResponse(
+ "myRg", "myWorkspace", "789e0c1f-4a3d-43ad-809c-e713b677b04a", com.azure.core.util.Context.NONE);
}
}
```
-### Metadata_Update
+### SourceControlsOperation_List
```java
-import com.azure.core.util.Context;
-import com.azure.resourcemanager.securityinsights.models.MetadataAuthor;
-import com.azure.resourcemanager.securityinsights.models.MetadataModel;
-
-/** Samples for Metadata Update. */
-public final class MetadataUpdateSamples {
+/** Samples for SourceControlsOperation List. */
+public final class SourceControlsOperationListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/metadata/PatchMetadata.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/sourcecontrols/GetSourceControls.json
*/
/**
- * Sample code: Update metadata.
+ * Sample code: Get all source controls.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void updateMetadata(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- MetadataModel resource =
- manager.metadatas().getWithResponse("myRg", "myWorkspace", "metadataName", Context.NONE).getValue();
- resource
- .update()
- .withAuthor(new MetadataAuthor().withName("User Name").withEmail("email@microsoft.com"))
- .apply();
+ public static void getAllSourceControls(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager.sourceControlsOperations().list("myRg", "myWorkspace", com.azure.core.util.Context.NONE);
}
}
```
-### OfficeConsents_Delete
+### ThreatIntelligenceIndicator_AppendTags
```java
-import com.azure.core.util.Context;
+import com.azure.resourcemanager.securityinsights.models.ThreatIntelligenceAppendTags;
+import java.util.Arrays;
-/** Samples for OfficeConsents Delete. */
-public final class OfficeConsentsDeleteSamples {
+/** Samples for ThreatIntelligenceIndicator AppendTags. */
+public final class ThreatIntelligenceIndicatorAppendTagsSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/officeConsents/DeleteOfficeConsents.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/threatintelligence/AppendTagsThreatIntelligence.json
*/
/**
- * Sample code: Delete an office consent.
+ * Sample code: Append tags to a threat intelligence indicator.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void deleteAnOfficeConsent(
+ public static void appendTagsToAThreatIntelligenceIndicator(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .officeConsents()
- .deleteWithResponse("myRg", "myWorkspace", "04e5fd05-ff86-4b97-b8d2-1c20933cb46c", Context.NONE);
+ .threatIntelligenceIndicators()
+ .appendTagsWithResponse(
+ "myRg",
+ "myWorkspace",
+ "d9cd6f0b-96b9-3984-17cd-a779d1e15a93",
+ new ThreatIntelligenceAppendTags().withThreatIntelligenceTags(Arrays.asList("tag1", "tag2")),
+ com.azure.core.util.Context.NONE);
}
}
```
-### OfficeConsents_Get
+### ThreatIntelligenceIndicator_Create
```java
-import com.azure.core.util.Context;
+import com.azure.resourcemanager.securityinsights.models.ThreatIntelligenceIndicatorModel;
+import java.util.Arrays;
-/** Samples for OfficeConsents Get. */
-public final class OfficeConsentsGetSamples {
+/** Samples for ThreatIntelligenceIndicator Create. */
+public final class ThreatIntelligenceIndicatorCreateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/officeConsents/GetOfficeConsentsById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/threatintelligence/UpdateThreatIntelligence.json
*/
/**
- * Sample code: Get an office consent.
+ * Sample code: Update a threat Intelligence indicator.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAnOfficeConsent(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void updateAThreatIntelligenceIndicator(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .officeConsents()
- .getWithResponse("myRg", "myWorkspace", "04e5fd05-ff86-4b97-b8d2-1c20933cb46c", Context.NONE);
+ .threatIntelligenceIndicators()
+ .createWithResponse(
+ "myRg",
+ "myWorkspace",
+ "d9cd6f0b-96b9-3984-17cd-a779d1e15a93",
+ new ThreatIntelligenceIndicatorModel()
+ .withThreatIntelligenceTags(Arrays.asList("new schema"))
+ .withSource("Azure Sentinel")
+ .withDisplayName("new schema")
+ .withDescription("debugging indicators")
+ .withPattern("[url:value = 'https://www.contoso.com']")
+ .withPatternType("url")
+ .withKillChainPhases(Arrays.asList())
+ .withCreatedByRef("contoso@contoso.com")
+ .withExternalReferences(Arrays.asList())
+ .withGranularMarkings(Arrays.asList())
+ .withLabels(Arrays.asList())
+ .withRevoked(false)
+ .withConfidence(78)
+ .withThreatTypes(Arrays.asList("compromised"))
+ .withValidFrom("2020-04-15T17:44:00.114052Z")
+ .withValidUntil("")
+ .withModified(""),
+ com.azure.core.util.Context.NONE);
}
}
```
-### OfficeConsents_List
+### ThreatIntelligenceIndicator_CreateIndicator
```java
-import com.azure.core.util.Context;
+import com.azure.resourcemanager.securityinsights.models.ThreatIntelligenceIndicatorModel;
+import java.util.Arrays;
-/** Samples for OfficeConsents List. */
-public final class OfficeConsentsListSamples {
+/** Samples for ThreatIntelligenceIndicator CreateIndicator. */
+public final class ThreatIntelligenceIndicatorCreateIndicatorSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/officeConsents/GetOfficeConsents.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/threatintelligence/CreateThreatIntelligence.json
*/
/**
- * Sample code: Get all office consents.
+ * Sample code: Create a new Threat Intelligence.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllOfficeConsents(
+ public static void createANewThreatIntelligence(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.officeConsents().list("myRg", "myWorkspace", Context.NONE);
+ manager
+ .threatIntelligenceIndicators()
+ .createIndicatorWithResponse(
+ "myRg",
+ "myWorkspace",
+ new ThreatIntelligenceIndicatorModel()
+ .withThreatIntelligenceTags(Arrays.asList("new schema"))
+ .withSource("Azure Sentinel")
+ .withDisplayName("new schema")
+ .withDescription("debugging indicators")
+ .withPattern("[url:value = 'https://www.contoso.com']")
+ .withPatternType("url")
+ .withKillChainPhases(Arrays.asList())
+ .withCreatedByRef("contoso@contoso.com")
+ .withExternalReferences(Arrays.asList())
+ .withGranularMarkings(Arrays.asList())
+ .withLabels(Arrays.asList())
+ .withRevoked(false)
+ .withConfidence(78)
+ .withThreatTypes(Arrays.asList("compromised"))
+ .withValidFrom("2021-09-15T17:44:00.114052Z")
+ .withValidUntil("")
+ .withModified(""),
+ com.azure.core.util.Context.NONE);
}
}
```
-### Operations_List
+### ThreatIntelligenceIndicator_Delete
```java
-import com.azure.core.util.Context;
-
-/** Samples for Operations List. */
-public final class OperationsListSamples {
+/** Samples for ThreatIntelligenceIndicator Delete. */
+public final class ThreatIntelligenceIndicatorDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/operations/ListOperations.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/threatintelligence/DeleteThreatIntelligence.json
*/
/**
- * Sample code: Get all operations.
+ * Sample code: Delete a threat intelligence indicator.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllOperations(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.operations().list(Context.NONE);
+ public static void deleteAThreatIntelligenceIndicator(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .threatIntelligenceIndicators()
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "d9cd6f0b-96b9-3984-17cd-a779d1e15a93", com.azure.core.util.Context.NONE);
}
}
```
-### ProductSettings_Delete
+### ThreatIntelligenceIndicator_Get
```java
-import com.azure.core.util.Context;
-
-/** Samples for ProductSettings Delete. */
-public final class ProductSettingsDeleteSamples {
+/** Samples for ThreatIntelligenceIndicator Get. */
+public final class ThreatIntelligenceIndicatorGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/settings/DeleteEyesOnSetting.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/threatintelligence/GetThreatIntelligenceById.json
*/
/**
- * Sample code: Delete EyesOn settings.
+ * Sample code: View a threat intelligence indicator by name.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void deleteEyesOnSettings(
+ public static void viewAThreatIntelligenceIndicatorByName(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.productSettings().deleteWithResponse("myRg", "myWorkspace", "EyesOn", Context.NONE);
+ manager
+ .threatIntelligenceIndicators()
+ .getWithResponse(
+ "myRg", "myWorkspace", "e16ef847-962e-d7b6-9c8b-a33e4bd30e47", com.azure.core.util.Context.NONE);
}
}
```
-### ProductSettings_Get
+### ThreatIntelligenceIndicator_QueryIndicators
```java
-import com.azure.core.util.Context;
+import com.azure.resourcemanager.securityinsights.models.ThreatIntelligenceFilteringCriteria;
+import com.azure.resourcemanager.securityinsights.models.ThreatIntelligenceSortingCriteria;
+import com.azure.resourcemanager.securityinsights.models.ThreatIntelligenceSortingOrder;
+import java.util.Arrays;
-/** Samples for ProductSettings Get. */
-public final class ProductSettingsGetSamples {
+/** Samples for ThreatIntelligenceIndicator QueryIndicators. */
+public final class ThreatIntelligenceIndicatorQueryIndicatorsSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/settings/GetEyesOnSetting.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/threatintelligence/QueryThreatIntelligence.json
*/
/**
- * Sample code: Get EyesOn settings.
+ * Sample code: Query threat intelligence indicators as per filtering criteria.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getEyesOnSettings(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.productSettings().getWithResponse("myRg", "myWorkspace", "EyesOn", Context.NONE);
+ public static void queryThreatIntelligenceIndicatorsAsPerFilteringCriteria(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .threatIntelligenceIndicators()
+ .queryIndicators(
+ "myRg",
+ "myWorkspace",
+ new ThreatIntelligenceFilteringCriteria()
+ .withPageSize(100)
+ .withMinConfidence(25)
+ .withMaxConfidence(80)
+ .withMinValidUntil("2021-04-05T17:44:00.114052Z")
+ .withMaxValidUntil("2021-04-25T17:44:00.114052Z")
+ .withSortBy(
+ Arrays
+ .asList(
+ new ThreatIntelligenceSortingCriteria()
+ .withItemKey("fakeTokenPlaceholder")
+ .withSortOrder(ThreatIntelligenceSortingOrder.DESCENDING)))
+ .withSources(Arrays.asList("Azure Sentinel")),
+ com.azure.core.util.Context.NONE);
}
}
```
-### ProductSettings_List
+### ThreatIntelligenceIndicator_ReplaceTags
```java
-import com.azure.core.util.Context;
+import com.azure.resourcemanager.securityinsights.models.ThreatIntelligenceIndicatorModel;
+import java.util.Arrays;
-/** Samples for ProductSettings List. */
-public final class ProductSettingsListSamples {
+/** Samples for ThreatIntelligenceIndicator ReplaceTags. */
+public final class ThreatIntelligenceIndicatorReplaceTagsSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/settings/GetAllSettings.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/threatintelligence/ReplaceTagsThreatIntelligence.json
*/
/**
- * Sample code: Get all settings.
+ * Sample code: Replace tags to a Threat Intelligence.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllSettings(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.productSettings().listWithResponse("myRg", "myWorkspace", Context.NONE);
+ public static void replaceTagsToAThreatIntelligence(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .threatIntelligenceIndicators()
+ .replaceTagsWithResponse(
+ "myRg",
+ "myWorkspace",
+ "d9cd6f0b-96b9-3984-17cd-a779d1e15a93",
+ new ThreatIntelligenceIndicatorModel()
+ .withEtag("\"0000262c-0000-0800-0000-5e9767060000\"")
+ .withThreatIntelligenceTags(Arrays.asList("patching tags")),
+ com.azure.core.util.Context.NONE);
}
}
```
-### ProductSettings_Update
+### ThreatIntelligenceIndicatorMetrics_List
```java
-import com.azure.core.util.Context;
-import com.azure.resourcemanager.securityinsights.models.EyesOn;
-
-/** Samples for ProductSettings Update. */
-public final class ProductSettingsUpdateSamples {
+/** Samples for ThreatIntelligenceIndicatorMetrics List. */
+public final class ThreatIntelligenceIndicatorMetricsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/settings/UpdateEyesOnSetting.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/threatintelligence/CollectThreatIntelligenceMetrics.json
*/
/**
- * Sample code: Update EyesOn settings.
+ * Sample code: Get threat intelligence indicators metrics.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void updateEyesOnSettings(
+ public static void getThreatIntelligenceIndicatorsMetrics(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .productSettings()
- .updateWithResponse(
- "myRg",
- "myWorkspace",
- "EyesOn",
- new EyesOn().withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\""),
- Context.NONE);
+ .threatIntelligenceIndicatorMetrics()
+ .listWithResponse("myRg", "myWorkspace", com.azure.core.util.Context.NONE);
}
}
```
-### SecurityMLAnalyticsSettings_CreateOrUpdate
+### ThreatIntelligenceIndicatorsOperation_List
```java
-import com.azure.core.management.serializer.SerializerFactory;
-import com.azure.core.util.Context;
-import com.azure.core.util.serializer.SerializerEncoding;
-import com.azure.resourcemanager.securityinsights.models.AnomalySecurityMLAnalyticsSettings;
-import com.azure.resourcemanager.securityinsights.models.AttackTactic;
-import com.azure.resourcemanager.securityinsights.models.SecurityMLAnalyticsSettingsDataSource;
-import com.azure.resourcemanager.securityinsights.models.SettingsStatus;
-import java.io.IOException;
-import java.time.Duration;
-import java.util.Arrays;
-import java.util.UUID;
-
-/** Samples for SecurityMLAnalyticsSettings CreateOrUpdate. */
-public final class SecurityMLAnalyticsSettingsCreateOrUpdateSamples {
+/** Samples for ThreatIntelligenceIndicatorsOperation List. */
+public final class ThreatIntelligenceIndicatorsOperationListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/securityMLAnalyticsSettings/CreateAnomalySecurityMLAnalyticsSetting.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/threatintelligence/GetThreatIntelligence.json
*/
/**
- * Sample code: Creates or updates a Anomaly Security ML Analytics Settings.
+ * Sample code: Get all threat intelligence indicators.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createsOrUpdatesAAnomalySecurityMLAnalyticsSettings(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) throws IOException {
- manager
- .securityMLAnalyticsSettings()
- .createOrUpdateWithResponse(
- "myRg",
- "myWorkspace",
- "f209187f-1d17-4431-94af-c141bf5f23db",
- new AnomalySecurityMLAnalyticsSettings()
- .withEtag("\"260090e2-0000-0d00-0000-5d6fb8670000\"")
- .withDescription(
- "When account logs from a source region that has rarely been logged in from during the last 14"
- + " days, an anomaly is triggered.")
- .withDisplayName("Login from unusual region")
- .withEnabled(true)
- .withRequiredDataConnectors(
- Arrays
- .asList(
- new SecurityMLAnalyticsSettingsDataSource()
- .withConnectorId("AWS")
- .withDataTypes(Arrays.asList("AWSCloudTrail"))))
- .withTactics(Arrays.asList(AttackTactic.EXFILTRATION, AttackTactic.COMMAND_AND_CONTROL))
- .withTechniques(Arrays.asList("T1037", "T1021"))
- .withAnomalyVersion("1.0.5")
- .withCustomizableObservations(
- SerializerFactory
- .createDefaultManagementSerializerAdapter()
- .deserialize(
- "{\"multiSelectObservations\":null,\"prioritizeExcludeObservations\":null,\"singleSelectObservations\":[{\"name\":\"Device"
- + " vendor\",\"description\":\"Select device vendor of network connection logs from"
- + " CommonSecurityLog\",\"rerun\":\"RerunAlways\",\"sequenceNumber\":1,\"supportedValues\":[\"Palo"
- + " Alto Networks\",\"Fortinet\",\"Check"
- + " Point\"],\"supportedValuesKql\":null,\"value\":[\"Palo Alto"
- + " Networks\"],\"valuesKql\":null}],\"singleValueObservations\":null,\"thresholdObservations\":[{\"name\":\"Daily"
- + " data transfer threshold in MB\",\"description\":\"Suppress anomalies when daily"
- + " data transfered (in MB) per hour is less than the chosen"
- + " value\",\"maximum\":\"100\",\"minimum\":\"1\",\"rerun\":\"RerunAlways\",\"sequenceNumber\":1,\"value\":\"25\"},{\"name\":\"Number"
- + " of standard deviations\",\"description\":\"Triggers anomalies when number of"
- + " standard deviations is greater than the chosen"
- + " value\",\"maximum\":\"10\",\"minimum\":\"2\",\"rerun\":\"RerunAlways\",\"sequenceNumber\":2,\"value\":\"3\"}]}",
- Object.class,
- SerializerEncoding.JSON))
- .withFrequency(Duration.parse("PT1H"))
- .withSettingsStatus(SettingsStatus.PRODUCTION)
- .withIsDefaultSettings(true)
- .withAnomalySettingsVersion(0)
- .withSettingsDefinitionId(UUID.fromString("f209187f-1d17-4431-94af-c141bf5f23db")),
- Context.NONE);
+ public static void getAllThreatIntelligenceIndicators(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .threatIntelligenceIndicatorsOperations()
+ .list("myRg", "myWorkspace", null, null, null, null, com.azure.core.util.Context.NONE);
}
}
```
-### SecurityMLAnalyticsSettings_Delete
+### TriggeredAnalyticsRuleRunOperation_Get
```java
-import com.azure.core.util.Context;
-
-/** Samples for SecurityMLAnalyticsSettings Delete. */
-public final class SecurityMLAnalyticsSettingsDeleteSamples {
+/** Samples for TriggeredAnalyticsRuleRunOperation Get. */
+public final class TriggeredAnalyticsRuleRunOperationGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/securityMLAnalyticsSettings/DeleteSecurityMLAnalyticsSetting.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/triggeredAnalyticsRuleRuns/triggeredAnalyticsRuleRun_Get.json
*/
/**
- * Sample code: Delete a Security ML Analytics Settings.
+ * Sample code: triggeredAnalyticsRuleRun_Get.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void deleteASecurityMLAnalyticsSettings(
+ public static void triggeredAnalyticsRuleRunGet(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .securityMLAnalyticsSettings()
- .deleteWithResponse("myRg", "myWorkspace", "f209187f-1d17-4431-94af-c141bf5f23db", Context.NONE);
+ .triggeredAnalyticsRuleRunOperations()
+ .getWithResponse(
+ "myRg", "myWorkspace", "65360bb0-8986-4ade-a89d-af3cf44d28aa", com.azure.core.util.Context.NONE);
}
}
```
-### SecurityMLAnalyticsSettings_Get
+### Update_Recommendation
```java
-import com.azure.core.util.Context;
+import com.azure.resourcemanager.securityinsights.models.RecommendationPatch;
+import com.azure.resourcemanager.securityinsights.models.State;
+import java.util.Arrays;
+import java.util.UUID;
-/** Samples for SecurityMLAnalyticsSettings Get. */
-public final class SecurityMLAnalyticsSettingsGetSamples {
+/** Samples for Update Recommendation. */
+public final class UpdateRecommendationSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/securityMLAnalyticsSettings/GetAnomalySecurityMLAnalyticsSetting.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/recommendations/PatchRecommendation.json
*/
/**
- * Sample code: Get a Anomaly Security ML Analytics Settings.
+ * Sample code: Creates a recommendation.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAAnomalySecurityMLAnalyticsSettings(
+ public static void createsARecommendation(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .securityMLAnalyticsSettings()
- .getWithResponse("myRg", "myWorkspace", "myFirstAnomalySettings", Context.NONE);
+ .updates()
+ .recommendation(
+ "myRg",
+ "myWorkspace",
+ UUID.fromString("6d4b54eb-8684-4aa3-a156-3aa37b8014bc"),
+ Arrays.asList(new RecommendationPatch().withState(State.ACTIVE)),
+ com.azure.core.util.Context.NONE);
}
}
```
-### SecurityMLAnalyticsSettings_List
+### WatchlistItems_CreateOrUpdate
```java
-import com.azure.core.util.Context;
+import java.util.HashMap;
+import java.util.Map;
-/** Samples for SecurityMLAnalyticsSettings List. */
-public final class SecurityMLAnalyticsSettingsListSamples {
+/** Samples for WatchlistItems CreateOrUpdate. */
+public final class WatchlistItemsCreateOrUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/securityMLAnalyticsSettings/GetAllSecurityMLAnalyticsSettings.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/watchlists/CreateWatchlistItem.json
*/
/**
- * Sample code: Get all Security ML Analytics Settings.
+ * Sample code: Creates or updates a watchlist item.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllSecurityMLAnalyticsSettings(
+ public static void createsOrUpdatesAWatchlistItem(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.securityMLAnalyticsSettings().list("myRg", "myWorkspace", Context.NONE);
+ manager
+ .watchlistItems()
+ .define("82ba292c-dc97-4dfc-969d-d4dd9e666842")
+ .withExistingWatchlist("myRg", "myWorkspace", "highValueAsset")
+ .withEtag("0300bf09-0000-0000-0000-5c37296e0000")
+ .withItemsKeyValue(
+ mapOf(
+ "Business tier",
+ "10.0.2.0/24",
+ "Data tier",
+ "10.0.2.0/24",
+ "Gateway subnet",
+ "10.0.255.224/27",
+ "Private DMZ in",
+ "10.0.0.0/27",
+ "Public DMZ out",
+ "10.0.0.96/27",
+ "Web Tier",
+ "10.0.1.0/24"))
+ .create();
+ }
+
+ // Use "Map.of" if available
+ @SuppressWarnings("unchecked")
+ private static Map mapOf(Object... inputs) {
+ Map map = new HashMap<>();
+ for (int i = 0; i < inputs.length; i += 2) {
+ String key = (String) inputs[i];
+ T value = (T) inputs[i + 1];
+ map.put(key, value);
+ }
+ return map;
}
}
```
-### SentinelOnboardingStates_Create
+### WatchlistItems_Delete
```java
-/** Samples for SentinelOnboardingStates Create. */
-public final class SentinelOnboardingStatesCreateSamples {
+/** Samples for WatchlistItems Delete. */
+public final class WatchlistItemsDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/onboardingStates/CreateSentinelOnboardingState.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/watchlists/DeleteWatchlistItem.json
*/
/**
- * Sample code: Create Sentinel onboarding state.
+ * Sample code: Delete a watchlist Item.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createSentinelOnboardingState(
+ public static void deleteAWatchlistItem(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .sentinelOnboardingStates()
- .define("default")
- .withExistingWorkspace("myRg", "myWorkspace")
- .withCustomerManagedKey(false)
- .create();
+ .watchlistItems()
+ .deleteWithResponse(
+ "myRg",
+ "myWorkspace",
+ "highValueAsset",
+ "4008512e-1d30-48b2-9ee2-d3612ed9d3ea",
+ com.azure.core.util.Context.NONE);
}
}
```
-### SentinelOnboardingStates_Delete
+### WatchlistItems_Get
```java
-import com.azure.core.util.Context;
-
-/** Samples for SentinelOnboardingStates Delete. */
-public final class SentinelOnboardingStatesDeleteSamples {
+/** Samples for WatchlistItems Get. */
+public final class WatchlistItemsGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/onboardingStates/DeleteSentinelOnboardingState.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/watchlists/GetWatchlistItemById.json
*/
/**
- * Sample code: Delete Sentinel onboarding state.
+ * Sample code: Get a watchlist item.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void deleteSentinelOnboardingState(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.sentinelOnboardingStates().deleteWithResponse("myRg", "myWorkspace", "default", Context.NONE);
+ public static void getAWatchlistItem(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .watchlistItems()
+ .getWithResponse(
+ "myRg",
+ "myWorkspace",
+ "highValueAsset",
+ "3f8901fe-63d9-4875-9ad5-9fb3b8105797",
+ com.azure.core.util.Context.NONE);
}
}
```
-### SentinelOnboardingStates_Get
+### WatchlistItems_List
```java
-import com.azure.core.util.Context;
-
-/** Samples for SentinelOnboardingStates Get. */
-public final class SentinelOnboardingStatesGetSamples {
+/** Samples for WatchlistItems List. */
+public final class WatchlistItemsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/onboardingStates/GetSentinelOnboardingState.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/watchlists/GetWatchlistItems.json
*/
/**
- * Sample code: Get Sentinel onboarding state.
+ * Sample code: Get all watchlist Items.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getSentinelOnboardingState(
+ public static void getAllWatchlistItems(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.sentinelOnboardingStates().getWithResponse("myRg", "myWorkspace", "default", Context.NONE);
+ manager.watchlistItems().list("myRg", "myWorkspace", "highValueAsset", null, com.azure.core.util.Context.NONE);
}
}
```
-### SentinelOnboardingStates_List
+### Watchlists_CreateOrUpdate
```java
-import com.azure.core.util.Context;
+import com.azure.resourcemanager.securityinsights.models.SourceType;
-/** Samples for SentinelOnboardingStates List. */
-public final class SentinelOnboardingStatesListSamples {
+/** Samples for Watchlists CreateOrUpdate. */
+public final class WatchlistsCreateOrUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/onboardingStates/GetAllSentinelOnboardingStates.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/watchlists/CreateWatchlistAndWatchlistItems.json
*/
/**
- * Sample code: Get all Sentinel onboarding states.
+ * Sample code: Creates or updates a watchlist and bulk creates watchlist items.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllSentinelOnboardingStates(
+ public static void createsOrUpdatesAWatchlistAndBulkCreatesWatchlistItems(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .watchlists()
+ .define("highValueAsset")
+ .withExistingWorkspace("myRg", "myWorkspace")
+ .withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\"")
+ .withDisplayName("High Value Assets Watchlist")
+ .withProvider("Microsoft")
+ .withSource("watchlist.csv")
+ .withSourceType(SourceType.LOCAL_FILE)
+ .withDescription("Watchlist from CSV content")
+ .withNumberOfLinesToSkip(1)
+ .withRawContent("This line will be skipped\nheader1,header2\nvalue1,value2")
+ .withItemsSearchKey("header1")
+ .withContentType("text/csv")
+ .create();
+ }
+
+ /*
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/watchlists/CreateWatchlist.json
+ */
+ /**
+ * Sample code: Creates or updates a watchlist.
+ *
+ * @param manager Entry point to SecurityInsightsManager.
+ */
+ public static void createsOrUpdatesAWatchlist(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.sentinelOnboardingStates().listWithResponse("myRg", "myWorkspace", Context.NONE);
+ manager
+ .watchlists()
+ .define("highValueAsset")
+ .withExistingWorkspace("myRg", "myWorkspace")
+ .withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\"")
+ .withDisplayName("High Value Assets Watchlist")
+ .withProvider("Microsoft")
+ .withSource("watchlist.csv")
+ .withSourceType(SourceType.LOCAL_FILE)
+ .withDescription("Watchlist from CSV content")
+ .withItemsSearchKey("header1")
+ .create();
}
}
```
-### SourceControl_ListRepositories
+### Watchlists_Delete
```java
-import com.azure.core.util.Context;
-import com.azure.resourcemanager.securityinsights.models.RepoType;
-
-/** Samples for SourceControl ListRepositories. */
-public final class SourceControlListRepositoriesSamples {
+/** Samples for Watchlists Delete. */
+public final class WatchlistsDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/repositories/GetRepositories.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/watchlists/DeleteWatchlist.json
*/
/**
- * Sample code: Get repository list.
+ * Sample code: Delete a watchlist.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getRepositoryList(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.sourceControls().listRepositories("myRg", "myWorkspace", RepoType.GITHUB, Context.NONE);
+ public static void deleteAWatchlist(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .watchlists()
+ .deleteWithResponse("myRg", "myWorkspace", "highValueAsset", com.azure.core.util.Context.NONE);
}
}
```
-### SourceControlsOperation_Create
+### Watchlists_Get
```java
-import com.azure.resourcemanager.securityinsights.models.ContentPathMap;
-import com.azure.resourcemanager.securityinsights.models.ContentType;
-import com.azure.resourcemanager.securityinsights.models.RepoType;
-import com.azure.resourcemanager.securityinsights.models.Repository;
-import java.util.Arrays;
-
-/** Samples for SourceControlsOperation Create. */
-public final class SourceControlsOperationCreateSamples {
+/** Samples for Watchlists Get. */
+public final class WatchlistsGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/sourcecontrols/CreateSourceControl.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/watchlists/GetWatchlistByAlias.json
*/
/**
- * Sample code: Creates a source control.
+ * Sample code: Get a watchlist.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createsASourceControl(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager
- .sourceControlsOperations()
- .define("789e0c1f-4a3d-43ad-809c-e713b677b04a")
- .withExistingWorkspace("myRg", "myWorkspace")
- .withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\"")
- .withDisplayName("My Source Control")
- .withDescription("This is a source control")
- .withRepoType(RepoType.GITHUB)
- .withContentTypes(Arrays.asList(ContentType.fromString("AnalyticRules"), ContentType.WORKBOOK))
- .withRepository(
- new Repository()
- .withUrl("https://github.com/user/repo")
- .withBranch("master")
- .withDisplayUrl("https://github.com/user/repo")
- .withPathMapping(
- Arrays
- .asList(
- new ContentPathMap()
- .withContentType(ContentType.fromString("AnalyticRules"))
- .withPath("path/to/rules"),
- new ContentPathMap()
- .withContentType(ContentType.WORKBOOK)
- .withPath("path/to/workbooks"))))
- .create();
+ public static void getAWatchlist(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager.watchlists().getWithResponse("myRg", "myWorkspace", "highValueAsset", com.azure.core.util.Context.NONE);
}
}
```
-### SourceControlsOperation_Delete
+### Watchlists_List
```java
-import com.azure.core.util.Context;
-
-/** Samples for SourceControlsOperation Delete. */
-public final class SourceControlsOperationDeleteSamples {
+/** Samples for Watchlists List. */
+public final class WatchlistsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/sourcecontrols/DeleteSourceControl.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/watchlists/GetWatchlists.json
*/
/**
- * Sample code: Delete a source control.
+ * Sample code: Get all watchlists.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void deleteASourceControl(
- com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager
- .sourceControlsOperations()
- .deleteWithResponse("myRg", "myWorkspace", "789e0c1f-4a3d-43ad-809c-e713b677b04a", Context.NONE);
+ public static void getAllWatchlists(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager.watchlists().list("myRg", "myWorkspace", null, com.azure.core.util.Context.NONE);
}
}
```
-### SourceControlsOperation_Get
+### WorkspaceManagerAssignmentJobs_Create
```java
-import com.azure.core.util.Context;
-
-/** Samples for SourceControlsOperation Get. */
-public final class SourceControlsOperationGetSamples {
+/** Samples for WorkspaceManagerAssignmentJobs Create. */
+public final class WorkspaceManagerAssignmentJobsCreateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/sourcecontrols/GetSourceControlById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/workspaceManagerAssignments/CreateJob.json
*/
/**
- * Sample code: Get a source control.
+ * Sample code: Creates a job for the specified workspace manager assignment.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getASourceControl(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void createsAJobForTheSpecifiedWorkspaceManagerAssignment(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .sourceControlsOperations()
- .getWithResponse("myRg", "myWorkspace", "789e0c1f-4a3d-43ad-809c-e713b677b04a", Context.NONE);
+ .workspaceManagerAssignmentJobs()
+ .createWithResponse(
+ "myRg", "myWorkspace", "47cdc5f5-37c4-47b5-bd5f-83c84b8bdd58", com.azure.core.util.Context.NONE);
}
}
```
-### SourceControlsOperation_List
+### WorkspaceManagerAssignmentJobs_Delete
```java
-import com.azure.core.util.Context;
-
-/** Samples for SourceControlsOperation List. */
-public final class SourceControlsOperationListSamples {
+/** Samples for WorkspaceManagerAssignmentJobs Delete. */
+public final class WorkspaceManagerAssignmentJobsDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/sourcecontrols/GetSourceControls.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/workspaceManagerAssignments/DeleteJob.json
*/
/**
- * Sample code: Get all source controls.
+ * Sample code: Delete a workspace manager job.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllSourceControls(
+ public static void deleteAWorkspaceManagerJob(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.sourceControlsOperations().list("myRg", "myWorkspace", Context.NONE);
+ manager
+ .workspaceManagerAssignmentJobs()
+ .deleteWithResponse(
+ "myRg",
+ "myWorkspace",
+ "47cdc5f5-37c4-47b5-bd5f-83c84b8bdd58",
+ "cfbe1338-8276-4d5d-8b96-931117f9fa0e",
+ com.azure.core.util.Context.NONE);
}
}
```
-### ThreatIntelligenceIndicator_AppendTags
+### WorkspaceManagerAssignmentJobs_Get
```java
-import com.azure.core.util.Context;
-import com.azure.resourcemanager.securityinsights.models.ThreatIntelligenceAppendTags;
-import java.util.Arrays;
-
-/** Samples for ThreatIntelligenceIndicator AppendTags. */
-public final class ThreatIntelligenceIndicatorAppendTagsSamples {
+/** Samples for WorkspaceManagerAssignmentJobs Get. */
+public final class WorkspaceManagerAssignmentJobsGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/threatintelligence/AppendTagsThreatIntelligence.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/workspaceManagerAssignments/GetJob.json
*/
/**
- * Sample code: Append tags to a threat intelligence indicator.
+ * Sample code: Get a workspace manager job.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void appendTagsToAThreatIntelligenceIndicator(
+ public static void getAWorkspaceManagerJob(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .threatIntelligenceIndicators()
- .appendTagsWithResponse(
+ .workspaceManagerAssignmentJobs()
+ .getWithResponse(
"myRg",
"myWorkspace",
- "d9cd6f0b-96b9-3984-17cd-a779d1e15a93",
- new ThreatIntelligenceAppendTags().withThreatIntelligenceTags(Arrays.asList("tag1", "tag2")),
- Context.NONE);
+ "47cdc5f5-37c4-47b5-bd5f-83c84b8bdd58",
+ "cfbe1338-8276-4d5d-8b96-931117f9fa0e",
+ com.azure.core.util.Context.NONE);
}
}
```
-### ThreatIntelligenceIndicator_Create
-
-```java
-import com.azure.core.util.Context;
-import com.azure.resourcemanager.securityinsights.models.ThreatIntelligenceIndicatorModel;
-import java.util.Arrays;
+### WorkspaceManagerAssignmentJobs_List
-/** Samples for ThreatIntelligenceIndicator Create. */
-public final class ThreatIntelligenceIndicatorCreateSamples {
+```java
+/** Samples for WorkspaceManagerAssignmentJobs List. */
+public final class WorkspaceManagerAssignmentJobsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/threatintelligence/UpdateThreatIntelligence.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/workspaceManagerAssignments/GetAllJobs.json
*/
/**
- * Sample code: Update a threat Intelligence indicator.
+ * Sample code: Get all jobs for the specified Sentinel workspace manager assignment.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void updateAThreatIntelligenceIndicator(
+ public static void getAllJobsForTheSpecifiedSentinelWorkspaceManagerAssignment(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .threatIntelligenceIndicators()
- .createWithResponse(
+ .workspaceManagerAssignmentJobs()
+ .list(
"myRg",
"myWorkspace",
- "d9cd6f0b-96b9-3984-17cd-a779d1e15a93",
- new ThreatIntelligenceIndicatorModel()
- .withThreatIntelligenceTags(Arrays.asList("new schema"))
- .withSource("Azure Sentinel")
- .withDisplayName("new schema")
- .withDescription("debugging indicators")
- .withPattern("[url:value = 'https://www.contoso.com']")
- .withPatternType("url")
- .withKillChainPhases(Arrays.asList())
- .withCreatedByRef("contoso@contoso.com")
- .withExternalReferences(Arrays.asList())
- .withGranularMarkings(Arrays.asList())
- .withLabels(Arrays.asList())
- .withRevoked(false)
- .withConfidence(78)
- .withThreatTypes(Arrays.asList("compromised"))
- .withValidFrom("2020-04-15T17:44:00.114052Z")
- .withValidUntil("")
- .withModified(""),
- Context.NONE);
+ "47cdc5f5-37c4-47b5-bd5f-83c84b8bdd58",
+ null,
+ null,
+ null,
+ com.azure.core.util.Context.NONE);
}
}
```
-### ThreatIntelligenceIndicator_CreateIndicator
+### WorkspaceManagerAssignments_CreateOrUpdate
```java
-import com.azure.core.util.Context;
-import com.azure.resourcemanager.securityinsights.models.ThreatIntelligenceIndicatorModel;
+import com.azure.resourcemanager.securityinsights.models.AssignmentItem;
import java.util.Arrays;
-/** Samples for ThreatIntelligenceIndicator CreateIndicator. */
-public final class ThreatIntelligenceIndicatorCreateIndicatorSamples {
+/** Samples for WorkspaceManagerAssignments CreateOrUpdate. */
+public final class WorkspaceManagerAssignmentsCreateOrUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/threatintelligence/CreateThreatIntelligence.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/workspaceManagerAssignments/CreateOrUpdateWorkspaceManagerAssignment.json
*/
/**
- * Sample code: Create a new Threat Intelligence.
+ * Sample code: Creates or updates a workspace manager assignment.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createANewThreatIntelligence(
+ public static void createsOrUpdatesAWorkspaceManagerAssignment(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .threatIntelligenceIndicators()
- .createIndicatorWithResponse(
- "myRg",
- "myWorkspace",
- new ThreatIntelligenceIndicatorModel()
- .withThreatIntelligenceTags(Arrays.asList("new schema"))
- .withSource("Azure Sentinel")
- .withDisplayName("new schema")
- .withDescription("debugging indicators")
- .withPattern("[url:value = 'https://www.contoso.com']")
- .withPatternType("url")
- .withKillChainPhases(Arrays.asList())
- .withCreatedByRef("contoso@contoso.com")
- .withExternalReferences(Arrays.asList())
- .withGranularMarkings(Arrays.asList())
- .withLabels(Arrays.asList())
- .withRevoked(false)
- .withConfidence(78)
- .withThreatTypes(Arrays.asList("compromised"))
- .withValidFrom("2021-09-15T17:44:00.114052Z")
- .withValidUntil("")
- .withModified(""),
- Context.NONE);
+ .workspaceManagerAssignments()
+ .define("47cdc5f5-37c4-47b5-bd5f-83c84b8bdd58")
+ .withExistingWorkspace("myRg", "myWorkspace")
+ .withTargetResourceName("37207a7a-3b8a-438f-a559-c7df400e1b96")
+ .withItems(
+ Arrays
+ .asList(
+ new AssignmentItem()
+ .withResourceId(
+ "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspac-es/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/microsoftSecurityIncidentCreationRuleExampleOne"),
+ new AssignmentItem()
+ .withResourceId(
+ "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspac-es/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/microsoftSecurityIncidentCreationRuleExampleTwo")))
+ .create();
}
}
```
-### ThreatIntelligenceIndicator_Delete
+### WorkspaceManagerAssignments_Delete
```java
-import com.azure.core.util.Context;
-
-/** Samples for ThreatIntelligenceIndicator Delete. */
-public final class ThreatIntelligenceIndicatorDeleteSamples {
+/** Samples for WorkspaceManagerAssignments Delete. */
+public final class WorkspaceManagerAssignmentsDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/threatintelligence/DeleteThreatIntelligence.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/workspaceManagerAssignments/DeleteWorkspaceManagerAssignment.json
*/
/**
- * Sample code: Delete a threat intelligence indicator.
+ * Sample code: Delete a workspace manager assignment.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void deleteAThreatIntelligenceIndicator(
+ public static void deleteAWorkspaceManagerAssignment(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .threatIntelligenceIndicators()
- .deleteWithResponse("myRg", "myWorkspace", "d9cd6f0b-96b9-3984-17cd-a779d1e15a93", Context.NONE);
+ .workspaceManagerAssignments()
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "47cdc5f5-37c4-47b5-bd5f-83c84b8bdd58", com.azure.core.util.Context.NONE);
}
}
```
-### ThreatIntelligenceIndicator_Get
+### WorkspaceManagerAssignments_Get
```java
-import com.azure.core.util.Context;
-
-/** Samples for ThreatIntelligenceIndicator Get. */
-public final class ThreatIntelligenceIndicatorGetSamples {
+/** Samples for WorkspaceManagerAssignments Get. */
+public final class WorkspaceManagerAssignmentsGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/threatintelligence/GetThreatIntelligenceById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/workspaceManagerAssignments/GetWorkspaceManagerAssignment.json
*/
/**
- * Sample code: View a threat intelligence indicator by name.
+ * Sample code: Get a workspace manager assignment.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void viewAThreatIntelligenceIndicatorByName(
+ public static void getAWorkspaceManagerAssignment(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .threatIntelligenceIndicators()
- .getWithResponse("myRg", "myWorkspace", "e16ef847-962e-d7b6-9c8b-a33e4bd30e47", Context.NONE);
+ .workspaceManagerAssignments()
+ .getWithResponse(
+ "myRg", "myWorkspace", "47cdc5f5-37c4-47b5-bd5f-83c84b8bdd58", com.azure.core.util.Context.NONE);
}
}
```
-### ThreatIntelligenceIndicator_QueryIndicators
+### WorkspaceManagerAssignments_List
```java
-import com.azure.core.util.Context;
-import com.azure.resourcemanager.securityinsights.models.ThreatIntelligenceFilteringCriteria;
-import com.azure.resourcemanager.securityinsights.models.ThreatIntelligenceSortingCriteria;
-import com.azure.resourcemanager.securityinsights.models.ThreatIntelligenceSortingCriteriaEnum;
-import java.util.Arrays;
-
-/** Samples for ThreatIntelligenceIndicator QueryIndicators. */
-public final class ThreatIntelligenceIndicatorQueryIndicatorsSamples {
+/** Samples for WorkspaceManagerAssignments List. */
+public final class WorkspaceManagerAssignmentsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/threatintelligence/QueryThreatIntelligence.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/workspaceManagerAssignments/GetAllWorkspaceManagerAssignments.json
*/
/**
- * Sample code: Query threat intelligence indicators as per filtering criteria.
+ * Sample code: Get all workspace manager assignments for the Sentinel workspace manager.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void queryThreatIntelligenceIndicatorsAsPerFilteringCriteria(
+ public static void getAllWorkspaceManagerAssignmentsForTheSentinelWorkspaceManager(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .threatIntelligenceIndicators()
- .queryIndicators(
- "myRg",
- "myWorkspace",
- new ThreatIntelligenceFilteringCriteria()
- .withPageSize(100)
- .withMinConfidence(25)
- .withMaxConfidence(80)
- .withMinValidUntil("2021-04-05T17:44:00.114052Z")
- .withMaxValidUntil("2021-04-25T17:44:00.114052Z")
- .withSortBy(
- Arrays
- .asList(
- new ThreatIntelligenceSortingCriteria()
- .withItemKey("lastUpdatedTimeUtc")
- .withSortOrder(ThreatIntelligenceSortingCriteriaEnum.DESCENDING)))
- .withSources(Arrays.asList("Azure Sentinel")),
- Context.NONE);
+ .workspaceManagerAssignments()
+ .list("myRg", "myWorkspace", null, null, null, com.azure.core.util.Context.NONE);
}
}
```
-### ThreatIntelligenceIndicator_ReplaceTags
+### WorkspaceManagerConfigurations_CreateOrUpdate
```java
-import com.azure.core.util.Context;
-import com.azure.resourcemanager.securityinsights.models.ThreatIntelligenceIndicatorModel;
-import java.util.Arrays;
+import com.azure.resourcemanager.securityinsights.models.Mode;
-/** Samples for ThreatIntelligenceIndicator ReplaceTags. */
-public final class ThreatIntelligenceIndicatorReplaceTagsSamples {
+/** Samples for WorkspaceManagerConfigurations CreateOrUpdate. */
+public final class WorkspaceManagerConfigurationsCreateOrUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/threatintelligence/ReplaceTagsThreatIntelligence.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/workspaceManagerConfigurations/CreateOrUpdateWorkspaceManagerConfiguration.json
*/
/**
- * Sample code: Replace tags to a Threat Intelligence.
+ * Sample code: Create or Update a workspace manager Configuration.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void replaceTagsToAThreatIntelligence(
+ public static void createOrUpdateAWorkspaceManagerConfiguration(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .threatIntelligenceIndicators()
- .replaceTagsWithResponse(
- "myRg",
- "myWorkspace",
- "d9cd6f0b-96b9-3984-17cd-a779d1e15a93",
- new ThreatIntelligenceIndicatorModel()
- .withEtag("\"0000262c-0000-0800-0000-5e9767060000\"")
- .withThreatIntelligenceTags(Arrays.asList("patching tags")),
- Context.NONE);
+ .workspaceManagerConfigurations()
+ .define("default")
+ .withExistingWorkspace("myRg", "myWorkspace")
+ .withMode(Mode.ENABLED)
+ .create();
}
}
```
-### ThreatIntelligenceIndicatorMetrics_List
+### WorkspaceManagerConfigurations_Delete
```java
-import com.azure.core.util.Context;
-
-/** Samples for ThreatIntelligenceIndicatorMetrics List. */
-public final class ThreatIntelligenceIndicatorMetricsListSamples {
+/** Samples for WorkspaceManagerConfigurations Delete. */
+public final class WorkspaceManagerConfigurationsDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/threatintelligence/CollectThreatIntelligenceMetrics.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/workspaceManagerConfigurations/DeleteWorkspaceManagerConfiguration.json
*/
/**
- * Sample code: Get threat intelligence indicators metrics.
+ * Sample code: Delete a workspace manager configuration.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getThreatIntelligenceIndicatorsMetrics(
+ public static void deleteAWorkspaceManagerConfiguration(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.threatIntelligenceIndicatorMetrics().listWithResponse("myRg", "myWorkspace", Context.NONE);
+ manager
+ .workspaceManagerConfigurations()
+ .deleteWithResponse("myRg", "myWorkspace", "default", com.azure.core.util.Context.NONE);
}
}
```
-### ThreatIntelligenceIndicatorsOperation_List
+### WorkspaceManagerConfigurations_Get
```java
-import com.azure.core.util.Context;
-
-/** Samples for ThreatIntelligenceIndicatorsOperation List. */
-public final class ThreatIntelligenceIndicatorsOperationListSamples {
+/** Samples for WorkspaceManagerConfigurations Get. */
+public final class WorkspaceManagerConfigurationsGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/threatintelligence/GetThreatIntelligence.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/workspaceManagerConfigurations/GetWorkspaceManagerConfiguration.json
*/
/**
- * Sample code: Get all threat intelligence indicators.
+ * Sample code: Get a workspace manager configuration.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllThreatIntelligenceIndicators(
+ public static void getAWorkspaceManagerConfiguration(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .threatIntelligenceIndicatorsOperations()
- .list("myRg", "myWorkspace", null, null, null, null, Context.NONE);
+ .workspaceManagerConfigurations()
+ .getWithResponse("myRg", "myWorkspace", "default", com.azure.core.util.Context.NONE);
}
}
```
-### WatchlistItems_CreateOrUpdate
+### WorkspaceManagerConfigurations_List
```java
-import java.util.HashMap;
-import java.util.Map;
-
-/** Samples for WatchlistItems CreateOrUpdate. */
-public final class WatchlistItemsCreateOrUpdateSamples {
+/** Samples for WorkspaceManagerConfigurations List. */
+public final class WorkspaceManagerConfigurationsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/watchlists/CreateWatchlistItem.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/workspaceManagerConfigurations/GetAllWorkspaceManagerConfigurations.json
*/
/**
- * Sample code: Creates or updates a watchlist item.
+ * Sample code: Get all workspace manager configurations for a Sentinel workspace.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createsOrUpdatesAWatchlistItem(
+ public static void getAllWorkspaceManagerConfigurationsForASentinelWorkspace(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .watchlistItems()
- .define("82ba292c-dc97-4dfc-969d-d4dd9e666842")
- .withExistingWatchlist("myRg", "myWorkspace", "highValueAsset")
- .withEtag("0300bf09-0000-0000-0000-5c37296e0000")
- .withItemsKeyValue(
- mapOf(
- "Business tier",
- "10.0.2.0/24",
- "Data tier",
- "10.0.2.0/24",
- "Gateway subnet",
- "10.0.255.224/27",
- "Private DMZ in",
- "10.0.0.0/27",
- "Public DMZ out",
- "10.0.0.96/27",
- "Web Tier",
- "10.0.1.0/24"))
- .create();
- }
-
- @SuppressWarnings("unchecked")
- private static Map mapOf(Object... inputs) {
- Map map = new HashMap<>();
- for (int i = 0; i < inputs.length; i += 2) {
- String key = (String) inputs[i];
- T value = (T) inputs[i + 1];
- map.put(key, value);
- }
- return map;
+ .workspaceManagerConfigurations()
+ .list("myRg", "myWorkspace", null, null, null, com.azure.core.util.Context.NONE);
}
}
```
-### WatchlistItems_Delete
+### WorkspaceManagerGroups_CreateOrUpdate
```java
-import com.azure.core.util.Context;
+import java.util.Arrays;
-/** Samples for WatchlistItems Delete. */
-public final class WatchlistItemsDeleteSamples {
+/** Samples for WorkspaceManagerGroups CreateOrUpdate. */
+public final class WorkspaceManagerGroupsCreateOrUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/watchlists/DeleteWatchlistItem.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/workspaceManagerGroups/CreateOrUpdateWorkspaceManagerGroup.json
*/
/**
- * Sample code: Delete a watchlist Item.
+ * Sample code: Creates or updates a workspace manager group.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void deleteAWatchlistItem(
+ public static void createsOrUpdatesAWorkspaceManagerGroup(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .watchlistItems()
- .deleteWithResponse(
- "myRg", "myWorkspace", "highValueAsset", "4008512e-1d30-48b2-9ee2-d3612ed9d3ea", Context.NONE);
+ .workspaceManagerGroups()
+ .define("37207a7a-3b8a-438f-a559-c7df400e1b96")
+ .withExistingWorkspace("myRg", "myWorkspace")
+ .withDescription("Group of all financial and banking institutions")
+ .withDisplayName("Banks")
+ .withMemberResourceNames(
+ Arrays.asList("afbd324f-6c48-459c-8710-8d1e1cd03812", "f5fa104e-c0e3-4747-9182-d342dc048a9e"))
+ .create();
}
}
```
-### WatchlistItems_Get
+### WorkspaceManagerGroups_Delete
```java
-import com.azure.core.util.Context;
-
-/** Samples for WatchlistItems Get. */
-public final class WatchlistItemsGetSamples {
+/** Samples for WorkspaceManagerGroups Delete. */
+public final class WorkspaceManagerGroupsDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/watchlists/GetWatchlistItemById.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/workspaceManagerGroups/DeleteWorkspaceManagerGroup.json
*/
/**
- * Sample code: Get a watchlist item.
+ * Sample code: Delete a workspace manager group.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAWatchlistItem(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ public static void deleteAWorkspaceManagerGroup(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .watchlistItems()
- .getWithResponse(
- "myRg", "myWorkspace", "highValueAsset", "3f8901fe-63d9-4875-9ad5-9fb3b8105797", Context.NONE);
+ .workspaceManagerGroups()
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "37207a7a-3b8a-438f-a559-c7df400e1b96", com.azure.core.util.Context.NONE);
}
}
```
-### WatchlistItems_List
+### WorkspaceManagerGroups_Get
```java
-import com.azure.core.util.Context;
-
-/** Samples for WatchlistItems List. */
-public final class WatchlistItemsListSamples {
+/** Samples for WorkspaceManagerGroups Get. */
+public final class WorkspaceManagerGroupsGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/watchlists/GetWatchlistItems.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/workspaceManagerGroups/GetWorkspaceManagerGroup.json
*/
/**
- * Sample code: Get all watchlist Items.
+ * Sample code: Get a workspace manager group.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllWatchlistItems(
+ public static void getAWorkspaceManagerGroup(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.watchlistItems().list("myRg", "myWorkspace", "highValueAsset", null, Context.NONE);
+ manager
+ .workspaceManagerGroups()
+ .getWithResponse(
+ "myRg", "myWorkspace", "37207a7a-3b8a-438f-a559-c7df400e1b96", com.azure.core.util.Context.NONE);
}
}
```
-### Watchlists_CreateOrUpdate
+### WorkspaceManagerGroups_List
```java
-import com.azure.resourcemanager.securityinsights.models.SourceType;
-
-/** Samples for Watchlists CreateOrUpdate. */
-public final class WatchlistsCreateOrUpdateSamples {
+/** Samples for WorkspaceManagerGroups List. */
+public final class WorkspaceManagerGroupsListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/watchlists/CreateWatchlistAndWatchlistItems.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/workspaceManagerGroups/GetAllWorkspaceManagerGroups.json
*/
/**
- * Sample code: Creates or updates a watchlist and bulk creates watchlist items.
+ * Sample code: Get all workspace manager groups in the Sentinel workspace manager.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createsOrUpdatesAWatchlistAndBulkCreatesWatchlistItems(
+ public static void getAllWorkspaceManagerGroupsInTheSentinelWorkspaceManager(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .watchlists()
- .define("highValueAsset")
- .withExistingWorkspace("myRg", "myWorkspace")
- .withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\"")
- .withDisplayName("High Value Assets Watchlist")
- .withProvider("Microsoft")
- .withSource("watchlist.csv")
- .withSourceType(SourceType.LOCAL_FILE)
- .withDescription("Watchlist from CSV content")
- .withNumberOfLinesToSkip(1)
- .withRawContent("This line will be skipped\nheader1,header2\nvalue1,value2")
- .withItemsSearchKey("header1")
- .withContentType("text/csv")
- .create();
+ .workspaceManagerGroups()
+ .list("myRg", "myWorkspace", null, null, null, com.azure.core.util.Context.NONE);
}
+}
+```
+
+### WorkspaceManagerMembers_CreateOrUpdate
+```java
+/** Samples for WorkspaceManagerMembers CreateOrUpdate. */
+public final class WorkspaceManagerMembersCreateOrUpdateSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/watchlists/CreateWatchlist.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/workspaceManagerMembers/CreateOrUpdateWorkspaceManagerMember.json
*/
/**
- * Sample code: Creates or updates a watchlist.
+ * Sample code: Create or Update a workspace manager member.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void createsOrUpdatesAWatchlist(
+ public static void createOrUpdateAWorkspaceManagerMember(
com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
manager
- .watchlists()
- .define("highValueAsset")
+ .workspaceManagerMembers()
+ .define("afbd324f-6c48-459c-8710-8d1e1cd03812")
.withExistingWorkspace("myRg", "myWorkspace")
- .withEtag("\"0300bf09-0000-0000-0000-5c37296e0000\"")
- .withDisplayName("High Value Assets Watchlist")
- .withProvider("Microsoft")
- .withSource("watchlist.csv")
- .withSourceType(SourceType.LOCAL_FILE)
- .withDescription("Watchlist from CSV content")
- .withItemsSearchKey("header1")
+ .withTargetWorkspaceResourceId(
+ "/subscriptions/7aef9d48-814f-45ad-b644-b0343316e174/resourceGroups/otherRg/providers/Microsoft.OperationalInsights/workspaces/Example_Workspace")
+ .withTargetWorkspaceTenantId("f676d436-8d16-42db-81b7-ab578e110ccd")
.create();
}
}
```
-### Watchlists_Delete
+### WorkspaceManagerMembers_Delete
```java
-import com.azure.core.util.Context;
-
-/** Samples for Watchlists Delete. */
-public final class WatchlistsDeleteSamples {
+/** Samples for WorkspaceManagerMembers Delete. */
+public final class WorkspaceManagerMembersDeleteSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/watchlists/DeleteWatchlist.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/workspaceManagerMembers/DeleteWorkspaceManagerMember.json
*/
/**
- * Sample code: Delete a watchlist.
+ * Sample code: Delete a workspace manager member.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void deleteAWatchlist(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.watchlists().deleteWithResponse("myRg", "myWorkspace", "highValueAsset", Context.NONE);
+ public static void deleteAWorkspaceManagerMember(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .workspaceManagerMembers()
+ .deleteWithResponse(
+ "myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", com.azure.core.util.Context.NONE);
}
}
```
-### Watchlists_Get
+### WorkspaceManagerMembers_Get
```java
-import com.azure.core.util.Context;
-
-/** Samples for Watchlists Get. */
-public final class WatchlistsGetSamples {
+/** Samples for WorkspaceManagerMembers Get. */
+public final class WorkspaceManagerMembersGetSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/watchlists/GetWatchlistByAlias.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/workspaceManagerMembers/GetWorkspaceManagerMember.json
*/
/**
- * Sample code: Get a watchlist.
+ * Sample code: Get a workspace manager member.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAWatchlist(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.watchlists().getWithResponse("myRg", "myWorkspace", "highValueAsset", Context.NONE);
+ public static void getAWorkspaceManagerMember(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .workspaceManagerMembers()
+ .getWithResponse(
+ "myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", com.azure.core.util.Context.NONE);
}
}
```
-### Watchlists_List
+### WorkspaceManagerMembers_List
```java
-import com.azure.core.util.Context;
-
-/** Samples for Watchlists List. */
-public final class WatchlistsListSamples {
+/** Samples for WorkspaceManagerMembers List. */
+public final class WorkspaceManagerMembersListSamples {
/*
- * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-09-01-preview/examples/watchlists/GetWatchlists.json
+ * x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-09-01-preview/examples/workspaceManagerMembers/GetAllWorkspaceManagerMembers.json
*/
/**
- * Sample code: Get all watchlists.
+ * Sample code: Get all workspace manager members.
*
* @param manager Entry point to SecurityInsightsManager.
*/
- public static void getAllWatchlists(com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
- manager.watchlists().list("myRg", "myWorkspace", null, Context.NONE);
+ public static void getAllWorkspaceManagerMembers(
+ com.azure.resourcemanager.securityinsights.SecurityInsightsManager manager) {
+ manager
+ .workspaceManagerMembers()
+ .list("myRg", "myWorkspace", null, null, null, com.azure.core.util.Context.NONE);
}
}
```
diff --git a/sdk/securityinsights/azure-resourcemanager-securityinsights/pom.xml b/sdk/securityinsights/azure-resourcemanager-securityinsights/pom.xml
index 00b8dfea91355..de8a2380f0c7d 100644
--- a/sdk/securityinsights/azure-resourcemanager-securityinsights/pom.xml
+++ b/sdk/securityinsights/azure-resourcemanager-securityinsights/pom.xml
@@ -1,3 +1,8 @@
+
4.0.0
@@ -13,7 +18,7 @@
jar
Microsoft Azure SDK for SecurityInsights Management
- This package contains Microsoft Azure SDK for SecurityInsights Management SDK. For documentation on how to use this package, please see https://aka.ms/azsdk/java/mgmt. API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider. Package tag package-preview-2022-09.
+ This package contains Microsoft Azure SDK for SecurityInsights Management SDK. For documentation on how to use this package, please see https://aka.ms/azsdk/java/mgmt. API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider. Package tag package-preview-2023-09.
https://github.com/Azure/azure-sdk-for-java
@@ -38,7 +43,9 @@
UTF-8
- true
+ 0
+ 0
+ true
diff --git a/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/SecurityInsightsManager.java b/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/SecurityInsightsManager.java
index 6868ca4ea727a..e30d019bfac1b 100644
--- a/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/SecurityInsightsManager.java
+++ b/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/SecurityInsightsManager.java
@@ -25,12 +25,19 @@
import com.azure.core.util.logging.ClientLogger;
import com.azure.resourcemanager.securityinsights.fluent.SecurityInsights;
import com.azure.resourcemanager.securityinsights.implementation.ActionsImpl;
+import com.azure.resourcemanager.securityinsights.implementation.AlertRuleOperationsImpl;
import com.azure.resourcemanager.securityinsights.implementation.AlertRuleTemplatesImpl;
import com.azure.resourcemanager.securityinsights.implementation.AlertRulesImpl;
import com.azure.resourcemanager.securityinsights.implementation.AutomationRulesImpl;
+import com.azure.resourcemanager.securityinsights.implementation.BillingStatisticsImpl;
import com.azure.resourcemanager.securityinsights.implementation.BookmarkOperationsImpl;
import com.azure.resourcemanager.securityinsights.implementation.BookmarkRelationsImpl;
import com.azure.resourcemanager.securityinsights.implementation.BookmarksImpl;
+import com.azure.resourcemanager.securityinsights.implementation.ContentPackageOperationsImpl;
+import com.azure.resourcemanager.securityinsights.implementation.ContentPackagesImpl;
+import com.azure.resourcemanager.securityinsights.implementation.ContentTemplateOperationsImpl;
+import com.azure.resourcemanager.securityinsights.implementation.ContentTemplatesImpl;
+import com.azure.resourcemanager.securityinsights.implementation.DataConnectorDefinitionsImpl;
import com.azure.resourcemanager.securityinsights.implementation.DataConnectorsCheckRequirementsOperationsImpl;
import com.azure.resourcemanager.securityinsights.implementation.DataConnectorsImpl;
import com.azure.resourcemanager.securityinsights.implementation.DomainWhoisImpl;
@@ -41,14 +48,25 @@
import com.azure.resourcemanager.securityinsights.implementation.EntityQueryTemplatesImpl;
import com.azure.resourcemanager.securityinsights.implementation.EntityRelationsImpl;
import com.azure.resourcemanager.securityinsights.implementation.FileImportsImpl;
+import com.azure.resourcemanager.securityinsights.implementation.GetRecommendationsImpl;
+import com.azure.resourcemanager.securityinsights.implementation.GetTriggeredAnalyticsRuleRunsImpl;
+import com.azure.resourcemanager.securityinsights.implementation.GetsImpl;
+import com.azure.resourcemanager.securityinsights.implementation.HuntCommentsImpl;
+import com.azure.resourcemanager.securityinsights.implementation.HuntRelationsImpl;
+import com.azure.resourcemanager.securityinsights.implementation.HuntsImpl;
import com.azure.resourcemanager.securityinsights.implementation.IncidentCommentsImpl;
import com.azure.resourcemanager.securityinsights.implementation.IncidentRelationsImpl;
+import com.azure.resourcemanager.securityinsights.implementation.IncidentTasksImpl;
import com.azure.resourcemanager.securityinsights.implementation.IncidentsImpl;
import com.azure.resourcemanager.securityinsights.implementation.IpGeodatasImpl;
import com.azure.resourcemanager.securityinsights.implementation.MetadatasImpl;
import com.azure.resourcemanager.securityinsights.implementation.OfficeConsentsImpl;
import com.azure.resourcemanager.securityinsights.implementation.OperationsImpl;
+import com.azure.resourcemanager.securityinsights.implementation.ProductPackageOperationsImpl;
+import com.azure.resourcemanager.securityinsights.implementation.ProductPackagesImpl;
import com.azure.resourcemanager.securityinsights.implementation.ProductSettingsImpl;
+import com.azure.resourcemanager.securityinsights.implementation.ProductTemplateOperationsImpl;
+import com.azure.resourcemanager.securityinsights.implementation.ProductTemplatesImpl;
import com.azure.resourcemanager.securityinsights.implementation.SecurityInsightsBuilder;
import com.azure.resourcemanager.securityinsights.implementation.SecurityMLAnalyticsSettingsImpl;
import com.azure.resourcemanager.securityinsights.implementation.SentinelOnboardingStatesImpl;
@@ -57,15 +75,29 @@
import com.azure.resourcemanager.securityinsights.implementation.ThreatIntelligenceIndicatorMetricsImpl;
import com.azure.resourcemanager.securityinsights.implementation.ThreatIntelligenceIndicatorsImpl;
import com.azure.resourcemanager.securityinsights.implementation.ThreatIntelligenceIndicatorsOperationsImpl;
+import com.azure.resourcemanager.securityinsights.implementation.TriggeredAnalyticsRuleRunOperationsImpl;
+import com.azure.resourcemanager.securityinsights.implementation.UpdatesImpl;
import com.azure.resourcemanager.securityinsights.implementation.WatchlistItemsImpl;
import com.azure.resourcemanager.securityinsights.implementation.WatchlistsImpl;
+import com.azure.resourcemanager.securityinsights.implementation.WorkspaceManagerAssignmentJobsImpl;
+import com.azure.resourcemanager.securityinsights.implementation.WorkspaceManagerAssignmentsImpl;
+import com.azure.resourcemanager.securityinsights.implementation.WorkspaceManagerConfigurationsImpl;
+import com.azure.resourcemanager.securityinsights.implementation.WorkspaceManagerGroupsImpl;
+import com.azure.resourcemanager.securityinsights.implementation.WorkspaceManagerMembersImpl;
import com.azure.resourcemanager.securityinsights.models.Actions;
+import com.azure.resourcemanager.securityinsights.models.AlertRuleOperations;
import com.azure.resourcemanager.securityinsights.models.AlertRuleTemplates;
import com.azure.resourcemanager.securityinsights.models.AlertRules;
import com.azure.resourcemanager.securityinsights.models.AutomationRules;
+import com.azure.resourcemanager.securityinsights.models.BillingStatistics;
import com.azure.resourcemanager.securityinsights.models.BookmarkOperations;
import com.azure.resourcemanager.securityinsights.models.BookmarkRelations;
import com.azure.resourcemanager.securityinsights.models.Bookmarks;
+import com.azure.resourcemanager.securityinsights.models.ContentPackageOperations;
+import com.azure.resourcemanager.securityinsights.models.ContentPackages;
+import com.azure.resourcemanager.securityinsights.models.ContentTemplateOperations;
+import com.azure.resourcemanager.securityinsights.models.ContentTemplates;
+import com.azure.resourcemanager.securityinsights.models.DataConnectorDefinitions;
import com.azure.resourcemanager.securityinsights.models.DataConnectors;
import com.azure.resourcemanager.securityinsights.models.DataConnectorsCheckRequirementsOperations;
import com.azure.resourcemanager.securityinsights.models.DomainWhois;
@@ -76,14 +108,25 @@
import com.azure.resourcemanager.securityinsights.models.EntityQueryTemplates;
import com.azure.resourcemanager.securityinsights.models.EntityRelations;
import com.azure.resourcemanager.securityinsights.models.FileImports;
+import com.azure.resourcemanager.securityinsights.models.GetRecommendations;
+import com.azure.resourcemanager.securityinsights.models.GetTriggeredAnalyticsRuleRuns;
+import com.azure.resourcemanager.securityinsights.models.Gets;
+import com.azure.resourcemanager.securityinsights.models.HuntComments;
+import com.azure.resourcemanager.securityinsights.models.HuntRelations;
+import com.azure.resourcemanager.securityinsights.models.Hunts;
import com.azure.resourcemanager.securityinsights.models.IncidentComments;
import com.azure.resourcemanager.securityinsights.models.IncidentRelations;
+import com.azure.resourcemanager.securityinsights.models.IncidentTasks;
import com.azure.resourcemanager.securityinsights.models.Incidents;
import com.azure.resourcemanager.securityinsights.models.IpGeodatas;
import com.azure.resourcemanager.securityinsights.models.Metadatas;
import com.azure.resourcemanager.securityinsights.models.OfficeConsents;
import com.azure.resourcemanager.securityinsights.models.Operations;
+import com.azure.resourcemanager.securityinsights.models.ProductPackageOperations;
+import com.azure.resourcemanager.securityinsights.models.ProductPackages;
import com.azure.resourcemanager.securityinsights.models.ProductSettings;
+import com.azure.resourcemanager.securityinsights.models.ProductTemplateOperations;
+import com.azure.resourcemanager.securityinsights.models.ProductTemplates;
import com.azure.resourcemanager.securityinsights.models.SecurityMLAnalyticsSettings;
import com.azure.resourcemanager.securityinsights.models.SentinelOnboardingStates;
import com.azure.resourcemanager.securityinsights.models.SourceControls;
@@ -91,8 +134,15 @@
import com.azure.resourcemanager.securityinsights.models.ThreatIntelligenceIndicatorMetrics;
import com.azure.resourcemanager.securityinsights.models.ThreatIntelligenceIndicators;
import com.azure.resourcemanager.securityinsights.models.ThreatIntelligenceIndicatorsOperations;
+import com.azure.resourcemanager.securityinsights.models.TriggeredAnalyticsRuleRunOperations;
+import com.azure.resourcemanager.securityinsights.models.Updates;
import com.azure.resourcemanager.securityinsights.models.WatchlistItems;
import com.azure.resourcemanager.securityinsights.models.Watchlists;
+import com.azure.resourcemanager.securityinsights.models.WorkspaceManagerAssignmentJobs;
+import com.azure.resourcemanager.securityinsights.models.WorkspaceManagerAssignments;
+import com.azure.resourcemanager.securityinsights.models.WorkspaceManagerConfigurations;
+import com.azure.resourcemanager.securityinsights.models.WorkspaceManagerGroups;
+import com.azure.resourcemanager.securityinsights.models.WorkspaceManagerMembers;
import java.time.Duration;
import java.time.temporal.ChronoUnit;
import java.util.ArrayList;
@@ -113,20 +163,38 @@ public final class SecurityInsightsManager {
private AutomationRules automationRules;
+ private Entities entities;
+
private Incidents incidents;
+ private BillingStatistics billingStatistics;
+
private Bookmarks bookmarks;
private BookmarkRelations bookmarkRelations;
private BookmarkOperations bookmarkOperations;
+ private ContentPackages contentPackages;
+
+ private ContentPackageOperations contentPackageOperations;
+
+ private ProductPackages productPackages;
+
+ private ProductPackageOperations productPackageOperations;
+
+ private ProductTemplates productTemplates;
+
+ private ProductTemplateOperations productTemplateOperations;
+
+ private ContentTemplates contentTemplates;
+
+ private ContentTemplateOperations contentTemplateOperations;
+
private IpGeodatas ipGeodatas;
private DomainWhois domainWhois;
- private Entities entities;
-
private EntitiesGetTimelines entitiesGetTimelines;
private EntitiesRelations entitiesRelations;
@@ -139,16 +207,30 @@ public final class SecurityInsightsManager {
private FileImports fileImports;
+ private Hunts hunts;
+
+ private HuntRelations huntRelations;
+
+ private HuntComments huntComments;
+
private IncidentComments incidentComments;
private IncidentRelations incidentRelations;
+ private IncidentTasks incidentTasks;
+
private Metadatas metadatas;
private OfficeConsents officeConsents;
private SentinelOnboardingStates sentinelOnboardingStates;
+ private GetRecommendations getRecommendations;
+
+ private Gets gets;
+
+ private Updates updates;
+
private SecurityMLAnalyticsSettings securityMLAnalyticsSettings;
private ProductSettings productSettings;
@@ -163,10 +245,28 @@ public final class SecurityInsightsManager {
private ThreatIntelligenceIndicatorMetrics threatIntelligenceIndicatorMetrics;
+ private TriggeredAnalyticsRuleRunOperations triggeredAnalyticsRuleRunOperations;
+
+ private GetTriggeredAnalyticsRuleRuns getTriggeredAnalyticsRuleRuns;
+
+ private AlertRuleOperations alertRuleOperations;
+
private Watchlists watchlists;
private WatchlistItems watchlistItems;
+ private WorkspaceManagerAssignments workspaceManagerAssignments;
+
+ private WorkspaceManagerAssignmentJobs workspaceManagerAssignmentJobs;
+
+ private WorkspaceManagerConfigurations workspaceManagerConfigurations;
+
+ private WorkspaceManagerGroups workspaceManagerGroups;
+
+ private WorkspaceManagerMembers workspaceManagerMembers;
+
+ private DataConnectorDefinitions dataConnectorDefinitions;
+
private DataConnectors dataConnectors;
private DataConnectorsCheckRequirementsOperations dataConnectorsCheckRequirementsOperations;
@@ -338,7 +438,7 @@ public SecurityInsightsManager authenticate(TokenCredential credential, AzurePro
.append("-")
.append("com.azure.resourcemanager.securityinsights")
.append("/")
- .append("1.0.0-beta.4");
+ .append("1.0.0-beta.1");
if (!Configuration.getGlobalConfiguration().get("AZURE_TELEMETRY_DISABLED", false)) {
userAgentBuilder
.append(" (")
@@ -443,6 +543,18 @@ public AutomationRules automationRules() {
return automationRules;
}
+ /**
+ * Gets the resource collection API of Entities.
+ *
+ * @return Resource collection API of Entities.
+ */
+ public Entities entities() {
+ if (this.entities == null) {
+ this.entities = new EntitiesImpl(clientObject.getEntities(), this);
+ }
+ return entities;
+ }
+
/**
* Gets the resource collection API of Incidents. It manages Incident.
*
@@ -455,6 +567,18 @@ public Incidents incidents() {
return incidents;
}
+ /**
+ * Gets the resource collection API of BillingStatistics.
+ *
+ * @return Resource collection API of BillingStatistics.
+ */
+ public BillingStatistics billingStatistics() {
+ if (this.billingStatistics == null) {
+ this.billingStatistics = new BillingStatisticsImpl(clientObject.getBillingStatistics(), this);
+ }
+ return billingStatistics;
+ }
+
/**
* Gets the resource collection API of Bookmarks. It manages Bookmark.
*
@@ -491,6 +615,106 @@ public BookmarkOperations bookmarkOperations() {
return bookmarkOperations;
}
+ /**
+ * Gets the resource collection API of ContentPackages.
+ *
+ * @return Resource collection API of ContentPackages.
+ */
+ public ContentPackages contentPackages() {
+ if (this.contentPackages == null) {
+ this.contentPackages = new ContentPackagesImpl(clientObject.getContentPackages(), this);
+ }
+ return contentPackages;
+ }
+
+ /**
+ * Gets the resource collection API of ContentPackageOperations. It manages PackageModel.
+ *
+ * @return Resource collection API of ContentPackageOperations.
+ */
+ public ContentPackageOperations contentPackageOperations() {
+ if (this.contentPackageOperations == null) {
+ this.contentPackageOperations =
+ new ContentPackageOperationsImpl(clientObject.getContentPackageOperations(), this);
+ }
+ return contentPackageOperations;
+ }
+
+ /**
+ * Gets the resource collection API of ProductPackages.
+ *
+ * @return Resource collection API of ProductPackages.
+ */
+ public ProductPackages productPackages() {
+ if (this.productPackages == null) {
+ this.productPackages = new ProductPackagesImpl(clientObject.getProductPackages(), this);
+ }
+ return productPackages;
+ }
+
+ /**
+ * Gets the resource collection API of ProductPackageOperations.
+ *
+ * @return Resource collection API of ProductPackageOperations.
+ */
+ public ProductPackageOperations productPackageOperations() {
+ if (this.productPackageOperations == null) {
+ this.productPackageOperations =
+ new ProductPackageOperationsImpl(clientObject.getProductPackageOperations(), this);
+ }
+ return productPackageOperations;
+ }
+
+ /**
+ * Gets the resource collection API of ProductTemplates.
+ *
+ * @return Resource collection API of ProductTemplates.
+ */
+ public ProductTemplates productTemplates() {
+ if (this.productTemplates == null) {
+ this.productTemplates = new ProductTemplatesImpl(clientObject.getProductTemplates(), this);
+ }
+ return productTemplates;
+ }
+
+ /**
+ * Gets the resource collection API of ProductTemplateOperations.
+ *
+ * @return Resource collection API of ProductTemplateOperations.
+ */
+ public ProductTemplateOperations productTemplateOperations() {
+ if (this.productTemplateOperations == null) {
+ this.productTemplateOperations =
+ new ProductTemplateOperationsImpl(clientObject.getProductTemplateOperations(), this);
+ }
+ return productTemplateOperations;
+ }
+
+ /**
+ * Gets the resource collection API of ContentTemplates.
+ *
+ * @return Resource collection API of ContentTemplates.
+ */
+ public ContentTemplates contentTemplates() {
+ if (this.contentTemplates == null) {
+ this.contentTemplates = new ContentTemplatesImpl(clientObject.getContentTemplates(), this);
+ }
+ return contentTemplates;
+ }
+
+ /**
+ * Gets the resource collection API of ContentTemplateOperations. It manages TemplateModel.
+ *
+ * @return Resource collection API of ContentTemplateOperations.
+ */
+ public ContentTemplateOperations contentTemplateOperations() {
+ if (this.contentTemplateOperations == null) {
+ this.contentTemplateOperations =
+ new ContentTemplateOperationsImpl(clientObject.getContentTemplateOperations(), this);
+ }
+ return contentTemplateOperations;
+ }
+
/**
* Gets the resource collection API of IpGeodatas.
*
@@ -515,18 +739,6 @@ public DomainWhois domainWhois() {
return domainWhois;
}
- /**
- * Gets the resource collection API of Entities.
- *
- * @return Resource collection API of Entities.
- */
- public Entities entities() {
- if (this.entities == null) {
- this.entities = new EntitiesImpl(clientObject.getEntities(), this);
- }
- return entities;
- }
-
/**
* Gets the resource collection API of EntitiesGetTimelines.
*
@@ -599,6 +811,42 @@ public FileImports fileImports() {
return fileImports;
}
+ /**
+ * Gets the resource collection API of Hunts. It manages Hunt.
+ *
+ * @return Resource collection API of Hunts.
+ */
+ public Hunts hunts() {
+ if (this.hunts == null) {
+ this.hunts = new HuntsImpl(clientObject.getHunts(), this);
+ }
+ return hunts;
+ }
+
+ /**
+ * Gets the resource collection API of HuntRelations. It manages HuntRelation.
+ *
+ * @return Resource collection API of HuntRelations.
+ */
+ public HuntRelations huntRelations() {
+ if (this.huntRelations == null) {
+ this.huntRelations = new HuntRelationsImpl(clientObject.getHuntRelations(), this);
+ }
+ return huntRelations;
+ }
+
+ /**
+ * Gets the resource collection API of HuntComments. It manages HuntComment.
+ *
+ * @return Resource collection API of HuntComments.
+ */
+ public HuntComments huntComments() {
+ if (this.huntComments == null) {
+ this.huntComments = new HuntCommentsImpl(clientObject.getHuntComments(), this);
+ }
+ return huntComments;
+ }
+
/**
* Gets the resource collection API of IncidentComments. It manages IncidentComment.
*
@@ -623,6 +871,18 @@ public IncidentRelations incidentRelations() {
return incidentRelations;
}
+ /**
+ * Gets the resource collection API of IncidentTasks. It manages IncidentTask.
+ *
+ * @return Resource collection API of IncidentTasks.
+ */
+ public IncidentTasks incidentTasks() {
+ if (this.incidentTasks == null) {
+ this.incidentTasks = new IncidentTasksImpl(clientObject.getIncidentTasks(), this);
+ }
+ return incidentTasks;
+ }
+
/**
* Gets the resource collection API of Metadatas. It manages MetadataModel.
*
@@ -660,6 +920,42 @@ public SentinelOnboardingStates sentinelOnboardingStates() {
return sentinelOnboardingStates;
}
+ /**
+ * Gets the resource collection API of GetRecommendations.
+ *
+ * @return Resource collection API of GetRecommendations.
+ */
+ public GetRecommendations getRecommendations() {
+ if (this.getRecommendations == null) {
+ this.getRecommendations = new GetRecommendationsImpl(clientObject.getGetRecommendations(), this);
+ }
+ return getRecommendations;
+ }
+
+ /**
+ * Gets the resource collection API of Gets.
+ *
+ * @return Resource collection API of Gets.
+ */
+ public Gets gets() {
+ if (this.gets == null) {
+ this.gets = new GetsImpl(clientObject.getGets(), this);
+ }
+ return gets;
+ }
+
+ /**
+ * Gets the resource collection API of Updates.
+ *
+ * @return Resource collection API of Updates.
+ */
+ public Updates updates() {
+ if (this.updates == null) {
+ this.updates = new UpdatesImpl(clientObject.getUpdates(), this);
+ }
+ return updates;
+ }
+
/**
* Gets the resource collection API of SecurityMLAnalyticsSettings.
*
@@ -750,6 +1046,45 @@ public ThreatIntelligenceIndicatorMetrics threatIntelligenceIndicatorMetrics() {
return threatIntelligenceIndicatorMetrics;
}
+ /**
+ * Gets the resource collection API of TriggeredAnalyticsRuleRunOperations.
+ *
+ * @return Resource collection API of TriggeredAnalyticsRuleRunOperations.
+ */
+ public TriggeredAnalyticsRuleRunOperations triggeredAnalyticsRuleRunOperations() {
+ if (this.triggeredAnalyticsRuleRunOperations == null) {
+ this.triggeredAnalyticsRuleRunOperations =
+ new TriggeredAnalyticsRuleRunOperationsImpl(
+ clientObject.getTriggeredAnalyticsRuleRunOperations(), this);
+ }
+ return triggeredAnalyticsRuleRunOperations;
+ }
+
+ /**
+ * Gets the resource collection API of GetTriggeredAnalyticsRuleRuns.
+ *
+ * @return Resource collection API of GetTriggeredAnalyticsRuleRuns.
+ */
+ public GetTriggeredAnalyticsRuleRuns getTriggeredAnalyticsRuleRuns() {
+ if (this.getTriggeredAnalyticsRuleRuns == null) {
+ this.getTriggeredAnalyticsRuleRuns =
+ new GetTriggeredAnalyticsRuleRunsImpl(clientObject.getGetTriggeredAnalyticsRuleRuns(), this);
+ }
+ return getTriggeredAnalyticsRuleRuns;
+ }
+
+ /**
+ * Gets the resource collection API of AlertRuleOperations.
+ *
+ * @return Resource collection API of AlertRuleOperations.
+ */
+ public AlertRuleOperations alertRuleOperations() {
+ if (this.alertRuleOperations == null) {
+ this.alertRuleOperations = new AlertRuleOperationsImpl(clientObject.getAlertRuleOperations(), this);
+ }
+ return alertRuleOperations;
+ }
+
/**
* Gets the resource collection API of Watchlists. It manages Watchlist.
*
@@ -774,6 +1109,84 @@ public WatchlistItems watchlistItems() {
return watchlistItems;
}
+ /**
+ * Gets the resource collection API of WorkspaceManagerAssignments. It manages WorkspaceManagerAssignment.
+ *
+ * @return Resource collection API of WorkspaceManagerAssignments.
+ */
+ public WorkspaceManagerAssignments workspaceManagerAssignments() {
+ if (this.workspaceManagerAssignments == null) {
+ this.workspaceManagerAssignments =
+ new WorkspaceManagerAssignmentsImpl(clientObject.getWorkspaceManagerAssignments(), this);
+ }
+ return workspaceManagerAssignments;
+ }
+
+ /**
+ * Gets the resource collection API of WorkspaceManagerAssignmentJobs.
+ *
+ * @return Resource collection API of WorkspaceManagerAssignmentJobs.
+ */
+ public WorkspaceManagerAssignmentJobs workspaceManagerAssignmentJobs() {
+ if (this.workspaceManagerAssignmentJobs == null) {
+ this.workspaceManagerAssignmentJobs =
+ new WorkspaceManagerAssignmentJobsImpl(clientObject.getWorkspaceManagerAssignmentJobs(), this);
+ }
+ return workspaceManagerAssignmentJobs;
+ }
+
+ /**
+ * Gets the resource collection API of WorkspaceManagerConfigurations. It manages WorkspaceManagerConfiguration.
+ *
+ * @return Resource collection API of WorkspaceManagerConfigurations.
+ */
+ public WorkspaceManagerConfigurations workspaceManagerConfigurations() {
+ if (this.workspaceManagerConfigurations == null) {
+ this.workspaceManagerConfigurations =
+ new WorkspaceManagerConfigurationsImpl(clientObject.getWorkspaceManagerConfigurations(), this);
+ }
+ return workspaceManagerConfigurations;
+ }
+
+ /**
+ * Gets the resource collection API of WorkspaceManagerGroups. It manages WorkspaceManagerGroup.
+ *
+ * @return Resource collection API of WorkspaceManagerGroups.
+ */
+ public WorkspaceManagerGroups workspaceManagerGroups() {
+ if (this.workspaceManagerGroups == null) {
+ this.workspaceManagerGroups =
+ new WorkspaceManagerGroupsImpl(clientObject.getWorkspaceManagerGroups(), this);
+ }
+ return workspaceManagerGroups;
+ }
+
+ /**
+ * Gets the resource collection API of WorkspaceManagerMembers. It manages WorkspaceManagerMember.
+ *
+ * @return Resource collection API of WorkspaceManagerMembers.
+ */
+ public WorkspaceManagerMembers workspaceManagerMembers() {
+ if (this.workspaceManagerMembers == null) {
+ this.workspaceManagerMembers =
+ new WorkspaceManagerMembersImpl(clientObject.getWorkspaceManagerMembers(), this);
+ }
+ return workspaceManagerMembers;
+ }
+
+ /**
+ * Gets the resource collection API of DataConnectorDefinitions.
+ *
+ * @return Resource collection API of DataConnectorDefinitions.
+ */
+ public DataConnectorDefinitions dataConnectorDefinitions() {
+ if (this.dataConnectorDefinitions == null) {
+ this.dataConnectorDefinitions =
+ new DataConnectorDefinitionsImpl(clientObject.getDataConnectorDefinitions(), this);
+ }
+ return dataConnectorDefinitions;
+ }
+
/**
* Gets the resource collection API of DataConnectors.
*
@@ -813,8 +1226,10 @@ public Operations operations() {
}
/**
- * @return Wrapped service client SecurityInsights providing direct access to the underlying auto-generated API
- * implementation, based on Azure REST API.
+ * Gets wrapped service client SecurityInsights providing direct access to the underlying auto-generated API
+ * implementation, based on Azure REST API.
+ *
+ * @return Wrapped service client SecurityInsights.
*/
public SecurityInsights serviceClient() {
return this.clientObject;
diff --git a/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/fluent/ActionsClient.java b/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/fluent/ActionsClient.java
index 1679ca2138ad0..18cfd50a24315 100644
--- a/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/fluent/ActionsClient.java
+++ b/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/fluent/ActionsClient.java
@@ -44,21 +44,6 @@ public interface ActionsClient {
PagedIterable listByAlertRule(
String resourceGroupName, String workspaceName, String ruleId, Context context);
- /**
- * Gets the action of alert rule.
- *
- * @param resourceGroupName The name of the resource group. The name is case insensitive.
- * @param workspaceName The name of the workspace.
- * @param ruleId Alert rule ID.
- * @param actionId Action ID.
- * @throws IllegalArgumentException thrown if parameters fail the validation.
- * @throws com.azure.core.management.exception.ManagementException thrown if the request is rejected by server.
- * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
- * @return the action of alert rule.
- */
- @ServiceMethod(returns = ReturnType.SINGLE)
- ActionResponseInner get(String resourceGroupName, String workspaceName, String ruleId, String actionId);
-
/**
* Gets the action of alert rule.
*
@@ -77,21 +62,19 @@ Response getWithResponse(
String resourceGroupName, String workspaceName, String ruleId, String actionId, Context context);
/**
- * Creates or updates the action of alert rule.
+ * Gets the action of alert rule.
*
* @param resourceGroupName The name of the resource group. The name is case insensitive.
* @param workspaceName The name of the workspace.
* @param ruleId Alert rule ID.
* @param actionId Action ID.
- * @param action The action.
* @throws IllegalArgumentException thrown if parameters fail the validation.
* @throws com.azure.core.management.exception.ManagementException thrown if the request is rejected by server.
* @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
- * @return action for alert rule.
+ * @return the action of alert rule.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
- ActionResponseInner createOrUpdate(
- String resourceGroupName, String workspaceName, String ruleId, String actionId, ActionRequest action);
+ ActionResponseInner get(String resourceGroupName, String workspaceName, String ruleId, String actionId);
/**
* Creates or updates the action of alert rule.
@@ -117,18 +100,21 @@ Response createOrUpdateWithResponse(
Context context);
/**
- * Delete the action of alert rule.
+ * Creates or updates the action of alert rule.
*
* @param resourceGroupName The name of the resource group. The name is case insensitive.
* @param workspaceName The name of the workspace.
* @param ruleId Alert rule ID.
* @param actionId Action ID.
+ * @param action The action.
* @throws IllegalArgumentException thrown if parameters fail the validation.
* @throws com.azure.core.management.exception.ManagementException thrown if the request is rejected by server.
* @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
+ * @return action for alert rule.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
- void delete(String resourceGroupName, String workspaceName, String ruleId, String actionId);
+ ActionResponseInner createOrUpdate(
+ String resourceGroupName, String workspaceName, String ruleId, String actionId, ActionRequest action);
/**
* Delete the action of alert rule.
@@ -146,4 +132,18 @@ Response createOrUpdateWithResponse(
@ServiceMethod(returns = ReturnType.SINGLE)
Response deleteWithResponse(
String resourceGroupName, String workspaceName, String ruleId, String actionId, Context context);
+
+ /**
+ * Delete the action of alert rule.
+ *
+ * @param resourceGroupName The name of the resource group. The name is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID.
+ * @param actionId Action ID.
+ * @throws IllegalArgumentException thrown if parameters fail the validation.
+ * @throws com.azure.core.management.exception.ManagementException thrown if the request is rejected by server.
+ * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
+ */
+ @ServiceMethod(returns = ReturnType.SINGLE)
+ void delete(String resourceGroupName, String workspaceName, String ruleId, String actionId);
}
diff --git a/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/fluent/AlertRuleOperationsClient.java b/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/fluent/AlertRuleOperationsClient.java
new file mode 100644
index 0000000000000..7cd2bdbeb6c94
--- /dev/null
+++ b/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/fluent/AlertRuleOperationsClient.java
@@ -0,0 +1,93 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+// Code generated by Microsoft (R) AutoRest Code Generator.
+
+package com.azure.resourcemanager.securityinsights.fluent;
+
+import com.azure.core.annotation.ReturnType;
+import com.azure.core.annotation.ServiceMethod;
+import com.azure.core.management.polling.PollResult;
+import com.azure.core.util.Context;
+import com.azure.core.util.polling.SyncPoller;
+import com.azure.resourcemanager.securityinsights.models.AnalyticsRuleRunTrigger;
+
+/** An instance of this class provides access to all the operations defined in AlertRuleOperationsClient. */
+public interface AlertRuleOperationsClient {
+ /**
+ * triggers analytics rule run.
+ *
+ * @param resourceGroupName The name of the resource group. The name is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID.
+ * @param analyticsRuleRunTriggerParameter The Analytics Rule Run Trigger parameter.
+ * @throws IllegalArgumentException thrown if parameters fail the validation.
+ * @throws com.azure.core.management.exception.ManagementException thrown if the request is rejected by server.
+ * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
+ * @return the {@link SyncPoller} for polling of long-running operation.
+ */
+ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION)
+ SyncPoller, Void> beginTriggerRuleRun(
+ String resourceGroupName,
+ String workspaceName,
+ String ruleId,
+ AnalyticsRuleRunTrigger analyticsRuleRunTriggerParameter);
+
+ /**
+ * triggers analytics rule run.
+ *
+ * @param resourceGroupName The name of the resource group. The name is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID.
+ * @param analyticsRuleRunTriggerParameter The Analytics Rule Run Trigger parameter.
+ * @param context The context to associate with this operation.
+ * @throws IllegalArgumentException thrown if parameters fail the validation.
+ * @throws com.azure.core.management.exception.ManagementException thrown if the request is rejected by server.
+ * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
+ * @return the {@link SyncPoller} for polling of long-running operation.
+ */
+ @ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION)
+ SyncPoller, Void> beginTriggerRuleRun(
+ String resourceGroupName,
+ String workspaceName,
+ String ruleId,
+ AnalyticsRuleRunTrigger analyticsRuleRunTriggerParameter,
+ Context context);
+
+ /**
+ * triggers analytics rule run.
+ *
+ * @param resourceGroupName The name of the resource group. The name is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID.
+ * @param analyticsRuleRunTriggerParameter The Analytics Rule Run Trigger parameter.
+ * @throws IllegalArgumentException thrown if parameters fail the validation.
+ * @throws com.azure.core.management.exception.ManagementException thrown if the request is rejected by server.
+ * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
+ */
+ @ServiceMethod(returns = ReturnType.SINGLE)
+ void triggerRuleRun(
+ String resourceGroupName,
+ String workspaceName,
+ String ruleId,
+ AnalyticsRuleRunTrigger analyticsRuleRunTriggerParameter);
+
+ /**
+ * triggers analytics rule run.
+ *
+ * @param resourceGroupName The name of the resource group. The name is case insensitive.
+ * @param workspaceName The name of the workspace.
+ * @param ruleId Alert rule ID.
+ * @param analyticsRuleRunTriggerParameter The Analytics Rule Run Trigger parameter.
+ * @param context The context to associate with this operation.
+ * @throws IllegalArgumentException thrown if parameters fail the validation.
+ * @throws com.azure.core.management.exception.ManagementException thrown if the request is rejected by server.
+ * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
+ */
+ @ServiceMethod(returns = ReturnType.SINGLE)
+ void triggerRuleRun(
+ String resourceGroupName,
+ String workspaceName,
+ String ruleId,
+ AnalyticsRuleRunTrigger analyticsRuleRunTriggerParameter,
+ Context context);
+}
diff --git a/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/fluent/AlertRuleTemplatesClient.java b/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/fluent/AlertRuleTemplatesClient.java
index c568ee0f23feb..1747732b0446d 100644
--- a/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/fluent/AlertRuleTemplatesClient.java
+++ b/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/fluent/AlertRuleTemplatesClient.java
@@ -46,13 +46,15 @@ public interface AlertRuleTemplatesClient {
* @param resourceGroupName The name of the resource group. The name is case insensitive.
* @param workspaceName The name of the workspace.
* @param alertRuleTemplateId Alert rule template ID.
+ * @param context The context to associate with this operation.
* @throws IllegalArgumentException thrown if parameters fail the validation.
* @throws com.azure.core.management.exception.ManagementException thrown if the request is rejected by server.
* @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
- * @return the alert rule template.
+ * @return the alert rule template along with {@link Response}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
- AlertRuleTemplateInner get(String resourceGroupName, String workspaceName, String alertRuleTemplateId);
+ Response getWithResponse(
+ String resourceGroupName, String workspaceName, String alertRuleTemplateId, Context context);
/**
* Gets the alert rule template.
@@ -60,13 +62,11 @@ public interface AlertRuleTemplatesClient {
* @param resourceGroupName The name of the resource group. The name is case insensitive.
* @param workspaceName The name of the workspace.
* @param alertRuleTemplateId Alert rule template ID.
- * @param context The context to associate with this operation.
* @throws IllegalArgumentException thrown if parameters fail the validation.
* @throws com.azure.core.management.exception.ManagementException thrown if the request is rejected by server.
* @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
- * @return the alert rule template along with {@link Response}.
+ * @return the alert rule template.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
- Response getWithResponse(
- String resourceGroupName, String workspaceName, String alertRuleTemplateId, Context context);
+ AlertRuleTemplateInner get(String resourceGroupName, String workspaceName, String alertRuleTemplateId);
}
diff --git a/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/fluent/AlertRulesClient.java b/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/fluent/AlertRulesClient.java
index d40ca296e5fc6..c77a3e9fa2fa2 100644
--- a/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/fluent/AlertRulesClient.java
+++ b/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/fluent/AlertRulesClient.java
@@ -46,13 +46,15 @@ public interface AlertRulesClient {
* @param resourceGroupName The name of the resource group. The name is case insensitive.
* @param workspaceName The name of the workspace.
* @param ruleId Alert rule ID.
+ * @param context The context to associate with this operation.
* @throws IllegalArgumentException thrown if parameters fail the validation.
* @throws com.azure.core.management.exception.ManagementException thrown if the request is rejected by server.
* @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
- * @return the alert rule.
+ * @return the alert rule along with {@link Response}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
- AlertRuleInner get(String resourceGroupName, String workspaceName, String ruleId);
+ Response getWithResponse(
+ String resourceGroupName, String workspaceName, String ruleId, Context context);
/**
* Gets the alert rule.
@@ -60,15 +62,13 @@ public interface AlertRulesClient {
* @param resourceGroupName The name of the resource group. The name is case insensitive.
* @param workspaceName The name of the workspace.
* @param ruleId Alert rule ID.
- * @param context The context to associate with this operation.
* @throws IllegalArgumentException thrown if parameters fail the validation.
* @throws com.azure.core.management.exception.ManagementException thrown if the request is rejected by server.
* @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
- * @return the alert rule along with {@link Response}.
+ * @return the alert rule.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
- Response getWithResponse(
- String resourceGroupName, String workspaceName, String ruleId, Context context);
+ AlertRuleInner get(String resourceGroupName, String workspaceName, String ruleId);
/**
* Creates or updates the alert rule.
@@ -77,14 +77,15 @@ Response getWithResponse(
* @param workspaceName The name of the workspace.
* @param ruleId Alert rule ID.
* @param alertRule The alert rule.
+ * @param context The context to associate with this operation.
* @throws IllegalArgumentException thrown if parameters fail the validation.
* @throws com.azure.core.management.exception.ManagementException thrown if the request is rejected by server.
* @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
- * @return alert rule.
+ * @return alert rule along with {@link Response}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
- AlertRuleInner createOrUpdate(
- String resourceGroupName, String workspaceName, String ruleId, AlertRuleInner alertRule);
+ Response createOrUpdateWithResponse(
+ String resourceGroupName, String workspaceName, String ruleId, AlertRuleInner alertRule, Context context);
/**
* Creates or updates the alert rule.
@@ -93,15 +94,14 @@ AlertRuleInner createOrUpdate(
* @param workspaceName The name of the workspace.
* @param ruleId Alert rule ID.
* @param alertRule The alert rule.
- * @param context The context to associate with this operation.
* @throws IllegalArgumentException thrown if parameters fail the validation.
* @throws com.azure.core.management.exception.ManagementException thrown if the request is rejected by server.
* @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
- * @return alert rule along with {@link Response}.
+ * @return alert rule.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
- Response createOrUpdateWithResponse(
- String resourceGroupName, String workspaceName, String ruleId, AlertRuleInner alertRule, Context context);
+ AlertRuleInner createOrUpdate(
+ String resourceGroupName, String workspaceName, String ruleId, AlertRuleInner alertRule);
/**
* Delete the alert rule.
@@ -109,12 +109,14 @@ Response createOrUpdateWithResponse(
* @param resourceGroupName The name of the resource group. The name is case insensitive.
* @param workspaceName The name of the workspace.
* @param ruleId Alert rule ID.
+ * @param context The context to associate with this operation.
* @throws IllegalArgumentException thrown if parameters fail the validation.
* @throws com.azure.core.management.exception.ManagementException thrown if the request is rejected by server.
* @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
+ * @return the {@link Response}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
- void delete(String resourceGroupName, String workspaceName, String ruleId);
+ Response deleteWithResponse(String resourceGroupName, String workspaceName, String ruleId, Context context);
/**
* Delete the alert rule.
@@ -122,12 +124,10 @@ Response createOrUpdateWithResponse(
* @param resourceGroupName The name of the resource group. The name is case insensitive.
* @param workspaceName The name of the workspace.
* @param ruleId Alert rule ID.
- * @param context The context to associate with this operation.
* @throws IllegalArgumentException thrown if parameters fail the validation.
* @throws com.azure.core.management.exception.ManagementException thrown if the request is rejected by server.
* @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
- * @return the {@link Response}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
- Response deleteWithResponse(String resourceGroupName, String workspaceName, String ruleId, Context context);
+ void delete(String resourceGroupName, String workspaceName, String ruleId);
}
diff --git a/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/fluent/AutomationRulesClient.java b/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/fluent/AutomationRulesClient.java
index 8bdfc546a32d2..1e448c15a2037 100644
--- a/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/fluent/AutomationRulesClient.java
+++ b/sdk/securityinsights/azure-resourcemanager-securityinsights/src/main/java/com/azure/resourcemanager/securityinsights/fluent/AutomationRulesClient.java
@@ -13,20 +13,6 @@
/** An instance of this class provides access to all the operations defined in AutomationRulesClient. */
public interface AutomationRulesClient {
- /**
- * Gets the automation rule.
- *
- * @param resourceGroupName The name of the resource group. The name is case insensitive.
- * @param workspaceName The name of the workspace.
- * @param automationRuleId Automation rule ID.
- * @throws IllegalArgumentException thrown if parameters fail the validation.
- * @throws com.azure.core.management.exception.ManagementException thrown if the request is rejected by server.
- * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
- * @return the automation rule.
- */
- @ServiceMethod(returns = ReturnType.SINGLE)
- AutomationRuleInner get(String resourceGroupName, String workspaceName, String automationRuleId);
-
/**
* Gets the automation rule.
*
@@ -44,7 +30,7 @@ Response getWithResponse(
String resourceGroupName, String workspaceName, String automationRuleId, Context context);
/**
- * Creates or updates the automation rule.
+ * Gets the automation rule.
*
* @param resourceGroupName The name of the resource group. The name is case insensitive.
* @param workspaceName The name of the workspace.
@@ -52,10 +38,10 @@ Response getWithResponse(
* @throws IllegalArgumentException thrown if parameters fail the validation.
* @throws com.azure.core.management.exception.ManagementException thrown if the request is rejected by server.
* @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
- * @return the response.
+ * @return the automation rule.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
- AutomationRuleInner createOrUpdate(String resourceGroupName, String workspaceName, String automationRuleId);
+ AutomationRuleInner get(String resourceGroupName, String workspaceName, String automationRuleId);
/**
* Creates or updates the automation rule.
@@ -79,7 +65,7 @@ Response createOrUpdateWithResponse(
Context context);
/**
- * Delete the automation rule.
+ * Creates or updates the automation rule.
*
* @param resourceGroupName The name of the resource group. The name is case insensitive.
* @param workspaceName The name of the workspace.
@@ -87,10 +73,10 @@ Response createOrUpdateWithResponse(
* @throws IllegalArgumentException thrown if parameters fail the validation.
* @throws com.azure.core.management.exception.ManagementException thrown if the request is rejected by server.
* @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent.
- * @return any object.
+ * @return the response.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
- Object delete(String resourceGroupName, String workspaceName, String automationRuleId);
+ AutomationRuleInner createOrUpdate(String resourceGroupName, String workspaceName, String automationRuleId);
/**
* Delete the automation rule.
@@ -108,6 +94,20 @@ Response createOrUpdateWithResponse(
Response