azure_mgmt_security_insights 0.17.0

data/lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/scheduled_alert_rule_common_properties.rb

@@ -0,0 +1,119 @@
+# encoding: utf-8
+# Code generated by Microsoft (R) AutoRest Code Generator.
+# Changes may cause incorrect behavior and will be lost if the code is
+# regenerated.
+
+module Azure::SecurityInsights::Mgmt::V2019_01_01_preview
+  module Models
+    #
+    # Schedule alert rule template property bag.
+    #
+    class ScheduledAlertRuleCommonProperties
+
+      include MsRestAzure
+
+      # @return [String] The query that creates alerts for this rule.
+      attr_accessor :query
+
+      # @return [Duration] The frequency (in ISO 8601 duration format) for this
+      # alert rule to run.
+      attr_accessor :query_frequency
+
+      # @return [Duration] The period (in ISO 8601 duration format) that this
+      # alert rule looks at.
+      attr_accessor :query_period
+
+      # @return [AlertSeverity] The severity for alerts created by this alert
+      # rule. Possible values include: 'High', 'Medium', 'Low', 'Informational'
+      attr_accessor :severity
+
+      # @return [TriggerOperator] The operation against the threshold that
+      # triggers alert rule. Possible values include: 'GreaterThan',
+      # 'LessThan', 'Equal', 'NotEqual'
+      attr_accessor :trigger_operator
+
+      # @return [Integer] The threshold triggers this alert rule.
+      attr_accessor :trigger_threshold
+
+      # @return [EventGroupingSettings] The event grouping settings.
+      attr_accessor :event_grouping_settings
+
+
+      #
+      # Mapper for ScheduledAlertRuleCommonProperties class as Ruby Hash.
+      # This will be used for serialization/deserialization.
+      #
+      def self.mapper()
+        {
+          client_side_validation: true,
+          required: false,
+          serialized_name: 'ScheduledAlertRuleCommonProperties',
+          type: {
+            name: 'Composite',
+            class_name: 'ScheduledAlertRuleCommonProperties',
+            model_properties: {
+              query: {
+                client_side_validation: true,
+                required: false,
+                serialized_name: 'query',
+                type: {
+                  name: 'String'
+                }
+              },
+              query_frequency: {
+                client_side_validation: true,
+                required: false,
+                serialized_name: 'queryFrequency',
+                type: {
+                  name: 'TimeSpan'
+                }
+              },
+              query_period: {
+                client_side_validation: true,
+                required: false,
+                serialized_name: 'queryPeriod',
+                type: {
+                  name: 'TimeSpan'
+                }
+              },
+              severity: {
+                client_side_validation: true,
+                required: false,
+                serialized_name: 'severity',
+                type: {
+                  name: 'String'
+                }
+              },
+              trigger_operator: {
+                client_side_validation: true,
+                required: false,
+                serialized_name: 'triggerOperator',
+                type: {
+                  name: 'Enum',
+                  module: 'TriggerOperator'
+                }
+              },
+              trigger_threshold: {
+                client_side_validation: true,
+                required: false,
+                serialized_name: 'triggerThreshold',
+                type: {
+                  name: 'Number'
+                }
+              },
+              event_grouping_settings: {
+                client_side_validation: true,
+                required: false,
+                serialized_name: 'eventGroupingSettings',
+                type: {
+                  name: 'Composite',
+                  class_name: 'EventGroupingSettings'
+                }
+              }
+            }
+          }
+        }
+      end
+    end
+  end
+end

data/lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/scheduled_alert_rule_template.rb

@@ -0,0 +1,260 @@
+# encoding: utf-8
+# Code generated by Microsoft (R) AutoRest Code Generator.
+# Changes may cause incorrect behavior and will be lost if the code is
+# regenerated.
+
+module Azure::SecurityInsights::Mgmt::V2019_01_01_preview
+  module Models
+    #
+    # Represents scheduled alert rule template.
+    #
+    class ScheduledAlertRuleTemplate < AlertRuleTemplate
+
+      include MsRestAzure
+
+
+      def initialize
+        @kind = "Scheduled"
+      end
+
+      attr_accessor :kind
+
+      # @return [Integer] the number of alert rules that were created by this
+      # template
+      attr_accessor :alert_rules_created_by_template_count
+
+      # @return [DateTime] The time that this alert rule template has been
+      # added.
+      attr_accessor :created_date_utc
+
+      # @return [String] The description of the alert rule template.
+      attr_accessor :description
+
+      # @return [String] The display name for alert rule template.
+      attr_accessor :display_name
+
+      # @return [Array<AlertRuleTemplateDataSource>] The required data sources
+      # for this template
+      attr_accessor :required_data_connectors
+
+      # @return [TemplateStatus] The alert rule template status. Possible
+      # values include: 'Installed', 'Available', 'NotAvailable'
+      attr_accessor :status
+
+      # @return [String] The query that creates alerts for this rule.
+      attr_accessor :query
+
+      # @return [Duration] The frequency (in ISO 8601 duration format) for this
+      # alert rule to run.
+      attr_accessor :query_frequency
+
+      # @return [Duration] The period (in ISO 8601 duration format) that this
+      # alert rule looks at.
+      attr_accessor :query_period
+
+      # @return [AlertSeverity] The severity for alerts created by this alert
+      # rule. Possible values include: 'High', 'Medium', 'Low', 'Informational'
+      attr_accessor :severity
+
+      # @return [TriggerOperator] The operation against the threshold that
+      # triggers alert rule. Possible values include: 'GreaterThan',
+      # 'LessThan', 'Equal', 'NotEqual'
+      attr_accessor :trigger_operator
+
+      # @return [Integer] The threshold triggers this alert rule.
+      attr_accessor :trigger_threshold
+
+      # @return [EventGroupingSettings] The event grouping settings.
+      attr_accessor :event_grouping_settings
+
+      # @return [Array<AttackTactic>] The tactics of the alert rule template
+      attr_accessor :tactics
+
+
+      #
+      # Mapper for ScheduledAlertRuleTemplate class as Ruby Hash.
+      # This will be used for serialization/deserialization.
+      #
+      def self.mapper()
+        {
+          client_side_validation: true,
+          required: false,
+          serialized_name: 'Scheduled',
+          type: {
+            name: 'Composite',
+            class_name: 'ScheduledAlertRuleTemplate',
+            model_properties: {
+              id: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'id',
+                type: {
+                  name: 'String'
+                }
+              },
+              name: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'name',
+                type: {
+                  name: 'String'
+                }
+              },
+              type: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'type',
+                type: {
+                  name: 'String'
+                }
+              },
+              kind: {
+                client_side_validation: true,
+                required: true,
+                serialized_name: 'kind',
+                type: {
+                  name: 'String'
+                }
+              },
+              alert_rules_created_by_template_count: {
+                client_side_validation: true,
+                required: false,
+                serialized_name: 'properties.alertRulesCreatedByTemplateCount',
+                type: {
+                  name: 'Number'
+                }
+              },
+              created_date_utc: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.createdDateUTC',
+                type: {
+                  name: 'DateTime'
+                }
+              },
+              description: {
+                client_side_validation: true,
+                required: false,
+                serialized_name: 'properties.description',
+                type: {
+                  name: 'String'
+                }
+              },
+              display_name: {
+                client_side_validation: true,
+                required: false,
+                serialized_name: 'properties.displayName',
+                type: {
+                  name: 'String'
+                }
+              },
+              required_data_connectors: {
+                client_side_validation: true,
+                required: false,
+                serialized_name: 'properties.requiredDataConnectors',
+                type: {
+                  name: 'Sequence',
+                  element: {
+                      client_side_validation: true,
+                      required: false,
+                      serialized_name: 'AlertRuleTemplateDataSourceElementType',
+                      type: {
+                        name: 'Composite',
+                        class_name: 'AlertRuleTemplateDataSource'
+                      }
+                  }
+                }
+              },
+              status: {
+                client_side_validation: true,
+                required: false,
+                serialized_name: 'properties.status',
+                type: {
+                  name: 'String'
+                }
+              },
+              query: {
+                client_side_validation: true,
+                required: false,
+                serialized_name: 'properties.query',
+                type: {
+                  name: 'String'
+                }
+              },
+              query_frequency: {
+                client_side_validation: true,
+                required: false,
+                serialized_name: 'properties.queryFrequency',
+                type: {
+                  name: 'TimeSpan'
+                }
+              },
+              query_period: {
+                client_side_validation: true,
+                required: false,
+                serialized_name: 'properties.queryPeriod',
+                type: {
+                  name: 'TimeSpan'
+                }
+              },
+              severity: {
+                client_side_validation: true,
+                required: false,
+                serialized_name: 'properties.severity',
+                type: {
+                  name: 'String'
+                }
+              },
+              trigger_operator: {
+                client_side_validation: true,
+                required: false,
+                serialized_name: 'properties.triggerOperator',
+                type: {
+                  name: 'Enum',
+                  module: 'TriggerOperator'
+                }
+              },
+              trigger_threshold: {
+                client_side_validation: true,
+                required: false,
+                serialized_name: 'properties.triggerThreshold',
+                type: {
+                  name: 'Number'
+                }
+              },
+              event_grouping_settings: {
+                client_side_validation: true,
+                required: false,
+                serialized_name: 'properties.eventGroupingSettings',
+                type: {
+                  name: 'Composite',
+                  class_name: 'EventGroupingSettings'
+                }
+              },
+              tactics: {
+                client_side_validation: true,
+                required: false,
+                serialized_name: 'properties.tactics',
+                type: {
+                  name: 'Sequence',
+                  element: {
+                      client_side_validation: true,
+                      required: false,
+                      serialized_name: 'AttackTacticElementType',
+                      type: {
+                        name: 'String'
+                      }
+                  }
+                }
+              }
+            }
+          }
+        }
+      end
+    end
+  end
+end

data/lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb

@@ -0,0 +1,462 @@
+# encoding: utf-8
+# Code generated by Microsoft (R) AutoRest Code Generator.
+# Changes may cause incorrect behavior and will be lost if the code is
+# regenerated.
+
+module Azure::SecurityInsights::Mgmt::V2019_01_01_preview
+  module Models
+    #
+    # Represents a security alert entity.
+    #
+    class SecurityAlert < Entity
+
+      include MsRestAzure
+
+
+      def initialize
+        @kind = "SecurityAlert"
+      end
+
+      attr_accessor :kind
+
+      # @return A bag of custom fields that should be part of the entity and
+      # will be presented to the user.
+      attr_accessor :additional_data
+
+      # @return [String] The graph item display name which is a short humanly
+      # readable description of the graph item instance. This property is
+      # optional and might be system generated.
+      attr_accessor :friendly_name
+
+      # @return [String] The display name of the alert.
+      attr_accessor :alert_display_name
+
+      # @return [String] The type name of the alert.
+      attr_accessor :alert_type
+
+      # @return [String] Display name of the main entity being reported on.
+      attr_accessor :compromised_entity
+
+      # @return [ConfidenceLevel] The confidence level of this alert. Possible
+      # values include: 'Unknown', 'Low', 'High'
+      attr_accessor :confidence_level
+
+      # @return [Array<SecurityAlertPropertiesConfidenceReasonsItem>] The
+      # confidence reasons
+      attr_accessor :confidence_reasons
+
+      # @return [Float] The confidence score of the alert.
+      attr_accessor :confidence_score
+
+      # @return [ConfidenceScoreStatus] The confidence score calculation
+      # status, i.e. indicating if score calculation is pending for this alert,
+      # not applicable or final. Possible values include: 'NotApplicable',
+      # 'InProcess', 'NotFinal', 'Final'
+      attr_accessor :confidence_score_status
+
+      # @return [String] Alert description.
+      attr_accessor :description
+
+      # @return [DateTime] The impact end time of the alert (the time of the
+      # last event contributing to the alert).
+      attr_accessor :end_time_utc
+
+      # @return [KillChainIntent] Holds the alert intent stage(s) mapping for
+      # this alert. Possible values include: 'Unknown', 'Probing',
+      # 'Exploitation', 'Persistence', 'PrivilegeEscalation', 'DefenseEvasion',
+      # 'CredentialAccess', 'Discovery', 'LateralMovement', 'Execution',
+      # 'Collection', 'Exfiltration', 'CommandAndControl', 'Impact'
+      attr_accessor :intent
+
+      # @return [String] The identifier of the alert inside the product which
+      # generated the alert.
+      attr_accessor :provider_alert_id
+
+      # @return [DateTime] The time the alert was made available for
+      # consumption.
+      attr_accessor :processing_end_time
+
+      # @return [String] The name of a component inside the product which
+      # generated the alert.
+      attr_accessor :product_component_name
+
+      # @return [String] The name of the product which published this alert.
+      attr_accessor :product_name
+
+      # @return [String] The version of the product generating the alert.
+      attr_accessor :product_version
+
+      # @return [Array<String>] Manual action items to take to remediate the
+      # alert.
+      attr_accessor :remediation_steps
+
+      # @return [AlertSeverity] The severity of the alert. Possible values
+      # include: 'High', 'Medium', 'Low', 'Informational'
+      attr_accessor :severity
+
+      # @return [DateTime] The impact start time of the alert (the time of the
+      # first event contributing to the alert).
+      attr_accessor :start_time_utc
+
+      # @return [AlertStatus] The lifecycle status of the alert. Possible
+      # values include: 'Unknown', 'New', 'Resolved', 'Dismissed', 'InProgress'
+      attr_accessor :status
+
+      # @return [String] Holds the product identifier of the alert for the
+      # product.
+      attr_accessor :system_alert_id
+
+      # @return [Array<AttackTactic>] The tactics of the alert
+      attr_accessor :tactics
+
+      # @return [DateTime] The time the alert was generated.
+      attr_accessor :time_generated
+
+      # @return [String] The name of the vendor that raise the alert.
+      attr_accessor :vendor_name
+
+      # @return [String] The uri link of the alert.
+      attr_accessor :alert_link
+
+      # @return The list of resource identifiers of the alert.
+      attr_accessor :resource_identifiers
+
+
+      #
+      # Mapper for SecurityAlert class as Ruby Hash.
+      # This will be used for serialization/deserialization.
+      #
+      def self.mapper()
+        {
+          client_side_validation: true,
+          required: false,
+          serialized_name: 'SecurityAlert',
+          type: {
+            name: 'Composite',
+            class_name: 'SecurityAlert',
+            model_properties: {
+              id: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'id',
+                type: {
+                  name: 'String'
+                }
+              },
+              name: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'name',
+                type: {
+                  name: 'String'
+                }
+              },
+              type: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'type',
+                type: {
+                  name: 'String'
+                }
+              },
+              kind: {
+                client_side_validation: true,
+                required: true,
+                serialized_name: 'kind',
+                type: {
+                  name: 'String'
+                }
+              },
+              additional_data: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.additionalData',
+                type: {
+                  name: 'Dictionary',
+                  value: {
+                      client_side_validation: true,
+                      required: false,
+                      serialized_name: 'ObjectElementType',
+                      type: {
+                        name: 'Object'
+                      }
+                  }
+                }
+              },
+              friendly_name: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.friendlyName',
+                type: {
+                  name: 'String'
+                }
+              },
+              alert_display_name: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.alertDisplayName',
+                type: {
+                  name: 'String'
+                }
+              },
+              alert_type: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.alertType',
+                type: {
+                  name: 'String'
+                }
+              },
+              compromised_entity: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.compromisedEntity',
+                type: {
+                  name: 'String'
+                }
+              },
+              confidence_level: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.confidenceLevel',
+                type: {
+                  name: 'String'
+                }
+              },
+              confidence_reasons: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.confidenceReasons',
+                type: {
+                  name: 'Sequence',
+                  element: {
+                      client_side_validation: true,
+                      required: false,
+                      serialized_name: 'SecurityAlertPropertiesConfidenceReasonsItemElementType',
+                      type: {
+                        name: 'Composite',
+                        class_name: 'SecurityAlertPropertiesConfidenceReasonsItem'
+                      }
+                  }
+                }
+              },
+              confidence_score: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.confidenceScore',
+                type: {
+                  name: 'Double'
+                }
+              },
+              confidence_score_status: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.confidenceScoreStatus',
+                type: {
+                  name: 'String'
+                }
+              },
+              description: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.description',
+                type: {
+                  name: 'String'
+                }
+              },
+              end_time_utc: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.endTimeUtc',
+                type: {
+                  name: 'DateTime'
+                }
+              },
+              intent: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.intent',
+                type: {
+                  name: 'String'
+                }
+              },
+              provider_alert_id: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.providerAlertId',
+                type: {
+                  name: 'String'
+                }
+              },
+              processing_end_time: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.processingEndTime',
+                type: {
+                  name: 'DateTime'
+                }
+              },
+              product_component_name: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.productComponentName',
+                type: {
+                  name: 'String'
+                }
+              },
+              product_name: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.productName',
+                type: {
+                  name: 'String'
+                }
+              },
+              product_version: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.productVersion',
+                type: {
+                  name: 'String'
+                }
+              },
+              remediation_steps: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.remediationSteps',
+                type: {
+                  name: 'Sequence',
+                  element: {
+                      client_side_validation: true,
+                      required: false,
+                      serialized_name: 'StringElementType',
+                      type: {
+                        name: 'String'
+                      }
+                  }
+                }
+              },
+              severity: {
+                client_side_validation: true,
+                required: false,
+                serialized_name: 'properties.severity',
+                type: {
+                  name: 'String'
+                }
+              },
+              start_time_utc: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.startTimeUtc',
+                type: {
+                  name: 'DateTime'
+                }
+              },
+              status: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.status',
+                type: {
+                  name: 'String'
+                }
+              },
+              system_alert_id: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.systemAlertId',
+                type: {
+                  name: 'String'
+                }
+              },
+              tactics: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.tactics',
+                type: {
+                  name: 'Sequence',
+                  element: {
+                      client_side_validation: true,
+                      required: false,
+                      serialized_name: 'AttackTacticElementType',
+                      type: {
+                        name: 'String'
+                      }
+                  }
+                }
+              },
+              time_generated: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.timeGenerated',
+                type: {
+                  name: 'DateTime'
+                }
+              },
+              vendor_name: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.vendorName',
+                type: {
+                  name: 'String'
+                }
+              },
+              alert_link: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.alertLink',
+                type: {
+                  name: 'String'
+                }
+              },
+              resource_identifiers: {
+                client_side_validation: true,
+                required: false,
+                read_only: true,
+                serialized_name: 'properties.resourceIdentifiers',
+                type: {
+                  name: 'Sequence',
+                  element: {
+                      client_side_validation: true,
+                      required: false,
+                      serialized_name: 'ObjectElementType',
+                      type: {
+                        name: 'Object'
+                      }
+                  }
+                }
+              }
+            }
+          }
+        }
+      end
+    end
+  end
+end