@azure/arm-securityinsight 1.0.0-beta.1 → 1.0.0-beta.4

package/types/arm-securityinsight.d.ts

@@ -3,51 +3,55 @@ import * as coreClient from '@azure/core-client';
 import { PagedAsyncIterableIterator } from '@azure/core-paging';
 
 /** Represents AAD (Azure Active Directory) requirements check request. */
-export declare type AADCheckRequirements = DataConnectorsCheckRequirements & {
+export declare interface AADCheckRequirements extends DataConnectorsCheckRequirements {
     /** Polymorphic discriminator, which specifies the different types this object can be */
     kind: "AzureActiveDirectory";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
-};
+}
 
 /** AAD (Azure Active Directory) requirements check properties. */
-export declare type AADCheckRequirementsProperties = DataConnectorTenantId & {};
+export declare interface AADCheckRequirementsProperties extends DataConnectorTenantId {
+}
 
 /** Represents AAD (Azure Active Directory) data connector. */
-export declare type AADDataConnector = DataConnector & {
+export declare interface AADDataConnector extends DataConnector {
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
     dataTypes?: AlertsDataTypeOfDataConnector;
-};
+}
 
 /** AAD (Azure Active Directory) data connector properties. */
-export declare type AADDataConnectorProperties = DataConnectorTenantId & DataConnectorWithAlertsProperties & {};
+export declare interface AADDataConnectorProperties extends DataConnectorTenantId, DataConnectorWithAlertsProperties {
+}
 
 /** Represents AATP (Azure Advanced Threat Protection) requirements check request. */
-export declare type AatpCheckRequirements = DataConnectorsCheckRequirements & {
+export declare interface AatpCheckRequirements extends DataConnectorsCheckRequirements {
     /** Polymorphic discriminator, which specifies the different types this object can be */
     kind: "AzureAdvancedThreatProtection";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
-};
+}
 
 /** AATP (Azure Advanced Threat Protection) requirements check properties. */
-export declare type AatpCheckRequirementsProperties = DataConnectorTenantId & {};
+export declare interface AatpCheckRequirementsProperties extends DataConnectorTenantId {
+}
 
 /** Represents AATP (Azure Advanced Threat Protection) data connector. */
-export declare type AatpDataConnector = DataConnector & {
+export declare interface AatpDataConnector extends DataConnector {
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
     dataTypes?: AlertsDataTypeOfDataConnector;
-};
+}
 
 /** AATP (Azure Advanced Threat Protection) data connector properties. */
-export declare type AatpDataConnectorProperties = DataConnectorTenantId & DataConnectorWithAlertsProperties & {};
+export declare interface AatpDataConnectorProperties extends DataConnectorTenantId, DataConnectorWithAlertsProperties {
+}
 
 /** Represents an account entity. */
-export declare type AccountEntity = Entity & {
+export declare interface AccountEntity extends Entity {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -120,10 +124,10 @@ export declare type AccountEntity = Entity & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly dnsDomain?: string;
-};
+}
 
 /** Account entity property bag. */
-export declare type AccountEntityProperties = EntityCommonProperties & {
+export declare interface AccountEntityProperties extends EntityCommonProperties {
     /**
      * The Azure Active Directory tenant id.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -184,7 +188,7 @@ export declare type AccountEntityProperties = EntityCommonProperties & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly dnsDomain?: string;
-};
+}
 
 /** Action property bag base. */
 export declare interface ActionPropertiesBase {
@@ -193,32 +197,32 @@ export declare interface ActionPropertiesBase {
 }
 
 /** Action for alert rule. */
-export declare type ActionRequest = ResourceWithEtag & {
+export declare interface ActionRequest extends ResourceWithEtag {
     /** Logic App Resource Id, /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}. */
     logicAppResourceId?: string;
     /** Logic App Callback URL for this specific workflow. */
     triggerUri?: string;
-};
+}
 
 /** Action property bag. */
-export declare type ActionRequestProperties = ActionPropertiesBase & {
+export declare interface ActionRequestProperties extends ActionPropertiesBase {
     /** Logic App Callback URL for this specific workflow. */
     triggerUri: string;
-};
+}
 
 /** Action for alert rule. */
-export declare type ActionResponse = ResourceWithEtag & {
+export declare interface ActionResponse extends ResourceWithEtag {
     /** Logic App Resource Id, /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}. */
     logicAppResourceId?: string;
     /** The name of the logic app's workflow. */
     workflowId?: string;
-};
+}
 
 /** Action property bag. */
-export declare type ActionResponseProperties = ActionPropertiesBase & {
+export declare interface ActionResponseProperties extends ActionPropertiesBase {
     /** The name of the logic app's workflow. */
     workflowId?: string;
-};
+}
 
 /** Interface representing a Actions. */
 export declare interface Actions {
@@ -303,8 +307,18 @@ export declare interface ActionsListByAlertRuleOptionalParams extends coreClient
 /** Contains response data for the listByAlertRule operation. */
 export declare type ActionsListByAlertRuleResponse = ActionsList;
 
+/**
+ * Defines values for ActionType. \
+ * {@link KnownActionType} can be used interchangeably with ActionType,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **ModifyProperties**: Modify an object's properties \
+ * **RunPlaybook**: Run a playbook on an object
+ */
+export declare type ActionType = string;
+
 /** Represents Activity entity query. */
-export declare type ActivityCustomEntityQuery = CustomEntityQuery & {
+export declare interface ActivityCustomEntityQuery extends CustomEntityQuery {
     /** The entity query title */
     title?: string;
     /** The entity query content to display in timeline */
@@ -335,7 +349,7 @@ export declare type ActivityCustomEntityQuery = CustomEntityQuery & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly lastModifiedTimeUtc?: Date;
-};
+}
 
 /** The Activity query definitions */
 export declare interface ActivityEntityQueriesPropertiesQueryDefinitions {
@@ -344,7 +358,7 @@ export declare interface ActivityEntityQueriesPropertiesQueryDefinitions {
 }
 
 /** Represents Activity entity query. */
-export declare type ActivityEntityQuery = EntityQuery & {
+export declare interface ActivityEntityQuery extends EntityQuery {
     /** The entity query title */
     title?: string;
     /** The entity query content to display in timeline */
@@ -375,10 +389,10 @@ export declare type ActivityEntityQuery = EntityQuery & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly lastModifiedTimeUtc?: Date;
-};
+}
 
 /** Represents Activity entity query. */
-export declare type ActivityEntityQueryTemplate = EntityQueryTemplate & {
+export declare interface ActivityEntityQueryTemplate extends EntityQueryTemplate {
     /** The entity query title */
     title?: string;
     /** The entity query content to display in timeline */
@@ -397,7 +411,7 @@ export declare type ActivityEntityQueryTemplate = EntityQueryTemplate & {
     entitiesFilter?: {
         [propertyName: string]: string[];
     };
-};
+}
 
 /** The Activity query definitions */
 export declare interface ActivityEntityQueryTemplatePropertiesQueryDefinitions {
@@ -408,7 +422,7 @@ export declare interface ActivityEntityQueryTemplatePropertiesQueryDefinitions {
 }
 
 /** Represents Activity timeline item. */
-export declare type ActivityTimelineItem = EntityTimelineItem & {
+export declare interface ActivityTimelineItem extends EntityTimelineItem {
     /** Polymorphic discriminator, which specifies the different types this object can be */
     kind: "Activity";
     /** The activity query id. */
@@ -425,7 +439,7 @@ export declare type ActivityTimelineItem = EntityTimelineItem & {
     content: string;
     /** The activity timeline title. */
     title: string;
-};
+}
 
 /**
  * Defines values for AlertDetail. \
@@ -450,10 +464,10 @@ export declare interface AlertDetailsOverride {
 }
 
 /** Alert rule. */
-export declare type AlertRule = ResourceWithEtag & {
+export declare interface AlertRule extends ResourceWithEtag {
     /** The kind of the alert rule */
     kind: AlertRuleKind;
-};
+}
 
 /**
  * Defines values for AlertRuleKind. \
@@ -549,10 +563,10 @@ export declare interface AlertRulesListOptionalParams extends coreClient.Operati
 export declare type AlertRulesListResponse = AlertRulesList;
 
 /** Alert rule template. */
-export declare type AlertRuleTemplate = Resource & {
+export declare interface AlertRuleTemplate extends Resource {
     /** The kind of the alert rule */
     kind: AlertRuleKind;
-};
+}
 
 /** alert rule template data sources */
 export declare interface AlertRuleTemplateDataSource {
@@ -639,6 +653,14 @@ export declare type AlertRuleTemplatesListResponse = AlertRuleTemplatesList;
 
 export declare type AlertRuleTemplateUnion = AlertRuleTemplate | MLBehaviorAnalyticsAlertRuleTemplate | FusionAlertRuleTemplate | ThreatIntelligenceAlertRuleTemplate | MicrosoftSecurityIncidentCreationAlertRuleTemplate | ScheduledAlertRuleTemplate | NrtAlertRuleTemplate;
 
+/** Alert rule template with MITRE property bag. */
+export declare interface AlertRuleTemplateWithMitreProperties extends AlertRuleTemplatePropertiesBase {
+    /** The tactics of the alert rule */
+    tactics?: AttackTactic[];
+    /** The techniques of the alert rule */
+    techniques?: string[];
+}
+
 export declare type AlertRuleUnion = AlertRule | MLBehaviorAnalyticsAlertRule | FusionAlertRule | ThreatIntelligenceAlertRule | MicrosoftSecurityIncidentCreationAlertRule | ScheduledAlertRule | NrtAlertRule;
 
 /** Alerts data type for data connectors. */
@@ -673,13 +695,76 @@ export declare type AlertSeverity = string;
 export declare type AlertStatus = string;
 
 /** Settings with single toggle. */
-export declare type Anomalies = Settings & {
+export declare interface Anomalies extends Settings {
     /**
      * Determines whether the setting is enable or disabled.
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly isEnabled?: boolean;
-};
+}
+
+/** Represents Anomaly Security ML Analytics Settings */
+export declare interface AnomalySecurityMLAnalyticsSettings extends SecurityMLAnalyticsSetting {
+    /** The description of the SecurityMLAnalyticsSettings. */
+    description?: string;
+    /** The display name for settings created by this SecurityMLAnalyticsSettings. */
+    displayName?: string;
+    /** Determines whether this settings is enabled or disabled. */
+    enabled?: boolean;
+    /**
+     * The last time that this SecurityMLAnalyticsSettings has been modified.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly lastModifiedUtc?: Date;
+    /** The required data sources for this SecurityMLAnalyticsSettings */
+    requiredDataConnectors?: SecurityMLAnalyticsSettingsDataSource[];
+    /** The tactics of the SecurityMLAnalyticsSettings */
+    tactics?: AttackTactic[];
+    /** The techniques of the SecurityMLAnalyticsSettings */
+    techniques?: string[];
+    /** The anomaly version of the AnomalySecurityMLAnalyticsSettings. */
+    anomalyVersion?: string;
+    /** The customizable observations of the AnomalySecurityMLAnalyticsSettings. */
+    customizableObservations?: Record<string, unknown>;
+    /** The frequency that this SecurityMLAnalyticsSettings will be run. */
+    frequency?: string;
+    /** The anomaly SecurityMLAnalyticsSettings status */
+    settingsStatus?: SettingsStatus;
+    /** Determines whether this anomaly security ml analytics settings is a default settings */
+    isDefaultSettings?: boolean;
+    /** The anomaly settings version of the Anomaly security ml analytics settings that dictates whether job version gets updated or not. */
+    anomalySettingsVersion?: number;
+    /** The anomaly settings definition Id */
+    settingsDefinitionId?: string;
+}
+
+/** Represents anomaly timeline item. */
+export declare interface AnomalyTimelineItem extends EntityTimelineItem {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Anomaly";
+    /** The anomaly azure resource id. */
+    azureResourceId: string;
+    /** The anomaly product name. */
+    productName?: string;
+    /** The anomaly description. */
+    description?: string;
+    /** The anomaly name. */
+    displayName: string;
+    /** The anomaly end time. */
+    endTimeUtc: Date;
+    /** The anomaly start time. */
+    startTimeUtc: Date;
+    /** The anomaly generated time. */
+    timeGenerated: Date;
+    /** The name of the anomaly vendor. */
+    vendor?: string;
+    /** The intent of the anomaly. */
+    intent?: string;
+    /** The techniques of the anomaly. */
+    techniques?: string[];
+    /** The reasons that cause the anomaly. */
+    reasons?: string[];
+}
 
 /**
  * Defines values for AntispamMailDirection. \
@@ -694,32 +779,34 @@ export declare type Anomalies = Settings & {
 export declare type AntispamMailDirection = string;
 
 /** Represents ASC (Azure Security Center) requirements check request. */
-export declare type ASCCheckRequirements = DataConnectorsCheckRequirements & {
+export declare interface ASCCheckRequirements extends DataConnectorsCheckRequirements {
     /** Polymorphic discriminator, which specifies the different types this object can be */
     kind: "AzureSecurityCenter";
     /** The subscription id to connect to, and get the data from. */
     subscriptionId?: string;
-};
+}
 
 /** Represents ASC (Azure Security Center) data connector. */
-export declare type ASCDataConnector = DataConnector & {
+export declare interface ASCDataConnector extends DataConnector {
     /** The available data types for the connector. */
     dataTypes?: AlertsDataTypeOfDataConnector;
     /** The subscription id to connect to, and get the data from. */
     subscriptionId?: string;
-};
+}
 
 /** ASC (Azure Security Center) data connector properties. */
-export declare type ASCDataConnectorProperties = DataConnectorWithAlertsProperties & {
+export declare interface ASCDataConnectorProperties extends DataConnectorWithAlertsProperties {
     /** The subscription id to connect to, and get the data from. */
     subscriptionId?: string;
-};
+}
 
 /**
  * Defines values for AttackTactic. \
  * {@link KnownAttackTactic} can be used interchangeably with AttackTactic,
  *  this enum contains the known values that the service supports.
  * ### Known values supported by the service
+ * **Reconnaissance** \
+ * **ResourceDevelopment** \
  * **InitialAccess** \
  * **Execution** \
  * **Persistence** \
@@ -732,104 +819,113 @@ export declare type ASCDataConnectorProperties = DataConnectorWithAlertsProperti
  * **Exfiltration** \
  * **CommandAndControl** \
  * **Impact** \
- * **PreAttack**
+ * **PreAttack** \
+ * **ImpairProcessControl** \
+ * **InhibitResponseFunction**
  */
 export declare type AttackTactic = string;
 
-/** Represents an automation rule. */
-export declare type AutomationRule = ResourceWithEtag & {
-    /** The display name of the automation  rule */
-    displayName?: string;
-    /** The order of execution of the automation rule */
-    order?: number;
-    /** The triggering logic of the automation rule */
-    triggeringLogic?: AutomationRuleTriggeringLogic;
-    /** The actions to execute when the automation rule is triggered */
-    actions?: AutomationRuleActionUnion[];
+export declare interface AutomationRule extends ResourceWithEtag {
+    /** The display name of the automation rule. */
+    displayName: string;
+    /** The order of execution of the automation rule. */
+    order: number;
+    /** Describes automation rule triggering logic. */
+    triggeringLogic: AutomationRuleTriggeringLogic;
+    /** The actions to execute when the automation rule is triggered. */
+    actions: AutomationRuleActionUnion[];
     /**
-     * The time the automation rule was created
+     * The last time the automation rule was updated.
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
-    readonly createdTimeUtc?: Date;
+    readonly lastModifiedTimeUtc?: Date;
     /**
-     * The last time the automation rule was updated
+     * The time the automation rule was created.
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
-    readonly lastModifiedTimeUtc?: Date;
+    readonly createdTimeUtc?: Date;
     /**
-     * Describes the client that created the automation rule
+     * Information on the client (user or application) that made some action
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
-    readonly createdBy?: ClientInfo;
+    readonly lastModifiedBy?: ClientInfo;
     /**
-     * Describes the client that last updated the automation rule
+     * Information on the client (user or application) that made some action
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
-    readonly lastModifiedBy?: ClientInfo;
-};
+    readonly createdBy?: ClientInfo;
+}
 
-/** Describes an automation rule action */
+/** Describes an automation rule action. */
 export declare interface AutomationRuleAction {
     /** Polymorphic discriminator, which specifies the different types this object can be */
-    actionType: "RunPlaybook" | "ModifyProperties";
-    /** The order of execution of the automation rule action */
+    actionType: "ModifyProperties" | "RunPlaybook";
     order: number;
 }
 
+export declare type AutomationRuleActionUnion = AutomationRuleAction | AutomationRuleModifyPropertiesAction | AutomationRuleRunPlaybookAction;
+
+/** Describes an automation rule condition. */
+export declare interface AutomationRuleCondition {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    conditionType: "PropertyArrayChanged" | "PropertyChanged" | "Property";
+}
+
+export declare type AutomationRuleConditionUnion = AutomationRuleCondition | PropertyArrayChangedConditionProperties | PropertyChangedConditionProperties | PropertyConditionProperties;
+
+/** Describes an automation rule action to modify an object's properties */
+export declare interface AutomationRuleModifyPropertiesAction extends AutomationRuleAction {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    actionType: "ModifyProperties";
+    actionConfiguration?: IncidentPropertiesAction;
+}
+
 /**
- * Defines values for AutomationRuleActionType. \
- * {@link KnownAutomationRuleActionType} can be used interchangeably with AutomationRuleActionType,
+ * Defines values for AutomationRulePropertyArrayChangedConditionSupportedArrayType. \
+ * {@link KnownAutomationRulePropertyArrayChangedConditionSupportedArrayType} can be used interchangeably with AutomationRulePropertyArrayChangedConditionSupportedArrayType,
  *  this enum contains the known values that the service supports.
  * ### Known values supported by the service
- * **ModifyProperties**: Modify an object's properties \
- * **RunPlaybook**: Run a playbook on an object
+ * **Alerts**: Evaluate the condition on the alerts \
+ * **Labels**: Evaluate the condition on the labels \
+ * **Tactics**: Evaluate the condition on the tactics \
+ * **Comments**: Evaluate the condition on the comments
  */
-export declare type AutomationRuleActionType = string;
+export declare type AutomationRulePropertyArrayChangedConditionSupportedArrayType = string;
 
-export declare type AutomationRuleActionUnion = AutomationRuleAction | AutomationRuleRunPlaybookAction | AutomationRuleModifyPropertiesAction;
+/**
+ * Defines values for AutomationRulePropertyArrayChangedConditionSupportedChangeType. \
+ * {@link KnownAutomationRulePropertyArrayChangedConditionSupportedChangeType} can be used interchangeably with AutomationRulePropertyArrayChangedConditionSupportedChangeType,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **Added**: Evaluate the condition on items added to the array
+ */
+export declare type AutomationRulePropertyArrayChangedConditionSupportedChangeType = string;
 
-/** Describes an automation rule condition */
-export declare interface AutomationRuleCondition {
-    /** Polymorphic discriminator, which specifies the different types this object can be */
-    conditionType: "Property";
+export declare interface AutomationRulePropertyArrayChangedValuesCondition {
+    arrayType?: AutomationRulePropertyArrayChangedConditionSupportedArrayType;
+    changeType?: AutomationRulePropertyArrayChangedConditionSupportedChangeType;
 }
 
 /**
- * Defines values for AutomationRuleConditionType. \
- * {@link KnownAutomationRuleConditionType} can be used interchangeably with AutomationRuleConditionType,
+ * Defines values for AutomationRulePropertyChangedConditionSupportedChangedType. \
+ * {@link KnownAutomationRulePropertyChangedConditionSupportedChangedType} can be used interchangeably with AutomationRulePropertyChangedConditionSupportedChangedType,
  *  this enum contains the known values that the service supports.
  * ### Known values supported by the service
- * **Property**: Evaluate an object property value
+ * **ChangedFrom**: Evaluate the condition on the previous value of the property \
+ * **ChangedTo**: Evaluate the condition on the updated value of the property
  */
-export declare type AutomationRuleConditionType = string;
-
-export declare type AutomationRuleConditionUnion = AutomationRuleCondition | AutomationRulePropertyValuesCondition;
-
-/** Describes an automation rule action to modify an object's properties */
-export declare type AutomationRuleModifyPropertiesAction = AutomationRuleAction & {
-    /** Polymorphic discriminator, which specifies the different types this object can be */
-    actionType: "ModifyProperties";
-    /** The configuration of the modify properties automation rule action */
-    actionConfiguration: AutomationRuleModifyPropertiesActionConfiguration;
-};
+export declare type AutomationRulePropertyChangedConditionSupportedChangedType = string;
 
-/** The configuration of the modify properties automation rule action */
-export declare interface AutomationRuleModifyPropertiesActionConfiguration {
-    /** The reason the incident was closed */
-    classification?: IncidentClassification;
-    /** Describes the reason the incident was closed */
-    classificationComment?: string;
-    /** The classification reason the incident was closed with */
-    classificationReason?: IncidentClassificationReason;
-    /** List of labels to add to the incident */
-    labels?: IncidentLabel[];
-    /** Describes a user that the incident is assigned to */
-    owner?: IncidentOwnerInfo;
-    /** The severity of the incident */
-    severity?: IncidentSeverity;
-    /** The status of the incident */
-    status?: IncidentStatus;
-}
+/**
+ * Defines values for AutomationRulePropertyChangedConditionSupportedPropertyType. \
+ * {@link KnownAutomationRulePropertyChangedConditionSupportedPropertyType} can be used interchangeably with AutomationRulePropertyChangedConditionSupportedPropertyType,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **IncidentSeverity**: Evaluate the condition on the incident severity \
+ * **IncidentStatus**: Evaluate the condition on the incident status \
+ * **IncidentOwner**: Evaluate the condition on the incident owner
+ */
+export declare type AutomationRulePropertyChangedConditionSupportedPropertyType = string;
 
 /**
  * Defines values for AutomationRulePropertyConditionSupportedOperator. \
@@ -856,17 +952,20 @@ export declare type AutomationRulePropertyConditionSupportedOperator = string;
  * **IncidentDescription**: The description of the incident \
  * **IncidentSeverity**: The severity of the incident \
  * **IncidentStatus**: The status of the incident \
- * **IncidentTactics**: The tactics of the incident \
  * **IncidentRelatedAnalyticRuleIds**: The related Analytic rule ids of the incident \
+ * **IncidentTactics**: The tactics of the incident \
+ * **IncidentLabel**: The labels of the incident \
  * **IncidentProviderName**: The provider name of the incident \
  * **AccountAadTenantId**: The account Azure Active Directory tenant id \
- * **AccountAadUserId**: The account Azure Active Directory user id. \
+ * **AccountAadUserId**: The account Azure Active Directory user id \
  * **AccountName**: The account name \
  * **AccountNTDomain**: The account NetBIOS domain name \
  * **AccountPUID**: The account Azure Active Directory Passport User ID \
  * **AccountSid**: The account security identifier \
  * **AccountObjectGuid**: The account unique identifier \
  * **AccountUPNSuffix**: The account user principal name suffix \
+ * **AlertProductNames**: The name of the product of the alert \
+ * **AlertAnalyticRuleIds**: The analytic rule ids of the alert \
  * **AzureResourceResourceId**: The Azure resource id \
  * **AzureResourceSubscriptionId**: The Azure resource subscription id \
  * **CloudApplicationAppId**: The cloud application identifier \
@@ -880,7 +979,7 @@ export declare type AutomationRulePropertyConditionSupportedOperator = string;
  * **HostNetBiosName**: The host NetBIOS name \
  * **HostNTDomain**: The host NT domain \
  * **HostOSVersion**: The host operating system \
- * **IoTDeviceId**: The IoT device id \
+ * **IoTDeviceId**: "The IoT device id \
  * **IoTDeviceName**: The IoT device name \
  * **IoTDeviceType**: The IoT device type \
  * **IoTDeviceVendor**: The IoT device vendor \
@@ -907,38 +1006,25 @@ export declare type AutomationRulePropertyConditionSupportedOperator = string;
  */
 export declare type AutomationRulePropertyConditionSupportedProperty = string;
 
-/** Describes an automation rule condition that evaluates a property's value */
-export declare type AutomationRulePropertyValuesCondition = AutomationRuleCondition & {
-    /** Polymorphic discriminator, which specifies the different types this object can be */
-    conditionType: "Property";
-    /** The configuration of the automation rule condition */
-    conditionProperties: AutomationRulePropertyValuesConditionProperties;
-};
+export declare interface AutomationRulePropertyValuesChangedCondition {
+    propertyName?: AutomationRulePropertyChangedConditionSupportedPropertyType;
+    changeType?: AutomationRulePropertyChangedConditionSupportedChangedType;
+    operator?: AutomationRulePropertyConditionSupportedOperator;
+    propertyValues?: string[];
+}
 
-/** The configuration of the automation rule condition */
-export declare interface AutomationRulePropertyValuesConditionProperties {
-    /** The property to evaluate */
+export declare interface AutomationRulePropertyValuesCondition {
+    /** The property to evaluate in an automation rule property condition. */
     propertyName?: AutomationRulePropertyConditionSupportedProperty;
-    /** The operator to use for evaluation the condition */
     operator?: AutomationRulePropertyConditionSupportedOperator;
-    /** The values to use for evaluating the condition */
     propertyValues?: string[];
 }
 
 /** Describes an automation rule action to run a playbook */
-export declare type AutomationRuleRunPlaybookAction = AutomationRuleAction & {
+export declare interface AutomationRuleRunPlaybookAction extends AutomationRuleAction {
     /** Polymorphic discriminator, which specifies the different types this object can be */
     actionType: "RunPlaybook";
-    /** The configuration of the run playbook automation rule action */
-    actionConfiguration: AutomationRuleRunPlaybookActionConfiguration;
-};
-
-/** The configuration of the run playbook automation rule action */
-export declare interface AutomationRuleRunPlaybookActionConfiguration {
-    /** The resource id of the playbook resource */
-    logicAppResourceId?: string;
-    /** The tenant id of the playbook resource */
-    tenantId?: string;
+    actionConfiguration?: PlaybookActionProperties;
 }
 
 /** Interface representing a AutomationRules. */
@@ -963,10 +1049,9 @@ export declare interface AutomationRules {
      * @param resourceGroupName The name of the resource group. The name is case insensitive.
      * @param workspaceName The name of the workspace.
      * @param automationRuleId Automation rule ID
-     * @param automationRule The automation rule
      * @param options The options parameters.
      */
-    createOrUpdate(resourceGroupName: string, workspaceName: string, automationRuleId: string, automationRule: AutomationRule, options?: AutomationRulesCreateOrUpdateOptionalParams): Promise<AutomationRulesCreateOrUpdateResponse>;
+    createOrUpdate(resourceGroupName: string, workspaceName: string, automationRuleId: string, options?: AutomationRulesCreateOrUpdateOptionalParams): Promise<AutomationRulesCreateOrUpdateResponse>;
     /**
      * Delete the automation rule.
      * @param resourceGroupName The name of the resource group. The name is case insensitive.
@@ -974,11 +1059,13 @@ export declare interface AutomationRules {
      * @param automationRuleId Automation rule ID
      * @param options The options parameters.
      */
-    delete(resourceGroupName: string, workspaceName: string, automationRuleId: string, options?: AutomationRulesDeleteOptionalParams): Promise<void>;
+    delete(resourceGroupName: string, workspaceName: string, automationRuleId: string, options?: AutomationRulesDeleteOptionalParams): Promise<AutomationRulesDeleteResponse>;
 }
 
 /** Optional parameters. */
 export declare interface AutomationRulesCreateOrUpdateOptionalParams extends coreClient.OperationOptions {
+    /** The automation rule */
+    automationRuleToUpsert?: AutomationRule;
 }
 
 /** Contains response data for the createOrUpdate operation. */
@@ -988,6 +1075,9 @@ export declare type AutomationRulesCreateOrUpdateResponse = AutomationRule;
 export declare interface AutomationRulesDeleteOptionalParams extends coreClient.OperationOptions {
 }
 
+/** Contains response data for the delete operation. */
+export declare type AutomationRulesDeleteResponse = Record<string, unknown>;
+
 /** Optional parameters. */
 export declare interface AutomationRulesGetOptionalParams extends coreClient.OperationOptions {
 }
@@ -995,15 +1085,9 @@ export declare interface AutomationRulesGetOptionalParams extends coreClient.Ope
 /** Contains response data for the get operation. */
 export declare type AutomationRulesGetResponse = AutomationRule;
 
-/** List all the automation rules. */
 export declare interface AutomationRulesList {
-    /**
-     * URL to fetch the next set of automation rules.
-     * NOTE: This property will not be serialized. It can only be populated by the server.
-     */
-    readonly nextLink?: string;
-    /** Array of automation rules. */
-    value: AutomationRule[];
+    value?: AutomationRule[];
+    nextLink?: string;
 }
 
 /** Optional parameters. */
@@ -1020,41 +1104,39 @@ export declare interface AutomationRulesListOptionalParams extends coreClient.Op
 /** Contains response data for the list operation. */
 export declare type AutomationRulesListResponse = AutomationRulesList;
 
-/** Describes automation rule triggering logic */
+/** Describes automation rule triggering logic. */
 export declare interface AutomationRuleTriggeringLogic {
     /** Determines whether the automation rule is enabled or disabled. */
     isEnabled: boolean;
     /** Determines when the automation rule should automatically expire and be disabled. */
     expirationTimeUtc?: Date;
-    /** The type of object the automation rule triggers on */
     triggersOn: TriggersOn;
-    /** The type of event the automation rule triggers on */
     triggersWhen: TriggersWhen;
-    /** The conditions to evaluate to determine if the automation rule should be triggered on a given object */
+    /** The conditions to evaluate to determine if the automation rule should be triggered on a given object. */
     conditions?: AutomationRuleConditionUnion[];
 }
 
 /** Connector Availability Status */
 export declare interface Availability {
     /** The connector Availability Status */
-    status?: "1";
+    status?: 1;
     /** Set connector as preview */
     isPreview?: boolean;
 }
 
 /** Amazon Web Services CloudTrail requirements check request. */
-export declare type AwsCloudTrailCheckRequirements = DataConnectorsCheckRequirements & {
+export declare interface AwsCloudTrailCheckRequirements extends DataConnectorsCheckRequirements {
     /** Polymorphic discriminator, which specifies the different types this object can be */
     kind: "AmazonWebServicesCloudTrail";
-};
+}
 
 /** Represents Amazon Web Services CloudTrail data connector. */
-export declare type AwsCloudTrailDataConnector = DataConnector & {
+export declare interface AwsCloudTrailDataConnector extends DataConnector {
     /** The Aws Role Arn (with CloudTrailReadOnly policy) that is used to access the Aws account. */
     awsRoleArn?: string;
     /** The available data types for the connector. */
     dataTypes?: AwsCloudTrailDataConnectorDataTypes;
-};
+}
 
 /** The available data types for Amazon Web Services CloudTrail data connector. */
 export declare interface AwsCloudTrailDataConnectorDataTypes {
@@ -1063,16 +1145,17 @@ export declare interface AwsCloudTrailDataConnectorDataTypes {
 }
 
 /** Logs data type. */
-export declare type AwsCloudTrailDataConnectorDataTypesLogs = DataConnectorDataTypeCommon & {};
+export declare interface AwsCloudTrailDataConnectorDataTypesLogs extends DataConnectorDataTypeCommon {
+}
 
 /** Amazon Web Services S3 requirements check request. */
-export declare type AwsS3CheckRequirements = DataConnectorsCheckRequirements & {
+export declare interface AwsS3CheckRequirements extends DataConnectorsCheckRequirements {
     /** Polymorphic discriminator, which specifies the different types this object can be */
     kind: "AmazonWebServicesS3";
-};
+}
 
 /** Represents Amazon Web Services S3 data connector. */
-export declare type AwsS3DataConnector = DataConnector & {
+export declare interface AwsS3DataConnector extends DataConnector {
     /** The logs destination table name in LogAnalytics. */
     destinationTable?: string;
     /** The AWS sqs urls for the connector. */
@@ -1081,7 +1164,7 @@ export declare type AwsS3DataConnector = DataConnector & {
     roleArn?: string;
     /** The available data types for the connector. */
     dataTypes?: AwsS3DataConnectorDataTypes;
-};
+}
 
 /** The available data types for Amazon Web Services S3 data connector. */
 export declare interface AwsS3DataConnectorDataTypes {
@@ -1090,10 +1173,19 @@ export declare interface AwsS3DataConnectorDataTypes {
 }
 
 /** Logs data type. */
-export declare type AwsS3DataConnectorDataTypesLogs = DataConnectorDataTypeCommon & {};
+export declare interface AwsS3DataConnectorDataTypesLogs extends DataConnectorDataTypeCommon {
+}
+
+/** Resources created in Azure DevOps repository. */
+export declare interface AzureDevOpsResourceInfo {
+    /** Id of the pipeline created for the source-control. */
+    pipelineId?: string;
+    /** Id of the service-connection created for the source-control. */
+    serviceConnectionId?: string;
+}
 
 /** Represents an azure resource entity. */
-export declare type AzureResourceEntity = Entity & {
+export declare interface AzureResourceEntity extends Entity {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -1116,10 +1208,10 @@ export declare type AzureResourceEntity = Entity & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly subscriptionId?: string;
-};
+}
 
 /** AzureResource entity property bag. */
-export declare type AzureResourceEntityProperties = EntityCommonProperties & {
+export declare interface AzureResourceEntityProperties extends EntityCommonProperties {
     /**
      * The azure resource id of the resource
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -1130,10 +1222,10 @@ export declare type AzureResourceEntityProperties = EntityCommonProperties & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly subscriptionId?: string;
-};
+}
 
 /** Represents a bookmark in Azure Security Insights. */
-export declare type Bookmark = ResourceWithEtag & {
+export declare interface Bookmark extends ResourceWithEtag {
     /** The time the bookmark was created */
     created?: Date;
     /** Describes a user that created the bookmark */
@@ -1160,7 +1252,21 @@ export declare type Bookmark = ResourceWithEtag & {
     queryEndTime?: Date;
     /** Describes an incident that relates to bookmark */
     incidentInfo?: IncidentInfo;
-};
+    /** Describes the entity mappings of the bookmark */
+    entityMappings?: BookmarkEntityMappings[];
+    /** A list of relevant mitre attacks */
+    tactics?: AttackTactic[];
+    /** A list of relevant mitre techniques */
+    techniques?: string[];
+}
+
+/** Describes the entity mappings of a single entity */
+export declare interface BookmarkEntityMappings {
+    /** The entity type */
+    entityType?: string;
+    /** Array of fields mapping for that entity type */
+    fieldMappings?: EntityFieldMapping[];
+}
 
 /** Contains response data for the expand operation. */
 export declare type BookmarkExpandOperationResponse = BookmarkExpandResponse;
@@ -1198,7 +1304,7 @@ export declare interface BookmarkExpandResponseValue {
 /** List all the bookmarks. */
 export declare interface BookmarkList {
     /**
-     * URL to fetch the next set of cases.
+     * URL to fetch the next set of bookmarks.
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly nextLink?: string;
@@ -1376,7 +1482,7 @@ export declare interface BookmarksListOptionalParams extends coreClient.Operatio
 export declare type BookmarksListResponse = BookmarkList;
 
 /** Represents bookmark timeline item. */
-export declare type BookmarkTimelineItem = EntityTimelineItem & {
+export declare interface BookmarkTimelineItem extends EntityTimelineItem {
     /** Polymorphic discriminator, which specifies the different types this object can be */
     kind: "Bookmark";
     /** The bookmark azure resource id. */
@@ -1395,7 +1501,7 @@ export declare type BookmarkTimelineItem = EntityTimelineItem & {
     createdBy?: UserInfo;
     /** List of labels relevant to this bookmark */
     labels?: string[];
-};
+}
 
 /** Information on the client (user or application) that made some action */
 export declare interface ClientInfo {
@@ -1410,7 +1516,7 @@ export declare interface ClientInfo {
 }
 
 /** Represents a cloud application entity. */
-export declare type CloudApplicationEntity = Entity & {
+export declare interface CloudApplicationEntity extends Entity {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -1438,10 +1544,10 @@ export declare type CloudApplicationEntity = Entity & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly instanceName?: string;
-};
+}
 
 /** CloudApplication entity property bag. */
-export declare type CloudApplicationEntityProperties = EntityCommonProperties & {
+export declare interface CloudApplicationEntityProperties extends EntityCommonProperties {
     /**
      * The technical identifier of the application.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -1457,7 +1563,7 @@ export declare type CloudApplicationEntityProperties = EntityCommonProperties &
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly instanceName?: string;
-};
+}
 
 /** Error response structure. */
 export declare interface CloudError {
@@ -1480,12 +1586,12 @@ export declare interface CloudErrorBody {
 }
 
 /** Represents Codeless API Polling data connector. */
-export declare type CodelessApiPollingDataConnector = DataConnector & {
+export declare interface CodelessApiPollingDataConnector extends DataConnector {
     /** Config to describe the instructions blade */
     connectorUiConfig?: CodelessUiConnectorConfigProperties;
     /** Config to describe the polling instructions */
     pollingConfig?: CodelessConnectorPollingConfigProperties;
-};
+}
 
 /** Describe the authentication properties needed to successfully authenticate with the server */
 export declare interface CodelessConnectorPollingAuthProperties {
@@ -1621,21 +1727,37 @@ export declare interface CodelessUiConnectorConfigProperties {
     instructionSteps: CodelessUiConnectorConfigPropertiesInstructionStepsItem[];
 }
 
-export declare type CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem = ConnectivityCriteria & {};
+export declare interface CodelessUiConnectorConfigPropertiesConnectivityCriteriaItem extends ConnectivityCriteria {
+}
 
-export declare type CodelessUiConnectorConfigPropertiesDataTypesItem = LastDataReceivedDataType & {};
+export declare interface CodelessUiConnectorConfigPropertiesDataTypesItem extends LastDataReceivedDataType {
+}
 
-export declare type CodelessUiConnectorConfigPropertiesGraphQueriesItem = GraphQueries & {};
+export declare interface CodelessUiConnectorConfigPropertiesGraphQueriesItem extends GraphQueries {
+}
 
-export declare type CodelessUiConnectorConfigPropertiesInstructionStepsItem = InstructionSteps & {};
+export declare interface CodelessUiConnectorConfigPropertiesInstructionStepsItem extends InstructionSteps {
+}
 
-export declare type CodelessUiConnectorConfigPropertiesSampleQueriesItem = SampleQueries & {};
+export declare interface CodelessUiConnectorConfigPropertiesSampleQueriesItem extends SampleQueries {
+}
 
 /** Represents Codeless UI data connector. */
-export declare type CodelessUiDataConnector = DataConnector & {
+export declare interface CodelessUiDataConnector extends DataConnector {
     /** Config to describe the instructions blade */
     connectorUiConfig?: CodelessUiConnectorConfigProperties;
-};
+}
+
+/**
+ * Defines values for ConditionType. \
+ * {@link KnownConditionType} can be used interchangeably with ConditionType,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **Property**: Evaluate an object property value \
+ * **PropertyChanged**: Evaluate an object property changed value \
+ * **PropertyArrayChanged**: Evaluate an object array property changed value
+ */
+export declare type ConditionType = string;
 
 /**
  * Defines values for ConfidenceLevel. \
@@ -1735,10 +1857,10 @@ export declare type ContentType = string;
 export declare type CreatedByType = string;
 
 /** Specific entity query that supports put requests. */
-export declare type CustomEntityQuery = ResourceWithEtag & {
+export declare interface CustomEntityQuery extends ResourceWithEtag {
     /** the entity query kind */
     kind: CustomEntityQueryKind;
-};
+}
 
 /**
  * Defines values for CustomEntityQueryKind. \
@@ -1752,7 +1874,8 @@ export declare type CustomEntityQueryKind = string;
 export declare type CustomEntityQueryUnion = CustomEntityQuery | ActivityCustomEntityQuery;
 
 /** Customs permissions required for the connector */
-export declare type Customs = CustomsPermission & {};
+export declare interface Customs extends CustomsPermission {
+}
 
 /** Customs permissions required for the connector */
 export declare interface CustomsPermission {
@@ -1763,10 +1886,10 @@ export declare interface CustomsPermission {
 }
 
 /** Data connector */
-export declare type DataConnector = ResourceWithEtag & {
+export declare interface DataConnector extends ResourceWithEtag {
     /** The data connector kind */
     kind: DataConnectorKind;
-};
+}
 
 /**
  * Defines values for DataConnectorAuthorizationState. \
@@ -1784,6 +1907,12 @@ export declare interface DataConnectorConnectBody {
     kind?: ConnectAuthKind;
     /** The API key of the audit server. */
     apiKey?: string;
+    /** Used in v2 logs connector. Represents the data collection ingestion endpoint in log analytics. */
+    dataCollectionEndpoint?: string;
+    /** Used in v2 logs connector. The data collection rule immutable id, the rule defines the transformation and data destination. */
+    dataCollectionRuleImmutableId?: string;
+    /** Used in v2 logs connector. The stream we are sending the data to, this is the name of the streamDeclarations defined in the DCR. */
+    outputStream?: string;
     /** The client secret of the OAuth 2.0 application. */
     clientSecret?: string;
     /** The client id of the OAuth 2.0 application. */
@@ -1816,6 +1945,8 @@ export declare interface DataConnectorDataTypeCommon {
  * **Office365** \
  * **OfficeATP** \
  * **OfficeIRM** \
+ * **Office365Project** \
+ * **OfficePowerBI** \
  * **AmazonWebServicesCloudTrail** \
  * **AmazonWebServicesS3** \
  * **AzureAdvancedThreatProtection** \
@@ -1824,7 +1955,8 @@ export declare interface DataConnectorDataTypeCommon {
  * **MicrosoftThreatProtection** \
  * **MicrosoftThreatIntelligence** \
  * **GenericUI** \
- * **APIPolling**
+ * **APIPolling** \
+ * **IOT**
  */
 export declare type DataConnectorKind = string;
 
@@ -1914,7 +2046,7 @@ export declare interface DataConnectors {
 /** Data connector requirements properties. */
 export declare interface DataConnectorsCheckRequirements {
     /** Polymorphic discriminator, which specifies the different types this object can be */
-    kind: "AzureActiveDirectory" | "AzureAdvancedThreatProtection" | "AzureSecurityCenter" | "AmazonWebServicesCloudTrail" | "AmazonWebServicesS3" | "Dynamics365" | "MicrosoftCloudAppSecurity" | "MicrosoftDefenderAdvancedThreatProtection" | "MicrosoftThreatIntelligence" | "MicrosoftThreatProtection" | "OfficeATP" | "OfficeIRM" | "ThreatIntelligence" | "ThreatIntelligenceTaxii";
+    kind: "AzureActiveDirectory" | "AzureAdvancedThreatProtection" | "AzureSecurityCenter" | "AmazonWebServicesCloudTrail" | "AmazonWebServicesS3" | "Dynamics365" | "MicrosoftCloudAppSecurity" | "MicrosoftDefenderAdvancedThreatProtection" | "MicrosoftThreatIntelligence" | "MicrosoftThreatProtection" | "OfficeATP" | "OfficeIRM" | "Office365Project" | "OfficePowerBI" | "ThreatIntelligence" | "ThreatIntelligenceTaxii" | "IOT";
 }
 
 /** Interface representing a DataConnectorsCheckRequirementsOperations. */
@@ -1936,7 +2068,7 @@ export declare interface DataConnectorsCheckRequirementsPostOptionalParams exten
 /** Contains response data for the post operation. */
 export declare type DataConnectorsCheckRequirementsPostResponse = DataConnectorRequirementsState;
 
-export declare type DataConnectorsCheckRequirementsUnion = DataConnectorsCheckRequirements | AADCheckRequirements | AatpCheckRequirements | ASCCheckRequirements | AwsCloudTrailCheckRequirements | AwsS3CheckRequirements | Dynamics365CheckRequirements | McasCheckRequirements | MdatpCheckRequirements | MstiCheckRequirements | MtpCheckRequirements | OfficeATPCheckRequirements | OfficeIRMCheckRequirements | TICheckRequirements | TiTaxiiCheckRequirements;
+export declare type DataConnectorsCheckRequirementsUnion = DataConnectorsCheckRequirements | AADCheckRequirements | AatpCheckRequirements | ASCCheckRequirements | AwsCloudTrailCheckRequirements | AwsS3CheckRequirements | Dynamics365CheckRequirements | McasCheckRequirements | MdatpCheckRequirements | MstiCheckRequirements | MtpCheckRequirements | OfficeATPCheckRequirements | OfficeIRMCheckRequirements | Office365ProjectCheckRequirements | OfficePowerBICheckRequirements | TICheckRequirements | TiTaxiiCheckRequirements | IoTCheckRequirements;
 
 /** Optional parameters. */
 export declare interface DataConnectorsConnectOptionalParams extends coreClient.OperationOptions {
@@ -1984,7 +2116,7 @@ export declare interface DataConnectorTenantId {
     tenantId: string;
 }
 
-export declare type DataConnectorUnion = DataConnector | AADDataConnector | MstiDataConnector | MTPDataConnector | AatpDataConnector | ASCDataConnector | AwsCloudTrailDataConnector | AwsS3DataConnector | McasDataConnector | Dynamics365DataConnector | OfficeATPDataConnector | OfficeIRMDataConnector | MdatpDataConnector | OfficeDataConnector | TIDataConnector | TiTaxiiDataConnector | CodelessUiDataConnector | CodelessApiPollingDataConnector;
+export declare type DataConnectorUnion = DataConnector | AADDataConnector | MstiDataConnector | MTPDataConnector | AatpDataConnector | ASCDataConnector | AwsCloudTrailDataConnector | AwsS3DataConnector | McasDataConnector | Dynamics365DataConnector | OfficeATPDataConnector | Office365ProjectDataConnector | OfficePowerBIDataConnector | OfficeIRMDataConnector | MdatpDataConnector | OfficeDataConnector | TIDataConnector | TiTaxiiDataConnector | IoTDataConnector | CodelessUiDataConnector | CodelessApiPollingDataConnector;
 
 /** Data connector properties. */
 export declare interface DataConnectorWithAlertsProperties {
@@ -2014,8 +2146,78 @@ export declare type DeliveryAction = "Unknown" | "DeliveredAsSpam" | "Delivered"
 /** Defines values for DeliveryLocation. */
 export declare type DeliveryLocation = "Unknown" | "Inbox" | "JunkFolder" | "DeletedFolder" | "Quarantine" | "External" | "Failed" | "Dropped" | "Forwarded";
 
+/** Description about a deployment. */
+export declare interface Deployment {
+    /** Deployment identifier. */
+    deploymentId?: string;
+    /** Current status of the deployment. */
+    deploymentState?: DeploymentState;
+    /** The outcome of the deployment. */
+    deploymentResult?: DeploymentResult;
+    /** The time when the deployment finished. */
+    deploymentTime?: Date;
+    /** Url to access repository action logs. */
+    deploymentLogsUrl?: string;
+}
+
+/**
+ * Defines values for DeploymentFetchStatus. \
+ * {@link KnownDeploymentFetchStatus} can be used interchangeably with DeploymentFetchStatus,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **Success** \
+ * **Unauthorized** \
+ * **NotFound**
+ */
+export declare type DeploymentFetchStatus = string;
+
+/** Information regarding a deployment. */
+export declare interface DeploymentInfo {
+    /** Status while fetching the last deployment. */
+    deploymentFetchStatus?: DeploymentFetchStatus;
+    /** Deployment information. */
+    deployment?: Deployment;
+    /** Additional details about the deployment that can be shown to the user. */
+    message?: string;
+}
+
+/**
+ * Defines values for DeploymentResult. \
+ * {@link KnownDeploymentResult} can be used interchangeably with DeploymentResult,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **Success** \
+ * **Canceled** \
+ * **Failed**
+ */
+export declare type DeploymentResult = string;
+
+/**
+ * Defines values for DeploymentState. \
+ * {@link KnownDeploymentState} can be used interchangeably with DeploymentState,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **In_Progress** \
+ * **Completed** \
+ * **Queued** \
+ * **Canceling**
+ */
+export declare type DeploymentState = string;
+
+/**
+ * Defines values for DeviceImportance. \
+ * {@link KnownDeviceImportance} can be used interchangeably with DeviceImportance,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **Unknown**: Unknown - Default value \
+ * **Low**: Low \
+ * **Normal**: Normal \
+ * **High**: High
+ */
+export declare type DeviceImportance = string;
+
 /** Represents a dns entity. */
-export declare type DnsEntity = Entity & {
+export declare interface DnsEntity extends Entity {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -2048,10 +2250,10 @@ export declare type DnsEntity = Entity & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly ipAddressEntityIds?: string[];
-};
+}
 
 /** Dns entity property bag. */
-export declare type DnsEntityProperties = EntityCommonProperties & {
+export declare interface DnsEntityProperties extends EntityCommonProperties {
     /**
      * An ip entity id for the dns server resolving the request
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -2072,7 +2274,7 @@ export declare type DnsEntityProperties = EntityCommonProperties & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly ipAddressEntityIds?: string[];
-};
+}
 
 /** Interface representing a DomainWhois. */
 export declare interface DomainWhois {
@@ -2093,23 +2295,24 @@ export declare interface DomainWhoisGetOptionalParams extends coreClient.Operati
 export declare type DomainWhoisGetResponse = EnrichmentDomainWhois;
 
 /** Represents Dynamics365 requirements check request. */
-export declare type Dynamics365CheckRequirements = DataConnectorsCheckRequirements & {
+export declare interface Dynamics365CheckRequirements extends DataConnectorsCheckRequirements {
     /** Polymorphic discriminator, which specifies the different types this object can be */
     kind: "Dynamics365";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
-};
+}
 
 /** Dynamics365 requirements check properties. */
-export declare type Dynamics365CheckRequirementsProperties = DataConnectorTenantId & {};
+export declare interface Dynamics365CheckRequirementsProperties extends DataConnectorTenantId {
+}
 
 /** Represents Dynamics365 data connector. */
-export declare type Dynamics365DataConnector = DataConnector & {
+export declare interface Dynamics365DataConnector extends DataConnector {
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
     dataTypes?: Dynamics365DataConnectorDataTypes;
-};
+}
 
 /** The available data types for Dynamics365 data connector. */
 export declare interface Dynamics365DataConnectorDataTypes {
@@ -2118,13 +2321,14 @@ export declare interface Dynamics365DataConnectorDataTypes {
 }
 
 /** Common Data Service data type connection. */
-export declare type Dynamics365DataConnectorDataTypesDynamics365CdsActivities = DataConnectorDataTypeCommon & {};
+export declare interface Dynamics365DataConnectorDataTypesDynamics365CdsActivities extends DataConnectorDataTypeCommon {
+}
 
 /** Dynamics365 data connector properties. */
-export declare type Dynamics365DataConnectorProperties = DataConnectorTenantId & {
+export declare interface Dynamics365DataConnectorProperties extends DataConnectorTenantId {
     /** The available data types for the connector. */
     dataTypes: Dynamics365DataConnectorDataTypes;
-};
+}
 
 /** Defines values for ElevationToken. */
 export declare type ElevationToken = "Default" | "Full" | "Limited";
@@ -2398,19 +2602,16 @@ export declare interface EntitiesRelationsListOptionalParams extends coreClient.
 export declare type EntitiesRelationsListResponse = RelationList;
 
 /** Specific entity. */
-export declare type Entity = Resource & {
+export declare interface Entity extends Resource {
     /** The kind of the entity. */
     kind: EntityKind;
-};
+}
 
 /** Settings with single toggle. */
-export declare type EntityAnalytics = Settings & {
-    /**
-     * Determines whether the setting is enable or disabled.
-     * NOTE: This property will not be serialized. It can only be populated by the server.
-     */
-    readonly isEnabled?: boolean;
-};
+export declare interface EntityAnalytics extends Settings {
+    /** The relevant entity providers that are synced */
+    entityProviders?: EntityProviders[];
+}
 
 /** Entity common property bag. */
 export declare interface EntityCommonProperties {
@@ -2464,6 +2665,14 @@ export declare interface EntityExpandResponseValue {
     edges?: EntityEdges[];
 }
 
+/** Map identifiers of a single entity */
+export declare interface EntityFieldMapping {
+    /** Alert V3 identifier */
+    identifier?: string;
+    /** The value of the identifier */
+    value?: string;
+}
+
 /** The parameters required to execute insights operation on the given entity. */
 export declare interface EntityGetInsightsParameters {
     /** The start timeline date, so the results returned are after this date. */
@@ -2538,7 +2747,8 @@ export declare type EntityItemQueryKind = string;
  * **MailCluster**: Entity represents mail cluster in the system. \
  * **MailMessage**: Entity represents mail message in the system. \
  * **Mailbox**: Entity represents mailbox in the system. \
- * **SubmissionMail**: Entity represents submission mail in the system.
+ * **SubmissionMail**: Entity represents submission mail in the system. \
+ * **Nic**: Entity represents network interface in the system.
  */
 export declare type EntityKind = string;
 
@@ -2587,6 +2797,16 @@ export declare interface EntityMapping {
  */
 export declare type EntityMappingType = string;
 
+/**
+ * Defines values for EntityProviders. \
+ * {@link KnownEntityProviders} can be used interchangeably with EntityProviders,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **ActiveDirectory** \
+ * **AzureActiveDirectory**
+ */
+export declare type EntityProviders = string;
+
 /** Interface representing a EntityQueries. */
 export declare interface EntityQueries {
     /**
@@ -2644,7 +2864,7 @@ export declare type EntityQueriesGetResponse = EntityQueryUnion;
 /** Optional parameters. */
 export declare interface EntityQueriesListNextOptionalParams extends coreClient.OperationOptions {
     /** The entity query kind we want to fetch */
-    kind?: Enum8;
+    kind?: Enum13;
 }
 
 /** Contains response data for the listNext operation. */
@@ -2653,17 +2873,17 @@ export declare type EntityQueriesListNextResponse = EntityQueryList;
 /** Optional parameters. */
 export declare interface EntityQueriesListOptionalParams extends coreClient.OperationOptions {
     /** The entity query kind we want to fetch */
-    kind?: Enum8;
+    kind?: Enum13;
 }
 
 /** Contains response data for the list operation. */
 export declare type EntityQueriesListResponse = EntityQueryList;
 
 /** Specific entity query. */
-export declare type EntityQuery = ResourceWithEtag & {
+export declare interface EntityQuery extends ResourceWithEtag {
     /** the entity query kind */
     kind: EntityQueryKind;
-};
+}
 
 /** An abstract Query item for entity */
 export declare interface EntityQueryItem {
@@ -2722,10 +2942,10 @@ export declare interface EntityQueryList {
 }
 
 /** Specific entity query template. */
-export declare type EntityQueryTemplate = Resource & {
+export declare interface EntityQueryTemplate extends Resource {
     /** the entity query template kind */
     kind: EntityQueryTemplateKind;
-};
+}
 
 /**
  * Defines values for EntityQueryTemplateKind. \
@@ -2814,10 +3034,10 @@ export declare type EntityRelationsGetRelationResponse = Relation;
 /** Entity timeline Item. */
 export declare interface EntityTimelineItem {
     /** Polymorphic discriminator, which specifies the different types this object can be */
-    kind: "Activity" | "Bookmark" | "SecurityAlert";
+    kind: "Activity" | "Bookmark" | "Anomaly" | "SecurityAlert";
 }
 
-export declare type EntityTimelineItemUnion = EntityTimelineItem | ActivityTimelineItem | BookmarkTimelineItem | SecurityAlertTimelineItem;
+export declare type EntityTimelineItemUnion = EntityTimelineItem | ActivityTimelineItem | BookmarkTimelineItem | AnomalyTimelineItem | SecurityAlertTimelineItem;
 
 /**
  * Defines values for EntityTimelineKind. \
@@ -2826,7 +3046,8 @@ export declare type EntityTimelineItemUnion = EntityTimelineItem | ActivityTimel
  * ### Known values supported by the service
  * **Activity**: activity \
  * **Bookmark**: bookmarks \
- * **SecurityAlert**: security alerts
+ * **SecurityAlert**: security alerts \
+ * **Anomaly**: anomaly
  */
 export declare type EntityTimelineKind = string;
 
@@ -2875,70 +3096,22 @@ export declare interface EntityTimelineResponse {
  * **MailCluster**: Entity represents mail cluster in the system. \
  * **MailMessage**: Entity represents mail message in the system. \
  * **Mailbox**: Entity represents mailbox in the system. \
- * **SubmissionMail**: Entity represents submission mail in the system.
+ * **SubmissionMail**: Entity represents submission mail in the system. \
+ * **Nic**: Entity represents network interface in the system.
  */
 export declare type EntityType = string;
 
-export declare type EntityUnion = Entity | SecurityAlert | HuntingBookmark | AccountEntity | AzureResourceEntity | CloudApplicationEntity | DnsEntity | FileEntity | FileHashEntity | HostEntity | IoTDeviceEntity | IpEntity | MailboxEntity | MailClusterEntity | MailMessageEntity | MalwareEntity | ProcessEntity | RegistryKeyEntity | RegistryValueEntity | SecurityGroupEntity | SubmissionMailEntity | UrlEntity;
+export declare type EntityUnion = Entity | SecurityAlert | HuntingBookmark | AccountEntity | AzureResourceEntity | CloudApplicationEntity | DnsEntity | FileEntity | FileHashEntity | HostEntity | IoTDeviceEntity | IpEntity | MailboxEntity | MailClusterEntity | MailMessageEntity | MalwareEntity | ProcessEntity | RegistryKeyEntity | RegistryValueEntity | SecurityGroupEntity | SubmissionMailEntity | UrlEntity | NicEntity;
 
 /**
- * Defines values for Enum8. \
- * {@link KnownEnum8} can be used interchangeably with Enum8,
+ * Defines values for Enum13. \
+ * {@link KnownEnum13} can be used interchangeably with Enum13,
  *  this enum contains the known values that the service supports.
  * ### Known values supported by the service
  * **Expansion** \
  * **Activity**
  */
-export declare type Enum8 = string;
-
-/** The resource management error additional info. */
-export declare interface ErrorAdditionalInfo {
-    /**
-     * The additional info type.
-     * NOTE: This property will not be serialized. It can only be populated by the server.
-     */
-    readonly type?: string;
-    /**
-     * The additional info.
-     * NOTE: This property will not be serialized. It can only be populated by the server.
-     */
-    readonly info?: Record<string, unknown>;
-}
-
-/** The error detail. */
-export declare interface ErrorDetail {
-    /**
-     * The error code.
-     * NOTE: This property will not be serialized. It can only be populated by the server.
-     */
-    readonly code?: string;
-    /**
-     * The error message.
-     * NOTE: This property will not be serialized. It can only be populated by the server.
-     */
-    readonly message?: string;
-    /**
-     * The error target.
-     * NOTE: This property will not be serialized. It can only be populated by the server.
-     */
-    readonly target?: string;
-    /**
-     * The error details.
-     * NOTE: This property will not be serialized. It can only be populated by the server.
-     */
-    readonly details?: ErrorDetail[];
-    /**
-     * The error additional info.
-     * NOTE: This property will not be serialized. It can only be populated by the server.
-     */
-    readonly additionalInfo?: ErrorAdditionalInfo[];
-}
-
-/** Common error response for all Azure Resource Manager APIs to return error details for failed operations. (This also follows the OData error response format.). */
-export declare interface ErrorResponse {
-    /** The error object. */
-    error?: ErrorDetail;
-}
+export declare type Enum13 = string;
 
 /**
  * Defines values for EventGroupingAggregationKind. \
@@ -2957,7 +3130,7 @@ export declare interface EventGroupingSettings {
 }
 
 /** Represents Expansion entity query. */
-export declare type ExpansionEntityQuery = EntityQuery & {
+export declare interface ExpansionEntityQuery extends EntityQuery {
     /** List of the data sources that are required to run the query */
     dataSources?: string[];
     /** The query display name */
@@ -2970,7 +3143,7 @@ export declare type ExpansionEntityQuery = EntityQuery & {
     outputEntityTypes?: EntityType[];
     /** The template query string to be parsed and formatted */
     queryTemplate?: string;
-};
+}
 
 /** Information of a specific aggregation in the expansion result. */
 export declare interface ExpansionResultAggregation {
@@ -2991,13 +3164,13 @@ export declare interface ExpansionResultsMetadata {
 }
 
 /** Settings with single toggle. */
-export declare type EyesOn = Settings & {
+export declare interface EyesOn extends Settings {
     /**
      * Determines whether the setting is enable or disabled.
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly isEnabled?: boolean;
-};
+}
 
 /** A single field mapping of the mapped entity */
 export declare interface FieldMapping {
@@ -3008,7 +3181,7 @@ export declare interface FieldMapping {
 }
 
 /** Represents a file entity. */
-export declare type FileEntity = Entity & {
+export declare interface FileEntity extends Entity {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -3041,10 +3214,10 @@ export declare type FileEntity = Entity & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly hostEntityId?: string;
-};
+}
 
 /** File entity property bag. */
-export declare type FileEntityProperties = EntityCommonProperties & {
+export declare interface FileEntityProperties extends EntityCommonProperties {
     /**
      * The full path to the file.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -3065,7 +3238,7 @@ export declare type FileEntityProperties = EntityCommonProperties & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly hostEntityId?: string;
-};
+}
 
 /**
  * Defines values for FileHashAlgorithm. \
@@ -3081,7 +3254,7 @@ export declare type FileEntityProperties = EntityCommonProperties & {
 export declare type FileHashAlgorithm = string;
 
 /** Represents a file hash entity. */
-export declare type FileHashEntity = Entity & {
+export declare interface FileHashEntity extends Entity {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -3104,10 +3277,10 @@ export declare type FileHashEntity = Entity & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly hashValue?: string;
-};
+}
 
 /** FileHash entity property bag. */
-export declare type FileHashEntityProperties = EntityCommonProperties & {
+export declare interface FileHashEntityProperties extends EntityCommonProperties {
     /**
      * The hash algorithm type.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -3118,10 +3291,10 @@ export declare type FileHashEntityProperties = EntityCommonProperties & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly hashValue?: string;
-};
+}
 
 /** Represents Fusion alert rule. */
-export declare type FusionAlertRule = AlertRule & {
+export declare interface FusionAlertRule extends AlertRule {
     /** The Name of the alert rule template used to create this rule. */
     alertRuleTemplateName?: string;
     /**
@@ -3136,6 +3309,10 @@ export declare type FusionAlertRule = AlertRule & {
     readonly displayName?: string;
     /** Determines whether this alert rule is enabled or disabled. */
     enabled?: boolean;
+    /** Configuration for all supported source signals in fusion detection. */
+    sourceSettings?: FusionSourceSettings[];
+    /** Configuration to exclude scenarios in fusion detection. */
+    scenarioExclusionPatterns?: FusionScenarioExclusionPattern[];
     /**
      * The last time that this alert has been modified.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -3151,27 +3328,32 @@ export declare type FusionAlertRule = AlertRule & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly tactics?: AttackTactic[];
-};
+    /**
+     * The techniques of the alert rule
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly techniques?: string[];
+}
 
 /** Represents Fusion alert rule template. */
-export declare type FusionAlertRuleTemplate = AlertRuleTemplate & {
+export declare interface FusionAlertRuleTemplate extends AlertRuleTemplate {
     /** the number of alert rules that were created by this template */
     alertRulesCreatedByTemplateCount?: number;
     /**
-     * The last time that this alert rule template has been updated.
+     * The time that this alert rule template has been added.
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
-    readonly lastUpdatedDateUTC?: Date;
+    readonly createdDateUTC?: Date;
     /**
-     * The time that this alert rule template has been added.
+     * The time that this alert rule template was last updated.
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
-    readonly createdDateUTC?: Date;
+    readonly lastUpdatedDateUTC?: Date;
     /** The description of the alert rule template. */
     description?: string;
     /** The display name for alert rule template. */
     displayName?: string;
-    /** The required data sources for this template */
+    /** The required data connectors for this template */
     requiredDataConnectors?: AlertRuleTemplateDataSource[];
     /** The alert rule template status. */
     status?: TemplateStatus;
@@ -3179,15 +3361,92 @@ export declare type FusionAlertRuleTemplate = AlertRuleTemplate & {
     severity?: AlertSeverity;
     /** The tactics of the alert rule template */
     tactics?: AttackTactic[];
-};
+    /** The techniques of the alert rule */
+    techniques?: string[];
+    /** All supported source signal configurations consumed in fusion detection. */
+    sourceSettings?: FusionTemplateSourceSetting[];
+}
 
-/** Fusion alert rule template properties */
-export declare type FusionAlertRuleTemplateProperties = AlertRuleTemplatePropertiesBase & {
-    /** The severity for alerts created by this alert rule. */
+/** Represents a Fusion scenario exclusion patterns in Fusion detection. */
+export declare interface FusionScenarioExclusionPattern {
+    /** Scenario exclusion pattern. */
+    exclusionPattern: string;
+    /** DateTime when scenario exclusion pattern is added in UTC. */
+    dateAddedInUTC: string;
+}
+
+/** Represents a supported source signal configuration in Fusion detection. */
+export declare interface FusionSourceSettings {
+    /** Determines whether this source signal is enabled or disabled in Fusion detection. */
+    enabled: boolean;
+    /** Name of the Fusion source signal. Refer to Fusion alert rule template for supported values. */
+    sourceName: string;
+    /** Configuration for all source subtypes under this source signal consumed in fusion detection. */
+    sourceSubTypes?: FusionSourceSubTypeSetting[];
+}
+
+/** Represents a supported source subtype configuration under a source signal in Fusion detection. */
+export declare interface FusionSourceSubTypeSetting {
+    /** Determines whether this source subtype under source signal is enabled or disabled in Fusion detection. */
+    enabled: boolean;
+    /** The Name of the source subtype under a given source signal in Fusion detection. Refer to Fusion alert rule template for supported values. */
+    sourceSubTypeName: string;
+    /**
+     * The display name of source subtype under a source signal consumed in Fusion detection.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly sourceSubTypeDisplayName?: string;
+    /** Severity configuration for a source subtype consumed in fusion detection. */
+    severityFilters: FusionSubTypeSeverityFilter;
+}
+
+/** Represents severity configuration for a source subtype consumed in Fusion detection. */
+export declare interface FusionSubTypeSeverityFilter {
+    /**
+     * Determines whether this source subtype supports severity configuration or not.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly isSupported?: boolean;
+    /** Individual Severity configuration settings for a given source subtype consumed in Fusion detection. */
+    filters?: FusionSubTypeSeverityFiltersItem[];
+}
+
+/** Represents a Severity filter setting for a given source subtype consumed in Fusion detection. */
+export declare interface FusionSubTypeSeverityFiltersItem {
+    /** The Severity for a given source subtype consumed in Fusion detection. */
     severity: AlertSeverity;
-    /** The tactics of the alert rule template */
-    tactics?: AttackTactic[];
-};
+    /** Determines whether this severity is enabled or disabled for this source subtype consumed in Fusion detection. */
+    enabled: boolean;
+}
+
+/** Represents a source signal consumed in Fusion detection. */
+export declare interface FusionTemplateSourceSetting {
+    /** The name of a source signal consumed in Fusion detection. */
+    sourceName: string;
+    /** All supported source subtypes under this source signal consumed in fusion detection. */
+    sourceSubTypes?: FusionTemplateSourceSubType[];
+}
+
+/** Represents a source subtype under a source signal consumed in Fusion detection. */
+export declare interface FusionTemplateSourceSubType {
+    /** The name of source subtype under a source signal consumed in Fusion detection. */
+    sourceSubTypeName: string;
+    /**
+     * The display name of source subtype under a source signal consumed in Fusion detection.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly sourceSubTypeDisplayName?: string;
+    /** Severity configuration available for a source subtype consumed in fusion detection. */
+    severityFilter: FusionTemplateSubTypeSeverityFilter;
+}
+
+/** Represents severity configurations available for a source subtype consumed in Fusion detection. */
+export declare interface FusionTemplateSubTypeSeverityFilter {
+    /** Determines whether severity configuration is supported for this source subtype consumed in Fusion detection. */
+    isSupported: boolean;
+    /** List of all supported severities for this source subtype consumed in Fusion detection. */
+    severityFilters?: AlertSeverity[];
+}
 
 /** The geo-location context attached to the ip entity */
 export declare interface GeoLocation {
@@ -3228,10 +3487,19 @@ export declare interface GeoLocation {
     readonly state?: string;
 }
 
+/**
+ * Defines values for GetInsightsError. \
+ * {@link KnownGetInsightsError} can be used interchangeably with GetInsightsError,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **Insight**
+ */
+export declare type GetInsightsError = string;
+
 /** GetInsights Query Errors. */
-export declare interface GetInsightsError {
+export declare interface GetInsightsErrorKind {
     /** the query kind */
-    kind: "Insight";
+    kind: GetInsightsError;
     /** the query id */
     queryId?: string;
     /** the error message */
@@ -3243,7 +3511,7 @@ export declare interface GetInsightsResultsMetadata {
     /** the total items found for the insights request */
     totalCount: number;
     /** information about the failed queries */
-    errors?: GetInsightsError[];
+    errors?: GetInsightsErrorKind[];
 }
 
 /** Retrieve queries for entity result operation response. */
@@ -3252,6 +3520,12 @@ export declare interface GetQueriesResponse {
     value?: EntityQueryItemUnion[];
 }
 
+/** Resources created in GitHub repository. */
+export declare interface GitHubResourceInfo {
+    /** GitHub application installation id. */
+    appInstallationId?: string;
+}
+
 /** The graph query to show the current data status */
 export declare interface GraphQueries {
     /** the metric that the query is checking */
@@ -3281,7 +3555,7 @@ export declare interface GroupingConfiguration {
 }
 
 /** Represents a host entity. */
-export declare type HostEntity = Entity & {
+export declare interface HostEntity extends Entity {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -3336,10 +3610,10 @@ export declare type HostEntity = Entity & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly osVersion?: string;
-};
+}
 
 /** Host entity property bag. */
-export declare type HostEntityProperties = EntityCommonProperties & {
+export declare interface HostEntityProperties extends EntityCommonProperties {
     /**
      * The azure resource id of the VM.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -3382,10 +3656,10 @@ export declare type HostEntityProperties = EntityCommonProperties & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly osVersion?: string;
-};
+}
 
 /** Represents a Hunting bookmark entity. */
-export declare type HuntingBookmark = Entity & {
+export declare interface HuntingBookmark extends Entity {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -3420,10 +3694,10 @@ export declare type HuntingBookmark = Entity & {
     updatedBy?: UserInfo;
     /** Describes an incident that relates to bookmark */
     incidentInfo?: IncidentInfo;
-};
+}
 
 /** Describes bookmark properties */
-export declare type HuntingBookmarkProperties = EntityCommonProperties & {
+export declare interface HuntingBookmarkProperties extends EntityCommonProperties {
     /** The time the bookmark was created */
     created?: Date;
     /** Describes a user that created the bookmark */
@@ -3446,10 +3720,10 @@ export declare type HuntingBookmarkProperties = EntityCommonProperties & {
     updatedBy?: UserInfo;
     /** Describes an incident that relates to bookmark */
     incidentInfo?: IncidentInfo;
-};
+}
 
 /** Represents an incident in Azure Security Insights. */
-export declare type Incident = ResourceWithEtag & {
+export declare interface Incident extends ResourceWithEtag {
     /**
      * Additional data on the incident
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -3508,7 +3782,7 @@ export declare type Incident = ResourceWithEtag & {
     teamInformation?: TeamInformation;
     /** The title of the incident */
     title?: string;
-};
+}
 
 /** Incident additional data property bag. */
 export declare interface IncidentAdditionalData {
@@ -3532,11 +3806,21 @@ export declare interface IncidentAdditionalData {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly alertProductNames?: string[];
+    /**
+     * The provider incident url to the incident in Microsoft 365 Defender portal
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly providerIncidentUrl?: string;
     /**
      * The tactics associated with incident
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly tactics?: AttackTactic[];
+    /**
+     * The techniques associated with incident's tactics'
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly techniques?: string[];
 }
 
 /** List of incident alerts. */
@@ -3576,7 +3860,7 @@ export declare type IncidentClassification = string;
 export declare type IncidentClassificationReason = string;
 
 /** Represents an incident comment */
-export declare type IncidentComment = ResourceWithEtag & {
+export declare interface IncidentComment extends ResourceWithEtag {
     /**
      * The time the comment was created
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -3594,7 +3878,7 @@ export declare type IncidentComment = ResourceWithEtag & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly author?: ClientInfo;
-};
+}
 
 /** List of incident comments. */
 export declare interface IncidentCommentList {
@@ -3748,7 +4032,7 @@ export declare interface IncidentLabel {
  *  this enum contains the known values that the service supports.
  * ### Known values supported by the service
  * **User**: Label manually created by a user \
- * **System**: Label automatically created by the system
+ * **AutoAssigned**: Label automatically created by the system
  */
 export declare type IncidentLabelType = string;
 
@@ -3773,11 +4057,25 @@ export declare interface IncidentOwnerInfo {
     objectId?: string;
     /** The user principal name of the user the incident is assigned to. */
     userPrincipalName?: string;
-    /**
-     * The type of the owner the incident is assigned to.
-     * NOTE: This property will not be serialized. It can only be populated by the server.
-     */
-    readonly ownerType?: OwnerType;
+    /** The type of the owner the incident is assigned to. */
+    ownerType?: OwnerType;
+}
+
+export declare interface IncidentPropertiesAction {
+    /** The severity of the incident */
+    severity?: IncidentSeverity;
+    /** The status of the incident */
+    status?: IncidentStatus;
+    /** The reason the incident was closed */
+    classification?: IncidentClassification;
+    /** The classification reason the incident was closed with */
+    classificationReason?: IncidentClassificationReason;
+    /** Describes the reason the incident was closed. */
+    classificationComment?: string;
+    /** Information on the user an incident is assigned to */
+    owner?: IncidentOwnerInfo;
+    /** List of labels to add to the incident. */
+    labels?: IncidentLabel[];
 }
 
 /** Interface representing a IncidentRelations. */
@@ -3877,6 +4175,14 @@ export declare interface Incidents {
      * @param options The options parameters.
      */
     list(resourceGroupName: string, workspaceName: string, options?: IncidentsListOptionalParams): PagedAsyncIterableIterator<Incident>;
+    /**
+     * Triggers playbook on a specific incident
+     * @param resourceGroupName The name of the resource group. The name is case insensitive.
+     * @param workspaceName The name of the workspace.
+     * @param incidentIdentifier
+     * @param options The options parameters.
+     */
+    runPlaybook(resourceGroupName: string, workspaceName: string, incidentIdentifier: string, options?: IncidentsRunPlaybookOptionalParams): Promise<IncidentsRunPlaybookResponse>;
     /**
      * Gets an incident.
      * @param resourceGroupName The name of the resource group. The name is case insensitive.
@@ -4026,6 +4332,14 @@ export declare interface IncidentsListOptionalParams extends coreClient.Operatio
 /** Contains response data for the list operation. */
 export declare type IncidentsListResponse = IncidentList;
 
+/** Optional parameters. */
+export declare interface IncidentsRunPlaybookOptionalParams extends coreClient.OperationOptions {
+    requestBody?: ManualTriggerRequestBody;
+}
+
+/** Contains response data for the runPlaybook operation. */
+export declare type IncidentsRunPlaybookResponse = Record<string, unknown>;
+
 /**
  * Defines values for IncidentStatus. \
  * {@link KnownIncidentStatus} can be used interchangeably with IncidentStatus,
@@ -4038,15 +4352,15 @@ export declare type IncidentsListResponse = IncidentList;
 export declare type IncidentStatus = string;
 
 /** Represents Insight Query. */
-export declare type InsightQueryItem = EntityQueryItem & {
+export declare interface InsightQueryItem extends EntityQueryItem {
     /** Polymorphic discriminator, which specifies the different types this object can be */
     kind: "Insight";
     /** Properties bag for InsightQueryItem */
     properties?: InsightQueryItemProperties;
-};
+}
 
 /** Represents Insight Query. */
-export declare type InsightQueryItemProperties = EntityQueryItemProperties & {
+export declare interface InsightQueryItemProperties extends EntityQueryItemProperties {
     /** The insight display name. */
     displayName?: string;
     /** The insight description. */
@@ -4063,7 +4377,7 @@ export declare type InsightQueryItemProperties = EntityQueryItemProperties & {
     defaultTimeRange?: InsightQueryItemPropertiesDefaultTimeRange;
     /** The insight chart query. */
     referenceTimeRange?: InsightQueryItemPropertiesReferenceTimeRange;
-};
+}
 
 /** The activity query definitions. */
 export declare interface InsightQueryItemPropertiesAdditionalQuery {
@@ -4147,10 +4461,33 @@ export declare interface InstructionSteps {
     instructions?: InstructionStepsInstructionsItem[];
 }
 
-export declare type InstructionStepsInstructionsItem = ConnectorInstructionModelBase & {};
+export declare interface InstructionStepsInstructionsItem extends ConnectorInstructionModelBase {
+}
+
+/** Represents IoT requirements check request. */
+export declare interface IoTCheckRequirements extends DataConnectorsCheckRequirements {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "IOT";
+    /** The subscription id to connect to, and get the data from. */
+    subscriptionId?: string;
+}
+
+/** Represents IoT data connector. */
+export declare interface IoTDataConnector extends DataConnector {
+    /** The available data types for the connector. */
+    dataTypes?: AlertsDataTypeOfDataConnector;
+    /** The subscription id to connect to, and get the data from. */
+    subscriptionId?: string;
+}
+
+/** IoT data connector properties. */
+export declare interface IoTDataConnectorProperties extends DataConnectorWithAlertsProperties {
+    /** The subscription id to connect to, and get the data from. */
+    subscriptionId?: string;
+}
 
 /** Represents an IoT device entity. */
-export declare type IoTDeviceEntity = Entity & {
+export declare interface IoTDeviceEntity extends Entity {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -4248,10 +4585,62 @@ export declare type IoTDeviceEntity = Entity & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly protocols?: string[];
-};
+    /**
+     * A list of owners of the IoTDevice entity.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly owners?: string[];
+    /**
+     * A list of Nic entity ids of the IoTDevice entity.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly nicEntityIds?: string[];
+    /**
+     * The site of the device
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly site?: string;
+    /**
+     * The zone location of the device within a site
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly zone?: string;
+    /**
+     * The sensor the device is monitored by
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly sensor?: string;
+    /**
+     * The subType of the device ('PLC', 'HMI', 'EWS', etc.)
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly deviceSubType?: string;
+    /** Device importance, determines if the device classified as 'crown jewel' */
+    importance?: DeviceImportance;
+    /**
+     * The Purdue Layer of the device
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly purdueLayer?: string;
+    /**
+     * Determines whether the device classified as authorized device
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly isAuthorized?: boolean;
+    /**
+     * Determines whether the device classified as programming device
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly isProgramming?: boolean;
+    /**
+     * Is the device classified as a scanner device
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly isScanner?: boolean;
+}
 
 /** IoTDevice entity property bag. */
-export declare type IoTDeviceEntityProperties = EntityCommonProperties & {
+export declare interface IoTDeviceEntityProperties extends EntityCommonProperties {
     /**
      * The ID of the IoT Device in the IoT Hub
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -4337,10 +4726,62 @@ export declare type IoTDeviceEntityProperties = EntityCommonProperties & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly protocols?: string[];
-};
+    /**
+     * A list of owners of the IoTDevice entity.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly owners?: string[];
+    /**
+     * A list of Nic entity ids of the IoTDevice entity.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly nicEntityIds?: string[];
+    /**
+     * The site of the device
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly site?: string;
+    /**
+     * The zone location of the device within a site
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly zone?: string;
+    /**
+     * The sensor the device is monitored by
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly sensor?: string;
+    /**
+     * The subType of the device ('PLC', 'HMI', 'EWS', etc.)
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly deviceSubType?: string;
+    /** Device importance, determines if the device classified as 'crown jewel' */
+    importance?: DeviceImportance;
+    /**
+     * The Purdue Layer of the device
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly purdueLayer?: string;
+    /**
+     * Determines whether the device classified as authorized device
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly isAuthorized?: boolean;
+    /**
+     * Determines whether the device classified as programming device
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly isProgramming?: boolean;
+    /**
+     * Is the device classified as a scanner device
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly isScanner?: boolean;
+}
 
 /** Represents an ip entity. */
-export declare type IpEntity = Entity & {
+export declare interface IpEntity extends Entity {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -4368,10 +4809,10 @@ export declare type IpEntity = Entity & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly threatIntelligence?: ThreatIntelligence[];
-};
+}
 
 /** Ip entity property bag. */
-export declare type IpEntityProperties = EntityCommonProperties & {
+export declare interface IpEntityProperties extends EntityCommonProperties {
     /**
      * The IP address as string, e.g. 127.0.0.1 (either in Ipv4 or Ipv6)
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -4387,7 +4828,7 @@ export declare type IpEntityProperties = EntityCommonProperties & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly threatIntelligence?: ThreatIntelligence[];
-};
+}
 
 /** Interface representing a IPGeodata. */
 export declare interface IPGeodata {
@@ -4447,10 +4888,21 @@ export declare type KillChainIntent = string;
  * **Parser** \
  * **Watchlist** \
  * **WatchlistTemplate** \
- * **Solution**
+ * **Solution** \
+ * **AzureFunction** \
+ * **LogicAppsCustomConnector** \
+ * **AutomationRule**
  */
 export declare type Kind = string;
 
+/** Known values of {@link ActionType} that the service accepts. */
+export declare enum KnownActionType {
+    /** Modify an object's properties */
+    ModifyProperties = "ModifyProperties",
+    /** Run a playbook on an object */
+    RunPlaybook = "RunPlaybook"
+}
+
 /** Known values of {@link AlertDetail} that the service accepts. */
 export declare enum KnownAlertDetail {
     /** Alert display name */
@@ -4461,11 +4913,17 @@ export declare enum KnownAlertDetail {
 
 /** Known values of {@link AlertRuleKind} that the service accepts. */
 export declare enum KnownAlertRuleKind {
+    /** Scheduled */
     Scheduled = "Scheduled",
+    /** MicrosoftSecurityIncidentCreation */
     MicrosoftSecurityIncidentCreation = "MicrosoftSecurityIncidentCreation",
+    /** Fusion */
     Fusion = "Fusion",
+    /** MLBehaviorAnalytics */
     MLBehaviorAnalytics = "MLBehaviorAnalytics",
+    /** ThreatIntelligence */
     ThreatIntelligence = "ThreatIntelligence",
+    /** NRT */
     NRT = "NRT"
 }
 
@@ -4509,33 +4967,76 @@ export declare enum KnownAntispamMailDirection {
 
 /** Known values of {@link AttackTactic} that the service accepts. */
 export declare enum KnownAttackTactic {
+    /** Reconnaissance */
+    Reconnaissance = "Reconnaissance",
+    /** ResourceDevelopment */
+    ResourceDevelopment = "ResourceDevelopment",
+    /** InitialAccess */
     InitialAccess = "InitialAccess",
+    /** Execution */
     Execution = "Execution",
+    /** Persistence */
     Persistence = "Persistence",
+    /** PrivilegeEscalation */
     PrivilegeEscalation = "PrivilegeEscalation",
+    /** DefenseEvasion */
     DefenseEvasion = "DefenseEvasion",
+    /** CredentialAccess */
     CredentialAccess = "CredentialAccess",
+    /** Discovery */
     Discovery = "Discovery",
+    /** LateralMovement */
     LateralMovement = "LateralMovement",
+    /** Collection */
     Collection = "Collection",
+    /** Exfiltration */
     Exfiltration = "Exfiltration",
+    /** CommandAndControl */
     CommandAndControl = "CommandAndControl",
+    /** Impact */
     Impact = "Impact",
-    PreAttack = "PreAttack"
-}
-
-/** Known values of {@link AutomationRuleActionType} that the service accepts. */
-export declare enum KnownAutomationRuleActionType {
-    /** Modify an object's properties */
-    ModifyProperties = "ModifyProperties",
-    /** Run a playbook on an object */
-    RunPlaybook = "RunPlaybook"
-}
-
-/** Known values of {@link AutomationRuleConditionType} that the service accepts. */
-export declare enum KnownAutomationRuleConditionType {
-    /** Evaluate an object property value */
-    Property = "Property"
+    /** PreAttack */
+    PreAttack = "PreAttack",
+    /** ImpairProcessControl */
+    ImpairProcessControl = "ImpairProcessControl",
+    /** InhibitResponseFunction */
+    InhibitResponseFunction = "InhibitResponseFunction"
+}
+
+/** Known values of {@link AutomationRulePropertyArrayChangedConditionSupportedArrayType} that the service accepts. */
+export declare enum KnownAutomationRulePropertyArrayChangedConditionSupportedArrayType {
+    /** Evaluate the condition on the alerts */
+    Alerts = "Alerts",
+    /** Evaluate the condition on the labels */
+    Labels = "Labels",
+    /** Evaluate the condition on the tactics */
+    Tactics = "Tactics",
+    /** Evaluate the condition on the comments */
+    Comments = "Comments"
+}
+
+/** Known values of {@link AutomationRulePropertyArrayChangedConditionSupportedChangeType} that the service accepts. */
+export declare enum KnownAutomationRulePropertyArrayChangedConditionSupportedChangeType {
+    /** Evaluate the condition on items added to the array */
+    Added = "Added"
+}
+
+/** Known values of {@link AutomationRulePropertyChangedConditionSupportedChangedType} that the service accepts. */
+export declare enum KnownAutomationRulePropertyChangedConditionSupportedChangedType {
+    /** Evaluate the condition on the previous value of the property */
+    ChangedFrom = "ChangedFrom",
+    /** Evaluate the condition on the updated value of the property */
+    ChangedTo = "ChangedTo"
+}
+
+/** Known values of {@link AutomationRulePropertyChangedConditionSupportedPropertyType} that the service accepts. */
+export declare enum KnownAutomationRulePropertyChangedConditionSupportedPropertyType {
+    /** Evaluate the condition on the incident severity */
+    IncidentSeverity = "IncidentSeverity",
+    /** Evaluate the condition on the incident status */
+    IncidentStatus = "IncidentStatus",
+    /** Evaluate the condition on the incident owner */
+    IncidentOwner = "IncidentOwner"
 }
 
 /** Known values of {@link AutomationRulePropertyConditionSupportedOperator} that the service accepts. */
@@ -4568,15 +5069,17 @@ export declare enum KnownAutomationRulePropertyConditionSupportedProperty {
     IncidentSeverity = "IncidentSeverity",
     /** The status of the incident */
     IncidentStatus = "IncidentStatus",
-    /** The tactics of the incident */
-    IncidentTactics = "IncidentTactics",
     /** The related Analytic rule ids of the incident */
     IncidentRelatedAnalyticRuleIds = "IncidentRelatedAnalyticRuleIds",
+    /** The tactics of the incident */
+    IncidentTactics = "IncidentTactics",
+    /** The labels of the incident */
+    IncidentLabel = "IncidentLabel",
     /** The provider name of the incident */
     IncidentProviderName = "IncidentProviderName",
     /** The account Azure Active Directory tenant id */
     AccountAadTenantId = "AccountAadTenantId",
-    /** The account Azure Active Directory user id. */
+    /** The account Azure Active Directory user id */
     AccountAadUserId = "AccountAadUserId",
     /** The account name */
     AccountName = "AccountName",
@@ -4590,6 +5093,10 @@ export declare enum KnownAutomationRulePropertyConditionSupportedProperty {
     AccountObjectGuid = "AccountObjectGuid",
     /** The account user principal name suffix */
     AccountUPNSuffix = "AccountUPNSuffix",
+    /** The name of the product of the alert */
+    AlertProductNames = "AlertProductNames",
+    /** The analytic rule ids of the alert */
+    AlertAnalyticRuleIds = "AlertAnalyticRuleIds",
     /** The Azure resource id */
     AzureResourceResourceId = "AzureResourceResourceId",
     /** The Azure resource subscription id */
@@ -4616,7 +5123,7 @@ export declare enum KnownAutomationRulePropertyConditionSupportedProperty {
     HostNTDomain = "HostNTDomain",
     /** The host operating system */
     HostOSVersion = "HostOSVersion",
-    /** The IoT device id */
+    /** "The IoT device id */
     IoTDeviceId = "IoTDeviceId",
     /** The IoT device name */
     IoTDeviceName = "IoTDeviceName",
@@ -4666,6 +5173,16 @@ export declare enum KnownAutomationRulePropertyConditionSupportedProperty {
     Url = "Url"
 }
 
+/** Known values of {@link ConditionType} that the service accepts. */
+export declare enum KnownConditionType {
+    /** Evaluate an object property value */
+    Property = "Property",
+    /** Evaluate an object property changed value */
+    PropertyChanged = "PropertyChanged",
+    /** Evaluate an object array property changed value */
+    PropertyArrayChanged = "PropertyArrayChanged"
+}
+
 /** Known values of {@link ConfidenceLevel} that the service accepts. */
 export declare enum KnownConfidenceLevel {
     /** Unknown confidence, the is the default value */
@@ -4690,75 +5207,160 @@ export declare enum KnownConfidenceScoreStatus {
 
 /** Known values of {@link ConnectAuthKind} that the service accepts. */
 export declare enum KnownConnectAuthKind {
+    /** Basic */
     Basic = "Basic",
+    /** OAuth2 */
     OAuth2 = "OAuth2",
+    /** APIKey */
     APIKey = "APIKey"
 }
 
 /** Known values of {@link ConnectivityType} that the service accepts. */
 export declare enum KnownConnectivityType {
+    /** IsConnectedQuery */
     IsConnectedQuery = "IsConnectedQuery"
 }
 
 /** Known values of {@link ContentType} that the service accepts. */
 export declare enum KnownContentType {
+    /** AnalyticRule */
     AnalyticRule = "AnalyticRule",
+    /** Workbook */
     Workbook = "Workbook"
 }
 
 /** Known values of {@link CreatedByType} that the service accepts. */
 export declare enum KnownCreatedByType {
+    /** User */
     User = "User",
+    /** Application */
     Application = "Application",
+    /** ManagedIdentity */
     ManagedIdentity = "ManagedIdentity",
+    /** Key */
     Key = "Key"
 }
 
 /** Known values of {@link CustomEntityQueryKind} that the service accepts. */
 export declare enum KnownCustomEntityQueryKind {
+    /** Activity */
     Activity = "Activity"
 }
 
 /** Known values of {@link DataConnectorAuthorizationState} that the service accepts. */
 export declare enum KnownDataConnectorAuthorizationState {
+    /** Valid */
     Valid = "Valid",
+    /** Invalid */
     Invalid = "Invalid"
 }
 
 /** Known values of {@link DataConnectorKind} that the service accepts. */
 export declare enum KnownDataConnectorKind {
+    /** AzureActiveDirectory */
     AzureActiveDirectory = "AzureActiveDirectory",
+    /** AzureSecurityCenter */
     AzureSecurityCenter = "AzureSecurityCenter",
+    /** MicrosoftCloudAppSecurity */
     MicrosoftCloudAppSecurity = "MicrosoftCloudAppSecurity",
+    /** ThreatIntelligence */
     ThreatIntelligence = "ThreatIntelligence",
+    /** ThreatIntelligenceTaxii */
     ThreatIntelligenceTaxii = "ThreatIntelligenceTaxii",
+    /** Office365 */
     Office365 = "Office365",
+    /** OfficeATP */
     OfficeATP = "OfficeATP",
+    /** OfficeIRM */
     OfficeIRM = "OfficeIRM",
+    /** Office365Project */
+    Office365Project = "Office365Project",
+    /** OfficePowerBI */
+    OfficePowerBI = "OfficePowerBI",
+    /** AmazonWebServicesCloudTrail */
     AmazonWebServicesCloudTrail = "AmazonWebServicesCloudTrail",
+    /** AmazonWebServicesS3 */
     AmazonWebServicesS3 = "AmazonWebServicesS3",
+    /** AzureAdvancedThreatProtection */
     AzureAdvancedThreatProtection = "AzureAdvancedThreatProtection",
+    /** MicrosoftDefenderAdvancedThreatProtection */
     MicrosoftDefenderAdvancedThreatProtection = "MicrosoftDefenderAdvancedThreatProtection",
+    /** Dynamics365 */
     Dynamics365 = "Dynamics365",
+    /** MicrosoftThreatProtection */
     MicrosoftThreatProtection = "MicrosoftThreatProtection",
+    /** MicrosoftThreatIntelligence */
     MicrosoftThreatIntelligence = "MicrosoftThreatIntelligence",
+    /** GenericUI */
     GenericUI = "GenericUI",
-    APIPolling = "APIPolling"
+    /** APIPolling */
+    APIPolling = "APIPolling",
+    /** IOT */
+    IOT = "IOT"
 }
 
 /** Known values of {@link DataConnectorLicenseState} that the service accepts. */
 export declare enum KnownDataConnectorLicenseState {
+    /** Valid */
     Valid = "Valid",
+    /** Invalid */
     Invalid = "Invalid",
+    /** Unknown */
     Unknown = "Unknown"
 }
 
 /** Known values of {@link DataTypeState} that the service accepts. */
 export declare enum KnownDataTypeState {
+    /** Enabled */
     Enabled = "Enabled",
+    /** Disabled */
     Disabled = "Disabled"
 }
 
+/** Known values of {@link DeploymentFetchStatus} that the service accepts. */
+export declare enum KnownDeploymentFetchStatus {
+    /** Success */
+    Success = "Success",
+    /** Unauthorized */
+    Unauthorized = "Unauthorized",
+    /** NotFound */
+    NotFound = "NotFound"
+}
+
+/** Known values of {@link DeploymentResult} that the service accepts. */
+export declare enum KnownDeploymentResult {
+    /** Success */
+    Success = "Success",
+    /** Canceled */
+    Canceled = "Canceled",
+    /** Failed */
+    Failed = "Failed"
+}
+
+/** Known values of {@link DeploymentState} that the service accepts. */
+export declare enum KnownDeploymentState {
+    /** InProgress */
+    InProgress = "In_Progress",
+    /** Completed */
+    Completed = "Completed",
+    /** Queued */
+    Queued = "Queued",
+    /** Canceling */
+    Canceling = "Canceling"
+}
+
+/** Known values of {@link DeviceImportance} that the service accepts. */
+export declare enum KnownDeviceImportance {
+    /** Unknown - Default value */
+    Unknown = "Unknown",
+    /** Low */
+    Low = "Low",
+    /** Normal */
+    Normal = "Normal",
+    /** High */
+    High = "High"
+}
+
 /** Known values of {@link EntityItemQueryKind} that the service accepts. */
 export declare enum KnownEntityItemQueryKind {
     /** insight */
@@ -4808,7 +5410,9 @@ export declare enum KnownEntityKind {
     /** Entity represents mailbox in the system. */
     Mailbox = "Mailbox",
     /** Entity represents submission mail in the system. */
-    SubmissionMail = "SubmissionMail"
+    SubmissionMail = "SubmissionMail",
+    /** Entity represents network interface in the system. */
+    Nic = "Nic"
 }
 
 /** Known values of {@link EntityMappingType} that the service accepts. */
@@ -4851,15 +5455,27 @@ export declare enum KnownEntityMappingType {
     SubmissionMail = "SubmissionMail"
 }
 
+/** Known values of {@link EntityProviders} that the service accepts. */
+export declare enum KnownEntityProviders {
+    /** ActiveDirectory */
+    ActiveDirectory = "ActiveDirectory",
+    /** AzureActiveDirectory */
+    AzureActiveDirectory = "AzureActiveDirectory"
+}
+
 /** Known values of {@link EntityQueryKind} that the service accepts. */
 export declare enum KnownEntityQueryKind {
+    /** Expansion */
     Expansion = "Expansion",
+    /** Insight */
     Insight = "Insight",
+    /** Activity */
     Activity = "Activity"
 }
 
 /** Known values of {@link EntityQueryTemplateKind} that the service accepts. */
 export declare enum KnownEntityQueryTemplateKind {
+    /** Activity */
     Activity = "Activity"
 }
 
@@ -4870,7 +5486,9 @@ export declare enum KnownEntityTimelineKind {
     /** bookmarks */
     Bookmark = "Bookmark",
     /** security alerts */
-    SecurityAlert = "SecurityAlert"
+    SecurityAlert = "SecurityAlert",
+    /** anomaly */
+    Anomaly = "Anomaly"
 }
 
 /** Known values of {@link EntityType} that the service accepts. */
@@ -4916,18 +5534,24 @@ export declare enum KnownEntityType {
     /** Entity represents mailbox in the system. */
     Mailbox = "Mailbox",
     /** Entity represents submission mail in the system. */
-    SubmissionMail = "SubmissionMail"
+    SubmissionMail = "SubmissionMail",
+    /** Entity represents network interface in the system. */
+    Nic = "Nic"
 }
 
-/** Known values of {@link Enum8} that the service accepts. */
-export declare enum KnownEnum8 {
+/** Known values of {@link Enum13} that the service accepts. */
+export declare enum KnownEnum13 {
+    /** Expansion */
     Expansion = "Expansion",
+    /** Activity */
     Activity = "Activity"
 }
 
 /** Known values of {@link EventGroupingAggregationKind} that the service accepts. */
 export declare enum KnownEventGroupingAggregationKind {
+    /** SingleAlert */
     SingleAlert = "SingleAlert",
+    /** AlertPerResult */
     AlertPerResult = "AlertPerResult"
 }
 
@@ -4945,6 +5569,12 @@ export declare enum KnownFileHashAlgorithm {
     SHA256AC = "SHA256AC"
 }
 
+/** Known values of {@link GetInsightsError} that the service accepts. */
+export declare enum KnownGetInsightsError {
+    /** Insight */
+    Insight = "Insight"
+}
+
 /** Known values of {@link IncidentClassification} that the service accepts. */
 export declare enum KnownIncidentClassification {
     /** Incident classification was undetermined */
@@ -4974,7 +5604,7 @@ export declare enum KnownIncidentLabelType {
     /** Label manually created by a user */
     User = "User",
     /** Label automatically created by the system */
-    System = "System"
+    AutoAssigned = "AutoAssigned"
 }
 
 /** Known values of {@link IncidentSeverity} that the service accepts. */
@@ -5033,20 +5663,40 @@ export declare enum KnownKillChainIntent {
 
 /** Known values of {@link Kind} that the service accepts. */
 export declare enum KnownKind {
+    /** DataConnector */
     DataConnector = "DataConnector",
+    /** DataType */
     DataType = "DataType",
+    /** Workbook */
     Workbook = "Workbook",
+    /** WorkbookTemplate */
     WorkbookTemplate = "WorkbookTemplate",
+    /** Playbook */
     Playbook = "Playbook",
+    /** PlaybookTemplate */
     PlaybookTemplate = "PlaybookTemplate",
+    /** AnalyticsRuleTemplate */
     AnalyticsRuleTemplate = "AnalyticsRuleTemplate",
+    /** AnalyticsRule */
     AnalyticsRule = "AnalyticsRule",
+    /** HuntingQuery */
     HuntingQuery = "HuntingQuery",
+    /** InvestigationQuery */
     InvestigationQuery = "InvestigationQuery",
+    /** Parser */
     Parser = "Parser",
+    /** Watchlist */
     Watchlist = "Watchlist",
+    /** WatchlistTemplate */
     WatchlistTemplate = "WatchlistTemplate",
-    Solution = "Solution"
+    /** Solution */
+    Solution = "Solution",
+    /** AzureFunction */
+    AzureFunction = "AzureFunction",
+    /** LogicAppsCustomConnector */
+    LogicAppsCustomConnector = "LogicAppsCustomConnector",
+    /** AutomationRule */
+    AutomationRule = "AutomationRule"
 }
 
 /** Known values of {@link MatchingMethod} that the service accepts. */
@@ -5061,26 +5711,39 @@ export declare enum KnownMatchingMethod {
 
 /** Known values of {@link MicrosoftSecurityProductName} that the service accepts. */
 export declare enum KnownMicrosoftSecurityProductName {
+    /** MicrosoftCloudAppSecurity */
     MicrosoftCloudAppSecurity = "Microsoft Cloud App Security",
+    /** AzureSecurityCenter */
     AzureSecurityCenter = "Azure Security Center",
+    /** AzureAdvancedThreatProtection */
     AzureAdvancedThreatProtection = "Azure Advanced Threat Protection",
+    /** AzureActiveDirectoryIdentityProtection */
     AzureActiveDirectoryIdentityProtection = "Azure Active Directory Identity Protection",
+    /** AzureSecurityCenterForIoT */
     AzureSecurityCenterForIoT = "Azure Security Center for IoT",
+    /** Office365AdvancedThreatProtection */
     Office365AdvancedThreatProtection = "Office 365 Advanced Threat Protection",
+    /** MicrosoftDefenderAdvancedThreatProtection */
     MicrosoftDefenderAdvancedThreatProtection = "Microsoft Defender Advanced Threat Protection"
 }
 
 /** Known values of {@link Operator} that the service accepts. */
 export declare enum KnownOperator {
+    /** AND */
     AND = "AND",
+    /** OR */
     OR = "OR"
 }
 
 /** Known values of {@link OutputType} that the service accepts. */
 export declare enum KnownOutputType {
+    /** Number */
     Number = "Number",
+    /** String */
     String = "String",
+    /** Date */
     Date = "Date",
+    /** Entity */
     Entity = "Entity"
 }
 
@@ -5096,8 +5759,11 @@ export declare enum KnownOwnerType {
 
 /** Known values of {@link PermissionProviderScope} that the service accepts. */
 export declare enum KnownPermissionProviderScope {
+    /** ResourceGroup */
     ResourceGroup = "ResourceGroup",
+    /** Subscription */
     Subscription = "Subscription",
+    /** Workspace */
     Workspace = "Workspace"
 }
 
@@ -5113,11 +5779,17 @@ export declare enum KnownPollingFrequency {
 
 /** Known values of {@link ProviderName} that the service accepts. */
 export declare enum KnownProviderName {
+    /** MicrosoftOperationalInsightsSolutions */
     MicrosoftOperationalInsightsSolutions = "Microsoft.OperationalInsights/solutions",
+    /** MicrosoftOperationalInsightsWorkspaces */
     MicrosoftOperationalInsightsWorkspaces = "Microsoft.OperationalInsights/workspaces",
+    /** MicrosoftOperationalInsightsWorkspacesDatasources */
     MicrosoftOperationalInsightsWorkspacesDatasources = "Microsoft.OperationalInsights/workspaces/datasources",
+    /** MicrosoftAadiamDiagnosticSettings */
     MicrosoftAadiamDiagnosticSettings = "microsoft.aadiam/diagnosticSettings",
+    /** MicrosoftOperationalInsightsWorkspacesSharedKeys */
     MicrosoftOperationalInsightsWorkspacesSharedKeys = "Microsoft.OperationalInsights/workspaces/sharedKeys",
+    /** MicrosoftAuthorizationPolicyAssignments */
     MicrosoftAuthorizationPolicyAssignments = "Microsoft.Authorization/policyAssignments"
 }
 
@@ -5167,49 +5839,75 @@ export declare enum KnownRegistryValueKind {
 
 /** Known values of {@link RepoType} that the service accepts. */
 export declare enum KnownRepoType {
+    /** Github */
     Github = "Github",
+    /** DevOps */
     DevOps = "DevOps"
 }
 
+/** Known values of {@link SecurityMLAnalyticsSettingsKind} that the service accepts. */
+export declare enum KnownSecurityMLAnalyticsSettingsKind {
+    /** Anomaly */
+    Anomaly = "Anomaly"
+}
+
 /** Known values of {@link SettingKind} that the service accepts. */
 export declare enum KnownSettingKind {
+    /** Anomalies */
     Anomalies = "Anomalies",
+    /** EyesOn */
     EyesOn = "EyesOn",
+    /** EntityAnalytics */
     EntityAnalytics = "EntityAnalytics",
+    /** Ueba */
     Ueba = "Ueba"
 }
 
+/** Known values of {@link SettingsStatus} that the service accepts. */
+export declare enum KnownSettingsStatus {
+    /** Anomaly settings status in Production mode */
+    Production = "Production",
+    /** Anomaly settings status in Flighting mode */
+    Flighting = "Flighting"
+}
+
 /** Known values of {@link SettingType} that the service accepts. */
 export declare enum KnownSettingType {
+    /** CopyableLabel */
     CopyableLabel = "CopyableLabel",
+    /** InstructionStepsGroup */
     InstructionStepsGroup = "InstructionStepsGroup",
+    /** InfoMessage */
     InfoMessage = "InfoMessage"
 }
 
-/** Known values of {@link SkuKind} that the service accepts. */
-export declare enum KnownSkuKind {
-    PerGB = "PerGB",
-    CapacityReservation = "CapacityReservation"
-}
-
-/** Known values of {@link Source} that the service accepts. */
-export declare enum KnownSource {
-    LocalFile = "Local file",
-    RemoteStorage = "Remote storage"
-}
-
 /** Known values of {@link SourceKind} that the service accepts. */
 export declare enum KnownSourceKind {
+    /** LocalWorkspace */
     LocalWorkspace = "LocalWorkspace",
+    /** Community */
     Community = "Community",
+    /** Solution */
     Solution = "Solution",
+    /** SourceRepository */
     SourceRepository = "SourceRepository"
 }
 
+/** Known values of {@link SourceType} that the service accepts. */
+export declare enum KnownSourceType {
+    /** LocalFile */
+    LocalFile = "Local file",
+    /** RemoteStorage */
+    RemoteStorage = "Remote storage"
+}
+
 /** Known values of {@link SupportTier} that the service accepts. */
 export declare enum KnownSupportTier {
+    /** Microsoft */
     Microsoft = "Microsoft",
+    /** Partner */
     Partner = "Partner",
+    /** Community */
     Community = "Community"
 }
 
@@ -5231,31 +5929,50 @@ export declare enum KnownThreatIntelligenceResourceKindEnum {
 
 /** Known values of {@link ThreatIntelligenceSortingCriteriaEnum} that the service accepts. */
 export declare enum KnownThreatIntelligenceSortingCriteriaEnum {
+    /** Unsorted */
     Unsorted = "unsorted",
+    /** Ascending */
     Ascending = "ascending",
+    /** Descending */
     Descending = "descending"
 }
 
 /** Known values of {@link TriggersOn} that the service accepts. */
 export declare enum KnownTriggersOn {
     /** Trigger on Incidents */
-    Incidents = "Incidents"
+    Incidents = "Incidents",
+    /** Trigger on Alerts */
+    Alerts = "Alerts"
 }
 
 /** Known values of {@link TriggersWhen} that the service accepts. */
 export declare enum KnownTriggersWhen {
     /** Trigger on created objects */
-    Created = "Created"
+    Created = "Created",
+    /** Trigger on updated objects */
+    Updated = "Updated"
 }
 
 /** Known values of {@link UebaDataSources} that the service accepts. */
 export declare enum KnownUebaDataSources {
+    /** AuditLogs */
     AuditLogs = "AuditLogs",
+    /** AzureActivity */
     AzureActivity = "AzureActivity",
+    /** SecurityEvent */
     SecurityEvent = "SecurityEvent",
+    /** SigninLogs */
     SigninLogs = "SigninLogs"
 }
 
+/** Known values of {@link Version} that the service accepts. */
+export declare enum KnownVersion {
+    /** V1 */
+    V1 = "V1",
+    /** V2 */
+    V2 = "V2"
+}
+
 /** Data type for last data received */
 export declare interface LastDataReceivedDataType {
     /** Name of the data type to show in the graph. can be use with {{graphQueriesTableName}} placeholder */
@@ -5265,7 +5982,7 @@ export declare interface LastDataReceivedDataType {
 }
 
 /** Represents a mailbox entity. */
-export declare type MailboxEntity = Entity & {
+export declare interface MailboxEntity extends Entity {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5298,10 +6015,10 @@ export declare type MailboxEntity = Entity & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly externalDirectoryObjectId?: string;
-};
+}
 
 /** Mailbox entity property bag. */
-export declare type MailboxEntityProperties = EntityCommonProperties & {
+export declare interface MailboxEntityProperties extends EntityCommonProperties {
     /**
      * The mailbox's primary address
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5322,10 +6039,10 @@ export declare type MailboxEntityProperties = EntityCommonProperties & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly externalDirectoryObjectId?: string;
-};
+}
 
 /** Represents a mail cluster entity. */
-export declare type MailClusterEntity = Entity & {
+export declare interface MailClusterEntity extends Entity {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5413,10 +6130,10 @@ export declare type MailClusterEntity = Entity & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly clusterGroup?: string;
-};
+}
 
 /** Mail cluster entity property bag. */
-export declare type MailClusterEntityProperties = EntityCommonProperties & {
+export declare interface MailClusterEntityProperties extends EntityCommonProperties {
     /**
      * The mail message IDs that are part of the mail cluster
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5492,10 +6209,10 @@ export declare type MailClusterEntityProperties = EntityCommonProperties & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly clusterGroup?: string;
-};
+}
 
 /** Represents a mail message entity. */
-export declare type MailMessageEntity = Entity & {
+export declare interface MailMessageEntity extends Entity {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5609,10 +6326,10 @@ export declare type MailMessageEntity = Entity & {
     deliveryAction?: DeliveryAction;
     /** The delivery location of this mail message like Inbox, JunkFolder etc */
     deliveryLocation?: DeliveryLocation;
-};
+}
 
 /** Mail message entity property bag. */
-export declare type MailMessageEntityProperties = EntityCommonProperties & {
+export declare interface MailMessageEntityProperties extends EntityCommonProperties {
     /**
      * The File entity ids of this mail message's attachments
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5714,10 +6431,10 @@ export declare type MailMessageEntityProperties = EntityCommonProperties & {
     deliveryAction?: DeliveryAction;
     /** The delivery location of this mail message like Inbox, JunkFolder etc */
     deliveryLocation?: DeliveryLocation;
-};
+}
 
 /** Represents a malware entity. */
-export declare type MalwareEntity = Entity & {
+export declare interface MalwareEntity extends Entity {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5750,10 +6467,10 @@ export declare type MalwareEntity = Entity & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly processEntityIds?: string[];
-};
+}
 
 /** Malware entity property bag. */
-export declare type MalwareEntityProperties = EntityCommonProperties & {
+export declare interface MalwareEntityProperties extends EntityCommonProperties {
     /**
      * The malware category by the vendor, e.g. Trojan
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5774,7 +6491,12 @@ export declare type MalwareEntityProperties = EntityCommonProperties & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly processEntityIds?: string[];
-};
+}
+
+export declare interface ManualTriggerRequestBody {
+    tenantId?: string;
+    logicAppsResourceId?: string;
+}
 
 /**
  * Defines values for MatchingMethod. \
@@ -5788,57 +6510,60 @@ export declare type MalwareEntityProperties = EntityCommonProperties & {
 export declare type MatchingMethod = string;
 
 /** Represents MCAS (Microsoft Cloud App Security) requirements check request. */
-export declare type McasCheckRequirements = DataConnectorsCheckRequirements & {
+export declare interface McasCheckRequirements extends DataConnectorsCheckRequirements {
     /** Polymorphic discriminator, which specifies the different types this object can be */
     kind: "MicrosoftCloudAppSecurity";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
-};
+}
 
 /** MCAS (Microsoft Cloud App Security) requirements check properties. */
-export declare type McasCheckRequirementsProperties = DataConnectorTenantId & {};
+export declare interface McasCheckRequirementsProperties extends DataConnectorTenantId {
+}
 
 /** Represents MCAS (Microsoft Cloud App Security) data connector. */
-export declare type McasDataConnector = DataConnector & {
+export declare interface McasDataConnector extends DataConnector {
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
     dataTypes?: McasDataConnectorDataTypes;
-};
+}
 
 /** The available data types for MCAS (Microsoft Cloud App Security) data connector. */
-export declare type McasDataConnectorDataTypes = AlertsDataTypeOfDataConnector & {
+export declare interface McasDataConnectorDataTypes extends AlertsDataTypeOfDataConnector {
     /** Discovery log data type connection. */
     discoveryLogs?: DataConnectorDataTypeCommon;
-};
+}
 
 /** MCAS (Microsoft Cloud App Security) data connector properties. */
-export declare type McasDataConnectorProperties = DataConnectorTenantId & {
+export declare interface McasDataConnectorProperties extends DataConnectorTenantId {
     /** The available data types for the connector. */
     dataTypes: McasDataConnectorDataTypes;
-};
+}
 
 /** Represents MDATP (Microsoft Defender Advanced Threat Protection) requirements check request. */
-export declare type MdatpCheckRequirements = DataConnectorsCheckRequirements & {
+export declare interface MdatpCheckRequirements extends DataConnectorsCheckRequirements {
     /** Polymorphic discriminator, which specifies the different types this object can be */
     kind: "MicrosoftDefenderAdvancedThreatProtection";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
-};
+}
 
 /** MDATP (Microsoft Defender Advanced Threat Protection) requirements check properties. */
-export declare type MdatpCheckRequirementsProperties = DataConnectorTenantId & {};
+export declare interface MdatpCheckRequirementsProperties extends DataConnectorTenantId {
+}
 
 /** Represents MDATP (Microsoft Defender Advanced Threat Protection) data connector. */
-export declare type MdatpDataConnector = DataConnector & {
+export declare interface MdatpDataConnector extends DataConnector {
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
     dataTypes?: AlertsDataTypeOfDataConnector;
-};
+}
 
 /** MDATP (Microsoft Defender Advanced Threat Protection) data connector properties. */
-export declare type MdatpDataConnectorProperties = DataConnectorTenantId & DataConnectorWithAlertsProperties & {};
+export declare interface MdatpDataConnectorProperties extends DataConnectorTenantId, DataConnectorWithAlertsProperties {
+}
 
 /** Interface representing a Metadata. */
 export declare interface Metadata {
@@ -5979,7 +6704,7 @@ export declare interface MetadataListOptionalParams extends coreClient.Operation
 export declare type MetadataListResponse = MetadataList;
 
 /** Metadata resource definition. */
-export declare type MetadataModel = ResourceWithEtag & {
+export declare interface MetadataModel extends ResourceWithEtag {
     /** Static ID for the content.  Used to identify dependencies and content from solutions or community.  Hard-coded/static for out of the box content and solutions. Dynamic for user-created.  This is the resource name */
     contentId?: string;
     /** Full parent resource ID of the content item the metadata is for.  This is the full resource ID including the scope (subscription and resource group) */
@@ -6004,10 +6729,24 @@ export declare type MetadataModel = ResourceWithEtag & {
     firstPublishDate?: Date;
     /** last publish date for the solution content item */
     lastPublishDate?: Date;
-};
+    /** The custom version of the content. A optional free text */
+    customVersion?: string;
+    /** Schema version of the content. Can be used to distinguish between different flow based on the schema version */
+    contentSchemaVersion?: string;
+    /** the icon identifier. this id can later be fetched from the solution template */
+    icon?: string;
+    /** the tactics the resource covers */
+    threatAnalysisTactics?: string[];
+    /** the techniques the resource covers, these have to be aligned with the tactics being used */
+    threatAnalysisTechniques?: string[];
+    /** preview image file names. These will be taken from the solution artifacts */
+    previewImages?: string[];
+    /** preview image file names. These will be taken from the solution artifacts. used for dark theme support */
+    previewImagesDark?: string[];
+}
 
 /** Metadata patch request body. */
-export declare type MetadataPatch = ResourceWithEtag & {
+export declare interface MetadataPatch extends ResourceWithEtag {
     /** Static ID for the content.  Used to identify dependencies and content from solutions or community.  Hard-coded/static for out of the box content and solutions. Dynamic for user-created.  This is the resource name */
     contentId?: string;
     /** Full parent resource ID of the content item the metadata is for.  This is the full resource ID including the scope (subscription and resource group) */
@@ -6032,7 +6771,21 @@ export declare type MetadataPatch = ResourceWithEtag & {
     firstPublishDate?: Date;
     /** last publish date for the solution content item */
     lastPublishDate?: Date;
-};
+    /** The custom version of the content. A optional free text */
+    customVersion?: string;
+    /** Schema version of the content. Can be used to distinguish between different flow based on the schema version */
+    contentSchemaVersion?: string;
+    /** the icon identifier. this id can later be fetched from the solution template */
+    icon?: string;
+    /** the tactics the resource covers */
+    threatAnalysisTactics?: string[];
+    /** the techniques the resource covers, these have to be aligned with the tactics being used */
+    threatAnalysisTechniques?: string[];
+    /** preview image file names. These will be taken from the solution artifacts */
+    previewImages?: string[];
+    /** preview image file names. These will be taken from the solution artifacts. used for dark theme support */
+    previewImagesDark?: string[];
+}
 
 /** The original source of the content item, where it comes from. */
 export declare interface MetadataSource {
@@ -6064,7 +6817,7 @@ export declare interface MetadataUpdateOptionalParams extends coreClient.Operati
 export declare type MetadataUpdateResponse = MetadataModel;
 
 /** Represents MicrosoftSecurityIncidentCreation rule. */
-export declare type MicrosoftSecurityIncidentCreationAlertRule = AlertRule & {
+export declare interface MicrosoftSecurityIncidentCreationAlertRule extends AlertRule {
     /** the alerts' displayNames on which the cases will be generated */
     displayNamesFilter?: string[];
     /** the alerts' displayNames on which the cases will not be generated */
@@ -6086,7 +6839,7 @@ export declare type MicrosoftSecurityIncidentCreationAlertRule = AlertRule & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly lastModifiedUtc?: Date;
-};
+}
 
 /** MicrosoftSecurityIncidentCreation rule common property bag. */
 export declare interface MicrosoftSecurityIncidentCreationAlertRuleCommonProperties {
@@ -6101,7 +6854,7 @@ export declare interface MicrosoftSecurityIncidentCreationAlertRuleCommonPropert
 }
 
 /** MicrosoftSecurityIncidentCreation rule property bag. */
-export declare type MicrosoftSecurityIncidentCreationAlertRuleProperties = MicrosoftSecurityIncidentCreationAlertRuleCommonProperties & {
+export declare interface MicrosoftSecurityIncidentCreationAlertRuleProperties extends MicrosoftSecurityIncidentCreationAlertRuleCommonProperties {
     /** The Name of the alert rule template used to create this rule. */
     alertRuleTemplateName?: string;
     /** The description of the alert rule. */
@@ -6115,10 +6868,10 @@ export declare type MicrosoftSecurityIncidentCreationAlertRuleProperties = Micro
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly lastModifiedUtc?: Date;
-};
+}
 
 /** Represents MicrosoftSecurityIncidentCreation rule template. */
-export declare type MicrosoftSecurityIncidentCreationAlertRuleTemplate = AlertRuleTemplate & {
+export declare interface MicrosoftSecurityIncidentCreationAlertRuleTemplate extends AlertRuleTemplate {
     /** the number of alert rules that were created by this template */
     alertRulesCreatedByTemplateCount?: number;
     /**
@@ -6147,10 +6900,19 @@ export declare type MicrosoftSecurityIncidentCreationAlertRuleTemplate = AlertRu
     productFilter?: MicrosoftSecurityProductName;
     /** the alerts' severities on which the cases will be generated */
     severitiesFilter?: AlertSeverity[];
-};
+}
 
 /** MicrosoftSecurityIncidentCreation rule template properties */
-export declare type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties = AlertRuleTemplatePropertiesBase & MicrosoftSecurityIncidentCreationAlertRuleCommonProperties & {};
+export declare interface MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties extends AlertRuleTemplatePropertiesBase {
+    /** the alerts' displayNames on which the cases will be generated */
+    displayNamesFilter?: string[];
+    /** the alerts' displayNames on which the cases will not be generated */
+    displayNamesExcludeFilter?: string[];
+    /** The alerts' productName on which the cases will be generated */
+    productFilter?: MicrosoftSecurityProductName;
+    /** the alerts' severities on which the cases will be generated */
+    severitiesFilter?: AlertSeverity[];
+}
 
 /**
  * Defines values for MicrosoftSecurityProductName. \
@@ -6168,7 +6930,7 @@ export declare type MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties
 export declare type MicrosoftSecurityProductName = string;
 
 /** Represents MLBehaviorAnalytics alert rule. */
-export declare type MLBehaviorAnalyticsAlertRule = AlertRule & {
+export declare interface MLBehaviorAnalyticsAlertRule extends AlertRule {
     /** The Name of the alert rule template used to create this rule. */
     alertRuleTemplateName?: string;
     /**
@@ -6198,10 +6960,15 @@ export declare type MLBehaviorAnalyticsAlertRule = AlertRule & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly tactics?: AttackTactic[];
-};
+    /**
+     * The techniques of the alert rule
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly techniques?: string[];
+}
 
 /** Represents MLBehaviorAnalytics alert rule template. */
-export declare type MLBehaviorAnalyticsAlertRuleTemplate = AlertRuleTemplate & {
+export declare interface MLBehaviorAnalyticsAlertRuleTemplate extends AlertRuleTemplate {
     /** the number of alert rules that were created by this template */
     alertRulesCreatedByTemplateCount?: number;
     /**
@@ -6222,38 +6989,39 @@ export declare type MLBehaviorAnalyticsAlertRuleTemplate = AlertRuleTemplate & {
     requiredDataConnectors?: AlertRuleTemplateDataSource[];
     /** The alert rule template status. */
     status?: TemplateStatus;
+    /** The tactics of the alert rule */
+    tactics?: AttackTactic[];
+    /** The techniques of the alert rule */
+    techniques?: string[];
     /** The severity for alerts created by this alert rule. */
     severity?: AlertSeverity;
-    /** The tactics of the alert rule template. */
-    tactics?: AttackTactic[];
-};
+}
 
 /** MLBehaviorAnalytics alert rule template properties. */
-export declare type MLBehaviorAnalyticsAlertRuleTemplateProperties = AlertRuleTemplatePropertiesBase & {
+export declare interface MLBehaviorAnalyticsAlertRuleTemplateProperties extends AlertRuleTemplateWithMitreProperties {
     /** The severity for alerts created by this alert rule. */
     severity: AlertSeverity;
-    /** The tactics of the alert rule template. */
-    tactics?: AttackTactic[];
-};
+}
 
 /** Represents Microsoft Threat Intelligence requirements check request. */
-export declare type MstiCheckRequirements = DataConnectorsCheckRequirements & {
+export declare interface MstiCheckRequirements extends DataConnectorsCheckRequirements {
     /** Polymorphic discriminator, which specifies the different types this object can be */
     kind: "MicrosoftThreatIntelligence";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
-};
+}
 
 /** Microsoft Threat Intelligence requirements check properties. */
-export declare type MstiCheckRequirementsProperties = DataConnectorTenantId & {};
+export declare interface MstiCheckRequirementsProperties extends DataConnectorTenantId {
+}
 
 /** Represents Microsoft Threat Intelligence data connector. */
-export declare type MstiDataConnector = DataConnector & {
+export declare interface MstiDataConnector extends DataConnector {
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
     dataTypes?: MstiDataConnectorDataTypes;
-};
+}
 
 /** The available data types for Microsoft Threat Intelligence Platforms data connector. */
 export declare interface MstiDataConnectorDataTypes {
@@ -6264,41 +7032,42 @@ export declare interface MstiDataConnectorDataTypes {
 }
 
 /** Data type for Microsoft Threat Intelligence Platforms data connector. */
-export declare type MstiDataConnectorDataTypesBingSafetyPhishingURL = DataConnectorDataTypeCommon & {
+export declare interface MstiDataConnectorDataTypesBingSafetyPhishingURL extends DataConnectorDataTypeCommon {
     /** lookback period */
     lookbackPeriod: string;
-};
+}
 
 /** Data type for Microsoft Threat Intelligence Platforms data connector. */
-export declare type MstiDataConnectorDataTypesMicrosoftEmergingThreatFeed = DataConnectorDataTypeCommon & {
+export declare interface MstiDataConnectorDataTypesMicrosoftEmergingThreatFeed extends DataConnectorDataTypeCommon {
     /** lookback period */
     lookbackPeriod: string;
-};
+}
 
 /** Microsoft Threat Intelligence data connector properties. */
-export declare type MstiDataConnectorProperties = DataConnectorTenantId & {
+export declare interface MstiDataConnectorProperties extends DataConnectorTenantId {
     /** The available data types for the connector. */
     dataTypes: MstiDataConnectorDataTypes;
-};
+}
 
 /** Represents MTP (Microsoft Threat Protection) requirements check request. */
-export declare type MtpCheckRequirements = DataConnectorsCheckRequirements & {
+export declare interface MtpCheckRequirements extends DataConnectorsCheckRequirements {
     /** Polymorphic discriminator, which specifies the different types this object can be */
     kind: "MicrosoftThreatProtection";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
-};
+}
 
 /** MTP (Microsoft Threat Protection) requirements check properties. */
-export declare type MTPCheckRequirementsProperties = DataConnectorTenantId & {};
+export declare interface MTPCheckRequirementsProperties extends DataConnectorTenantId {
+}
 
 /** Represents MTP (Microsoft Threat Protection) data connector. */
-export declare type MTPDataConnector = DataConnector & {
+export declare interface MTPDataConnector extends DataConnector {
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
     dataTypes?: MTPDataConnectorDataTypes;
-};
+}
 
 /** The available data types for Microsoft Threat Protection Platforms data connector. */
 export declare interface MTPDataConnectorDataTypes {
@@ -6307,16 +7076,67 @@ export declare interface MTPDataConnectorDataTypes {
 }
 
 /** Data type for Microsoft Threat Protection Platforms data connector. */
-export declare type MTPDataConnectorDataTypesIncidents = DataConnectorDataTypeCommon & {};
+export declare interface MTPDataConnectorDataTypesIncidents extends DataConnectorDataTypeCommon {
+}
 
 /** MTP (Microsoft Threat Protection) data connector properties. */
-export declare type MTPDataConnectorProperties = DataConnectorTenantId & {
+export declare interface MTPDataConnectorProperties extends DataConnectorTenantId {
     /** The available data types for the connector. */
     dataTypes: MTPDataConnectorDataTypes;
-};
+}
+
+/** Represents an network interface entity. */
+export declare interface NicEntity extends Entity {
+    /**
+     * A bag of custom fields that should be part of the entity and will be presented to the user.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly additionalData?: {
+        [propertyName: string]: Record<string, unknown>;
+    };
+    /**
+     * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly friendlyName?: string;
+    /**
+     * The MAC address of this network interface
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly macAddress?: string;
+    /**
+     * The IP entity id of this network interface
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly ipAddressEntityId?: string;
+    /**
+     * A list of VLANs of the network interface entity.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly vlans?: string[];
+}
+
+/** Nic entity property bag. */
+export declare interface NicEntityProperties extends EntityCommonProperties {
+    /**
+     * The MAC address of this network interface
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly macAddress?: string;
+    /**
+     * The IP entity id of this network interface
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly ipAddressEntityId?: string;
+    /**
+     * A list of VLANs of the network interface entity.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly vlans?: string[];
+}
 
 /** Represents NRT alert rule. */
-export declare type NrtAlertRule = AlertRule & {
+export declare interface NrtAlertRule extends AlertRule {
     /** The Name of the alert rule template used to create this rule. */
     alertRuleTemplateName?: string;
     /** The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2> */
@@ -6325,6 +7145,10 @@ export declare type NrtAlertRule = AlertRule & {
     description?: string;
     /** The query that creates alerts for this rule. */
     query?: string;
+    /** The tactics of the alert rule */
+    tactics?: AttackTactic[];
+    /** The techniques of the alert rule */
+    techniques?: string[];
     /** The display name for alerts created by this alert rule. */
     displayName?: string;
     /** Determines whether this alert rule is enabled or disabled. */
@@ -6340,8 +7164,6 @@ export declare type NrtAlertRule = AlertRule & {
     suppressionEnabled?: boolean;
     /** The severity for alerts created by this alert rule. */
     severity?: AlertSeverity;
-    /** The tactics of the alert rule */
-    tactics?: AttackTactic[];
     /** The settings of the incidents that created from alerts triggered by this analytics rule */
     incidentConfiguration?: IncidentConfiguration;
     /** Dictionary of string key-value pairs of columns to be attached to the alert */
@@ -6352,13 +7174,10 @@ export declare type NrtAlertRule = AlertRule & {
     entityMappings?: EntityMapping[];
     /** The alert details override settings */
     alertDetailsOverride?: AlertDetailsOverride;
-};
-
-/** Nrt alert rule base property bag. */
-export declare type NrtAlertRuleProperties = QueryBasedAlertRuleProperties & {};
+}
 
 /** Represents NRT alert rule template. */
-export declare type NrtAlertRuleTemplate = AlertRuleTemplate & {
+export declare interface NrtAlertRuleTemplate extends AlertRuleTemplate {
     /** the number of alert rules that were created by this template */
     alertRulesCreatedByTemplateCount?: number;
     /**
@@ -6379,12 +7198,14 @@ export declare type NrtAlertRuleTemplate = AlertRuleTemplate & {
     requiredDataConnectors?: AlertRuleTemplateDataSource[];
     /** The alert rule template status. */
     status?: TemplateStatus;
+    /** The tactics of the alert rule */
+    tactics?: AttackTactic[];
+    /** The techniques of the alert rule */
+    techniques?: string[];
     /** The query that creates alerts for this rule. */
     query?: string;
     /** The severity for alerts created by this alert rule. */
     severity?: AlertSeverity;
-    /** The tactics of the alert rule */
-    tactics?: AttackTactic[];
     /** The version of this template - in format <a.b.c>, where all are numbers. For example <1.0.2>. */
     version?: string;
     /** Dictionary of string key-value pairs of columns to be attached to the alert */
@@ -6395,40 +7216,79 @@ export declare type NrtAlertRuleTemplate = AlertRuleTemplate & {
     entityMappings?: EntityMapping[];
     /** The alert details override settings */
     alertDetailsOverride?: AlertDetailsOverride;
-};
+}
 
 /** NRT alert rule template properties */
-export declare type NrtAlertRuleTemplateProperties = AlertRuleTemplatePropertiesBase & QueryBasedAlertRuleTemplateProperties & {};
+export declare interface NrtAlertRuleTemplateProperties extends AlertRuleTemplateWithMitreProperties, QueryBasedAlertRuleTemplateProperties {
+}
+
+/** Represents Office365 Project requirements check request. */
+export declare interface Office365ProjectCheckRequirements extends DataConnectorsCheckRequirements {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Office365Project";
+    /** The tenant id to connect to, and get the data from. */
+    tenantId?: string;
+}
+
+/** Office365 Project requirements check properties. */
+export declare interface Office365ProjectCheckRequirementsProperties extends DataConnectorTenantId {
+}
+
+/** The available data types for Office Microsoft Project data connector. */
+export declare interface Office365ProjectConnectorDataTypes {
+    /** Logs data type. */
+    logs: Office365ProjectConnectorDataTypesLogs;
+}
+
+/** Logs data type. */
+export declare interface Office365ProjectConnectorDataTypesLogs extends DataConnectorDataTypeCommon {
+}
+
+/** Represents Office Microsoft Project data connector. */
+export declare interface Office365ProjectDataConnector extends DataConnector {
+    /** The tenant id to connect to, and get the data from. */
+    tenantId?: string;
+    /** The available data types for the connector. */
+    dataTypes?: Office365ProjectConnectorDataTypes;
+}
+
+/** Office Microsoft Project data connector properties. */
+export declare interface Office365ProjectDataConnectorProperties extends DataConnectorTenantId {
+    /** The available data types for the connector. */
+    dataTypes: Office365ProjectConnectorDataTypes;
+}
 
 /** Represents OfficeATP (Office 365 Advanced Threat Protection) requirements check request. */
-export declare type OfficeATPCheckRequirements = DataConnectorsCheckRequirements & {
+export declare interface OfficeATPCheckRequirements extends DataConnectorsCheckRequirements {
     /** Polymorphic discriminator, which specifies the different types this object can be */
     kind: "OfficeATP";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
-};
+}
 
 /** OfficeATP (Office 365 Advanced Threat Protection) requirements check properties. */
-export declare type OfficeATPCheckRequirementsProperties = DataConnectorTenantId & {};
+export declare interface OfficeATPCheckRequirementsProperties extends DataConnectorTenantId {
+}
 
 /** Represents OfficeATP (Office 365 Advanced Threat Protection) data connector. */
-export declare type OfficeATPDataConnector = DataConnector & {
+export declare interface OfficeATPDataConnector extends DataConnector {
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
     dataTypes?: AlertsDataTypeOfDataConnector;
-};
+}
 
 /** OfficeATP (Office 365 Advanced Threat Protection) data connector properties. */
-export declare type OfficeATPDataConnectorProperties = DataConnectorTenantId & DataConnectorWithAlertsProperties & {};
+export declare interface OfficeATPDataConnectorProperties extends DataConnectorTenantId, DataConnectorWithAlertsProperties {
+}
 
 /** Consent for Office365 tenant that already made. */
-export declare type OfficeConsent = Resource & {
+export declare interface OfficeConsent extends Resource {
     /** The tenantId of the Office365 with the consent. */
     tenantId?: string;
     /** Help to easily cascade among the data layers. */
     consentId?: string;
-};
+}
 
 /** List of all the office365 consents. */
 export declare interface OfficeConsentList {
@@ -6494,12 +7354,12 @@ export declare interface OfficeConsentsListOptionalParams extends coreClient.Ope
 export declare type OfficeConsentsListResponse = OfficeConsentList;
 
 /** Represents office data connector. */
-export declare type OfficeDataConnector = DataConnector & {
+export declare interface OfficeDataConnector extends DataConnector {
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
     dataTypes?: OfficeDataConnectorDataTypes;
-};
+}
 
 /** The available data types for office data connector. */
 export declare interface OfficeDataConnectorDataTypes {
@@ -6512,41 +7372,82 @@ export declare interface OfficeDataConnectorDataTypes {
 }
 
 /** Exchange data type connection. */
-export declare type OfficeDataConnectorDataTypesExchange = DataConnectorDataTypeCommon & {};
+export declare interface OfficeDataConnectorDataTypesExchange extends DataConnectorDataTypeCommon {
+}
 
 /** SharePoint data type connection. */
-export declare type OfficeDataConnectorDataTypesSharePoint = DataConnectorDataTypeCommon & {};
+export declare interface OfficeDataConnectorDataTypesSharePoint extends DataConnectorDataTypeCommon {
+}
 
 /** Teams data type connection. */
-export declare type OfficeDataConnectorDataTypesTeams = DataConnectorDataTypeCommon & {};
+export declare interface OfficeDataConnectorDataTypesTeams extends DataConnectorDataTypeCommon {
+}
 
 /** Office data connector properties. */
-export declare type OfficeDataConnectorProperties = DataConnectorTenantId & {
+export declare interface OfficeDataConnectorProperties extends DataConnectorTenantId {
     /** The available data types for the connector. */
     dataTypes: OfficeDataConnectorDataTypes;
-};
+}
 
 /** Represents OfficeIRM (Microsoft Insider Risk Management) requirements check request. */
-export declare type OfficeIRMCheckRequirements = DataConnectorsCheckRequirements & {
+export declare interface OfficeIRMCheckRequirements extends DataConnectorsCheckRequirements {
     /** Polymorphic discriminator, which specifies the different types this object can be */
     kind: "OfficeIRM";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
-};
+}
 
 /** OfficeIRM (Microsoft Insider Risk Management) requirements check properties. */
-export declare type OfficeIRMCheckRequirementsProperties = DataConnectorTenantId & {};
+export declare interface OfficeIRMCheckRequirementsProperties extends DataConnectorTenantId {
+}
 
 /** Represents OfficeIRM (Microsoft Insider Risk Management) data connector. */
-export declare type OfficeIRMDataConnector = DataConnector & {
+export declare interface OfficeIRMDataConnector extends DataConnector {
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
     dataTypes?: AlertsDataTypeOfDataConnector;
-};
+}
 
 /** OfficeIRM (Microsoft Insider Risk Management) data connector properties. */
-export declare type OfficeIRMDataConnectorProperties = DataConnectorTenantId & DataConnectorWithAlertsProperties & {};
+export declare interface OfficeIRMDataConnectorProperties extends DataConnectorTenantId, DataConnectorWithAlertsProperties {
+}
+
+/** Represents Office PowerBI requirements check request. */
+export declare interface OfficePowerBICheckRequirements extends DataConnectorsCheckRequirements {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "OfficePowerBI";
+    /** The tenant id to connect to, and get the data from. */
+    tenantId?: string;
+}
+
+/** Office PowerBI requirements check properties. */
+export declare interface OfficePowerBICheckRequirementsProperties extends DataConnectorTenantId {
+}
+
+/** The available data types for Office Microsoft PowerBI data connector. */
+export declare interface OfficePowerBIConnectorDataTypes {
+    /** Logs data type. */
+    logs: OfficePowerBIConnectorDataTypesLogs;
+}
+
+/** Logs data type. */
+export declare interface OfficePowerBIConnectorDataTypesLogs extends DataConnectorDataTypeCommon {
+}
+
+/** Represents Office Microsoft PowerBI data connector. */
+export declare interface OfficePowerBIDataConnector extends DataConnector {
+    /** The tenant id to connect to, and get the data from. */
+    tenantId?: string;
+    /** The available data types for the connector. */
+    dataTypes?: OfficePowerBIConnectorDataTypes;
+}
+
+/** Office Microsoft PowerBI data connector properties. */
+export declare interface OfficePowerBIDataConnectorProperties extends DataConnectorTenantId {
+    /** The available data types for the connector. */
+    dataTypes: OfficePowerBIConnectorDataTypes;
+}
 
 /** Operation provided by provider */
 export declare interface Operation {
@@ -6662,9 +7563,18 @@ declare interface Permissions_2 {
 }
 export { Permissions_2 as Permissions }
 
-export declare type PermissionsCustomsItem = Customs & {};
+export declare interface PermissionsCustomsItem extends Customs {
+}
+
+export declare interface PermissionsResourceProviderItem extends ResourceProvider {
+}
 
-export declare type PermissionsResourceProviderItem = ResourceProvider & {};
+export declare interface PlaybookActionProperties {
+    /** The resource id of the playbook resource. */
+    logicAppResourceId?: string;
+    /** The tenant id of the playbook resource. */
+    tenantId?: string;
+}
 
 /**
  * Defines values for PollingFrequency. \
@@ -6678,7 +7588,7 @@ export declare type PermissionsResourceProviderItem = ResourceProvider & {};
 export declare type PollingFrequency = string;
 
 /** Represents a process entity. */
-export declare type ProcessEntity = Entity & {
+export declare interface ProcessEntity extends Entity {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -6733,10 +7643,10 @@ export declare type ProcessEntity = Entity & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly processId?: string;
-};
+}
 
 /** Process entity property bag. */
-export declare type ProcessEntityProperties = EntityCommonProperties & {
+export declare interface ProcessEntityProperties extends EntityCommonProperties {
     /**
      * The account entity id running the processes.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -6779,7 +7689,7 @@ export declare type ProcessEntityProperties = EntityCommonProperties & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly processId?: string;
-};
+}
 
 /** Interface representing a ProductSettings. */
 export declare interface ProductSettings {
@@ -6842,6 +7752,27 @@ export declare interface ProductSettingsUpdateOptionalParams extends coreClient.
 /** Contains response data for the update operation. */
 export declare type ProductSettingsUpdateResponse = SettingsUnion;
 
+/** Describes an automation rule condition that evaluates an array property's value change */
+export declare interface PropertyArrayChangedConditionProperties extends AutomationRuleCondition {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    conditionType: "PropertyArrayChanged";
+    conditionProperties?: AutomationRulePropertyArrayChangedValuesCondition;
+}
+
+/** Describes an automation rule condition that evaluates a property's value change */
+export declare interface PropertyChangedConditionProperties extends AutomationRuleCondition {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    conditionType: "PropertyChanged";
+    conditionProperties?: AutomationRulePropertyValuesChangedCondition;
+}
+
+/** Describes an automation rule condition that evaluates a property's value */
+export declare interface PropertyConditionProperties extends AutomationRuleCondition {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    conditionType: "Property";
+    conditionProperties?: AutomationRulePropertyValuesCondition;
+}
+
 /**
  * Defines values for ProviderName. \
  * {@link KnownProviderName} can be used interchangeably with ProviderName,
@@ -6856,53 +7787,12 @@ export declare type ProductSettingsUpdateResponse = SettingsUnion;
  */
 export declare type ProviderName = string;
 
-/** Query based alert rule base property bag. */
-export declare interface QueryBasedAlertRuleProperties {
-    /** The Name of the alert rule template used to create this rule. */
-    alertRuleTemplateName?: string;
-    /** The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2> */
-    templateVersion?: string;
-    /** The description of the alert rule. */
-    description?: string;
-    /** The query that creates alerts for this rule. */
-    query?: string;
-    /** The display name for alerts created by this alert rule. */
-    displayName: string;
-    /** Determines whether this alert rule is enabled or disabled. */
-    enabled: boolean;
-    /**
-     * The last time that this alert rule has been modified.
-     * NOTE: This property will not be serialized. It can only be populated by the server.
-     */
-    readonly lastModifiedUtc?: Date;
-    /** The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered. */
-    suppressionDuration: string;
-    /** Determines whether the suppression for this alert rule is enabled or disabled. */
-    suppressionEnabled: boolean;
-    /** The severity for alerts created by this alert rule. */
-    severity?: AlertSeverity;
-    /** The tactics of the alert rule */
-    tactics?: AttackTactic[];
-    /** The settings of the incidents that created from alerts triggered by this analytics rule */
-    incidentConfiguration?: IncidentConfiguration;
-    /** Dictionary of string key-value pairs of columns to be attached to the alert */
-    customDetails?: {
-        [propertyName: string]: string;
-    };
-    /** Array of the entity mappings of the alert rule */
-    entityMappings?: EntityMapping[];
-    /** The alert details override settings */
-    alertDetailsOverride?: AlertDetailsOverride;
-}
-
 /** Query based alert rule template base property bag. */
 export declare interface QueryBasedAlertRuleTemplateProperties {
     /** The query that creates alerts for this rule. */
     query?: string;
     /** The severity for alerts created by this alert rule. */
     severity?: AlertSeverity;
-    /** The tactics of the alert rule */
-    tactics?: AttackTactic[];
     /** The version of this template - in format <a.b.c>, where all are numbers. For example <1.0.2>. */
     version?: string;
     /** Dictionary of string key-value pairs of columns to be attached to the alert */
@@ -6934,7 +7824,7 @@ export declare interface QueryBasedAlertRuleTemplateProperties {
 export declare type RegistryHive = string;
 
 /** Represents a registry key entity. */
-export declare type RegistryKeyEntity = Entity & {
+export declare interface RegistryKeyEntity extends Entity {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -6957,10 +7847,10 @@ export declare type RegistryKeyEntity = Entity & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly key?: string;
-};
+}
 
 /** RegistryKey entity property bag. */
-export declare type RegistryKeyEntityProperties = EntityCommonProperties & {
+export declare interface RegistryKeyEntityProperties extends EntityCommonProperties {
     /**
      * the hive that holds the registry key.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -6971,10 +7861,10 @@ export declare type RegistryKeyEntityProperties = EntityCommonProperties & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly key?: string;
-};
+}
 
 /** Represents a registry value entity. */
-export declare type RegistryValueEntity = Entity & {
+export declare interface RegistryValueEntity extends Entity {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -7007,10 +7897,10 @@ export declare type RegistryValueEntity = Entity & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly valueType?: RegistryValueKind;
-};
+}
 
 /** RegistryValue entity property bag. */
-export declare type RegistryValueEntityProperties = EntityCommonProperties & {
+export declare interface RegistryValueEntityProperties extends EntityCommonProperties {
     /**
      * The registry key entity id.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -7031,7 +7921,7 @@ export declare type RegistryValueEntityProperties = EntityCommonProperties & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly valueType?: RegistryValueKind;
-};
+}
 
 /**
  * Defines values for RegistryValueKind. \
@@ -7050,7 +7940,7 @@ export declare type RegistryValueEntityProperties = EntityCommonProperties & {
 export declare type RegistryValueKind = string;
 
 /** Represents a relation between two resources */
-export declare type Relation = ResourceWithEtag & {
+export declare interface Relation extends ResourceWithEtag {
     /** The resource ID of the related resource */
     relatedResourceId?: string;
     /**
@@ -7068,7 +7958,7 @@ export declare type Relation = ResourceWithEtag & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly relatedResourceKind?: string;
-};
+}
 
 /** List of relations. */
 export declare interface RelationList {
@@ -7116,6 +8006,16 @@ export declare interface Repository {
     pathMapping?: ContentPathMap[];
 }
 
+/** Resources created in user's repository for the source-control. */
+export declare interface RepositoryResourceInfo {
+    /** The webhook object created for the source-control. */
+    webhook?: Webhook;
+    /** Resources created in GitHub for this source-control. */
+    gitHubResourceInfo?: GitHubResourceInfo;
+    /** Resources created in Azure DevOps for this source-control. */
+    azureDevOpsResourceInfo?: AzureDevOpsResourceInfo;
+}
+
 /**
  * Defines values for RepoType. \
  * {@link KnownRepoType} can be used interchangeably with RepoType,
@@ -7177,10 +8077,10 @@ export declare interface ResourceProvider {
 }
 
 /** An azure resource object with an Etag property */
-export declare type ResourceWithEtag = Resource & {
+export declare interface ResourceWithEtag extends Resource {
     /** Etag of the azure resource */
     etag?: string;
-};
+}
 
 /** The sample queries for the connector */
 export declare interface SampleQueries {
@@ -7191,25 +8091,35 @@ export declare interface SampleQueries {
 }
 
 /** Represents scheduled alert rule. */
-export declare type ScheduledAlertRule = AlertRule & {
+export declare interface ScheduledAlertRule extends AlertRule {
+    /** The query that creates alerts for this rule. */
+    query?: string;
     /** The frequency (in ISO 8601 duration format) for this alert rule to run. */
     queryFrequency?: string;
     /** The period (in ISO 8601 duration format) that this alert rule looks at. */
     queryPeriod?: string;
+    /** The severity for alerts created by this alert rule. */
+    severity?: AlertSeverity;
     /** The operation against the threshold that triggers alert rule. */
     triggerOperator?: TriggerOperator;
     /** The threshold triggers this alert rule. */
     triggerThreshold?: number;
     /** The event grouping settings. */
     eventGroupingSettings?: EventGroupingSettings;
+    /** Dictionary of string key-value pairs of columns to be attached to the alert */
+    customDetails?: {
+        [propertyName: string]: string;
+    };
+    /** Array of the entity mappings of the alert rule */
+    entityMappings?: EntityMapping[];
+    /** The alert details override settings */
+    alertDetailsOverride?: AlertDetailsOverride;
     /** The Name of the alert rule template used to create this rule. */
     alertRuleTemplateName?: string;
     /** The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2> */
     templateVersion?: string;
     /** The description of the alert rule. */
     description?: string;
-    /** The query that creates alerts for this rule. */
-    query?: string;
     /** The display name for alerts created by this alert rule. */
     displayName?: string;
     /** Determines whether this alert rule is enabled or disabled. */
@@ -7223,94 +8133,123 @@ export declare type ScheduledAlertRule = AlertRule & {
     suppressionDuration?: string;
     /** Determines whether the suppression for this alert rule is enabled or disabled. */
     suppressionEnabled?: boolean;
-    /** The severity for alerts created by this alert rule. */
-    severity?: AlertSeverity;
     /** The tactics of the alert rule */
     tactics?: AttackTactic[];
+    /** The techniques of the alert rule */
+    techniques?: string[];
     /** The settings of the incidents that created from alerts triggered by this analytics rule */
     incidentConfiguration?: IncidentConfiguration;
-    /** Dictionary of string key-value pairs of columns to be attached to the alert */
-    customDetails?: {
-        [propertyName: string]: string;
-    };
-    /** Array of the entity mappings of the alert rule */
-    entityMappings?: EntityMapping[];
-    /** The alert details override settings */
-    alertDetailsOverride?: AlertDetailsOverride;
-};
+}
 
 /** Scheduled alert rule template property bag. */
 export declare interface ScheduledAlertRuleCommonProperties {
+    /** The query that creates alerts for this rule. */
+    query?: string;
     /** The frequency (in ISO 8601 duration format) for this alert rule to run. */
     queryFrequency?: string;
     /** The period (in ISO 8601 duration format) that this alert rule looks at. */
     queryPeriod?: string;
+    /** The severity for alerts created by this alert rule. */
+    severity?: AlertSeverity;
     /** The operation against the threshold that triggers alert rule. */
     triggerOperator?: TriggerOperator;
     /** The threshold triggers this alert rule. */
     triggerThreshold?: number;
     /** The event grouping settings. */
     eventGroupingSettings?: EventGroupingSettings;
+    /** Dictionary of string key-value pairs of columns to be attached to the alert */
+    customDetails?: {
+        [propertyName: string]: string;
+    };
+    /** Array of the entity mappings of the alert rule */
+    entityMappings?: EntityMapping[];
+    /** The alert details override settings */
+    alertDetailsOverride?: AlertDetailsOverride;
 }
 
 /** Scheduled alert rule base property bag. */
-export declare type ScheduledAlertRuleProperties = ScheduledAlertRuleCommonProperties & QueryBasedAlertRuleProperties & {};
+export declare interface ScheduledAlertRuleProperties extends ScheduledAlertRuleCommonProperties {
+    /** The Name of the alert rule template used to create this rule. */
+    alertRuleTemplateName?: string;
+    /** The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2> */
+    templateVersion?: string;
+    /** The description of the alert rule. */
+    description?: string;
+    /** The display name for alerts created by this alert rule. */
+    displayName: string;
+    /** Determines whether this alert rule is enabled or disabled. */
+    enabled: boolean;
+    /**
+     * The last time that this alert rule has been modified.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly lastModifiedUtc?: Date;
+    /** The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered. */
+    suppressionDuration: string;
+    /** Determines whether the suppression for this alert rule is enabled or disabled. */
+    suppressionEnabled: boolean;
+    /** The tactics of the alert rule */
+    tactics?: AttackTactic[];
+    /** The techniques of the alert rule */
+    techniques?: string[];
+    /** The settings of the incidents that created from alerts triggered by this analytics rule */
+    incidentConfiguration?: IncidentConfiguration;
+}
 
 /** Represents scheduled alert rule template. */
-export declare type ScheduledAlertRuleTemplate = AlertRuleTemplate & {
+export declare interface ScheduledAlertRuleTemplate extends AlertRuleTemplate {
     /** the number of alert rules that were created by this template */
     alertRulesCreatedByTemplateCount?: number;
     /**
-     * The last time that this alert rule template has been updated.
+     * The time that this alert rule template has been added.
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
-    readonly lastUpdatedDateUTC?: Date;
+    readonly createdDateUTC?: Date;
     /**
-     * The time that this alert rule template has been added.
+     * The time that this alert rule template was last updated.
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
-    readonly createdDateUTC?: Date;
+    readonly lastUpdatedDateUTC?: Date;
     /** The description of the alert rule template. */
     description?: string;
     /** The display name for alert rule template. */
     displayName?: string;
-    /** The required data sources for this template */
+    /** The required data connectors for this template */
     requiredDataConnectors?: AlertRuleTemplateDataSource[];
     /** The alert rule template status. */
     status?: TemplateStatus;
     /** The query that creates alerts for this rule. */
     query?: string;
-    /** The severity for alerts created by this alert rule. */
-    severity?: AlertSeverity;
-    /** The tactics of the alert rule */
-    tactics?: AttackTactic[];
-    /** The version of this template - in format <a.b.c>, where all are numbers. For example <1.0.2>. */
-    version?: string;
-    /** Dictionary of string key-value pairs of columns to be attached to the alert */
-    customDetails?: {
-        [propertyName: string]: string;
-    };
-    /** Array of the entity mappings of the alert rule */
-    entityMappings?: EntityMapping[];
-    /** The alert details override settings */
-    alertDetailsOverride?: AlertDetailsOverride;
     /** The frequency (in ISO 8601 duration format) for this alert rule to run. */
     queryFrequency?: string;
     /** The period (in ISO 8601 duration format) that this alert rule looks at. */
     queryPeriod?: string;
+    /** The severity for alerts created by this alert rule. */
+    severity?: AlertSeverity;
     /** The operation against the threshold that triggers alert rule. */
     triggerOperator?: TriggerOperator;
     /** The threshold triggers this alert rule. */
     triggerThreshold?: number;
+    /** The tactics of the alert rule template */
+    tactics?: AttackTactic[];
+    /** The techniques of the alert rule */
+    techniques?: string[];
+    /** The version of this template - in format <a.b.c>, where all are numbers. For example <1.0.2>. */
+    version?: string;
     /** The event grouping settings. */
     eventGroupingSettings?: EventGroupingSettings;
-};
-
-/** Scheduled alert rule template properties */
-export declare type ScheduledAlertRuleTemplateProperties = AlertRuleTemplatePropertiesBase & QueryBasedAlertRuleTemplateProperties & ScheduledAlertRuleCommonProperties & {};
+    /** Dictionary of string key-value pairs of columns to be attached to the alert */
+    customDetails?: {
+        [propertyName: string]: string;
+    };
+    /** Array of the entity mappings of the alert rule */
+    entityMappings?: EntityMapping[];
+    /** The alert details override settings */
+    alertDetailsOverride?: AlertDetailsOverride;
+}
 
 /** Represents a security alert entity. */
-export declare type SecurityAlert = Entity & {
+export declare interface SecurityAlert extends Entity {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -7445,10 +8384,10 @@ export declare type SecurityAlert = Entity & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly resourceIdentifiers?: Record<string, unknown>[];
-};
+}
 
 /** SecurityAlert entity property bag. */
-export declare type SecurityAlertProperties = EntityCommonProperties & {
+export declare interface SecurityAlertProperties extends EntityCommonProperties {
     /**
      * The display name of the alert.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -7571,7 +8510,7 @@ export declare type SecurityAlertProperties = EntityCommonProperties & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly resourceIdentifiers?: Record<string, unknown>[];
-};
+}
 
 /** confidence reason item */
 export declare interface SecurityAlertPropertiesConfidenceReasonsItem {
@@ -7588,7 +8527,7 @@ export declare interface SecurityAlertPropertiesConfidenceReasonsItem {
 }
 
 /** Represents security alert timeline item. */
-export declare type SecurityAlertTimelineItem = EntityTimelineItem & {
+export declare interface SecurityAlertTimelineItem extends EntityTimelineItem {
     /** Polymorphic discriminator, which specifies the different types this object can be */
     kind: "SecurityAlert";
     /** The alert azure resource id. */
@@ -7609,10 +8548,10 @@ export declare type SecurityAlertTimelineItem = EntityTimelineItem & {
     timeGenerated: Date;
     /** The name of the alert type. */
     alertType: string;
-};
+}
 
 /** Represents a security group entity. */
-export declare type SecurityGroupEntity = Entity & {
+export declare interface SecurityGroupEntity extends Entity {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -7640,10 +8579,10 @@ export declare type SecurityGroupEntity = Entity & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly sid?: string;
-};
+}
 
 /** SecurityGroup entity property bag. */
-export declare type SecurityGroupEntityProperties = EntityCommonProperties & {
+export declare interface SecurityGroupEntityProperties extends EntityCommonProperties {
     /**
      * The group distinguished name
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -7659,7 +8598,7 @@ export declare type SecurityGroupEntityProperties = EntityCommonProperties & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly sid?: string;
-};
+}
 
 export declare class SecurityInsights extends coreClient.ServiceClient {
     $host: string;
@@ -7672,38 +8611,41 @@ export declare class SecurityInsights extends coreClient.ServiceClient {
      * @param options The parameter options
      */
     constructor(credentials: coreAuth.TokenCredential, subscriptionId: string, options?: SecurityInsightsOptionalParams);
+    /** A function that adds a policy that sets the api-version (or equivalent) to reflect the library version. */
+    private addCustomApiVersionPolicy;
     alertRules: AlertRules;
     actions: Actions;
     alertRuleTemplates: AlertRuleTemplates;
     automationRules: AutomationRules;
+    incidents: Incidents;
     bookmarks: Bookmarks;
     bookmarkRelations: BookmarkRelations;
     bookmarkOperations: BookmarkOperations;
     iPGeodata: IPGeodata;
     domainWhois: DomainWhois;
-    entityQueries: EntityQueries;
     entities: Entities;
     entitiesGetTimeline: EntitiesGetTimeline;
     entitiesRelations: EntitiesRelations;
     entityRelations: EntityRelations;
-    incidents: Incidents;
+    entityQueries: EntityQueries;
+    entityQueryTemplates: EntityQueryTemplates;
     incidentComments: IncidentComments;
     incidentRelations: IncidentRelations;
     metadata: Metadata;
+    officeConsents: OfficeConsents;
     sentinelOnboardingStates: SentinelOnboardingStates;
+    securityMLAnalyticsSettings: SecurityMLAnalyticsSettings;
     productSettings: ProductSettings;
     sourceControlOperations: SourceControlOperations;
     sourceControls: SourceControls;
+    threatIntelligenceIndicator: ThreatIntelligenceIndicator;
+    threatIntelligenceIndicators: ThreatIntelligenceIndicators;
+    threatIntelligenceIndicatorMetrics: ThreatIntelligenceIndicatorMetrics;
     watchlists: Watchlists;
     watchlistItems: WatchlistItems;
     dataConnectors: DataConnectors;
     dataConnectorsCheckRequirementsOperations: DataConnectorsCheckRequirementsOperations;
-    threatIntelligenceIndicator: ThreatIntelligenceIndicator;
-    threatIntelligenceIndicators: ThreatIntelligenceIndicators;
-    threatIntelligenceIndicatorMetrics: ThreatIntelligenceIndicatorMetrics;
     operations: Operations;
-    officeConsents: OfficeConsents;
-    entityQueryTemplates: EntityQueryTemplates;
 }
 
 /** Optional parameters. */
@@ -7716,11 +8658,115 @@ export declare interface SecurityInsightsOptionalParams extends coreClient.Servi
     endpoint?: string;
 }
 
+/** Security ML Analytics Setting */
+export declare interface SecurityMLAnalyticsSetting extends ResourceWithEtag {
+    /** The kind of security ML Analytics Settings */
+    kind: SecurityMLAnalyticsSettingsKind;
+}
+
+/** Interface representing a SecurityMLAnalyticsSettings. */
+export declare interface SecurityMLAnalyticsSettings {
+    /**
+     * Gets all Security ML Analytics Settings.
+     * @param resourceGroupName The name of the resource group. The name is case insensitive.
+     * @param workspaceName The name of the workspace.
+     * @param options The options parameters.
+     */
+    list(resourceGroupName: string, workspaceName: string, options?: SecurityMLAnalyticsSettingsListOptionalParams): PagedAsyncIterableIterator<SecurityMLAnalyticsSettingUnion>;
+    /**
+     * Gets the Security ML Analytics Settings.
+     * @param resourceGroupName The name of the resource group. The name is case insensitive.
+     * @param workspaceName The name of the workspace.
+     * @param settingsResourceName Security ML Analytics Settings resource name
+     * @param options The options parameters.
+     */
+    get(resourceGroupName: string, workspaceName: string, settingsResourceName: string, options?: SecurityMLAnalyticsSettingsGetOptionalParams): Promise<SecurityMLAnalyticsSettingsGetResponse>;
+    /**
+     * Creates or updates the Security ML Analytics Settings.
+     * @param resourceGroupName The name of the resource group. The name is case insensitive.
+     * @param workspaceName The name of the workspace.
+     * @param settingsResourceName Security ML Analytics Settings resource name
+     * @param securityMLAnalyticsSetting The security ML Analytics setting
+     * @param options The options parameters.
+     */
+    createOrUpdate(resourceGroupName: string, workspaceName: string, settingsResourceName: string, securityMLAnalyticsSetting: SecurityMLAnalyticsSettingUnion, options?: SecurityMLAnalyticsSettingsCreateOrUpdateOptionalParams): Promise<SecurityMLAnalyticsSettingsCreateOrUpdateResponse>;
+    /**
+     * Delete the Security ML Analytics Settings.
+     * @param resourceGroupName The name of the resource group. The name is case insensitive.
+     * @param workspaceName The name of the workspace.
+     * @param settingsResourceName Security ML Analytics Settings resource name
+     * @param options The options parameters.
+     */
+    delete(resourceGroupName: string, workspaceName: string, settingsResourceName: string, options?: SecurityMLAnalyticsSettingsDeleteOptionalParams): Promise<void>;
+}
+
+/** Optional parameters. */
+export declare interface SecurityMLAnalyticsSettingsCreateOrUpdateOptionalParams extends coreClient.OperationOptions {
+}
+
+/** Contains response data for the createOrUpdate operation. */
+export declare type SecurityMLAnalyticsSettingsCreateOrUpdateResponse = SecurityMLAnalyticsSettingUnion;
+
+/** security ml analytics settings data sources */
+export declare interface SecurityMLAnalyticsSettingsDataSource {
+    /** The connector id that provides the following data types */
+    connectorId?: string;
+    /** The data types used by the security ml analytics settings */
+    dataTypes?: string[];
+}
+
+/** Optional parameters. */
+export declare interface SecurityMLAnalyticsSettingsDeleteOptionalParams extends coreClient.OperationOptions {
+}
+
+/** Optional parameters. */
+export declare interface SecurityMLAnalyticsSettingsGetOptionalParams extends coreClient.OperationOptions {
+}
+
+/** Contains response data for the get operation. */
+export declare type SecurityMLAnalyticsSettingsGetResponse = SecurityMLAnalyticsSettingUnion;
+
+/**
+ * Defines values for SecurityMLAnalyticsSettingsKind. \
+ * {@link KnownSecurityMLAnalyticsSettingsKind} can be used interchangeably with SecurityMLAnalyticsSettingsKind,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **Anomaly**
+ */
+export declare type SecurityMLAnalyticsSettingsKind = string;
+
+/** List all the SecurityMLAnalyticsSettings */
+export declare interface SecurityMLAnalyticsSettingsList {
+    /**
+     * URL to fetch the next set of SecurityMLAnalyticsSettings.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly nextLink?: string;
+    /** Array of SecurityMLAnalyticsSettings */
+    value: SecurityMLAnalyticsSettingUnion[];
+}
+
+/** Optional parameters. */
+export declare interface SecurityMLAnalyticsSettingsListNextOptionalParams extends coreClient.OperationOptions {
+}
+
+/** Contains response data for the listNext operation. */
+export declare type SecurityMLAnalyticsSettingsListNextResponse = SecurityMLAnalyticsSettingsList;
+
+/** Optional parameters. */
+export declare interface SecurityMLAnalyticsSettingsListOptionalParams extends coreClient.OperationOptions {
+}
+
+/** Contains response data for the list operation. */
+export declare type SecurityMLAnalyticsSettingsListResponse = SecurityMLAnalyticsSettingsList;
+
+export declare type SecurityMLAnalyticsSettingUnion = SecurityMLAnalyticsSetting | AnomalySecurityMLAnalyticsSettings;
+
 /** Sentinel onboarding state */
-export declare type SentinelOnboardingState = ResourceWithEtag & {
+export declare interface SentinelOnboardingState extends ResourceWithEtag {
     /** Flag that indicates the status of the CMK setting */
     customerManagedKey?: boolean;
-};
+}
 
 /** Interface representing a SentinelOnboardingStates. */
 export declare interface SentinelOnboardingStates {
@@ -7809,10 +8855,20 @@ export declare interface SettingList {
 }
 
 /** The Setting. */
-export declare type Settings = ResourceWithEtag & {
+export declare interface Settings extends ResourceWithEtag {
     /** The kind of the setting */
     kind: SettingKind;
-};
+}
+
+/**
+ * Defines values for SettingsStatus. \
+ * {@link KnownSettingsStatus} can be used interchangeably with SettingsStatus,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **Production**: Anomaly settings status in Production mode \
+ * **Flighting**: Anomaly settings status in Flighting mode
+ */
+export declare type SettingsStatus = string;
 
 export declare type SettingsUnion = Settings | Anomalies | EyesOn | EntityAnalytics | Ueba;
 
@@ -7827,38 +8883,12 @@ export declare type SettingsUnion = Settings | Anomalies | EyesOn | EntityAnalyt
  */
 export declare type SettingType = string;
 
-/** The pricing tier of the solution */
-export declare interface Sku {
-    /** The kind of the tier */
-    name?: SkuKind;
-    /** The amount of reservation level */
-    capacityReservationLevel?: number;
-}
-
-/**
- * Defines values for SkuKind. \
- * {@link KnownSkuKind} can be used interchangeably with SkuKind,
- *  this enum contains the known values that the service supports.
- * ### Known values supported by the service
- * **PerGB** \
- * **CapacityReservation**
- */
-export declare type SkuKind = string;
-
-/**
- * Defines values for Source. \
- * {@link KnownSource} can be used interchangeably with Source,
- *  this enum contains the known values that the service supports.
- * ### Known values supported by the service
- * **Local file** \
- * **Remote storage**
- */
-export declare type Source = string;
-
 /** Represents a SourceControl in Azure Security Insights. */
-export declare type SourceControl = ResourceWithEtag & {
+export declare interface SourceControl extends ResourceWithEtag {
     /** The id (a Guid) of the source control */
     idPropertiesId?: string;
+    /** The version number associated with the source control */
+    version?: Version;
     /** The display name of the source control */
     displayName?: string;
     /** A description of the source control */
@@ -7869,7 +8899,11 @@ export declare type SourceControl = ResourceWithEtag & {
     contentTypes?: ContentType[];
     /** Repository metadata. */
     repository?: Repository;
-};
+    /** Information regarding the resources created in user's repository. */
+    repositoryResourceInfo?: RepositoryResourceInfo;
+    /** Information regarding the latest deployment for the source control. */
+    lastDeploymentInfo?: DeploymentInfo;
+}
 
 /** List all the source controls. */
 export declare interface SourceControlList {
@@ -7988,8 +9022,18 @@ export declare type SourceControlsListResponse = SourceControlList;
  */
 export declare type SourceKind = string;
 
+/**
+ * Defines values for SourceType. \
+ * {@link KnownSourceType} can be used interchangeably with SourceType,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **Local file** \
+ * **Remote storage**
+ */
+export declare type SourceType = string;
+
 /** Represents a submission mail entity. */
-export declare type SubmissionMailEntity = Entity & {
+export declare interface SubmissionMailEntity extends Entity {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -8052,10 +9096,10 @@ export declare type SubmissionMailEntity = Entity & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly reportType?: string;
-};
+}
 
 /** Submission mail entity property bag. */
-export declare type SubmissionMailEntityProperties = EntityCommonProperties & {
+export declare interface SubmissionMailEntityProperties extends EntityCommonProperties {
     /**
      * The network message id of email to which submission belongs
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -8106,7 +9150,7 @@ export declare type SubmissionMailEntityProperties = EntityCommonProperties & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly reportType?: string;
-};
+}
 
 /**
  * Defines values for SupportTier. \
@@ -8222,7 +9266,7 @@ export declare interface ThreatIntelligence {
 }
 
 /** Represents Threat Intelligence alert rule. */
-export declare type ThreatIntelligenceAlertRule = AlertRule & {
+export declare interface ThreatIntelligenceAlertRule extends AlertRule {
     /** The Name of the alert rule template used to create this rule. */
     alertRuleTemplateName?: string;
     /**
@@ -8252,10 +9296,15 @@ export declare type ThreatIntelligenceAlertRule = AlertRule & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly tactics?: AttackTactic[];
-};
+    /**
+     * The techniques of the alert rule
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly techniques?: string[];
+}
 
 /** Represents Threat Intelligence alert rule template. */
-export declare type ThreatIntelligenceAlertRuleTemplate = AlertRuleTemplate & {
+export declare interface ThreatIntelligenceAlertRuleTemplate extends AlertRuleTemplate {
     /** the number of alert rules that were created by this template */
     alertRulesCreatedByTemplateCount?: number;
     /**
@@ -8276,19 +9325,19 @@ export declare type ThreatIntelligenceAlertRuleTemplate = AlertRuleTemplate & {
     requiredDataConnectors?: AlertRuleTemplateDataSource[];
     /** The alert rule template status. */
     status?: TemplateStatus;
+    /** The tactics of the alert rule */
+    tactics?: AttackTactic[];
+    /** The techniques of the alert rule */
+    techniques?: string[];
     /** The severity for alerts created by this alert rule. */
     severity?: AlertSeverity;
-    /** The tactics of the alert rule template */
-    tactics?: AttackTactic[];
-};
+}
 
 /** Threat Intelligence alert rule template properties */
-export declare type ThreatIntelligenceAlertRuleTemplateProperties = AlertRuleTemplatePropertiesBase & {
+export declare interface ThreatIntelligenceAlertRuleTemplateProperties extends AlertRuleTemplateWithMitreProperties {
     /** The severity for alerts created by this alert rule. */
     severity: AlertSeverity;
-    /** The tactics of the alert rule template */
-    tactics?: AttackTactic[];
-};
+}
 
 /** Array of tags to be appended to the threat intelligence indicator. */
 export declare interface ThreatIntelligenceAppendTags {
@@ -8371,7 +9420,7 @@ export declare interface ThreatIntelligenceIndicator {
      *                                     update.
      * @param options The options parameters.
      */
-    createIndicator(resourceGroupName: string, workspaceName: string, threatIntelligenceProperties: ThreatIntelligenceIndicatorModelForRequestBody, options?: ThreatIntelligenceIndicatorCreateIndicatorOptionalParams): Promise<ThreatIntelligenceIndicatorCreateIndicatorResponse>;
+    createIndicator(resourceGroupName: string, workspaceName: string, threatIntelligenceProperties: ThreatIntelligenceIndicatorModel, options?: ThreatIntelligenceIndicatorCreateIndicatorOptionalParams): Promise<ThreatIntelligenceIndicatorCreateIndicatorResponse>;
     /**
      * View a threat intelligence indicator by name.
      * @param resourceGroupName The name of the resource group. The name is case insensitive.
@@ -8389,7 +9438,7 @@ export declare interface ThreatIntelligenceIndicator {
      *                                     update.
      * @param options The options parameters.
      */
-    create(resourceGroupName: string, workspaceName: string, name: string, threatIntelligenceProperties: ThreatIntelligenceIndicatorModelForRequestBody, options?: ThreatIntelligenceIndicatorCreateOptionalParams): Promise<ThreatIntelligenceIndicatorCreateResponse>;
+    create(resourceGroupName: string, workspaceName: string, name: string, threatIntelligenceProperties: ThreatIntelligenceIndicatorModel, options?: ThreatIntelligenceIndicatorCreateOptionalParams): Promise<ThreatIntelligenceIndicatorCreateResponse>;
     /**
      * Delete a threat intelligence indicator.
      * @param resourceGroupName The name of the resource group. The name is case insensitive.
@@ -8415,7 +9464,7 @@ export declare interface ThreatIntelligenceIndicator {
      * @param threatIntelligenceReplaceTags Tags in the threat intelligence indicator to be replaced.
      * @param options The options parameters.
      */
-    replaceTags(resourceGroupName: string, workspaceName: string, name: string, threatIntelligenceReplaceTags: ThreatIntelligenceIndicatorModelForRequestBody, options?: ThreatIntelligenceIndicatorReplaceTagsOptionalParams): Promise<ThreatIntelligenceIndicatorReplaceTagsResponse>;
+    replaceTags(resourceGroupName: string, workspaceName: string, name: string, threatIntelligenceReplaceTags: ThreatIntelligenceIndicatorModel, options?: ThreatIntelligenceIndicatorReplaceTagsOptionalParams): Promise<ThreatIntelligenceIndicatorReplaceTagsResponse>;
 }
 
 /** Optional parameters. */
@@ -8466,83 +9515,7 @@ export declare interface ThreatIntelligenceIndicatorMetricsListOptionalParams ex
 export declare type ThreatIntelligenceIndicatorMetricsListResponse = ThreatIntelligenceMetricsList;
 
 /** Threat intelligence indicator entity. */
-export declare type ThreatIntelligenceIndicatorModel = ThreatIntelligenceInformation & {
-    /**
-     * A bag of custom fields that should be part of the entity and will be presented to the user.
-     * NOTE: This property will not be serialized. It can only be populated by the server.
-     */
-    readonly additionalData?: {
-        [propertyName: string]: Record<string, unknown>;
-    };
-    /**
-     * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated.
-     * NOTE: This property will not be serialized. It can only be populated by the server.
-     */
-    readonly friendlyName?: string;
-    /** List of tags */
-    threatIntelligenceTags?: string[];
-    /** Last updated time in UTC */
-    lastUpdatedTimeUtc?: string;
-    /** Source of a threat intelligence entity */
-    source?: string;
-    /** Display name of a threat intelligence entity */
-    displayName?: string;
-    /** Description of a threat intelligence entity */
-    description?: string;
-    /** Indicator types of threat intelligence entities */
-    indicatorTypes?: string[];
-    /** Pattern of a threat intelligence entity */
-    pattern?: string;
-    /** Pattern type of a threat intelligence entity */
-    patternType?: string;
-    /** Pattern version of a threat intelligence entity */
-    patternVersion?: string;
-    /** Kill chain phases */
-    killChainPhases?: ThreatIntelligenceKillChainPhase[];
-    /** Parsed patterns */
-    parsedPattern?: ThreatIntelligenceParsedPattern[];
-    /** External ID of threat intelligence entity */
-    externalId?: string;
-    /** Created by reference of threat intelligence entity */
-    createdByRef?: string;
-    /** Is threat intelligence entity defanged */
-    defanged?: boolean;
-    /** External last updated time in UTC */
-    externalLastUpdatedTimeUtc?: string;
-    /** External References */
-    externalReferences?: ThreatIntelligenceExternalReference[];
-    /** Granular Markings */
-    granularMarkings?: ThreatIntelligenceGranularMarkingModel[];
-    /** Labels  of threat intelligence entity */
-    labels?: string[];
-    /** Is threat intelligence entity revoked */
-    revoked?: boolean;
-    /** Confidence of threat intelligence entity */
-    confidence?: number;
-    /** Threat intelligence entity object marking references */
-    objectMarkingRefs?: string[];
-    /** Language of threat intelligence entity */
-    language?: string;
-    /** Threat types */
-    threatTypes?: string[];
-    /** Valid from */
-    validFrom?: string;
-    /** Valid until */
-    validUntil?: string;
-    /** Created by */
-    created?: string;
-    /** Modified by */
-    modified?: string;
-    /** Extensions map */
-    extensions?: {
-        [propertyName: string]: any;
-    };
-};
-
-/** Threat intelligence indicator entity used in request body. */
-export declare type ThreatIntelligenceIndicatorModelForRequestBody = ThreatIntelligenceResourceKind & {
-    /** Etag of the azure resource */
-    etag?: string;
+export declare interface ThreatIntelligenceIndicatorModel extends ThreatIntelligenceInformation {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -8613,10 +9586,10 @@ export declare type ThreatIntelligenceIndicatorModelForRequestBody = ThreatIntel
     extensions?: {
         [propertyName: string]: any;
     };
-};
+}
 
 /** Describes threat intelligence entity properties */
-export declare type ThreatIntelligenceIndicatorProperties = EntityCommonProperties & {
+export declare interface ThreatIntelligenceIndicatorProperties extends EntityCommonProperties {
     /** List of tags */
     threatIntelligenceTags?: string[];
     /** Last updated time in UTC */
@@ -8675,7 +9648,7 @@ export declare type ThreatIntelligenceIndicatorProperties = EntityCommonProperti
     extensions?: {
         [propertyName: string]: any;
     };
-};
+}
 
 /** Optional parameters. */
 export declare interface ThreatIntelligenceIndicatorQueryIndicatorsNextOptionalParams extends coreClient.OperationOptions {
@@ -8740,7 +9713,10 @@ export declare interface ThreatIntelligenceIndicatorsListOptionalParams extends
 export declare type ThreatIntelligenceIndicatorsListResponse = ThreatIntelligenceInformationList;
 
 /** Threat intelligence information object. */
-export declare type ThreatIntelligenceInformation = ResourceWithEtag & ThreatIntelligenceResourceKind & {};
+export declare interface ThreatIntelligenceInformation extends ResourceWithEtag {
+    /** The kind of the entity. */
+    kind: ThreatIntelligenceResourceKindEnum;
+}
 
 /** List of all the threat intelligence information objects. */
 export declare interface ThreatIntelligenceInformationList {
@@ -8811,12 +9787,6 @@ export declare interface ThreatIntelligenceParsedPatternTypeValue {
     value?: string;
 }
 
-/** Describes an entity with kind. */
-export declare interface ThreatIntelligenceResourceKind {
-    /** The kind of the entity. */
-    kind: ThreatIntelligenceResourceKindEnum;
-}
-
 /**
  * Defines values for ThreatIntelligenceResourceKindEnum. \
  * {@link KnownThreatIntelligenceResourceKindEnum} can be used interchangeably with ThreatIntelligenceResourceKindEnum,
@@ -8846,25 +9816,26 @@ export declare interface ThreatIntelligenceSortingCriteria {
 export declare type ThreatIntelligenceSortingCriteriaEnum = string;
 
 /** Threat Intelligence Platforms data connector check requirements */
-export declare type TICheckRequirements = DataConnectorsCheckRequirements & {
+export declare interface TICheckRequirements extends DataConnectorsCheckRequirements {
     /** Polymorphic discriminator, which specifies the different types this object can be */
     kind: "ThreatIntelligence";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
-};
+}
 
 /** Threat Intelligence Platforms data connector required properties. */
-export declare type TICheckRequirementsProperties = DataConnectorTenantId & {};
+export declare interface TICheckRequirementsProperties extends DataConnectorTenantId {
+}
 
 /** Represents threat intelligence data connector. */
-export declare type TIDataConnector = DataConnector & {
+export declare interface TIDataConnector extends DataConnector {
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The lookback period for the feed to be imported. */
     tipLookbackPeriod?: Date;
     /** The available data types for the connector. */
     dataTypes?: TIDataConnectorDataTypes;
-};
+}
 
 /** The available data types for TI (Threat Intelligence) data connector. */
 export declare interface TIDataConnectorDataTypes {
@@ -8873,15 +9844,16 @@ export declare interface TIDataConnectorDataTypes {
 }
 
 /** Data type for indicators connection. */
-export declare type TIDataConnectorDataTypesIndicators = DataConnectorDataTypeCommon & {};
+export declare interface TIDataConnectorDataTypesIndicators extends DataConnectorDataTypeCommon {
+}
 
 /** TI (Threat Intelligence) data connector properties. */
-export declare type TIDataConnectorProperties = DataConnectorTenantId & {
+export declare interface TIDataConnectorProperties extends DataConnectorTenantId {
     /** The lookback period for the feed to be imported. */
     tipLookbackPeriod?: Date;
     /** The available data types for the connector. */
     dataTypes: TIDataConnectorDataTypes;
-};
+}
 
 /** timeline aggregation information per kind */
 export declare interface TimelineAggregation {
@@ -8912,18 +9884,19 @@ export declare interface TimelineResultsMetadata {
 }
 
 /** Threat Intelligence TAXII data connector check requirements */
-export declare type TiTaxiiCheckRequirements = DataConnectorsCheckRequirements & {
+export declare interface TiTaxiiCheckRequirements extends DataConnectorsCheckRequirements {
     /** Polymorphic discriminator, which specifies the different types this object can be */
     kind: "ThreatIntelligenceTaxii";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
-};
+}
 
 /** Threat Intelligence TAXII data connector required properties. */
-export declare type TiTaxiiCheckRequirementsProperties = DataConnectorTenantId & {};
+export declare interface TiTaxiiCheckRequirementsProperties extends DataConnectorTenantId {
+}
 
 /** Data connector to pull Threat intelligence data from TAXII 2.0/2.1 server */
-export declare type TiTaxiiDataConnector = DataConnector & {
+export declare interface TiTaxiiDataConnector extends DataConnector {
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The workspace id. */
@@ -8944,7 +9917,7 @@ export declare type TiTaxiiDataConnector = DataConnector & {
     pollingFrequency?: PollingFrequency;
     /** The available data types for Threat Intelligence TAXII data connector. */
     dataTypes?: TiTaxiiDataConnectorDataTypes;
-};
+}
 
 /** The available data types for Threat Intelligence TAXII data connector. */
 export declare interface TiTaxiiDataConnectorDataTypes {
@@ -8953,10 +9926,11 @@ export declare interface TiTaxiiDataConnectorDataTypes {
 }
 
 /** Data type for TAXII connector. */
-export declare type TiTaxiiDataConnectorDataTypesTaxiiClient = DataConnectorDataTypeCommon & {};
+export declare interface TiTaxiiDataConnectorDataTypesTaxiiClient extends DataConnectorDataTypeCommon {
+}
 
 /** Threat Intelligence TAXII data connector properties. */
-export declare type TiTaxiiDataConnectorProperties = DataConnectorTenantId & {
+export declare interface TiTaxiiDataConnectorProperties extends DataConnectorTenantId {
     /** The workspace id. */
     workspaceId?: string;
     /** The friendly name for the TAXII server. */
@@ -8975,7 +9949,7 @@ export declare type TiTaxiiDataConnectorProperties = DataConnectorTenantId & {
     pollingFrequency: PollingFrequency | null;
     /** The available data types for Threat Intelligence TAXII data connector. */
     dataTypes: TiTaxiiDataConnectorDataTypes;
-};
+}
 
 /** Defines values for TriggerOperator. */
 export declare type TriggerOperator = "GreaterThan" | "LessThan" | "Equal" | "NotEqual";
@@ -8985,7 +9959,8 @@ export declare type TriggerOperator = "GreaterThan" | "LessThan" | "Equal" | "No
  * {@link KnownTriggersOn} can be used interchangeably with TriggersOn,
  *  this enum contains the known values that the service supports.
  * ### Known values supported by the service
- * **Incidents**: Trigger on Incidents
+ * **Incidents**: Trigger on Incidents \
+ * **Alerts**: Trigger on Alerts
  */
 export declare type TriggersOn = string;
 
@@ -8994,15 +9969,16 @@ export declare type TriggersOn = string;
  * {@link KnownTriggersWhen} can be used interchangeably with TriggersWhen,
  *  this enum contains the known values that the service supports.
  * ### Known values supported by the service
- * **Created**: Trigger on created objects
+ * **Created**: Trigger on created objects \
+ * **Updated**: Trigger on updated objects
  */
 export declare type TriggersWhen = string;
 
 /** Settings with single toggle. */
-export declare type Ueba = Settings & {
+export declare interface Ueba extends Settings {
     /** The relevant data sources that enriched by ueba */
     dataSources?: UebaDataSources[];
-};
+}
 
 /**
  * Defines values for UebaDataSources. \
@@ -9017,7 +9993,7 @@ export declare type Ueba = Settings & {
 export declare type UebaDataSources = string;
 
 /** Represents a url entity. */
-export declare type UrlEntity = Entity & {
+export declare interface UrlEntity extends Entity {
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -9035,16 +10011,16 @@ export declare type UrlEntity = Entity & {
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly url?: string;
-};
+}
 
 /** Url entity property bag. */
-export declare type UrlEntityProperties = EntityCommonProperties & {
+export declare interface UrlEntityProperties extends EntityCommonProperties {
     /**
      * A full URL the entity points to
      * NOTE: This property will not be serialized. It can only be populated by the server.
      */
     readonly url?: string;
-};
+}
 
 /** User information that made some action */
 export declare interface UserInfo {
@@ -9062,16 +10038,28 @@ export declare interface UserInfo {
     objectId?: string;
 }
 
+/**
+ * Defines values for Version. \
+ * {@link KnownVersion} can be used interchangeably with Version,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **V1** \
+ * **V2**
+ */
+export declare type Version = string;
+
 /** Represents a Watchlist in Azure Security Insights. */
-export declare type Watchlist = ResourceWithEtag & {
+export declare interface Watchlist extends ResourceWithEtag {
     /** The id (a Guid) of the watchlist */
     watchlistId?: string;
     /** The display name of the watchlist */
     displayName?: string;
     /** The provider of the watchlist */
     provider?: string;
-    /** The source of the watchlist */
-    source?: Source;
+    /** The filename of the watchlist, called 'source' */
+    source?: string;
+    /** The sourceType of the watchlist */
+    sourceType?: SourceType;
     /** The time the watchlist was created */
     created?: Date;
     /** The last time the watchlist was updated */
@@ -9104,12 +10092,10 @@ export declare type Watchlist = ResourceWithEtag & {
     contentType?: string;
     /** The status of the Watchlist upload : New, InProgress or Complete. Pls note : When a Watchlist upload status is equal to InProgress, the Watchlist cannot be deleted */
     uploadStatus?: string;
-    /** The number of Watchlist Items in the Watchlist */
-    watchlistItemsCount?: number;
-};
+}
 
 /** Represents a Watchlist item in Azure Security Insights. */
-export declare type WatchlistItem = ResourceWithEtag & {
+export declare interface WatchlistItem extends ResourceWithEtag {
     /** The type of the watchlist item */
     watchlistItemType?: string;
     /** The id (a Guid) of the watchlist item */
@@ -9127,10 +10113,14 @@ export declare type WatchlistItem = ResourceWithEtag & {
     /** Describes a user that updated the watchlist item */
     updatedBy?: UserInfo;
     /** key-value pairs for a watchlist item */
-    itemsKeyValue?: Record<string, unknown>;
+    itemsKeyValue?: {
+        [propertyName: string]: any;
+    };
     /** key-value pairs for a watchlist item entity mapping */
-    entityMapping?: Record<string, unknown>;
-};
+    entityMapping?: {
+        [propertyName: string]: any;
+    };
+}
 
 /** List all the watchlist items. */
 export declare interface WatchlistItemList {
@@ -9203,6 +10193,8 @@ export declare type WatchlistItemsGetResponse = WatchlistItem;
 
 /** Optional parameters. */
 export declare interface WatchlistItemsListNextOptionalParams extends coreClient.OperationOptions {
+    /** Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. */
+    skipToken?: string;
 }
 
 /** Contains response data for the listNext operation. */
@@ -9210,6 +10202,8 @@ export declare type WatchlistItemsListNextResponse = WatchlistItemList;
 
 /** Optional parameters. */
 export declare interface WatchlistItemsListOptionalParams extends coreClient.OperationOptions {
+    /** Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. */
+    skipToken?: string;
 }
 
 /** Contains response data for the list operation. */
@@ -9250,11 +10244,14 @@ export declare interface Watchlists {
      * @param watchlistAlias Watchlist Alias
      * @param options The options parameters.
      */
-    delete(resourceGroupName: string, workspaceName: string, watchlistAlias: string, options?: WatchlistsDeleteOptionalParams): Promise<void>;
+    delete(resourceGroupName: string, workspaceName: string, watchlistAlias: string, options?: WatchlistsDeleteOptionalParams): Promise<WatchlistsDeleteResponse>;
     /**
-     * Creates or updates a watchlist and its watchlist items (bulk creation, e.g. through text/csv content
-     * type). To create a Watchlist and its items, we should call this endpoint with rawContent and
-     * contentType properties.
+     * Create or update a Watchlist and its Watchlist Items (bulk creation, e.g. through text/csv content
+     * type). To create a Watchlist and its Items, we should call this endpoint with either rawContent or a
+     * valid SAR URI and contentType properties. The rawContent is mainly used for small watchlist (content
+     * size below 3.8 MB). The SAS URI enables the creation of large watchlist, where the content size can
+     * go up to 500 MB. The status of processing such large file can be polled through the URL returned in
+     * Azure-AsyncOperation header.
      * @param resourceGroupName The name of the resource group. The name is case insensitive.
      * @param workspaceName The name of the workspace.
      * @param watchlistAlias Watchlist Alias
@@ -9264,6 +10261,12 @@ export declare interface Watchlists {
     createOrUpdate(resourceGroupName: string, workspaceName: string, watchlistAlias: string, watchlist: Watchlist, options?: WatchlistsCreateOrUpdateOptionalParams): Promise<WatchlistsCreateOrUpdateResponse>;
 }
 
+/** Defines headers for Watchlists_createOrUpdate operation. */
+export declare interface WatchlistsCreateOrUpdateHeaders {
+    /** Contains the status URL on which clients are expected to poll the status of the operation. */
+    azureAsyncOperation?: string;
+}
+
 /** Optional parameters. */
 export declare interface WatchlistsCreateOrUpdateOptionalParams extends coreClient.OperationOptions {
 }
@@ -9271,10 +10274,19 @@ export declare interface WatchlistsCreateOrUpdateOptionalParams extends coreClie
 /** Contains response data for the createOrUpdate operation. */
 export declare type WatchlistsCreateOrUpdateResponse = Watchlist;
 
+/** Defines headers for Watchlists_delete operation. */
+export declare interface WatchlistsDeleteHeaders {
+    /** Contains the status URL on which clients are expected to poll the status of the delete operation. */
+    azureAsyncOperation?: string;
+}
+
 /** Optional parameters. */
 export declare interface WatchlistsDeleteOptionalParams extends coreClient.OperationOptions {
 }
 
+/** Contains response data for the delete operation. */
+export declare type WatchlistsDeleteResponse = WatchlistsDeleteHeaders;
+
 /** Optional parameters. */
 export declare interface WatchlistsGetOptionalParams extends coreClient.OperationOptions {
 }
@@ -9284,6 +10296,8 @@ export declare type WatchlistsGetResponse = Watchlist;
 
 /** Optional parameters. */
 export declare interface WatchlistsListNextOptionalParams extends coreClient.OperationOptions {
+    /** Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. */
+    skipToken?: string;
 }
 
 /** Contains response data for the listNext operation. */
@@ -9291,9 +10305,23 @@ export declare type WatchlistsListNextResponse = WatchlistList;
 
 /** Optional parameters. */
 export declare interface WatchlistsListOptionalParams extends coreClient.OperationOptions {
+    /** Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. */
+    skipToken?: string;
 }
 
 /** Contains response data for the list operation. */
 export declare type WatchlistsListResponse = WatchlistList;
 
+/** Detail about the webhook object. */
+export declare interface Webhook {
+    /** Unique identifier for the webhook. */
+    webhookId?: string;
+    /** URL that gets invoked by the webhook. */
+    webhookUrl?: string;
+    /** Time when the webhook secret was updated. */
+    webhookSecretUpdateTime?: string;
+    /** A flag to instruct the backend service to rotate webhook secret. */
+    rotateWebhookSecret?: boolean;
+}
+
 export { }