@azure/arm-securityinsight 1.0.0-beta.4 → 1.0.0-beta.5

package/types/arm-securityinsight.d.ts

@@ -1,6 +1,8 @@
 import * as coreAuth from '@azure/core-auth';
 import * as coreClient from '@azure/core-client';
 import { PagedAsyncIterableIterator } from '@azure/core-paging';
+import { PollerLike } from '@azure/core-lro';
+import { PollOperationState } from '@azure/core-lro';
 
 /** Represents AAD (Azure Active Directory) requirements check request. */
 export declare interface AADCheckRequirements extends DataConnectorsCheckRequirements {
@@ -16,6 +18,8 @@ export declare interface AADCheckRequirementsProperties extends DataConnectorTen
 
 /** Represents AAD (Azure Active Directory) data connector. */
 export declare interface AADDataConnector extends DataConnector {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "AzureActiveDirectory";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
@@ -40,6 +44,8 @@ export declare interface AatpCheckRequirementsProperties extends DataConnectorTe
 
 /** Represents AATP (Azure Advanced Threat Protection) data connector. */
 export declare interface AatpDataConnector extends DataConnector {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "AzureAdvancedThreatProtection";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
@@ -52,6 +58,8 @@ export declare interface AatpDataConnectorProperties extends DataConnectorTenant
 
 /** Represents an account entity. */
 export declare interface AccountEntity extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Account";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -319,6 +327,8 @@ export declare type ActionType = string;
 
 /** Represents Activity entity query. */
 export declare interface ActivityCustomEntityQuery extends CustomEntityQuery {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Activity";
     /** The entity query title */
     title?: string;
     /** The entity query content to display in timeline */
@@ -359,6 +369,8 @@ export declare interface ActivityEntityQueriesPropertiesQueryDefinitions {
 
 /** Represents Activity entity query. */
 export declare interface ActivityEntityQuery extends EntityQuery {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Activity";
     /** The entity query title */
     title?: string;
     /** The entity query content to display in timeline */
@@ -393,6 +405,8 @@ export declare interface ActivityEntityQuery extends EntityQuery {
 
 /** Represents Activity entity query. */
 export declare interface ActivityEntityQueryTemplate extends EntityQueryTemplate {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Activity";
     /** The entity query title */
     title?: string;
     /** The entity query content to display in timeline */
@@ -696,6 +710,8 @@ export declare type AlertStatus = string;
 
 /** Settings with single toggle. */
 export declare interface Anomalies extends Settings {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Anomalies";
     /**
      * Determines whether the setting is enable or disabled.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -705,6 +721,8 @@ export declare interface Anomalies extends Settings {
 
 /** Represents Anomaly Security ML Analytics Settings */
 export declare interface AnomalySecurityMLAnalyticsSettings extends SecurityMLAnalyticsSetting {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Anomaly";
     /** The description of the SecurityMLAnalyticsSettings. */
     description?: string;
     /** The display name for settings created by this SecurityMLAnalyticsSettings. */
@@ -788,6 +806,8 @@ export declare interface ASCCheckRequirements extends DataConnectorsCheckRequire
 
 /** Represents ASC (Azure Security Center) data connector. */
 export declare interface ASCDataConnector extends DataConnector {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "AzureSecurityCenter";
     /** The available data types for the connector. */
     dataTypes?: AlertsDataTypeOfDataConnector;
     /** The subscription id to connect to, and get the data from. */
@@ -865,13 +885,28 @@ export declare interface AutomationRuleAction {
 
 export declare type AutomationRuleActionUnion = AutomationRuleAction | AutomationRuleModifyPropertiesAction | AutomationRuleRunPlaybookAction;
 
+export declare interface AutomationRuleBooleanCondition {
+    operator?: AutomationRuleBooleanConditionSupportedOperator;
+    innerConditions?: AutomationRuleConditionUnion[];
+}
+
+/**
+ * Defines values for AutomationRuleBooleanConditionSupportedOperator. \
+ * {@link KnownAutomationRuleBooleanConditionSupportedOperator} can be used interchangeably with AutomationRuleBooleanConditionSupportedOperator,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **And**: Evaluates as true if all the item conditions are evaluated as true \
+ * **Or**: Evaluates as true if at least one of the item conditions are evaluated as true
+ */
+export declare type AutomationRuleBooleanConditionSupportedOperator = string;
+
 /** Describes an automation rule condition. */
 export declare interface AutomationRuleCondition {
     /** Polymorphic discriminator, which specifies the different types this object can be */
-    conditionType: "PropertyArrayChanged" | "PropertyChanged" | "Property";
+    conditionType: "Boolean" | "PropertyArrayChanged" | "PropertyArray" | "PropertyChanged" | "Property";
 }
 
-export declare type AutomationRuleConditionUnion = AutomationRuleCondition | PropertyArrayChangedConditionProperties | PropertyChangedConditionProperties | PropertyConditionProperties;
+export declare type AutomationRuleConditionUnion = AutomationRuleCondition | BooleanConditionProperties | PropertyArrayChangedConditionProperties | PropertyArrayConditionProperties | PropertyChangedConditionProperties | PropertyConditionProperties;
 
 /** Describes an automation rule action to modify an object's properties */
 export declare interface AutomationRuleModifyPropertiesAction extends AutomationRuleAction {
@@ -906,6 +941,31 @@ export declare interface AutomationRulePropertyArrayChangedValuesCondition {
     changeType?: AutomationRulePropertyArrayChangedConditionSupportedChangeType;
 }
 
+/**
+ * Defines values for AutomationRulePropertyArrayConditionSupportedArrayConditionType. \
+ * {@link KnownAutomationRulePropertyArrayConditionSupportedArrayConditionType} can be used interchangeably with AutomationRulePropertyArrayConditionSupportedArrayConditionType,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **AnyItem**: Evaluate the condition as true if any item fulfills it
+ */
+export declare type AutomationRulePropertyArrayConditionSupportedArrayConditionType = string;
+
+/**
+ * Defines values for AutomationRulePropertyArrayConditionSupportedArrayType. \
+ * {@link KnownAutomationRulePropertyArrayConditionSupportedArrayType} can be used interchangeably with AutomationRulePropertyArrayConditionSupportedArrayType,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **CustomDetails**: Evaluate the condition on the custom detail keys \
+ * **CustomDetailValues**: Evaluate the condition on a custom detail's values
+ */
+export declare type AutomationRulePropertyArrayConditionSupportedArrayType = string;
+
+export declare interface AutomationRulePropertyArrayValuesCondition {
+    arrayType?: AutomationRulePropertyArrayConditionSupportedArrayType;
+    arrayConditionType?: AutomationRulePropertyArrayConditionSupportedArrayConditionType;
+    itemConditions?: AutomationRuleConditionUnion[];
+}
+
 /**
  * Defines values for AutomationRulePropertyChangedConditionSupportedChangedType. \
  * {@link KnownAutomationRulePropertyChangedConditionSupportedChangedType} can be used interchangeably with AutomationRulePropertyChangedConditionSupportedChangedType,
@@ -956,6 +1016,9 @@ export declare type AutomationRulePropertyConditionSupportedOperator = string;
  * **IncidentTactics**: The tactics of the incident \
  * **IncidentLabel**: The labels of the incident \
  * **IncidentProviderName**: The provider name of the incident \
+ * **IncidentUpdatedBySource**: The update source of the incident \
+ * **IncidentCustomDetailsKey**: The incident custom detail key \
+ * **IncidentCustomDetailsValue**: The incident custom detail value \
  * **AccountAadTenantId**: The account Azure Active Directory tenant id \
  * **AccountAadUserId**: The account Azure Active Directory user id \
  * **AccountName**: The account name \
@@ -1132,6 +1195,8 @@ export declare interface AwsCloudTrailCheckRequirements extends DataConnectorsCh
 
 /** Represents Amazon Web Services CloudTrail data connector. */
 export declare interface AwsCloudTrailDataConnector extends DataConnector {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "AmazonWebServicesCloudTrail";
     /** The Aws Role Arn (with CloudTrailReadOnly policy) that is used to access the Aws account. */
     awsRoleArn?: string;
     /** The available data types for the connector. */
@@ -1156,6 +1221,8 @@ export declare interface AwsS3CheckRequirements extends DataConnectorsCheckRequi
 
 /** Represents Amazon Web Services S3 data connector. */
 export declare interface AwsS3DataConnector extends DataConnector {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "AmazonWebServicesS3";
     /** The logs destination table name in LogAnalytics. */
     destinationTable?: string;
     /** The AWS sqs urls for the connector. */
@@ -1186,6 +1253,8 @@ export declare interface AzureDevOpsResourceInfo {
 
 /** Represents an azure resource entity. */
 export declare interface AzureResourceEntity extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "AzureResource";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -1503,6 +1572,13 @@ export declare interface BookmarkTimelineItem extends EntityTimelineItem {
     labels?: string[];
 }
 
+/** Describes an automation rule condition that applies a boolean operator (e.g AND, OR) to conditions */
+export declare interface BooleanConditionProperties extends AutomationRuleCondition {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    conditionType: "Boolean";
+    conditionProperties?: AutomationRuleBooleanCondition;
+}
+
 /** Information on the client (user or application) that made some action */
 export declare interface ClientInfo {
     /** The email of the client. */
@@ -1517,6 +1593,8 @@ export declare interface ClientInfo {
 
 /** Represents a cloud application entity. */
 export declare interface CloudApplicationEntity extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "CloudApplication";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -1587,6 +1665,8 @@ export declare interface CloudErrorBody {
 
 /** Represents Codeless API Polling data connector. */
 export declare interface CodelessApiPollingDataConnector extends DataConnector {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "APIPolling";
     /** Config to describe the instructions blade */
     connectorUiConfig?: CodelessUiConnectorConfigProperties;
     /** Config to describe the polling instructions */
@@ -1744,6 +1824,8 @@ export declare interface CodelessUiConnectorConfigPropertiesSampleQueriesItem ex
 
 /** Represents Codeless UI data connector. */
 export declare interface CodelessUiDataConnector extends DataConnector {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "GenericUI";
     /** Config to describe the instructions blade */
     connectorUiConfig?: CodelessUiConnectorConfigProperties;
 }
@@ -1754,8 +1836,10 @@ export declare interface CodelessUiDataConnector extends DataConnector {
  *  this enum contains the known values that the service supports.
  * ### Known values supported by the service
  * **Property**: Evaluate an object property value \
+ * **PropertyArray**: Evaluate an object array property value \
  * **PropertyChanged**: Evaluate an object property changed value \
- * **PropertyArrayChanged**: Evaluate an object array property changed value
+ * **PropertyArrayChanged**: Evaluate an object array property changed value \
+ * **Boolean**: Apply a boolean operator (e.g AND, OR) to conditions
  */
 export declare type ConditionType = string;
 
@@ -2140,6 +2224,17 @@ export declare interface DataTypeDefinitions {
  */
 export declare type DataTypeState = string;
 
+/**
+ * Defines values for DeleteStatus. \
+ * {@link KnownDeleteStatus} can be used interchangeably with DeleteStatus,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **Deleted**: The file was deleted. \
+ * **NotDeleted**: The file was not deleted. \
+ * **Unspecified**: Unspecified
+ */
+export declare type DeleteStatus = string;
+
 /** Defines values for DeliveryAction. */
 export declare type DeliveryAction = "Unknown" | "DeliveredAsSpam" | "Delivered" | "Blocked" | "Replaced";
 
@@ -2218,6 +2313,8 @@ export declare type DeviceImportance = string;
 
 /** Represents a dns entity. */
 export declare interface DnsEntity extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "DnsResolution";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -2308,6 +2405,8 @@ export declare interface Dynamics365CheckRequirementsProperties extends DataConn
 
 /** Represents Dynamics365 data connector. */
 export declare interface Dynamics365DataConnector extends DataConnector {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Dynamics365";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
@@ -2609,6 +2708,8 @@ export declare interface Entity extends Resource {
 
 /** Settings with single toggle. */
 export declare interface EntityAnalytics extends Settings {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "EntityAnalytics";
     /** The relevant entity providers that are synced */
     entityProviders?: EntityProviders[];
 }
@@ -3131,6 +3232,8 @@ export declare interface EventGroupingSettings {
 
 /** Represents Expansion entity query. */
 export declare interface ExpansionEntityQuery extends EntityQuery {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Expansion";
     /** List of the data sources that are required to run the query */
     dataSources?: string[];
     /** The query display name */
@@ -3165,6 +3268,8 @@ export declare interface ExpansionResultsMetadata {
 
 /** Settings with single toggle. */
 export declare interface EyesOn extends Settings {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "EyesOn";
     /**
      * Determines whether the setting is enable or disabled.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -3182,6 +3287,8 @@ export declare interface FieldMapping {
 
 /** Represents a file entity. */
 export declare interface FileEntity extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "File";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -3240,6 +3347,17 @@ export declare interface FileEntityProperties extends EntityCommonProperties {
     readonly hostEntityId?: string;
 }
 
+/**
+ * Defines values for FileFormat. \
+ * {@link KnownFileFormat} can be used interchangeably with FileFormat,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **CSV**: A CSV file. \
+ * **JSON**: A JSON file. \
+ * **Unspecified**: A file of other format.
+ */
+export declare type FileFormat = string;
+
 /**
  * Defines values for FileHashAlgorithm. \
  * {@link KnownFileHashAlgorithm} can be used interchangeably with FileHashAlgorithm,
@@ -3255,6 +3373,8 @@ export declare type FileHashAlgorithm = string;
 
 /** Represents a file hash entity. */
 export declare interface FileHashEntity extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "FileHash";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -3293,8 +3413,223 @@ export declare interface FileHashEntityProperties extends EntityCommonProperties
     readonly hashValue?: string;
 }
 
+/** Represents a file import in Azure Security Insights. */
+export declare interface FileImport extends Resource {
+    /** Describes how to ingest the records in the file. */
+    ingestionMode?: IngestionMode;
+    /** The content type of this file. */
+    contentType?: FileImportContentType;
+    /**
+     * The time the file was imported.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly createdTimeUTC?: Date;
+    /**
+     * Represents the error file (if the import was ingested with errors or failed the validation).
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly errorFile?: FileMetadata;
+    /**
+     * An ordered list of some of the errors that were encountered during validation.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly errorsPreview?: ValidationError[];
+    /** Represents the imported file. */
+    importFile?: FileMetadata;
+    /**
+     * The number of records that have been successfully ingested.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly ingestedRecordCount?: number;
+    /** The source for the data in the file. */
+    source?: string;
+    /**
+     * The state of the file import.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly state?: FileImportState;
+    /**
+     * The number of records in the file.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly totalRecordCount?: number;
+    /**
+     * The number of records that have passed validation.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly validRecordCount?: number;
+    /**
+     * The time the files associated with this import are deleted from the storage account.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly filesValidUntilTimeUTC?: Date;
+    /**
+     * The time the file import record is soft deleted from the database and history.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly importValidUntilTimeUTC?: Date;
+}
+
+/**
+ * Defines values for FileImportContentType. \
+ * {@link KnownFileImportContentType} can be used interchangeably with FileImportContentType,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **BasicIndicator**: File containing records with the core fields of an indicator, plus the observables to construct the STIX pattern. \
+ * **StixIndicator**: File containing STIX indicators. \
+ * **Unspecified**: File containing other records.
+ */
+export declare type FileImportContentType = string;
+
+/** List all the file imports. */
+export declare interface FileImportList {
+    /**
+     * URL to fetch the next set of file imports.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly nextLink?: string;
+    /** Array of file imports. */
+    value: FileImport[];
+}
+
+/** Interface representing a FileImports. */
+export declare interface FileImports {
+    /**
+     * Gets all file imports.
+     * @param resourceGroupName The name of the resource group. The name is case insensitive.
+     * @param workspaceName The name of the workspace.
+     * @param options The options parameters.
+     */
+    list(resourceGroupName: string, workspaceName: string, options?: FileImportsListOptionalParams): PagedAsyncIterableIterator<FileImport>;
+    /**
+     * Gets a file import.
+     * @param resourceGroupName The name of the resource group. The name is case insensitive.
+     * @param workspaceName The name of the workspace.
+     * @param fileImportId File import ID
+     * @param options The options parameters.
+     */
+    get(resourceGroupName: string, workspaceName: string, fileImportId: string, options?: FileImportsGetOptionalParams): Promise<FileImportsGetResponse>;
+    /**
+     * Creates the file import.
+     * @param resourceGroupName The name of the resource group. The name is case insensitive.
+     * @param workspaceName The name of the workspace.
+     * @param fileImportId File import ID
+     * @param fileImport The file import
+     * @param options The options parameters.
+     */
+    create(resourceGroupName: string, workspaceName: string, fileImportId: string, fileImport: FileImport, options?: FileImportsCreateOptionalParams): Promise<FileImportsCreateResponse>;
+    /**
+     * Delete the file import.
+     * @param resourceGroupName The name of the resource group. The name is case insensitive.
+     * @param workspaceName The name of the workspace.
+     * @param fileImportId File import ID
+     * @param options The options parameters.
+     */
+    beginDelete(resourceGroupName: string, workspaceName: string, fileImportId: string, options?: FileImportsDeleteOptionalParams): Promise<PollerLike<PollOperationState<FileImportsDeleteResponse>, FileImportsDeleteResponse>>;
+    /**
+     * Delete the file import.
+     * @param resourceGroupName The name of the resource group. The name is case insensitive.
+     * @param workspaceName The name of the workspace.
+     * @param fileImportId File import ID
+     * @param options The options parameters.
+     */
+    beginDeleteAndWait(resourceGroupName: string, workspaceName: string, fileImportId: string, options?: FileImportsDeleteOptionalParams): Promise<FileImportsDeleteResponse>;
+}
+
+/** Optional parameters. */
+export declare interface FileImportsCreateOptionalParams extends coreClient.OperationOptions {
+}
+
+/** Contains response data for the create operation. */
+export declare type FileImportsCreateResponse = FileImport;
+
+/** Optional parameters. */
+export declare interface FileImportsDeleteOptionalParams extends coreClient.OperationOptions {
+    /** Delay to wait until next poll, in milliseconds. */
+    updateIntervalInMs?: number;
+    /** A serialized poller which can be used to resume an existing paused Long-Running-Operation. */
+    resumeFrom?: string;
+}
+
+/** Contains response data for the delete operation. */
+export declare type FileImportsDeleteResponse = FileImport;
+
+/** Optional parameters. */
+export declare interface FileImportsGetOptionalParams extends coreClient.OperationOptions {
+}
+
+/** Contains response data for the get operation. */
+export declare type FileImportsGetResponse = FileImport;
+
+/** Optional parameters. */
+export declare interface FileImportsListNextOptionalParams extends coreClient.OperationOptions {
+    /** Filters the results, based on a Boolean condition. Optional. */
+    filter?: string;
+    /** Sorts the results. Optional. */
+    orderby?: string;
+    /** Returns only the first n results. Optional. */
+    top?: number;
+    /** Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. */
+    skipToken?: string;
+}
+
+/** Contains response data for the listNext operation. */
+export declare type FileImportsListNextResponse = FileImportList;
+
+/** Optional parameters. */
+export declare interface FileImportsListOptionalParams extends coreClient.OperationOptions {
+    /** Filters the results, based on a Boolean condition. Optional. */
+    filter?: string;
+    /** Sorts the results. Optional. */
+    orderby?: string;
+    /** Returns only the first n results. Optional. */
+    top?: number;
+    /** Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. */
+    skipToken?: string;
+}
+
+/** Contains response data for the list operation. */
+export declare type FileImportsListResponse = FileImportList;
+
+/**
+ * Defines values for FileImportState. \
+ * {@link KnownFileImportState} can be used interchangeably with FileImportState,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **FatalError**: A fatal error has occurred while ingesting the file. \
+ * **Ingested**: The file has been ingested. \
+ * **IngestedWithErrors**: The file has been ingested with errors. \
+ * **InProgress**: The file ingestion is in progress. \
+ * **Invalid**: The file is invalid. \
+ * **WaitingForUpload**: Waiting for the file to be uploaded. \
+ * **Unspecified**: Unspecified state.
+ */
+export declare type FileImportState = string;
+
+/** Represents a file. */
+export declare interface FileMetadata {
+    /** The format of the file */
+    fileFormat?: FileFormat;
+    /** The name of the file. */
+    fileName?: string;
+    /** The size of the file. */
+    fileSize?: number;
+    /**
+     * A URI with a valid SAS token to allow uploading / downloading the file.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly fileContentUri?: string;
+    /**
+     * Indicates whether the file was deleted from the storage account.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly deleteStatus?: DeleteStatus;
+}
+
 /** Represents Fusion alert rule. */
 export declare interface FusionAlertRule extends AlertRule {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Fusion";
     /** The Name of the alert rule template used to create this rule. */
     alertRuleTemplateName?: string;
     /**
@@ -3337,6 +3672,8 @@ export declare interface FusionAlertRule extends AlertRule {
 
 /** Represents Fusion alert rule template. */
 export declare interface FusionAlertRuleTemplate extends AlertRuleTemplate {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Fusion";
     /** the number of alert rules that were created by this template */
     alertRulesCreatedByTemplateCount?: number;
     /**
@@ -3556,6 +3893,8 @@ export declare interface GroupingConfiguration {
 
 /** Represents a host entity. */
 export declare interface HostEntity extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Host";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -3660,6 +3999,8 @@ export declare interface HostEntityProperties extends EntityCommonProperties {
 
 /** Represents a Hunting bookmark entity. */
 export declare interface HuntingBookmark extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Bookmark";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -4351,6 +4692,17 @@ export declare type IncidentsRunPlaybookResponse = Record<string, unknown>;
  */
 export declare type IncidentStatus = string;
 
+/**
+ * Defines values for IngestionMode. \
+ * {@link KnownIngestionMode} can be used interchangeably with IngestionMode,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **IngestOnlyIfAllAreValid**: No records should be ingested when invalid records are detected. \
+ * **IngestAnyValidRecords**: Valid records should still be ingested when invalid records are detected. \
+ * **Unspecified**: Unspecified
+ */
+export declare type IngestionMode = string;
+
 /** Represents Insight Query. */
 export declare interface InsightQueryItem extends EntityQueryItem {
     /** Polymorphic discriminator, which specifies the different types this object can be */
@@ -4474,6 +4826,8 @@ export declare interface IoTCheckRequirements extends DataConnectorsCheckRequire
 
 /** Represents IoT data connector. */
 export declare interface IoTDataConnector extends DataConnector {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "IOT";
     /** The available data types for the connector. */
     dataTypes?: AlertsDataTypeOfDataConnector;
     /** The subscription id to connect to, and get the data from. */
@@ -4488,6 +4842,8 @@ export declare interface IoTDataConnectorProperties extends DataConnectorWithAle
 
 /** Represents an IoT device entity. */
 export declare interface IoTDeviceEntity extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "IoTDevice";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -4782,6 +5138,8 @@ export declare interface IoTDeviceEntityProperties extends EntityCommonPropertie
 
 /** Represents an ip entity. */
 export declare interface IpEntity extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Ip";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5003,6 +5361,14 @@ export declare enum KnownAttackTactic {
     InhibitResponseFunction = "InhibitResponseFunction"
 }
 
+/** Known values of {@link AutomationRuleBooleanConditionSupportedOperator} that the service accepts. */
+export declare enum KnownAutomationRuleBooleanConditionSupportedOperator {
+    /** Evaluates as true if all the item conditions are evaluated as true */
+    And = "And",
+    /** Evaluates as true if at least one of the item conditions are evaluated as true */
+    Or = "Or"
+}
+
 /** Known values of {@link AutomationRulePropertyArrayChangedConditionSupportedArrayType} that the service accepts. */
 export declare enum KnownAutomationRulePropertyArrayChangedConditionSupportedArrayType {
     /** Evaluate the condition on the alerts */
@@ -5021,6 +5387,20 @@ export declare enum KnownAutomationRulePropertyArrayChangedConditionSupportedCha
     Added = "Added"
 }
 
+/** Known values of {@link AutomationRulePropertyArrayConditionSupportedArrayConditionType} that the service accepts. */
+export declare enum KnownAutomationRulePropertyArrayConditionSupportedArrayConditionType {
+    /** Evaluate the condition as true if any item fulfills it */
+    AnyItem = "AnyItem"
+}
+
+/** Known values of {@link AutomationRulePropertyArrayConditionSupportedArrayType} that the service accepts. */
+export declare enum KnownAutomationRulePropertyArrayConditionSupportedArrayType {
+    /** Evaluate the condition on the custom detail keys */
+    CustomDetails = "CustomDetails",
+    /** Evaluate the condition on a custom detail's values */
+    CustomDetailValues = "CustomDetailValues"
+}
+
 /** Known values of {@link AutomationRulePropertyChangedConditionSupportedChangedType} that the service accepts. */
 export declare enum KnownAutomationRulePropertyChangedConditionSupportedChangedType {
     /** Evaluate the condition on the previous value of the property */
@@ -5077,6 +5457,12 @@ export declare enum KnownAutomationRulePropertyConditionSupportedProperty {
     IncidentLabel = "IncidentLabel",
     /** The provider name of the incident */
     IncidentProviderName = "IncidentProviderName",
+    /** The update source of the incident */
+    IncidentUpdatedBySource = "IncidentUpdatedBySource",
+    /** The incident custom detail key */
+    IncidentCustomDetailsKey = "IncidentCustomDetailsKey",
+    /** The incident custom detail value */
+    IncidentCustomDetailsValue = "IncidentCustomDetailsValue",
     /** The account Azure Active Directory tenant id */
     AccountAadTenantId = "AccountAadTenantId",
     /** The account Azure Active Directory user id */
@@ -5177,10 +5563,14 @@ export declare enum KnownAutomationRulePropertyConditionSupportedProperty {
 export declare enum KnownConditionType {
     /** Evaluate an object property value */
     Property = "Property",
+    /** Evaluate an object array property value */
+    PropertyArray = "PropertyArray",
     /** Evaluate an object property changed value */
     PropertyChanged = "PropertyChanged",
     /** Evaluate an object array property changed value */
-    PropertyArrayChanged = "PropertyArrayChanged"
+    PropertyArrayChanged = "PropertyArrayChanged",
+    /** Apply a boolean operator (e.g AND, OR) to conditions */
+    Boolean = "Boolean"
 }
 
 /** Known values of {@link ConfidenceLevel} that the service accepts. */
@@ -5317,6 +5707,16 @@ export declare enum KnownDataTypeState {
     Disabled = "Disabled"
 }
 
+/** Known values of {@link DeleteStatus} that the service accepts. */
+export declare enum KnownDeleteStatus {
+    /** The file was deleted. */
+    Deleted = "Deleted",
+    /** The file was not deleted. */
+    NotDeleted = "NotDeleted",
+    /** Unspecified */
+    Unspecified = "Unspecified"
+}
+
 /** Known values of {@link DeploymentFetchStatus} that the service accepts. */
 export declare enum KnownDeploymentFetchStatus {
     /** Success */
@@ -5555,6 +5955,16 @@ export declare enum KnownEventGroupingAggregationKind {
     AlertPerResult = "AlertPerResult"
 }
 
+/** Known values of {@link FileFormat} that the service accepts. */
+export declare enum KnownFileFormat {
+    /** A CSV file. */
+    CSV = "CSV",
+    /** A JSON file. */
+    Json = "JSON",
+    /** A file of other format. */
+    Unspecified = "Unspecified"
+}
+
 /** Known values of {@link FileHashAlgorithm} that the service accepts. */
 export declare enum KnownFileHashAlgorithm {
     /** Unknown hash algorithm */
@@ -5569,6 +5979,34 @@ export declare enum KnownFileHashAlgorithm {
     SHA256AC = "SHA256AC"
 }
 
+/** Known values of {@link FileImportContentType} that the service accepts. */
+export declare enum KnownFileImportContentType {
+    /** File containing records with the core fields of an indicator, plus the observables to construct the STIX pattern. */
+    BasicIndicator = "BasicIndicator",
+    /** File containing STIX indicators. */
+    StixIndicator = "StixIndicator",
+    /** File containing other records. */
+    Unspecified = "Unspecified"
+}
+
+/** Known values of {@link FileImportState} that the service accepts. */
+export declare enum KnownFileImportState {
+    /** A fatal error has occurred while ingesting the file. */
+    FatalError = "FatalError",
+    /** The file has been ingested. */
+    Ingested = "Ingested",
+    /** The file has been ingested with errors. */
+    IngestedWithErrors = "IngestedWithErrors",
+    /** The file ingestion is in progress. */
+    InProgress = "InProgress",
+    /** The file is invalid. */
+    Invalid = "Invalid",
+    /** Waiting for the file to be uploaded. */
+    WaitingForUpload = "WaitingForUpload",
+    /** Unspecified state. */
+    Unspecified = "Unspecified"
+}
+
 /** Known values of {@link GetInsightsError} that the service accepts. */
 export declare enum KnownGetInsightsError {
     /** Insight */
@@ -5629,6 +6067,16 @@ export declare enum KnownIncidentStatus {
     Closed = "Closed"
 }
 
+/** Known values of {@link IngestionMode} that the service accepts. */
+export declare enum KnownIngestionMode {
+    /** No records should be ingested when invalid records are detected. */
+    IngestOnlyIfAllAreValid = "IngestOnlyIfAllAreValid",
+    /** Valid records should still be ingested when invalid records are detected. */
+    IngestAnyValidRecords = "IngestAnyValidRecords",
+    /** Unspecified */
+    Unspecified = "Unspecified"
+}
+
 /** Known values of {@link KillChainIntent} that the service accepts. */
 export declare enum KnownKillChainIntent {
     /** The default value. */
@@ -5983,6 +6431,8 @@ export declare interface LastDataReceivedDataType {
 
 /** Represents a mailbox entity. */
 export declare interface MailboxEntity extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Mailbox";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -6043,6 +6493,8 @@ export declare interface MailboxEntityProperties extends EntityCommonProperties
 
 /** Represents a mail cluster entity. */
 export declare interface MailClusterEntity extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "MailCluster";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -6213,6 +6665,8 @@ export declare interface MailClusterEntityProperties extends EntityCommonPropert
 
 /** Represents a mail message entity. */
 export declare interface MailMessageEntity extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "MailMessage";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -6435,6 +6889,8 @@ export declare interface MailMessageEntityProperties extends EntityCommonPropert
 
 /** Represents a malware entity. */
 export declare interface MalwareEntity extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Malware";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -6495,7 +6951,7 @@ export declare interface MalwareEntityProperties extends EntityCommonProperties
 
 export declare interface ManualTriggerRequestBody {
     tenantId?: string;
-    logicAppsResourceId?: string;
+    logicAppsResourceId: string;
 }
 
 /**
@@ -6523,6 +6979,8 @@ export declare interface McasCheckRequirementsProperties extends DataConnectorTe
 
 /** Represents MCAS (Microsoft Cloud App Security) data connector. */
 export declare interface McasDataConnector extends DataConnector {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "MicrosoftCloudAppSecurity";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
@@ -6555,6 +7013,8 @@ export declare interface MdatpCheckRequirementsProperties extends DataConnectorT
 
 /** Represents MDATP (Microsoft Defender Advanced Threat Protection) data connector. */
 export declare interface MdatpDataConnector extends DataConnector {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "MicrosoftDefenderAdvancedThreatProtection";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
@@ -6818,6 +7278,8 @@ export declare type MetadataUpdateResponse = MetadataModel;
 
 /** Represents MicrosoftSecurityIncidentCreation rule. */
 export declare interface MicrosoftSecurityIncidentCreationAlertRule extends AlertRule {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "MicrosoftSecurityIncidentCreation";
     /** the alerts' displayNames on which the cases will be generated */
     displayNamesFilter?: string[];
     /** the alerts' displayNames on which the cases will not be generated */
@@ -6872,6 +7334,8 @@ export declare interface MicrosoftSecurityIncidentCreationAlertRuleProperties ex
 
 /** Represents MicrosoftSecurityIncidentCreation rule template. */
 export declare interface MicrosoftSecurityIncidentCreationAlertRuleTemplate extends AlertRuleTemplate {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "MicrosoftSecurityIncidentCreation";
     /** the number of alert rules that were created by this template */
     alertRulesCreatedByTemplateCount?: number;
     /**
@@ -6931,6 +7395,8 @@ export declare type MicrosoftSecurityProductName = string;
 
 /** Represents MLBehaviorAnalytics alert rule. */
 export declare interface MLBehaviorAnalyticsAlertRule extends AlertRule {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "MLBehaviorAnalytics";
     /** The Name of the alert rule template used to create this rule. */
     alertRuleTemplateName?: string;
     /**
@@ -6969,6 +7435,8 @@ export declare interface MLBehaviorAnalyticsAlertRule extends AlertRule {
 
 /** Represents MLBehaviorAnalytics alert rule template. */
 export declare interface MLBehaviorAnalyticsAlertRuleTemplate extends AlertRuleTemplate {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "MLBehaviorAnalytics";
     /** the number of alert rules that were created by this template */
     alertRulesCreatedByTemplateCount?: number;
     /**
@@ -7017,6 +7485,8 @@ export declare interface MstiCheckRequirementsProperties extends DataConnectorTe
 
 /** Represents Microsoft Threat Intelligence data connector. */
 export declare interface MstiDataConnector extends DataConnector {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "MicrosoftThreatIntelligence";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
@@ -7063,6 +7533,8 @@ export declare interface MTPCheckRequirementsProperties extends DataConnectorTen
 
 /** Represents MTP (Microsoft Threat Protection) data connector. */
 export declare interface MTPDataConnector extends DataConnector {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "MicrosoftThreatProtection";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
@@ -7087,6 +7559,8 @@ export declare interface MTPDataConnectorProperties extends DataConnectorTenantI
 
 /** Represents an network interface entity. */
 export declare interface NicEntity extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Nic";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -7137,6 +7611,8 @@ export declare interface NicEntityProperties extends EntityCommonProperties {
 
 /** Represents NRT alert rule. */
 export declare interface NrtAlertRule extends AlertRule {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "NRT";
     /** The Name of the alert rule template used to create this rule. */
     alertRuleTemplateName?: string;
     /** The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2> */
@@ -7174,10 +7650,14 @@ export declare interface NrtAlertRule extends AlertRule {
     entityMappings?: EntityMapping[];
     /** The alert details override settings */
     alertDetailsOverride?: AlertDetailsOverride;
+    /** The event grouping settings. */
+    eventGroupingSettings?: EventGroupingSettings;
 }
 
 /** Represents NRT alert rule template. */
 export declare interface NrtAlertRuleTemplate extends AlertRuleTemplate {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "NRT";
     /** the number of alert rules that were created by this template */
     alertRulesCreatedByTemplateCount?: number;
     /**
@@ -7216,6 +7696,8 @@ export declare interface NrtAlertRuleTemplate extends AlertRuleTemplate {
     entityMappings?: EntityMapping[];
     /** The alert details override settings */
     alertDetailsOverride?: AlertDetailsOverride;
+    /** The event grouping settings. */
+    eventGroupingSettings?: EventGroupingSettings;
 }
 
 /** NRT alert rule template properties */
@@ -7246,6 +7728,8 @@ export declare interface Office365ProjectConnectorDataTypesLogs extends DataConn
 
 /** Represents Office Microsoft Project data connector. */
 export declare interface Office365ProjectDataConnector extends DataConnector {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Office365Project";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
@@ -7272,6 +7756,8 @@ export declare interface OfficeATPCheckRequirementsProperties extends DataConnec
 
 /** Represents OfficeATP (Office 365 Advanced Threat Protection) data connector. */
 export declare interface OfficeATPDataConnector extends DataConnector {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "OfficeATP";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
@@ -7355,6 +7841,8 @@ export declare type OfficeConsentsListResponse = OfficeConsentList;
 
 /** Represents office data connector. */
 export declare interface OfficeDataConnector extends DataConnector {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Office365";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
@@ -7403,6 +7891,8 @@ export declare interface OfficeIRMCheckRequirementsProperties extends DataConnec
 
 /** Represents OfficeIRM (Microsoft Insider Risk Management) data connector. */
 export declare interface OfficeIRMDataConnector extends DataConnector {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "OfficeIRM";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
@@ -7437,6 +7927,8 @@ export declare interface OfficePowerBIConnectorDataTypesLogs extends DataConnect
 
 /** Represents Office Microsoft PowerBI data connector. */
 export declare interface OfficePowerBIDataConnector extends DataConnector {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "OfficePowerBI";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The available data types for the connector. */
@@ -7589,6 +8081,8 @@ export declare type PollingFrequency = string;
 
 /** Represents a process entity. */
 export declare interface ProcessEntity extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Process";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -7759,6 +8253,13 @@ export declare interface PropertyArrayChangedConditionProperties extends Automat
     conditionProperties?: AutomationRulePropertyArrayChangedValuesCondition;
 }
 
+/** Describes an automation rule condition that evaluates an array property's value */
+export declare interface PropertyArrayConditionProperties extends AutomationRuleCondition {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    conditionType: "PropertyArray";
+    conditionProperties?: AutomationRulePropertyArrayValuesCondition;
+}
+
 /** Describes an automation rule condition that evaluates a property's value change */
 export declare interface PropertyChangedConditionProperties extends AutomationRuleCondition {
     /** Polymorphic discriminator, which specifies the different types this object can be */
@@ -7803,6 +8304,8 @@ export declare interface QueryBasedAlertRuleTemplateProperties {
     entityMappings?: EntityMapping[];
     /** The alert details override settings */
     alertDetailsOverride?: AlertDetailsOverride;
+    /** The event grouping settings. */
+    eventGroupingSettings?: EventGroupingSettings;
 }
 
 /**
@@ -7825,6 +8328,8 @@ export declare type RegistryHive = string;
 
 /** Represents a registry key entity. */
 export declare interface RegistryKeyEntity extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "RegistryKey";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -7865,6 +8370,8 @@ export declare interface RegistryKeyEntityProperties extends EntityCommonPropert
 
 /** Represents a registry value entity. */
 export declare interface RegistryValueEntity extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "RegistryValue";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -8092,6 +8599,8 @@ export declare interface SampleQueries {
 
 /** Represents scheduled alert rule. */
 export declare interface ScheduledAlertRule extends AlertRule {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Scheduled";
     /** The query that creates alerts for this rule. */
     query?: string;
     /** The frequency (in ISO 8601 duration format) for this alert rule to run. */
@@ -8198,6 +8707,8 @@ export declare interface ScheduledAlertRuleProperties extends ScheduledAlertRule
 
 /** Represents scheduled alert rule template. */
 export declare interface ScheduledAlertRuleTemplate extends AlertRuleTemplate {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Scheduled";
     /** the number of alert rules that were created by this template */
     alertRulesCreatedByTemplateCount?: number;
     /**
@@ -8250,6 +8761,8 @@ export declare interface ScheduledAlertRuleTemplate extends AlertRuleTemplate {
 
 /** Represents a security alert entity. */
 export declare interface SecurityAlert extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "SecurityAlert";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -8552,6 +9065,8 @@ export declare interface SecurityAlertTimelineItem extends EntityTimelineItem {
 
 /** Represents a security group entity. */
 export declare interface SecurityGroupEntity extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "SecurityGroup";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -8629,6 +9144,7 @@ export declare class SecurityInsights extends coreClient.ServiceClient {
     entityRelations: EntityRelations;
     entityQueries: EntityQueries;
     entityQueryTemplates: EntityQueryTemplates;
+    fileImports: FileImports;
     incidentComments: IncidentComments;
     incidentRelations: IncidentRelations;
     metadata: Metadata;
@@ -9034,6 +9550,8 @@ export declare type SourceType = string;
 
 /** Represents a submission mail entity. */
 export declare interface SubmissionMailEntity extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "SubmissionMail";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -9267,6 +9785,8 @@ export declare interface ThreatIntelligence {
 
 /** Represents Threat Intelligence alert rule. */
 export declare interface ThreatIntelligenceAlertRule extends AlertRule {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "ThreatIntelligence";
     /** The Name of the alert rule template used to create this rule. */
     alertRuleTemplateName?: string;
     /**
@@ -9305,6 +9825,8 @@ export declare interface ThreatIntelligenceAlertRule extends AlertRule {
 
 /** Represents Threat Intelligence alert rule template. */
 export declare interface ThreatIntelligenceAlertRuleTemplate extends AlertRuleTemplate {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "ThreatIntelligence";
     /** the number of alert rules that were created by this template */
     alertRulesCreatedByTemplateCount?: number;
     /**
@@ -9516,6 +10038,8 @@ export declare type ThreatIntelligenceIndicatorMetricsListResponse = ThreatIntel
 
 /** Threat intelligence indicator entity. */
 export declare interface ThreatIntelligenceIndicatorModel extends ThreatIntelligenceInformation {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "indicator";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -9829,6 +10353,8 @@ export declare interface TICheckRequirementsProperties extends DataConnectorTena
 
 /** Represents threat intelligence data connector. */
 export declare interface TIDataConnector extends DataConnector {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "ThreatIntelligence";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The lookback period for the feed to be imported. */
@@ -9897,6 +10423,8 @@ export declare interface TiTaxiiCheckRequirementsProperties extends DataConnecto
 
 /** Data connector to pull Threat intelligence data from TAXII 2.0/2.1 server */
 export declare interface TiTaxiiDataConnector extends DataConnector {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "ThreatIntelligenceTaxii";
     /** The tenant id to connect to, and get the data from. */
     tenantId?: string;
     /** The workspace id. */
@@ -9976,6 +10504,8 @@ export declare type TriggersWhen = string;
 
 /** Settings with single toggle. */
 export declare interface Ueba extends Settings {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Ueba";
     /** The relevant data sources that enriched by ueba */
     dataSources?: UebaDataSources[];
 }
@@ -9994,6 +10524,8 @@ export declare type UebaDataSources = string;
 
 /** Represents a url entity. */
 export declare interface UrlEntity extends Entity {
+    /** Polymorphic discriminator, which specifies the different types this object can be */
+    kind: "Url";
     /**
      * A bag of custom fields that should be part of the entity and will be presented to the user.
      * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -10038,6 +10570,17 @@ export declare interface UserInfo {
     objectId?: string;
 }
 
+/** Describes an error encountered in the file during validation. */
+export declare interface ValidationError {
+    /** The number of the record that has the error. */
+    recordIndex?: number;
+    /**
+     * A list of descriptions of the error.
+     * NOTE: This property will not be serialized. It can only be populated by the server.
+     */
+    readonly errorMessages?: string[];
+}
+
 /**
  * Defines values for Version. \
  * {@link KnownVersion} can be used interchangeably with Version,