@azure/arm-securityinsight 1.0.0-beta.4 → 1.0.0-beta.6

package/src/models/index.ts

@@ -10,7 +10,9 @@ import * as coreClient from "@azure/core-client";
 
 export type AutomationRuleConditionUnion =
   | AutomationRuleCondition
+  | BooleanConditionProperties
   | PropertyArrayChangedConditionProperties
+  | PropertyArrayConditionProperties
   | PropertyChangedConditionProperties
   | PropertyConditionProperties;
 export type AutomationRuleActionUnion =
@@ -242,7 +244,12 @@ export interface AutomationRuleTriggeringLogic {
 /** Describes an automation rule condition. */
 export interface AutomationRuleCondition {
   /** Polymorphic discriminator, which specifies the different types this object can be */
-  conditionType: "PropertyArrayChanged" | "PropertyChanged" | "Property";
+  conditionType:
+    | "Boolean"
+    | "PropertyArrayChanged"
+    | "PropertyArray"
+    | "PropertyChanged"
+    | "Property";
 }
 
 /** Describes an automation rule action. */
@@ -271,7 +278,7 @@ export interface AutomationRulesList {
 
 export interface ManualTriggerRequestBody {
   tenantId?: string;
-  logicAppsResourceId?: string;
+  logicAppsResourceId: string;
 }
 
 /** List all the bookmarks. */
@@ -725,6 +732,48 @@ export interface EntityQueryTemplateList {
   value: EntityQueryTemplateUnion[];
 }
 
+/** List all the file imports. */
+export interface FileImportList {
+  /**
+   * URL to fetch the next set of file imports.
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly nextLink?: string;
+  /** Array of file imports. */
+  value: FileImport[];
+}
+
+/** Represents a file. */
+export interface FileMetadata {
+  /** The format of the file */
+  fileFormat?: FileFormat;
+  /** The name of the file. */
+  fileName?: string;
+  /** The size of the file. */
+  fileSize?: number;
+  /**
+   * A URI with a valid SAS token to allow uploading / downloading the file.
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly fileContentUri?: string;
+  /**
+   * Indicates whether the file was deleted from the storage account.
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly deleteStatus?: DeleteStatus;
+}
+
+/** Describes an error encountered in the file during validation. */
+export interface ValidationError {
+  /** The number of the record that has the error. */
+  recordIndex?: number;
+  /**
+   * A list of descriptions of the error.
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly errorMessages?: string[];
+}
+
 /** List all the incidents. */
 export interface IncidentList {
   /**
@@ -1428,6 +1477,8 @@ export interface QueryBasedAlertRuleTemplateProperties {
   entityMappings?: EntityMapping[];
   /** The alert details override settings */
   alertDetailsOverride?: AlertDetailsOverride;
+  /** The event grouping settings. */
+  eventGroupingSettings?: EventGroupingSettings;
 }
 
 /** Single entity mapping for the alert rule */
@@ -1458,6 +1509,12 @@ export interface AlertDetailsOverride {
   alertSeverityColumnName?: string;
 }
 
+/** Event grouping settings property bag. */
+export interface EventGroupingSettings {
+  /** The event grouping aggregation kinds */
+  aggregationKind?: EventGroupingAggregationKind;
+}
+
 /** Represents a supported source signal configuration in Fusion detection. */
 export interface FusionSourceSettings {
   /** Determines whether this source signal is enabled or disabled in Fusion detection. */
@@ -1601,10 +1658,9 @@ export interface ScheduledAlertRuleCommonProperties {
   alertDetailsOverride?: AlertDetailsOverride;
 }
 
-/** Event grouping settings property bag. */
-export interface EventGroupingSettings {
-  /** The event grouping aggregation kinds */
-  aggregationKind?: EventGroupingAggregationKind;
+export interface AutomationRuleBooleanCondition {
+  operator?: AutomationRuleBooleanConditionSupportedOperator;
+  innerConditions?: AutomationRuleConditionUnion[];
 }
 
 export interface IncidentPropertiesAction {
@@ -1629,6 +1685,12 @@ export interface AutomationRulePropertyArrayChangedValuesCondition {
   changeType?: AutomationRulePropertyArrayChangedConditionSupportedChangeType;
 }
 
+export interface AutomationRulePropertyArrayValuesCondition {
+  arrayType?: AutomationRulePropertyArrayConditionSupportedArrayType;
+  arrayConditionType?: AutomationRulePropertyArrayConditionSupportedArrayConditionType;
+  itemConditions?: AutomationRuleConditionUnion[];
+}
+
 export interface AutomationRulePropertyValuesChangedCondition {
   propertyName?: AutomationRulePropertyChangedConditionSupportedPropertyType;
   changeType?: AutomationRulePropertyChangedConditionSupportedChangedType;
@@ -2175,6 +2237,63 @@ export interface EntityQueryTemplate extends Resource {
   kind: EntityQueryTemplateKind;
 }
 
+/** Represents a file import in Azure Security Insights. */
+export interface FileImport extends Resource {
+  /** Describes how to ingest the records in the file. */
+  ingestionMode?: IngestionMode;
+  /** The content type of this file. */
+  contentType?: FileImportContentType;
+  /**
+   * The time the file was imported.
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly createdTimeUTC?: Date;
+  /**
+   * Represents the error file (if the import was ingested with errors or failed the validation).
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly errorFile?: FileMetadata;
+  /**
+   * An ordered list of some of the errors that were encountered during validation.
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly errorsPreview?: ValidationError[];
+  /** Represents the imported file. */
+  importFile?: FileMetadata;
+  /**
+   * The number of records that have been successfully ingested.
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly ingestedRecordCount?: number;
+  /** The source for the data in the file. */
+  source?: string;
+  /**
+   * The state of the file import.
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly state?: FileImportState;
+  /**
+   * The number of records in the file.
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly totalRecordCount?: number;
+  /**
+   * The number of records that have passed validation.
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly validRecordCount?: number;
+  /**
+   * The time the files associated with this import are deleted from the storage account.
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly filesValidUntilTimeUTC?: Date;
+  /**
+   * The time the file import record is soft deleted from the database and history.
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly importValidUntilTimeUTC?: Date;
+}
+
 /** Consent for Office365 tenant that already made. */
 export interface OfficeConsent extends Resource {
   /** The tenantId of the Office365 with the consent. */
@@ -2195,6 +2314,13 @@ export interface ActionRequestProperties extends ActionPropertiesBase {
   triggerUri: string;
 }
 
+/** Describes an automation rule condition that applies a boolean operator (e.g AND, OR) to conditions */
+export interface BooleanConditionProperties extends AutomationRuleCondition {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  conditionType: "Boolean";
+  conditionProperties?: AutomationRuleBooleanCondition;
+}
+
 /** Describes an automation rule condition that evaluates an array property's value change */
 export interface PropertyArrayChangedConditionProperties
   extends AutomationRuleCondition {
@@ -2203,6 +2329,14 @@ export interface PropertyArrayChangedConditionProperties
   conditionProperties?: AutomationRulePropertyArrayChangedValuesCondition;
 }
 
+/** Describes an automation rule condition that evaluates an array property's value */
+export interface PropertyArrayConditionProperties
+  extends AutomationRuleCondition {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  conditionType: "PropertyArray";
+  conditionProperties?: AutomationRulePropertyArrayValuesCondition;
+}
+
 /** Describes an automation rule condition that evaluates a property's value change */
 export interface PropertyChangedConditionProperties
   extends AutomationRuleCondition {
@@ -4232,6 +4366,8 @@ export interface DataConnector extends ResourceWithEtag {
 /** Represents MLBehaviorAnalytics alert rule template. */
 export interface MLBehaviorAnalyticsAlertRuleTemplate
   extends AlertRuleTemplate {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "MLBehaviorAnalytics";
   /** the number of alert rules that were created by this template */
   alertRulesCreatedByTemplateCount?: number;
   /**
@@ -4262,6 +4398,8 @@ export interface MLBehaviorAnalyticsAlertRuleTemplate
 
 /** Represents Fusion alert rule template. */
 export interface FusionAlertRuleTemplate extends AlertRuleTemplate {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Fusion";
   /** the number of alert rules that were created by this template */
   alertRulesCreatedByTemplateCount?: number;
   /**
@@ -4294,6 +4432,8 @@ export interface FusionAlertRuleTemplate extends AlertRuleTemplate {
 
 /** Represents Threat Intelligence alert rule template. */
 export interface ThreatIntelligenceAlertRuleTemplate extends AlertRuleTemplate {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "ThreatIntelligence";
   /** the number of alert rules that were created by this template */
   alertRulesCreatedByTemplateCount?: number;
   /**
@@ -4325,6 +4465,8 @@ export interface ThreatIntelligenceAlertRuleTemplate extends AlertRuleTemplate {
 /** Represents MicrosoftSecurityIncidentCreation rule template. */
 export interface MicrosoftSecurityIncidentCreationAlertRuleTemplate
   extends AlertRuleTemplate {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "MicrosoftSecurityIncidentCreation";
   /** the number of alert rules that were created by this template */
   alertRulesCreatedByTemplateCount?: number;
   /**
@@ -4357,6 +4499,8 @@ export interface MicrosoftSecurityIncidentCreationAlertRuleTemplate
 
 /** Represents scheduled alert rule template. */
 export interface ScheduledAlertRuleTemplate extends AlertRuleTemplate {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Scheduled";
   /** the number of alert rules that were created by this template */
   alertRulesCreatedByTemplateCount?: number;
   /**
@@ -4407,6 +4551,8 @@ export interface ScheduledAlertRuleTemplate extends AlertRuleTemplate {
 
 /** Represents NRT alert rule template. */
 export interface NrtAlertRuleTemplate extends AlertRuleTemplate {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "NRT";
   /** the number of alert rules that were created by this template */
   alertRulesCreatedByTemplateCount?: number;
   /**
@@ -4443,10 +4589,14 @@ export interface NrtAlertRuleTemplate extends AlertRuleTemplate {
   entityMappings?: EntityMapping[];
   /** The alert details override settings */
   alertDetailsOverride?: AlertDetailsOverride;
+  /** The event grouping settings. */
+  eventGroupingSettings?: EventGroupingSettings;
 }
 
 /** Represents a security alert entity. */
 export interface SecurityAlert extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "SecurityAlert";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -4583,6 +4733,8 @@ export interface SecurityAlert extends Entity {
 
 /** Represents a Hunting bookmark entity. */
 export interface HuntingBookmark extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Bookmark";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -4619,6 +4771,8 @@ export interface HuntingBookmark extends Entity {
 
 /** Represents an account entity. */
 export interface AccountEntity extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Account";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -4693,6 +4847,8 @@ export interface AccountEntity extends Entity {
 
 /** Represents an azure resource entity. */
 export interface AzureResourceEntity extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "AzureResource";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -4717,6 +4873,8 @@ export interface AzureResourceEntity extends Entity {
 
 /** Represents a cloud application entity. */
 export interface CloudApplicationEntity extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "CloudApplication";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -4746,6 +4904,8 @@ export interface CloudApplicationEntity extends Entity {
 
 /** Represents a dns entity. */
 export interface DnsEntity extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "DnsResolution";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -4780,6 +4940,8 @@ export interface DnsEntity extends Entity {
 
 /** Represents a file entity. */
 export interface FileEntity extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "File";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -4814,6 +4976,8 @@ export interface FileEntity extends Entity {
 
 /** Represents a file hash entity. */
 export interface FileHashEntity extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "FileHash";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -4838,6 +5002,8 @@ export interface FileHashEntity extends Entity {
 
 /** Represents a host entity. */
 export interface HostEntity extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Host";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -4894,6 +5060,8 @@ export interface HostEntity extends Entity {
 
 /** Represents an IoT device entity. */
 export interface IoTDeviceEntity extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "IoTDevice";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5045,6 +5213,8 @@ export interface IoTDeviceEntity extends Entity {
 
 /** Represents an ip entity. */
 export interface IpEntity extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Ip";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5074,6 +5244,8 @@ export interface IpEntity extends Entity {
 
 /** Represents a mailbox entity. */
 export interface MailboxEntity extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Mailbox";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5108,6 +5280,8 @@ export interface MailboxEntity extends Entity {
 
 /** Represents a mail cluster entity. */
 export interface MailClusterEntity extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "MailCluster";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5197,6 +5371,8 @@ export interface MailClusterEntity extends Entity {
 
 /** Represents a mail message entity. */
 export interface MailMessageEntity extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "MailMessage";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5312,6 +5488,8 @@ export interface MailMessageEntity extends Entity {
 
 /** Represents a malware entity. */
 export interface MalwareEntity extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Malware";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5346,6 +5524,8 @@ export interface MalwareEntity extends Entity {
 
 /** Represents a process entity. */
 export interface ProcessEntity extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Process";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5402,6 +5582,8 @@ export interface ProcessEntity extends Entity {
 
 /** Represents a registry key entity. */
 export interface RegistryKeyEntity extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "RegistryKey";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5426,6 +5608,8 @@ export interface RegistryKeyEntity extends Entity {
 
 /** Represents a registry value entity. */
 export interface RegistryValueEntity extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "RegistryValue";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5460,6 +5644,8 @@ export interface RegistryValueEntity extends Entity {
 
 /** Represents a security group entity. */
 export interface SecurityGroupEntity extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "SecurityGroup";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5489,6 +5675,8 @@ export interface SecurityGroupEntity extends Entity {
 
 /** Represents a submission mail entity. */
 export interface SubmissionMailEntity extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "SubmissionMail";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5553,6 +5741,8 @@ export interface SubmissionMailEntity extends Entity {
 
 /** Represents a url entity. */
 export interface UrlEntity extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Url";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5572,6 +5762,8 @@ export interface UrlEntity extends Entity {
 
 /** Represents an network interface entity. */
 export interface NicEntity extends Entity {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Nic";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5601,6 +5793,8 @@ export interface NicEntity extends Entity {
 
 /** Represents Activity entity query. */
 export interface ActivityEntityQueryTemplate extends EntityQueryTemplate {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Activity";
   /** The entity query title */
   title?: string;
   /** The entity query content to display in timeline */
@@ -5637,6 +5831,8 @@ export interface PermissionsCustomsItem extends Customs {}
 
 /** Represents MLBehaviorAnalytics alert rule. */
 export interface MLBehaviorAnalyticsAlertRule extends AlertRule {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "MLBehaviorAnalytics";
   /** The Name of the alert rule template used to create this rule. */
   alertRuleTemplateName?: string;
   /**
@@ -5675,6 +5871,8 @@ export interface MLBehaviorAnalyticsAlertRule extends AlertRule {
 
 /** Represents Fusion alert rule. */
 export interface FusionAlertRule extends AlertRule {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Fusion";
   /** The Name of the alert rule template used to create this rule. */
   alertRuleTemplateName?: string;
   /**
@@ -5717,6 +5915,8 @@ export interface FusionAlertRule extends AlertRule {
 
 /** Represents Threat Intelligence alert rule. */
 export interface ThreatIntelligenceAlertRule extends AlertRule {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "ThreatIntelligence";
   /** The Name of the alert rule template used to create this rule. */
   alertRuleTemplateName?: string;
   /**
@@ -5755,6 +5955,8 @@ export interface ThreatIntelligenceAlertRule extends AlertRule {
 
 /** Represents MicrosoftSecurityIncidentCreation rule. */
 export interface MicrosoftSecurityIncidentCreationAlertRule extends AlertRule {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "MicrosoftSecurityIncidentCreation";
   /** the alerts' displayNames on which the cases will be generated */
   displayNamesFilter?: string[];
   /** the alerts' displayNames on which the cases will not be generated */
@@ -5780,6 +5982,8 @@ export interface MicrosoftSecurityIncidentCreationAlertRule extends AlertRule {
 
 /** Represents scheduled alert rule. */
 export interface ScheduledAlertRule extends AlertRule {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Scheduled";
   /** The query that creates alerts for this rule. */
   query?: string;
   /** The frequency (in ISO 8601 duration format) for this alert rule to run. */
@@ -5829,6 +6033,8 @@ export interface ScheduledAlertRule extends AlertRule {
 
 /** Represents NRT alert rule. */
 export interface NrtAlertRule extends AlertRule {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "NRT";
   /** The Name of the alert rule template used to create this rule. */
   alertRuleTemplateName?: string;
   /** The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2> */
@@ -5864,10 +6070,14 @@ export interface NrtAlertRule extends AlertRule {
   entityMappings?: EntityMapping[];
   /** The alert details override settings */
   alertDetailsOverride?: AlertDetailsOverride;
+  /** The event grouping settings. */
+  eventGroupingSettings?: EventGroupingSettings;
 }
 
 /** Represents Expansion entity query. */
 export interface ExpansionEntityQuery extends EntityQuery {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Expansion";
   /** List of the data sources that are required to run the query */
   dataSources?: string[];
   /** The query display name */
@@ -5884,6 +6094,8 @@ export interface ExpansionEntityQuery extends EntityQuery {
 
 /** Represents Activity entity query. */
 export interface ActivityEntityQuery extends EntityQuery {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Activity";
   /** The entity query title */
   title?: string;
   /** The entity query content to display in timeline */
@@ -5916,6 +6128,8 @@ export interface ActivityEntityQuery extends EntityQuery {
 
 /** Represents Activity entity query. */
 export interface ActivityCustomEntityQuery extends CustomEntityQuery {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Activity";
   /** The entity query title */
   title?: string;
   /** The entity query content to display in timeline */
@@ -5949,6 +6163,8 @@ export interface ActivityCustomEntityQuery extends CustomEntityQuery {
 /** Represents Anomaly Security ML Analytics Settings */
 export interface AnomalySecurityMLAnalyticsSettings
   extends SecurityMLAnalyticsSetting {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Anomaly";
   /** The description of the SecurityMLAnalyticsSettings. */
   description?: string;
   /** The display name for settings created by this SecurityMLAnalyticsSettings. */
@@ -5984,6 +6200,8 @@ export interface AnomalySecurityMLAnalyticsSettings
 
 /** Settings with single toggle. */
 export interface Anomalies extends Settings {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Anomalies";
   /**
    * Determines whether the setting is enable or disabled.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -5993,6 +6211,8 @@ export interface Anomalies extends Settings {
 
 /** Settings with single toggle. */
 export interface EyesOn extends Settings {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "EyesOn";
   /**
    * Determines whether the setting is enable or disabled.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -6002,12 +6222,16 @@ export interface EyesOn extends Settings {
 
 /** Settings with single toggle. */
 export interface EntityAnalytics extends Settings {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "EntityAnalytics";
   /** The relevant entity providers that are synced */
   entityProviders?: EntityProviders[];
 }
 
 /** Settings with single toggle. */
 export interface Ueba extends Settings {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Ueba";
   /** The relevant data sources that enriched by ueba */
   dataSources?: UebaDataSources[];
 }
@@ -6015,6 +6239,8 @@ export interface Ueba extends Settings {
 /** Threat intelligence indicator entity. */
 export interface ThreatIntelligenceIndicatorModel
   extends ThreatIntelligenceInformation {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "indicator";
   /**
    * A bag of custom fields that should be part of the entity and will be presented to the user.
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -6085,6 +6311,8 @@ export interface ThreatIntelligenceIndicatorModel
 
 /** Represents AAD (Azure Active Directory) data connector. */
 export interface AADDataConnector extends DataConnector {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "AzureActiveDirectory";
   /** The tenant id to connect to, and get the data from. */
   tenantId?: string;
   /** The available data types for the connector. */
@@ -6093,6 +6321,8 @@ export interface AADDataConnector extends DataConnector {
 
 /** Represents Microsoft Threat Intelligence data connector. */
 export interface MstiDataConnector extends DataConnector {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "MicrosoftThreatIntelligence";
   /** The tenant id to connect to, and get the data from. */
   tenantId?: string;
   /** The available data types for the connector. */
@@ -6101,6 +6331,8 @@ export interface MstiDataConnector extends DataConnector {
 
 /** Represents MTP (Microsoft Threat Protection) data connector. */
 export interface MTPDataConnector extends DataConnector {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "MicrosoftThreatProtection";
   /** The tenant id to connect to, and get the data from. */
   tenantId?: string;
   /** The available data types for the connector. */
@@ -6109,6 +6341,8 @@ export interface MTPDataConnector extends DataConnector {
 
 /** Represents AATP (Azure Advanced Threat Protection) data connector. */
 export interface AatpDataConnector extends DataConnector {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "AzureAdvancedThreatProtection";
   /** The tenant id to connect to, and get the data from. */
   tenantId?: string;
   /** The available data types for the connector. */
@@ -6117,6 +6351,8 @@ export interface AatpDataConnector extends DataConnector {
 
 /** Represents ASC (Azure Security Center) data connector. */
 export interface ASCDataConnector extends DataConnector {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "AzureSecurityCenter";
   /** The available data types for the connector. */
   dataTypes?: AlertsDataTypeOfDataConnector;
   /** The subscription id to connect to, and get the data from. */
@@ -6125,6 +6361,8 @@ export interface ASCDataConnector extends DataConnector {
 
 /** Represents Amazon Web Services CloudTrail data connector. */
 export interface AwsCloudTrailDataConnector extends DataConnector {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "AmazonWebServicesCloudTrail";
   /** The Aws Role Arn (with CloudTrailReadOnly policy) that is used to access the Aws account. */
   awsRoleArn?: string;
   /** The available data types for the connector. */
@@ -6133,6 +6371,8 @@ export interface AwsCloudTrailDataConnector extends DataConnector {
 
 /** Represents Amazon Web Services S3 data connector. */
 export interface AwsS3DataConnector extends DataConnector {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "AmazonWebServicesS3";
   /** The logs destination table name in LogAnalytics. */
   destinationTable?: string;
   /** The AWS sqs urls for the connector. */
@@ -6145,6 +6385,8 @@ export interface AwsS3DataConnector extends DataConnector {
 
 /** Represents MCAS (Microsoft Cloud App Security) data connector. */
 export interface McasDataConnector extends DataConnector {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "MicrosoftCloudAppSecurity";
   /** The tenant id to connect to, and get the data from. */
   tenantId?: string;
   /** The available data types for the connector. */
@@ -6153,6 +6395,8 @@ export interface McasDataConnector extends DataConnector {
 
 /** Represents Dynamics365 data connector. */
 export interface Dynamics365DataConnector extends DataConnector {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Dynamics365";
   /** The tenant id to connect to, and get the data from. */
   tenantId?: string;
   /** The available data types for the connector. */
@@ -6161,6 +6405,8 @@ export interface Dynamics365DataConnector extends DataConnector {
 
 /** Represents OfficeATP (Office 365 Advanced Threat Protection) data connector. */
 export interface OfficeATPDataConnector extends DataConnector {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "OfficeATP";
   /** The tenant id to connect to, and get the data from. */
   tenantId?: string;
   /** The available data types for the connector. */
@@ -6169,6 +6415,8 @@ export interface OfficeATPDataConnector extends DataConnector {
 
 /** Represents Office Microsoft Project data connector. */
 export interface Office365ProjectDataConnector extends DataConnector {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Office365Project";
   /** The tenant id to connect to, and get the data from. */
   tenantId?: string;
   /** The available data types for the connector. */
@@ -6177,6 +6425,8 @@ export interface Office365ProjectDataConnector extends DataConnector {
 
 /** Represents Office Microsoft PowerBI data connector. */
 export interface OfficePowerBIDataConnector extends DataConnector {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "OfficePowerBI";
   /** The tenant id to connect to, and get the data from. */
   tenantId?: string;
   /** The available data types for the connector. */
@@ -6185,6 +6435,8 @@ export interface OfficePowerBIDataConnector extends DataConnector {
 
 /** Represents OfficeIRM (Microsoft Insider Risk Management) data connector. */
 export interface OfficeIRMDataConnector extends DataConnector {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "OfficeIRM";
   /** The tenant id to connect to, and get the data from. */
   tenantId?: string;
   /** The available data types for the connector. */
@@ -6193,6 +6445,8 @@ export interface OfficeIRMDataConnector extends DataConnector {
 
 /** Represents MDATP (Microsoft Defender Advanced Threat Protection) data connector. */
 export interface MdatpDataConnector extends DataConnector {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "MicrosoftDefenderAdvancedThreatProtection";
   /** The tenant id to connect to, and get the data from. */
   tenantId?: string;
   /** The available data types for the connector. */
@@ -6201,6 +6455,8 @@ export interface MdatpDataConnector extends DataConnector {
 
 /** Represents office data connector. */
 export interface OfficeDataConnector extends DataConnector {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "Office365";
   /** The tenant id to connect to, and get the data from. */
   tenantId?: string;
   /** The available data types for the connector. */
@@ -6209,6 +6465,8 @@ export interface OfficeDataConnector extends DataConnector {
 
 /** Represents threat intelligence data connector. */
 export interface TIDataConnector extends DataConnector {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "ThreatIntelligence";
   /** The tenant id to connect to, and get the data from. */
   tenantId?: string;
   /** The lookback period for the feed to be imported. */
@@ -6219,6 +6477,8 @@ export interface TIDataConnector extends DataConnector {
 
 /** Data connector to pull Threat intelligence data from TAXII 2.0/2.1 server */
 export interface TiTaxiiDataConnector extends DataConnector {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "ThreatIntelligenceTaxii";
   /** The tenant id to connect to, and get the data from. */
   tenantId?: string;
   /** The workspace id. */
@@ -6243,6 +6503,8 @@ export interface TiTaxiiDataConnector extends DataConnector {
 
 /** Represents IoT data connector. */
 export interface IoTDataConnector extends DataConnector {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "IOT";
   /** The available data types for the connector. */
   dataTypes?: AlertsDataTypeOfDataConnector;
   /** The subscription id to connect to, and get the data from. */
@@ -6251,12 +6513,16 @@ export interface IoTDataConnector extends DataConnector {
 
 /** Represents Codeless UI data connector. */
 export interface CodelessUiDataConnector extends DataConnector {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "GenericUI";
   /** Config to describe the instructions blade */
   connectorUiConfig?: CodelessUiConnectorConfigProperties;
 }
 
 /** Represents Codeless API Polling data connector. */
 export interface CodelessApiPollingDataConnector extends DataConnector {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  kind: "APIPolling";
   /** Config to describe the instructions blade */
   connectorUiConfig?: CodelessUiConnectorConfigProperties;
   /** Config to describe the polling instructions */
@@ -6369,10 +6635,14 @@ export type TriggersWhen = string;
 export enum KnownConditionType {
   /** Evaluate an object property value */
   Property = "Property",
+  /** Evaluate an object array property value */
+  PropertyArray = "PropertyArray",
   /** Evaluate an object property changed value */
   PropertyChanged = "PropertyChanged",
   /** Evaluate an object array property changed value */
-  PropertyArrayChanged = "PropertyArrayChanged"
+  PropertyArrayChanged = "PropertyArrayChanged",
+  /** Apply a boolean operator (e.g AND, OR) to conditions */
+  Boolean = "Boolean"
 }
 
 /**
@@ -6381,8 +6651,10 @@ export enum KnownConditionType {
  *  this enum contains the known values that the service supports.
  * ### Known values supported by the service
  * **Property**: Evaluate an object property value \
+ * **PropertyArray**: Evaluate an object array property value \
  * **PropertyChanged**: Evaluate an object property changed value \
- * **PropertyArrayChanged**: Evaluate an object array property changed value
+ * **PropertyArrayChanged**: Evaluate an object array property changed value \
+ * **Boolean**: Apply a boolean operator (e.g AND, OR) to conditions
  */
 export type ConditionType = string;
 
@@ -6692,6 +6964,123 @@ export enum KnownEntityQueryTemplateKind {
  */
 export type EntityQueryTemplateKind = string;
 
+/** Known values of {@link IngestionMode} that the service accepts. */
+export enum KnownIngestionMode {
+  /** No records should be ingested when invalid records are detected. */
+  IngestOnlyIfAllAreValid = "IngestOnlyIfAllAreValid",
+  /** Valid records should still be ingested when invalid records are detected. */
+  IngestAnyValidRecords = "IngestAnyValidRecords",
+  /** Unspecified */
+  Unspecified = "Unspecified"
+}
+
+/**
+ * Defines values for IngestionMode. \
+ * {@link KnownIngestionMode} can be used interchangeably with IngestionMode,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **IngestOnlyIfAllAreValid**: No records should be ingested when invalid records are detected. \
+ * **IngestAnyValidRecords**: Valid records should still be ingested when invalid records are detected. \
+ * **Unspecified**: Unspecified
+ */
+export type IngestionMode = string;
+
+/** Known values of {@link FileImportContentType} that the service accepts. */
+export enum KnownFileImportContentType {
+  /** File containing records with the core fields of an indicator, plus the observables to construct the STIX pattern. */
+  BasicIndicator = "BasicIndicator",
+  /** File containing STIX indicators. */
+  StixIndicator = "StixIndicator",
+  /** File containing other records. */
+  Unspecified = "Unspecified"
+}
+
+/**
+ * Defines values for FileImportContentType. \
+ * {@link KnownFileImportContentType} can be used interchangeably with FileImportContentType,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **BasicIndicator**: File containing records with the core fields of an indicator, plus the observables to construct the STIX pattern. \
+ * **StixIndicator**: File containing STIX indicators. \
+ * **Unspecified**: File containing other records.
+ */
+export type FileImportContentType = string;
+
+/** Known values of {@link FileFormat} that the service accepts. */
+export enum KnownFileFormat {
+  /** A CSV file. */
+  CSV = "CSV",
+  /** A JSON file. */
+  Json = "JSON",
+  /** A file of other format. */
+  Unspecified = "Unspecified"
+}
+
+/**
+ * Defines values for FileFormat. \
+ * {@link KnownFileFormat} can be used interchangeably with FileFormat,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **CSV**: A CSV file. \
+ * **JSON**: A JSON file. \
+ * **Unspecified**: A file of other format.
+ */
+export type FileFormat = string;
+
+/** Known values of {@link DeleteStatus} that the service accepts. */
+export enum KnownDeleteStatus {
+  /** The file was deleted. */
+  Deleted = "Deleted",
+  /** The file was not deleted. */
+  NotDeleted = "NotDeleted",
+  /** Unspecified */
+  Unspecified = "Unspecified"
+}
+
+/**
+ * Defines values for DeleteStatus. \
+ * {@link KnownDeleteStatus} can be used interchangeably with DeleteStatus,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **Deleted**: The file was deleted. \
+ * **NotDeleted**: The file was not deleted. \
+ * **Unspecified**: Unspecified
+ */
+export type DeleteStatus = string;
+
+/** Known values of {@link FileImportState} that the service accepts. */
+export enum KnownFileImportState {
+  /** A fatal error has occurred while ingesting the file. */
+  FatalError = "FatalError",
+  /** The file has been ingested. */
+  Ingested = "Ingested",
+  /** The file has been ingested with errors. */
+  IngestedWithErrors = "IngestedWithErrors",
+  /** The file ingestion is in progress. */
+  InProgress = "InProgress",
+  /** The file is invalid. */
+  Invalid = "Invalid",
+  /** Waiting for the file to be uploaded. */
+  WaitingForUpload = "WaitingForUpload",
+  /** Unspecified state. */
+  Unspecified = "Unspecified"
+}
+
+/**
+ * Defines values for FileImportState. \
+ * {@link KnownFileImportState} can be used interchangeably with FileImportState,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **FatalError**: A fatal error has occurred while ingesting the file. \
+ * **Ingested**: The file has been ingested. \
+ * **IngestedWithErrors**: The file has been ingested with errors. \
+ * **InProgress**: The file ingestion is in progress. \
+ * **Invalid**: The file is invalid. \
+ * **WaitingForUpload**: Waiting for the file to be uploaded. \
+ * **Unspecified**: Unspecified state.
+ */
+export type FileImportState = string;
+
 /** Known values of {@link IncidentClassification} that the service accepts. */
 export enum KnownIncidentClassification {
   /** Incident classification was undetermined */
@@ -7508,6 +7897,24 @@ export enum KnownEntityMappingType {
  */
 export type EntityMappingType = string;
 
+/** Known values of {@link EventGroupingAggregationKind} that the service accepts. */
+export enum KnownEventGroupingAggregationKind {
+  /** SingleAlert */
+  SingleAlert = "SingleAlert",
+  /** AlertPerResult */
+  AlertPerResult = "AlertPerResult"
+}
+
+/**
+ * Defines values for EventGroupingAggregationKind. \
+ * {@link KnownEventGroupingAggregationKind} can be used interchangeably with EventGroupingAggregationKind,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **SingleAlert** \
+ * **AlertPerResult**
+ */
+export type EventGroupingAggregationKind = string;
+
 /** Known values of {@link MicrosoftSecurityProductName} that the service accepts. */
 export enum KnownMicrosoftSecurityProductName {
   /** MicrosoftCloudAppSecurity */
@@ -7580,23 +7987,23 @@ export enum KnownAlertDetail {
  */
 export type AlertDetail = string;
 
-/** Known values of {@link EventGroupingAggregationKind} that the service accepts. */
-export enum KnownEventGroupingAggregationKind {
-  /** SingleAlert */
-  SingleAlert = "SingleAlert",
-  /** AlertPerResult */
-  AlertPerResult = "AlertPerResult"
+/** Known values of {@link AutomationRuleBooleanConditionSupportedOperator} that the service accepts. */
+export enum KnownAutomationRuleBooleanConditionSupportedOperator {
+  /** Evaluates as true if all the item conditions are evaluated as true */
+  And = "And",
+  /** Evaluates as true if at least one of the item conditions are evaluated as true */
+  Or = "Or"
 }
 
 /**
- * Defines values for EventGroupingAggregationKind. \
- * {@link KnownEventGroupingAggregationKind} can be used interchangeably with EventGroupingAggregationKind,
+ * Defines values for AutomationRuleBooleanConditionSupportedOperator. \
+ * {@link KnownAutomationRuleBooleanConditionSupportedOperator} can be used interchangeably with AutomationRuleBooleanConditionSupportedOperator,
  *  this enum contains the known values that the service supports.
  * ### Known values supported by the service
- * **SingleAlert** \
- * **AlertPerResult**
+ * **And**: Evaluates as true if all the item conditions are evaluated as true \
+ * **Or**: Evaluates as true if at least one of the item conditions are evaluated as true
  */
-export type EventGroupingAggregationKind = string;
+export type AutomationRuleBooleanConditionSupportedOperator = string;
 
 /** Known values of {@link AutomationRulePropertyArrayChangedConditionSupportedArrayType} that the service accepts. */
 export enum KnownAutomationRulePropertyArrayChangedConditionSupportedArrayType {
@@ -7637,6 +8044,39 @@ export enum KnownAutomationRulePropertyArrayChangedConditionSupportedChangeType
  */
 export type AutomationRulePropertyArrayChangedConditionSupportedChangeType = string;
 
+/** Known values of {@link AutomationRulePropertyArrayConditionSupportedArrayType} that the service accepts. */
+export enum KnownAutomationRulePropertyArrayConditionSupportedArrayType {
+  /** Evaluate the condition on the custom detail keys */
+  CustomDetails = "CustomDetails",
+  /** Evaluate the condition on a custom detail's values */
+  CustomDetailValues = "CustomDetailValues"
+}
+
+/**
+ * Defines values for AutomationRulePropertyArrayConditionSupportedArrayType. \
+ * {@link KnownAutomationRulePropertyArrayConditionSupportedArrayType} can be used interchangeably with AutomationRulePropertyArrayConditionSupportedArrayType,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **CustomDetails**: Evaluate the condition on the custom detail keys \
+ * **CustomDetailValues**: Evaluate the condition on a custom detail's values
+ */
+export type AutomationRulePropertyArrayConditionSupportedArrayType = string;
+
+/** Known values of {@link AutomationRulePropertyArrayConditionSupportedArrayConditionType} that the service accepts. */
+export enum KnownAutomationRulePropertyArrayConditionSupportedArrayConditionType {
+  /** Evaluate the condition as true if any item fulfills it */
+  AnyItem = "AnyItem"
+}
+
+/**
+ * Defines values for AutomationRulePropertyArrayConditionSupportedArrayConditionType. \
+ * {@link KnownAutomationRulePropertyArrayConditionSupportedArrayConditionType} can be used interchangeably with AutomationRulePropertyArrayConditionSupportedArrayConditionType,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **AnyItem**: Evaluate the condition as true if any item fulfills it
+ */
+export type AutomationRulePropertyArrayConditionSupportedArrayConditionType = string;
+
 /** Known values of {@link AutomationRulePropertyChangedConditionSupportedPropertyType} that the service accepts. */
 export enum KnownAutomationRulePropertyChangedConditionSupportedPropertyType {
   /** Evaluate the condition on the incident severity */
@@ -7730,6 +8170,12 @@ export enum KnownAutomationRulePropertyConditionSupportedProperty {
   IncidentLabel = "IncidentLabel",
   /** The provider name of the incident */
   IncidentProviderName = "IncidentProviderName",
+  /** The update source of the incident */
+  IncidentUpdatedBySource = "IncidentUpdatedBySource",
+  /** The incident custom detail key */
+  IncidentCustomDetailsKey = "IncidentCustomDetailsKey",
+  /** The incident custom detail value */
+  IncidentCustomDetailsValue = "IncidentCustomDetailsValue",
   /** The account Azure Active Directory tenant id */
   AccountAadTenantId = "AccountAadTenantId",
   /** The account Azure Active Directory user id */
@@ -7839,6 +8285,9 @@ export enum KnownAutomationRulePropertyConditionSupportedProperty {
  * **IncidentTactics**: The tactics of the incident \
  * **IncidentLabel**: The labels of the incident \
  * **IncidentProviderName**: The provider name of the incident \
+ * **IncidentUpdatedBySource**: The update source of the incident \
+ * **IncidentCustomDetailsKey**: The incident custom detail key \
+ * **IncidentCustomDetailsValue**: The incident custom detail value \
  * **AccountAadTenantId**: The account Azure Active Directory tenant id \
  * **AccountAadUserId**: The account Azure Active Directory user id \
  * **AccountName**: The account name \
@@ -8549,16 +8998,7 @@ export type IncidentsListEntitiesResponse = IncidentEntitiesResponse;
 
 /** Optional parameters. */
 export interface IncidentsListNextOptionalParams
-  extends coreClient.OperationOptions {
-  /** Filters the results, based on a Boolean condition. Optional. */
-  filter?: string;
-  /** Sorts the results. Optional. */
-  orderby?: string;
-  /** Returns only the first n results. Optional. */
-  top?: number;
-  /** Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. */
-  skipToken?: string;
-}
+  extends coreClient.OperationOptions {}
 
 /** Contains response data for the listNext operation. */
 export type IncidentsListNextResponse = IncidentList;
@@ -8631,16 +9071,7 @@ export interface BookmarkRelationsDeleteOptionalParams
 
 /** Optional parameters. */
 export interface BookmarkRelationsListNextOptionalParams
-  extends coreClient.OperationOptions {
-  /** Filters the results, based on a Boolean condition. Optional. */
-  filter?: string;
-  /** Sorts the results. Optional. */
-  orderby?: string;
-  /** Returns only the first n results. Optional. */
-  top?: number;
-  /** Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. */
-  skipToken?: string;
-}
+  extends coreClient.OperationOptions {}
 
 /** Contains response data for the listNext operation. */
 export type BookmarkRelationsListNextResponse = RelationList;
@@ -8733,16 +9164,7 @@ export type EntitiesRelationsListResponse = RelationList;
 
 /** Optional parameters. */
 export interface EntitiesRelationsListNextOptionalParams
-  extends coreClient.OperationOptions {
-  /** Filters the results, based on a Boolean condition. Optional. */
-  filter?: string;
-  /** Sorts the results. Optional. */
-  orderby?: string;
-  /** Returns only the first n results. Optional. */
-  top?: number;
-  /** Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. */
-  skipToken?: string;
-}
+  extends coreClient.OperationOptions {}
 
 /** Contains response data for the listNext operation. */
 export type EntitiesRelationsListNextResponse = RelationList;
@@ -8784,10 +9206,7 @@ export interface EntityQueriesDeleteOptionalParams
 
 /** Optional parameters. */
 export interface EntityQueriesListNextOptionalParams
-  extends coreClient.OperationOptions {
-  /** The entity query kind we want to fetch */
-  kind?: Enum13;
-}
+  extends coreClient.OperationOptions {}
 
 /** Contains response data for the listNext operation. */
 export type EntityQueriesListNextResponse = EntityQueryList;
@@ -8814,7 +9233,7 @@ export interface EntityQueryTemplatesListNextOptionalParams
 export type EntityQueryTemplatesListNextResponse = EntityQueryTemplateList;
 
 /** Optional parameters. */
-export interface IncidentCommentsListOptionalParams
+export interface FileImportsListOptionalParams
   extends coreClient.OperationOptions {
   /** Filters the results, based on a Boolean condition. Optional. */
   filter?: string;
@@ -8827,28 +9246,43 @@ export interface IncidentCommentsListOptionalParams
 }
 
 /** Contains response data for the list operation. */
-export type IncidentCommentsListResponse = IncidentCommentList;
+export type FileImportsListResponse = FileImportList;
 
 /** Optional parameters. */
-export interface IncidentCommentsGetOptionalParams
+export interface FileImportsGetOptionalParams
   extends coreClient.OperationOptions {}
 
 /** Contains response data for the get operation. */
-export type IncidentCommentsGetResponse = IncidentComment;
+export type FileImportsGetResponse = FileImport;
 
 /** Optional parameters. */
-export interface IncidentCommentsCreateOrUpdateOptionalParams
+export interface FileImportsCreateOptionalParams
   extends coreClient.OperationOptions {}
 
-/** Contains response data for the createOrUpdate operation. */
-export type IncidentCommentsCreateOrUpdateResponse = IncidentComment;
+/** Contains response data for the create operation. */
+export type FileImportsCreateResponse = FileImport;
 
 /** Optional parameters. */
-export interface IncidentCommentsDeleteOptionalParams
+export interface FileImportsDeleteOptionalParams
+  extends coreClient.OperationOptions {
+  /** Delay to wait until next poll, in milliseconds. */
+  updateIntervalInMs?: number;
+  /** A serialized poller which can be used to resume an existing paused Long-Running-Operation. */
+  resumeFrom?: string;
+}
+
+/** Contains response data for the delete operation. */
+export type FileImportsDeleteResponse = FileImport;
+
+/** Optional parameters. */
+export interface FileImportsListNextOptionalParams
   extends coreClient.OperationOptions {}
 
+/** Contains response data for the listNext operation. */
+export type FileImportsListNextResponse = FileImportList;
+
 /** Optional parameters. */
-export interface IncidentCommentsListNextOptionalParams
+export interface IncidentCommentsListOptionalParams
   extends coreClient.OperationOptions {
   /** Filters the results, based on a Boolean condition. Optional. */
   filter?: string;
@@ -8860,6 +9294,31 @@ export interface IncidentCommentsListNextOptionalParams
   skipToken?: string;
 }
 
+/** Contains response data for the list operation. */
+export type IncidentCommentsListResponse = IncidentCommentList;
+
+/** Optional parameters. */
+export interface IncidentCommentsGetOptionalParams
+  extends coreClient.OperationOptions {}
+
+/** Contains response data for the get operation. */
+export type IncidentCommentsGetResponse = IncidentComment;
+
+/** Optional parameters. */
+export interface IncidentCommentsCreateOrUpdateOptionalParams
+  extends coreClient.OperationOptions {}
+
+/** Contains response data for the createOrUpdate operation. */
+export type IncidentCommentsCreateOrUpdateResponse = IncidentComment;
+
+/** Optional parameters. */
+export interface IncidentCommentsDeleteOptionalParams
+  extends coreClient.OperationOptions {}
+
+/** Optional parameters. */
+export interface IncidentCommentsListNextOptionalParams
+  extends coreClient.OperationOptions {}
+
 /** Contains response data for the listNext operation. */
 export type IncidentCommentsListNextResponse = IncidentCommentList;
 
@@ -8899,16 +9358,7 @@ export interface IncidentRelationsDeleteOptionalParams
 
 /** Optional parameters. */
 export interface IncidentRelationsListNextOptionalParams
-  extends coreClient.OperationOptions {
-  /** Filters the results, based on a Boolean condition. Optional. */
-  filter?: string;
-  /** Sorts the results. Optional. */
-  orderby?: string;
-  /** Returns only the first n results. Optional. */
-  top?: number;
-  /** Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. */
-  skipToken?: string;
-}
+  extends coreClient.OperationOptions {}
 
 /** Contains response data for the listNext operation. */
 export type IncidentRelationsListNextResponse = RelationList;
@@ -8956,16 +9406,7 @@ export type MetadataUpdateResponse = MetadataModel;
 
 /** Optional parameters. */
 export interface MetadataListNextOptionalParams
-  extends coreClient.OperationOptions {
-  /** Filters the results, based on a Boolean condition. Optional. */
-  filter?: string;
-  /** Sorts the results. Optional. */
-  orderby?: string;
-  /** Returns only the first n results. Optional. */
-  top?: number;
-  /** Used to skip n elements in the OData query (offset). Returns a nextLink to the next page of results if there are any left. */
-  skip?: number;
-}
+  extends coreClient.OperationOptions {}
 
 /** Contains response data for the listNext operation. */
 export type MetadataListNextResponse = MetadataList;
@@ -9194,16 +9635,7 @@ export type ThreatIntelligenceIndicatorsListResponse = ThreatIntelligenceInforma
 
 /** Optional parameters. */
 export interface ThreatIntelligenceIndicatorsListNextOptionalParams
-  extends coreClient.OperationOptions {
-  /** Filters the results, based on a Boolean condition. Optional. */
-  filter?: string;
-  /** Sorts the results. Optional. */
-  orderby?: string;
-  /** Returns only the first n results. Optional. */
-  top?: number;
-  /** Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. */
-  skipToken?: string;
-}
+  extends coreClient.OperationOptions {}
 
 /** Contains response data for the listNext operation. */
 export type ThreatIntelligenceIndicatorsListNextResponse = ThreatIntelligenceInformationList;
@@ -9248,10 +9680,7 @@ export type WatchlistsCreateOrUpdateResponse = Watchlist;
 
 /** Optional parameters. */
 export interface WatchlistsListNextOptionalParams
-  extends coreClient.OperationOptions {
-  /** Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. */
-  skipToken?: string;
-}
+  extends coreClient.OperationOptions {}
 
 /** Contains response data for the listNext operation. */
 export type WatchlistsListNextResponse = WatchlistList;
@@ -9286,10 +9715,7 @@ export type WatchlistItemsCreateOrUpdateResponse = WatchlistItem;
 
 /** Optional parameters. */
 export interface WatchlistItemsListNextOptionalParams
-  extends coreClient.OperationOptions {
-  /** Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. */
-  skipToken?: string;
-}
+  extends coreClient.OperationOptions {}
 
 /** Contains response data for the listNext operation. */
 export type WatchlistItemsListNextResponse = WatchlistItemList;