diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/api/Azure.ResourceManager.SecurityInsights.netstandard2.0.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/api/Azure.ResourceManager.SecurityInsights.netstandard2.0.cs index ed3ecb1ea90d7..958f2b8aa948c 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/api/Azure.ResourceManager.SecurityInsights.netstandard2.0.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/api/Azure.ResourceManager.SecurityInsights.netstandard2.0.cs @@ -1201,9 +1201,41 @@ public partial class AlertDetailsOverride public AlertDetailsOverride() { } public string AlertDescriptionFormat { get { throw null; } set { } } public string AlertDisplayNameFormat { get { throw null; } set { } } + public System.Collections.Generic.IList AlertDynamicProperties { get { throw null; } } public string AlertSeverityColumnName { get { throw null; } set { } } public string AlertTacticsColumnName { get { throw null; } set { } } } + [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] + public readonly partial struct AlertProperty : System.IEquatable + { + private readonly object _dummy; + private readonly int _dummyPrimitive; + public AlertProperty(string value) { throw null; } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty AlertLink { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty ConfidenceLevel { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty ConfidenceScore { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty ExtendedLinks { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty ProductComponentName { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty ProductName { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty ProviderName { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty RemediationSteps { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty Techniques { get { throw null; } } + public bool Equals(Azure.ResourceManager.SecurityInsights.Models.AlertProperty other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override int GetHashCode() { throw null; } + public static bool operator ==(Azure.ResourceManager.SecurityInsights.Models.AlertProperty left, Azure.ResourceManager.SecurityInsights.Models.AlertProperty right) { throw null; } + public static implicit operator Azure.ResourceManager.SecurityInsights.Models.AlertProperty (string value) { throw null; } + public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.AlertProperty left, Azure.ResourceManager.SecurityInsights.Models.AlertProperty right) { throw null; } + public override string ToString() { throw null; } + } + public partial class AlertPropertyMapping + { + public AlertPropertyMapping() { } + public Azure.ResourceManager.SecurityInsights.Models.AlertProperty? AlertProperty { get { throw null; } set { } } + public string Value { get { throw null; } set { } } + } public partial class AlertRuleTemplateDataSource { public AlertRuleTemplateDataSource() { } @@ -1358,6 +1390,30 @@ public abstract partial class AutomationRuleAction protected AutomationRuleAction(int order) { } public int Order { get { throw null; } set { } } } + public partial class AutomationRuleBooleanCondition + { + public AutomationRuleBooleanCondition() { } + public System.Collections.Generic.IList InnerConditions { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator? Operator { get { throw null; } set { } } + } + [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] + public readonly partial struct AutomationRuleBooleanConditionSupportedOperator : System.IEquatable + { + private readonly object _dummy; + private readonly int _dummyPrimitive; + public AutomationRuleBooleanConditionSupportedOperator(string value) { throw null; } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator And { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator Or { get { throw null; } } + public bool Equals(Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override int GetHashCode() { throw null; } + public static bool operator ==(Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator left, Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator right) { throw null; } + public static implicit operator Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator (string value) { throw null; } + public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator left, Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator right) { throw null; } + public override string ToString() { throw null; } + } public abstract partial class AutomationRuleCondition { protected AutomationRuleCondition() { } @@ -1411,6 +1467,48 @@ public AutomationRulePropertyArrayChangedValuesCondition() { } public Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayChangedConditionSupportedChangeType? ChangeType { get { throw null; } set { } } } [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] + public readonly partial struct AutomationRulePropertyArrayConditionSupportedArrayConditionType : System.IEquatable + { + private readonly object _dummy; + private readonly int _dummyPrimitive; + public AutomationRulePropertyArrayConditionSupportedArrayConditionType(string value) { throw null; } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType AnyItem { get { throw null; } } + public bool Equals(Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override int GetHashCode() { throw null; } + public static bool operator ==(Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType left, Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType right) { throw null; } + public static implicit operator Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType (string value) { throw null; } + public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType left, Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType right) { throw null; } + public override string ToString() { throw null; } + } + [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] + public readonly partial struct AutomationRulePropertyArrayConditionSupportedArrayType : System.IEquatable + { + private readonly object _dummy; + private readonly int _dummyPrimitive; + public AutomationRulePropertyArrayConditionSupportedArrayType(string value) { throw null; } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType CustomDetails { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType CustomDetailValues { get { throw null; } } + public bool Equals(Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override int GetHashCode() { throw null; } + public static bool operator ==(Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType left, Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType right) { throw null; } + public static implicit operator Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType (string value) { throw null; } + public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType left, Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType right) { throw null; } + public override string ToString() { throw null; } + } + public partial class AutomationRulePropertyArrayValuesCondition + { + public AutomationRulePropertyArrayValuesCondition() { } + public Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType? ArrayConditionType { get { throw null; } set { } } + public Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType? ArrayType { get { throw null; } set { } } + public System.Collections.Generic.IList ItemConditions { get { throw null; } } + } + [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] public readonly partial struct AutomationRulePropertyChangedConditionSupportedChangedType : System.IEquatable { private readonly object _dummy; @@ -1500,6 +1598,8 @@ public AutomationRulePropertyArrayChangedValuesCondition() { } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty HostNetBiosName { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty HostNTDomain { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty HostOSVersion { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentCustomDetailsKey { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentCustomDetailsValue { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentDescription { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentLabel { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentProviderName { get { throw null; } } @@ -1508,6 +1608,7 @@ public AutomationRulePropertyArrayChangedValuesCondition() { } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentStatus { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentTactics { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentTitle { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentUpdatedBySource { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IoTDeviceId { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IoTDeviceModel { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IoTDeviceName { get { throw null; } } @@ -1666,6 +1767,11 @@ internal BookmarkTimelineItem() { } public string Notes { get { throw null; } } public System.DateTimeOffset? StartTimeUtc { get { throw null; } } } + public partial class BooleanConditionProperties : Azure.ResourceManager.SecurityInsights.Models.AutomationRuleCondition + { + public BooleanConditionProperties() { } + public Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanCondition ConditionProperties { get { throw null; } set { } } + } public partial class ClientInfo { internal ClientInfo() { } @@ -3259,8 +3365,8 @@ public MalwareEntity() { } } public partial class ManualTriggerRequestBody { - public ManualTriggerRequestBody() { } - public string LogicAppsResourceId { get { throw null; } set { } } + public ManualTriggerRequestBody(string logicAppsResourceId) { } + public string LogicAppsResourceId { get { throw null; } } public System.Guid? TenantId { get { throw null; } set { } } } [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] @@ -3496,9 +3602,11 @@ public NrtAlertRule() { } public string DisplayName { get { throw null; } set { } } public bool? Enabled { get { throw null; } set { } } public System.Collections.Generic.IList EntityMappings { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.EventGroupingAggregationKind? EventGroupingAggregationKind { get { throw null; } set { } } public Azure.ResourceManager.SecurityInsights.Models.IncidentConfiguration IncidentConfiguration { get { throw null; } set { } } public System.DateTimeOffset? LastModifiedUtc { get { throw null; } } public string Query { get { throw null; } set { } } + public System.Collections.Generic.IList SentinelEntitiesMappings { get { throw null; } } public Azure.ResourceManager.SecurityInsights.Models.AlertSeverity? Severity { get { throw null; } set { } } public System.TimeSpan? SuppressionDuration { get { throw null; } set { } } public bool? SuppressionEnabled { get { throw null; } set { } } @@ -3516,9 +3624,11 @@ public NrtAlertRuleTemplate() { } public string Description { get { throw null; } set { } } public string DisplayName { get { throw null; } set { } } public System.Collections.Generic.IList EntityMappings { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.EventGroupingAggregationKind? EventGroupingAggregationKind { get { throw null; } set { } } public System.DateTimeOffset? LastUpdatedDateUTC { get { throw null; } } public string Query { get { throw null; } set { } } public System.Collections.Generic.IList RequiredDataConnectors { get { throw null; } } + public System.Collections.Generic.IList SentinelEntitiesMappings { get { throw null; } } public Azure.ResourceManager.SecurityInsights.Models.AlertSeverity? Severity { get { throw null; } set { } } public Azure.ResourceManager.SecurityInsights.Models.TemplateStatus? Status { get { throw null; } set { } } public System.Collections.Generic.IList Tactics { get { throw null; } } @@ -3720,6 +3830,11 @@ public partial class PropertyArrayChangedConditionProperties : Azure.ResourceMan public PropertyArrayChangedConditionProperties() { } public Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayChangedValuesCondition ConditionProperties { get { throw null; } set { } } } + public partial class PropertyArrayConditionProperties : Azure.ResourceManager.SecurityInsights.Models.AutomationRuleCondition + { + public PropertyArrayConditionProperties() { } + public Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayValuesCondition ConditionProperties { get { throw null; } set { } } + } public partial class PropertyChangedConditionProperties : Azure.ResourceManager.SecurityInsights.Models.AutomationRuleCondition { public PropertyChangedConditionProperties() { } @@ -3900,6 +4015,7 @@ public ScheduledAlertRule() { } public string Query { get { throw null; } set { } } public System.TimeSpan? QueryFrequency { get { throw null; } set { } } public System.TimeSpan? QueryPeriod { get { throw null; } set { } } + public System.Collections.Generic.IList SentinelEntitiesMappings { get { throw null; } } public Azure.ResourceManager.SecurityInsights.Models.AlertSeverity? Severity { get { throw null; } set { } } public System.TimeSpan? SuppressionDuration { get { throw null; } set { } } public bool? SuppressionEnabled { get { throw null; } set { } } @@ -3925,6 +4041,7 @@ public ScheduledAlertRuleTemplate() { } public System.TimeSpan? QueryFrequency { get { throw null; } set { } } public System.TimeSpan? QueryPeriod { get { throw null; } set { } } public System.Collections.Generic.IList RequiredDataConnectors { get { throw null; } } + public System.Collections.Generic.IList SentinelEntitiesMappings { get { throw null; } } public Azure.ResourceManager.SecurityInsights.Models.AlertSeverity? Severity { get { throw null; } set { } } public Azure.ResourceManager.SecurityInsights.Models.TemplateStatus? Status { get { throw null; } set { } } public System.Collections.Generic.IList Tactics { get { throw null; } } @@ -3978,9 +4095,11 @@ internal SecurityAlertTimelineItem() { } public string Description { get { throw null; } } public string DisplayName { get { throw null; } } public System.DateTimeOffset EndTimeUtc { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.KillChainIntent? Intent { get { throw null; } } public string ProductName { get { throw null; } } public Azure.ResourceManager.SecurityInsights.Models.AlertSeverity Severity { get { throw null; } } public System.DateTimeOffset StartTimeUtc { get { throw null; } } + public System.Collections.Generic.IReadOnlyList Techniques { get { throw null; } } public System.DateTimeOffset TimeGenerated { get { throw null; } } } public partial class SecurityGroupEntity : Azure.ResourceManager.SecurityInsights.EntityData @@ -4031,6 +4150,11 @@ public SecurityMLAnalyticsSettingsDataSource() { } public string ConnectorId { get { throw null; } set { } } public System.Collections.Generic.IList DataTypes { get { throw null; } } } + public partial class SentinelEntityMapping + { + public SentinelEntityMapping() { } + public string ColumnName { get { throw null; } set { } } + } [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] public readonly partial struct SettingsStatus : System.IEquatable { diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.Serialization.cs index 7fdbbec084deb..ec2168f270354 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.Serialization.cs @@ -5,6 +5,7 @@ #nullable disable +using System.Collections.Generic; using System.Text.Json; using Azure.Core; @@ -35,6 +36,16 @@ void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) writer.WritePropertyName("alertSeverityColumnName"); writer.WriteStringValue(AlertSeverityColumnName); } + if (Optional.IsCollectionDefined(AlertDynamicProperties)) + { + writer.WritePropertyName("alertDynamicProperties"); + writer.WriteStartArray(); + foreach (var item in AlertDynamicProperties) + { + writer.WriteObjectValue(item); + } + writer.WriteEndArray(); + } writer.WriteEndObject(); } @@ -44,6 +55,7 @@ internal static AlertDetailsOverride DeserializeAlertDetailsOverride(JsonElement Optional alertDescriptionFormat = default; Optional alertTacticsColumnName = default; Optional alertSeverityColumnName = default; + Optional> alertDynamicProperties = default; foreach (var property in element.EnumerateObject()) { if (property.NameEquals("alertDisplayNameFormat")) @@ -66,8 +78,23 @@ internal static AlertDetailsOverride DeserializeAlertDetailsOverride(JsonElement alertSeverityColumnName = property.Value.GetString(); continue; } + if (property.NameEquals("alertDynamicProperties")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property.Value.EnumerateArray()) + { + array.Add(AlertPropertyMapping.DeserializeAlertPropertyMapping(item)); + } + alertDynamicProperties = array; + continue; + } } - return new AlertDetailsOverride(alertDisplayNameFormat.Value, alertDescriptionFormat.Value, alertTacticsColumnName.Value, alertSeverityColumnName.Value); + return new AlertDetailsOverride(alertDisplayNameFormat.Value, alertDescriptionFormat.Value, alertTacticsColumnName.Value, alertSeverityColumnName.Value, Optional.ToList(alertDynamicProperties)); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.cs index e461da5f89945..04c5d5f84ff9b 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.cs @@ -5,6 +5,9 @@ #nullable disable +using System.Collections.Generic; +using Azure.Core; + namespace Azure.ResourceManager.SecurityInsights.Models { /// Settings for how to dynamically override alert static details. @@ -13,6 +16,7 @@ public partial class AlertDetailsOverride /// Initializes a new instance of AlertDetailsOverride. public AlertDetailsOverride() { + AlertDynamicProperties = new ChangeTrackingList(); } /// Initializes a new instance of AlertDetailsOverride. @@ -20,12 +24,14 @@ public AlertDetailsOverride() /// the format containing columns name(s) to override the alert description. /// the column name to take the alert tactics from. /// the column name to take the alert severity from. - internal AlertDetailsOverride(string alertDisplayNameFormat, string alertDescriptionFormat, string alertTacticsColumnName, string alertSeverityColumnName) + /// List of additional dynamic properties to override. + internal AlertDetailsOverride(string alertDisplayNameFormat, string alertDescriptionFormat, string alertTacticsColumnName, string alertSeverityColumnName, IList alertDynamicProperties) { AlertDisplayNameFormat = alertDisplayNameFormat; AlertDescriptionFormat = alertDescriptionFormat; AlertTacticsColumnName = alertTacticsColumnName; AlertSeverityColumnName = alertSeverityColumnName; + AlertDynamicProperties = alertDynamicProperties; } /// the format containing columns name(s) to override the alert name. @@ -36,5 +42,7 @@ internal AlertDetailsOverride(string alertDisplayNameFormat, string alertDescrip public string AlertTacticsColumnName { get; set; } /// the column name to take the alert severity from. public string AlertSeverityColumnName { get; set; } + /// List of additional dynamic properties to override. + public IList AlertDynamicProperties { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertProperty.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertProperty.cs new file mode 100644 index 0000000000000..5e60dba30a0b9 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertProperty.cs @@ -0,0 +1,72 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.ComponentModel; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// The V3 alert property. + public readonly partial struct AlertProperty : IEquatable + { + private readonly string _value; + + /// Initializes a new instance of . + /// is null. + public AlertProperty(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + private const string AlertLinkValue = "AlertLink"; + private const string ConfidenceLevelValue = "ConfidenceLevel"; + private const string ConfidenceScoreValue = "ConfidenceScore"; + private const string ExtendedLinksValue = "ExtendedLinks"; + private const string ProductNameValue = "ProductName"; + private const string ProviderNameValue = "ProviderName"; + private const string ProductComponentNameValue = "ProductComponentName"; + private const string RemediationStepsValue = "RemediationSteps"; + private const string TechniquesValue = "Techniques"; + + /// Alert's link. + public static AlertProperty AlertLink { get; } = new AlertProperty(AlertLinkValue); + /// Confidence level property. + public static AlertProperty ConfidenceLevel { get; } = new AlertProperty(ConfidenceLevelValue); + /// Confidence score. + public static AlertProperty ConfidenceScore { get; } = new AlertProperty(ConfidenceScoreValue); + /// Extended links to the alert. + public static AlertProperty ExtendedLinks { get; } = new AlertProperty(ExtendedLinksValue); + /// Product name alert property. + public static AlertProperty ProductName { get; } = new AlertProperty(ProductNameValue); + /// Provider name alert property. + public static AlertProperty ProviderName { get; } = new AlertProperty(ProviderNameValue); + /// Product component name alert property. + public static AlertProperty ProductComponentName { get; } = new AlertProperty(ProductComponentNameValue); + /// Remediation steps alert property. + public static AlertProperty RemediationSteps { get; } = new AlertProperty(RemediationStepsValue); + /// Techniques alert property. + public static AlertProperty Techniques { get; } = new AlertProperty(TechniquesValue); + /// Determines if two values are the same. + public static bool operator ==(AlertProperty left, AlertProperty right) => left.Equals(right); + /// Determines if two values are not the same. + public static bool operator !=(AlertProperty left, AlertProperty right) => !left.Equals(right); + /// Converts a string to a . + public static implicit operator AlertProperty(string value) => new AlertProperty(value); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object obj) => obj is AlertProperty other && Equals(other); + /// + public bool Equals(AlertProperty other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + /// + public override string ToString() => _value; + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertPropertyMapping.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertPropertyMapping.Serialization.cs new file mode 100644 index 0000000000000..2d51e09e0af6a --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertPropertyMapping.Serialization.cs @@ -0,0 +1,56 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class AlertPropertyMapping : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(AlertProperty)) + { + writer.WritePropertyName("alertProperty"); + writer.WriteStringValue(AlertProperty.Value.ToString()); + } + if (Optional.IsDefined(Value)) + { + writer.WritePropertyName("value"); + writer.WriteStringValue(Value); + } + writer.WriteEndObject(); + } + + internal static AlertPropertyMapping DeserializeAlertPropertyMapping(JsonElement element) + { + Optional alertProperty = default; + Optional value = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("alertProperty")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + alertProperty = new AlertProperty(property.Value.GetString()); + continue; + } + if (property.NameEquals("value")) + { + value = property.Value.GetString(); + continue; + } + } + return new AlertPropertyMapping(Optional.ToNullable(alertProperty), value.Value); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertPropertyMapping.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertPropertyMapping.cs new file mode 100644 index 0000000000000..34e379b8cadef --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertPropertyMapping.cs @@ -0,0 +1,32 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// A single alert property mapping to override. + public partial class AlertPropertyMapping + { + /// Initializes a new instance of AlertPropertyMapping. + public AlertPropertyMapping() + { + } + + /// Initializes a new instance of AlertPropertyMapping. + /// The V3 alert property. + /// the column name to use to override this property. + internal AlertPropertyMapping(AlertProperty? alertProperty, string value) + { + AlertProperty = alertProperty; + Value = value; + } + + /// The V3 alert property. + public AlertProperty? AlertProperty { get; set; } + /// the column name to use to override this property. + public string Value { get; set; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanCondition.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanCondition.Serialization.cs new file mode 100644 index 0000000000000..c90e163e2f0ce --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanCondition.Serialization.cs @@ -0,0 +1,72 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Collections.Generic; +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class AutomationRuleBooleanCondition : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(Operator)) + { + writer.WritePropertyName("operator"); + writer.WriteStringValue(Operator.Value.ToString()); + } + if (Optional.IsCollectionDefined(InnerConditions)) + { + writer.WritePropertyName("innerConditions"); + writer.WriteStartArray(); + foreach (var item in InnerConditions) + { + writer.WriteObjectValue(item); + } + writer.WriteEndArray(); + } + writer.WriteEndObject(); + } + + internal static AutomationRuleBooleanCondition DeserializeAutomationRuleBooleanCondition(JsonElement element) + { + Optional @operator = default; + Optional> innerConditions = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("operator")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + @operator = new AutomationRuleBooleanConditionSupportedOperator(property.Value.GetString()); + continue; + } + if (property.NameEquals("innerConditions")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property.Value.EnumerateArray()) + { + array.Add(AutomationRuleCondition.DeserializeAutomationRuleCondition(item)); + } + innerConditions = array; + continue; + } + } + return new AutomationRuleBooleanCondition(Optional.ToNullable(@operator), Optional.ToList(innerConditions)); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanCondition.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanCondition.cs new file mode 100644 index 0000000000000..37632e7d03280 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanCondition.cs @@ -0,0 +1,42 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Collections.Generic; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// The AutomationRuleBooleanCondition. + public partial class AutomationRuleBooleanCondition + { + /// Initializes a new instance of AutomationRuleBooleanCondition. + public AutomationRuleBooleanCondition() + { + InnerConditions = new ChangeTrackingList(); + } + + /// Initializes a new instance of AutomationRuleBooleanCondition. + /// + /// + /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. + /// The available derived classes include , , , and . + /// + internal AutomationRuleBooleanCondition(AutomationRuleBooleanConditionSupportedOperator? @operator, IList innerConditions) + { + Operator = @operator; + InnerConditions = innerConditions; + } + + /// Gets or sets the operator. + public AutomationRuleBooleanConditionSupportedOperator? Operator { get; set; } + /// + /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. + /// The available derived classes include , , , and . + /// + public IList InnerConditions { get; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanConditionSupportedOperator.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanConditionSupportedOperator.cs new file mode 100644 index 0000000000000..c7ac2c77e3d45 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanConditionSupportedOperator.cs @@ -0,0 +1,51 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.ComponentModel; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// The AutomationRuleBooleanConditionSupportedOperator. + public readonly partial struct AutomationRuleBooleanConditionSupportedOperator : IEquatable + { + private readonly string _value; + + /// Initializes a new instance of . + /// is null. + public AutomationRuleBooleanConditionSupportedOperator(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + private const string AndValue = "And"; + private const string OrValue = "Or"; + + /// Evaluates as true if all the item conditions are evaluated as true. + public static AutomationRuleBooleanConditionSupportedOperator And { get; } = new AutomationRuleBooleanConditionSupportedOperator(AndValue); + /// Evaluates as true if at least one of the item conditions are evaluated as true. + public static AutomationRuleBooleanConditionSupportedOperator Or { get; } = new AutomationRuleBooleanConditionSupportedOperator(OrValue); + /// Determines if two values are the same. + public static bool operator ==(AutomationRuleBooleanConditionSupportedOperator left, AutomationRuleBooleanConditionSupportedOperator right) => left.Equals(right); + /// Determines if two values are not the same. + public static bool operator !=(AutomationRuleBooleanConditionSupportedOperator left, AutomationRuleBooleanConditionSupportedOperator right) => !left.Equals(right); + /// Converts a string to a . + public static implicit operator AutomationRuleBooleanConditionSupportedOperator(string value) => new AutomationRuleBooleanConditionSupportedOperator(value); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object obj) => obj is AutomationRuleBooleanConditionSupportedOperator other && Equals(other); + /// + public bool Equals(AutomationRuleBooleanConditionSupportedOperator other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + /// + public override string ToString() => _value; + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.Serialization.cs index bea9964c8ac26..779799e225614 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.Serialization.cs @@ -26,7 +26,9 @@ internal static AutomationRuleCondition DeserializeAutomationRuleCondition(JsonE { switch (discriminator.GetString()) { + case "Boolean": return BooleanConditionProperties.DeserializeBooleanConditionProperties(element); case "Property": return PropertyConditionProperties.DeserializePropertyConditionProperties(element); + case "PropertyArray": return PropertyArrayConditionProperties.DeserializePropertyArrayConditionProperties(element); case "PropertyArrayChanged": return PropertyArrayChangedConditionProperties.DeserializePropertyArrayChangedConditionProperties(element); case "PropertyChanged": return PropertyChangedConditionProperties.DeserializePropertyChangedConditionProperties(element); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.cs index b5e7cd637d96c..363e1d580d121 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.cs @@ -10,7 +10,7 @@ namespace Azure.ResourceManager.SecurityInsights.Models /// /// Describes an automation rule condition. /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. - /// The available derived classes include , and . + /// The available derived classes include , , , and . /// public abstract partial class AutomationRuleCondition { diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayConditionSupportedArrayConditionType.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayConditionSupportedArrayConditionType.cs new file mode 100644 index 0000000000000..c800528f61aa0 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayConditionSupportedArrayConditionType.cs @@ -0,0 +1,48 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.ComponentModel; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// The AutomationRulePropertyArrayConditionSupportedArrayConditionType. + public readonly partial struct AutomationRulePropertyArrayConditionSupportedArrayConditionType : IEquatable + { + private readonly string _value; + + /// Initializes a new instance of . + /// is null. + public AutomationRulePropertyArrayConditionSupportedArrayConditionType(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + private const string AnyItemValue = "AnyItem"; + + /// Evaluate the condition as true if any item fulfills it. + public static AutomationRulePropertyArrayConditionSupportedArrayConditionType AnyItem { get; } = new AutomationRulePropertyArrayConditionSupportedArrayConditionType(AnyItemValue); + /// Determines if two values are the same. + public static bool operator ==(AutomationRulePropertyArrayConditionSupportedArrayConditionType left, AutomationRulePropertyArrayConditionSupportedArrayConditionType right) => left.Equals(right); + /// Determines if two values are not the same. + public static bool operator !=(AutomationRulePropertyArrayConditionSupportedArrayConditionType left, AutomationRulePropertyArrayConditionSupportedArrayConditionType right) => !left.Equals(right); + /// Converts a string to a . + public static implicit operator AutomationRulePropertyArrayConditionSupportedArrayConditionType(string value) => new AutomationRulePropertyArrayConditionSupportedArrayConditionType(value); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object obj) => obj is AutomationRulePropertyArrayConditionSupportedArrayConditionType other && Equals(other); + /// + public bool Equals(AutomationRulePropertyArrayConditionSupportedArrayConditionType other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + /// + public override string ToString() => _value; + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayConditionSupportedArrayType.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayConditionSupportedArrayType.cs new file mode 100644 index 0000000000000..a599c41f440c2 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayConditionSupportedArrayType.cs @@ -0,0 +1,51 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.ComponentModel; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// The AutomationRulePropertyArrayConditionSupportedArrayType. + public readonly partial struct AutomationRulePropertyArrayConditionSupportedArrayType : IEquatable + { + private readonly string _value; + + /// Initializes a new instance of . + /// is null. + public AutomationRulePropertyArrayConditionSupportedArrayType(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + private const string CustomDetailsValue = "CustomDetails"; + private const string CustomDetailValuesValue = "CustomDetailValues"; + + /// Evaluate the condition on the custom detail keys. + public static AutomationRulePropertyArrayConditionSupportedArrayType CustomDetails { get; } = new AutomationRulePropertyArrayConditionSupportedArrayType(CustomDetailsValue); + /// Evaluate the condition on a custom detail's values. + public static AutomationRulePropertyArrayConditionSupportedArrayType CustomDetailValues { get; } = new AutomationRulePropertyArrayConditionSupportedArrayType(CustomDetailValuesValue); + /// Determines if two values are the same. + public static bool operator ==(AutomationRulePropertyArrayConditionSupportedArrayType left, AutomationRulePropertyArrayConditionSupportedArrayType right) => left.Equals(right); + /// Determines if two values are not the same. + public static bool operator !=(AutomationRulePropertyArrayConditionSupportedArrayType left, AutomationRulePropertyArrayConditionSupportedArrayType right) => !left.Equals(right); + /// Converts a string to a . + public static implicit operator AutomationRulePropertyArrayConditionSupportedArrayType(string value) => new AutomationRulePropertyArrayConditionSupportedArrayType(value); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object obj) => obj is AutomationRulePropertyArrayConditionSupportedArrayType other && Equals(other); + /// + public bool Equals(AutomationRulePropertyArrayConditionSupportedArrayType other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + /// + public override string ToString() => _value; + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayValuesCondition.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayValuesCondition.Serialization.cs new file mode 100644 index 0000000000000..a214b36d93174 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayValuesCondition.Serialization.cs @@ -0,0 +1,88 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Collections.Generic; +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class AutomationRulePropertyArrayValuesCondition : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(ArrayType)) + { + writer.WritePropertyName("arrayType"); + writer.WriteStringValue(ArrayType.Value.ToString()); + } + if (Optional.IsDefined(ArrayConditionType)) + { + writer.WritePropertyName("arrayConditionType"); + writer.WriteStringValue(ArrayConditionType.Value.ToString()); + } + if (Optional.IsCollectionDefined(ItemConditions)) + { + writer.WritePropertyName("itemConditions"); + writer.WriteStartArray(); + foreach (var item in ItemConditions) + { + writer.WriteObjectValue(item); + } + writer.WriteEndArray(); + } + writer.WriteEndObject(); + } + + internal static AutomationRulePropertyArrayValuesCondition DeserializeAutomationRulePropertyArrayValuesCondition(JsonElement element) + { + Optional arrayType = default; + Optional arrayConditionType = default; + Optional> itemConditions = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("arrayType")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + arrayType = new AutomationRulePropertyArrayConditionSupportedArrayType(property.Value.GetString()); + continue; + } + if (property.NameEquals("arrayConditionType")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + arrayConditionType = new AutomationRulePropertyArrayConditionSupportedArrayConditionType(property.Value.GetString()); + continue; + } + if (property.NameEquals("itemConditions")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property.Value.EnumerateArray()) + { + array.Add(AutomationRuleCondition.DeserializeAutomationRuleCondition(item)); + } + itemConditions = array; + continue; + } + } + return new AutomationRulePropertyArrayValuesCondition(Optional.ToNullable(arrayType), Optional.ToNullable(arrayConditionType), Optional.ToList(itemConditions)); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayValuesCondition.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayValuesCondition.cs new file mode 100644 index 0000000000000..2af0e417d2930 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayValuesCondition.cs @@ -0,0 +1,46 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Collections.Generic; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// The AutomationRulePropertyArrayValuesCondition. + public partial class AutomationRulePropertyArrayValuesCondition + { + /// Initializes a new instance of AutomationRulePropertyArrayValuesCondition. + public AutomationRulePropertyArrayValuesCondition() + { + ItemConditions = new ChangeTrackingList(); + } + + /// Initializes a new instance of AutomationRulePropertyArrayValuesCondition. + /// + /// + /// + /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. + /// The available derived classes include , , , and . + /// + internal AutomationRulePropertyArrayValuesCondition(AutomationRulePropertyArrayConditionSupportedArrayType? arrayType, AutomationRulePropertyArrayConditionSupportedArrayConditionType? arrayConditionType, IList itemConditions) + { + ArrayType = arrayType; + ArrayConditionType = arrayConditionType; + ItemConditions = itemConditions; + } + + /// Gets or sets the array type. + public AutomationRulePropertyArrayConditionSupportedArrayType? ArrayType { get; set; } + /// Gets or sets the array condition type. + public AutomationRulePropertyArrayConditionSupportedArrayConditionType? ArrayConditionType { get; set; } + /// + /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. + /// The available derived classes include , , , and . + /// + public IList ItemConditions { get; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyConditionSupportedProperty.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyConditionSupportedProperty.cs index dea82c9b3ed07..00ad1fadfcaca 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyConditionSupportedProperty.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyConditionSupportedProperty.cs @@ -30,6 +30,9 @@ public AutomationRulePropertyConditionSupportedProperty(string value) private const string IncidentTacticsValue = "IncidentTactics"; private const string IncidentLabelValue = "IncidentLabel"; private const string IncidentProviderNameValue = "IncidentProviderName"; + private const string IncidentUpdatedBySourceValue = "IncidentUpdatedBySource"; + private const string IncidentCustomDetailsKeyValue = "IncidentCustomDetailsKey"; + private const string IncidentCustomDetailsValueValue = "IncidentCustomDetailsValue"; private const string AccountAadTenantIdValue = "AccountAadTenantId"; private const string AccountAadUserIdValue = "AccountAadUserId"; private const string AccountNameValue = "AccountName"; @@ -94,6 +97,12 @@ public AutomationRulePropertyConditionSupportedProperty(string value) public static AutomationRulePropertyConditionSupportedProperty IncidentLabel { get; } = new AutomationRulePropertyConditionSupportedProperty(IncidentLabelValue); /// The provider name of the incident. public static AutomationRulePropertyConditionSupportedProperty IncidentProviderName { get; } = new AutomationRulePropertyConditionSupportedProperty(IncidentProviderNameValue); + /// The update source of the incident. + public static AutomationRulePropertyConditionSupportedProperty IncidentUpdatedBySource { get; } = new AutomationRulePropertyConditionSupportedProperty(IncidentUpdatedBySourceValue); + /// The incident custom detail key. + public static AutomationRulePropertyConditionSupportedProperty IncidentCustomDetailsKey { get; } = new AutomationRulePropertyConditionSupportedProperty(IncidentCustomDetailsKeyValue); + /// The incident custom detail value. + public static AutomationRulePropertyConditionSupportedProperty IncidentCustomDetailsValue { get; } = new AutomationRulePropertyConditionSupportedProperty(IncidentCustomDetailsValueValue); /// The account Azure Active Directory tenant id. public static AutomationRulePropertyConditionSupportedProperty AccountAadTenantId { get; } = new AutomationRulePropertyConditionSupportedProperty(AccountAadTenantIdValue); /// The account Azure Active Directory user id. diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleTriggeringLogic.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleTriggeringLogic.cs index f1b80992b80e1..3aa3d95b3ab53 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleTriggeringLogic.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleTriggeringLogic.cs @@ -34,7 +34,7 @@ public AutomationRuleTriggeringLogic(bool isEnabled, TriggersOn triggersOn, Trig /// /// The conditions to evaluate to determine if the automation rule should be triggered on a given object. /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. - /// The available derived classes include , and . + /// The available derived classes include , , , and . /// internal AutomationRuleTriggeringLogic(bool isEnabled, DateTimeOffset? expirationTimeUtc, TriggersOn triggersOn, TriggersWhen triggersWhen, IList conditions) { @@ -56,7 +56,7 @@ internal AutomationRuleTriggeringLogic(bool isEnabled, DateTimeOffset? expiratio /// /// The conditions to evaluate to determine if the automation rule should be triggered on a given object. /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. - /// The available derived classes include , and . + /// The available derived classes include , , , and . /// public IList Conditions { get; } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/BooleanConditionProperties.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/BooleanConditionProperties.Serialization.cs new file mode 100644 index 0000000000000..08f53e3058af8 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/BooleanConditionProperties.Serialization.cs @@ -0,0 +1,53 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class BooleanConditionProperties : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(ConditionProperties)) + { + writer.WritePropertyName("conditionProperties"); + writer.WriteObjectValue(ConditionProperties); + } + writer.WritePropertyName("conditionType"); + writer.WriteStringValue(ConditionType.ToString()); + writer.WriteEndObject(); + } + + internal static BooleanConditionProperties DeserializeBooleanConditionProperties(JsonElement element) + { + Optional conditionProperties = default; + ConditionType conditionType = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("conditionProperties")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + conditionProperties = AutomationRuleBooleanCondition.DeserializeAutomationRuleBooleanCondition(property.Value); + continue; + } + if (property.NameEquals("conditionType")) + { + conditionType = new ConditionType(property.Value.GetString()); + continue; + } + } + return new BooleanConditionProperties(conditionType, conditionProperties.Value); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/BooleanConditionProperties.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/BooleanConditionProperties.cs new file mode 100644 index 0000000000000..cfa8c8e1b3081 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/BooleanConditionProperties.cs @@ -0,0 +1,31 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// Describes an automation rule condition that applies a boolean operator (e.g AND, OR) to conditions. + public partial class BooleanConditionProperties : AutomationRuleCondition + { + /// Initializes a new instance of BooleanConditionProperties. + public BooleanConditionProperties() + { + ConditionType = ConditionType.Boolean; + } + + /// Initializes a new instance of BooleanConditionProperties. + /// + /// + internal BooleanConditionProperties(ConditionType conditionType, AutomationRuleBooleanCondition conditionProperties) : base(conditionType) + { + ConditionProperties = conditionProperties; + ConditionType = conditionType; + } + + /// Gets or sets the condition properties. + public AutomationRuleBooleanCondition ConditionProperties { get; set; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ConditionType.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ConditionType.cs index c6f7287395fc9..583f92fe8e9b2 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ConditionType.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ConditionType.cs @@ -23,15 +23,21 @@ public ConditionType(string value) } private const string PropertyValue = "Property"; + private const string PropertyArrayValue = "PropertyArray"; private const string PropertyChangedValue = "PropertyChanged"; private const string PropertyArrayChangedValue = "PropertyArrayChanged"; + private const string BooleanValue = "Boolean"; /// Evaluate an object property value. public static ConditionType Property { get; } = new ConditionType(PropertyValue); + /// Evaluate an object array property value. + public static ConditionType PropertyArray { get; } = new ConditionType(PropertyArrayValue); /// Evaluate an object property changed value. public static ConditionType PropertyChanged { get; } = new ConditionType(PropertyChangedValue); /// Evaluate an object array property changed value. public static ConditionType PropertyArrayChanged { get; } = new ConditionType(PropertyArrayChangedValue); + /// Apply a boolean operator (e.g AND, OR) to conditions. + public static ConditionType Boolean { get; } = new ConditionType(BooleanValue); /// Determines if two values are the same. public static bool operator ==(ConditionType left, ConditionType right) => left.Equals(right); /// Determines if two values are not the same. diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/KillChainIntent.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/KillChainIntent.cs index 212fd76649420..55acc876d7b7b 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/KillChainIntent.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/KillChainIntent.cs @@ -10,7 +10,7 @@ namespace Azure.ResourceManager.SecurityInsights.Models { - /// Holds the alert intent stage(s) mapping for this alert. + /// The intent of the alert. public readonly partial struct KillChainIntent : IEquatable { private readonly string _value; diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.Serialization.cs index f39d6887f16aa..bb04c9018e8e1 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.Serialization.cs @@ -20,11 +20,8 @@ void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) writer.WritePropertyName("tenantId"); writer.WriteStringValue(TenantId.Value); } - if (Optional.IsDefined(LogicAppsResourceId)) - { - writer.WritePropertyName("logicAppsResourceId"); - writer.WriteStringValue(LogicAppsResourceId); - } + writer.WritePropertyName("logicAppsResourceId"); + writer.WriteStringValue(LogicAppsResourceId); writer.WriteEndObject(); } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.cs index 1a35d5ad9dcc9..479330951d44e 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.cs @@ -6,6 +6,7 @@ #nullable disable using System; +using Azure.Core; namespace Azure.ResourceManager.SecurityInsights.Models { @@ -13,13 +14,18 @@ namespace Azure.ResourceManager.SecurityInsights.Models public partial class ManualTriggerRequestBody { /// Initializes a new instance of ManualTriggerRequestBody. - public ManualTriggerRequestBody() + /// + /// is null. + public ManualTriggerRequestBody(string logicAppsResourceId) { + Argument.AssertNotNull(logicAppsResourceId, nameof(logicAppsResourceId)); + + LogicAppsResourceId = logicAppsResourceId; } /// Gets or sets the tenant id. public Guid? TenantId { get; set; } - /// Gets or sets the logic apps resource id. - public string LogicAppsResourceId { get; set; } + /// Gets the logic apps resource id. + public string LogicAppsResourceId { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.Serialization.cs index e23a624f97bbd..9573798be8e6a 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.Serialization.cs @@ -124,6 +124,21 @@ void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) writer.WritePropertyName("alertDetailsOverride"); writer.WriteObjectValue(AlertDetailsOverride); } + if (Optional.IsDefined(EventGroupingSettings)) + { + writer.WritePropertyName("eventGroupingSettings"); + writer.WriteObjectValue(EventGroupingSettings); + } + if (Optional.IsCollectionDefined(SentinelEntitiesMappings)) + { + writer.WritePropertyName("sentinelEntitiesMappings"); + writer.WriteStartArray(); + foreach (var item in SentinelEntitiesMappings) + { + writer.WriteObjectValue(item); + } + writer.WriteEndArray(); + } writer.WriteEndObject(); writer.WriteEndObject(); } @@ -152,6 +167,8 @@ internal static NrtAlertRule DeserializeNrtAlertRule(JsonElement element) Optional> customDetails = default; Optional> entityMappings = default; Optional alertDetailsOverride = default; + Optional eventGroupingSettings = default; + Optional> sentinelEntitiesMappings = default; foreach (var property in element.EnumerateObject()) { if (property.NameEquals("kind")) @@ -358,11 +375,36 @@ internal static NrtAlertRule DeserializeNrtAlertRule(JsonElement element) alertDetailsOverride = AlertDetailsOverride.DeserializeAlertDetailsOverride(property0.Value); continue; } + if (property0.NameEquals("eventGroupingSettings")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + eventGroupingSettings = EventGroupingSettings.DeserializeEventGroupingSettings(property0.Value); + continue; + } + if (property0.NameEquals("sentinelEntitiesMappings")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property0.Value.EnumerateArray()) + { + array.Add(SentinelEntityMapping.DeserializeSentinelEntityMapping(item)); + } + sentinelEntitiesMappings = array; + continue; + } } continue; } } - return new NrtAlertRule(id, name, type, systemData.Value, kind, Optional.ToNullable(etag), alertRuleTemplateName.Value, templateVersion.Value, description.Value, query.Value, Optional.ToList(tactics), Optional.ToList(techniques), displayName.Value, Optional.ToNullable(enabled), Optional.ToNullable(lastModifiedUtc), Optional.ToNullable(suppressionDuration), Optional.ToNullable(suppressionEnabled), Optional.ToNullable(severity), incidentConfiguration.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value); + return new NrtAlertRule(id, name, type, systemData.Value, kind, Optional.ToNullable(etag), alertRuleTemplateName.Value, templateVersion.Value, description.Value, query.Value, Optional.ToList(tactics), Optional.ToList(techniques), displayName.Value, Optional.ToNullable(enabled), Optional.ToNullable(lastModifiedUtc), Optional.ToNullable(suppressionDuration), Optional.ToNullable(suppressionEnabled), Optional.ToNullable(severity), incidentConfiguration.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value, eventGroupingSettings.Value, Optional.ToList(sentinelEntitiesMappings)); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.cs index b7b03ece5ab1b..9758717ed687b 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.cs @@ -24,6 +24,7 @@ public NrtAlertRule() Techniques = new ChangeTrackingList(); CustomDetails = new ChangeTrackingDictionary(); EntityMappings = new ChangeTrackingList(); + SentinelEntitiesMappings = new ChangeTrackingList(); Kind = AlertRuleKind.NRT; } @@ -50,7 +51,9 @@ public NrtAlertRule() /// Dictionary of string key-value pairs of columns to be attached to the alert. /// Array of the entity mappings of the alert rule. /// The alert details override settings. - internal NrtAlertRule(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, ETag? etag, string alertRuleTemplateName, string templateVersion, string description, string query, IList tactics, IList techniques, string displayName, bool? enabled, DateTimeOffset? lastModifiedUtc, TimeSpan? suppressionDuration, bool? suppressionEnabled, AlertSeverity? severity, IncidentConfiguration incidentConfiguration, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride) : base(id, name, resourceType, systemData, kind, etag) + /// The event grouping settings. + /// Array of the sentinel entity mappings of the alert rule. + internal NrtAlertRule(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, ETag? etag, string alertRuleTemplateName, string templateVersion, string description, string query, IList tactics, IList techniques, string displayName, bool? enabled, DateTimeOffset? lastModifiedUtc, TimeSpan? suppressionDuration, bool? suppressionEnabled, AlertSeverity? severity, IncidentConfiguration incidentConfiguration, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride, EventGroupingSettings eventGroupingSettings, IList sentinelEntitiesMappings) : base(id, name, resourceType, systemData, kind, etag) { AlertRuleTemplateName = alertRuleTemplateName; TemplateVersion = templateVersion; @@ -68,6 +71,8 @@ internal NrtAlertRule(ResourceIdentifier id, string name, ResourceType resourceT CustomDetails = customDetails; EntityMappings = entityMappings; AlertDetailsOverride = alertDetailsOverride; + EventGroupingSettings = eventGroupingSettings; + SentinelEntitiesMappings = sentinelEntitiesMappings; Kind = kind; } @@ -103,5 +108,21 @@ internal NrtAlertRule(ResourceIdentifier id, string name, ResourceType resourceT public IList EntityMappings { get; } /// The alert details override settings. public AlertDetailsOverride AlertDetailsOverride { get; set; } + /// The event grouping settings. + internal EventGroupingSettings EventGroupingSettings { get; set; } + /// The event grouping aggregation kinds. + public EventGroupingAggregationKind? EventGroupingAggregationKind + { + get => EventGroupingSettings is null ? default : EventGroupingSettings.AggregationKind; + set + { + if (EventGroupingSettings is null) + EventGroupingSettings = new EventGroupingSettings(); + EventGroupingSettings.AggregationKind = value; + } + } + + /// Array of the sentinel entity mappings of the alert rule. + public IList SentinelEntitiesMappings { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.Serialization.cs index c62697619b853..bd76698af0c2d 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.Serialization.cs @@ -113,6 +113,21 @@ void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) writer.WritePropertyName("alertDetailsOverride"); writer.WriteObjectValue(AlertDetailsOverride); } + if (Optional.IsDefined(EventGroupingSettings)) + { + writer.WritePropertyName("eventGroupingSettings"); + writer.WriteObjectValue(EventGroupingSettings); + } + if (Optional.IsCollectionDefined(SentinelEntitiesMappings)) + { + writer.WritePropertyName("sentinelEntitiesMappings"); + writer.WriteStartArray(); + foreach (var item in SentinelEntitiesMappings) + { + writer.WriteObjectValue(item); + } + writer.WriteEndArray(); + } writer.WriteEndObject(); writer.WriteEndObject(); } @@ -139,6 +154,8 @@ internal static NrtAlertRuleTemplate DeserializeNrtAlertRuleTemplate(JsonElement Optional> customDetails = default; Optional> entityMappings = default; Optional alertDetailsOverride = default; + Optional eventGroupingSettings = default; + Optional> sentinelEntitiesMappings = default; foreach (var property in element.EnumerateObject()) { if (property.NameEquals("kind")) @@ -335,11 +352,36 @@ internal static NrtAlertRuleTemplate DeserializeNrtAlertRuleTemplate(JsonElement alertDetailsOverride = AlertDetailsOverride.DeserializeAlertDetailsOverride(property0.Value); continue; } + if (property0.NameEquals("eventGroupingSettings")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + eventGroupingSettings = EventGroupingSettings.DeserializeEventGroupingSettings(property0.Value); + continue; + } + if (property0.NameEquals("sentinelEntitiesMappings")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property0.Value.EnumerateArray()) + { + array.Add(SentinelEntityMapping.DeserializeSentinelEntityMapping(item)); + } + sentinelEntitiesMappings = array; + continue; + } } continue; } } - return new NrtAlertRuleTemplate(id, name, type, systemData.Value, kind, Optional.ToNullable(alertRulesCreatedByTemplateCount), Optional.ToNullable(lastUpdatedDateUTC), Optional.ToNullable(createdDateUTC), description.Value, displayName.Value, Optional.ToList(requiredDataConnectors), Optional.ToNullable(status), Optional.ToList(tactics), Optional.ToList(techniques), query.Value, Optional.ToNullable(severity), version.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value); + return new NrtAlertRuleTemplate(id, name, type, systemData.Value, kind, Optional.ToNullable(alertRulesCreatedByTemplateCount), Optional.ToNullable(lastUpdatedDateUTC), Optional.ToNullable(createdDateUTC), description.Value, displayName.Value, Optional.ToList(requiredDataConnectors), Optional.ToNullable(status), Optional.ToList(tactics), Optional.ToList(techniques), query.Value, Optional.ToNullable(severity), version.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value, eventGroupingSettings.Value, Optional.ToList(sentinelEntitiesMappings)); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.cs index ac500774fec7c..a532b6bab5258 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.cs @@ -24,6 +24,7 @@ public NrtAlertRuleTemplate() Techniques = new ChangeTrackingList(); CustomDetails = new ChangeTrackingDictionary(); EntityMappings = new ChangeTrackingList(); + SentinelEntitiesMappings = new ChangeTrackingList(); Kind = AlertRuleKind.NRT; } @@ -48,7 +49,9 @@ public NrtAlertRuleTemplate() /// Dictionary of string key-value pairs of columns to be attached to the alert. /// Array of the entity mappings of the alert rule. /// The alert details override settings. - internal NrtAlertRuleTemplate(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, int? alertRulesCreatedByTemplateCount, DateTimeOffset? lastUpdatedDateUTC, DateTimeOffset? createdDateUTC, string description, string displayName, IList requiredDataConnectors, TemplateStatus? status, IList tactics, IList techniques, string query, AlertSeverity? severity, string version, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride) : base(id, name, resourceType, systemData, kind) + /// The event grouping settings. + /// Array of the sentinel entity mappings of the alert rule. + internal NrtAlertRuleTemplate(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, int? alertRulesCreatedByTemplateCount, DateTimeOffset? lastUpdatedDateUTC, DateTimeOffset? createdDateUTC, string description, string displayName, IList requiredDataConnectors, TemplateStatus? status, IList tactics, IList techniques, string query, AlertSeverity? severity, string version, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride, EventGroupingSettings eventGroupingSettings, IList sentinelEntitiesMappings) : base(id, name, resourceType, systemData, kind) { AlertRulesCreatedByTemplateCount = alertRulesCreatedByTemplateCount; LastUpdatedDateUTC = lastUpdatedDateUTC; @@ -65,6 +68,8 @@ internal NrtAlertRuleTemplate(ResourceIdentifier id, string name, ResourceType r CustomDetails = customDetails; EntityMappings = entityMappings; AlertDetailsOverride = alertDetailsOverride; + EventGroupingSettings = eventGroupingSettings; + SentinelEntitiesMappings = sentinelEntitiesMappings; Kind = kind; } @@ -98,5 +103,21 @@ internal NrtAlertRuleTemplate(ResourceIdentifier id, string name, ResourceType r public IList EntityMappings { get; } /// The alert details override settings. public AlertDetailsOverride AlertDetailsOverride { get; set; } + /// The event grouping settings. + internal EventGroupingSettings EventGroupingSettings { get; set; } + /// The event grouping aggregation kinds. + public EventGroupingAggregationKind? EventGroupingAggregationKind + { + get => EventGroupingSettings is null ? default : EventGroupingSettings.AggregationKind; + set + { + if (EventGroupingSettings is null) + EventGroupingSettings = new EventGroupingSettings(); + EventGroupingSettings.AggregationKind = value; + } + } + + /// Array of the sentinel entity mappings of the alert rule. + public IList SentinelEntitiesMappings { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/PropertyArrayConditionProperties.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/PropertyArrayConditionProperties.Serialization.cs new file mode 100644 index 0000000000000..60a144a9090ea --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/PropertyArrayConditionProperties.Serialization.cs @@ -0,0 +1,53 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class PropertyArrayConditionProperties : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(ConditionProperties)) + { + writer.WritePropertyName("conditionProperties"); + writer.WriteObjectValue(ConditionProperties); + } + writer.WritePropertyName("conditionType"); + writer.WriteStringValue(ConditionType.ToString()); + writer.WriteEndObject(); + } + + internal static PropertyArrayConditionProperties DeserializePropertyArrayConditionProperties(JsonElement element) + { + Optional conditionProperties = default; + ConditionType conditionType = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("conditionProperties")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + conditionProperties = AutomationRulePropertyArrayValuesCondition.DeserializeAutomationRulePropertyArrayValuesCondition(property.Value); + continue; + } + if (property.NameEquals("conditionType")) + { + conditionType = new ConditionType(property.Value.GetString()); + continue; + } + } + return new PropertyArrayConditionProperties(conditionType, conditionProperties.Value); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/PropertyArrayConditionProperties.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/PropertyArrayConditionProperties.cs new file mode 100644 index 0000000000000..612c029e63e7d --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/PropertyArrayConditionProperties.cs @@ -0,0 +1,31 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// Describes an automation rule condition that evaluates an array property's value. + public partial class PropertyArrayConditionProperties : AutomationRuleCondition + { + /// Initializes a new instance of PropertyArrayConditionProperties. + public PropertyArrayConditionProperties() + { + ConditionType = ConditionType.PropertyArray; + } + + /// Initializes a new instance of PropertyArrayConditionProperties. + /// + /// + internal PropertyArrayConditionProperties(ConditionType conditionType, AutomationRulePropertyArrayValuesCondition conditionProperties) : base(conditionType) + { + ConditionProperties = conditionProperties; + ConditionType = conditionType; + } + + /// Gets or sets the condition properties. + public AutomationRulePropertyArrayValuesCondition ConditionProperties { get; set; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.Serialization.cs index 9082d9c998ba4..306e6e301fc24 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.Serialization.cs @@ -89,6 +89,16 @@ void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) writer.WritePropertyName("alertDetailsOverride"); writer.WriteObjectValue(AlertDetailsOverride); } + if (Optional.IsCollectionDefined(SentinelEntitiesMappings)) + { + writer.WritePropertyName("sentinelEntitiesMappings"); + writer.WriteStartArray(); + foreach (var item in SentinelEntitiesMappings) + { + writer.WriteObjectValue(item); + } + writer.WriteEndArray(); + } if (Optional.IsDefined(AlertRuleTemplateName)) { writer.WritePropertyName("alertRuleTemplateName"); @@ -171,6 +181,7 @@ internal static ScheduledAlertRule DeserializeScheduledAlertRule(JsonElement ele Optional> customDetails = default; Optional> entityMappings = default; Optional alertDetailsOverride = default; + Optional> sentinelEntitiesMappings = default; Optional alertRuleTemplateName = default; Optional templateVersion = default; Optional description = default; @@ -338,6 +349,21 @@ internal static ScheduledAlertRule DeserializeScheduledAlertRule(JsonElement ele alertDetailsOverride = AlertDetailsOverride.DeserializeAlertDetailsOverride(property0.Value); continue; } + if (property0.NameEquals("sentinelEntitiesMappings")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property0.Value.EnumerateArray()) + { + array.Add(SentinelEntityMapping.DeserializeSentinelEntityMapping(item)); + } + sentinelEntitiesMappings = array; + continue; + } if (property0.NameEquals("alertRuleTemplateName")) { alertRuleTemplateName = property0.Value.GetString(); @@ -442,7 +468,7 @@ internal static ScheduledAlertRule DeserializeScheduledAlertRule(JsonElement ele continue; } } - return new ScheduledAlertRule(id, name, type, systemData.Value, kind, Optional.ToNullable(etag), query.Value, Optional.ToNullable(queryFrequency), Optional.ToNullable(queryPeriod), Optional.ToNullable(severity), Optional.ToNullable(triggerOperator), Optional.ToNullable(triggerThreshold), eventGroupingSettings.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value, alertRuleTemplateName.Value, templateVersion.Value, description.Value, displayName.Value, Optional.ToNullable(enabled), Optional.ToNullable(lastModifiedUtc), Optional.ToNullable(suppressionDuration), Optional.ToNullable(suppressionEnabled), Optional.ToList(tactics), Optional.ToList(techniques), incidentConfiguration.Value); + return new ScheduledAlertRule(id, name, type, systemData.Value, kind, Optional.ToNullable(etag), query.Value, Optional.ToNullable(queryFrequency), Optional.ToNullable(queryPeriod), Optional.ToNullable(severity), Optional.ToNullable(triggerOperator), Optional.ToNullable(triggerThreshold), eventGroupingSettings.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value, Optional.ToList(sentinelEntitiesMappings), alertRuleTemplateName.Value, templateVersion.Value, description.Value, displayName.Value, Optional.ToNullable(enabled), Optional.ToNullable(lastModifiedUtc), Optional.ToNullable(suppressionDuration), Optional.ToNullable(suppressionEnabled), Optional.ToList(tactics), Optional.ToList(techniques), incidentConfiguration.Value); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.cs index 7c44306917b49..8b46f1a96b477 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.cs @@ -22,6 +22,7 @@ public ScheduledAlertRule() { CustomDetails = new ChangeTrackingDictionary(); EntityMappings = new ChangeTrackingList(); + SentinelEntitiesMappings = new ChangeTrackingList(); Tactics = new ChangeTrackingList(); Techniques = new ChangeTrackingList(); Kind = AlertRuleKind.Scheduled; @@ -44,6 +45,7 @@ public ScheduledAlertRule() /// Dictionary of string key-value pairs of columns to be attached to the alert. /// Array of the entity mappings of the alert rule. /// The alert details override settings. + /// Array of the sentinel entity mappings of the alert rule. /// The Name of the alert rule template used to create this rule. /// The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>. /// The description of the alert rule. @@ -55,7 +57,7 @@ public ScheduledAlertRule() /// The tactics of the alert rule. /// The techniques of the alert rule. /// The settings of the incidents that created from alerts triggered by this analytics rule. - internal ScheduledAlertRule(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, ETag? etag, string query, TimeSpan? queryFrequency, TimeSpan? queryPeriod, AlertSeverity? severity, TriggerOperator? triggerOperator, int? triggerThreshold, EventGroupingSettings eventGroupingSettings, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride, string alertRuleTemplateName, string templateVersion, string description, string displayName, bool? enabled, DateTimeOffset? lastModifiedUtc, TimeSpan? suppressionDuration, bool? suppressionEnabled, IList tactics, IList techniques, IncidentConfiguration incidentConfiguration) : base(id, name, resourceType, systemData, kind, etag) + internal ScheduledAlertRule(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, ETag? etag, string query, TimeSpan? queryFrequency, TimeSpan? queryPeriod, AlertSeverity? severity, TriggerOperator? triggerOperator, int? triggerThreshold, EventGroupingSettings eventGroupingSettings, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride, IList sentinelEntitiesMappings, string alertRuleTemplateName, string templateVersion, string description, string displayName, bool? enabled, DateTimeOffset? lastModifiedUtc, TimeSpan? suppressionDuration, bool? suppressionEnabled, IList tactics, IList techniques, IncidentConfiguration incidentConfiguration) : base(id, name, resourceType, systemData, kind, etag) { Query = query; QueryFrequency = queryFrequency; @@ -67,6 +69,7 @@ internal ScheduledAlertRule(ResourceIdentifier id, string name, ResourceType res CustomDetails = customDetails; EntityMappings = entityMappings; AlertDetailsOverride = alertDetailsOverride; + SentinelEntitiesMappings = sentinelEntitiesMappings; AlertRuleTemplateName = alertRuleTemplateName; TemplateVersion = templateVersion; Description = description; @@ -113,6 +116,8 @@ public EventGroupingAggregationKind? EventGroupingAggregationKind public IList EntityMappings { get; } /// The alert details override settings. public AlertDetailsOverride AlertDetailsOverride { get; set; } + /// Array of the sentinel entity mappings of the alert rule. + public IList SentinelEntitiesMappings { get; } /// The Name of the alert rule template used to create this rule. public string AlertRuleTemplateName { get; set; } /// The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>. diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.Serialization.cs index d26e4ed871c9f..07f4756979da5 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.Serialization.cs @@ -138,6 +138,16 @@ void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) writer.WritePropertyName("alertDetailsOverride"); writer.WriteObjectValue(AlertDetailsOverride); } + if (Optional.IsCollectionDefined(SentinelEntitiesMappings)) + { + writer.WritePropertyName("sentinelEntitiesMappings"); + writer.WriteStartArray(); + foreach (var item in SentinelEntitiesMappings) + { + writer.WriteObjectValue(item); + } + writer.WriteEndArray(); + } writer.WriteEndObject(); writer.WriteEndObject(); } @@ -169,6 +179,7 @@ internal static ScheduledAlertRuleTemplate DeserializeScheduledAlertRuleTemplate Optional> customDetails = default; Optional> entityMappings = default; Optional alertDetailsOverride = default; + Optional> sentinelEntitiesMappings = default; foreach (var property in element.EnumerateObject()) { if (property.NameEquals("kind")) @@ -415,11 +426,26 @@ internal static ScheduledAlertRuleTemplate DeserializeScheduledAlertRuleTemplate alertDetailsOverride = AlertDetailsOverride.DeserializeAlertDetailsOverride(property0.Value); continue; } + if (property0.NameEquals("sentinelEntitiesMappings")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property0.Value.EnumerateArray()) + { + array.Add(SentinelEntityMapping.DeserializeSentinelEntityMapping(item)); + } + sentinelEntitiesMappings = array; + continue; + } } continue; } } - return new ScheduledAlertRuleTemplate(id, name, type, systemData.Value, kind, Optional.ToNullable(alertRulesCreatedByTemplateCount), Optional.ToNullable(createdDateUTC), Optional.ToNullable(lastUpdatedDateUTC), description.Value, displayName.Value, Optional.ToList(requiredDataConnectors), Optional.ToNullable(status), query.Value, Optional.ToNullable(queryFrequency), Optional.ToNullable(queryPeriod), Optional.ToNullable(severity), Optional.ToNullable(triggerOperator), Optional.ToNullable(triggerThreshold), Optional.ToList(tactics), Optional.ToList(techniques), version.Value, eventGroupingSettings.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value); + return new ScheduledAlertRuleTemplate(id, name, type, systemData.Value, kind, Optional.ToNullable(alertRulesCreatedByTemplateCount), Optional.ToNullable(createdDateUTC), Optional.ToNullable(lastUpdatedDateUTC), description.Value, displayName.Value, Optional.ToList(requiredDataConnectors), Optional.ToNullable(status), query.Value, Optional.ToNullable(queryFrequency), Optional.ToNullable(queryPeriod), Optional.ToNullable(severity), Optional.ToNullable(triggerOperator), Optional.ToNullable(triggerThreshold), Optional.ToList(tactics), Optional.ToList(techniques), version.Value, eventGroupingSettings.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value, Optional.ToList(sentinelEntitiesMappings)); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.cs index 0c4776e44d4ec..06afef43f2a42 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.cs @@ -24,6 +24,7 @@ public ScheduledAlertRuleTemplate() Techniques = new ChangeTrackingList(); CustomDetails = new ChangeTrackingDictionary(); EntityMappings = new ChangeTrackingList(); + SentinelEntitiesMappings = new ChangeTrackingList(); Kind = AlertRuleKind.Scheduled; } @@ -53,7 +54,8 @@ public ScheduledAlertRuleTemplate() /// Dictionary of string key-value pairs of columns to be attached to the alert. /// Array of the entity mappings of the alert rule. /// The alert details override settings. - internal ScheduledAlertRuleTemplate(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, int? alertRulesCreatedByTemplateCount, DateTimeOffset? createdDateUTC, DateTimeOffset? lastUpdatedDateUTC, string description, string displayName, IList requiredDataConnectors, TemplateStatus? status, string query, TimeSpan? queryFrequency, TimeSpan? queryPeriod, AlertSeverity? severity, TriggerOperator? triggerOperator, int? triggerThreshold, IList tactics, IList techniques, string version, EventGroupingSettings eventGroupingSettings, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride) : base(id, name, resourceType, systemData, kind) + /// Array of the sentinel entity mappings of the alert rule. + internal ScheduledAlertRuleTemplate(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, int? alertRulesCreatedByTemplateCount, DateTimeOffset? createdDateUTC, DateTimeOffset? lastUpdatedDateUTC, string description, string displayName, IList requiredDataConnectors, TemplateStatus? status, string query, TimeSpan? queryFrequency, TimeSpan? queryPeriod, AlertSeverity? severity, TriggerOperator? triggerOperator, int? triggerThreshold, IList tactics, IList techniques, string version, EventGroupingSettings eventGroupingSettings, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride, IList sentinelEntitiesMappings) : base(id, name, resourceType, systemData, kind) { AlertRulesCreatedByTemplateCount = alertRulesCreatedByTemplateCount; CreatedDateUTC = createdDateUTC; @@ -75,6 +77,7 @@ internal ScheduledAlertRuleTemplate(ResourceIdentifier id, string name, Resource CustomDetails = customDetails; EntityMappings = entityMappings; AlertDetailsOverride = alertDetailsOverride; + SentinelEntitiesMappings = sentinelEntitiesMappings; Kind = kind; } @@ -130,5 +133,7 @@ public EventGroupingAggregationKind? EventGroupingAggregationKind public IList EntityMappings { get; } /// The alert details override settings. public AlertDetailsOverride AlertDetailsOverride { get; set; } + /// Array of the sentinel entity mappings of the alert rule. + public IList SentinelEntitiesMappings { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.Serialization.cs index 1e8a583416163..b70e8b7c94ecd 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.Serialization.cs @@ -6,6 +6,7 @@ #nullable disable using System; +using System.Collections.Generic; using System.Text.Json; using Azure.Core; @@ -24,6 +25,8 @@ internal static SecurityAlertTimelineItem DeserializeSecurityAlertTimelineItem(J DateTimeOffset startTimeUtc = default; DateTimeOffset timeGenerated = default; string alertType = default; + Optional intent = default; + Optional> techniques = default; EntityTimelineKind kind = default; foreach (var property in element.EnumerateObject()) { @@ -72,13 +75,38 @@ internal static SecurityAlertTimelineItem DeserializeSecurityAlertTimelineItem(J alertType = property.Value.GetString(); continue; } + if (property.NameEquals("intent")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + intent = new KillChainIntent(property.Value.GetString()); + continue; + } + if (property.NameEquals("techniques")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property.Value.EnumerateArray()) + { + array.Add(item.GetString()); + } + techniques = array; + continue; + } if (property.NameEquals("kind")) { kind = new EntityTimelineKind(property.Value.GetString()); continue; } } - return new SecurityAlertTimelineItem(kind, azureResourceId, productName.Value, description.Value, displayName, severity, endTimeUtc, startTimeUtc, timeGenerated, alertType); + return new SecurityAlertTimelineItem(kind, azureResourceId, productName.Value, description.Value, displayName, severity, endTimeUtc, startTimeUtc, timeGenerated, alertType, Optional.ToNullable(intent), Optional.ToList(techniques)); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.cs index c4060b2ce5901..15ef70047ad01 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.cs @@ -6,6 +6,7 @@ #nullable disable using System; +using System.Collections.Generic; using Azure.Core; namespace Azure.ResourceManager.SecurityInsights.Models @@ -35,6 +36,7 @@ internal SecurityAlertTimelineItem(string azureResourceId, string displayName, A StartTimeUtc = startTimeUtc; TimeGenerated = timeGenerated; AlertType = alertType; + Techniques = new ChangeTrackingList(); Kind = EntityTimelineKind.SecurityAlert; } @@ -49,7 +51,9 @@ internal SecurityAlertTimelineItem(string azureResourceId, string displayName, A /// The alert start time. /// The alert generated time. /// The name of the alert type. - internal SecurityAlertTimelineItem(EntityTimelineKind kind, string azureResourceId, string productName, string description, string displayName, AlertSeverity severity, DateTimeOffset endTimeUtc, DateTimeOffset startTimeUtc, DateTimeOffset timeGenerated, string alertType) : base(kind) + /// The intent of the alert. + /// The techniques of the alert. + internal SecurityAlertTimelineItem(EntityTimelineKind kind, string azureResourceId, string productName, string description, string displayName, AlertSeverity severity, DateTimeOffset endTimeUtc, DateTimeOffset startTimeUtc, DateTimeOffset timeGenerated, string alertType, KillChainIntent? intent, IReadOnlyList techniques) : base(kind) { AzureResourceId = azureResourceId; ProductName = productName; @@ -60,6 +64,8 @@ internal SecurityAlertTimelineItem(EntityTimelineKind kind, string azureResource StartTimeUtc = startTimeUtc; TimeGenerated = timeGenerated; AlertType = alertType; + Intent = intent; + Techniques = techniques; Kind = kind; } @@ -81,5 +87,9 @@ internal SecurityAlertTimelineItem(EntityTimelineKind kind, string azureResource public DateTimeOffset TimeGenerated { get; } /// The name of the alert type. public string AlertType { get; } + /// The intent of the alert. + public KillChainIntent? Intent { get; } + /// The techniques of the alert. + public IReadOnlyList Techniques { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SentinelEntityMapping.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SentinelEntityMapping.Serialization.cs new file mode 100644 index 0000000000000..a63011a8366dc --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SentinelEntityMapping.Serialization.cs @@ -0,0 +1,40 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class SentinelEntityMapping : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(ColumnName)) + { + writer.WritePropertyName("columnName"); + writer.WriteStringValue(ColumnName); + } + writer.WriteEndObject(); + } + + internal static SentinelEntityMapping DeserializeSentinelEntityMapping(JsonElement element) + { + Optional columnName = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("columnName")) + { + columnName = property.Value.GetString(); + continue; + } + } + return new SentinelEntityMapping(columnName.Value); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SentinelEntityMapping.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SentinelEntityMapping.cs new file mode 100644 index 0000000000000..40fd2f03084c3 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SentinelEntityMapping.cs @@ -0,0 +1,28 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// A single sentinel entity mapping. + public partial class SentinelEntityMapping + { + /// Initializes a new instance of SentinelEntityMapping. + public SentinelEntityMapping() + { + } + + /// Initializes a new instance of SentinelEntityMapping. + /// the column name to be mapped to the SentinelEntities. + internal SentinelEntityMapping(string columnName) + { + ColumnName = columnName; + } + + /// the column name to be mapped to the SentinelEntities. + public string ColumnName { get; set; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ActionsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ActionsRestOperations.cs index d98d8c25e1254..eee0c517305fc 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ActionsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ActionsRestOperations.cs @@ -33,7 +33,7 @@ public ActionsRestOperations(HttpPipeline pipeline, string applicationId, Uri en { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRuleTemplatesRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRuleTemplatesRestOperations.cs index 057689ec8fa91..7e4811ca36093 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRuleTemplatesRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRuleTemplatesRestOperations.cs @@ -33,7 +33,7 @@ public AlertRuleTemplatesRestOperations(HttpPipeline pipeline, string applicatio { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRulesRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRulesRestOperations.cs index 49c7babcb41ea..8a3844037a741 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRulesRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRulesRestOperations.cs @@ -33,7 +33,7 @@ public AlertRulesRestOperations(HttpPipeline pipeline, string applicationId, Uri { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AutomationRulesRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AutomationRulesRestOperations.cs index 2bae664c83a23..62466d777b6b4 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AutomationRulesRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AutomationRulesRestOperations.cs @@ -33,7 +33,7 @@ public AutomationRulesRestOperations(HttpPipeline pipeline, string applicationId { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarkRelationsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarkRelationsRestOperations.cs index 0e5c65b7a4884..6c3f87e25c496 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarkRelationsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarkRelationsRestOperations.cs @@ -33,7 +33,7 @@ public BookmarkRelationsRestOperations(HttpPipeline pipeline, string application { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarksRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarksRestOperations.cs index 362eb47037eea..435383a7a32ed 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarksRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarksRestOperations.cs @@ -33,7 +33,7 @@ public BookmarksRestOperations(HttpPipeline pipeline, string applicationId, Uri { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsCheckRequirementsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsCheckRequirementsRestOperations.cs index 7e59c8ac70b9d..86e8c6d141772 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsCheckRequirementsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsCheckRequirementsRestOperations.cs @@ -33,7 +33,7 @@ public DataConnectorsCheckRequirementsRestOperations(HttpPipeline pipeline, stri { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsRestOperations.cs index 3906f9aeea0ab..861ed6f3f125b 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsRestOperations.cs @@ -33,7 +33,7 @@ public DataConnectorsRestOperations(HttpPipeline pipeline, string applicationId, { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DomainWhoisRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DomainWhoisRestOperations.cs index efb1a21f975b2..9d2b8593f362d 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DomainWhoisRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DomainWhoisRestOperations.cs @@ -33,7 +33,7 @@ public DomainWhoisRestOperations(HttpPipeline pipeline, string applicationId, Ur { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesGetTimelineRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesGetTimelineRestOperations.cs index c134233ec275f..9c67be4f23220 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesGetTimelineRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesGetTimelineRestOperations.cs @@ -33,7 +33,7 @@ public EntitiesGetTimelineRestOperations(HttpPipeline pipeline, string applicati { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRelationsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRelationsRestOperations.cs index dccdcc5646b64..43c8af0ceeed3 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRelationsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRelationsRestOperations.cs @@ -33,7 +33,7 @@ public EntitiesRelationsRestOperations(HttpPipeline pipeline, string application { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRestOperations.cs index 887ed9f5441bb..ebefc36f76e16 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRestOperations.cs @@ -33,7 +33,7 @@ public EntitiesRestOperations(HttpPipeline pipeline, string applicationId, Uri e { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueriesRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueriesRestOperations.cs index ec69b7786b4bb..b93add8f9545a 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueriesRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueriesRestOperations.cs @@ -33,7 +33,7 @@ public EntityQueriesRestOperations(HttpPipeline pipeline, string applicationId, { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueryTemplatesRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueryTemplatesRestOperations.cs index 66ea776633dd1..8b35a148c8485 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueryTemplatesRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueryTemplatesRestOperations.cs @@ -33,7 +33,7 @@ public EntityQueryTemplatesRestOperations(HttpPipeline pipeline, string applicat { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityRelationsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityRelationsRestOperations.cs index 5fa4e073de66e..2649160c9ed81 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityRelationsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityRelationsRestOperations.cs @@ -32,7 +32,7 @@ public EntityRelationsRestOperations(HttpPipeline pipeline, string applicationId { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/FileImportsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/FileImportsRestOperations.cs index e8f091bbf9837..af390924aced8 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/FileImportsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/FileImportsRestOperations.cs @@ -33,7 +33,7 @@ public FileImportsRestOperations(HttpPipeline pipeline, string applicationId, Ur { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IPGeodataRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IPGeodataRestOperations.cs index 573ab7b8075c1..707e16c77dcb4 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IPGeodataRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IPGeodataRestOperations.cs @@ -33,7 +33,7 @@ public IPGeodataRestOperations(HttpPipeline pipeline, string applicationId, Uri { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentCommentsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentCommentsRestOperations.cs index d32e7c9d87e19..06c3fe9199cec 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentCommentsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentCommentsRestOperations.cs @@ -33,7 +33,7 @@ public IncidentCommentsRestOperations(HttpPipeline pipeline, string applicationI { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentRelationsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentRelationsRestOperations.cs index 107cc625a17fe..324b71693deea 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentRelationsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentRelationsRestOperations.cs @@ -33,7 +33,7 @@ public IncidentRelationsRestOperations(HttpPipeline pipeline, string application { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentsRestOperations.cs index a8b5195fcb039..4855232a22ce5 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentsRestOperations.cs @@ -33,7 +33,7 @@ public IncidentsRestOperations(HttpPipeline pipeline, string applicationId, Uri { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/MetadataRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/MetadataRestOperations.cs index a4c4d98537f3d..e37b9ab1fbd95 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/MetadataRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/MetadataRestOperations.cs @@ -33,7 +33,7 @@ public MetadataRestOperations(HttpPipeline pipeline, string applicationId, Uri e { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/OfficeConsentsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/OfficeConsentsRestOperations.cs index 902e11899ceb7..38b8dfa3b7972 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/OfficeConsentsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/OfficeConsentsRestOperations.cs @@ -33,7 +33,7 @@ public OfficeConsentsRestOperations(HttpPipeline pipeline, string applicationId, { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ProductSettingsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ProductSettingsRestOperations.cs index b8db7c6fd1778..ba772bc60a030 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ProductSettingsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ProductSettingsRestOperations.cs @@ -33,7 +33,7 @@ public ProductSettingsRestOperations(HttpPipeline pipeline, string applicationId { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SecurityMLAnalyticsSettingsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SecurityMLAnalyticsSettingsRestOperations.cs index c8d5b60a3910d..3b1e4edb18355 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SecurityMLAnalyticsSettingsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SecurityMLAnalyticsSettingsRestOperations.cs @@ -33,7 +33,7 @@ public SecurityMLAnalyticsSettingsRestOperations(HttpPipeline pipeline, string a { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SentinelOnboardingStatesRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SentinelOnboardingStatesRestOperations.cs index 523a58771d9b9..7b36815f48725 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SentinelOnboardingStatesRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SentinelOnboardingStatesRestOperations.cs @@ -33,7 +33,7 @@ public SentinelOnboardingStatesRestOperations(HttpPipeline pipeline, string appl { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlRestOperations.cs index 18399fb858753..c33649bedc8d4 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlRestOperations.cs @@ -33,7 +33,7 @@ public SourceControlRestOperations(HttpPipeline pipeline, string applicationId, { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlsRestOperations.cs index b06f8d2375350..098e1ab8b3442 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlsRestOperations.cs @@ -33,7 +33,7 @@ public SourceControlsRestOperations(HttpPipeline pipeline, string applicationId, { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ThreatIntelligenceIndicatorsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ThreatIntelligenceIndicatorsRestOperations.cs index 6a0fe5741fe72..ec6c06566c5c6 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ThreatIntelligenceIndicatorsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ThreatIntelligenceIndicatorsRestOperations.cs @@ -33,7 +33,7 @@ public ThreatIntelligenceIndicatorsRestOperations(HttpPipeline pipeline, string { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistItemsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistItemsRestOperations.cs index 7ddb2f8caf956..12e3aa28c0cb5 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistItemsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistItemsRestOperations.cs @@ -33,7 +33,7 @@ public WatchlistItemsRestOperations(HttpPipeline pipeline, string applicationId, { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistsRestOperations.cs index f09f5874f0d9c..eef9bc6631c9b 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistsRestOperations.cs @@ -33,7 +33,7 @@ public WatchlistsRestOperations(HttpPipeline pipeline, string applicationId, Uri { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-10-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/autorest.md b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/autorest.md index 39d8e521580ae..e4560b7bf906b 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/autorest.md +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/autorest.md @@ -9,7 +9,7 @@ csharp: true library-name: SecurityInsights namespace: Azure.ResourceManager.SecurityInsights # default tag is a preview version -require: https://github.com/Azure/azure-rest-api-specs/blob/53b1affe357b3bfbb53721d0a2002382a046d3b0/specification/securityinsights/resource-manager/readme.md +require: /mnt/vss/_work/1/s/azure-rest-api-specs/specification/securityinsights/resource-manager/readme.md output-folder: $(this-folder)/Generated clear-output-folder: true skip-csproj: true