class Azure::SecurityInsights::Mgmt::V2019_01_01_preview::SecurityInsights

A service client - single point of access to the REST API.

Attributes

accept_language[RW]

@return [String] The preferred language for the response.

actions[R]

@return [Actions] actions

alert_rule_templates[R]

@return [AlertRuleTemplates] alert_rule_templates

alert_rules[R]

@return [AlertRules] alert_rules

api_version[R]

@return [String] API version for the operation

base_url[RW]

@return [String] the base URI of the service.

bookmark_operations[R]

@return [BookmarkOperations] bookmark_operations

bookmark_relations[R]

@return [BookmarkRelations] bookmark_relations

bookmarks[R]

@return [Bookmarks] bookmarks

case_comments[R]

@return [CaseComments] case_comments

case_relations[R]

@return [CaseRelations] case_relations

cases[R]

@return [Cases] cases

cases_aggregations[R]

@return [CasesAggregations] cases_aggregations

comments[R]

@return [Comments] comments

credentials[R]

@return Credentials needed for the client to connect to Azure.

data_connectors[R]

@return [DataConnectors] data_connectors

data_connectors_check_requirements_operations[R]

@return [DataConnectorsCheckRequirementsOperations] data_connectors_check_requirements_operations

entities[R]

@return [Entities] entities

entities_relations[R]

@return [EntitiesRelations] entities_relations

entity_queries[R]

@return [EntityQueries] entity_queries

entity_relations[R]

@return [EntityRelations] entity_relations

generate_client_request_id[RW]

@return [Boolean] Whether a unique x-ms-client-request-id should be generated. When set to true a unique x-ms-client-request-id value is generated and included in each request. Default is true.

incident_comments[R]

@return [IncidentComments] incident_comments

incident_relations[R]

@return [IncidentRelations] incident_relations

incidents[R]

@return [Incidents] incidents

long_running_operation_retry_timeout[RW]

@return [Integer] The retry timeout in seconds for Long Running Operations. Default value is 30.

office_consents[R]

@return [OfficeConsents] office_consents

operations[R]

@return [Operations] operations

product_settings[R]

@return [ProductSettings] product_settings

subscription_id[RW]

@return [String] Azure subscription ID

threat_intelligence_indicator[R]

@return [ThreatIntelligenceIndicator] threat_intelligence_indicator

threat_intelligence_indicator_metrics[R]

@return [ThreatIntelligenceIndicatorMetrics] threat_intelligence_indicator_metrics

threat_intelligence_indicator_upsert[R]

@return [ThreatIntelligenceIndicatorUpsert] threat_intelligence_indicator_upsert

threat_intelligence_indicators[R]

@return [ThreatIntelligenceIndicators] threat_intelligence_indicators

threat_intelligence_indicators_list[R]

@return [ThreatIntelligenceIndicatorsList] threat_intelligence_indicators_list

watchlists[R]

@return [Watchlists] watchlists

Public Class Methods

new(credentials = nil, base_url = nil, options = nil) click to toggle source

Creates initializes a new instance of the SecurityInsights class. @param credentials [MsRest::ServiceClientCredentials] credentials to authorize HTTP requests made by the service client. @param base_url [String] the base URI of the service. @param options [Array] filters to be applied to the HTTP requests.

Calls superclass method
# File lib/2019-01-01-preview/generated/azure_mgmt_security_insights/security_insights.rb, line 135
def initialize(credentials = nil, base_url = nil, options = nil)
  super(credentials, options)
  @base_url = base_url || 'https://management.azure.com'

  fail ArgumentError, 'invalid type of credentials input parameter' unless credentials.is_a?(MsRest::ServiceClientCredentials) unless credentials.nil?
  @credentials = credentials

  @operations = Operations.new(self)
  @alert_rules = AlertRules.new(self)
  @actions = Actions.new(self)
  @alert_rule_templates = AlertRuleTemplates.new(self)
  @cases = Cases.new(self)
  @comments = Comments.new(self)
  @case_comments = CaseComments.new(self)
  @bookmarks = Bookmarks.new(self)
  @case_relations = CaseRelations.new(self)
  @bookmark_relations = BookmarkRelations.new(self)
  @bookmark_operations = BookmarkOperations.new(self)
  @data_connectors = DataConnectors.new(self)
  @data_connectors_check_requirements_operations = DataConnectorsCheckRequirementsOperations.new(self)
  @entities = Entities.new(self)
  @entities_relations = EntitiesRelations.new(self)
  @entity_relations = EntityRelations.new(self)
  @office_consents = OfficeConsents.new(self)
  @product_settings = ProductSettings.new(self)
  @cases_aggregations = CasesAggregations.new(self)
  @entity_queries = EntityQueries.new(self)
  @incidents = Incidents.new(self)
  @incident_comments = IncidentComments.new(self)
  @incident_relations = IncidentRelations.new(self)
  @watchlists = Watchlists.new(self)
  @threat_intelligence_indicators = ThreatIntelligenceIndicators.new(self)
  @threat_intelligence_indicator = ThreatIntelligenceIndicator.new(self)
  @threat_intelligence_indicator_upsert = ThreatIntelligenceIndicatorUpsert.new(self)
  @threat_intelligence_indicators_list = ThreatIntelligenceIndicatorsList.new(self)
  @threat_intelligence_indicator_metrics = ThreatIntelligenceIndicatorMetrics.new(self)
  @api_version = '2019-01-01-preview'
  @accept_language = 'en-US'
  @long_running_operation_retry_timeout = 30
  @generate_client_request_id = true
  add_telemetry
end

Public Instance Methods

create_threat_intelligence(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_indicator_object_to_upsert, custom_headers:nil) click to toggle source

Create a threat intelligence.

@param resource_group_name [String] The name of the resource group within the user's subscription. The name is case insensitive. @param operational_insights_resource_provider [String] The namespace of workspaces resource provider- Microsoft.OperationalInsights. @param workspace_name [String] The name of the workspace. @param threat_intelligence_indicator_object_to_upsert

ThreatIntelligenceIndicatorWithoutReadOnlyFields

The threat intelligence

entity properties for upsert @param custom_headers [Hash{String => String}] A hash of custom headers that will be added to the HTTP request.

@return [ThreatIntelligenceResource] operation results.

# File lib/2019-01-01-preview/generated/azure_mgmt_security_insights/security_insights.rb, line 252
def create_threat_intelligence(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_indicator_object_to_upsert, custom_headers:nil)
  response = create_threat_intelligence_async(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_indicator_object_to_upsert, custom_headers:custom_headers).value!
  response.body unless response.nil?
end
create_threat_intelligence_async(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_indicator_object_to_upsert, custom_headers:nil) click to toggle source

Create a threat intelligence.

@param resource_group_name [String] The name of the resource group within the user's subscription. The name is case insensitive. @param operational_insights_resource_provider [String] The namespace of workspaces resource provider- Microsoft.OperationalInsights. @param workspace_name [String] The name of the workspace. @param threat_intelligence_indicator_object_to_upsert

ThreatIntelligenceIndicatorWithoutReadOnlyFields

The threat intelligence

entity properties for upsert @param [Hash{String => String}] A hash of custom headers that will be added to the HTTP request.

@return [Concurrent::Promise] Promise object which holds the HTTP response.

# File lib/2019-01-01-preview/generated/azure_mgmt_security_insights/security_insights.rb, line 293
def create_threat_intelligence_async(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_indicator_object_to_upsert, custom_headers:nil)
  api_version = '2019-01-01-preview'
  fail ArgumentError, 'subscription_id is nil' if subscription_id.nil?
  fail ArgumentError, "'subscription_id' should satisfy the constraint - 'Pattern': '^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'" if !subscription_id.nil? && subscription_id.match(Regexp.new('^^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$$')).nil?
  fail ArgumentError, 'resource_group_name is nil' if resource_group_name.nil?
  fail ArgumentError, "'resource_group_name' should satisfy the constraint - 'MaxLength': '90'" if !resource_group_name.nil? && resource_group_name.length > 90
  fail ArgumentError, "'resource_group_name' should satisfy the constraint - 'MinLength': '1'" if !resource_group_name.nil? && resource_group_name.length < 1
  fail ArgumentError, "'resource_group_name' should satisfy the constraint - 'Pattern': '^[-\w\._\(\)]+$'" if !resource_group_name.nil? && resource_group_name.match(Regexp.new('^^[-\w\._\(\)]+$$')).nil?
  fail ArgumentError, 'operational_insights_resource_provider is nil' if operational_insights_resource_provider.nil?
  fail ArgumentError, 'workspace_name is nil' if workspace_name.nil?
  fail ArgumentError, "'workspace_name' should satisfy the constraint - 'MaxLength': '90'" if !workspace_name.nil? && workspace_name.length > 90
  fail ArgumentError, "'workspace_name' should satisfy the constraint - 'MinLength': '1'" if !workspace_name.nil? && workspace_name.length < 1
  fail ArgumentError, 'threat_intelligence_indicator_object_to_upsert is nil' if threat_intelligence_indicator_object_to_upsert.nil?


  request_headers = {}
  request_headers['Content-Type'] = 'application/json; charset=utf-8'

  # Set Headers
  request_headers['x-ms-client-request-id'] = SecureRandom.uuid
  request_headers['accept-language'] = accept_language unless accept_language.nil?

  # Serialize Request
  request_mapper = Azure::SecurityInsights::Mgmt::V2019_01_01_preview::Models::ThreatIntelligenceIndicatorWithoutReadOnlyFields.mapper()
  request_content = self.serialize(request_mapper,  threat_intelligence_indicator_object_to_upsert)
  request_content = request_content != nil ? JSON.generate(request_content, quirks_mode: true) : nil

  path_template = 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/createIndicator'

  request_url = @base_url || self.base_url

  options = {
      middlewares: [[MsRest::RetryPolicyMiddleware, times: 3, retry: 0.02], [:cookie_jar]],
      path_params: {'subscriptionId' => subscription_id,'resourceGroupName' => resource_group_name,'operationalInsightsResourceProvider' => operational_insights_resource_provider,'workspaceName' => workspace_name},
      query_params: {'api-version' => api_version},
      body: request_content,
      headers: request_headers.merge(custom_headers || {}),
      base_url: request_url
  }
  promise = self.make_request_async(:post, path_template, options)

  promise = promise.then do |result|
    http_response = result.response
    status_code = http_response.status
    response_content = http_response.body
    unless status_code == 200 || status_code == 201
      error_model = JSON.load(response_content)
      fail MsRestAzure::AzureOperationError.new(result.request, http_response, error_model)
    end

    result.request_id = http_response['x-ms-request-id'] unless http_response['x-ms-request-id'].nil?
    result.correlation_request_id = http_response['x-ms-correlation-request-id'] unless http_response['x-ms-correlation-request-id'].nil?
    result.client_request_id = http_response['x-ms-client-request-id'] unless http_response['x-ms-client-request-id'].nil?
    # Deserialize Response
    if status_code == 200
      begin
        parsed_response = response_content.to_s.empty? ? nil : JSON.load(response_content)
        result_mapper = Azure::SecurityInsights::Mgmt::V2019_01_01_preview::Models::ThreatIntelligenceResource.mapper()
        result.body = self.deserialize(result_mapper, parsed_response)
      rescue Exception => e
        fail MsRest::DeserializationError.new('Error occurred in deserializing the response', e.message, e.backtrace, result)
      end
    end
    # Deserialize Response
    if status_code == 201
      begin
        parsed_response = response_content.to_s.empty? ? nil : JSON.load(response_content)
        result_mapper = Azure::SecurityInsights::Mgmt::V2019_01_01_preview::Models::ThreatIntelligenceResource.mapper()
        result.body = self.deserialize(result_mapper, parsed_response)
      rescue Exception => e
        fail MsRest::DeserializationError.new('Error occurred in deserializing the response', e.message, e.backtrace, result)
      end
    end

    result
  end

  promise.execute
end
create_threat_intelligence_with_http_info(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_indicator_object_to_upsert, custom_headers:nil) click to toggle source

Create a threat intelligence.

@param resource_group_name [String] The name of the resource group within the user's subscription. The name is case insensitive. @param operational_insights_resource_provider [String] The namespace of workspaces resource provider- Microsoft.OperationalInsights. @param workspace_name [String] The name of the workspace. @param threat_intelligence_indicator_object_to_upsert

ThreatIntelligenceIndicatorWithoutReadOnlyFields

The threat intelligence

entity properties for upsert @param custom_headers [Hash{String => String}] A hash of custom headers that will be added to the HTTP request.

@return [MsRestAzure::AzureOperationResponse] HTTP response information.

# File lib/2019-01-01-preview/generated/azure_mgmt_security_insights/security_insights.rb, line 273
def create_threat_intelligence_with_http_info(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_indicator_object_to_upsert, custom_headers:nil)
  create_threat_intelligence_async(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_indicator_object_to_upsert, custom_headers:custom_headers).value!
end
make_request(method, path, options = {}) click to toggle source

Makes a request and returns the body of the response. @param method [Symbol] with any of the following values :get, :put, :post, :patch, :delete. @param path [String] the path, relative to {base_url}. @param options [Hash{String=>String}] specifying any request options like :body. @return [Hash{String=>String}] containing the body of the response. Example:

request_content = "{'location':'westus','tags':{'tag1':'val1','tag2':'val2'}}"
path = "/path"
options = {
  body: request_content,
  query_params: {'api-version' => '2016-02-01'}
}
result = @client.make_request(:put, path, options)
# File lib/2019-01-01-preview/generated/azure_mgmt_security_insights/security_insights.rb, line 194
def make_request(method, path, options = {})
  result = make_request_with_http_info(method, path, options)
  result.body unless result.nil?
end
make_request_async(method, path, options = {}) click to toggle source

Makes a request asynchronously. @param method [Symbol] with any of the following values :get, :put, :post, :patch, :delete. @param path [String] the path, relative to {base_url}. @param options [Hash{String=>String}] specifying any request options like :body. @return [Concurrent::Promise] Promise object which holds the HTTP response.

Calls superclass method
# File lib/2019-01-01-preview/generated/azure_mgmt_security_insights/security_insights.rb, line 219
def make_request_async(method, path, options = {})
  fail ArgumentError, 'method is nil' if method.nil?
  fail ArgumentError, 'path is nil' if path.nil?

  request_url = options[:base_url] || @base_url
  if(!options[:headers].nil? && !options[:headers]['Content-Type'].nil?)
    @request_headers['Content-Type'] = options[:headers]['Content-Type']
  end

  request_headers = @request_headers
  request_headers.merge!({'accept-language' => @accept_language}) unless @accept_language.nil?
  options.merge!({headers: request_headers.merge(options[:headers] || {})})
  options.merge!({credentials: @credentials}) unless @credentials.nil?

  super(request_url, method, path, options)
end
make_request_with_http_info(method, path, options = {}) click to toggle source

Makes a request and returns the operation response. @param method [Symbol] with any of the following values :get, :put, :post, :patch, :delete. @param path [String] the path, relative to {base_url}. @param options [Hash{String=>String}] specifying any request options like :body. @return [MsRestAzure::AzureOperationResponse] Operation response containing the request, response and status.

# File lib/2019-01-01-preview/generated/azure_mgmt_security_insights/security_insights.rb, line 206
def make_request_with_http_info(method, path, options = {})
  result = make_request_async(method, path, options).value!
  result.body = result.response.body.to_s.empty? ? nil : JSON.load(result.response.body)
  result
end

Private Instance Methods

add_telemetry() click to toggle source

Adds telemetry information.

# File lib/2019-01-01-preview/generated/azure_mgmt_security_insights/security_insights.rb, line 378
def add_telemetry
    sdk_information = 'azure_mgmt_security_insights'
    sdk_information = "#{sdk_information}/0.17.0"
    add_user_agent_information(sdk_information)
end