-
Notifications
You must be signed in to change notification settings - Fork 12
/
GetAllIncidentBookmarks.go
94 lines (91 loc) · 6.2 KB
/
GetAllIncidentBookmarks.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
package armsecurityinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/securityinsights/armsecurityinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/7a2ac91de424f271cf91cc8009f3fe9ee8249086/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/examples/incidents/GetAllIncidentBookmarks.json
func ExampleIncidentsClient_ListBookmarks() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armsecurityinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewIncidentsClient().ListBookmarks(ctx, "myRg", "myWorkspace", "afbd324f-6c48-459c-8710-8d1e1cd03812", nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.IncidentBookmarkList = armsecurityinsights.IncidentBookmarkList{
// Value: []*armsecurityinsights.HuntingBookmark{
// {
// Name: to.Ptr("afbd324f-6c48-459c-8710-8d1e1cd03812"),
// Type: to.Ptr("Microsoft.SecurityInsights/Entities"),
// ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/afbd324f-6c48-459c-8710-8d1e1cd03812"),
// Kind: to.Ptr(armsecurityinsights.EntityKindEnumBookmark),
// Properties: &armsecurityinsights.HuntingBookmarkProperties{
// AdditionalData: map[string]any{
// "ETag": "\"3b00acab-0000-0d00-0000-5f15e4ed0000\"",
// "EntityId": "afbd324f-6c48-459c-8710-8d1e1cd03812",
// },
// FriendlyName: to.Ptr("SecurityEvent - 868f40f4698d"),
// Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-17T15:34:01.4265524+00:00"); return t}()),
// CreatedBy: &armsecurityinsights.UserInfo{
// Name: to.Ptr("user"),
// Email: to.Ptr("user@microsoft.com"),
// ObjectID: to.Ptr("b03ca914-5eb6-45e5-9417-fe0797c372fd"),
// },
// DisplayName: to.Ptr("SecurityEvent - 868f40f4698d"),
// EventTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-17T15:34:01.4265524+00:00"); return t}()),
// Labels: []*string{
// },
// Query: to.Ptr("SecurityEvent\r\n| take 1\n"),
// QueryResult: to.Ptr("{\"TimeGenerated\":\"2020-05-24T01:24:25.67Z\",\"Account\":\"\\\\ADMINISTRATOR\",\"AccountType\":\"User\",\"Computer\":\"SecurityEvents\",\"EventSourceName\":\"Microsoft-Windows-Security-Auditing\",\"Channel\":\"Security\",\"Task\":12544,\"Level\":\"16\",\"EventID\":4625,\"Activity\":\"4625 - An account failed to log on.\",\"AuthenticationPackageName\":\"NTLM\",\"FailureReason\":\"%%2313\",\"IpAddress\":\"176.113.115.73\",\"IpPort\":\"0\",\"LmPackageName\":\"-\",\"LogonProcessName\":\"NtLmSsp \",\"LogonType\":3,\"LogonTypeName\":\"3 - Network\",\"Process\":\"-\",\"ProcessId\":\"0x0\",\"__entityMapping\":{\"\\\\ADMINISTRATOR\":\"Account\",\"SecurityEvents\":\"Host\"}}"),
// Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-17T15:34:01.4265524+00:00"); return t}()),
// UpdatedBy: &armsecurityinsights.UserInfo{
// Name: to.Ptr("user"),
// Email: to.Ptr("user@microsoft.com"),
// ObjectID: to.Ptr("b03ca914-5eb6-45e5-9417-fe0797c372fd"),
// },
// },
// },
// {
// Name: to.Ptr("bbbd324f-6c48-459c-8710-8d1e1cd03812"),
// Type: to.Ptr("Microsoft.SecurityInsights/Entities"),
// ID: to.Ptr("/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/bookmarks/bbbd324f-6c48-459c-8710-8d1e1cd03812"),
// Kind: to.Ptr(armsecurityinsights.EntityKindEnumBookmark),
// Properties: &armsecurityinsights.HuntingBookmarkProperties{
// AdditionalData: map[string]any{
// "ETag": "\"3b00acab-0000-0d00-0000-5f15e4ed0000\"",
// "EntityId": "afbd324f-6c48-459c-8710-8d1e1cd03812",
// },
// FriendlyName: to.Ptr("SecurityEvent - 868f40f4698d"),
// Created: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-17T15:34:01.4265524+00:00"); return t}()),
// CreatedBy: &armsecurityinsights.UserInfo{
// Name: to.Ptr("user"),
// Email: to.Ptr("user@microsoft.com"),
// ObjectID: to.Ptr("303ca914-5eb6-45e5-9417-fe0797c372fd"),
// },
// DisplayName: to.Ptr("SecurityEvent - 868f40f4698d"),
// EventTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-17T15:34:01.4265524+00:00"); return t}()),
// Labels: []*string{
// },
// Query: to.Ptr("SecurityEvent\r\n| take 1\n"),
// QueryResult: to.Ptr("{\"TimeGenerated\":\"2020-05-24T01:24:25.67Z\",\"Account\":\"\\\\ADMINISTRATOR\",\"AccountType\":\"User\",\"Computer\":\"SecurityEvents\",\"EventSourceName\":\"Microsoft-Windows-Security-Auditing\",\"Channel\":\"Security\",\"Task\":12544,\"Level\":\"16\",\"EventID\":4625,\"Activity\":\"4625 - An account failed to log on.\",\"AuthenticationPackageName\":\"NTLM\",\"FailureReason\":\"%%2313\",\"IpAddress\":\"176.113.115.73\",\"IpPort\":\"0\",\"LmPackageName\":\"-\",\"LogonProcessName\":\"NtLmSsp \",\"LogonType\":3,\"LogonTypeName\":\"3 - Network\",\"Process\":\"-\",\"ProcessId\":\"0x0\",\"__entityMapping\":{\"\\\\ADMINISTRATOR\":\"Account\",\"SecurityEvents\":\"Host\"}}"),
// Updated: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-17T15:34:01.4265524+00:00"); return t}()),
// UpdatedBy: &armsecurityinsights.UserInfo{
// Name: to.Ptr("user"),
// Email: to.Ptr("user@microsoft.com"),
// ObjectID: to.Ptr("b03ca914-5eb6-45e5-9417-fe0797c372fd"),
// },
// },
// }},
// }
}