Class: Azure::SecurityInsights::Mgmt::V2019_01_01_preview::ThreatIntelligenceIndicatorsList

Inherits:

Object

• Object
• Azure::SecurityInsights::Mgmt::V2019_01_01_preview::ThreatIntelligenceIndicatorsList

Includes:

MsRestAzure

Defined in:

lib/2019-01-01-preview/generated/azure_mgmt_security_insights/threat_intelligence_indicators_list.rb

Overview

API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider

Instance Attribute Summary

• #client ⇒ SecurityInsights readonly

  Reference to the SecurityInsights.

Instance Method Summary

• #initialize(client) ⇒ ThreatIntelligenceIndicatorsList constructor

  Creates and initializes a new instance of the ThreatIntelligenceIndicatorsList class.

• #query(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers: nil) ⇒ Array<ThreatIntelligenceResource>

  Query all threat intelligence.

• #query_as_lazy(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers: nil) ⇒ ThreatIntelligenceResourceList

  Query all threat intelligence.

• #query_async(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers: nil) ⇒ Concurrent::Promise

  Query all threat intelligence.

• #query_next(next_page_link, custom_headers: nil) ⇒ ThreatIntelligenceResourceList

  Query all threat intelligence.

• #query_next_async(next_page_link, custom_headers: nil) ⇒ Concurrent::Promise

  Query all threat intelligence.

• #query_next_with_http_info(next_page_link, custom_headers: nil) ⇒ MsRestAzure::AzureOperationResponse

  Query all threat intelligence.

• #query_with_http_info(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers: nil) ⇒ MsRestAzure::AzureOperationResponse

  Query all threat intelligence.

Constructor Details

#initialize(client) ⇒ ThreatIntelligenceIndicatorsList

Creates and initializes a new instance of the ThreatIntelligenceIndicatorsList class.

Parameters:

• client —

  service class for accessing basic functionality.

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/threat_intelligence_indicators_list.rb', line 18

def initialize(client)
  @client = client
end

Instance Attribute Details

#client ⇒ SecurityInsights (readonly)

Returns reference to the SecurityInsights.

Returns:

• (SecurityInsights) —

  reference to the SecurityInsights

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/threat_intelligence_indicators_list.rb', line 23

def client
  @client
end

Instance Method Details

#query(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers: nil) ⇒ Array<ThreatIntelligenceResource>

Query all threat intelligence.

user’s subscription. The name is case insensitive. workspaces resource provider- Microsoft.OperationalInsights. The threat intelligence ARM STIX query will be added to the HTTP request.

Parameters:

• resource_group_name (String) —

  The name of the resource group within the

• operational_insights_resource_provider (String) —

  The namespace of

• workspace_name (String) —

  The name of the workspace.

• threat_intelligence_arm_stix_query (ThreatIntelligenceArmStixQuery)
• custom_headers (Hash{String => String}) (defaults to: nil) —

  A hash of custom headers that

Returns:

• (Array<ThreatIntelligenceResource>) —

  operation results.

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/threat_intelligence_indicators_list.rb', line 40

def query(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers:nil)
  first_page = query_as_lazy(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers:custom_headers)
  first_page.get_all_items
end

#query_as_lazy(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers: nil) ⇒ ThreatIntelligenceResourceList

Query all threat intelligence.

user’s subscription. The name is case insensitive. workspaces resource provider- Microsoft.OperationalInsights. The threat intelligence ARM STIX query will be added to the HTTP request.

of the response.

Parameters:

• resource_group_name (String) —

  The name of the resource group within the

• operational_insights_resource_provider (String) —

  The namespace of

• workspace_name (String) —

  The name of the workspace.

• threat_intelligence_arm_stix_query (ThreatIntelligenceArmStixQuery)
• custom_headers (Hash{String => String}) (defaults to: nil) —

  A hash of custom headers that

Returns:

• (ThreatIntelligenceResourceList) —

  which provide lazy access to pages

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/threat_intelligence_indicators_list.rb', line 255

def query_as_lazy(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers:nil)
  response = query_async(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers:custom_headers).value!
  unless response.nil?
    page = response.body
    page.next_method = Proc.new do |next_page_link|
      query_next_async(next_page_link, custom_headers:custom_headers)
    end
    page
  end
end

#query_async(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers: nil) ⇒ Concurrent::Promise

Query all threat intelligence.

user’s subscription. The name is case insensitive. workspaces resource provider- Microsoft.OperationalInsights. The threat intelligence ARM STIX query to the HTTP request.

Parameters:

• resource_group_name (String) —

  The name of the resource group within the

• operational_insights_resource_provider (String) —

  The namespace of

• workspace_name (String) —

  The name of the workspace.

• threat_intelligence_arm_stix_query (ThreatIntelligenceArmStixQuery)
• A (Hash{String => String}) —

  hash of custom headers that will be added

Returns:

• (Concurrent::Promise) —

  Promise object which holds the HTTP response.

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/threat_intelligence_indicators_list.rb', line 79

def query_async(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers:nil)
  @client.api_version = '2019-01-01-preview'
  fail ArgumentError, '@client.subscription_id is nil' if @client.subscription_id.nil?
  fail ArgumentError, "'@client.subscription_id' should satisfy the constraint - 'Pattern': '^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'" if !@client.subscription_id.nil? && @client.subscription_id.match(Regexp.new('^^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$$')).nil?
  fail ArgumentError, 'resource_group_name is nil' if resource_group_name.nil?
  fail ArgumentError, "'resource_group_name' should satisfy the constraint - 'MaxLength': '90'" if !resource_group_name.nil? && resource_group_name.length > 90
  fail ArgumentError, "'resource_group_name' should satisfy the constraint - 'MinLength': '1'" if !resource_group_name.nil? && resource_group_name.length < 1
  fail ArgumentError, "'resource_group_name' should satisfy the constraint - 'Pattern': '^[-\w\._\(\)]+$'" if !resource_group_name.nil? && resource_group_name.match(Regexp.new('^^[-\w\._\(\)]+$$')).nil?
  fail ArgumentError, 'operational_insights_resource_provider is nil' if operational_insights_resource_provider.nil?
  fail ArgumentError, 'workspace_name is nil' if workspace_name.nil?
  fail ArgumentError, "'workspace_name' should satisfy the constraint - 'MaxLength': '90'" if !workspace_name.nil? && workspace_name.length > 90
  fail ArgumentError, "'workspace_name' should satisfy the constraint - 'MinLength': '1'" if !workspace_name.nil? && workspace_name.length < 1
  fail ArgumentError, 'threat_intelligence_arm_stix_query is nil' if threat_intelligence_arm_stix_query.nil?


  request_headers = {}
  request_headers['Content-Type'] = 'application/json; charset=utf-8'

  # Set Headers
  request_headers['x-ms-client-request-id'] = SecureRandom.uuid
  request_headers['accept-language'] = @client.accept_language unless @client.accept_language.nil?

  # Serialize Request
  request_mapper = Azure::SecurityInsights::Mgmt::V2019_01_01_preview::Models::ThreatIntelligenceArmStixQuery.mapper()
  request_content = @client.serialize(request_mapper,  threat_intelligence_arm_stix_query)
  request_content = request_content != nil ? JSON.generate(request_content, quirks_mode: true) : nil

  path_template = 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/queryIndicators'

  request_url = @base_url || @client.base_url

  options = {
      middlewares: [[MsRest::RetryPolicyMiddleware, times: 3, retry: 0.02], [:cookie_jar]],
      path_params: {'subscriptionId' => @client.subscription_id,'resourceGroupName' => resource_group_name,'operationalInsightsResourceProvider' => operational_insights_resource_provider,'workspaceName' => workspace_name},
      query_params: {'api-version' => @client.api_version},
      body: request_content,
      headers: request_headers.merge(custom_headers || {}),
      base_url: request_url
  }
  promise = @client.make_request_async(:post, path_template, options)

  promise = promise.then do |result|
    http_response = result.response
    status_code = http_response.status
    response_content = http_response.body
    unless status_code == 200
      error_model = JSON.load(response_content)
      fail MsRestAzure::AzureOperationError.new(result.request, http_response, error_model)
    end

    result.request_id = http_response['x-ms-request-id'] unless http_response['x-ms-request-id'].nil?
    result.correlation_request_id = http_response['x-ms-correlation-request-id'] unless http_response['x-ms-correlation-request-id'].nil?
    result.client_request_id = http_response['x-ms-client-request-id'] unless http_response['x-ms-client-request-id'].nil?
    # Deserialize Response
    if status_code == 200
      begin
        parsed_response = response_content.to_s.empty? ? nil : JSON.load(response_content)
        result_mapper = Azure::SecurityInsights::Mgmt::V2019_01_01_preview::Models::ThreatIntelligenceResourceList.mapper()
        result.body = @client.deserialize(result_mapper, parsed_response)
      rescue Exception => e
        fail MsRest::DeserializationError.new('Error occurred in deserializing the response', e.message, e.backtrace, result)
      end
    end

    result
  end

  promise.execute
end

#query_next(next_page_link, custom_headers: nil) ⇒ ThreatIntelligenceResourceList

Query all threat intelligence.

to List operation. will be added to the HTTP request.

Parameters:

• next_page_link (String) —

  The NextLink from the previous successful call

• custom_headers (Hash{String => String}) (defaults to: nil) —

  A hash of custom headers that

Returns:

• (ThreatIntelligenceResourceList) —

  operation results.

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/threat_intelligence_indicators_list.rb', line 159

def query_next(next_page_link, custom_headers:nil)
  response = query_next_async(next_page_link, custom_headers:custom_headers).value!
  response.body unless response.nil?
end

#query_next_async(next_page_link, custom_headers: nil) ⇒ Concurrent::Promise

Query all threat intelligence.

to List operation. to the HTTP request.

Parameters:

• next_page_link (String) —

  The NextLink from the previous successful call

• A (Hash{String => String}) —

  hash of custom headers that will be added

Returns:

• (Concurrent::Promise) —

  Promise object which holds the HTTP response.

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/threat_intelligence_indicators_list.rb', line 188

def query_next_async(next_page_link, custom_headers:nil)
  fail ArgumentError, 'next_page_link is nil' if next_page_link.nil?


  request_headers = {}
  request_headers['Content-Type'] = 'application/json; charset=utf-8'

  # Set Headers
  request_headers['x-ms-client-request-id'] = SecureRandom.uuid
  request_headers['accept-language'] = @client.accept_language unless @client.accept_language.nil?
  path_template = '{nextLink}'

  request_url = @base_url || @client.base_url

  options = {
      middlewares: [[MsRest::RetryPolicyMiddleware, times: 3, retry: 0.02], [:cookie_jar]],
      skip_encoding_path_params: {'nextLink' => next_page_link},
      headers: request_headers.merge(custom_headers || {}),
      base_url: request_url
  }
  promise = @client.make_request_async(:post, path_template, options)

  promise = promise.then do |result|
    http_response = result.response
    status_code = http_response.status
    response_content = http_response.body
    unless status_code == 200
      error_model = JSON.load(response_content)
      fail MsRestAzure::AzureOperationError.new(result.request, http_response, error_model)
    end

    result.request_id = http_response['x-ms-request-id'] unless http_response['x-ms-request-id'].nil?
    result.correlation_request_id = http_response['x-ms-correlation-request-id'] unless http_response['x-ms-correlation-request-id'].nil?
    result.client_request_id = http_response['x-ms-client-request-id'] unless http_response['x-ms-client-request-id'].nil?
    # Deserialize Response
    if status_code == 200
      begin
        parsed_response = response_content.to_s.empty? ? nil : JSON.load(response_content)
        result_mapper = Azure::SecurityInsights::Mgmt::V2019_01_01_preview::Models::ThreatIntelligenceResourceList.mapper()
        result.body = @client.deserialize(result_mapper, parsed_response)
      rescue Exception => e
        fail MsRest::DeserializationError.new('Error occurred in deserializing the response', e.message, e.backtrace, result)
      end
    end

    result
  end

  promise.execute
end

#query_next_with_http_info(next_page_link, custom_headers: nil) ⇒ MsRestAzure::AzureOperationResponse

Query all threat intelligence.

to List operation. will be added to the HTTP request.

Parameters:

• next_page_link (String) —

  The NextLink from the previous successful call

• custom_headers (Hash{String => String}) (defaults to: nil) —

  A hash of custom headers that

Returns:

• (MsRestAzure::AzureOperationResponse) —

  HTTP response information.

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/threat_intelligence_indicators_list.rb', line 174

def query_next_with_http_info(next_page_link, custom_headers:nil)
  query_next_async(next_page_link, custom_headers:custom_headers).value!
end

#query_with_http_info(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers: nil) ⇒ MsRestAzure::AzureOperationResponse

Query all threat intelligence.

user’s subscription. The name is case insensitive. workspaces resource provider- Microsoft.OperationalInsights. The threat intelligence ARM STIX query will be added to the HTTP request.

Parameters:

• resource_group_name (String) —

  The name of the resource group within the

• operational_insights_resource_provider (String) —

  The namespace of

• workspace_name (String) —

  The name of the workspace.

• threat_intelligence_arm_stix_query (ThreatIntelligenceArmStixQuery)
• custom_headers (Hash{String => String}) (defaults to: nil) —

  A hash of custom headers that

Returns:

• (MsRestAzure::AzureOperationResponse) —

  HTTP response information.

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/threat_intelligence_indicators_list.rb', line 60

def query_with_http_info(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers:nil)
  query_async(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers:custom_headers).value!
end