@azure/arm-security
Version:
A generated SDK for SecurityCenter.
835 lines (830 loc) • 751 kB
JavaScript
'use strict';
Object.defineProperty(exports, '__esModule', { value: true });
var coreClient = require('@azure/core-client');
var tslib = require('tslib');
var coreLro = require('@azure/core-lro');
function _interopNamespace(e) {
if (e && e.__esModule) return e;
var n = Object.create(null);
if (e) {
Object.keys(e).forEach(function (k) {
if (k !== 'default') {
var d = Object.getOwnPropertyDescriptor(e, k);
Object.defineProperty(n, k, d.get ? d : {
enumerable: true,
get: function () { return e[k]; }
});
}
});
}
n["default"] = e;
return Object.freeze(n);
}
var coreClient__namespace = /*#__PURE__*/_interopNamespace(coreClient);
/*
* Copyright (c) Microsoft Corporation.
* Licensed under the MIT License.
*
* Code generated by Microsoft (R) AutoRest Code Generator.
* Changes may cause incorrect behavior and will be lost if the code is regenerated.
*/
/** Known values of {@link CreatedByType} that the service accepts. */
exports.KnownCreatedByType = void 0;
(function (KnownCreatedByType) {
KnownCreatedByType["User"] = "User";
KnownCreatedByType["Application"] = "Application";
KnownCreatedByType["ManagedIdentity"] = "ManagedIdentity";
KnownCreatedByType["Key"] = "Key";
})(exports.KnownCreatedByType || (exports.KnownCreatedByType = {}));
/** Known values of {@link SupportedCloudEnum} that the service accepts. */
exports.KnownSupportedCloudEnum = void 0;
(function (KnownSupportedCloudEnum) {
KnownSupportedCloudEnum["AWS"] = "AWS";
KnownSupportedCloudEnum["GCP"] = "GCP";
})(exports.KnownSupportedCloudEnum || (exports.KnownSupportedCloudEnum = {}));
/** Known values of {@link SeverityEnum} that the service accepts. */
exports.KnownSeverityEnum = void 0;
(function (KnownSeverityEnum) {
KnownSeverityEnum["High"] = "High";
KnownSeverityEnum["Medium"] = "Medium";
KnownSeverityEnum["Low"] = "Low";
})(exports.KnownSeverityEnum || (exports.KnownSeverityEnum = {}));
/** Known values of {@link ResourceStatus} that the service accepts. */
exports.KnownResourceStatus = void 0;
(function (KnownResourceStatus) {
/** This assessment on the resource is healthy */
KnownResourceStatus["Healthy"] = "Healthy";
/** This assessment is not applicable to this resource */
KnownResourceStatus["NotApplicable"] = "NotApplicable";
/** This assessment is turned off by policy on this subscription */
KnownResourceStatus["OffByPolicy"] = "OffByPolicy";
/** This assessment on the resource is not healthy */
KnownResourceStatus["NotHealthy"] = "NotHealthy";
})(exports.KnownResourceStatus || (exports.KnownResourceStatus = {}));
/** Known values of {@link PricingTier} that the service accepts. */
exports.KnownPricingTier = void 0;
(function (KnownPricingTier) {
/** Get free Azure security center experience with basic security features */
KnownPricingTier["Free"] = "Free";
/** Get the standard Azure security center experience with advanced security features */
KnownPricingTier["Standard"] = "Standard";
})(exports.KnownPricingTier || (exports.KnownPricingTier = {}));
/** Known values of {@link ValueType} that the service accepts. */
exports.KnownValueType = void 0;
(function (KnownValueType) {
/** An IP range in CIDR format (e.g. '192.168.0.1/8'). */
KnownValueType["IpCidr"] = "IpCidr";
/** Any string value. */
KnownValueType["String"] = "String";
})(exports.KnownValueType || (exports.KnownValueType = {}));
/** Known values of {@link SecuritySolutionStatus} that the service accepts. */
exports.KnownSecuritySolutionStatus = void 0;
(function (KnownSecuritySolutionStatus) {
KnownSecuritySolutionStatus["Enabled"] = "Enabled";
KnownSecuritySolutionStatus["Disabled"] = "Disabled";
})(exports.KnownSecuritySolutionStatus || (exports.KnownSecuritySolutionStatus = {}));
/** Known values of {@link ExportData} that the service accepts. */
exports.KnownExportData = void 0;
(function (KnownExportData) {
/** Agent raw events */
KnownExportData["RawEvents"] = "RawEvents";
})(exports.KnownExportData || (exports.KnownExportData = {}));
/** Known values of {@link DataSource} that the service accepts. */
exports.KnownDataSource = void 0;
(function (KnownDataSource) {
/** Devices twin data */
KnownDataSource["TwinData"] = "TwinData";
})(exports.KnownDataSource || (exports.KnownDataSource = {}));
/** Known values of {@link RecommendationType} that the service accepts. */
exports.KnownRecommendationType = void 0;
(function (KnownRecommendationType) {
/** Authentication schema used for pull an edge module from an ACR repository does not use Service Principal Authentication. */
KnownRecommendationType["IoTAcrauthentication"] = "IoT_ACRAuthentication";
/** IoT agent message size capacity is currently underutilized, causing an increase in the number of sent messages. Adjust message intervals for better utilization. */
KnownRecommendationType["IoTAgentSendsUnutilizedMessages"] = "IoT_AgentSendsUnutilizedMessages";
/** Identified security related system configuration issues. */
KnownRecommendationType["IoTBaseline"] = "IoT_Baseline";
/** You can optimize Edge Hub memory usage by turning off protocol heads for any protocols not used by Edge modules in your solution. */
KnownRecommendationType["IoTEdgeHubMemOptimize"] = "IoT_EdgeHubMemOptimize";
/** Logging is disabled for this edge module. */
KnownRecommendationType["IoTEdgeLoggingOptions"] = "IoT_EdgeLoggingOptions";
/** A minority within a device security group has inconsistent Edge Module settings with the rest of their group. */
KnownRecommendationType["IoTInconsistentModuleSettings"] = "IoT_InconsistentModuleSettings";
/** Install the Azure Security of Things Agent. */
KnownRecommendationType["IoTInstallAgent"] = "IoT_InstallAgent";
/** IP Filter Configuration should have rules defined for allowed traffic and should deny all other traffic by default. */
KnownRecommendationType["IoTIpfilterDenyAll"] = "IoT_IPFilter_DenyAll";
/** An Allow IP Filter rules source IP range is too large. Overly permissive rules might expose your IoT hub to malicious intenders. */
KnownRecommendationType["IoTIpfilterPermissiveRule"] = "IoT_IPFilter_PermissiveRule";
/** A listening endpoint was found on the device. */
KnownRecommendationType["IoTOpenPorts"] = "IoT_OpenPorts";
/** An Allowed firewall policy was found (INPUT/OUTPUT). The policy should Deny all traffic by default and define rules to allow necessary communication to/from the device. */
KnownRecommendationType["IoTPermissiveFirewallPolicy"] = "IoT_PermissiveFirewallPolicy";
/** A rule in the firewall has been found that contains a permissive pattern for a wide range of IP addresses or Ports. */
KnownRecommendationType["IoTPermissiveInputFirewallRules"] = "IoT_PermissiveInputFirewallRules";
/** A rule in the firewall has been found that contains a permissive pattern for a wide range of IP addresses or Ports. */
KnownRecommendationType["IoTPermissiveOutputFirewallRules"] = "IoT_PermissiveOutputFirewallRules";
/** Edge module is configured to run in privileged mode, with extensive Linux capabilities or with host-level network access (send/receive data to host machine). */
KnownRecommendationType["IoTPrivilegedDockerOptions"] = "IoT_PrivilegedDockerOptions";
/** Same authentication credentials to the IoT Hub used by multiple devices. This could indicate an illegitimate device impersonating a legitimate device. It also exposes the risk of device impersonation by an attacker. */
KnownRecommendationType["IoTSharedCredentials"] = "IoT_SharedCredentials";
/** Insecure TLS configurations detected. Immediate upgrade recommended. */
KnownRecommendationType["IoTVulnerableTLSCipherSuite"] = "IoT_VulnerableTLSCipherSuite";
})(exports.KnownRecommendationType || (exports.KnownRecommendationType = {}));
/** Known values of {@link RecommendationConfigStatus} that the service accepts. */
exports.KnownRecommendationConfigStatus = void 0;
(function (KnownRecommendationConfigStatus) {
KnownRecommendationConfigStatus["Disabled"] = "Disabled";
KnownRecommendationConfigStatus["Enabled"] = "Enabled";
})(exports.KnownRecommendationConfigStatus || (exports.KnownRecommendationConfigStatus = {}));
/** Known values of {@link UnmaskedIpLoggingStatus} that the service accepts. */
exports.KnownUnmaskedIpLoggingStatus = void 0;
(function (KnownUnmaskedIpLoggingStatus) {
/** Unmasked IP logging is disabled */
KnownUnmaskedIpLoggingStatus["Disabled"] = "Disabled";
/** Unmasked IP logging is enabled */
KnownUnmaskedIpLoggingStatus["Enabled"] = "Enabled";
})(exports.KnownUnmaskedIpLoggingStatus || (exports.KnownUnmaskedIpLoggingStatus = {}));
/** Known values of {@link AdditionalWorkspaceType} that the service accepts. */
exports.KnownAdditionalWorkspaceType = void 0;
(function (KnownAdditionalWorkspaceType) {
KnownAdditionalWorkspaceType["Sentinel"] = "Sentinel";
})(exports.KnownAdditionalWorkspaceType || (exports.KnownAdditionalWorkspaceType = {}));
/** Known values of {@link AdditionalWorkspaceDataType} that the service accepts. */
exports.KnownAdditionalWorkspaceDataType = void 0;
(function (KnownAdditionalWorkspaceDataType) {
KnownAdditionalWorkspaceDataType["Alerts"] = "Alerts";
KnownAdditionalWorkspaceDataType["RawEvents"] = "RawEvents";
})(exports.KnownAdditionalWorkspaceDataType || (exports.KnownAdditionalWorkspaceDataType = {}));
/** Known values of {@link ReportedSeverity} that the service accepts. */
exports.KnownReportedSeverity = void 0;
(function (KnownReportedSeverity) {
KnownReportedSeverity["Informational"] = "Informational";
KnownReportedSeverity["Low"] = "Low";
KnownReportedSeverity["Medium"] = "Medium";
KnownReportedSeverity["High"] = "High";
})(exports.KnownReportedSeverity || (exports.KnownReportedSeverity = {}));
/** Known values of {@link TaskUpdateActionType} that the service accepts. */
exports.KnownTaskUpdateActionType = void 0;
(function (KnownTaskUpdateActionType) {
KnownTaskUpdateActionType["Activate"] = "Activate";
KnownTaskUpdateActionType["Dismiss"] = "Dismiss";
KnownTaskUpdateActionType["Start"] = "Start";
KnownTaskUpdateActionType["Resolve"] = "Resolve";
KnownTaskUpdateActionType["Close"] = "Close";
})(exports.KnownTaskUpdateActionType || (exports.KnownTaskUpdateActionType = {}));
/** Known values of {@link AutoProvision} that the service accepts. */
exports.KnownAutoProvision = void 0;
(function (KnownAutoProvision) {
/** Install missing security agent on VMs automatically */
KnownAutoProvision["On"] = "On";
/** Do not install security agent on the VMs automatically */
KnownAutoProvision["Off"] = "Off";
})(exports.KnownAutoProvision || (exports.KnownAutoProvision = {}));
/** Known values of {@link InformationProtectionPolicyName} that the service accepts. */
exports.KnownInformationProtectionPolicyName = void 0;
(function (KnownInformationProtectionPolicyName) {
KnownInformationProtectionPolicyName["Effective"] = "effective";
KnownInformationProtectionPolicyName["Custom"] = "custom";
})(exports.KnownInformationProtectionPolicyName || (exports.KnownInformationProtectionPolicyName = {}));
/** Known values of {@link AlertNotifications} that the service accepts. */
exports.KnownAlertNotifications = void 0;
(function (KnownAlertNotifications) {
/** Get notifications on new alerts */
KnownAlertNotifications["On"] = "On";
/** Don't get notifications on new alerts */
KnownAlertNotifications["Off"] = "Off";
})(exports.KnownAlertNotifications || (exports.KnownAlertNotifications = {}));
/** Known values of {@link AlertsToAdmins} that the service accepts. */
exports.KnownAlertsToAdmins = void 0;
(function (KnownAlertsToAdmins) {
/** Send notification on new alerts to the subscription's admins */
KnownAlertsToAdmins["On"] = "On";
/** Don't send notification on new alerts to the subscription's admins */
KnownAlertsToAdmins["Off"] = "Off";
})(exports.KnownAlertsToAdmins || (exports.KnownAlertsToAdmins = {}));
/** Known values of {@link State} that the service accepts. */
exports.KnownState = void 0;
(function (KnownState) {
/** All supported regulatory compliance controls in the given standard have a passed state */
KnownState["Passed"] = "Passed";
/** At least one supported regulatory compliance control in the given standard has a state of failed */
KnownState["Failed"] = "Failed";
/** All supported regulatory compliance controls in the given standard have a state of skipped */
KnownState["Skipped"] = "Skipped";
/** No supported regulatory compliance data for the given standard */
KnownState["Unsupported"] = "Unsupported";
})(exports.KnownState || (exports.KnownState = {}));
/** Known values of {@link SubAssessmentStatusCode} that the service accepts. */
exports.KnownSubAssessmentStatusCode = void 0;
(function (KnownSubAssessmentStatusCode) {
/** The resource is healthy */
KnownSubAssessmentStatusCode["Healthy"] = "Healthy";
/** The resource has a security issue that needs to be addressed */
KnownSubAssessmentStatusCode["Unhealthy"] = "Unhealthy";
/** Assessment for this resource did not happen */
KnownSubAssessmentStatusCode["NotApplicable"] = "NotApplicable";
})(exports.KnownSubAssessmentStatusCode || (exports.KnownSubAssessmentStatusCode = {}));
/** Known values of {@link Severity} that the service accepts. */
exports.KnownSeverity = void 0;
(function (KnownSeverity) {
KnownSeverity["Low"] = "Low";
KnownSeverity["Medium"] = "Medium";
KnownSeverity["High"] = "High";
})(exports.KnownSeverity || (exports.KnownSeverity = {}));
/** Known values of {@link Source} that the service accepts. */
exports.KnownSource = void 0;
(function (KnownSource) {
/** Resource is in Azure */
KnownSource["Azure"] = "Azure";
/** Resource in an on premise machine connected to Azure cloud */
KnownSource["OnPremise"] = "OnPremise";
/** SQL Resource in an on premise machine connected to Azure cloud */
KnownSource["OnPremiseSql"] = "OnPremiseSql";
})(exports.KnownSource || (exports.KnownSource = {}));
/** Known values of {@link AssessedResourceType} that the service accepts. */
exports.KnownAssessedResourceType = void 0;
(function (KnownAssessedResourceType) {
KnownAssessedResourceType["SqlServerVulnerability"] = "SqlServerVulnerability";
KnownAssessedResourceType["ContainerRegistryVulnerability"] = "ContainerRegistryVulnerability";
KnownAssessedResourceType["ServerVulnerability"] = "ServerVulnerability";
})(exports.KnownAssessedResourceType || (exports.KnownAssessedResourceType = {}));
/** Known values of {@link EventSource} that the service accepts. */
exports.KnownEventSource = void 0;
(function (KnownEventSource) {
KnownEventSource["Assessments"] = "Assessments";
KnownEventSource["AssessmentsSnapshot"] = "AssessmentsSnapshot";
KnownEventSource["SubAssessments"] = "SubAssessments";
KnownEventSource["SubAssessmentsSnapshot"] = "SubAssessmentsSnapshot";
KnownEventSource["Alerts"] = "Alerts";
KnownEventSource["SecureScores"] = "SecureScores";
KnownEventSource["SecureScoresSnapshot"] = "SecureScoresSnapshot";
KnownEventSource["SecureScoreControls"] = "SecureScoreControls";
KnownEventSource["SecureScoreControlsSnapshot"] = "SecureScoreControlsSnapshot";
KnownEventSource["RegulatoryComplianceAssessment"] = "RegulatoryComplianceAssessment";
KnownEventSource["RegulatoryComplianceAssessmentSnapshot"] = "RegulatoryComplianceAssessmentSnapshot";
})(exports.KnownEventSource || (exports.KnownEventSource = {}));
/** Known values of {@link PropertyType} that the service accepts. */
exports.KnownPropertyType = void 0;
(function (KnownPropertyType) {
KnownPropertyType["String"] = "String";
KnownPropertyType["Integer"] = "Integer";
KnownPropertyType["Number"] = "Number";
KnownPropertyType["Boolean"] = "Boolean";
})(exports.KnownPropertyType || (exports.KnownPropertyType = {}));
/** Known values of {@link Operator} that the service accepts. */
exports.KnownOperator = void 0;
(function (KnownOperator) {
/** Applies for decimal and non-decimal operands */
KnownOperator["Equals"] = "Equals";
/** Applies only for decimal operands */
KnownOperator["GreaterThan"] = "GreaterThan";
/** Applies only for decimal operands */
KnownOperator["GreaterThanOrEqualTo"] = "GreaterThanOrEqualTo";
/** Applies only for decimal operands */
KnownOperator["LesserThan"] = "LesserThan";
/** Applies only for decimal operands */
KnownOperator["LesserThanOrEqualTo"] = "LesserThanOrEqualTo";
/** Applies for decimal and non-decimal operands */
KnownOperator["NotEquals"] = "NotEquals";
/** Applies only for non-decimal operands */
KnownOperator["Contains"] = "Contains";
/** Applies only for non-decimal operands */
KnownOperator["StartsWith"] = "StartsWith";
/** Applies only for non-decimal operands */
KnownOperator["EndsWith"] = "EndsWith";
})(exports.KnownOperator || (exports.KnownOperator = {}));
/** Known values of {@link ActionType} that the service accepts. */
exports.KnownActionType = void 0;
(function (KnownActionType) {
KnownActionType["LogicApp"] = "LogicApp";
KnownActionType["EventHub"] = "EventHub";
KnownActionType["Workspace"] = "Workspace";
})(exports.KnownActionType || (exports.KnownActionType = {}));
/** Known values of {@link ServerVulnerabilityAssessmentPropertiesProvisioningState} that the service accepts. */
exports.KnownServerVulnerabilityAssessmentPropertiesProvisioningState = void 0;
(function (KnownServerVulnerabilityAssessmentPropertiesProvisioningState) {
KnownServerVulnerabilityAssessmentPropertiesProvisioningState["Succeeded"] = "Succeeded";
KnownServerVulnerabilityAssessmentPropertiesProvisioningState["Failed"] = "Failed";
KnownServerVulnerabilityAssessmentPropertiesProvisioningState["Canceled"] = "Canceled";
KnownServerVulnerabilityAssessmentPropertiesProvisioningState["Provisioning"] = "Provisioning";
KnownServerVulnerabilityAssessmentPropertiesProvisioningState["Deprovisioning"] = "Deprovisioning";
})(exports.KnownServerVulnerabilityAssessmentPropertiesProvisioningState || (exports.KnownServerVulnerabilityAssessmentPropertiesProvisioningState = {}));
/** Known values of {@link Tactics} that the service accepts. */
exports.KnownTactics = void 0;
(function (KnownTactics) {
KnownTactics["Reconnaissance"] = "Reconnaissance";
KnownTactics["ResourceDevelopment"] = "Resource Development";
KnownTactics["InitialAccess"] = "Initial Access";
KnownTactics["Execution"] = "Execution";
KnownTactics["Persistence"] = "Persistence";
KnownTactics["PrivilegeEscalation"] = "Privilege Escalation";
KnownTactics["DefenseEvasion"] = "Defense Evasion";
KnownTactics["CredentialAccess"] = "Credential Access";
KnownTactics["Discovery"] = "Discovery";
KnownTactics["LateralMovement"] = "Lateral Movement";
KnownTactics["Collection"] = "Collection";
KnownTactics["CommandAndControl"] = "Command and Control";
KnownTactics["Exfiltration"] = "Exfiltration";
KnownTactics["Impact"] = "Impact";
})(exports.KnownTactics || (exports.KnownTactics = {}));
/** Known values of {@link Techniques} that the service accepts. */
exports.KnownTechniques = void 0;
(function (KnownTechniques) {
KnownTechniques["AbuseElevationControlMechanism"] = "Abuse Elevation Control Mechanism";
KnownTechniques["AccessTokenManipulation"] = "Access Token Manipulation";
KnownTechniques["AccountDiscovery"] = "Account Discovery";
KnownTechniques["AccountManipulation"] = "Account Manipulation";
KnownTechniques["ActiveScanning"] = "Active Scanning";
KnownTechniques["ApplicationLayerProtocol"] = "Application Layer Protocol";
KnownTechniques["AudioCapture"] = "Audio Capture";
KnownTechniques["BootOrLogonAutostartExecution"] = "Boot or Logon Autostart Execution";
KnownTechniques["BootOrLogonInitializationScripts"] = "Boot or Logon Initialization Scripts";
KnownTechniques["BruteForce"] = "Brute Force";
KnownTechniques["CloudInfrastructureDiscovery"] = "Cloud Infrastructure Discovery";
KnownTechniques["CloudServiceDashboard"] = "Cloud Service Dashboard";
KnownTechniques["CloudServiceDiscovery"] = "Cloud Service Discovery";
KnownTechniques["CommandAndScriptingInterpreter"] = "Command and Scripting Interpreter";
KnownTechniques["CompromiseClientSoftwareBinary"] = "Compromise Client Software Binary";
KnownTechniques["CompromiseInfrastructure"] = "Compromise Infrastructure";
KnownTechniques["ContainerAndResourceDiscovery"] = "Container and Resource Discovery";
KnownTechniques["CreateAccount"] = "Create Account";
KnownTechniques["CreateOrModifySystemProcess"] = "Create or Modify System Process";
KnownTechniques["CredentialsFromPasswordStores"] = "Credentials from Password Stores";
KnownTechniques["DataDestruction"] = "Data Destruction";
KnownTechniques["DataEncryptedForImpact"] = "Data Encrypted for Impact";
KnownTechniques["DataFromCloudStorageObject"] = "Data from Cloud Storage Object";
KnownTechniques["DataFromConfigurationRepository"] = "Data from Configuration Repository";
KnownTechniques["DataFromInformationRepositories"] = "Data from Information Repositories";
KnownTechniques["DataFromLocalSystem"] = "Data from Local System";
KnownTechniques["DataManipulation"] = "Data Manipulation";
KnownTechniques["DataStaged"] = "Data Staged";
KnownTechniques["Defacement"] = "Defacement";
KnownTechniques["DeobfuscateDecodeFilesOrInformation"] = "Deobfuscate/Decode Files or Information";
KnownTechniques["DiskWipe"] = "Disk Wipe";
KnownTechniques["DomainTrustDiscovery"] = "Domain Trust Discovery";
KnownTechniques["DriveByCompromise"] = "Drive-by Compromise";
KnownTechniques["DynamicResolution"] = "Dynamic Resolution";
KnownTechniques["EndpointDenialOfService"] = "Endpoint Denial of Service";
KnownTechniques["EventTriggeredExecution"] = "Event Triggered Execution";
KnownTechniques["ExfiltrationOverAlternativeProtocol"] = "Exfiltration Over Alternative Protocol";
KnownTechniques["ExploitPublicFacingApplication"] = "Exploit Public-Facing Application";
KnownTechniques["ExploitationForClientExecution"] = "Exploitation for Client Execution";
KnownTechniques["ExploitationForCredentialAccess"] = "Exploitation for Credential Access";
KnownTechniques["ExploitationForDefenseEvasion"] = "Exploitation for Defense Evasion";
KnownTechniques["ExploitationForPrivilegeEscalation"] = "Exploitation for Privilege Escalation";
KnownTechniques["ExploitationOfRemoteServices"] = "Exploitation of Remote Services";
KnownTechniques["ExternalRemoteServices"] = "External Remote Services";
KnownTechniques["FallbackChannels"] = "Fallback Channels";
KnownTechniques["FileAndDirectoryDiscovery"] = "File and Directory Discovery";
KnownTechniques["GatherVictimNetworkInformation"] = "Gather Victim Network Information";
KnownTechniques["HideArtifacts"] = "Hide Artifacts";
KnownTechniques["HijackExecutionFlow"] = "Hijack Execution Flow";
KnownTechniques["ImpairDefenses"] = "Impair Defenses";
KnownTechniques["ImplantContainerImage"] = "Implant Container Image";
KnownTechniques["IndicatorRemovalOnHost"] = "Indicator Removal on Host";
KnownTechniques["IndirectCommandExecution"] = "Indirect Command Execution";
KnownTechniques["IngressToolTransfer"] = "Ingress Tool Transfer";
KnownTechniques["InputCapture"] = "Input Capture";
KnownTechniques["InterProcessCommunication"] = "Inter-Process Communication";
KnownTechniques["LateralToolTransfer"] = "Lateral Tool Transfer";
KnownTechniques["ManInTheMiddle"] = "Man-in-the-Middle";
KnownTechniques["Masquerading"] = "Masquerading";
KnownTechniques["ModifyAuthenticationProcess"] = "Modify Authentication Process";
KnownTechniques["ModifyRegistry"] = "Modify Registry";
KnownTechniques["NetworkDenialOfService"] = "Network Denial of Service";
KnownTechniques["NetworkServiceScanning"] = "Network Service Scanning";
KnownTechniques["NetworkSniffing"] = "Network Sniffing";
KnownTechniques["NonApplicationLayerProtocol"] = "Non-Application Layer Protocol";
KnownTechniques["NonStandardPort"] = "Non-Standard Port";
KnownTechniques["ObtainCapabilities"] = "Obtain Capabilities";
KnownTechniques["ObfuscatedFilesOrInformation"] = "Obfuscated Files or Information";
KnownTechniques["OfficeApplicationStartup"] = "Office Application Startup";
KnownTechniques["OSCredentialDumping"] = "OS Credential Dumping";
KnownTechniques["PermissionGroupsDiscovery"] = "Permission Groups Discovery";
KnownTechniques["Phishing"] = "Phishing";
KnownTechniques["PreOSBoot"] = "Pre-OS Boot";
KnownTechniques["ProcessDiscovery"] = "Process Discovery";
KnownTechniques["ProcessInjection"] = "Process Injection";
KnownTechniques["ProtocolTunneling"] = "Protocol Tunneling";
KnownTechniques["Proxy"] = "Proxy";
KnownTechniques["QueryRegistry"] = "Query Registry";
KnownTechniques["RemoteAccessSoftware"] = "Remote Access Software";
KnownTechniques["RemoteServiceSessionHijacking"] = "Remote Service Session Hijacking";
KnownTechniques["RemoteServices"] = "Remote Services";
KnownTechniques["RemoteSystemDiscovery"] = "Remote System Discovery";
KnownTechniques["ResourceHijacking"] = "Resource Hijacking";
KnownTechniques["ScheduledTaskJob"] = "Scheduled Task/Job";
KnownTechniques["ScreenCapture"] = "Screen Capture";
KnownTechniques["SearchVictimOwnedWebsites"] = "Search Victim-Owned Websites";
KnownTechniques["ServerSoftwareComponent"] = "Server Software Component";
KnownTechniques["ServiceStop"] = "Service Stop";
KnownTechniques["SignedBinaryProxyExecution"] = "Signed Binary Proxy Execution";
KnownTechniques["SoftwareDeploymentTools"] = "Software Deployment Tools";
KnownTechniques["SQLStoredProcedures"] = "SQL Stored Procedures";
KnownTechniques["StealOrForgeKerberosTickets"] = "Steal or Forge Kerberos Tickets";
KnownTechniques["SubvertTrustControls"] = "Subvert Trust Controls";
KnownTechniques["SupplyChainCompromise"] = "Supply Chain Compromise";
KnownTechniques["SystemInformationDiscovery"] = "System Information Discovery";
KnownTechniques["TaintSharedContent"] = "Taint Shared Content";
KnownTechniques["TrafficSignaling"] = "Traffic Signaling";
KnownTechniques["TransferDataToCloudAccount"] = "Transfer Data to Cloud Account";
KnownTechniques["TrustedRelationship"] = "Trusted Relationship";
KnownTechniques["UnsecuredCredentials"] = "Unsecured Credentials";
KnownTechniques["UserExecution"] = "User Execution";
KnownTechniques["ValidAccounts"] = "Valid Accounts";
KnownTechniques["WindowsManagementInstrumentation"] = "Windows Management Instrumentation";
KnownTechniques["FileAndDirectoryPermissionsModification"] = "File and Directory Permissions Modification";
})(exports.KnownTechniques || (exports.KnownTechniques = {}));
/** Known values of {@link Categories} that the service accepts. */
exports.KnownCategories = void 0;
(function (KnownCategories) {
KnownCategories["Compute"] = "Compute";
KnownCategories["Networking"] = "Networking";
KnownCategories["Data"] = "Data";
KnownCategories["IdentityAndAccess"] = "IdentityAndAccess";
KnownCategories["IoT"] = "IoT";
})(exports.KnownCategories || (exports.KnownCategories = {}));
/** Known values of {@link UserImpact} that the service accepts. */
exports.KnownUserImpact = void 0;
(function (KnownUserImpact) {
KnownUserImpact["Low"] = "Low";
KnownUserImpact["Moderate"] = "Moderate";
KnownUserImpact["High"] = "High";
})(exports.KnownUserImpact || (exports.KnownUserImpact = {}));
/** Known values of {@link ImplementationEffort} that the service accepts. */
exports.KnownImplementationEffort = void 0;
(function (KnownImplementationEffort) {
KnownImplementationEffort["Low"] = "Low";
KnownImplementationEffort["Moderate"] = "Moderate";
KnownImplementationEffort["High"] = "High";
})(exports.KnownImplementationEffort || (exports.KnownImplementationEffort = {}));
/** Known values of {@link Threats} that the service accepts. */
exports.KnownThreats = void 0;
(function (KnownThreats) {
KnownThreats["AccountBreach"] = "accountBreach";
KnownThreats["DataExfiltration"] = "dataExfiltration";
KnownThreats["DataSpillage"] = "dataSpillage";
KnownThreats["MaliciousInsider"] = "maliciousInsider";
KnownThreats["ElevationOfPrivilege"] = "elevationOfPrivilege";
KnownThreats["ThreatResistance"] = "threatResistance";
KnownThreats["MissingCoverage"] = "missingCoverage";
KnownThreats["DenialOfService"] = "denialOfService";
})(exports.KnownThreats || (exports.KnownThreats = {}));
/** Known values of {@link AssessmentType} that the service accepts. */
exports.KnownAssessmentType = void 0;
(function (KnownAssessmentType) {
/** Azure Security Center managed assessments */
KnownAssessmentType["BuiltIn"] = "BuiltIn";
/** User defined policies that are automatically ingested from Azure Policy to Azure Security Center */
KnownAssessmentType["CustomPolicy"] = "CustomPolicy";
/** User assessments pushed directly by the user or other third party to Azure Security Center */
KnownAssessmentType["CustomerManaged"] = "CustomerManaged";
/** An assessment that was created by a verified 3rd party if the user connected it to ASC */
KnownAssessmentType["VerifiedPartner"] = "VerifiedPartner";
})(exports.KnownAssessmentType || (exports.KnownAssessmentType = {}));
/** Known values of {@link AssessmentStatusCode} that the service accepts. */
exports.KnownAssessmentStatusCode = void 0;
(function (KnownAssessmentStatusCode) {
/** The resource is healthy */
KnownAssessmentStatusCode["Healthy"] = "Healthy";
/** The resource has a security issue that needs to be addressed */
KnownAssessmentStatusCode["Unhealthy"] = "Unhealthy";
/** Assessment for this resource did not happen */
KnownAssessmentStatusCode["NotApplicable"] = "NotApplicable";
})(exports.KnownAssessmentStatusCode || (exports.KnownAssessmentStatusCode = {}));
/** Known values of {@link ExpandEnum} that the service accepts. */
exports.KnownExpandEnum = void 0;
(function (KnownExpandEnum) {
/** All links associated with an assessment */
KnownExpandEnum["Links"] = "links";
/** Assessment metadata */
KnownExpandEnum["Metadata"] = "metadata";
})(exports.KnownExpandEnum || (exports.KnownExpandEnum = {}));
/** Known values of {@link EnforcementMode} that the service accepts. */
exports.KnownEnforcementMode = void 0;
(function (KnownEnforcementMode) {
KnownEnforcementMode["Audit"] = "Audit";
KnownEnforcementMode["Enforce"] = "Enforce";
KnownEnforcementMode["None"] = "None";
})(exports.KnownEnforcementMode || (exports.KnownEnforcementMode = {}));
/** Known values of {@link ConfigurationStatus} that the service accepts. */
exports.KnownConfigurationStatus = void 0;
(function (KnownConfigurationStatus) {
KnownConfigurationStatus["Configured"] = "Configured";
KnownConfigurationStatus["NotConfigured"] = "NotConfigured";
KnownConfigurationStatus["InProgress"] = "InProgress";
KnownConfigurationStatus["Failed"] = "Failed";
KnownConfigurationStatus["NoStatus"] = "NoStatus";
})(exports.KnownConfigurationStatus || (exports.KnownConfigurationStatus = {}));
/** Known values of {@link RecommendationStatus} that the service accepts. */
exports.KnownRecommendationStatus = void 0;
(function (KnownRecommendationStatus) {
KnownRecommendationStatus["Recommended"] = "Recommended";
KnownRecommendationStatus["NotRecommended"] = "NotRecommended";
KnownRecommendationStatus["NotAvailable"] = "NotAvailable";
KnownRecommendationStatus["NoStatus"] = "NoStatus";
})(exports.KnownRecommendationStatus || (exports.KnownRecommendationStatus = {}));
/** Known values of {@link AdaptiveApplicationControlIssue} that the service accepts. */
exports.KnownAdaptiveApplicationControlIssue = void 0;
(function (KnownAdaptiveApplicationControlIssue) {
KnownAdaptiveApplicationControlIssue["ViolationsAudited"] = "ViolationsAudited";
KnownAdaptiveApplicationControlIssue["ViolationsBlocked"] = "ViolationsBlocked";
KnownAdaptiveApplicationControlIssue["MsiAndScriptViolationsAudited"] = "MsiAndScriptViolationsAudited";
KnownAdaptiveApplicationControlIssue["MsiAndScriptViolationsBlocked"] = "MsiAndScriptViolationsBlocked";
KnownAdaptiveApplicationControlIssue["ExecutableViolationsAudited"] = "ExecutableViolationsAudited";
KnownAdaptiveApplicationControlIssue["RulesViolatedManually"] = "RulesViolatedManually";
})(exports.KnownAdaptiveApplicationControlIssue || (exports.KnownAdaptiveApplicationControlIssue = {}));
/** Known values of {@link SourceSystem} that the service accepts. */
exports.KnownSourceSystem = void 0;
(function (KnownSourceSystem) {
KnownSourceSystem["AzureAppLocker"] = "Azure_AppLocker";
KnownSourceSystem["AzureAuditD"] = "Azure_AuditD";
KnownSourceSystem["NonAzureAppLocker"] = "NonAzure_AppLocker";
KnownSourceSystem["NonAzureAuditD"] = "NonAzure_AuditD";
KnownSourceSystem["None"] = "None";
})(exports.KnownSourceSystem || (exports.KnownSourceSystem = {}));
/** Known values of {@link RecommendationAction} that the service accepts. */
exports.KnownRecommendationAction = void 0;
(function (KnownRecommendationAction) {
KnownRecommendationAction["Recommended"] = "Recommended";
KnownRecommendationAction["Add"] = "Add";
KnownRecommendationAction["Remove"] = "Remove";
})(exports.KnownRecommendationAction || (exports.KnownRecommendationAction = {}));
/** Known values of {@link EnforcementSupport} that the service accepts. */
exports.KnownEnforcementSupport = void 0;
(function (KnownEnforcementSupport) {
KnownEnforcementSupport["Supported"] = "Supported";
KnownEnforcementSupport["NotSupported"] = "NotSupported";
KnownEnforcementSupport["Unknown"] = "Unknown";
})(exports.KnownEnforcementSupport || (exports.KnownEnforcementSupport = {}));
/** Known values of {@link FileType} that the service accepts. */
exports.KnownFileType = void 0;
(function (KnownFileType) {
KnownFileType["Exe"] = "Exe";
KnownFileType["Dll"] = "Dll";
KnownFileType["Msi"] = "Msi";
KnownFileType["Script"] = "Script";
KnownFileType["Executable"] = "Executable";
KnownFileType["Unknown"] = "Unknown";
})(exports.KnownFileType || (exports.KnownFileType = {}));
/** Known values of {@link Direction} that the service accepts. */
exports.KnownDirection = void 0;
(function (KnownDirection) {
KnownDirection["Inbound"] = "Inbound";
KnownDirection["Outbound"] = "Outbound";
})(exports.KnownDirection || (exports.KnownDirection = {}));
/** Known values of {@link TransportProtocol} that the service accepts. */
exports.KnownTransportProtocol = void 0;
(function (KnownTransportProtocol) {
KnownTransportProtocol["TCP"] = "TCP";
KnownTransportProtocol["UDP"] = "UDP";
})(exports.KnownTransportProtocol || (exports.KnownTransportProtocol = {}));
/** Known values of {@link ConnectionType} that the service accepts. */
exports.KnownConnectionType = void 0;
(function (KnownConnectionType) {
KnownConnectionType["Internal"] = "Internal";
KnownConnectionType["External"] = "External";
})(exports.KnownConnectionType || (exports.KnownConnectionType = {}));
/** Known values of {@link Protocol} that the service accepts. */
exports.KnownProtocol = void 0;
(function (KnownProtocol) {
KnownProtocol["TCP"] = "TCP";
KnownProtocol["UDP"] = "UDP";
KnownProtocol["All"] = "*";
})(exports.KnownProtocol || (exports.KnownProtocol = {}));
/** Known values of {@link Status} that the service accepts. */
exports.KnownStatus = void 0;
(function (KnownStatus) {
KnownStatus["Revoked"] = "Revoked";
KnownStatus["Initiated"] = "Initiated";
})(exports.KnownStatus || (exports.KnownStatus = {}));
/** Known values of {@link StatusReason} that the service accepts. */
exports.KnownStatusReason = void 0;
(function (KnownStatusReason) {
KnownStatusReason["Expired"] = "Expired";
KnownStatusReason["UserRequested"] = "UserRequested";
KnownStatusReason["NewerRequestInitiated"] = "NewerRequestInitiated";
})(exports.KnownStatusReason || (exports.KnownStatusReason = {}));
/** Known values of {@link SecurityFamily} that the service accepts. */
exports.KnownSecurityFamily = void 0;
(function (KnownSecurityFamily) {
KnownSecurityFamily["Waf"] = "Waf";
KnownSecurityFamily["Ngfw"] = "Ngfw";
KnownSecurityFamily["SaasWaf"] = "SaasWaf";
KnownSecurityFamily["Va"] = "Va";
})(exports.KnownSecurityFamily || (exports.KnownSecurityFamily = {}));
/** Known values of {@link ExternalSecuritySolutionKind} that the service accepts. */
exports.KnownExternalSecuritySolutionKind = void 0;
(function (KnownExternalSecuritySolutionKind) {
KnownExternalSecuritySolutionKind["CEF"] = "CEF";
KnownExternalSecuritySolutionKind["ATA"] = "ATA";
KnownExternalSecuritySolutionKind["AAD"] = "AAD";
})(exports.KnownExternalSecuritySolutionKind || (exports.KnownExternalSecuritySolutionKind = {}));
/** Known values of {@link ExpandControlsEnum} that the service accepts. */
exports.KnownExpandControlsEnum = void 0;
(function (KnownExpandControlsEnum) {
/** Add definition object for each control */
KnownExpandControlsEnum["Definition"] = "definition";
})(exports.KnownExpandControlsEnum || (exports.KnownExpandControlsEnum = {}));
/** Known values of {@link ControlType} that the service accepts. */
exports.KnownControlType = void 0;
(function (KnownControlType) {
/** Azure Security Center managed assessments */
KnownControlType["BuiltIn"] = "BuiltIn";
/** Non Azure Security Center managed assessments */
KnownControlType["Custom"] = "Custom";
})(exports.KnownControlType || (exports.KnownControlType = {}));
/** Known values of {@link ProvisioningState} that the service accepts. */
exports.KnownProvisioningState = void 0;
(function (KnownProvisioningState) {
KnownProvisioningState["Succeeded"] = "Succeeded";
KnownProvisioningState["Failed"] = "Failed";
KnownProvisioningState["Updating"] = "Updating";
})(exports.KnownProvisioningState || (exports.KnownProvisioningState = {}));
/** Known values of {@link HybridComputeProvisioningState} that the service accepts. */
exports.KnownHybridComputeProvisioningState = void 0;
(function (KnownHybridComputeProvisioningState) {
/** Valid service principal details. */
KnownHybridComputeProvisioningState["Valid"] = "Valid";
/** Invalid service principal details. */
KnownHybridComputeProvisioningState["Invalid"] = "Invalid";
/** the service principal details are expired */
KnownHybridComputeProvisioningState["Expired"] = "Expired";
})(exports.KnownHybridComputeProvisioningState || (exports.KnownHybridComputeProvisioningState = {}));
/** Known values of {@link AuthenticationProvisioningState} that the service accepts. */
exports.KnownAuthenticationProvisioningState = void 0;
(function (KnownAuthenticationProvisioningState) {
/** Valid connector */
KnownAuthenticationProvisioningState["Valid"] = "Valid";
/** Invalid connector */
KnownAuthenticationProvisioningState["Invalid"] = "Invalid";
/** the connection has expired */
KnownAuthenticationProvisioningState["Expired"] = "Expired";
/** Incorrect policy of the connector */
KnownAuthenticationProvisioningState["IncorrectPolicy"] = "IncorrectPolicy";
})(exports.KnownAuthenticationProvisioningState || (exports.KnownAuthenticationProvisioningState = {}));
/** Known values of {@link PermissionProperty} that the service accepts. */
exports.KnownPermissionProperty = void 0;
(function (KnownPermissionProperty) {
/** This permission provides read only access to AWS Security Hub resources. */
KnownPermissionProperty["AWSAWSSecurityHubReadOnlyAccess"] = "AWS::AWSSecurityHubReadOnlyAccess";
/** This permission grants access to read security configuration metadata. */
KnownPermissionProperty["AWSSecurityAudit"] = "AWS::SecurityAudit";
/** The permission provides for EC2 Automation service to execute activities defined within Automation documents. */
KnownPermissionProperty["AWSAmazonSSMAutomationRole"] = "AWS::AmazonSSMAutomationRole";
/** This permission provides read only access to GCP Security Command Center. */
KnownPermissionProperty["GCPSecurityCenterAdminViewer"] = "GCP::Security Center Admin Viewer";
})(exports.KnownPermissionProperty || (exports.KnownPermissionProperty = {}));
/** Known values of {@link AuthenticationType} that the service accepts. */
exports.KnownAuthenticationType = void 0;
(function (KnownAuthenticationType) {
/** AWS cloud account connector user credentials authentication */
KnownAuthenticationType["AwsCreds"] = "awsCreds";
/** AWS account connector assume role authentication */
KnownAuthenticationType["AwsAssumeRole"] = "awsAssumeRole";
/** GCP account connector service to service authentication */
KnownAuthenticationType["GcpCredentials"] = "gcpCredentials";
})(exports.KnownAuthenticationType || (exports.KnownAuthenticationType = {}));
/** Known values of {@link ScanTriggerType} that the service accepts. */
exports.KnownScanTriggerType = void 0;
(function (KnownScanTriggerType) {
/** OnDemand */
KnownScanTriggerType["OnDemand"] = "OnDemand";
/** Recurring */
KnownScanTriggerType["Recurring"] = "Recurring";
})(exports.KnownScanTriggerType || (exports.KnownScanTriggerType = {}));
/** Known values of {@link ScanState} that the service accepts. */
exports.KnownScanState = void 0;
(function (KnownScanState) {
/** Failed */
KnownScanState["Failed"] = "Failed";
/** FailedToRun */
KnownScanState["FailedToRun"] = "FailedToRun";
/** InProgress */
KnownScanState["InProgress"] = "InProgress";
/** Passed */
KnownScanState["Passed"] = "Passed";
})(exports.KnownScanState || (exports.KnownScanState = {}));
/** Known values of {@link RuleStatus} that the service accepts. */
exports.KnownRuleStatus = void 0;
(function (KnownRuleStatus) {
/** NonFinding */
KnownRuleStatus["NonFinding"] = "NonFinding";
/** Finding */
KnownRuleStatus["Finding"] = "Finding";
/** InternalError */
KnownRuleStatus["InternalError"] = "InternalError";
})(exports.KnownRuleStatus || (exports.KnownRuleStatus = {}));
/** Known values of {@link RuleSeverity} that the service accepts. */
exports.KnownRuleSeverity = void 0;
(function (KnownRuleSeverity) {
/** High */
KnownRuleSeverity["High"] = "High";
/** Medium */
KnownRuleSeverity["Medium"] = "Medium";
/** Low */
KnownRuleSeverity["Low"] = "Low";
/** Informational */
KnownRuleSeverity["Informational"] = "Informational";
/** Obsolete */
KnownRuleSeverity["Obsolete"] = "Obsolete";
})(exports.KnownRuleSeverity || (exports.KnownRuleSeverity = {}));
/** Known values of {@link RuleType} that the service accepts. */
exports.KnownRuleType = void 0;
(function (KnownRuleType) {
/** Binary */
KnownRuleType["Binary"] = "Binary";
/** BaselineExpected */
KnownRuleType["BaselineExpected"] = "BaselineExpected";
/** PositiveList */
KnownRuleType["PositiveList"] = "PositiveList";
/** NegativeList */
KnownRuleType["NegativeList"] = "NegativeList";
})(exports.KnownRuleType || (exports.KnownRuleType = {}));
/** Known values of {@link AlertSeverity} that the service accepts. */
exports.KnownAlertSeverity = void 0;
(function (KnownAlertSeverity) {
/** Informational */
KnownAlertSeverity["Informational"] = "Informational";
/** Low */
KnownAlertSeverity["Low"] = "Low";
/** Medium */
KnownAlertSeverity["Medium"] = "Medium";
/** High */
KnownAlertSeverity["High"] = "High";
})(exports.KnownAlertSeverity || (exports.KnownAlertSeverity = {}));
/** Known values of {@link Intent} that the service accepts. */
exports.KnownIntent = void 0;
(function (KnownIntent) {
/** Unknown */
KnownIntent["Unknown"] = "Unknown";
/** PreAttack could be either an attempt to access a certain resource regardless of a malicious intent, or a failed attempt to gain access to a target system to gather information prior to exploitation. This step is usually detected as an attempt, originating from outside the network, to scan the target system and find a way in. Further details on the PreAttack stage can be read in [MITRE Pre-Att&ck matrix](https://attack.mitre.org/matrices/pre/). */
KnownIntent["PreAttack"] = "PreAttack";
/** InitialAccess is the stage where an attacker manages to get foothold on the attacked resource. */
KnownIntent["InitialAccess"] = "InitialAccess";
/** Persistence is any access, action, or configuration change to a system that gives a threat actor a persistent presence on that system. */
KnownIntent["Persistence"] = "Persistence";
/** Privilege escalation is the result of actions that allow an adversary to obtain a higher level of permissions on a system or network. */
KnownIntent["PrivilegeEscalation"] = "PrivilegeEscalation";
/** Defense evasion consists of techniques an adversary may use to evade detection or avoid other defenses. */
KnownIntent["DefenseEvasion"] = "DefenseEvasion";
/** Credential access represents techniques resulting in access to or control over system, domain, or service credentials that are used within an enterprise environment. */
KnownIntent["CredentialAccess"] = "CredentialAccess";
/** Discovery consists of techniques that allow the adversary to gain knowledge about the system and internal network. */
KnownIntent["Discovery"] = "Discovery";
/** Lateral movement consists of techniques that enable an adversary to access and control remote systems on a network and could, but does not necessarily, include execution of tools on remote systems. */
KnownIntent["LateralMovement"] = "LateralMovement";
/** The execution tactic represents techniques that result in execution of adversary-controlled code on a local or remote system. */
KnownIntent["Execution"] = "Execution";
/** Collection consists of techniques used to identify and gather information, such as sensitive files, from a target network prior to exfiltration. */
KnownIntent["Collection"] = "Collection";
/** Exfiltration refers to techniques and attributes that result or aid in the adversary removing files and information from a target network. */
KnownIntent["Exfiltration"] = "Exfiltration";
/** The command and control tactic represents how adversaries communicate with systems under their control within a target network. */
KnownIntent["CommandAndControl"] = "CommandAndControl";
/** Impact events primarily try to directly reduce the availability or integrity of a system, service, or network; including manipulation of data to impact a business or operational process. */
KnownIntent["Impact"] = "Impact";
/** Probing could be either an attempt to access a certain resource regardless of a malicious intent, or a failed attempt to gain access to a target system to gather information prior to exploitation. */
KnownIntent["Probing"] = "Probing";
/** Exploitation is the stage where an attacker manages to get a foothold on the attacked resource. This stage is relevant for compute hosts and resources such as user accounts, certificates etc. */
KnownIntent["Exploitation"] = "Exploitation";
})(exports.KnownIntent || (exports.KnownIntent = {}));
/** Known values of {@link ResourceIdentifierType} that the service accepts. */
exports.KnownResourceIdentifierType = void 0;
(function (KnownResourceIdentifierType) {
KnownResourceIdentifierType["AzureResource"] = "AzureResource";
KnownResourceIdentifierType["LogAnalytics"] = "LogAnalytics";
})(exports.KnownResourceIdentifierType || (exports.KnownResourceIdentifierType = {}));
/** Known values of {@link AlertStatus} that the service accepts. */
exports.KnownAlertStatus = void 0;
(function (KnownAlertStatus) {
/** An alert which doesn't specify a value is assigned the status 'Active' */
KnownAlertStatus["Active"] = "Active";
/** Alert closed after handling */
KnownAlertStatus["Resolved"] = "Resolved";
/** Alert dismissed as false positive */
KnownAlertStatus["Dismissed"] = "Dismissed";
})(exports.KnownAlertStatus || (exports.KnownAlertStatus = {}));
/** Known values of {@link Kind} that the service accepts. */
exports.KnownKind = void 0;
(function (KnownKind) {
/** Simulate alerts according to bundles */
KnownKind["Bundles"] = "Bundles";
})(exports.KnownKind || (exports.KnownKind = {}));
/** Known values of {@link SettingKind} that the service accepts. */
exports.KnownSettingKind = void 0;
(function (KnownSettingKind) {
KnownSettingKind["DataExportSettings"] = "DataExportSettings";
KnownSettingKind["AlertSuppressionSetting"] = "AlertSuppressionSetting";
KnownSettingKind["AlertSyncSettings"] = "AlertSyncSettings";
})(exports.KnownSettingKind || (exports.KnownSettingKind = {}));
/** Known values of {@link SettingName} that the service accepts. */
exports.KnownSettingName = void 0;
(function (KnownSettingName) {
KnownSettingName["Mcas"] = "MCAS";
KnownSettingName["Wdatp"] = "WDATP";
KnownSettingName["WdatpExcludeLinuxPublicPreview"] = "WDATP_EXCLUDE_LINUX_PUBLIC_PREVIEW";
KnownSettingName["Sentinel"] = "Sentinel";
})(exports.KnownSettingName || (exports.KnownSettingName = {}));
/** Known value