UNPKG

openapi-directory

Version:

Building & bundling https://github.com/APIs-guru/openapi-directory for easy use from JS

github.com/httptoolkit/openapi-directory-js

httptoolkit/openapi-directory-js

1 lines 40.5 kB
1
{"openapi":"3.0.0","info":{"description":"API spec for Microsoft.Security (Azure Security Center) resource provider","title":"Security Center","version":"2019-08-01","x-apisguru-categories":["cloud"],"x-logo":{"url":"https://assets.onestore.ms/cdnfiles/onestorerolling-1606-01000/shell/v3/images/logo/microsoft.png"},"x-origin":[{"format":"swagger","url":"https://raw.githubusercontent.com/Azure/azure-rest-api-specs/master/specification/security/resource-manager/Microsoft.Security/stable/2019-08-01/iotSecuritySolutionAnalytics.json","version":"2.0"}],"x-preferred":true,"x-providerName":"azure.com","x-serviceName":"security-iotSecuritySolutionAnalytics","x-tags":["Azure","Microsoft"]},"security":[{"azure_auth":["user_impersonation"]}],"paths":{"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels":{"get":{"description":"Use this method to get IoT security Analytics metrics in an array.","operationId":"IotSecuritySolutionAnalytics_List","parameters":[{"description":"API version for the operation","in":"query","name":"api-version","required":true,"schema":{"type":"string"},"examples":{"Get Security Solution Analytics":{"value":"2019-08-01"}}},{"description":"Azure subscription ID","in":"path","name":"subscriptionId","required":true,"schema":{"type":"string","pattern":"^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$"},"examples":{"Get Security Solution Analytics":{"value":"20ff7fc3-e762-44dd-bd96-b71116dcdc23"}}},{"description":"The name of the resource group within the user's subscription. The name is case insensitive.","in":"path","name":"resourceGroupName","required":true,"x-ms-parameter-location":"method","schema":{"type":"string","minLength":1,"maxLength":90,"pattern":"^[-\\w\\._\\(\\)]+$"},"examples":{"Get Security Solution Analytics":{"value":"MyGroup"}}},{"$ref":"#/components/parameters/SolutionName"}],"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IoTSecuritySolutionAnalyticsModelList"},"examples":{"Get Security Solution Analytics":{"$ref":"#/components/examples/Get_Security_Solution_Analytics"}}}}},"default":{"description":"Error response describing why the operation failed.","content":{"application/json":{"schema":{"description":"Error response structure.","properties":{"error":{"description":"Error details.","properties":{"code":{"description":"An identifier for the error. Codes are invariant and are intended to be consumed programmatically.","readOnly":true,"type":"string"},"message":{"description":"A message describing the error, intended to be suitable for display in a user interface.","readOnly":true,"type":"string"}},"type":"object","x-ms-external":true}},"type":"object","x-ms-external":true}}}}},"tags":["IoT Security Solution Analytics"]}},"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default":{"get":{"description":"Use this method to get IoT Security Analytics metrics.","operationId":"IotSecuritySolutionAnalytics_Get","parameters":[{"description":"API version for the operation","in":"query","name":"api-version","required":true,"schema":{"type":"string"},"examples":{"Get Security Solution Analytics":{"value":"2019-08-01"}}},{"description":"Azure subscription ID","in":"path","name":"subscriptionId","required":true,"schema":{"type":"string","pattern":"^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$"},"examples":{"Get Security Solution Analytics":{"value":"20ff7fc3-e762-44dd-bd96-b71116dcdc23"}}},{"description":"The name of the resource group within the user's subscription. The name is case insensitive.","in":"path","name":"resourceGroupName","required":true,"x-ms-parameter-location":"method","schema":{"type":"string","minLength":1,"maxLength":90,"pattern":"^[-\\w\\._\\(\\)]+$"},"examples":{"Get Security Solution Analytics":{"value":"MyGroup"}}},{"$ref":"#/components/parameters/SolutionName"}],"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IoTSecuritySolutionAnalyticsModel"},"examples":{"Get Security Solution Analytics":{"$ref":"#/components/examples/Get_Security_Solution_Analytics"}}}}},"default":{"description":"Error response describing why the operation failed.","content":{"application/json":{"schema":{"description":"Error response structure.","properties":{"error":{"description":"Error details.","properties":{"code":{"description":"An identifier for the error. Codes are invariant and are intended to be consumed programmatically.","readOnly":true,"type":"string"},"message":{"description":"A message describing the error, intended to be suitable for display in a user interface.","readOnly":true,"type":"string"}},"type":"object","x-ms-external":true}},"type":"object","x-ms-external":true}}}}},"tags":["IoT Security Solution Analytics"]}},"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default/aggregatedAlerts":{"get":{"description":"Use this method to get the aggregated alert list of yours IoT Security solution.","operationId":"IotSecuritySolutionsAnalyticsAggregatedAlert_List","parameters":[{"description":"API version for the operation","in":"query","name":"api-version","required":true,"schema":{"type":"string"},"examples":{"Get the aggregated alert list of yours IoT Security solution":{"value":"2019-08-01"}}},{"description":"Azure subscription ID","in":"path","name":"subscriptionId","required":true,"schema":{"type":"string","pattern":"^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$"},"examples":{"Get the aggregated alert list of yours IoT Security solution":{"value":"20ff7fc3-e762-44dd-bd96-b71116dcdc23"}}},{"description":"The name of the resource group within the user's subscription. The name is case insensitive.","in":"path","name":"resourceGroupName","required":true,"x-ms-parameter-location":"method","schema":{"type":"string","minLength":1,"maxLength":90,"pattern":"^[-\\w\\._\\(\\)]+$"},"examples":{"Get the aggregated alert list of yours IoT Security solution":{"value":"MyGroup"}}},{"$ref":"#/components/parameters/SolutionName"},{"description":"Number of results to retrieve.","in":"query","name":"$top","required":false,"schema":{"type":"integer"}}],"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IoTSecurityAggregatedAlertList"},"examples":{"Get the aggregated alert list of yours IoT Security solution":{"$ref":"#/components/examples/Get_the_aggregated_alert_list_of_yours_IoT_Security_solution"}}}}},"default":{"description":"Error response describing why the operation failed.","content":{"application/json":{"schema":{"description":"Error response structure.","properties":{"error":{"description":"Error details.","properties":{"code":{"description":"An identifier for the error. Codes are invariant and are intended to be consumed programmatically.","readOnly":true,"type":"string"},"message":{"description":"A message describing the error, intended to be suitable for display in a user interface.","readOnly":true,"type":"string"}},"type":"object","x-ms-external":true}},"type":"object","x-ms-external":true}}}}},"tags":["Aggregated Alert"],"x-ms-pageable":{"nextLinkName":"nextLink"}}},"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default/aggregatedAlerts/{aggregatedAlertName}":{"get":{"description":"Use this method to get a single the aggregated alert of yours IoT Security solution. This aggregation is performed by alert name.","operationId":"IotSecuritySolutionsAnalyticsAggregatedAlert_Get","parameters":[{"description":"API version for the operation","in":"query","name":"api-version","required":true,"schema":{"type":"string"},"examples":{"Get the aggregated security analytics alert of yours IoT Security solution. This aggregation is performed by alert name":{"value":"2019-08-01"}}},{"description":"Azure subscription ID","in":"path","name":"subscriptionId","required":true,"schema":{"type":"string","pattern":"^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$"},"examples":{"Get the aggregated security analytics alert of yours IoT Security solution. This aggregation is performed by alert name":{"value":"20ff7fc3-e762-44dd-bd96-b71116dcdc23"}}},{"description":"The name of the resource group within the user's subscription. The name is case insensitive.","in":"path","name":"resourceGroupName","required":true,"x-ms-parameter-location":"method","schema":{"type":"string","minLength":1,"maxLength":90,"pattern":"^[-\\w\\._\\(\\)]+$"},"examples":{"Get the aggregated security analytics alert of yours IoT Security solution. This aggregation is performed by alert name":{"value":"MyGroup"}}},{"$ref":"#/components/parameters/SolutionName"},{"$ref":"#/components/parameters/AggregatedAlertName"}],"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IoTSecurityAggregatedAlert"},"examples":{"Get the aggregated security analytics alert of yours IoT Security solution. This aggregation is performed by alert name":{"$ref":"#/components/examples/Get_the_aggregated_security_analytics_alert_of_yours_IoT_Security_solution._This_aggregation_is_performed_by_alert_name"}}}}},"default":{"description":"Error response describing why the operation failed.","content":{"application/json":{"schema":{"description":"Error response structure.","properties":{"error":{"description":"Error details.","properties":{"code":{"description":"An identifier for the error. Codes are invariant and are intended to be consumed programmatically.","readOnly":true,"type":"string"},"message":{"description":"A message describing the error, intended to be suitable for display in a user interface.","readOnly":true,"type":"string"}},"type":"object","x-ms-external":true}},"type":"object","x-ms-external":true}}}}},"tags":["Aggregated Alert"]}},"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default/aggregatedAlerts/{aggregatedAlertName}/dismiss":{"post":{"description":"Use this method to dismiss an aggregated IoT Security Solution Alert.","operationId":"IotSecuritySolutionsAnalyticsAggregatedAlert_Dismiss","parameters":[{"description":"API version for the operation","in":"query","name":"api-version","required":true,"schema":{"type":"string"},"examples":{"Dismiss an aggregated IoT Security Solution Alert":{"value":"2019-08-01"}}},{"description":"Azure subscription ID","in":"path","name":"subscriptionId","required":true,"schema":{"type":"string","pattern":"^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$"},"examples":{"Dismiss an aggregated IoT Security Solution Alert":{"value":"20ff7fc3-e762-44dd-bd96-b71116dcdc23"}}},{"description":"The name of the resource group within the user's subscription. The name is case insensitive.","in":"path","name":"resourceGroupName","required":true,"x-ms-parameter-location":"method","schema":{"type":"string","minLength":1,"maxLength":90,"pattern":"^[-\\w\\._\\(\\)]+$"},"examples":{"Dismiss an aggregated IoT Security Solution Alert":{"value":"IoTEdgeResources"}}},{"$ref":"#/components/parameters/SolutionName"},{"$ref":"#/components/parameters/AggregatedAlertName"}],"responses":{"200":{"description":"This aggregate alert is permanently dismissed."},"default":{"description":"Error response describing why the operation failed.","content":{"application/json":{"schema":{"description":"Error response structure.","properties":{"error":{"description":"Error details.","properties":{"code":{"description":"An identifier for the error. Codes are invariant and are intended to be consumed programmatically.","readOnly":true,"type":"string"},"message":{"description":"A message describing the error, intended to be suitable for display in a user interface.","readOnly":true,"type":"string"}},"type":"object","x-ms-external":true}},"type":"object","x-ms-external":true}}}}},"tags":["Aggregated Alert"]}},"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default/aggregatedRecommendations":{"get":{"description":"Use this method to get the list of aggregated security analytics recommendations of yours IoT Security solution.","operationId":"IotSecuritySolutionsAnalyticsRecommendation_List","parameters":[{"description":"API version for the operation","in":"query","name":"api-version","required":true,"schema":{"type":"string"},"examples":{"Get the list of aggregated security analytics recommendations of yours IoT Security solution":{"value":"2019-08-01"}}},{"description":"Azure subscription ID","in":"path","name":"subscriptionId","required":true,"schema":{"type":"string","pattern":"^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$"},"examples":{"Get the list of aggregated security analytics recommendations of yours IoT Security solution":{"value":"075423e9-7d33-4166-8bdf-3920b04e3735"}}},{"description":"The name of the resource group within the user's subscription. The name is case insensitive.","in":"path","name":"resourceGroupName","required":true,"x-ms-parameter-location":"method","schema":{"type":"string","minLength":1,"maxLength":90,"pattern":"^[-\\w\\._\\(\\)]+$"},"examples":{"Get the list of aggregated security analytics recommendations of yours IoT Security solution":{"value":"IoTEdgeResources"}}},{"$ref":"#/components/parameters/SolutionName"},{"description":"Number of results to retrieve.","in":"query","name":"$top","required":false,"schema":{"type":"integer"}}],"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IoTSecurityAggregatedRecommendationList"},"examples":{"Get the list of aggregated security analytics recommendations of yours IoT Security solution":{"$ref":"#/components/examples/Get_the_list_of_aggregated_security_analytics_recommendations_of_yours_IoT_Security_solution"}}}}},"default":{"description":"Error response describing why the operation failed.","content":{"application/json":{"schema":{"description":"Error response structure.","properties":{"error":{"description":"Error details.","properties":{"code":{"description":"An identifier for the error. Codes are invariant and are intended to be consumed programmatically.","readOnly":true,"type":"string"},"message":{"description":"A message describing the error, intended to be suitable for display in a user interface.","readOnly":true,"type":"string"}},"type":"object","x-ms-external":true}},"type":"object","x-ms-external":true}}}}},"tags":["Aggregated Recommendation"],"x-ms-pageable":{"nextLinkName":"nextLink"}}},"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default/aggregatedRecommendations/{aggregatedRecommendationName}":{"get":{"description":"Use this method to get the aggregated security analytics recommendation of yours IoT Security solution. This aggregation is performed by recommendation name.","operationId":"IotSecuritySolutionsAnalyticsRecommendation_Get","parameters":[{"description":"API version for the operation","in":"query","name":"api-version","required":true,"schema":{"type":"string"},"examples":{"Get the aggregated security analytics recommendation of yours IoT Security solution":{"value":"2019-08-01"}}},{"description":"Azure subscription ID","in":"path","name":"subscriptionId","required":true,"schema":{"type":"string","pattern":"^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$"},"examples":{"Get the aggregated security analytics recommendation of yours IoT Security solution":{"value":"075423e9-7d33-4166-8bdf-3920b04e3735"}}},{"description":"The name of the resource group within the user's subscription. The name is case insensitive.","in":"path","name":"resourceGroupName","required":true,"x-ms-parameter-location":"method","schema":{"type":"string","minLength":1,"maxLength":90,"pattern":"^[-\\w\\._\\(\\)]+$"},"examples":{"Get the aggregated security analytics recommendation of yours IoT Security solution":{"value":"IoTEdgeResources"}}},{"$ref":"#/components/parameters/SolutionName"},{"$ref":"#/components/parameters/AggregatedRecommendationName"}],"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IoTSecurityAggregatedRecommendation"},"examples":{"Get the aggregated security analytics recommendation of yours IoT Security solution":{"$ref":"#/components/examples/Get_the_aggregated_security_analytics_recommendation_of_yours_IoT_Security_solution"}}}}},"default":{"description":"Error response describing why the operation failed.","content":{"application/json":{"schema":{"description":"Error response structure.","properties":{"error":{"description":"Error details.","properties":{"code":{"description":"An identifier for the error. Codes are invariant and are intended to be consumed programmatically.","readOnly":true,"type":"string"},"message":{"description":"A message describing the error, intended to be suitable for display in a user interface.","readOnly":true,"type":"string"}},"type":"object","x-ms-external":true}},"type":"object","x-ms-external":true}}}}},"tags":["Aggregated Recommendation"]}}},"servers":[{"url":"https://management.azure.com"}],"components":{"examples":{"Get_Security_Solution_Analytics":{"value":{"id":"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default","name":"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default","properties":{"devicesMetrics":[{"date":"2019-02-01T00:00:00Z","devicesMetrics":{"high":3,"low":70,"medium":15}},{"date":"2019-02-02T00:00:00Z","devicesMetrics":{"high":3,"low":65,"medium":45}}],"metrics":{"high":5,"low":102,"medium":200},"mostPrevalentDeviceAlerts":[{"alertDisplayName":"Custom Alert - number of device to cloud messages in AMQP protocol is not in the allowed range","alertsCount":200,"reportedSeverity":"Low"},{"alertDisplayName":"Custom Alert - execution of a process that is not allowed","alertsCount":170,"reportedSeverity":"Medium"},{"alertDisplayName":"Successful Bruteforce","alertsCount":150,"reportedSeverity":"Low"}],"mostPrevalentDeviceRecommendations":[{"devicesCount":200,"recommendationDisplayName":"Install the Azure Security of Things Agent","reportedSeverity":"Low"},{"devicesCount":170,"recommendationDisplayName":"High level permissions configured in Edge model twin for Edge module","reportedSeverity":"Low"},{"devicesCount":150,"recommendationDisplayName":"Same Authentication Credentials used by multiple devices","reportedSeverity":"Medium"}],"topAlertedDevices":[{"alertsCount":200,"deviceId":"id1"},{"alertsCount":170,"deviceId":"id2"},{"alertsCount":150,"deviceId":"id3"}],"unhealthyDeviceCount":1200},"type":"Microsoft.Security/IoTSecuritySolutionAnalyticsModel"}},"Get_the_aggregated_alert_list_of_yours_IoT_Security_solution":{"value":{"value":[{"id":"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default/IoT_Bruteforce_Fail/2019-02-02","name":"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default/IoT_Bruteforce_Fail/2019-02-02","properties":{"actionTaken":"Detected","aggregatedDateUtc":"2019-02-02","alertDisplayName":"Failed Bruteforce","alertType":"IoT_Bruteforce_Fail","count":50,"description":"Multiple unsuccsseful login attempts identified. A Bruteforce attack on the device failed.","effectedResourceType":"IoT Device","logAnalyticsQuery":"SecurityAlert | where tolower(ResourceId) == tolower('/subscriptions/b77ec8a9-04ed-48d2-a87a-e5887b978ba6/resourceGroups/IoT-Solution-DemoEnv/providers/Microsoft.Devices/IotHubs/rtogm-hub') and tolower(AlertName) == tolower('Custom Alert - number of device to cloud messages in MQTT protocol is not in the allowed range') | extend DeviceId=parse_json(ExtendedProperties)['DeviceId'] | project DeviceId, TimeGenerated, DisplayName, AlertSeverity, Description, RemediationSteps, ExtendedProperties","remediationSteps":"","reportedSeverity":"Low","systemSource":"Devices","topDevicesList":[{"alertsCount":45,"deviceId":"testDevice1","lastOccurrence":"10:42"},{"alertsCount":30,"deviceId":"testDevice2","lastOccurrence":"15:42"}],"vendorName":"Microsoft"},"type":"Microsoft.Security/IoTSecurityAggregatedAlert"},{"id":"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default/IoT_Bruteforce_Success/2019-02-02","name":"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default/IoT_Bruteforce_Success/2019-02-02","properties":{"actionTaken":"Detected","aggregatedDateUtc":"2019-02-02","alertDisplayName":"Successful Bruteforce","alertType":"IoT_Bruteforce_Success","count":600000,"description":"Multiple unsuccsseful login attempts identified followed by a succssful login. A Bruteforce attack on the device was Successfule","effectedResourceType":"IoT Device","logAnalyticsQuery":"SecurityAlert | where tolower(ResourceId) == tolower('/subscriptions/b77ec8a9-04ed-48d2-a87a-e5887b978ba6/resourceGroups/IoT-Solution-DemoEnv/providers/Microsoft.Devices/IotHubs/rtogm-hub') and tolower(AlertName) == tolower('Custom Alert - number of device to cloud messages in MQTT protocol is not in the allowed range') | extend DeviceId=parse_json(ExtendedProperties)['DeviceId'] | project DeviceId, TimeGenerated, DisplayName, AlertSeverity, Description, RemediationSteps, ExtendedProperties","remediationSteps":"","reportedSeverity":"Low","systemSource":"Devices","topDevicesList":[{"alertsCount":12321,"deviceId":"testDevice1","lastOccurrence":"10:42"},{"alertsCount":455,"deviceId":"testDevice2","lastOccurrence":"15:42"}],"vendorName":"Microsoft"},"type":"Microsoft.Security/IoTSecurityAggregatedAlert"}]}},"Get_the_aggregated_security_analytics_alert_of_yours_IoT_Security_solution._This_aggregation_is_performed_by_alert_name":{"value":{"id":"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default/IoT_Bruteforce_Fail/2019-02-02","name":"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default/IoT_Bruteforce_Fail/2019-02-02","properties":{"actionTaken":"Detected","aggregatedDateUtc":"2019-02-02","alertDisplayName":"Failed Bruteforce","alertType":"IoT_Bruteforce_Fail","count":50,"description":"Multiple unsuccsseful login attempts identified. A Bruteforce attack on the device failed.","effectedResourceType":"IoT Device","logAnalyticsQuery":"SecurityAlert | where tolower(ResourceId) == tolower('/subscriptions/b77ec8a9-04ed-48d2-a87a-e5887b978ba6/resourceGroups/IoT-Solution-DemoEnv/providers/Microsoft.Devices/IotHubs/rtogm-hub') and tolower(AlertName) == tolower('Custom Alert - number of device to cloud messages in MQTT protocol is not in the allowed range') | extend DeviceId=parse_json(ExtendedProperties)['DeviceId'] | project DeviceId, TimeGenerated, DisplayName, AlertSeverity, Description, RemediationSteps, ExtendedProperties","remediationSteps":"","reportedSeverity":"Low","systemSource":"Devices","topDevicesList":[{"alertsCount":100,"deviceId":"testDevice1","lastOccurrence":"10:42"},{"alertsCount":80,"deviceId":"testDevice2","lastOccurrence":"15:42"}],"vendorName":"Microsoft"},"type":"Microsoft.Security/IoTSecurityAggregatedAlert"}},"Get_the_list_of_aggregated_security_analytics_recommendations_of_yours_IoT_Security_solution":{"value":{"value":[{"id":"/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/IoTEdgeResources/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default/OpenPortsOnDevice","name":"/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/IoTEdgeResources/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default/OpenPortsOnDevice","properties":{"description":"An allowed firewall policy was found in main firewall Chains (INPUT/OUTPUT). The policy should Deny all traffic by default define rules to allow necessary communication to/from the device","detectedBy":"Microsoft","healthyDevices":10000,"logAnalyticsQuery":"SecurityRecommendation | where tolower(AssessedResourceId) == tolower('/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/IoTEdgeResources/providers/Microsoft.Devices/IotHubs/t-ofdadu-hub') and tolower(RecommendationName) == tolower('OpenPortsOnDevice')","recommendationDisplayName":"Permissive firewall policy in one of the chains was found","recommendationName":"OpenPortsOnDevice","recommendationTypeId":"{20ff7fc3-e762-44dd-bd96-b71116dcdc23}","remediationSteps":"","reportedSeverity":"Low","unhealthyDeviceCount":200},"type":"Microsoft.Security/IoTSecurityAggregatedRecommendation"},{"id":"/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/IoTEdgeResources/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default/TooLargeIPRange","name":"/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/IoTEdgeResources/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default/IoT_InstallAgent","properties":{"description":"An allow IP filter rule source IP range is too large. Overly permissive rules can expose your IoT hub to malicious actors.","detectedBy":"Microsoft","healthyDevices":130000,"logAnalyticsQuery":"SecurityRecommendation | where tolower(AssessedResourceId) == tolower('/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/IoTEdgeResources/providers/Microsoft.Devices/IotHubs/t-ofdadu-hub') and tolower(RecommendationName) == tolower('TooLargeIPRange')","recommendationDisplayName":"Permissive firewall policy in one of the chains was found","recommendationName":"TooLargeIPRange","recommendationTypeId":"{20ff7fc3-e762-44dd-bd96-b71116dcdc23}","remediationSteps":"","reportedSeverity":"High","unhealthyDeviceCount":1},"type":"Microsoft.Security/IoTSecurityAggregatedRecommendation"}]}},"Get_the_aggregated_security_analytics_recommendation_of_yours_IoT_Security_solution":{"value":{"id":"/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/IoTEdgeResources/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default/OpenPortsOnDevice","name":"/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/IoTEdgeResources/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default/OpenPortsOnDevice","properties":{"description":"An allowed firewall policy was found in main firewall Chains (INPUT/OUTPUT). The policy should Deny all traffic by default define rules to allow necessary communication to/from the device","detectedBy":"Microsoft","healthyDevices":10000,"logAnalyticsQuery":"SecurityRecommendation | where tolower(AssessedResourceId) == tolower('/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/IoTEdgeResources/providers/Microsoft.Devices/IotHubs/t-ofdadu-hub') and tolower(RecommendationName) == tolower('OpenPortsOnDevice')","recommendationDisplayName":"Permissive firewall policy in one of the chains was found","recommendationName":"OpenPortsOnDevice","recommendationTypeId":"{20ff7fc3-e762-44dd-bd96-b71116dcdc23}","remediationSteps":"","reportedSeverity":"Low","unhealthyDeviceCount":200},"type":"Microsoft.Security/IoTSecurityAggregatedRecommendation"}}},"parameters":{"AggregatedAlertName":{"description":"Identifier of the aggregated alert.","in":"path","name":"aggregatedAlertName","required":true,"x-ms-parameter-location":"method","schema":{"type":"string"},"examples":{"Get the aggregated security analytics alert of yours IoT Security solution. This aggregation is performed by alert name":{"value":"IoT_Bruteforce_Fail/2019-02-02"},"Dismiss an aggregated IoT Security Solution Alert":{"value":"IoT_Bruteforce_Fail/2019-02-02/dismiss"}}},"AggregatedRecommendationName":{"description":"Name of the recommendation aggregated for this query.","in":"path","name":"aggregatedRecommendationName","required":true,"x-ms-parameter-location":"method","schema":{"type":"string"},"examples":{"Get the aggregated security analytics recommendation of yours IoT Security solution":{"value":"OpenPortsOnDevice"}}},"SolutionName":{"description":"The name of the IoT Security solution.","in":"path","name":"solutionName","required":true,"x-ms-parameter-location":"method","schema":{"type":"string"},"examples":{"Get Security Solution Analytics":{"value":"default"},"Get the aggregated alert list of yours IoT Security solution":{"value":"default"},"Get the aggregated security analytics alert of yours IoT Security solution. This aggregation is performed by alert name":{"value":"default"},"Dismiss an aggregated IoT Security Solution Alert":{"value":"default"},"Get the list of aggregated security analytics recommendations of yours IoT Security solution":{"value":"default"},"Get the aggregated security analytics recommendation of yours IoT Security solution":{"value":"default"}}}},"securitySchemes":{"azure_auth":{"description":"Azure Active Directory OAuth2 Flow","type":"oauth2","flows":{"implicit":{"authorizationUrl":"https://login.microsoftonline.com/common/oauth2/authorize","scopes":{"user_impersonation":"impersonate your user account"}}}}},"schemas":{"IoTSecurityAggregatedAlert":{"allOf":[{"description":"Describes an Azure resource.","properties":{"id":{"description":"Resource Id","readOnly":true,"type":"string"},"name":{"description":"Resource name","readOnly":true,"type":"string"},"type":{"description":"Resource type","readOnly":true,"type":"string"}},"type":"object","x-ms-azure-resource":true},{"$ref":"#/components/schemas/TagsResource"}],"description":"Security Solution Aggregated Alert information","properties":{"properties":{"$ref":"#/components/schemas/IoTSecurityAggregatedAlertProperties"}},"type":"object"},"IoTSecurityAggregatedAlertList":{"description":"List of IoT Security solution aggregated alert data.","properties":{"nextLink":{"description":"When there is too much alert data for one page, use this URI to fetch the next page.","readOnly":true,"type":"string"},"value":{"description":"List of aggregated alerts data.","items":{"$ref":"#/components/schemas/IoTSecurityAggregatedAlert"},"type":"array"}},"required":["value"]},"IoTSecurityAggregatedAlertProperties":{"description":"IoT Security solution aggregated alert details.","properties":{"actionTaken":{"description":"IoT Security solution alert response.","readOnly":true,"type":"string"},"aggregatedDateUtc":{"description":"Date of detection.","format":"date","readOnly":true,"type":"string"},"alertDisplayName":{"description":"Display name of the alert type.","readOnly":true,"type":"string"},"alertType":{"description":"Name of the alert type.","readOnly":true,"type":"string"},"count":{"description":"Number of alerts occurrences within the aggregated time window.","readOnly":true,"type":"integer"},"description":{"description":"Description of the suspected vulnerability and meaning.","readOnly":true,"type":"string"},"effectedResourceType":{"description":"Azure resource ID of the resource that received the alerts.","readOnly":true,"type":"string"},"logAnalyticsQuery":{"description":"Log analytics query for getting the list of affected devices/alerts.","readOnly":true,"type":"string"},"remediationSteps":{"description":"Recommended steps for remediation.","readOnly":true,"type":"string"},"reportedSeverity":{"description":"Assessed alert severity.","enum":["Informational","Low","Medium","High"],"readOnly":true,"type":"string","x-ms-enum":{"modelAsString":true,"name":"reportedSeverity","values":[{"value":"Informational"},{"value":"Low"},{"value":"Medium"},{"value":"High"}]}},"systemSource":{"description":"The type of the alerted resource (Azure, Non-Azure).","readOnly":true,"type":"string"},"topDevicesList":{"description":"10 devices with the highest number of occurrences of this alert type, on this day.","items":{"properties":{"alertsCount":{"description":"Number of alerts raised for this device.","readOnly":true,"type":"integer"},"deviceId":{"description":"Name of the device.","readOnly":true,"type":"string"},"lastOccurrence":{"description":"Most recent time this alert was raised for this device, on this day.","readOnly":true,"type":"string"}}},"readOnly":true,"type":"array"},"vendorName":{"description":"Name of the organization that raised the alert.","readOnly":true,"type":"string"}},"type":"object"},"IoTSecurityAggregatedRecommendation":{"allOf":[{"description":"Describes an Azure resource.","properties":{"id":{"description":"Resource Id","readOnly":true,"type":"string"},"name":{"description":"Resource name","readOnly":true,"type":"string"},"type":{"description":"Resource type","readOnly":true,"type":"string"}},"type":"object","x-ms-azure-resource":true},{"$ref":"#/components/schemas/TagsResource"}],"description":"IoT Security solution recommendation information.","properties":{"properties":{"$ref":"#/components/schemas/IoTSecurityAggregatedRecommendationProperties"}},"type":"object"},"IoTSecurityAggregatedRecommendationList":{"description":"List of IoT Security solution aggregated recommendations.","properties":{"nextLink":{"description":"When there is too much alert data for one page, use this URI to fetch the next page.","readOnly":true,"type":"string"},"value":{"description":"List of aggregated recommendations data.","items":{"$ref":"#/components/schemas/IoTSecurityAggregatedRecommendation"},"type":"array"}},"required":["value"]},"IoTSecurityAggregatedRecommendationProperties":{"description":"IoT Security solution aggregated recommendation information","properties":{"description":{"description":"Description of the suspected vulnerability and meaning.","readOnly":true,"type":"string"},"detectedBy":{"description":"Name of the organization that made the recommendation.","readOnly":true,"type":"string"},"healthyDevices":{"description":"Number of healthy devices within the IoT Security solution.","readOnly":true,"type":"integer"},"logAnalyticsQuery":{"description":"Log analytics query for getting the list of affected devices/alerts.","readOnly":true,"type":"string"},"recommendationDisplayName":{"description":"Display name of the recommendation type.","readOnly":true,"type":"string"},"recommendationName":{"description":"Name of the recommendation.","type":"string"},"recommendationTypeId":{"description":"Recommendation-type GUID.","readOnly":true,"type":"string"},"remediationSteps":{"description":"Recommended steps for remediation","readOnly":true,"type":"string"},"reportedSeverity":{"description":"Assessed recommendation severity.","enum":["Informational","Low","Medium","High"],"readOnly":true,"type":"string","x-ms-enum":{"modelAsString":true,"name":"reportedSeverity","values":[{"value":"Informational"},{"value":"Low"},{"value":"Medium"},{"value":"High"}]}},"unhealthyDeviceCount":{"description":"Number of unhealthy devices within the IoT Security solution.","readOnly":true,"type":"integer"}},"type":"object"},"IoTSecurityAlertedDevice":{"description":"Statistical information about the number of alerts per device during last set number of days.","properties":{"alertsCount":{"description":"Number of alerts raised for this device.","readOnly":true,"type":"integer"},"deviceId":{"description":"Device identifier.","readOnly":true,"type":"string"}},"type":"object"},"IoTSecurityAlertedDevicesList":{"description":"List of devices with open alerts including the count of alerts per device.","items":{"$ref":"#/components/schemas/IoTSecurityAlertedDevice"},"type":"array"},"IoTSecurityDeviceAlert":{"description":"Statistical information about the number of alerts per alert type during last set number of days","properties":{"alertDisplayName":{"description":"Display name of the alert","readOnly":true,"type":"string"},"alertsCount":{"description":"Number of alerts raised for this alert type.","readOnly":true,"type":"integer"},"reportedSeverity":{"description":"Assessed Alert severity.","enum":["Informational","Low","Medium","High"],"readOnly":true,"type":"string","x-ms-enum":{"modelAsString":true,"name":"reportedSeverity","values":[{"value":"Informational"},{"value":"Low"},{"value":"Medium"},{"value":"High"}]}}},"type":"object"},"IoTSecurityDeviceAlertsList":{"description":"List of alerts with the count of raised alerts","items":{"$ref":"#/components/schemas/IoTSecurityDeviceAlert"},"type":"array"},"IoTSecurityDeviceRecommendation":{"description":"Statistical information about the number of recommendations per device, per recommendation type.","properties":{"devicesCount":{"description":"Number of devices with this recommendation.","readOnly":true,"type":"integer"},"recommendationDisplayName":{"description":"Display name of the recommendation.","readOnly":true,"type":"string"},"reportedSeverity":{"description":"Assessed recommendation severity.","enum":["Informational","Low","Medium","High"],"readOnly":true,"type":"string","x-ms-enum":{"modelAsString":true,"name":"reportedSeverity","values":[{"value":"Informational"},{"value":"Low"},{"value":"Medium"},{"value":"High"}]}}},"type":"object"},"IoTSecurityDeviceRecommendationsList":{"description":"List of aggregated recommendation data, per recommendation type, per device.","items":{"$ref":"#/components/schemas/IoTSecurityDeviceRecommendation"},"type":"array"},"IoTSecuritySolutionAnalyticsModel":{"allOf":[{"description":"Describes an Azure resource.","properties":{"id":{"description":"Resource Id","readOnly":true,"type":"string"},"name":{"description":"Resource name","readOnly":true,"type":"string"},"type":{"description":"Resource type","readOnly":true,"type":"string"}},"type":"object","x-ms-azure-resource":true}],"description":"Security analytics of your IoT Security solution","properties":{"properties":{"$ref":"#/components/schemas/IoTSecuritySolutionAnalyticsModelProperties"}},"type":"object"},"IoTSecuritySolutionAnalyticsModelList":{"description":"List of Security analytics of your IoT Security solution","properties":{"nextLink":{"description":"When there is too much alert data for one page, use this URI to fetch the next page.","readOnly":true,"type":"string"},"value":{"description":"List of Security analytics of your IoT Security solution","items":{"$ref":"#/components/schemas/IoTSecuritySolutionAnalyticsModel"},"type":"array"}},"required":["value"]},"IoTSecuritySolutionAnalyticsModelProperties":{"description":"Security analytics properties of your IoT Security solution","properties":{"devicesMetrics":{"description":"List of device metrics by the aggregation date.","items":{"properties":{"date":{"description":"Aggregation of IoT Security solution device alert metrics by date.","format":"date-time","type":"string"},"devicesMetrics":{"$ref":"#/components/schemas/IoTSeverityMetrics"}}},"readOnly":true,"type":"array"},"metrics":{"$ref":"#/components/schemas/IoTSeverityMetrics"},"mostPrevalentDeviceAlerts":{"$ref":"#/components/schemas/IoTSecurityDeviceAlertsList"},"mostPrevalentDeviceRecommendations":{"$ref":"#/components/schemas/IoTSecurityDeviceRecommendationsList"},"topAlertedDevices":{"$ref":"#/components/schemas/IoTSecurityAlertedDevicesList"},"unhealthyDeviceCount":{"description":"Number of unhealthy devices within your IoT Security solution.","readOnly":true,"type":"integer"}}},"IoTSeverityMetrics":{"description":"IoT Security solution analytics severity metrics.","properties":{"high":{"description":"Count of high severity alerts/recommendations.","type":"integer"},"low":{"description":"Count of low severity alerts/recommendations.","type":"integer"},"medium":{"description":"Count of medium severity alerts/recommendations.","type":"integer"}},"type":"object"},"TagsResource":{"description":"A container holding only the Tags for a resource, allowing the user to update the tags.","properties":{"tags":{"additionalProperties":{"type":"string"},"description":"Resource tags","type":"object"}}}}}}