class Azure::SecurityInsights::Mgmt::V2019_01_01_preview::ThreatIntelligenceIndicatorsList
API spec for Microsoft.SecurityInsights (Azure
Security Insights) resource provider
Attributes
@return [SecurityInsights] reference to the SecurityInsights
Public Class Methods
Creates and initializes a new instance of the ThreatIntelligenceIndicatorsList
class. @param client service class for accessing basic functionality.
# File lib/2019-01-01-preview/generated/azure_mgmt_security_insights/threat_intelligence_indicators_list.rb, line 18 def initialize(client) @client = client end
Public Instance Methods
Query all threat intelligence.
@param resource_group_name [String] The name of the resource group within the user's subscription. The name is case insensitive. @param operational_insights_resource_provider [String] The namespace of workspaces resource provider- Microsoft.OperationalInsights. @param workspace_name [String] The name of the workspace. @param threat_intelligence_arm_stix_query [ThreatIntelligenceArmStixQuery] The threat intelligence ARM STIX query @param custom_headers [Hash{String => String}] A hash of custom headers that will be added to the HTTP request.
@return [Array<ThreatIntelligenceResource>] operation results.
# File lib/2019-01-01-preview/generated/azure_mgmt_security_insights/threat_intelligence_indicators_list.rb, line 40 def query(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers:nil) first_page = query_as_lazy(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers:custom_headers) first_page.get_all_items end
Query all threat intelligence.
@param resource_group_name [String] The name of the resource group within the user's subscription. The name is case insensitive. @param operational_insights_resource_provider [String] The namespace of workspaces resource provider- Microsoft.OperationalInsights. @param workspace_name [String] The name of the workspace. @param threat_intelligence_arm_stix_query [ThreatIntelligenceArmStixQuery] The threat intelligence ARM STIX query @param custom_headers [Hash{String => String}] A hash of custom headers that will be added to the HTTP request.
@return [ThreatIntelligenceResourceList] which provide lazy access to pages of the response.
# File lib/2019-01-01-preview/generated/azure_mgmt_security_insights/threat_intelligence_indicators_list.rb, line 255 def query_as_lazy(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers:nil) response = query_async(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers:custom_headers).value! unless response.nil? page = response.body page.next_method = Proc.new do |next_page_link| query_next_async(next_page_link, custom_headers:custom_headers) end page end end
Query all threat intelligence.
@param resource_group_name [String] The name of the resource group within the user's subscription. The name is case insensitive. @param operational_insights_resource_provider [String] The namespace of workspaces resource provider- Microsoft.OperationalInsights. @param workspace_name [String] The name of the workspace. @param threat_intelligence_arm_stix_query [ThreatIntelligenceArmStixQuery] The threat intelligence ARM STIX query @param [Hash{String => String}] A hash of custom headers that will be added to the HTTP request.
@return [Concurrent::Promise] Promise object which holds the HTTP response.
# File lib/2019-01-01-preview/generated/azure_mgmt_security_insights/threat_intelligence_indicators_list.rb, line 79 def query_async(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers:nil) @client.api_version = '2019-01-01-preview' fail ArgumentError, '@client.subscription_id is nil' if @client.subscription_id.nil? fail ArgumentError, "'@client.subscription_id' should satisfy the constraint - 'Pattern': '^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'" if !@client.subscription_id.nil? && @client.subscription_id.match(Regexp.new('^^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$$')).nil? fail ArgumentError, 'resource_group_name is nil' if resource_group_name.nil? fail ArgumentError, "'resource_group_name' should satisfy the constraint - 'MaxLength': '90'" if !resource_group_name.nil? && resource_group_name.length > 90 fail ArgumentError, "'resource_group_name' should satisfy the constraint - 'MinLength': '1'" if !resource_group_name.nil? && resource_group_name.length < 1 fail ArgumentError, "'resource_group_name' should satisfy the constraint - 'Pattern': '^[-\w\._\(\)]+$'" if !resource_group_name.nil? && resource_group_name.match(Regexp.new('^^[-\w\._\(\)]+$$')).nil? fail ArgumentError, 'operational_insights_resource_provider is nil' if operational_insights_resource_provider.nil? fail ArgumentError, 'workspace_name is nil' if workspace_name.nil? fail ArgumentError, "'workspace_name' should satisfy the constraint - 'MaxLength': '90'" if !workspace_name.nil? && workspace_name.length > 90 fail ArgumentError, "'workspace_name' should satisfy the constraint - 'MinLength': '1'" if !workspace_name.nil? && workspace_name.length < 1 fail ArgumentError, 'threat_intelligence_arm_stix_query is nil' if threat_intelligence_arm_stix_query.nil? request_headers = {} request_headers['Content-Type'] = 'application/json; charset=utf-8' # Set Headers request_headers['x-ms-client-request-id'] = SecureRandom.uuid request_headers['accept-language'] = @client.accept_language unless @client.accept_language.nil? # Serialize Request request_mapper = Azure::SecurityInsights::Mgmt::V2019_01_01_preview::Models::ThreatIntelligenceArmStixQuery.mapper() request_content = @client.serialize(request_mapper, threat_intelligence_arm_stix_query) request_content = request_content != nil ? JSON.generate(request_content, quirks_mode: true) : nil path_template = 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/queryIndicators' request_url = @base_url || @client.base_url options = { middlewares: [[MsRest::RetryPolicyMiddleware, times: 3, retry: 0.02], [:cookie_jar]], path_params: {'subscriptionId' => @client.subscription_id,'resourceGroupName' => resource_group_name,'operationalInsightsResourceProvider' => operational_insights_resource_provider,'workspaceName' => workspace_name}, query_params: {'api-version' => @client.api_version}, body: request_content, headers: request_headers.merge(custom_headers || {}), base_url: request_url } promise = @client.make_request_async(:post, path_template, options) promise = promise.then do |result| http_response = result.response status_code = http_response.status response_content = http_response.body unless status_code == 200 error_model = JSON.load(response_content) fail MsRestAzure::AzureOperationError.new(result.request, http_response, error_model) end result.request_id = http_response['x-ms-request-id'] unless http_response['x-ms-request-id'].nil? result.correlation_request_id = http_response['x-ms-correlation-request-id'] unless http_response['x-ms-correlation-request-id'].nil? result.client_request_id = http_response['x-ms-client-request-id'] unless http_response['x-ms-client-request-id'].nil? # Deserialize Response if status_code == 200 begin parsed_response = response_content.to_s.empty? ? nil : JSON.load(response_content) result_mapper = Azure::SecurityInsights::Mgmt::V2019_01_01_preview::Models::ThreatIntelligenceResourceList.mapper() result.body = @client.deserialize(result_mapper, parsed_response) rescue Exception => e fail MsRest::DeserializationError.new('Error occurred in deserializing the response', e.message, e.backtrace, result) end end result end promise.execute end
Query all threat intelligence.
@param next_page_link [String] The NextLink from the previous successful call to List operation. @param custom_headers [Hash{String => String}] A hash of custom headers that will be added to the HTTP request.
@return [ThreatIntelligenceResourceList] operation results.
# File lib/2019-01-01-preview/generated/azure_mgmt_security_insights/threat_intelligence_indicators_list.rb, line 159 def query_next(next_page_link, custom_headers:nil) response = query_next_async(next_page_link, custom_headers:custom_headers).value! response.body unless response.nil? end
Query all threat intelligence.
@param next_page_link [String] The NextLink from the previous successful call to List operation. @param [Hash{String => String}] A hash of custom headers that will be added to the HTTP request.
@return [Concurrent::Promise] Promise object which holds the HTTP response.
# File lib/2019-01-01-preview/generated/azure_mgmt_security_insights/threat_intelligence_indicators_list.rb, line 188 def query_next_async(next_page_link, custom_headers:nil) fail ArgumentError, 'next_page_link is nil' if next_page_link.nil? request_headers = {} request_headers['Content-Type'] = 'application/json; charset=utf-8' # Set Headers request_headers['x-ms-client-request-id'] = SecureRandom.uuid request_headers['accept-language'] = @client.accept_language unless @client.accept_language.nil? path_template = '{nextLink}' request_url = @base_url || @client.base_url options = { middlewares: [[MsRest::RetryPolicyMiddleware, times: 3, retry: 0.02], [:cookie_jar]], skip_encoding_path_params: {'nextLink' => next_page_link}, headers: request_headers.merge(custom_headers || {}), base_url: request_url } promise = @client.make_request_async(:post, path_template, options) promise = promise.then do |result| http_response = result.response status_code = http_response.status response_content = http_response.body unless status_code == 200 error_model = JSON.load(response_content) fail MsRestAzure::AzureOperationError.new(result.request, http_response, error_model) end result.request_id = http_response['x-ms-request-id'] unless http_response['x-ms-request-id'].nil? result.correlation_request_id = http_response['x-ms-correlation-request-id'] unless http_response['x-ms-correlation-request-id'].nil? result.client_request_id = http_response['x-ms-client-request-id'] unless http_response['x-ms-client-request-id'].nil? # Deserialize Response if status_code == 200 begin parsed_response = response_content.to_s.empty? ? nil : JSON.load(response_content) result_mapper = Azure::SecurityInsights::Mgmt::V2019_01_01_preview::Models::ThreatIntelligenceResourceList.mapper() result.body = @client.deserialize(result_mapper, parsed_response) rescue Exception => e fail MsRest::DeserializationError.new('Error occurred in deserializing the response', e.message, e.backtrace, result) end end result end promise.execute end
Query all threat intelligence.
@param next_page_link [String] The NextLink from the previous successful call to List operation. @param custom_headers [Hash{String => String}] A hash of custom headers that will be added to the HTTP request.
@return [MsRestAzure::AzureOperationResponse] HTTP response information.
# File lib/2019-01-01-preview/generated/azure_mgmt_security_insights/threat_intelligence_indicators_list.rb, line 174 def query_next_with_http_info(next_page_link, custom_headers:nil) query_next_async(next_page_link, custom_headers:custom_headers).value! end
Query all threat intelligence.
@param resource_group_name [String] The name of the resource group within the user's subscription. The name is case insensitive. @param operational_insights_resource_provider [String] The namespace of workspaces resource provider- Microsoft.OperationalInsights. @param workspace_name [String] The name of the workspace. @param threat_intelligence_arm_stix_query [ThreatIntelligenceArmStixQuery] The threat intelligence ARM STIX query @param custom_headers [Hash{String => String}] A hash of custom headers that will be added to the HTTP request.
@return [MsRestAzure::AzureOperationResponse] HTTP response information.
# File lib/2019-01-01-preview/generated/azure_mgmt_security_insights/threat_intelligence_indicators_list.rb, line 60 def query_with_http_info(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers:nil) query_async(resource_group_name, operational_insights_resource_provider, workspace_name, threat_intelligence_arm_stix_query, custom_headers:custom_headers).value! end