Azure
diff --git a/‎specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2021-09-01-preview/AlertRules.json‎
Lines changed: 1887 additions & 0 deletions b/‎specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2021-09-01-preview/AlertRules.json‎
Lines changed: 1887 additions & 0 deletions
diff --git a/‎specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2021-09-01-preview/EntityDefinitions.json‎
Lines changed: 181 additions & 0 deletions b/‎specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2021-09-01-preview/EntityDefinitions.json‎
Lines changed: 181 additions & 0 deletions
@@ -0,0 +1,181 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Insights",
+    "description": "API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider",
+    "version": "2021-03-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {},
+  "definitions": {
+    "EntityInnerType": {
+      "description": "The type of the entity",
+      "enum": [
+        "Account",
+        "Host",
+        "File",
+        "AzureResource",
+        "CloudApplication",
+        "DNS",
+        "FileHash",
+        "IP",
+        "Malware",
+        "Process",
+        "RegistryKey",
+        "RegistryValue",
+        "SecurityGroup",
+        "URL",
+        "IoTDevice",
+        "SecurityAlert",
+        "HuntingBookmark",
+        "MailCluster",
+        "MailMessage",
+        "Mailbox",
+        "SubmissionMail"
+      ],
+      "type": "string",
+      "x-ms-enum": {
+        "modelAsString": true,
+        "name": "EntityType",
+        "values": [
+          {
+            "description": "Entity represents account in the system.",
+            "value": "Account"
+          },
+          {
+            "description": "Entity represents host in the system.",
+            "value": "Host"
+          },
+          {
+            "description": "Entity represents file in the system.",
+            "value": "File"
+          },
+          {
+            "description": "Entity represents azure resource in the system.",
+            "value": "AzureResource"
+          },
+          {
+            "description": "Entity represents cloud application in the system.",
+            "value": "CloudApplication"
+          },
+          {
+            "description": "Entity represents dns in the system.",
+            "value": "DNS"
+          },
+          {
+            "description": "Entity represents file hash in the system.",
+            "value": "FileHash"
+          },
+          {
+            "description": "Entity represents ip in the system.",
+            "value": "IP"
+          },
+          {
+            "description": "Entity represents malware in the system.",
+            "value": "Malware"
+          },
+          {
+            "description": "Entity represents process in the system.",
+            "value": "Process"
+          },
+          {
+            "description": "Entity represents registry key in the system.",
+            "value": "RegistryKey"
+          },
+          {
+            "description": "Entity represents registry value in the system.",
+            "value": "RegistryValue"
+          },
+          {
+            "description": "Entity represents security group in the system.",
+            "value": "SecurityGroup"
+          },
+          {
+            "description": "Entity represents url in the system.",
+            "value": "URL"
+          },
+          {
+            "description": "Entity represents IoT device in the system.",
+            "value": "IoTDevice"
+          },
+          {
+            "description": "Entity represents security alert in the system.",
+            "value": "SecurityAlert"
+          },
+          {
+            "description": "Entity represents HuntingBookmark in the system.",
+            "value": "HuntingBookmark"
+          },
+          {
+            "description": "Entity represents mail cluster in the system.",
+            "value": "MailCluster"
+          },
+          {
+            "description": "Entity represents mail message in the system.",
+            "value": "MailMessage"
+          },
+          {
+            "description": "Entity represents mailbox in the system.",
+            "value": "Mailbox"
+          },
+          {
+            "description": "Entity represents submission mail in the system.",
+            "value": "SubmissionMail"
+          }
+        ]
+      }
+    },
+    "EntityQueryKind": {
+      "description": "The kind of the entity query",
+      "enum": [
+        "Expansion",
+        "Insight",
+        "Activity"
+      ],
+      "type": "string",
+      "x-ms-enum": {
+        "modelAsString": true,
+        "name": "EntityQueryKind",
+        "values": [
+          {
+            "value": "Expansion"
+          },
+          {
+            "value": "Insight"
+          },
+          {
+            "value": "Activity"
+          }
+        ]
+      }
+    }
+  },
+  "parameters": {}
+}