Skip to content

Initial public commit for enrichment APIs #13479

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
PhoenixHe-NV merged 7 commits into from
May 10, 2021
Merged

Initial public commit for enrichment APIs #13479

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
32f89e6
Initial public commit for enrichment APIs
Mar 17, 2021
a4041b7
Prettier
Mar 17, 2021
264f863
Add two new fields
Apr 8, 2021
0b13b0d
Prettier
Apr 9, 2021
5947be9
Remove two fields, fix several descriptions
Apr 13, 2021
bcaebcd
Remove unneeded format line
Apr 28, 2021
cb2557b
Remove incorrect references to operational insights and workspacename
Apr 30, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions custom-words.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -709,6 +709,8 @@ generatevpnprofile
geobias
geocode
geocodes
geodata
Geodata
Geofence
geofences
Geofencing
Expand Down
333 changes: 333 additions & 0 deletions ...ource-manager/Microsoft.SecurityInsights/preview/2019-01-01-preview/SecurityInsights.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1849,6 +1849,90 @@
}
}
},
"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.SecurityInsights/enrichment/ip/geodata/": {
Copy link
Contributor

@allenjzhang allenjzhang Mar 25, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ip/geodata [](start = 120, length = 10)

ip address in query string instead of /ip/xxx/geodata? This path looks weird.

Copy link
Contributor Author

@TimLPaterson TimLPaterson Mar 25, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @allenjzhang I actually had ip as a path parameter originally but changed it at the suggestion of the original ARM reviewers (this was in an email conversation not captured in my private repo PR). My original PR has already received ARM approval and an exception for the API version. (link at the top of this PR)

Copy link
Contributor Author

@TimLPaterson TimLPaterson Apr 30, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@allenjzhang Can you resolve this and approve/complete the PR?

Copy link
Contributor

@allenjzhang allenjzhang Mar 25, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is being added back to 2019-01-01-preview? As readme.md default tag is referring to 2020 stable, the SDK automation generated no diff. You should really create a new API versions for it.

Copy link
Contributor Author

@TimLPaterson TimLPaterson Mar 25, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is because this PR is actually a copy of one made a while back (which received ARM approval and approval for the breaking change). The reason I had to make this fresh PR was that I couldn't convert my PR in the private repo into a PR in the public repo (I had permissions problems, and a 500-level error when I tried). I contacted the OpenAPI support staff and Zhenglai Zhang suggested I make a brand new PR and just reference the old one.

Copy link
Contributor Author

@TimLPaterson TimLPaterson Apr 30, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@allenjzhang (as above) Can you resolve this and approve/complete the PR?

"get": {
"x-ms-examples": {
"Get geodata for a single IP address": {
"$ref": "./examples/enrichment/GetGeodataByIp.json"
}
},
"tags": [
"Enrichment"
],
"description": "Get geodata for a single IP address",
"operationId": "IPGeodata_Get",
"parameters": [
{
"$ref": "#/parameters/ApiVersion"
},
{
"$ref": "#/parameters/SubscriptionId"
},
{
"$ref": "#/parameters/ResourceGroupName"
},
{
"$ref": "#/parameters/EnrichmentIpAddress"
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/EnrichmentIpGeodata"
}
},
"default": {
"description": "Error response describing why the operation failed to enrich this ip.",
"schema": {
"$ref": "#/definitions/CloudError"
}
}
}
}
},
"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.SecurityInsights/enrichment/domain/whois/": {
"get": {
"x-ms-examples": {
"Get whois information for a single domain name": {
"$ref": "./examples/enrichment/GetWhoisByDomainName.json"
}
},
"tags": [
"Enrichment"
],
"description": "Get whois information for a single domain name",
"operationId": "DomainWhois_Get",
"parameters": [
{
"$ref": "#/parameters/ApiVersion"
},
{
"$ref": "#/parameters/SubscriptionId"
},
{
"$ref": "#/parameters/ResourceGroupName"
},
{
"$ref": "#/parameters/EnrichmentDomain"
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/EnrichmentDomainWhois"
}
},
"default": {
"description": "Error response describing why the operation failed to enrich this domain.",
"schema": {
"$ref": "#/definitions/CloudError"
}
}
}
}
},
"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/dataConnectors": {
"get": {
"x-ms-examples": {
Expand Down Expand Up @@ -7708,6 +7792,239 @@
"description": "Dynamics365 requirements check properties.",
"type": "object"
},
"EnrichmentDomainWhois": {
"description": "Whois information for a given domain and associated metadata",
"properties": {
"domain": {
"description": "The domain for this whois record",
"type": "string"
},
"server": {
"description": "The hostname of this registrar's whois server",
"type": "string"
},
"created": {
"description": "The timestamp at which this record was created",
"format": "date-time",
"type": "string"
},
"updated": {
"description": "The timestamp at which this record was last updated",
"format": "date-time",
"type": "string"
},
"expires": {
"description": "The timestamp at which this record will expire",
"format": "date-time",
"type": "string"
},
"parsedWhois": {
"description": "The whois record for a given domain",
"$ref": "#/definitions/EnrichmentDomainWhoisDetails"
}
}
},
"EnrichmentDomainWhoisDetails": {
"description": "The whois record for a given domain",
"properties": {
"registrar": {
"description": "The registrar associated with this domain",
"$ref": "#/definitions/EnrichmentDomainWhoisRegistrarDetails"
},
"contacts": {
"description": "The set of contacts associated with this domain",
"$ref": "#/definitions/EnrichmentDomainWhoisContacts"
},
"nameServers": {
"description": "A list of name servers associated with this domain",
"type": "array",
"items": {
"type": "string"
}
},
"statuses": {
"description": "The set of status flags for this whois record",
"type": "array",
"items": {
"type": "string"
}
}
}
},
"EnrichmentDomainWhoisRegistrarDetails": {
"description": "The registrar associated with this domain",
"properties": {
"name": {
"description": "The name of this registrar",
"type": "string"
},
"abuseContactEmail": {
"description": "This registrar's abuse contact email",
"type": "string"
},
"abuseContactPhone": {
"description": "This registrar's abuse contact phone number",
"type": "string"
},
"ianaId": {
"description": "This registrar's Internet Assigned Numbers Authority id",
"type": "string"
},
"url": {
"description": "This registrar's URL",
"type": "string"
},
"whoisServer": {
"description": "The hostname of this registrar's whois server",
"type": "string"
}
}
},
"EnrichmentDomainWhoisContacts": {
"description": "The set of contacts associated with this domain",
"properties": {
"admin": {
"description": "The admin contact for this whois record",
"$ref": "#/definitions/EnrichmentDomainWhoisContact"
},
"billing": {
"description": "The billing contact for this whois record",
"$ref": "#/definitions/EnrichmentDomainWhoisContact"
},
"registrant": {
"description": "The registrant contact for this whois record",
"$ref": "#/definitions/EnrichmentDomainWhoisContact"
},
"tech": {
"description": "The technical contact for this whois record",
"$ref": "#/definitions/EnrichmentDomainWhoisContact"
}
}
},
"EnrichmentDomainWhoisContact": {
"description": "An individual contact associated with this domain",
"properties": {
"name": {
"description": "The name of this contact",
"type": "string"
},
"org": {
"description": "The organization for this contact",
"type": "string"
},
"street": {
"description": "A list describing the street address for this contact",
"type": "array",
"items": {
"type": "string"
}
},
"city": {
"description": "The city for this contact",
"type": "string"
},
"state": {
"description": "The state for this contact",
"type": "string"
},
"postal": {
"description": "The postal code for this contact",
"type": "string"
},
"country": {
"description": "The country for this contact",
"type": "string"
},
"phone": {
"description": "The phone number for this contact",
"type": "string"
},
"fax": {
"description": "The fax number for this contact",
"type": "string"
},
"email": {
"description": "The email address for this contact",
"type": "string"
}
}
},
"EnrichmentIpGeodata": {
"description": "Geodata information for a given IP address",
"properties": {
"asn": {
"description": "The autonomous system number associated with this IP address",
"type": "string"
},
"carrier": {
"description": "The name of the carrier for this IP address",
"type": "string"
},
"city": {
"description": "The city this IP address is located in",
"type": "string"
},
"cityCf": {
"description": "A numeric rating of confidence that the value in the 'city' field is correct, on a scale of 0-100",
"type": "integer",
"format": "int32"
},
"continent": {
"description": "The continent this IP address is located on",
"type": "string"
},
"country": {
"description": "The county this IP address is located in",
"type": "string"
},
"countryCf": {
"description": "A numeric rating of confidence that the value in the 'country' field is correct on a scale of 0-100",
"type": "integer",
"format": "int32"
},
"ipAddr": {
"description": "The dotted-decimal or colon-separated string representation of the IP address",
"type": "string"
},
"ipRoutingType": {
"description": "A description of the connection type of this IP address",
"type": "string"
},
"latitude": {
"description": "The latitude of this IP address",
"type": "string"
},
"longitude": {
"description": "The longitude of this IP address",
"type": "string"
},
"organization": {
"description": "The name of the organization for this IP address",
"type": "string"
},
"organizationType": {
"description": "The type of the organization for this IP address",
"type": "string"
},
"region": {
"description": "The geographic region this IP address is located in",
"type": "string"
},
"state": {
"description": "The state this IP address is located in",
"type": "string"
},
"stateCf": {
"description": "A numeric rating of confidence that the value in the 'state' field is correct on a scale of 0-100",
"type": "integer",
"format": "int32"
},
"stateCode": {
"description": "The abbreviated name for the state this IP address is located in",
"type": "string"
}
}
},
"Entity": {
"allOf": [
{
Expand Down Expand Up @@ -13910,6 +14227,22 @@
},
"x-ms-parameter-location": "method"
},
"EnrichmentDomain": {
"description": "Domain name to be enriched",
"in": "query",
"name": "domain",
"required": true,
"type": "string",
"x-ms-parameter-location": "method"
},
"EnrichmentIpAddress": {
"description": "IP address (v4 or v6) to be enriched",
"in": "query",
"name": "ipAddress",
"required": true,
"type": "string",
"x-ms-parameter-location": "method"
},
"EntityExpandRequestBody": {
"description": "The parameters required to execute an expand operation on the given entity.",
"in": "body",
Expand Down
31 changes: 31 additions & 0 deletions ...osoft.SecurityInsights/preview/2019-01-01-preview/examples/enrichment/GetGeodataByIp.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
{
"parameters": {
"api-version": "2019-01-01-preview",
"subscriptionId": "bd794837-4d29-4647-9105-6339bfdb4e6a",
"resourceGroupName": "myRg",
"ipAddress": "1.2.3.4"
},
"responses": {
"200": {
"body": {
"asn": "12345",
"carrier": "Microsoft",
"city": "Redmond",
"cityCf": 90,
"continent": "north america",
"country": "united states",
"countryCf": 99,
"ipAddr": "1.2.3.4",
"ipRoutingType": "fixed",
"latitude": "40.2436",
"longitude": "-100.8891",
"organization": "Microsoft",
"organizationType": "tech",
"region": "western usa",
"state": "washington",
"stateCf": null,
"stateCode": "wa"
}
}
}
}
Loading