Docs
Packages
Azure Native v1.102.0, May 2 23
Azure Native v1.102.0, May 2 23
azure-native.securityinsights.ThreatIntelligenceIndicator
Explore with Pulumi AI
Threat intelligence information object. API Version: 2019-01-01-preview.
Example Usage
Update a threat Intelligence indicator
using System.Collections.Generic;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var threatIntelligenceIndicator = new AzureNative.SecurityInsights.ThreatIntelligenceIndicator("threatIntelligenceIndicator", new()
{
Confidence = 78,
CreatedByRef = "contoso@contoso.com",
Description = "debugging indicators",
DisplayName = "new schema",
ExternalReferences = new[] {},
GranularMarkings = new[] {},
KillChainPhases = new[] {},
Kind = "indicator",
Labels = new[] {},
Modified = "",
Name = "d9cd6f0b-96b9-3984-17cd-a779d1e15a93",
OperationalInsightsResourceProvider = "Microsoft.OperationalInsights",
Pattern = "[url:value = 'https://www.contoso.com']",
PatternType = "url",
ResourceGroupName = "myRg",
Revoked = false,
Source = "Azure Sentinel",
ThreatIntelligenceTags = new[]
{
"new schema",
},
ThreatTypes = new[]
{
"compromised",
},
ValidFrom = "2020-04-15T17:44:00.114052Z",
ValidUntil = "",
WorkspaceName = "myWorkspace",
});
});
package main
import (
securityinsights "github.com/pulumi/pulumi-azure-native/sdk/go/azure/securityinsights"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := securityinsights.NewThreatIntelligenceIndicator(ctx, "threatIntelligenceIndicator", &securityinsights.ThreatIntelligenceIndicatorArgs{
Confidence: pulumi.Int(78),
CreatedByRef: pulumi.String("contoso@contoso.com"),
Description: pulumi.String("debugging indicators"),
DisplayName: pulumi.String("new schema"),
ExternalReferences: securityinsights.ThreatIntelligenceExternalReferenceArray{},
GranularMarkings: securityinsights.ThreatIntelligenceGranularMarkingModelArray{},
KillChainPhases: securityinsights.ThreatIntelligenceKillChainPhaseArray{},
Kind: pulumi.String("indicator"),
Labels: pulumi.StringArray{},
Modified: pulumi.String(""),
Name: pulumi.String("d9cd6f0b-96b9-3984-17cd-a779d1e15a93"),
OperationalInsightsResourceProvider: pulumi.String("Microsoft.OperationalInsights"),
Pattern: pulumi.String("[url:value = 'https://www.contoso.com']"),
PatternType: pulumi.String("url"),
ResourceGroupName: pulumi.String("myRg"),
Revoked: pulumi.Bool(false),
Source: pulumi.String("Azure Sentinel"),
ThreatIntelligenceTags: pulumi.StringArray{
pulumi.String("new schema"),
},
ThreatTypes: pulumi.StringArray{
pulumi.String("compromised"),
},
ValidFrom: pulumi.String("2020-04-15T17:44:00.114052Z"),
ValidUntil: pulumi.String(""),
WorkspaceName: pulumi.String("myWorkspace"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.securityinsights.ThreatIntelligenceIndicator;
import com.pulumi.azurenative.securityinsights.ThreatIntelligenceIndicatorArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var threatIntelligenceIndicator = new ThreatIntelligenceIndicator("threatIntelligenceIndicator", ThreatIntelligenceIndicatorArgs.builder()
.confidence(78)
.createdByRef("contoso@contoso.com")
.description("debugging indicators")
.displayName("new schema")
.externalReferences()
.granularMarkings()
.killChainPhases()
.kind("indicator")
.labels()
.modified("")
.name("d9cd6f0b-96b9-3984-17cd-a779d1e15a93")
.operationalInsightsResourceProvider("Microsoft.OperationalInsights")
.pattern("[url:value = 'https://www.contoso.com']")
.patternType("url")
.resourceGroupName("myRg")
.revoked(false)
.source("Azure Sentinel")
.threatIntelligenceTags("new schema")
.threatTypes("compromised")
.validFrom("2020-04-15T17:44:00.114052Z")
.validUntil("")
.workspaceName("myWorkspace")
.build());
}
}
import pulumi
import pulumi_azure_native as azure_native
threat_intelligence_indicator = azure_native.securityinsights.ThreatIntelligenceIndicator("threatIntelligenceIndicator",
confidence=78,
created_by_ref="contoso@contoso.com",
description="debugging indicators",
display_name="new schema",
external_references=[],
granular_markings=[],
kill_chain_phases=[],
kind="indicator",
labels=[],
modified="",
name="d9cd6f0b-96b9-3984-17cd-a779d1e15a93",
operational_insights_resource_provider="Microsoft.OperationalInsights",
pattern="[url:value = 'https://www.contoso.com']",
pattern_type="url",
resource_group_name="myRg",
revoked=False,
source="Azure Sentinel",
threat_intelligence_tags=["new schema"],
threat_types=["compromised"],
valid_from="2020-04-15T17:44:00.114052Z",
valid_until="",
workspace_name="myWorkspace")
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const threatIntelligenceIndicator = new azure_native.securityinsights.ThreatIntelligenceIndicator("threatIntelligenceIndicator", {
confidence: 78,
createdByRef: "contoso@contoso.com",
description: "debugging indicators",
displayName: "new schema",
externalReferences: [],
granularMarkings: [],
killChainPhases: [],
kind: "indicator",
labels: [],
modified: "",
name: "d9cd6f0b-96b9-3984-17cd-a779d1e15a93",
operationalInsightsResourceProvider: "Microsoft.OperationalInsights",
pattern: "[url:value = 'https://www.contoso.com']",
patternType: "url",
resourceGroupName: "myRg",
revoked: false,
source: "Azure Sentinel",
threatIntelligenceTags: ["new schema"],
threatTypes: ["compromised"],
validFrom: "2020-04-15T17:44:00.114052Z",
validUntil: "",
workspaceName: "myWorkspace",
});
resources:
threatIntelligenceIndicator:
type: azure-native:securityinsights:ThreatIntelligenceIndicator
properties:
confidence: 78
createdByRef: contoso@contoso.com
description: debugging indicators
displayName: new schema
externalReferences: []
granularMarkings: []
killChainPhases: []
kind: indicator
labels: []
modified:
name: d9cd6f0b-96b9-3984-17cd-a779d1e15a93
operationalInsightsResourceProvider: Microsoft.OperationalInsights
pattern: '[url:value = ''https://www.contoso.com'']'
patternType: url
resourceGroupName: myRg
revoked: false
source: Azure Sentinel
threatIntelligenceTags:
- new schema
threatTypes:
- compromised
validFrom: 2020-04-15T17:44:00.114052Z
validUntil:
workspaceName: myWorkspace
Create ThreatIntelligenceIndicator Resource
new ThreatIntelligenceIndicator(name: string, args: ThreatIntelligenceIndicatorArgs, opts?: CustomResourceOptions);@overload
def ThreatIntelligenceIndicator(resource_name: str,
opts: Optional[ResourceOptions] = None,
confidence: Optional[int] = None,
created: Optional[str] = None,
created_by_ref: Optional[str] = None,
defanged: Optional[bool] = None,
description: Optional[str] = None,
display_name: Optional[str] = None,
extensions: Optional[Any] = None,
external_id: Optional[str] = None,
external_last_updated_time_utc: Optional[str] = None,
external_references: Optional[Sequence[ThreatIntelligenceExternalReferenceArgs]] = None,
granular_markings: Optional[Sequence[ThreatIntelligenceGranularMarkingModelArgs]] = None,
indicator_types: Optional[Sequence[str]] = None,
kill_chain_phases: Optional[Sequence[ThreatIntelligenceKillChainPhaseArgs]] = None,
kind: Optional[Union[str, ThreatIntelligenceResourceKind]] = None,
labels: Optional[Sequence[str]] = None,
language: Optional[str] = None,
last_updated_time_utc: Optional[str] = None,
modified: Optional[str] = None,
name: Optional[str] = None,
object_marking_refs: Optional[Sequence[str]] = None,
operational_insights_resource_provider: Optional[str] = None,
parsed_pattern: Optional[Sequence[ThreatIntelligenceParsedPatternArgs]] = None,
pattern: Optional[str] = None,
pattern_type: Optional[str] = None,
pattern_version: Optional[str] = None,
resource_group_name: Optional[str] = None,
revoked: Optional[bool] = None,
source: Optional[str] = None,
threat_intelligence_tags: Optional[Sequence[str]] = None,
threat_types: Optional[Sequence[str]] = None,
valid_from: Optional[str] = None,
valid_until: Optional[str] = None,
workspace_name: Optional[str] = None)
@overload
def ThreatIntelligenceIndicator(resource_name: str,
args: ThreatIntelligenceIndicatorArgs,
opts: Optional[ResourceOptions] = None)func NewThreatIntelligenceIndicator(ctx *Context, name string, args ThreatIntelligenceIndicatorArgs, opts ...ResourceOption) (*ThreatIntelligenceIndicator, error)public ThreatIntelligenceIndicator(string name, ThreatIntelligenceIndicatorArgs args, CustomResourceOptions? opts = null)
public ThreatIntelligenceIndicator(String name, ThreatIntelligenceIndicatorArgs args)
public ThreatIntelligenceIndicator(String name, ThreatIntelligenceIndicatorArgs args, CustomResourceOptions options)
type: azure-native:securityinsights:ThreatIntelligenceIndicator
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ThreatIntelligenceIndicatorArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ThreatIntelligenceIndicatorArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ThreatIntelligenceIndicatorArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ThreatIntelligenceIndicatorArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ThreatIntelligenceIndicatorArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
ThreatIntelligenceIndicator Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The ThreatIntelligenceIndicator resource accepts the following input properties:
- Kind
string | Pulumi.
Azure Native. Security Insights. Threat Intelligence Resource Kind The kind of the entity.
- Operational
Insights stringResource Provider The namespace of workspaces resource provider- Microsoft.OperationalInsights.
- Resource
Group stringName The name of the resource group within the user's subscription. The name is case insensitive.
- Workspace
Name string The name of the workspace.
- Confidence int
Confidence of threat intelligence entity
- Created string
Created by
- Created
By stringRef Created by reference of threat intelligence entity
- Defanged bool
Is threat intelligence entity defanged
- Description string
Description of a threat intelligence entity
- Display
Name string Display name of a threat intelligence entity
- Extensions object
Extensions map
- External
Id string External ID of threat intelligence entity
- External
Last stringUpdated Time Utc External last updated time in UTC
- External
References List<Pulumi.Azure Native. Security Insights. Inputs. Threat Intelligence External Reference Args> External References
- Granular
Markings List<Pulumi.Azure Native. Security Insights. Inputs. Threat Intelligence Granular Marking Model Args> Granular Markings
- Indicator
Types List<string> Indicator types of threat intelligence entities
- Kill
Chain List<Pulumi.Phases Azure Native. Security Insights. Inputs. Threat Intelligence Kill Chain Phase Args> Kill chain phases
- Labels List<string>
Labels of threat intelligence entity
- Language string
Language of threat intelligence entity
- Last
Updated stringTime Utc Last updated time in UTC
- Modified string
Modified by
- Name string
Threat intelligence indicator name field.
- Object
Marking List<string>Refs Threat intelligence entity object marking references
- Parsed
Pattern List<Pulumi.Azure Native. Security Insights. Inputs. Threat Intelligence Parsed Pattern Args> Parsed patterns
- Pattern string
Pattern of a threat intelligence entity
- Pattern
Type string Pattern type of a threat intelligence entity
- Pattern
Version string Pattern version of a threat intelligence entity
- Revoked bool
Is threat intelligence entity revoked
- Source string
Source of a threat intelligence entity
- List<string>
List of tags
- Threat
Types List<string> Threat types
- Valid
From string Valid from
- Valid
Until string Valid until
- Kind
string | Threat
Intelligence Resource Kind The kind of the entity.
- Operational
Insights stringResource Provider The namespace of workspaces resource provider- Microsoft.OperationalInsights.
- Resource
Group stringName The name of the resource group within the user's subscription. The name is case insensitive.
- Workspace
Name string The name of the workspace.
- Confidence int
Confidence of threat intelligence entity
- Created string
Created by
- Created
By stringRef Created by reference of threat intelligence entity
- Defanged bool
Is threat intelligence entity defanged
- Description string
Description of a threat intelligence entity
- Display
Name string Display name of a threat intelligence entity
- Extensions interface{}
Extensions map
- External
Id string External ID of threat intelligence entity
- External
Last stringUpdated Time Utc External last updated time in UTC
- External
References []ThreatIntelligence External Reference Args External References
- Granular
Markings []ThreatIntelligence Granular Marking Model Args Granular Markings
- Indicator
Types []string Indicator types of threat intelligence entities
- Kill
Chain []ThreatPhases Intelligence Kill Chain Phase Args Kill chain phases
- Labels []string
Labels of threat intelligence entity
- Language string
Language of threat intelligence entity
- Last
Updated stringTime Utc Last updated time in UTC
- Modified string
Modified by
- Name string
Threat intelligence indicator name field.
- Object
Marking []stringRefs Threat intelligence entity object marking references
- Parsed
Pattern []ThreatIntelligence Parsed Pattern Args Parsed patterns
- Pattern string
Pattern of a threat intelligence entity
- Pattern
Type string Pattern type of a threat intelligence entity
- Pattern
Version string Pattern version of a threat intelligence entity
- Revoked bool
Is threat intelligence entity revoked
- Source string
Source of a threat intelligence entity
- []string
List of tags
- Threat
Types []string Threat types
- Valid
From string Valid from
- Valid
Until string Valid until
- kind
String | Threat
Intelligence Resource Kind The kind of the entity.
- operational
Insights StringResource Provider The namespace of workspaces resource provider- Microsoft.OperationalInsights.
- resource
Group StringName The name of the resource group within the user's subscription. The name is case insensitive.
- workspace
Name String The name of the workspace.
- confidence Integer
Confidence of threat intelligence entity
- created String
Created by
- created
By StringRef Created by reference of threat intelligence entity
- defanged Boolean
Is threat intelligence entity defanged
- description String
Description of a threat intelligence entity
- display
Name String Display name of a threat intelligence entity
- extensions Object
Extensions map
- external
Id String External ID of threat intelligence entity
- external
Last StringUpdated Time Utc External last updated time in UTC
- external
References List<ThreatIntelligence External Reference Args> External References
- granular
Markings List<ThreatIntelligence Granular Marking Model Args> Granular Markings
- indicator
Types List<String> Indicator types of threat intelligence entities
- kill
Chain List<ThreatPhases Intelligence Kill Chain Phase Args> Kill chain phases
- labels List<String>
Labels of threat intelligence entity
- language String
Language of threat intelligence entity
- last
Updated StringTime Utc Last updated time in UTC
- modified String
Modified by
- name String
Threat intelligence indicator name field.
- object
Marking List<String>Refs Threat intelligence entity object marking references
- parsed
Pattern List<ThreatIntelligence Parsed Pattern Args> Parsed patterns
- pattern String
Pattern of a threat intelligence entity
- pattern
Type String Pattern type of a threat intelligence entity
- pattern
Version String Pattern version of a threat intelligence entity
- revoked Boolean
Is threat intelligence entity revoked
- source String
Source of a threat intelligence entity
- List<String>
List of tags
- threat
Types List<String> Threat types
- valid
From String Valid from
- valid
Until String Valid until
- kind
string | Threat
Intelligence Resource Kind The kind of the entity.
- operational
Insights stringResource Provider The namespace of workspaces resource provider- Microsoft.OperationalInsights.
- resource
Group stringName The name of the resource group within the user's subscription. The name is case insensitive.
- workspace
Name string The name of the workspace.
- confidence number
Confidence of threat intelligence entity
- created string
Created by
- created
By stringRef Created by reference of threat intelligence entity
- defanged boolean
Is threat intelligence entity defanged
- description string
Description of a threat intelligence entity
- display
Name string Display name of a threat intelligence entity
- extensions any
Extensions map
- external
Id string External ID of threat intelligence entity
- external
Last stringUpdated Time Utc External last updated time in UTC
- external
References ThreatIntelligence External Reference Args[] External References
- granular
Markings ThreatIntelligence Granular Marking Model Args[] Granular Markings
- indicator
Types string[] Indicator types of threat intelligence entities
- kill
Chain ThreatPhases Intelligence Kill Chain Phase Args[] Kill chain phases
- labels string[]
Labels of threat intelligence entity
- language string
Language of threat intelligence entity
- last
Updated stringTime Utc Last updated time in UTC
- modified string
Modified by
- name string
Threat intelligence indicator name field.
- object
Marking string[]Refs Threat intelligence entity object marking references
- parsed
Pattern ThreatIntelligence Parsed Pattern Args[] Parsed patterns
- pattern string
Pattern of a threat intelligence entity
- pattern
Type string Pattern type of a threat intelligence entity
- pattern
Version string Pattern version of a threat intelligence entity
- revoked boolean
Is threat intelligence entity revoked
- source string
Source of a threat intelligence entity
- string[]
List of tags
- threat
Types string[] Threat types
- valid
From string Valid from
- valid
Until string Valid until
- kind
str | Threat
Intelligence Resource Kind The kind of the entity.
- operational_
insights_ strresource_ provider The namespace of workspaces resource provider- Microsoft.OperationalInsights.
- resource_
group_ strname The name of the resource group within the user's subscription. The name is case insensitive.
- workspace_
name str The name of the workspace.
- confidence int
Confidence of threat intelligence entity
- created str
Created by
- created_
by_ strref Created by reference of threat intelligence entity
- defanged bool
Is threat intelligence entity defanged
- description str
Description of a threat intelligence entity
- display_
name str Display name of a threat intelligence entity
- extensions Any
Extensions map
- external_
id str External ID of threat intelligence entity
- external_
last_ strupdated_ time_ utc External last updated time in UTC
- external_
references Sequence[ThreatIntelligence External Reference Args] External References
- granular_
markings Sequence[ThreatIntelligence Granular Marking Model Args] Granular Markings
- indicator_
types Sequence[str] Indicator types of threat intelligence entities
- kill_
chain_ Sequence[Threatphases Intelligence Kill Chain Phase Args] Kill chain phases
- labels Sequence[str]
Labels of threat intelligence entity
- language str
Language of threat intelligence entity
- last_
updated_ strtime_ utc Last updated time in UTC
- modified str
Modified by
- name str
Threat intelligence indicator name field.
- object_
marking_ Sequence[str]refs Threat intelligence entity object marking references
- parsed_
pattern Sequence[ThreatIntelligence Parsed Pattern Args] Parsed patterns
- pattern str
Pattern of a threat intelligence entity
- pattern_
type str Pattern type of a threat intelligence entity
- pattern_
version str Pattern version of a threat intelligence entity
- revoked bool
Is threat intelligence entity revoked
- source str
Source of a threat intelligence entity
- Sequence[str]
List of tags
- threat_
types Sequence[str] Threat types
- valid_
from str Valid from
- valid_
until str Valid until
- kind String | "indicator"
The kind of the entity.
- operational
Insights StringResource Provider The namespace of workspaces resource provider- Microsoft.OperationalInsights.
- resource
Group StringName The name of the resource group within the user's subscription. The name is case insensitive.
- workspace
Name String The name of the workspace.
- confidence Number
Confidence of threat intelligence entity
- created String
Created by
- created
By StringRef Created by reference of threat intelligence entity
- defanged Boolean
Is threat intelligence entity defanged
- description String
Description of a threat intelligence entity
- display
Name String Display name of a threat intelligence entity
- extensions Any
Extensions map
- external
Id String External ID of threat intelligence entity
- external
Last StringUpdated Time Utc External last updated time in UTC
- external
References List<Property Map> External References
- granular
Markings List<Property Map> Granular Markings
- indicator
Types List<String> Indicator types of threat intelligence entities
- kill
Chain List<Property Map>Phases Kill chain phases
- labels List<String>
Labels of threat intelligence entity
- language String
Language of threat intelligence entity
- last
Updated StringTime Utc Last updated time in UTC
- modified String
Modified by
- name String
Threat intelligence indicator name field.
- object
Marking List<String>Refs Threat intelligence entity object marking references
- parsed
Pattern List<Property Map> Parsed patterns
- pattern String
Pattern of a threat intelligence entity
- pattern
Type String Pattern type of a threat intelligence entity
- pattern
Version String Pattern version of a threat intelligence entity
- revoked Boolean
Is threat intelligence entity revoked
- source String
Source of a threat intelligence entity
- List<String>
List of tags
- threat
Types List<String> Threat types
- valid
From String Valid from
- valid
Until String Valid until
Outputs
All input properties are implicitly available as output properties. Additionally, the ThreatIntelligenceIndicator resource produces the following output properties:
Supporting Types
ThreatIntelligenceExternalReference
- Description string
External reference description
- External
Id string External reference ID
- Hashes Dictionary<string, string>
External reference hashes
- Source
Name string External reference source name
- Url string
External reference URL
- Description string
External reference description
- External
Id string External reference ID
- Hashes map[string]string
External reference hashes
- Source
Name string External reference source name
- Url string
External reference URL
- description String
External reference description
- external
Id String External reference ID
- hashes Map<String,String>
External reference hashes
- source
Name String External reference source name
- url String
External reference URL
- description string
External reference description
- external
Id string External reference ID
- hashes {[key: string]: string}
External reference hashes
- source
Name string External reference source name
- url string
External reference URL
- description str
External reference description
- external_
id str External reference ID
- hashes Mapping[str, str]
External reference hashes
- source_
name str External reference source name
- url str
External reference URL
- description String
External reference description
- external
Id String External reference ID
- hashes Map<String>
External reference hashes
- source
Name String External reference source name
- url String
External reference URL
ThreatIntelligenceGranularMarkingModel
- Language string
Language granular marking model
- Marking
Ref int marking reference granular marking model
- Selectors List<string>
granular marking model selectors
- Language string
Language granular marking model
- Marking
Ref int marking reference granular marking model
- Selectors []string
granular marking model selectors
- language String
Language granular marking model
- marking
Ref Integer marking reference granular marking model
- selectors List<String>
granular marking model selectors
- language string
Language granular marking model
- marking
Ref number marking reference granular marking model
- selectors string[]
granular marking model selectors
- language str
Language granular marking model
- marking_
ref int marking reference granular marking model
- selectors Sequence[str]
granular marking model selectors
- language String
Language granular marking model
- marking
Ref Number marking reference granular marking model
- selectors List<String>
granular marking model selectors
ThreatIntelligenceKillChainPhase
- Kill
Chain stringName Kill chainName name
- Phase
Name string Phase name
- Kill
Chain stringName Kill chainName name
- Phase
Name string Phase name
- kill
Chain StringName Kill chainName name
- phase
Name String Phase name
- kill
Chain stringName Kill chainName name
- phase
Name string Phase name
- kill_
chain_ strname Kill chainName name
- phase_
name str Phase name
- kill
Chain StringName Kill chainName name
- phase
Name String Phase name
ThreatIntelligenceParsedPattern
- Pattern
Type stringKey Pattern type key
- Pattern
Type List<Pulumi.Values Azure Native. Security Insights. Inputs. Threat Intelligence Parsed Pattern Type Value> Pattern type keys
- Pattern
Type stringKey Pattern type key
- Pattern
Type []ThreatValues Intelligence Parsed Pattern Type Value Pattern type keys
- pattern
Type StringKey Pattern type key
- pattern
Type List<ThreatValues Intelligence Parsed Pattern Type Value> Pattern type keys
- pattern
Type stringKey Pattern type key
- pattern
Type ThreatValues Intelligence Parsed Pattern Type Value[] Pattern type keys
- pattern_
type_ strkey Pattern type key
- pattern_
type_ Sequence[Threatvalues Intelligence Parsed Pattern Type Value] Pattern type keys
- pattern
Type StringKey Pattern type key
- pattern
Type List<Property Map>Values Pattern type keys
ThreatIntelligenceParsedPatternTypeValue
- value str
Value of parsed pattern
- value_
type str Type of the value
ThreatIntelligenceResourceKind
- Indicator
- indicator
Entity represents threat intelligence indicator in the system.
- Threat
Intelligence Resource Kind Indicator - indicator
Entity represents threat intelligence indicator in the system.
- Indicator
- indicator
Entity represents threat intelligence indicator in the system.
- Indicator
- indicator
Entity represents threat intelligence indicator in the system.
- INDICATOR
- indicator
Entity represents threat intelligence indicator in the system.
- "indicator"
- indicator
Entity represents threat intelligence indicator in the system.
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:securityinsights:ThreatIntelligenceIndicator 180105c7-a28d-b1a2-4a78-234f6ec80fd6 /subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/ThreatIntelligence/180105c7-a28d-b1a2-4a78-234f6ec80fd6
Package Details
- Repository
- Azure Native pulumi/pulumi-azure-native
- License
- Apache-2.0