Feedback Edit

ExpansionEntityQuery Class

  • Reference

Represents Expansion entity query.

Variables are only populated by the server, and will be ignored when sending a request.

All required parameters must be populated in order to send to Azure.

Inheritance
azure.mgmt.securityinsight.models._models_py3.EntityQuery
ExpansionEntityQuery

Constructor

ExpansionEntityQuery(*, etag: Optional[str] = None, data_sources: Optional[List[str]] = None, display_name: Optional[str] = None, input_entity_type: Optional[Union[str, azure.mgmt.securityinsight.models._security_insights_enums.EntityType]] = None, input_fields: Optional[List[str]] = None, output_entity_types: Optional[List[Union[str, azure.mgmt.securityinsight.models._security_insights_enums.EntityType]]] = None, query_template: Optional[str] = None, **kwargs)

Variables

id
str

Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}.

name
str

The name of the resource.

type
str

The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts".

system_data
SystemData

Azure Resource Manager metadata containing createdBy and modifiedBy information.

etag
str

Etag of the azure resource.

kind
str or EntityQueryKind

Required. the entity query kind.Constant filled by server. Possible values include: "Expansion", "Insight", "Activity".

data_sources
list[str]

List of the data sources that are required to run the query.

display_name
str

The query display name.

input_entity_type
str or EntityType

The type of the query's source entity. Possible values include: "Account", "Host", "File", "AzureResource", "CloudApplication", "DNS", "FileHash", "IP", "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "URL", "IoTDevice", "SecurityAlert", "HuntingBookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail".

input_fields
list[str]

List of the fields of the source entity that are required to run the query.

output_entity_types
list[str or EntityType]

List of the desired output types to be constructed from the result.

query_template
str

The template query string to be parsed and formatted.