Watchlist Class
Represents a Watchlist in Azure Security Insights.
Variables are only populated by the server, and will be ignored when sending a request.
- Inheritance
-
azure.mgmt.securityinsight.models._models_py3.ResourceWithEtagWatchlist
Constructor
Watchlist(*, etag: Optional[str] = None, watchlist_id: Optional[str] = None, display_name: Optional[str] = None, provider: Optional[str] = None, source: Optional[str] = None, source_type: Optional[Union[str, azure.mgmt.securityinsight.models._security_insights_enums.SourceType]] = None, created: Optional[datetime.datetime] = None, updated: Optional[datetime.datetime] = None, created_by: Optional[azure.mgmt.securityinsight.models._models_py3.UserInfo] = None, updated_by: Optional[azure.mgmt.securityinsight.models._models_py3.UserInfo] = None, description: Optional[str] = None, watchlist_type: Optional[str] = None, watchlist_alias: Optional[str] = None, is_deleted: Optional[bool] = None, labels: Optional[List[str]] = None, default_duration: Optional[datetime.timedelta] = None, tenant_id: Optional[str] = None, number_of_lines_to_skip: Optional[int] = None, raw_content: Optional[str] = None, items_search_key: Optional[str] = None, content_type: Optional[str] = None, upload_status: Optional[str] = None, **kwargs)
Variables
- id
- str
Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}.
- name
- str
The name of the resource.
- type
- str
The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts".
- system_data
- SystemData
Azure Resource Manager metadata containing createdBy and modifiedBy information.
- etag
- str
Etag of the azure resource.
- watchlist_id
- str
The id (a Guid) of the watchlist.
- display_name
- str
The display name of the watchlist.
- provider
- str
The provider of the watchlist.
- source
- str
The filename of the watchlist, called 'source'.
- source_type
- str or SourceType
The sourceType of the watchlist. Possible values include: "Local file", "Remote storage".
- created
- datetime
The time the watchlist was created.
- updated
- datetime
The last time the watchlist was updated.
- created_by
- UserInfo
Describes a user that created the watchlist.
- updated_by
- UserInfo
Describes a user that updated the watchlist.
- description
- str
A description of the watchlist.
- watchlist_type
- str
The type of the watchlist.
- watchlist_alias
- str
The alias of the watchlist.
- is_deleted
- bool
A flag that indicates if the watchlist is deleted or not.
- default_duration
- timedelta
The default duration of a watchlist (in ISO 8601 duration format).
- tenant_id
- str
The tenantId where the watchlist belongs to.
- number_of_lines_to_skip
- int
The number of lines in a csv/tsv content to skip before the header.
- raw_content
- str
The raw content that represents to watchlist items to create. In case of csv/tsv content type, it's the content of the file that will parsed by the endpoint.
- items_search_key
- str
The search key is used to optimize query performance when using watchlists for joins with other data. For example, enable a column with IP addresses to be the designated SearchKey field, then use this field as the key field when joining to other event data by IP address.
- content_type
- str
The content type of the raw content. Example : text/csv or text/tsv.
- upload_status
- str
The status of the Watchlist upload : New, InProgress or Complete. Pls note : When a Watchlist upload status is equal to InProgress, the Watchlist cannot be deleted.
Feedback
Submit and view feedback for