1. Packages
  2. Azure Native
  3. API Docs
  4. securityinsights
  5. Hunt
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.73.0 published on Wednesday, Nov 20, 2024 by Pulumi

azure-native.securityinsights.Hunt

Explore with Pulumi AI

azure-native logo
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.73.0 published on Wednesday, Nov 20, 2024 by Pulumi

    Represents a Hunt in Azure Security Insights. Azure REST API version: 2023-06-01-preview.

    Other available API versions: 2023-07-01-preview, 2023-08-01-preview, 2023-09-01-preview, 2023-10-01-preview, 2023-12-01-preview, 2024-01-01-preview, 2024-04-01-preview.

    Example Usage

    Creates or updates a hunt.

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureNative = Pulumi.AzureNative;
    
    return await Deployment.RunAsync(() => 
    {
        var hunt = new AzureNative.SecurityInsights.Hunt("hunt", new()
        {
            AttackTactics = new[]
            {
                AzureNative.SecurityInsights.AttackTactic.Reconnaissance,
            },
            AttackTechniques = new[]
            {
                "T1595",
            },
            Description = "Log4J Hunt Description",
            DisplayName = "Log4J new hunt",
            HuntId = "163e7b2a-a2ec-4041-aaba-d878a38f265f",
            HypothesisStatus = AzureNative.SecurityInsights.HypothesisStatus.Unknown,
            Labels = new[]
            {
                "Label1",
                "Label2",
            },
            Owner = new AzureNative.SecurityInsights.Inputs.HuntOwnerArgs
            {
                ObjectId = "873b5263-5d34-4149-b356-ad341b01e123",
            },
            ResourceGroupName = "myRg",
            Status = AzureNative.SecurityInsights.Status.New,
            WorkspaceName = "myWorkspace",
        });
    
    });
    
    package main
    
    import (
    	securityinsights "github.com/pulumi/pulumi-azure-native-sdk/securityinsights/v2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := securityinsights.NewHunt(ctx, "hunt", &securityinsights.HuntArgs{
    			AttackTactics: pulumi.StringArray{
    				pulumi.String(securityinsights.AttackTacticReconnaissance),
    			},
    			AttackTechniques: pulumi.StringArray{
    				pulumi.String("T1595"),
    			},
    			Description:      pulumi.String("Log4J Hunt Description"),
    			DisplayName:      pulumi.String("Log4J new hunt"),
    			HuntId:           pulumi.String("163e7b2a-a2ec-4041-aaba-d878a38f265f"),
    			HypothesisStatus: pulumi.String(securityinsights.HypothesisStatusUnknown),
    			Labels: pulumi.StringArray{
    				pulumi.String("Label1"),
    				pulumi.String("Label2"),
    			},
    			Owner: &securityinsights.HuntOwnerArgs{
    				ObjectId: pulumi.String("873b5263-5d34-4149-b356-ad341b01e123"),
    			},
    			ResourceGroupName: pulumi.String("myRg"),
    			Status:            pulumi.String(securityinsights.StatusNew),
    			WorkspaceName:     pulumi.String("myWorkspace"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azurenative.securityinsights.Hunt;
    import com.pulumi.azurenative.securityinsights.HuntArgs;
    import com.pulumi.azurenative.securityinsights.inputs.HuntOwnerArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var hunt = new Hunt("hunt", HuntArgs.builder()
                .attackTactics("Reconnaissance")
                .attackTechniques("T1595")
                .description("Log4J Hunt Description")
                .displayName("Log4J new hunt")
                .huntId("163e7b2a-a2ec-4041-aaba-d878a38f265f")
                .hypothesisStatus("Unknown")
                .labels(            
                    "Label1",
                    "Label2")
                .owner(HuntOwnerArgs.builder()
                    .objectId("873b5263-5d34-4149-b356-ad341b01e123")
                    .build())
                .resourceGroupName("myRg")
                .status("New")
                .workspaceName("myWorkspace")
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azure_native as azure_native
    
    hunt = azure_native.securityinsights.Hunt("hunt",
        attack_tactics=[azure_native.securityinsights.AttackTactic.RECONNAISSANCE],
        attack_techniques=["T1595"],
        description="Log4J Hunt Description",
        display_name="Log4J new hunt",
        hunt_id="163e7b2a-a2ec-4041-aaba-d878a38f265f",
        hypothesis_status=azure_native.securityinsights.HypothesisStatus.UNKNOWN,
        labels=[
            "Label1",
            "Label2",
        ],
        owner={
            "object_id": "873b5263-5d34-4149-b356-ad341b01e123",
        },
        resource_group_name="myRg",
        status=azure_native.securityinsights.Status.NEW,
        workspace_name="myWorkspace")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    
    const hunt = new azure_native.securityinsights.Hunt("hunt", {
        attackTactics: [azure_native.securityinsights.AttackTactic.Reconnaissance],
        attackTechniques: ["T1595"],
        description: "Log4J Hunt Description",
        displayName: "Log4J new hunt",
        huntId: "163e7b2a-a2ec-4041-aaba-d878a38f265f",
        hypothesisStatus: azure_native.securityinsights.HypothesisStatus.Unknown,
        labels: [
            "Label1",
            "Label2",
        ],
        owner: {
            objectId: "873b5263-5d34-4149-b356-ad341b01e123",
        },
        resourceGroupName: "myRg",
        status: azure_native.securityinsights.Status.New,
        workspaceName: "myWorkspace",
    });
    
    resources:
      hunt:
        type: azure-native:securityinsights:Hunt
        properties:
          attackTactics:
            - Reconnaissance
          attackTechniques:
            - T1595
          description: Log4J Hunt Description
          displayName: Log4J new hunt
          huntId: 163e7b2a-a2ec-4041-aaba-d878a38f265f
          hypothesisStatus: Unknown
          labels:
            - Label1
            - Label2
          owner:
            objectId: 873b5263-5d34-4149-b356-ad341b01e123
          resourceGroupName: myRg
          status: New
          workspaceName: myWorkspace
    

    Create Hunt Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Hunt(name: string, args: HuntArgs, opts?: CustomResourceOptions);
    @overload
    def Hunt(resource_name: str,
             args: HuntArgs,
             opts: Optional[ResourceOptions] = None)
    
    @overload
    def Hunt(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             description: Optional[str] = None,
             display_name: Optional[str] = None,
             resource_group_name: Optional[str] = None,
             workspace_name: Optional[str] = None,
             attack_tactics: Optional[Sequence[Union[str, AttackTactic]]] = None,
             attack_techniques: Optional[Sequence[str]] = None,
             hunt_id: Optional[str] = None,
             hypothesis_status: Optional[Union[str, HypothesisStatus]] = None,
             labels: Optional[Sequence[str]] = None,
             owner: Optional[HuntOwnerArgs] = None,
             status: Optional[Union[str, Status]] = None)
    func NewHunt(ctx *Context, name string, args HuntArgs, opts ...ResourceOption) (*Hunt, error)
    public Hunt(string name, HuntArgs args, CustomResourceOptions? opts = null)
    public Hunt(String name, HuntArgs args)
    public Hunt(String name, HuntArgs args, CustomResourceOptions options)
    
    type: azure-native:securityinsights:Hunt
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args HuntArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args HuntArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args HuntArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args HuntArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args HuntArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var huntResource = new AzureNative.SecurityInsights.Hunt("huntResource", new()
    {
        Description = "string",
        DisplayName = "string",
        ResourceGroupName = "string",
        WorkspaceName = "string",
        AttackTactics = new[]
        {
            "string",
        },
        AttackTechniques = new[]
        {
            "string",
        },
        HuntId = "string",
        HypothesisStatus = "string",
        Labels = new[]
        {
            "string",
        },
        Owner = new AzureNative.SecurityInsights.Inputs.HuntOwnerArgs
        {
            AssignedTo = "string",
            Email = "string",
            ObjectId = "string",
            OwnerType = "string",
            UserPrincipalName = "string",
        },
        Status = "string",
    });
    
    example, err := securityinsights.NewHunt(ctx, "huntResource", &securityinsights.HuntArgs{
    	Description:       pulumi.String("string"),
    	DisplayName:       pulumi.String("string"),
    	ResourceGroupName: pulumi.String("string"),
    	WorkspaceName:     pulumi.String("string"),
    	AttackTactics: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	AttackTechniques: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	HuntId:           pulumi.String("string"),
    	HypothesisStatus: pulumi.String("string"),
    	Labels: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Owner: &securityinsights.HuntOwnerArgs{
    		AssignedTo:        pulumi.String("string"),
    		Email:             pulumi.String("string"),
    		ObjectId:          pulumi.String("string"),
    		OwnerType:         pulumi.String("string"),
    		UserPrincipalName: pulumi.String("string"),
    	},
    	Status: pulumi.String("string"),
    })
    
    var huntResource = new Hunt("huntResource", HuntArgs.builder()
        .description("string")
        .displayName("string")
        .resourceGroupName("string")
        .workspaceName("string")
        .attackTactics("string")
        .attackTechniques("string")
        .huntId("string")
        .hypothesisStatus("string")
        .labels("string")
        .owner(HuntOwnerArgs.builder()
            .assignedTo("string")
            .email("string")
            .objectId("string")
            .ownerType("string")
            .userPrincipalName("string")
            .build())
        .status("string")
        .build());
    
    hunt_resource = azure_native.securityinsights.Hunt("huntResource",
        description="string",
        display_name="string",
        resource_group_name="string",
        workspace_name="string",
        attack_tactics=["string"],
        attack_techniques=["string"],
        hunt_id="string",
        hypothesis_status="string",
        labels=["string"],
        owner={
            "assigned_to": "string",
            "email": "string",
            "object_id": "string",
            "owner_type": "string",
            "user_principal_name": "string",
        },
        status="string")
    
    const huntResource = new azure_native.securityinsights.Hunt("huntResource", {
        description: "string",
        displayName: "string",
        resourceGroupName: "string",
        workspaceName: "string",
        attackTactics: ["string"],
        attackTechniques: ["string"],
        huntId: "string",
        hypothesisStatus: "string",
        labels: ["string"],
        owner: {
            assignedTo: "string",
            email: "string",
            objectId: "string",
            ownerType: "string",
            userPrincipalName: "string",
        },
        status: "string",
    });
    
    type: azure-native:securityinsights:Hunt
    properties:
        attackTactics:
            - string
        attackTechniques:
            - string
        description: string
        displayName: string
        huntId: string
        hypothesisStatus: string
        labels:
            - string
        owner:
            assignedTo: string
            email: string
            objectId: string
            ownerType: string
            userPrincipalName: string
        resourceGroupName: string
        status: string
        workspaceName: string
    

    Hunt Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Hunt resource accepts the following input properties:

    Description string
    The description of the hunt
    DisplayName string
    The display name of the hunt
    ResourceGroupName string
    The name of the resource group. The name is case insensitive.
    WorkspaceName string
    The name of the workspace.
    AttackTactics List<Union<string, Pulumi.AzureNative.SecurityInsights.AttackTactic>>
    A list of mitre attack tactics the hunt is associated with
    AttackTechniques List<string>
    A list of a mitre attack techniques the hunt is associated with
    HuntId string
    The hunt id (GUID)
    HypothesisStatus string | Pulumi.AzureNative.SecurityInsights.HypothesisStatus
    The hypothesis status of the hunt.
    Labels List<string>
    List of labels relevant to this hunt
    Owner Pulumi.AzureNative.SecurityInsights.Inputs.HuntOwner
    Describes a user that the hunt is assigned to
    Status string | Pulumi.AzureNative.SecurityInsights.Status
    The status of the hunt.
    Description string
    The description of the hunt
    DisplayName string
    The display name of the hunt
    ResourceGroupName string
    The name of the resource group. The name is case insensitive.
    WorkspaceName string
    The name of the workspace.
    AttackTactics []string
    A list of mitre attack tactics the hunt is associated with
    AttackTechniques []string
    A list of a mitre attack techniques the hunt is associated with
    HuntId string
    The hunt id (GUID)
    HypothesisStatus string | HypothesisStatus
    The hypothesis status of the hunt.
    Labels []string
    List of labels relevant to this hunt
    Owner HuntOwnerArgs
    Describes a user that the hunt is assigned to
    Status string | Status
    The status of the hunt.
    description String
    The description of the hunt
    displayName String
    The display name of the hunt
    resourceGroupName String
    The name of the resource group. The name is case insensitive.
    workspaceName String
    The name of the workspace.
    attackTactics List<Either<String,AttackTactic>>
    A list of mitre attack tactics the hunt is associated with
    attackTechniques List<String>
    A list of a mitre attack techniques the hunt is associated with
    huntId String
    The hunt id (GUID)
    hypothesisStatus String | HypothesisStatus
    The hypothesis status of the hunt.
    labels List<String>
    List of labels relevant to this hunt
    owner HuntOwner
    Describes a user that the hunt is assigned to
    status String | Status
    The status of the hunt.
    description string
    The description of the hunt
    displayName string
    The display name of the hunt
    resourceGroupName string
    The name of the resource group. The name is case insensitive.
    workspaceName string
    The name of the workspace.
    attackTactics (string | AttackTactic)[]
    A list of mitre attack tactics the hunt is associated with
    attackTechniques string[]
    A list of a mitre attack techniques the hunt is associated with
    huntId string
    The hunt id (GUID)
    hypothesisStatus string | HypothesisStatus
    The hypothesis status of the hunt.
    labels string[]
    List of labels relevant to this hunt
    owner HuntOwner
    Describes a user that the hunt is assigned to
    status string | Status
    The status of the hunt.
    description str
    The description of the hunt
    display_name str
    The display name of the hunt
    resource_group_name str
    The name of the resource group. The name is case insensitive.
    workspace_name str
    The name of the workspace.
    attack_tactics Sequence[Union[str, AttackTactic]]
    A list of mitre attack tactics the hunt is associated with
    attack_techniques Sequence[str]
    A list of a mitre attack techniques the hunt is associated with
    hunt_id str
    The hunt id (GUID)
    hypothesis_status str | HypothesisStatus
    The hypothesis status of the hunt.
    labels Sequence[str]
    List of labels relevant to this hunt
    owner HuntOwnerArgs
    Describes a user that the hunt is assigned to
    status str | Status
    The status of the hunt.
    description String
    The description of the hunt
    displayName String
    The display name of the hunt
    resourceGroupName String
    The name of the resource group. The name is case insensitive.
    workspaceName String
    The name of the workspace.
    attackTactics List<String | "Reconnaissance" | "ResourceDevelopment" | "InitialAccess" | "Execution" | "Persistence" | "PrivilegeEscalation" | "DefenseEvasion" | "CredentialAccess" | "Discovery" | "LateralMovement" | "Collection" | "Exfiltration" | "CommandAndControl" | "Impact" | "PreAttack" | "ImpairProcessControl" | "InhibitResponseFunction">
    A list of mitre attack tactics the hunt is associated with
    attackTechniques List<String>
    A list of a mitre attack techniques the hunt is associated with
    huntId String
    The hunt id (GUID)
    hypothesisStatus String | "Unknown" | "Invalidated" | "Validated"
    The hypothesis status of the hunt.
    labels List<String>
    List of labels relevant to this hunt
    owner Property Map
    Describes a user that the hunt is assigned to
    status String | "New" | "Active" | "Closed"
    The status of the hunt.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Hunt resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Name string
    The name of the resource
    SystemData Pulumi.AzureNative.SecurityInsights.Outputs.SystemDataResponse
    Azure Resource Manager metadata containing createdBy and modifiedBy information.
    Type string
    The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
    Etag string
    Etag of the azure resource
    Id string
    The provider-assigned unique ID for this managed resource.
    Name string
    The name of the resource
    SystemData SystemDataResponse
    Azure Resource Manager metadata containing createdBy and modifiedBy information.
    Type string
    The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
    Etag string
    Etag of the azure resource
    id String
    The provider-assigned unique ID for this managed resource.
    name String
    The name of the resource
    systemData SystemDataResponse
    Azure Resource Manager metadata containing createdBy and modifiedBy information.
    type String
    The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
    etag String
    Etag of the azure resource
    id string
    The provider-assigned unique ID for this managed resource.
    name string
    The name of the resource
    systemData SystemDataResponse
    Azure Resource Manager metadata containing createdBy and modifiedBy information.
    type string
    The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
    etag string
    Etag of the azure resource
    id str
    The provider-assigned unique ID for this managed resource.
    name str
    The name of the resource
    system_data SystemDataResponse
    Azure Resource Manager metadata containing createdBy and modifiedBy information.
    type str
    The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
    etag str
    Etag of the azure resource
    id String
    The provider-assigned unique ID for this managed resource.
    name String
    The name of the resource
    systemData Property Map
    Azure Resource Manager metadata containing createdBy and modifiedBy information.
    type String
    The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
    etag String
    Etag of the azure resource

    Supporting Types

    AttackTactic, AttackTacticArgs

    Reconnaissance
    Reconnaissance
    ResourceDevelopment
    ResourceDevelopment
    InitialAccess
    InitialAccess
    Execution
    Execution
    Persistence
    Persistence
    PrivilegeEscalation
    PrivilegeEscalation
    DefenseEvasion
    DefenseEvasion
    CredentialAccess
    CredentialAccess
    Discovery
    Discovery
    LateralMovement
    LateralMovement
    Collection
    Collection
    Exfiltration
    Exfiltration
    CommandAndControl
    CommandAndControl
    Impact
    Impact
    PreAttack
    PreAttack
    ImpairProcessControl
    ImpairProcessControl
    InhibitResponseFunction
    InhibitResponseFunction
    AttackTacticReconnaissance
    Reconnaissance
    AttackTacticResourceDevelopment
    ResourceDevelopment
    AttackTacticInitialAccess
    InitialAccess
    AttackTacticExecution
    Execution
    AttackTacticPersistence
    Persistence
    AttackTacticPrivilegeEscalation
    PrivilegeEscalation
    AttackTacticDefenseEvasion
    DefenseEvasion
    AttackTacticCredentialAccess
    CredentialAccess
    AttackTacticDiscovery
    Discovery
    AttackTacticLateralMovement
    LateralMovement
    AttackTacticCollection
    Collection
    AttackTacticExfiltration
    Exfiltration
    AttackTacticCommandAndControl
    CommandAndControl
    AttackTacticImpact
    Impact
    AttackTacticPreAttack
    PreAttack
    AttackTacticImpairProcessControl
    ImpairProcessControl
    AttackTacticInhibitResponseFunction
    InhibitResponseFunction
    Reconnaissance
    Reconnaissance
    ResourceDevelopment
    ResourceDevelopment
    InitialAccess
    InitialAccess
    Execution
    Execution
    Persistence
    Persistence
    PrivilegeEscalation
    PrivilegeEscalation
    DefenseEvasion
    DefenseEvasion
    CredentialAccess
    CredentialAccess
    Discovery
    Discovery
    LateralMovement
    LateralMovement
    Collection
    Collection
    Exfiltration
    Exfiltration
    CommandAndControl
    CommandAndControl
    Impact
    Impact
    PreAttack
    PreAttack
    ImpairProcessControl
    ImpairProcessControl
    InhibitResponseFunction
    InhibitResponseFunction
    Reconnaissance
    Reconnaissance
    ResourceDevelopment
    ResourceDevelopment
    InitialAccess
    InitialAccess
    Execution
    Execution
    Persistence
    Persistence
    PrivilegeEscalation
    PrivilegeEscalation
    DefenseEvasion
    DefenseEvasion
    CredentialAccess
    CredentialAccess
    Discovery
    Discovery
    LateralMovement
    LateralMovement
    Collection
    Collection
    Exfiltration
    Exfiltration
    CommandAndControl
    CommandAndControl
    Impact
    Impact
    PreAttack
    PreAttack
    ImpairProcessControl
    ImpairProcessControl
    InhibitResponseFunction
    InhibitResponseFunction
    RECONNAISSANCE
    Reconnaissance
    RESOURCE_DEVELOPMENT
    ResourceDevelopment
    INITIAL_ACCESS
    InitialAccess
    EXECUTION
    Execution
    PERSISTENCE
    Persistence
    PRIVILEGE_ESCALATION
    PrivilegeEscalation
    DEFENSE_EVASION
    DefenseEvasion
    CREDENTIAL_ACCESS
    CredentialAccess
    DISCOVERY
    Discovery
    LATERAL_MOVEMENT
    LateralMovement
    COLLECTION
    Collection
    EXFILTRATION
    Exfiltration
    COMMAND_AND_CONTROL
    CommandAndControl
    IMPACT
    Impact
    PRE_ATTACK
    PreAttack
    IMPAIR_PROCESS_CONTROL
    ImpairProcessControl
    INHIBIT_RESPONSE_FUNCTION
    InhibitResponseFunction
    "Reconnaissance"
    Reconnaissance
    "ResourceDevelopment"
    ResourceDevelopment
    "InitialAccess"
    InitialAccess
    "Execution"
    Execution
    "Persistence"
    Persistence
    "PrivilegeEscalation"
    PrivilegeEscalation
    "DefenseEvasion"
    DefenseEvasion
    "CredentialAccess"
    CredentialAccess
    "Discovery"
    Discovery
    "LateralMovement"
    LateralMovement
    "Collection"
    Collection
    "Exfiltration"
    Exfiltration
    "CommandAndControl"
    CommandAndControl
    "Impact"
    Impact
    "PreAttack"
    PreAttack
    "ImpairProcessControl"
    ImpairProcessControl
    "InhibitResponseFunction"
    InhibitResponseFunction

    HuntOwner, HuntOwnerArgs

    AssignedTo string
    The name of the user the hunt is assigned to.
    Email string
    The email of the user the hunt is assigned to.
    ObjectId string
    The object id of the user the hunt is assigned to.
    OwnerType string | Pulumi.AzureNative.SecurityInsights.OwnerType
    The type of the owner the hunt is assigned to.
    UserPrincipalName string
    The user principal name of the user the hunt is assigned to.
    AssignedTo string
    The name of the user the hunt is assigned to.
    Email string
    The email of the user the hunt is assigned to.
    ObjectId string
    The object id of the user the hunt is assigned to.
    OwnerType string | OwnerType
    The type of the owner the hunt is assigned to.
    UserPrincipalName string
    The user principal name of the user the hunt is assigned to.
    assignedTo String
    The name of the user the hunt is assigned to.
    email String
    The email of the user the hunt is assigned to.
    objectId String
    The object id of the user the hunt is assigned to.
    ownerType String | OwnerType
    The type of the owner the hunt is assigned to.
    userPrincipalName String
    The user principal name of the user the hunt is assigned to.
    assignedTo string
    The name of the user the hunt is assigned to.
    email string
    The email of the user the hunt is assigned to.
    objectId string
    The object id of the user the hunt is assigned to.
    ownerType string | OwnerType
    The type of the owner the hunt is assigned to.
    userPrincipalName string
    The user principal name of the user the hunt is assigned to.
    assigned_to str
    The name of the user the hunt is assigned to.
    email str
    The email of the user the hunt is assigned to.
    object_id str
    The object id of the user the hunt is assigned to.
    owner_type str | OwnerType
    The type of the owner the hunt is assigned to.
    user_principal_name str
    The user principal name of the user the hunt is assigned to.
    assignedTo String
    The name of the user the hunt is assigned to.
    email String
    The email of the user the hunt is assigned to.
    objectId String
    The object id of the user the hunt is assigned to.
    ownerType String | "Unknown" | "User" | "Group"
    The type of the owner the hunt is assigned to.
    userPrincipalName String
    The user principal name of the user the hunt is assigned to.

    HuntOwnerResponse, HuntOwnerResponseArgs

    AssignedTo string
    The name of the user the hunt is assigned to.
    Email string
    The email of the user the hunt is assigned to.
    ObjectId string
    The object id of the user the hunt is assigned to.
    OwnerType string
    The type of the owner the hunt is assigned to.
    UserPrincipalName string
    The user principal name of the user the hunt is assigned to.
    AssignedTo string
    The name of the user the hunt is assigned to.
    Email string
    The email of the user the hunt is assigned to.
    ObjectId string
    The object id of the user the hunt is assigned to.
    OwnerType string
    The type of the owner the hunt is assigned to.
    UserPrincipalName string
    The user principal name of the user the hunt is assigned to.
    assignedTo String
    The name of the user the hunt is assigned to.
    email String
    The email of the user the hunt is assigned to.
    objectId String
    The object id of the user the hunt is assigned to.
    ownerType String
    The type of the owner the hunt is assigned to.
    userPrincipalName String
    The user principal name of the user the hunt is assigned to.
    assignedTo string
    The name of the user the hunt is assigned to.
    email string
    The email of the user the hunt is assigned to.
    objectId string
    The object id of the user the hunt is assigned to.
    ownerType string
    The type of the owner the hunt is assigned to.
    userPrincipalName string
    The user principal name of the user the hunt is assigned to.
    assigned_to str
    The name of the user the hunt is assigned to.
    email str
    The email of the user the hunt is assigned to.
    object_id str
    The object id of the user the hunt is assigned to.
    owner_type str
    The type of the owner the hunt is assigned to.
    user_principal_name str
    The user principal name of the user the hunt is assigned to.
    assignedTo String
    The name of the user the hunt is assigned to.
    email String
    The email of the user the hunt is assigned to.
    objectId String
    The object id of the user the hunt is assigned to.
    ownerType String
    The type of the owner the hunt is assigned to.
    userPrincipalName String
    The user principal name of the user the hunt is assigned to.

    HypothesisStatus, HypothesisStatusArgs

    Unknown
    Unknown
    Invalidated
    Invalidated
    Validated
    Validated
    HypothesisStatusUnknown
    Unknown
    HypothesisStatusInvalidated
    Invalidated
    HypothesisStatusValidated
    Validated
    Unknown
    Unknown
    Invalidated
    Invalidated
    Validated
    Validated
    Unknown
    Unknown
    Invalidated
    Invalidated
    Validated
    Validated
    UNKNOWN
    Unknown
    INVALIDATED
    Invalidated
    VALIDATED
    Validated
    "Unknown"
    Unknown
    "Invalidated"
    Invalidated
    "Validated"
    Validated

    OwnerType, OwnerTypeArgs

    Unknown
    UnknownThe incident owner type is unknown
    User
    UserThe incident owner type is an AAD user
    Group
    GroupThe incident owner type is an AAD group
    OwnerTypeUnknown
    UnknownThe incident owner type is unknown
    OwnerTypeUser
    UserThe incident owner type is an AAD user
    OwnerTypeGroup
    GroupThe incident owner type is an AAD group
    Unknown
    UnknownThe incident owner type is unknown
    User
    UserThe incident owner type is an AAD user
    Group
    GroupThe incident owner type is an AAD group
    Unknown
    UnknownThe incident owner type is unknown
    User
    UserThe incident owner type is an AAD user
    Group
    GroupThe incident owner type is an AAD group
    UNKNOWN
    UnknownThe incident owner type is unknown
    USER
    UserThe incident owner type is an AAD user
    GROUP
    GroupThe incident owner type is an AAD group
    "Unknown"
    UnknownThe incident owner type is unknown
    "User"
    UserThe incident owner type is an AAD user
    "Group"
    GroupThe incident owner type is an AAD group

    Status, StatusArgs

    New
    New
    Active
    Active
    Closed
    Closed
    StatusNew
    New
    StatusActive
    Active
    StatusClosed
    Closed
    New
    New
    Active
    Active
    Closed
    Closed
    New
    New
    Active
    Active
    Closed
    Closed
    NEW
    New
    ACTIVE
    Active
    CLOSED
    Closed
    "New"
    New
    "Active"
    Active
    "Closed"
    Closed

    SystemDataResponse, SystemDataResponseArgs

    CreatedAt string
    The timestamp of resource creation (UTC).
    CreatedBy string
    The identity that created the resource.
    CreatedByType string
    The type of identity that created the resource.
    LastModifiedAt string
    The timestamp of resource last modification (UTC)
    LastModifiedBy string
    The identity that last modified the resource.
    LastModifiedByType string
    The type of identity that last modified the resource.
    CreatedAt string
    The timestamp of resource creation (UTC).
    CreatedBy string
    The identity that created the resource.
    CreatedByType string
    The type of identity that created the resource.
    LastModifiedAt string
    The timestamp of resource last modification (UTC)
    LastModifiedBy string
    The identity that last modified the resource.
    LastModifiedByType string
    The type of identity that last modified the resource.
    createdAt String
    The timestamp of resource creation (UTC).
    createdBy String
    The identity that created the resource.
    createdByType String
    The type of identity that created the resource.
    lastModifiedAt String
    The timestamp of resource last modification (UTC)
    lastModifiedBy String
    The identity that last modified the resource.
    lastModifiedByType String
    The type of identity that last modified the resource.
    createdAt string
    The timestamp of resource creation (UTC).
    createdBy string
    The identity that created the resource.
    createdByType string
    The type of identity that created the resource.
    lastModifiedAt string
    The timestamp of resource last modification (UTC)
    lastModifiedBy string
    The identity that last modified the resource.
    lastModifiedByType string
    The type of identity that last modified the resource.
    created_at str
    The timestamp of resource creation (UTC).
    created_by str
    The identity that created the resource.
    created_by_type str
    The type of identity that created the resource.
    last_modified_at str
    The timestamp of resource last modification (UTC)
    last_modified_by str
    The identity that last modified the resource.
    last_modified_by_type str
    The type of identity that last modified the resource.
    createdAt String
    The timestamp of resource creation (UTC).
    createdBy String
    The identity that created the resource.
    createdByType String
    The type of identity that created the resource.
    lastModifiedAt String
    The timestamp of resource last modification (UTC)
    lastModifiedBy String
    The identity that last modified the resource.
    lastModifiedByType String
    The type of identity that last modified the resource.

    Import

    An existing resource can be imported using its type token, name, and identifier, e.g.

    $ pulumi import azure-native:securityinsights:Hunt 163e7b2a-a2ec-4041-aaba-d878a38f265f /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId} 
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Azure Native pulumi/pulumi-azure-native
    License
    Apache-2.0
    azure-native logo
    This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
    Azure Native v2.73.0 published on Wednesday, Nov 20, 2024 by Pulumi