Resources/ModuleSpecs/Az/6.1.0/Az.SecurityInsights.1.0.0.Cmdlets.json
[
{ "Command": "Get-AzSentinelAlertRuleAction", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "AlertRuleId", "Aliases": null }, { "Name": "ActionId", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] } ] }, { "Command": "New-AzSentinelAlertRuleAction", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "AlertRuleId", "Aliases": null }, { "Name": "ActionId", "Aliases": null }, { "Name": "LogicAppResourceId", "Aliases": null }, { "Name": "TriggerUri", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] }, { "Name": "WhatIf", "Aliases": [ "wi" ] }, { "Name": "Confirm", "Aliases": [ "cf" ] } ] }, { "Command": "Remove-AzSentinelAlertRuleAction", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "AlertRuleId", "Aliases": null }, { "Name": "ActionId", "Aliases": null }, { "Name": "InputObject", "Aliases": null }, { "Name": "PassThru", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] }, { "Name": "WhatIf", "Aliases": [ "wi" ] }, { "Name": "Confirm", "Aliases": [ "cf" ] } ] }, { "Command": "Update-AzSentinelAlertRuleAction", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "AlertRuleId", "Aliases": null }, { "Name": "ActionId", "Aliases": null }, { "Name": "LogicAppResourceId", "Aliases": null }, { "Name": "TriggerUri", "Aliases": null }, { "Name": "InputObject", "Aliases": null }, { "Name": "ResourceId", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] }, { "Name": "WhatIf", "Aliases": [ "wi" ] }, { "Name": "Confirm", "Aliases": [ "cf" ] } ] }, { "Command": "Get-AzSentinelAlertRule", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "AlertRuleId", "Aliases": null }, { "Name": "ResourceId", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] } ] }, { "Command": "New-AzSentinelAlertRule", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "Scheduled", "Aliases": null }, { "Name": "MicrosoftSecurityIncidentCreation", "Aliases": null }, { "Name": "Fusion", "Aliases": null }, { "Name": "AlertRuleId", "Aliases": null }, { "Name": "AlertRuleTemplateName", "Aliases": null }, { "Name": "Enabled", "Aliases": null }, { "Name": "DisplayName", "Aliases": null }, { "Name": "ProductFilter", "Aliases": null }, { "Name": "Description", "Aliases": null }, { "Name": "DisplayNamesExcludeFilter", "Aliases": null }, { "Name": "DisplayNamesFilter", "Aliases": null }, { "Name": "SeveritiesFilter", "Aliases": null }, { "Name": "SuppressionDuration", "Aliases": null }, { "Name": "SuppressionEnabled", "Aliases": null }, { "Name": "Query", "Aliases": null }, { "Name": "QueryFrequency", "Aliases": null }, { "Name": "QueryPeriod", "Aliases": null }, { "Name": "Severity", "Aliases": null }, { "Name": "Tactic", "Aliases": null }, { "Name": "TriggerOperator", "Aliases": null }, { "Name": "TriggerThreshold", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] }, { "Name": "WhatIf", "Aliases": [ "wi" ] }, { "Name": "Confirm", "Aliases": [ "cf" ] } ] }, { "Command": "Remove-AzSentinelAlertRule", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "AlertRuleId", "Aliases": null }, { "Name": "InputObject", "Aliases": null }, { "Name": "PassThru", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] }, { "Name": "WhatIf", "Aliases": [ "wi" ] }, { "Name": "Confirm", "Aliases": [ "cf" ] } ] }, { "Command": "Update-AzSentinelAlertRule", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "AlertRuleId", "Aliases": null }, { "Name": "AlertRuleTemplateName", "Aliases": null }, { "Name": "Enabled", "Aliases": null }, { "Name": "Disabled", "Aliases": null }, { "Name": "DisplayName", "Aliases": null }, { "Name": "ProductFilter", "Aliases": null }, { "Name": "Description", "Aliases": null }, { "Name": "DisplayNamesExcludeFilter", "Aliases": null }, { "Name": "DisplayNamesFilter", "Aliases": null }, { "Name": "SeveritiesFilter", "Aliases": null }, { "Name": "SuppressionDuration", "Aliases": null }, { "Name": "SuppressionEnabled", "Aliases": null }, { "Name": "SuppressionDisabled", "Aliases": null }, { "Name": "Query", "Aliases": null }, { "Name": "QueryFrequency", "Aliases": null }, { "Name": "QueryPeriod", "Aliases": null }, { "Name": "Severity", "Aliases": null }, { "Name": "Tactic", "Aliases": null }, { "Name": "TriggerOperator", "Aliases": null }, { "Name": "TriggerThreshold", "Aliases": null }, { "Name": "InputObject", "Aliases": null }, { "Name": "ResourceId", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] }, { "Name": "WhatIf", "Aliases": [ "wi" ] }, { "Name": "Confirm", "Aliases": [ "cf" ] } ] }, { "Command": "Get-AzSentinelAlertRuleTemplate", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "AlertRuleTemplateId", "Aliases": null }, { "Name": "ResourceId", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] } ] }, { "Command": "Get-AzSentinelBookmark", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "BookmarkId", "Aliases": null }, { "Name": "ResourceId", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] } ] }, { "Command": "New-AzSentinelBookmark", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "BookmarkId", "Aliases": null }, { "Name": "DisplayName", "Aliases": null }, { "Name": "IncidentInfo", "Aliases": null }, { "Name": "Label", "Aliases": null }, { "Name": "Note", "Aliases": null }, { "Name": "Query", "Aliases": null }, { "Name": "QueryResult", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] }, { "Name": "WhatIf", "Aliases": [ "wi" ] }, { "Name": "Confirm", "Aliases": [ "cf" ] } ] }, { "Command": "Remove-AzSentinelBookmark", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "BookmarkId", "Aliases": null }, { "Name": "InputObject", "Aliases": null }, { "Name": "PassThru", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] }, { "Name": "WhatIf", "Aliases": [ "wi" ] }, { "Name": "Confirm", "Aliases": [ "cf" ] } ] }, { "Command": "Update-AzSentinelBookmark", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "BookmarkId", "Aliases": null }, { "Name": "InputObject", "Aliases": null }, { "Name": "ResourceId", "Aliases": null }, { "Name": "DisplayName", "Aliases": null }, { "Name": "IncidentInfo", "Aliases": null }, { "Name": "Label", "Aliases": null }, { "Name": "Note", "Aliases": null }, { "Name": "Query", "Aliases": null }, { "Name": "QueryResult", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] }, { "Name": "WhatIf", "Aliases": [ "wi" ] }, { "Name": "Confirm", "Aliases": [ "cf" ] } ] }, { "Command": "Get-AzSentinelDataConnector", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "DataConnectorId", "Aliases": null }, { "Name": "ResourceId", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] } ] }, { "Command": "New-AzSentinelDataConnector", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "DataConnectorId", "Aliases": null }, { "Name": "AzureActiveDirectory", "Aliases": null }, { "Name": "AzureAdvancedThreatProtection", "Aliases": null }, { "Name": "AzureSecurityCenter", "Aliases": null }, { "Name": "AmazonWebServicesCloudTrail", "Aliases": null }, { "Name": "MicrosoftCloudAppSecurity", "Aliases": null }, { "Name": "MicrosoftDefenderAdvancedThreatProtection", "Aliases": null }, { "Name": "Office365", "Aliases": null }, { "Name": "ThreatIntelligence", "Aliases": null }, { "Name": "Alerts", "Aliases": null }, { "Name": "SubscriptionId", "Aliases": null }, { "Name": "AwsRoleArn", "Aliases": null }, { "Name": "Logs", "Aliases": null }, { "Name": "DiscoveryLogs", "Aliases": null }, { "Name": "Exchange", "Aliases": null }, { "Name": "SharePoint", "Aliases": null }, { "Name": "Teams", "Aliases": null }, { "Name": "Indicators", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] }, { "Name": "WhatIf", "Aliases": [ "wi" ] }, { "Name": "Confirm", "Aliases": [ "cf" ] } ] }, { "Command": "Remove-AzSentinelDataConnector", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "DataConnectorId", "Aliases": null }, { "Name": "InputObject", "Aliases": null }, { "Name": "PassThru", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] }, { "Name": "WhatIf", "Aliases": [ "wi" ] }, { "Name": "Confirm", "Aliases": [ "cf" ] } ] }, { "Command": "Update-AzSentinelDataConnector", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "DataConnectorId", "Aliases": null }, { "Name": "InputObject", "Aliases": null }, { "Name": "ResourceId", "Aliases": null }, { "Name": "Alerts", "Aliases": null }, { "Name": "SubscriptionId", "Aliases": null }, { "Name": "AwsRoleArn", "Aliases": null }, { "Name": "Logs", "Aliases": null }, { "Name": "DiscoveryLogs", "Aliases": null }, { "Name": "Exchange", "Aliases": null }, { "Name": "SharePoint", "Aliases": null }, { "Name": "Teams", "Aliases": null }, { "Name": "Indicators", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] }, { "Name": "WhatIf", "Aliases": [ "wi" ] }, { "Name": "Confirm", "Aliases": [ "cf" ] } ] }, { "Command": "Get-AzSentinelIncidentComment", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "IncidentId", "Aliases": null }, { "Name": "IncidentCommentId", "Aliases": null }, { "Name": "ResourceId", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] } ] }, { "Command": "New-AzSentinelIncidentComment", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "IncidentId", "Aliases": null }, { "Name": "IncidentCommentId", "Aliases": null }, { "Name": "Message", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] }, { "Name": "WhatIf", "Aliases": [ "wi" ] }, { "Name": "Confirm", "Aliases": [ "cf" ] } ] }, { "Command": "Get-AzSentinelIncident", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "IncidentId", "Aliases": null }, { "Name": "ResourceId", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] } ] }, { "Command": "New-AzSentinelIncident", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "IncidentId", "Aliases": null }, { "Name": "Classificaton", "Aliases": null }, { "Name": "ClassificationComment", "Aliases": null }, { "Name": "ClassificationReason", "Aliases": null }, { "Name": "Description", "Aliases": null }, { "Name": "Label", "Aliases": null }, { "Name": "Owner", "Aliases": null }, { "Name": "Severity", "Aliases": null }, { "Name": "Status", "Aliases": null }, { "Name": "Title", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] }, { "Name": "WhatIf", "Aliases": [ "wi" ] }, { "Name": "Confirm", "Aliases": [ "cf" ] } ] }, { "Command": "New-AzSentinelIncidentOwner", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "AssignedTo", "Aliases": null }, { "Name": "Email", "Aliases": null }, { "Name": "ObjectId", "Aliases": null }, { "Name": "UserPrincipalName", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] }, { "Name": "WhatIf", "Aliases": [ "wi" ] }, { "Name": "Confirm", "Aliases": [ "cf" ] } ] }, { "Command": "Remove-AzSentinelIncident", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "IncidentId", "Aliases": null }, { "Name": "InputObject", "Aliases": null }, { "Name": "PassThru", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] }, { "Name": "WhatIf", "Aliases": [ "wi" ] }, { "Name": "Confirm", "Aliases": [ "cf" ] } ] }, { "Command": "Update-AzSentinelIncident", "IsAlias": false, "SupportsDynamicParameters": false, "SourceModule": "Az.SecurityInsights", "Version": "1.0.0", "Parameters": [ { "Name": "ResourceGroupName", "Aliases": null }, { "Name": "WorkspaceName", "Aliases": null }, { "Name": "IncidentID", "Aliases": null }, { "Name": "InputObject", "Aliases": null }, { "Name": "ResourceId", "Aliases": null }, { "Name": "Classification", "Aliases": null }, { "Name": "ClassificationComment", "Aliases": null }, { "Name": "ClassificationReason", "Aliases": null }, { "Name": "Description", "Aliases": null }, { "Name": "Label", "Aliases": null }, { "Name": "Owner", "Aliases": null }, { "Name": "Severity", "Aliases": null }, { "Name": "Status", "Aliases": null }, { "Name": "Title", "Aliases": null }, { "Name": "DefaultProfile", "Aliases": [ "AzContext", "AzureRmContext", "AzureCredential" ] }, { "Name": "WhatIf", "Aliases": [ "wi" ] }, { "Name": "Confirm", "Aliases": [ "cf" ] } ] } ] |