azure-native-v2.securityinsights.Hunt
Explore with Pulumi AI
Represents a Hunt in Azure Security Insights. Azure REST API version: 2023-06-01-preview.
Other available API versions: 2023-07-01-preview, 2023-08-01-preview, 2023-09-01-preview, 2023-10-01-preview, 2023-12-01-preview, 2024-01-01-preview, 2024-04-01-preview, 2024-10-01-preview.
Example Usage
Creates or updates a hunt.
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() => 
{
    var hunt = new AzureNative.SecurityInsights.Hunt("hunt", new()
    {
        AttackTactics = new[]
        {
            AzureNative.SecurityInsights.AttackTactic.Reconnaissance,
        },
        AttackTechniques = new[]
        {
            "T1595",
        },
        Description = "Log4J Hunt Description",
        DisplayName = "Log4J new hunt",
        HuntId = "163e7b2a-a2ec-4041-aaba-d878a38f265f",
        HypothesisStatus = AzureNative.SecurityInsights.HypothesisStatus.Unknown,
        Labels = new[]
        {
            "Label1",
            "Label2",
        },
        Owner = new AzureNative.SecurityInsights.Inputs.HuntOwnerArgs
        {
            ObjectId = "873b5263-5d34-4149-b356-ad341b01e123",
        },
        ResourceGroupName = "myRg",
        Status = AzureNative.SecurityInsights.Status.New,
        WorkspaceName = "myWorkspace",
    });
});
package main
import (
	securityinsights "github.com/pulumi/pulumi-azure-native-sdk/securityinsights/v2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := securityinsights.NewHunt(ctx, "hunt", &securityinsights.HuntArgs{
			AttackTactics: pulumi.StringArray{
				pulumi.String(securityinsights.AttackTacticReconnaissance),
			},
			AttackTechniques: pulumi.StringArray{
				pulumi.String("T1595"),
			},
			Description:      pulumi.String("Log4J Hunt Description"),
			DisplayName:      pulumi.String("Log4J new hunt"),
			HuntId:           pulumi.String("163e7b2a-a2ec-4041-aaba-d878a38f265f"),
			HypothesisStatus: pulumi.String(securityinsights.HypothesisStatusUnknown),
			Labels: pulumi.StringArray{
				pulumi.String("Label1"),
				pulumi.String("Label2"),
			},
			Owner: &securityinsights.HuntOwnerArgs{
				ObjectId: pulumi.String("873b5263-5d34-4149-b356-ad341b01e123"),
			},
			ResourceGroupName: pulumi.String("myRg"),
			Status:            pulumi.String(securityinsights.StatusNew),
			WorkspaceName:     pulumi.String("myWorkspace"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.securityinsights.Hunt;
import com.pulumi.azurenative.securityinsights.HuntArgs;
import com.pulumi.azurenative.securityinsights.inputs.HuntOwnerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var hunt = new Hunt("hunt", HuntArgs.builder()
            .attackTactics("Reconnaissance")
            .attackTechniques("T1595")
            .description("Log4J Hunt Description")
            .displayName("Log4J new hunt")
            .huntId("163e7b2a-a2ec-4041-aaba-d878a38f265f")
            .hypothesisStatus("Unknown")
            .labels(            
                "Label1",
                "Label2")
            .owner(HuntOwnerArgs.builder()
                .objectId("873b5263-5d34-4149-b356-ad341b01e123")
                .build())
            .resourceGroupName("myRg")
            .status("New")
            .workspaceName("myWorkspace")
            .build());
    }
}
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const hunt = new azure_native.securityinsights.Hunt("hunt", {
    attackTactics: [azure_native.securityinsights.AttackTactic.Reconnaissance],
    attackTechniques: ["T1595"],
    description: "Log4J Hunt Description",
    displayName: "Log4J new hunt",
    huntId: "163e7b2a-a2ec-4041-aaba-d878a38f265f",
    hypothesisStatus: azure_native.securityinsights.HypothesisStatus.Unknown,
    labels: [
        "Label1",
        "Label2",
    ],
    owner: {
        objectId: "873b5263-5d34-4149-b356-ad341b01e123",
    },
    resourceGroupName: "myRg",
    status: azure_native.securityinsights.Status.New,
    workspaceName: "myWorkspace",
});
import pulumi
import pulumi_azure_native as azure_native
hunt = azure_native.securityinsights.Hunt("hunt",
    attack_tactics=[azure_native.securityinsights.AttackTactic.RECONNAISSANCE],
    attack_techniques=["T1595"],
    description="Log4J Hunt Description",
    display_name="Log4J new hunt",
    hunt_id="163e7b2a-a2ec-4041-aaba-d878a38f265f",
    hypothesis_status=azure_native.securityinsights.HypothesisStatus.UNKNOWN,
    labels=[
        "Label1",
        "Label2",
    ],
    owner={
        "object_id": "873b5263-5d34-4149-b356-ad341b01e123",
    },
    resource_group_name="myRg",
    status=azure_native.securityinsights.Status.NEW,
    workspace_name="myWorkspace")
resources:
  hunt:
    type: azure-native:securityinsights:Hunt
    properties:
      attackTactics:
        - Reconnaissance
      attackTechniques:
        - T1595
      description: Log4J Hunt Description
      displayName: Log4J new hunt
      huntId: 163e7b2a-a2ec-4041-aaba-d878a38f265f
      hypothesisStatus: Unknown
      labels:
        - Label1
        - Label2
      owner:
        objectId: 873b5263-5d34-4149-b356-ad341b01e123
      resourceGroupName: myRg
      status: New
      workspaceName: myWorkspace
Create Hunt Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Hunt(name: string, args: HuntArgs, opts?: CustomResourceOptions);@overload
def Hunt(resource_name: str,
         args: HuntArgs,
         opts: Optional[ResourceOptions] = None)
@overload
def Hunt(resource_name: str,
         opts: Optional[ResourceOptions] = None,
         description: Optional[str] = None,
         display_name: Optional[str] = None,
         resource_group_name: Optional[str] = None,
         workspace_name: Optional[str] = None,
         attack_tactics: Optional[Sequence[Union[str, AttackTactic]]] = None,
         attack_techniques: Optional[Sequence[str]] = None,
         hunt_id: Optional[str] = None,
         hypothesis_status: Optional[Union[str, HypothesisStatus]] = None,
         labels: Optional[Sequence[str]] = None,
         owner: Optional[HuntOwnerArgs] = None,
         status: Optional[Union[str, Status]] = None)func NewHunt(ctx *Context, name string, args HuntArgs, opts ...ResourceOption) (*Hunt, error)public Hunt(string name, HuntArgs args, CustomResourceOptions? opts = null)type: azure-native:securityinsights:Hunt
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args HuntArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args HuntArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args HuntArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args HuntArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args HuntArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var huntResource = new AzureNative.Securityinsights.Hunt("huntResource", new()
{
    Description = "string",
    DisplayName = "string",
    ResourceGroupName = "string",
    WorkspaceName = "string",
    AttackTactics = new[]
    {
        "string",
    },
    AttackTechniques = new[]
    {
        "string",
    },
    HuntId = "string",
    HypothesisStatus = "string",
    Labels = new[]
    {
        "string",
    },
    Owner = 
    {
        { "assignedTo", "string" },
        { "email", "string" },
        { "objectId", "string" },
        { "ownerType", "string" },
        { "userPrincipalName", "string" },
    },
    Status = "string",
});
example, err := securityinsights.NewHunt(ctx, "huntResource", &securityinsights.HuntArgs{
	Description:       "string",
	DisplayName:       "string",
	ResourceGroupName: "string",
	WorkspaceName:     "string",
	AttackTactics: []string{
		"string",
	},
	AttackTechniques: []string{
		"string",
	},
	HuntId:           "string",
	HypothesisStatus: "string",
	Labels: []string{
		"string",
	},
	Owner: map[string]interface{}{
		"assignedTo":        "string",
		"email":             "string",
		"objectId":          "string",
		"ownerType":         "string",
		"userPrincipalName": "string",
	},
	Status: "string",
})
var huntResource = new Hunt("huntResource", HuntArgs.builder()
    .description("string")
    .displayName("string")
    .resourceGroupName("string")
    .workspaceName("string")
    .attackTactics(List.of("string"))
    .attackTechniques(List.of("string"))
    .huntId("string")
    .hypothesisStatus("string")
    .labels(List.of("string"))
    .owner(Map.ofEntries(
        Map.entry("assignedTo", "string"),
        Map.entry("email", "string"),
        Map.entry("objectId", "string"),
        Map.entry("ownerType", "string"),
        Map.entry("userPrincipalName", "string")
    ))
    .status("string")
    .build());
hunt_resource = azure_native.securityinsights.Hunt("huntResource",
    description=string,
    display_name=string,
    resource_group_name=string,
    workspace_name=string,
    attack_tactics=[string],
    attack_techniques=[string],
    hunt_id=string,
    hypothesis_status=string,
    labels=[string],
    owner={
        assignedTo: string,
        email: string,
        objectId: string,
        ownerType: string,
        userPrincipalName: string,
    },
    status=string)
const huntResource = new azure_native.securityinsights.Hunt("huntResource", {
    description: "string",
    displayName: "string",
    resourceGroupName: "string",
    workspaceName: "string",
    attackTactics: ["string"],
    attackTechniques: ["string"],
    huntId: "string",
    hypothesisStatus: "string",
    labels: ["string"],
    owner: {
        assignedTo: "string",
        email: "string",
        objectId: "string",
        ownerType: "string",
        userPrincipalName: "string",
    },
    status: "string",
});
type: azure-native:securityinsights:Hunt
properties:
    attackTactics:
        - string
    attackTechniques:
        - string
    description: string
    displayName: string
    huntId: string
    hypothesisStatus: string
    labels:
        - string
    owner:
        assignedTo: string
        email: string
        objectId: string
        ownerType: string
        userPrincipalName: string
    resourceGroupName: string
    status: string
    workspaceName: string
Hunt Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Hunt resource accepts the following input properties:
- Description string
- The description of the hunt
- DisplayName string
- The display name of the hunt
- ResourceGroup stringName 
- The name of the resource group. The name is case insensitive.
- WorkspaceName string
- The name of the workspace.
- AttackTactics List<Union<string, Pulumi.Azure Native. Security Insights. Attack Tactic>> 
- A list of mitre attack tactics the hunt is associated with
- AttackTechniques List<string>
- A list of a mitre attack techniques the hunt is associated with
- HuntId string
- The hunt id (GUID)
- HypothesisStatus string | Pulumi.Azure Native. Security Insights. Hypothesis Status 
- The hypothesis status of the hunt.
- Labels List<string>
- List of labels relevant to this hunt
- Owner
Pulumi.Azure Native. Security Insights. Inputs. Hunt Owner 
- Describes a user that the hunt is assigned to
- Status
string | Pulumi.Azure Native. Security Insights. Status 
- The status of the hunt.
- Description string
- The description of the hunt
- DisplayName string
- The display name of the hunt
- ResourceGroup stringName 
- The name of the resource group. The name is case insensitive.
- WorkspaceName string
- The name of the workspace.
- AttackTactics []string
- A list of mitre attack tactics the hunt is associated with
- AttackTechniques []string
- A list of a mitre attack techniques the hunt is associated with
- HuntId string
- The hunt id (GUID)
- HypothesisStatus string | HypothesisStatus 
- The hypothesis status of the hunt.
- Labels []string
- List of labels relevant to this hunt
- Owner
HuntOwner Args 
- Describes a user that the hunt is assigned to
- Status string | Status
- The status of the hunt.
- description String
- The description of the hunt
- displayName String
- The display name of the hunt
- resourceGroup StringName 
- The name of the resource group. The name is case insensitive.
- workspaceName String
- The name of the workspace.
- attackTactics List<Either<String,AttackTactic>> 
- A list of mitre attack tactics the hunt is associated with
- attackTechniques List<String>
- A list of a mitre attack techniques the hunt is associated with
- huntId String
- The hunt id (GUID)
- hypothesisStatus String | HypothesisStatus 
- The hypothesis status of the hunt.
- labels List<String>
- List of labels relevant to this hunt
- owner
HuntOwner 
- Describes a user that the hunt is assigned to
- status String | Status
- The status of the hunt.
- description string
- The description of the hunt
- displayName string
- The display name of the hunt
- resourceGroup stringName 
- The name of the resource group. The name is case insensitive.
- workspaceName string
- The name of the workspace.
- attackTactics (string | AttackTactic)[] 
- A list of mitre attack tactics the hunt is associated with
- attackTechniques string[]
- A list of a mitre attack techniques the hunt is associated with
- huntId string
- The hunt id (GUID)
- hypothesisStatus string | HypothesisStatus 
- The hypothesis status of the hunt.
- labels string[]
- List of labels relevant to this hunt
- owner
HuntOwner 
- Describes a user that the hunt is assigned to
- status string | Status
- The status of the hunt.
- description str
- The description of the hunt
- display_name str
- The display name of the hunt
- resource_group_ strname 
- The name of the resource group. The name is case insensitive.
- workspace_name str
- The name of the workspace.
- attack_tactics Sequence[Union[str, AttackTactic]] 
- A list of mitre attack tactics the hunt is associated with
- attack_techniques Sequence[str]
- A list of a mitre attack techniques the hunt is associated with
- hunt_id str
- The hunt id (GUID)
- hypothesis_status str | HypothesisStatus 
- The hypothesis status of the hunt.
- labels Sequence[str]
- List of labels relevant to this hunt
- owner
HuntOwner Args 
- Describes a user that the hunt is assigned to
- status str | Status
- The status of the hunt.
- description String
- The description of the hunt
- displayName String
- The display name of the hunt
- resourceGroup StringName 
- The name of the resource group. The name is case insensitive.
- workspaceName String
- The name of the workspace.
- attackTactics List<String | "Reconnaissance" | "ResourceDevelopment" | "Initial Access" | "Execution" | "Persistence" | "Privilege Escalation" | "Defense Evasion" | "Credential Access" | "Discovery" | "Lateral Movement" | "Collection" | "Exfiltration" | "Command And Control" | "Impact" | "Pre Attack" | "Impair Process Control" | "Inhibit Response Function"> 
- A list of mitre attack tactics the hunt is associated with
- attackTechniques List<String>
- A list of a mitre attack techniques the hunt is associated with
- huntId String
- The hunt id (GUID)
- hypothesisStatus String | "Unknown" | "Invalidated" | "Validated"
- The hypothesis status of the hunt.
- labels List<String>
- List of labels relevant to this hunt
- owner Property Map
- Describes a user that the hunt is assigned to
- status String | "New" | "Active" | "Closed"
- The status of the hunt.
Outputs
All input properties are implicitly available as output properties. Additionally, the Hunt resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- The name of the resource
- SystemData Pulumi.Azure Native. Security Insights. Outputs. System Data Response 
- Azure Resource Manager metadata containing createdBy and modifiedBy information.
- Type string
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- Etag string
- Etag of the azure resource
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- The name of the resource
- SystemData SystemData Response 
- Azure Resource Manager metadata containing createdBy and modifiedBy information.
- Type string
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- Etag string
- Etag of the azure resource
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- The name of the resource
- systemData SystemData Response 
- Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type String
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- etag String
- Etag of the azure resource
- id string
- The provider-assigned unique ID for this managed resource.
- name string
- The name of the resource
- systemData SystemData Response 
- Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type string
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- etag string
- Etag of the azure resource
- id str
- The provider-assigned unique ID for this managed resource.
- name str
- The name of the resource
- system_data SystemData Response 
- Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type str
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- etag str
- Etag of the azure resource
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- The name of the resource
- systemData Property Map
- Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type String
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- etag String
- Etag of the azure resource
Supporting Types
AttackTactic, AttackTacticArgs    
- Reconnaissance
- Reconnaissance
- ResourceDevelopment 
- ResourceDevelopment
- InitialAccess 
- InitialAccess
- Execution
- Execution
- Persistence
- Persistence
- PrivilegeEscalation 
- PrivilegeEscalation
- DefenseEvasion 
- DefenseEvasion
- CredentialAccess 
- CredentialAccess
- Discovery
- Discovery
- LateralMovement 
- LateralMovement
- Collection
- Collection
- Exfiltration
- Exfiltration
- CommandAnd Control 
- CommandAndControl
- Impact
- Impact
- PreAttack 
- PreAttack
- ImpairProcess Control 
- ImpairProcessControl
- InhibitResponse Function 
- InhibitResponseFunction
- AttackTactic Reconnaissance 
- Reconnaissance
- AttackTactic Resource Development 
- ResourceDevelopment
- AttackTactic Initial Access 
- InitialAccess
- AttackTactic Execution 
- Execution
- AttackTactic Persistence 
- Persistence
- AttackTactic Privilege Escalation 
- PrivilegeEscalation
- AttackTactic Defense Evasion 
- DefenseEvasion
- AttackTactic Credential Access 
- CredentialAccess
- AttackTactic Discovery 
- Discovery
- AttackTactic Lateral Movement 
- LateralMovement
- AttackTactic Collection 
- Collection
- AttackTactic Exfiltration 
- Exfiltration
- AttackTactic Command And Control 
- CommandAndControl
- AttackTactic Impact 
- Impact
- AttackTactic Pre Attack 
- PreAttack
- AttackTactic Impair Process Control 
- ImpairProcessControl
- AttackTactic Inhibit Response Function 
- InhibitResponseFunction
- Reconnaissance
- Reconnaissance
- ResourceDevelopment 
- ResourceDevelopment
- InitialAccess 
- InitialAccess
- Execution
- Execution
- Persistence
- Persistence
- PrivilegeEscalation 
- PrivilegeEscalation
- DefenseEvasion 
- DefenseEvasion
- CredentialAccess 
- CredentialAccess
- Discovery
- Discovery
- LateralMovement 
- LateralMovement
- Collection
- Collection
- Exfiltration
- Exfiltration
- CommandAnd Control 
- CommandAndControl
- Impact
- Impact
- PreAttack 
- PreAttack
- ImpairProcess Control 
- ImpairProcessControl
- InhibitResponse Function 
- InhibitResponseFunction
- Reconnaissance
- Reconnaissance
- ResourceDevelopment 
- ResourceDevelopment
- InitialAccess 
- InitialAccess
- Execution
- Execution
- Persistence
- Persistence
- PrivilegeEscalation 
- PrivilegeEscalation
- DefenseEvasion 
- DefenseEvasion
- CredentialAccess 
- CredentialAccess
- Discovery
- Discovery
- LateralMovement 
- LateralMovement
- Collection
- Collection
- Exfiltration
- Exfiltration
- CommandAnd Control 
- CommandAndControl
- Impact
- Impact
- PreAttack 
- PreAttack
- ImpairProcess Control 
- ImpairProcessControl
- InhibitResponse Function 
- InhibitResponseFunction
- RECONNAISSANCE
- Reconnaissance
- RESOURCE_DEVELOPMENT
- ResourceDevelopment
- INITIAL_ACCESS
- InitialAccess
- EXECUTION
- Execution
- PERSISTENCE
- Persistence
- PRIVILEGE_ESCALATION
- PrivilegeEscalation
- DEFENSE_EVASION
- DefenseEvasion
- CREDENTIAL_ACCESS
- CredentialAccess
- DISCOVERY
- Discovery
- LATERAL_MOVEMENT
- LateralMovement
- COLLECTION
- Collection
- EXFILTRATION
- Exfiltration
- COMMAND_AND_CONTROL
- CommandAndControl
- IMPACT
- Impact
- PRE_ATTACK
- PreAttack
- IMPAIR_PROCESS_CONTROL
- ImpairProcessControl
- INHIBIT_RESPONSE_FUNCTION
- InhibitResponseFunction
- "Reconnaissance"
- Reconnaissance
- "ResourceDevelopment" 
- ResourceDevelopment
- "InitialAccess" 
- InitialAccess
- "Execution"
- Execution
- "Persistence"
- Persistence
- "PrivilegeEscalation" 
- PrivilegeEscalation
- "DefenseEvasion" 
- DefenseEvasion
- "CredentialAccess" 
- CredentialAccess
- "Discovery"
- Discovery
- "LateralMovement" 
- LateralMovement
- "Collection"
- Collection
- "Exfiltration"
- Exfiltration
- "CommandAnd Control" 
- CommandAndControl
- "Impact"
- Impact
- "PreAttack" 
- PreAttack
- "ImpairProcess Control" 
- ImpairProcessControl
- "InhibitResponse Function" 
- InhibitResponseFunction
HuntOwner, HuntOwnerArgs    
- AssignedTo string
- The name of the user the hunt is assigned to.
- Email string
- The email of the user the hunt is assigned to.
- ObjectId string
- The object id of the user the hunt is assigned to.
- OwnerType string | Pulumi.Azure Native. Security Insights. Owner Type 
- The type of the owner the hunt is assigned to.
- UserPrincipal stringName 
- The user principal name of the user the hunt is assigned to.
- AssignedTo string
- The name of the user the hunt is assigned to.
- Email string
- The email of the user the hunt is assigned to.
- ObjectId string
- The object id of the user the hunt is assigned to.
- OwnerType string | OwnerType 
- The type of the owner the hunt is assigned to.
- UserPrincipal stringName 
- The user principal name of the user the hunt is assigned to.
- assignedTo String
- The name of the user the hunt is assigned to.
- email String
- The email of the user the hunt is assigned to.
- objectId String
- The object id of the user the hunt is assigned to.
- ownerType String | OwnerType 
- The type of the owner the hunt is assigned to.
- userPrincipal StringName 
- The user principal name of the user the hunt is assigned to.
- assignedTo string
- The name of the user the hunt is assigned to.
- email string
- The email of the user the hunt is assigned to.
- objectId string
- The object id of the user the hunt is assigned to.
- ownerType string | OwnerType 
- The type of the owner the hunt is assigned to.
- userPrincipal stringName 
- The user principal name of the user the hunt is assigned to.
- assigned_to str
- The name of the user the hunt is assigned to.
- email str
- The email of the user the hunt is assigned to.
- object_id str
- The object id of the user the hunt is assigned to.
- owner_type str | OwnerType 
- The type of the owner the hunt is assigned to.
- user_principal_ strname 
- The user principal name of the user the hunt is assigned to.
- assignedTo String
- The name of the user the hunt is assigned to.
- email String
- The email of the user the hunt is assigned to.
- objectId String
- The object id of the user the hunt is assigned to.
- ownerType String | "Unknown" | "User" | "Group"
- The type of the owner the hunt is assigned to.
- userPrincipal StringName 
- The user principal name of the user the hunt is assigned to.
HuntOwnerResponse, HuntOwnerResponseArgs      
- AssignedTo string
- The name of the user the hunt is assigned to.
- Email string
- The email of the user the hunt is assigned to.
- ObjectId string
- The object id of the user the hunt is assigned to.
- OwnerType string
- The type of the owner the hunt is assigned to.
- UserPrincipal stringName 
- The user principal name of the user the hunt is assigned to.
- AssignedTo string
- The name of the user the hunt is assigned to.
- Email string
- The email of the user the hunt is assigned to.
- ObjectId string
- The object id of the user the hunt is assigned to.
- OwnerType string
- The type of the owner the hunt is assigned to.
- UserPrincipal stringName 
- The user principal name of the user the hunt is assigned to.
- assignedTo String
- The name of the user the hunt is assigned to.
- email String
- The email of the user the hunt is assigned to.
- objectId String
- The object id of the user the hunt is assigned to.
- ownerType String
- The type of the owner the hunt is assigned to.
- userPrincipal StringName 
- The user principal name of the user the hunt is assigned to.
- assignedTo string
- The name of the user the hunt is assigned to.
- email string
- The email of the user the hunt is assigned to.
- objectId string
- The object id of the user the hunt is assigned to.
- ownerType string
- The type of the owner the hunt is assigned to.
- userPrincipal stringName 
- The user principal name of the user the hunt is assigned to.
- assigned_to str
- The name of the user the hunt is assigned to.
- email str
- The email of the user the hunt is assigned to.
- object_id str
- The object id of the user the hunt is assigned to.
- owner_type str
- The type of the owner the hunt is assigned to.
- user_principal_ strname 
- The user principal name of the user the hunt is assigned to.
- assignedTo String
- The name of the user the hunt is assigned to.
- email String
- The email of the user the hunt is assigned to.
- objectId String
- The object id of the user the hunt is assigned to.
- ownerType String
- The type of the owner the hunt is assigned to.
- userPrincipal StringName 
- The user principal name of the user the hunt is assigned to.
HypothesisStatus, HypothesisStatusArgs    
- Unknown
- Unknown
- Invalidated
- Invalidated
- Validated
- Validated
- HypothesisStatus Unknown 
- Unknown
- HypothesisStatus Invalidated 
- Invalidated
- HypothesisStatus Validated 
- Validated
- Unknown
- Unknown
- Invalidated
- Invalidated
- Validated
- Validated
- Unknown
- Unknown
- Invalidated
- Invalidated
- Validated
- Validated
- UNKNOWN
- Unknown
- INVALIDATED
- Invalidated
- VALIDATED
- Validated
- "Unknown"
- Unknown
- "Invalidated"
- Invalidated
- "Validated"
- Validated
OwnerType, OwnerTypeArgs    
- Unknown
- UnknownThe incident owner type is unknown
- User
- UserThe incident owner type is an AAD user
- Group
- GroupThe incident owner type is an AAD group
- OwnerType Unknown 
- UnknownThe incident owner type is unknown
- OwnerType User 
- UserThe incident owner type is an AAD user
- OwnerType Group 
- GroupThe incident owner type is an AAD group
- Unknown
- UnknownThe incident owner type is unknown
- User
- UserThe incident owner type is an AAD user
- Group
- GroupThe incident owner type is an AAD group
- Unknown
- UnknownThe incident owner type is unknown
- User
- UserThe incident owner type is an AAD user
- Group
- GroupThe incident owner type is an AAD group
- UNKNOWN
- UnknownThe incident owner type is unknown
- USER
- UserThe incident owner type is an AAD user
- GROUP
- GroupThe incident owner type is an AAD group
- "Unknown"
- UnknownThe incident owner type is unknown
- "User"
- UserThe incident owner type is an AAD user
- "Group"
- GroupThe incident owner type is an AAD group
Status, StatusArgs  
- New
- New
- Active
- Active
- Closed
- Closed
- StatusNew 
- New
- StatusActive 
- Active
- StatusClosed 
- Closed
- New
- New
- Active
- Active
- Closed
- Closed
- New
- New
- Active
- Active
- Closed
- Closed
- NEW
- New
- ACTIVE
- Active
- CLOSED
- Closed
- "New"
- New
- "Active"
- Active
- "Closed"
- Closed
SystemDataResponse, SystemDataResponseArgs      
- CreatedAt string
- The timestamp of resource creation (UTC).
- CreatedBy string
- The identity that created the resource.
- CreatedBy stringType 
- The type of identity that created the resource.
- LastModified stringAt 
- The timestamp of resource last modification (UTC)
- LastModified stringBy 
- The identity that last modified the resource.
- LastModified stringBy Type 
- The type of identity that last modified the resource.
- CreatedAt string
- The timestamp of resource creation (UTC).
- CreatedBy string
- The identity that created the resource.
- CreatedBy stringType 
- The type of identity that created the resource.
- LastModified stringAt 
- The timestamp of resource last modification (UTC)
- LastModified stringBy 
- The identity that last modified the resource.
- LastModified stringBy Type 
- The type of identity that last modified the resource.
- createdAt String
- The timestamp of resource creation (UTC).
- createdBy String
- The identity that created the resource.
- createdBy StringType 
- The type of identity that created the resource.
- lastModified StringAt 
- The timestamp of resource last modification (UTC)
- lastModified StringBy 
- The identity that last modified the resource.
- lastModified StringBy Type 
- The type of identity that last modified the resource.
- createdAt string
- The timestamp of resource creation (UTC).
- createdBy string
- The identity that created the resource.
- createdBy stringType 
- The type of identity that created the resource.
- lastModified stringAt 
- The timestamp of resource last modification (UTC)
- lastModified stringBy 
- The identity that last modified the resource.
- lastModified stringBy Type 
- The type of identity that last modified the resource.
- created_at str
- The timestamp of resource creation (UTC).
- created_by str
- The identity that created the resource.
- created_by_ strtype 
- The type of identity that created the resource.
- last_modified_ strat 
- The timestamp of resource last modification (UTC)
- last_modified_ strby 
- The identity that last modified the resource.
- last_modified_ strby_ type 
- The type of identity that last modified the resource.
- createdAt String
- The timestamp of resource creation (UTC).
- createdBy String
- The identity that created the resource.
- createdBy StringType 
- The type of identity that created the resource.
- lastModified StringAt 
- The timestamp of resource last modification (UTC)
- lastModified StringBy 
- The identity that last modified the resource.
- lastModified StringBy Type 
- The type of identity that last modified the resource.
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:securityinsights:Hunt 163e7b2a-a2ec-4041-aaba-d878a38f265f /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId} 
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- azure-native-v2 pulumi/pulumi-azure-native
- License
- Apache-2.0