From 56ef1755e9ddd33fea8b06a6d5cf747fb197fa73 Mon Sep 17 00:00:00 2001 From: Nori Zhang Date: Mon, 16 Mar 2026 11:44:17 +1100 Subject: [PATCH] refresh doc --- .../Properties/AssemblyInfo.cs | 4 +-- .../docs/Az.SecurityInsights.md | 2 +- .../docs/Update-AzSentinelIncident.md | 2 +- .../examples/Update-AzSentinelIncident.md | 2 +- .../generate-info.json | 2 +- src/SecurityInsights/SecurityInsights.sln | 28 +++++++++---------- .../SecurityInsights/Az.SecurityInsights.psd1 | 12 ++++---- .../help/Get-AzSentinelEntity.md | 4 +-- .../help/Get-AzSentinelEntityActivity.md | 2 +- .../help/Get-AzSentinelEntityInsight.md | 2 +- .../help/New-AzSentinelAlertRule.md | 2 +- .../help/New-AzSentinelIncidentTeam.md | 2 +- .../help/Update-AzSentinelIncident.md | 2 +- 13 files changed, 33 insertions(+), 33 deletions(-) diff --git a/src/SecurityInsights/SecurityInsights.Autorest/Properties/AssemblyInfo.cs b/src/SecurityInsights/SecurityInsights.Autorest/Properties/AssemblyInfo.cs index 513eeb36568b..0824e48543ba 100644 --- a/src/SecurityInsights/SecurityInsights.Autorest/Properties/AssemblyInfo.cs +++ b/src/SecurityInsights/SecurityInsights.Autorest/Properties/AssemblyInfo.cs @@ -20,7 +20,7 @@ [assembly: System.Reflection.AssemblyCopyrightAttribute("Copyright © Microsoft")] [assembly: System.Reflection.AssemblyProductAttribute("Microsoft Azure PowerShell")] [assembly: System.Reflection.AssemblyTitleAttribute("Microsoft Azure PowerShell - SecurityInsights")] -[assembly: System.Reflection.AssemblyFileVersionAttribute("3.2.0")] -[assembly: System.Reflection.AssemblyVersionAttribute("3.2.0")] +[assembly: System.Reflection.AssemblyFileVersionAttribute("3.2.1")] +[assembly: System.Reflection.AssemblyVersionAttribute("3.2.1")] [assembly: System.Runtime.InteropServices.ComVisibleAttribute(false)] [assembly: System.CLSCompliantAttribute(false)] diff --git a/src/SecurityInsights/SecurityInsights.Autorest/docs/Az.SecurityInsights.md b/src/SecurityInsights/SecurityInsights.Autorest/docs/Az.SecurityInsights.md index f5c24b133584..f7b0424abc11 100644 --- a/src/SecurityInsights/SecurityInsights.Autorest/docs/Az.SecurityInsights.md +++ b/src/SecurityInsights/SecurityInsights.Autorest/docs/Az.SecurityInsights.md @@ -1,6 +1,6 @@ --- Module Name: Az.SecurityInsights -Module Guid: 30887292-63d0-435d-8713-830b8f4d72fc +Module Guid: a632df01-f50e-49fb-b2de-e91a0090c840 Download Help Link: https://learn.microsoft.com/powershell/module/az.securityinsights Help Version: 1.0.0.0 Locale: en-US diff --git a/src/SecurityInsights/SecurityInsights.Autorest/docs/Update-AzSentinelIncident.md b/src/SecurityInsights/SecurityInsights.Autorest/docs/Update-AzSentinelIncident.md index 9f1b02a6be39..0717d085fb92 100644 --- a/src/SecurityInsights/SecurityInsights.Autorest/docs/Update-AzSentinelIncident.md +++ b/src/SecurityInsights/SecurityInsights.Autorest/docs/Update-AzSentinelIncident.md @@ -42,7 +42,7 @@ Creates or updates the incident. ### Example 1: Update an Incident ```powershell -Update-AzSentinelIncident -ResourceGroupName "myResourceGroupName" -WorkspaceName "myWorkspaceName" -Id "4a21e485-75ae-48b3-a7b9-e6a92bcfe434" -OwnerAssignedTo "user@mydomain.local" +Update-AzSentinelIncident -ResourceGroupName "myResourceGroupName" -WorkspaceName "myWorkspaceName" -Id "4a21e485-75ae-48b3-a7b9-e6a92bcfe434" -Title "Suspicious login activity" -Status "Active" -Severity "Medium" -OwnerAssignedTo "user@mydomain.local" ``` This command updates an incident by assigning an owner. diff --git a/src/SecurityInsights/SecurityInsights.Autorest/examples/Update-AzSentinelIncident.md b/src/SecurityInsights/SecurityInsights.Autorest/examples/Update-AzSentinelIncident.md index b36833ada047..b3aa1fd9f3ae 100644 --- a/src/SecurityInsights/SecurityInsights.Autorest/examples/Update-AzSentinelIncident.md +++ b/src/SecurityInsights/SecurityInsights.Autorest/examples/Update-AzSentinelIncident.md @@ -1,6 +1,6 @@ ### Example 1: Update an Incident ```powershell -Update-AzSentinelIncident -ResourceGroupName "myResourceGroupName" -WorkspaceName "myWorkspaceName" -Id "4a21e485-75ae-48b3-a7b9-e6a92bcfe434" -OwnerAssignedTo "user@mydomain.local" +Update-AzSentinelIncident -ResourceGroupName "myResourceGroupName" -WorkspaceName "myWorkspaceName" -Id "4a21e485-75ae-48b3-a7b9-e6a92bcfe434" -Title "Suspicious login activity" -Status "Active" -Severity "Medium" -OwnerAssignedTo "user@mydomain.local" ``` This command updates an incident by assigning an owner. diff --git a/src/SecurityInsights/SecurityInsights.Autorest/generate-info.json b/src/SecurityInsights/SecurityInsights.Autorest/generate-info.json index f3ea29b29f2e..5dd7a1e25041 100644 --- a/src/SecurityInsights/SecurityInsights.Autorest/generate-info.json +++ b/src/SecurityInsights/SecurityInsights.Autorest/generate-info.json @@ -1,3 +1,3 @@ { - "generate_Id": "58940302-3b98-4896-afe1-c60435785545" + "generate_Id": "64af4f53-cbe3-46e5-8ddb-69f0f1aafdf3" } diff --git a/src/SecurityInsights/SecurityInsights.sln b/src/SecurityInsights/SecurityInsights.sln index 006545e6ee8f..6b86d46aa774 100644 --- a/src/SecurityInsights/SecurityInsights.sln +++ b/src/SecurityInsights/SecurityInsights.sln @@ -21,7 +21,7 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SecurityInsights", "Securit EndProject Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "SecurityInsights.Autorest", "SecurityInsights.Autorest", "{1F2C7E28-510C-0414-601C-25083DE2C7DC}" EndProject -Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Az.SecurityInsights", "..\..\generated\SecurityInsights\SecurityInsights.Autorest\Az.SecurityInsights.csproj", "{70594518-7121-4B9C-89A5-E64A44875C5B}" +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Az.SecurityInsights", "..\..\generated\SecurityInsights\SecurityInsights.Autorest\Az.SecurityInsights.csproj", "{18DB1672-687F-44AC-ADF6-2E239F3C791C}" EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution @@ -117,18 +117,18 @@ Global {F74A1659-4994-47CB-A786-DF83675AD4DF}.Release|x64.Build.0 = Release|Any CPU {F74A1659-4994-47CB-A786-DF83675AD4DF}.Release|x86.ActiveCfg = Release|Any CPU {F74A1659-4994-47CB-A786-DF83675AD4DF}.Release|x86.Build.0 = Release|Any CPU - {70594518-7121-4B9C-89A5-E64A44875C5B}.Debug|Any CPU.ActiveCfg = Debug|Any CPU - {70594518-7121-4B9C-89A5-E64A44875C5B}.Debug|Any CPU.Build.0 = Debug|Any CPU - {70594518-7121-4B9C-89A5-E64A44875C5B}.Debug|x64.ActiveCfg = Debug|Any CPU - {70594518-7121-4B9C-89A5-E64A44875C5B}.Debug|x64.Build.0 = Debug|Any CPU - {70594518-7121-4B9C-89A5-E64A44875C5B}.Debug|x86.ActiveCfg = Debug|Any CPU - {70594518-7121-4B9C-89A5-E64A44875C5B}.Debug|x86.Build.0 = Debug|Any CPU - {70594518-7121-4B9C-89A5-E64A44875C5B}.Release|Any CPU.ActiveCfg = Release|Any CPU - {70594518-7121-4B9C-89A5-E64A44875C5B}.Release|Any CPU.Build.0 = Release|Any CPU - {70594518-7121-4B9C-89A5-E64A44875C5B}.Release|x64.ActiveCfg = Release|Any CPU - {70594518-7121-4B9C-89A5-E64A44875C5B}.Release|x64.Build.0 = Release|Any CPU - {70594518-7121-4B9C-89A5-E64A44875C5B}.Release|x86.ActiveCfg = Release|Any CPU - {70594518-7121-4B9C-89A5-E64A44875C5B}.Release|x86.Build.0 = Release|Any CPU + {18DB1672-687F-44AC-ADF6-2E239F3C791C}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {18DB1672-687F-44AC-ADF6-2E239F3C791C}.Debug|Any CPU.Build.0 = Debug|Any CPU + {18DB1672-687F-44AC-ADF6-2E239F3C791C}.Debug|x64.ActiveCfg = Debug|Any CPU + {18DB1672-687F-44AC-ADF6-2E239F3C791C}.Debug|x64.Build.0 = Debug|Any CPU + {18DB1672-687F-44AC-ADF6-2E239F3C791C}.Debug|x86.ActiveCfg = Debug|Any CPU + {18DB1672-687F-44AC-ADF6-2E239F3C791C}.Debug|x86.Build.0 = Debug|Any CPU + {18DB1672-687F-44AC-ADF6-2E239F3C791C}.Release|Any CPU.ActiveCfg = Release|Any CPU + {18DB1672-687F-44AC-ADF6-2E239F3C791C}.Release|Any CPU.Build.0 = Release|Any CPU + {18DB1672-687F-44AC-ADF6-2E239F3C791C}.Release|x64.ActiveCfg = Release|Any CPU + {18DB1672-687F-44AC-ADF6-2E239F3C791C}.Release|x64.Build.0 = Release|Any CPU + {18DB1672-687F-44AC-ADF6-2E239F3C791C}.Release|x86.ActiveCfg = Release|Any CPU + {18DB1672-687F-44AC-ADF6-2E239F3C791C}.Release|x86.Build.0 = Release|Any CPU EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE @@ -140,6 +140,6 @@ Global {8DD4BC41-DC30-4267-ACBA-93FBD67044D9} = {F3681287-CEBF-4540-A820-B4B174AFF47F} {0FEAB705-FEE4-4B66-A6E1-F3FF3BA6B04C} = {F3681287-CEBF-4540-A820-B4B174AFF47F} {453F081C-D5FD-418E-95AF-231F1BAE1E8C} = {F3681287-CEBF-4540-A820-B4B174AFF47F} - {70594518-7121-4B9C-89A5-E64A44875C5B} = {1F2C7E28-510C-0414-601C-25083DE2C7DC} + {18DB1672-687F-44AC-ADF6-2E239F3C791C} = {1F2C7E28-510C-0414-601C-25083DE2C7DC} EndGlobalSection EndGlobal diff --git a/src/SecurityInsights/SecurityInsights/Az.SecurityInsights.psd1 b/src/SecurityInsights/SecurityInsights/Az.SecurityInsights.psd1 index e8770ffdad99..3bd60c11541f 100644 --- a/src/SecurityInsights/SecurityInsights/Az.SecurityInsights.psd1 +++ b/src/SecurityInsights/SecurityInsights/Az.SecurityInsights.psd1 @@ -3,7 +3,7 @@ # # Generated by: Microsoft Corporation # -# Generated on: 10/9/2025 +# Generated on: 3/16/2026 # @{ @@ -51,16 +51,16 @@ DotNetFrameworkVersion = '4.7.2' # ProcessorArchitecture = '' # Modules that must be imported into the global environment prior to importing this module -RequiredModules = @(@{ModuleName = 'Az.Accounts'; ModuleVersion = '5.3.0'; }) +RequiredModules = @(@{ModuleName = 'Az.Accounts'; ModuleVersion = '5.3.3'; }) # Assemblies that must be loaded prior to importing this module RequiredAssemblies = 'SecurityInsights.Autorest/bin/Az.SecurityInsights.private.dll' # Script files (.ps1) that are run in the caller's environment prior to importing this module. -# ScriptsToProcess = @() +ScriptsToProcess = @() # Type files (.ps1xml) to be loaded when importing this module -# TypesToProcess = @() +TypesToProcess = @() # Format files (.ps1xml) to be loaded when importing this module FormatsToProcess = 'SecurityInsights.Autorest/Az.SecurityInsights.format.ps1xml' @@ -129,7 +129,7 @@ PrivateData = @{ PSData = @{ # Tags applied to this module. These help with module discovery in online galleries. - Tags = 'Azure','ResourceManager','ARM','PSModule','SecurityInsights' + Tags = 'Azure', 'ResourceManager', 'ARM', 'PSModule', 'SecurityInsights' # A URL to the license for this module. LicenseUri = 'https://aka.ms/azps-license' @@ -154,7 +154,7 @@ PrivateData = @{ } # End of PSData hashtable - } # End of PrivateData hashtable +} # End of PrivateData hashtable # HelpInfo URI of this module # HelpInfoURI = '' diff --git a/src/SecurityInsights/SecurityInsights/help/Get-AzSentinelEntity.md b/src/SecurityInsights/SecurityInsights/help/Get-AzSentinelEntity.md index 22169e4d07a0..db412808a8c1 100644 --- a/src/SecurityInsights/SecurityInsights/help/Get-AzSentinelEntity.md +++ b/src/SecurityInsights/SecurityInsights/help/Get-AzSentinelEntity.md @@ -67,8 +67,8 @@ This command gets an Entity. ### Example 3: Get a Entity by object Id ```powershell -$Entities = Get-AzSentinelEntity -ResourceGroupName "myResourceGroupName" -workspaceName "myWorkspaceName" - $Entities[0] | Get-AzSentinelEntity +$Entitys = Get-AzSentinelEntity -ResourceGroupName "myResourceGroupName" -workspaceName "myWorkspaceName" + $Entitys[0] | Get-AzSentinelEntity ``` ```output diff --git a/src/SecurityInsights/SecurityInsights/help/Get-AzSentinelEntityActivity.md b/src/SecurityInsights/SecurityInsights/help/Get-AzSentinelEntityActivity.md index c088865e2370..087313838838 100644 --- a/src/SecurityInsights/SecurityInsights/help/Get-AzSentinelEntityActivity.md +++ b/src/SecurityInsights/SecurityInsights/help/Get-AzSentinelEntityActivity.md @@ -50,7 +50,7 @@ $Entity = Get-AzSentinelEntity -ResourceGroupName "myResourceGroupName" -workspa $Entity | Get-AzSentinelEntityActivity ``` -This command gets insights and activities for an Entity by object +This command gets insights and activies for an Entity by object ## PARAMETERS diff --git a/src/SecurityInsights/SecurityInsights/help/Get-AzSentinelEntityInsight.md b/src/SecurityInsights/SecurityInsights/help/Get-AzSentinelEntityInsight.md index d41f79e4c90a..cebb3df2c008 100644 --- a/src/SecurityInsights/SecurityInsights/help/Get-AzSentinelEntityInsight.md +++ b/src/SecurityInsights/SecurityInsights/help/Get-AzSentinelEntityInsight.md @@ -45,7 +45,7 @@ This command gets insights for an Entity for a given time range. ```powershell $startTime = (Get-Date).AddDays(-7).ToUniversalTime() | Get-Date -Format "yyyy-MM-ddThh:00:00.000Z" $endTime = (Get-Date).ToUniversalTime() | Get-Date -Format "yyyy-MM-ddThh:00:00.000Z" - $Entity = Get-AzSentinelEntity -ResourceGroupName "myResourceGroupName" -workspaceName "myWorkspaceName" -EntityId "00001111-aaaa-2222-bbbb-3333cccc4444" + $Entity = Get-AzSentinelEntity -ResourceGroupName "myResourceGroupName" -workspaceName "myWorkspaceName" -EntityId "8d036a2d-f37d-e936-6cca-4e172687cb79" $Entity | Get-AzSentinelEntityInsight -EndTime $endTime -StartTime $startTime ``` diff --git a/src/SecurityInsights/SecurityInsights/help/New-AzSentinelAlertRule.md b/src/SecurityInsights/SecurityInsights/help/New-AzSentinelAlertRule.md index 26898ec49b01..af77453a2758 100644 --- a/src/SecurityInsights/SecurityInsights/help/New-AzSentinelAlertRule.md +++ b/src/SecurityInsights/SecurityInsights/help/New-AzSentinelAlertRule.md @@ -96,7 +96,7 @@ This command creates an Alert Rule of the MicrosoftSecurityIncidentCreation kind ### Example 5: Create a Scheduled Alert Rule ```powershell -New-AzSentinelAlertRule -ResourceGroupName "myResourceGroup" -WorkspaceName "myWorkspaceName" -Kind Scheduled -Enabled -DisplayName "Powershell Execution Alert (Several Times per Hour)" -Severity Low -Query "SecurityEvent | where EventID == 4688" -QueryFrequency (New-TimeSpan -Hours 1) -QueryPeriod (New-TimeSpan -Hours 1) -TriggerThreshold 10 -TriggerOperator "GreaterThan" +New-AzSentinelAlertRule -ResourceGroupName "myResourceGroup" -WorkspaceName "myWorkspaceName" -Kind Scheduled -Enabled -DisplayName "Powershell Exection Alert (Several Times per Hour)" -Severity Low -Query "SecurityEvent | where EventId == 4688" -QueryFrequency (New-TimeSpan -Hours 1) -QueryPeriod (New-TimeSpan -Hours 1) -TriggerThreshold 10 ``` This command creates an Alert Rule of the Scheduled kind. diff --git a/src/SecurityInsights/SecurityInsights/help/New-AzSentinelIncidentTeam.md b/src/SecurityInsights/SecurityInsights/help/New-AzSentinelIncidentTeam.md index 312c575923ef..166d5d4be593 100644 --- a/src/SecurityInsights/SecurityInsights/help/New-AzSentinelIncidentTeam.md +++ b/src/SecurityInsights/SecurityInsights/help/New-AzSentinelIncidentTeam.md @@ -42,7 +42,7 @@ $incident = Get-AzSentinelIncident -ResourceGroupName "myResourceGroup" -Workspa Description : Name : Incident : NewIncident3 PrimaryChannelUrl : https://teams.microsoft.com/l/team/19:vYoGjeGlZmTEDmu0gTbrk9T_eDS4pKIkEU7UuM1IyZk1%40thread.tacv2/conversations?groupId=3c637cc5-caf1-46c7-93ac-069c6 - 4b05395&tenantId=00001111-aaaa-2222-bbbb-3333cccc4444 + 4b05395&tenantId=8f21ced5-2eff-4f8d-aff1-4dbb4cee8e3d TeamCreationTimeUtc : 2/4/2022 3:02:03 PM TeamId : 3c637cc5-caf1-46c7-93ac-069c64b05395 ``` diff --git a/src/SecurityInsights/SecurityInsights/help/Update-AzSentinelIncident.md b/src/SecurityInsights/SecurityInsights/help/Update-AzSentinelIncident.md index 67dba7296822..8c0ea14a3225 100644 --- a/src/SecurityInsights/SecurityInsights/help/Update-AzSentinelIncident.md +++ b/src/SecurityInsights/SecurityInsights/help/Update-AzSentinelIncident.md @@ -42,7 +42,7 @@ Creates or updates the incident. ### Example 1: Update an Incident ```powershell -Update-AzSentinelIncident -ResourceGroupName "myResourceGroupName" -WorkspaceName "myWorkspaceName" -Id "4a21e485-75ae-48b3-a7b9-e6a92bcfe434" -OwnerAssignedTo "user@mydomain.local" +Update-AzSentinelIncident -ResourceGroupName "myResourceGroupName" -WorkspaceName "myWorkspaceName" -Id "4a21e485-75ae-48b3-a7b9-e6a92bcfe434" -Title "Suspicious login activity" -Status "Active" -Severity "Medium" -OwnerAssignedTo "user@mydomain.local" ``` This command updates an incident by assigning an owner.