Azure Native v2.89.1, Mar 2 25

This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.

Azure Native v2.89.1 published on Sunday, Mar 2, 2025 by Pulumi

pulumi/pulumi-azure-native

azure-native.securityinsights.getEntitiesGetTimeline

Explore with Pulumi AI

This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.

Azure Native v2.89.1 published on Sunday, Mar 2, 2025 by Pulumi

pulumi/pulumi-azure-native

Other available API versions: 2019-01-01-preview, 2021-09-01-preview, 2021-10-01-preview, 2022-01-01-preview, 2022-04-01-preview, 2022-05-01-preview, 2022-06-01-preview, 2022-07-01-preview, 2022-08-01-preview, 2022-09-01-preview, 2022-10-01-preview, 2022-11-01-preview, 2022-12-01-preview, 2023-02-01-preview, 2023-03-01-preview, 2023-04-01-preview, 2023-05-01-preview, 2023-07-01-preview, 2023-08-01-preview, 2023-09-01-preview, 2023-10-01-preview, 2023-12-01-preview, 2024-01-01-preview, 2024-04-01-preview, 2024-10-01-preview, 2025-01-01-preview.

Using getEntitiesGetTimeline

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getEntitiesGetTimeline(args: GetEntitiesGetTimelineArgs, opts?: InvokeOptions): Promise<GetEntitiesGetTimelineResult>
function getEntitiesGetTimelineOutput(args: GetEntitiesGetTimelineOutputArgs, opts?: InvokeOptions): Output<GetEntitiesGetTimelineResult>

def get_entities_get_timeline(end_time: Optional[str] = None,
                              entity_id: Optional[str] = None,
                              kinds: Optional[Sequence[Union[str, EntityTimelineKind]]] = None,
                              number_of_bucket: Optional[int] = None,
                              resource_group_name: Optional[str] = None,
                              start_time: Optional[str] = None,
                              workspace_name: Optional[str] = None,
                              opts: Optional[InvokeOptions] = None) -> GetEntitiesGetTimelineResult
def get_entities_get_timeline_output(end_time: Optional[pulumi.Input[str]] = None,
                              entity_id: Optional[pulumi.Input[str]] = None,
                              kinds: Optional[pulumi.Input[Sequence[pulumi.Input[Union[str, EntityTimelineKind]]]]] = None,
                              number_of_bucket: Optional[pulumi.Input[int]] = None,
                              resource_group_name: Optional[pulumi.Input[str]] = None,
                              start_time: Optional[pulumi.Input[str]] = None,
                              workspace_name: Optional[pulumi.Input[str]] = None,
                              opts: Optional[InvokeOptions] = None) -> Output[GetEntitiesGetTimelineResult]

func GetEntitiesGetTimeline(ctx *Context, args *GetEntitiesGetTimelineArgs, opts ...InvokeOption) (*GetEntitiesGetTimelineResult, error)
func GetEntitiesGetTimelineOutput(ctx *Context, args *GetEntitiesGetTimelineOutputArgs, opts ...InvokeOption) GetEntitiesGetTimelineResultOutput

> Note: This function is named GetEntitiesGetTimeline in the Go SDK.

public static class GetEntitiesGetTimeline 
{
    public static Task<GetEntitiesGetTimelineResult> InvokeAsync(GetEntitiesGetTimelineArgs args, InvokeOptions? opts = null)
    public static Output<GetEntitiesGetTimelineResult> Invoke(GetEntitiesGetTimelineInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetEntitiesGetTimelineResult> getEntitiesGetTimeline(GetEntitiesGetTimelineArgs args, InvokeOptions options)
public static Output<GetEntitiesGetTimelineResult> getEntitiesGetTimeline(GetEntitiesGetTimelineArgs args, InvokeOptions options)

fn::invoke:
  function: azure-native:securityinsights:getEntitiesGetTimeline
  arguments:
    # arguments dictionary

The following arguments are supported:

EndTime string: The end timeline date, so the results returned are before this date.
EntityId string: entity ID
ResourceGroupName string: The name of the resource group. The name is case insensitive.
StartTime string: The start timeline date, so the results returned are after this date.
WorkspaceName string: The name of the workspace.
Kinds List<Union<string, Pulumi.AzureNative.SecurityInsights.EntityTimelineKind>>: Array of timeline Item kinds.
NumberOfBucket int: The number of bucket for timeline queries aggregation.

EndTime string: The end timeline date, so the results returned are before this date.
EntityId string: entity ID
ResourceGroupName string: The name of the resource group. The name is case insensitive.
StartTime string: The start timeline date, so the results returned are after this date.
WorkspaceName string: The name of the workspace.
Kinds []string: Array of timeline Item kinds.
NumberOfBucket int: The number of bucket for timeline queries aggregation.

endTime String: The end timeline date, so the results returned are before this date.
entityId String: entity ID
resourceGroupName String: The name of the resource group. The name is case insensitive.
startTime String: The start timeline date, so the results returned are after this date.
workspaceName String: The name of the workspace.
kinds List<Either<String,EntityTimelineKind>>: Array of timeline Item kinds.
numberOfBucket Integer: The number of bucket for timeline queries aggregation.

endTime string: The end timeline date, so the results returned are before this date.
entityId string: entity ID
resourceGroupName string: The name of the resource group. The name is case insensitive.
startTime string: The start timeline date, so the results returned are after this date.
workspaceName string: The name of the workspace.
kinds (string | EntityTimelineKind)[]: Array of timeline Item kinds.
numberOfBucket number: The number of bucket for timeline queries aggregation.

end_time str: The end timeline date, so the results returned are before this date.
entity_id str: entity ID
resource_group_name str: The name of the resource group. The name is case insensitive.
start_time str: The start timeline date, so the results returned are after this date.
workspace_name str: The name of the workspace.
kinds Sequence[Union[str, EntityTimelineKind]]: Array of timeline Item kinds.
number_of_bucket int: The number of bucket for timeline queries aggregation.

endTime String: The end timeline date, so the results returned are before this date.
entityId String: entity ID
resourceGroupName String: The name of the resource group. The name is case insensitive.
startTime String: The start timeline date, so the results returned are after this date.
workspaceName String: The name of the workspace.
kinds List<String | "Activity" | "Bookmark" | "SecurityAlert" | "Anomaly">: Array of timeline Item kinds.
numberOfBucket Number: The number of bucket for timeline queries aggregation.

getEntitiesGetTimeline Result

The following output properties are available:

MetaData Pulumi.AzureNative.SecurityInsights.Outputs.TimelineResultsMetadataResponse: The metadata from the timeline operation results.
Value List<object>: The timeline result values.

MetaData TimelineResultsMetadataResponse: The metadata from the timeline operation results.
Value []interface{}: The timeline result values.

metaData TimelineResultsMetadataResponse: The metadata from the timeline operation results.
value List<Object>: The timeline result values.

metaData TimelineResultsMetadataResponse: The metadata from the timeline operation results.
value (ActivityTimelineItemResponse | AnomalyTimelineItemResponse | BookmarkTimelineItemResponse | SecurityAlertTimelineItemResponse)[]: The timeline result values.

meta_data TimelineResultsMetadataResponse: The metadata from the timeline operation results.
value Sequence[Any]: The timeline result values.

metaData Property Map: The metadata from the timeline operation results.
value List<Property Map | Property Map | Property Map | Property Map>: The timeline result values.

Supporting Types

ActivityTimelineItemResponse

BucketEndTimeUTC string: The grouping bucket end time.
BucketStartTimeUTC string: The grouping bucket start time.
Content string: The activity timeline content.
FirstActivityTimeUTC string: The time of the first activity in the grouping bucket.
LastActivityTimeUTC string: The time of the last activity in the grouping bucket.
QueryId string: The activity query id.
Title string: The activity timeline title.

BucketEndTimeUTC string: The grouping bucket end time.
BucketStartTimeUTC string: The grouping bucket start time.
Content string: The activity timeline content.
FirstActivityTimeUTC string: The time of the first activity in the grouping bucket.
LastActivityTimeUTC string: The time of the last activity in the grouping bucket.
QueryId string: The activity query id.
Title string: The activity timeline title.

bucketEndTimeUTC String: The grouping bucket end time.
bucketStartTimeUTC String: The grouping bucket start time.
content String: The activity timeline content.
firstActivityTimeUTC String: The time of the first activity in the grouping bucket.
lastActivityTimeUTC String: The time of the last activity in the grouping bucket.
queryId String: The activity query id.
title String: The activity timeline title.

bucketEndTimeUTC string: The grouping bucket end time.
bucketStartTimeUTC string: The grouping bucket start time.
content string: The activity timeline content.
firstActivityTimeUTC string: The time of the first activity in the grouping bucket.
lastActivityTimeUTC string: The time of the last activity in the grouping bucket.
queryId string: The activity query id.
title string: The activity timeline title.

bucket_end_time_utc str: The grouping bucket end time.
bucket_start_time_utc str: The grouping bucket start time.
content str: The activity timeline content.
first_activity_time_utc str: The time of the first activity in the grouping bucket.
last_activity_time_utc str: The time of the last activity in the grouping bucket.
query_id str: The activity query id.
title str: The activity timeline title.

bucketEndTimeUTC String: The grouping bucket end time.
bucketStartTimeUTC String: The grouping bucket start time.
content String: The activity timeline content.
firstActivityTimeUTC String: The time of the first activity in the grouping bucket.
lastActivityTimeUTC String: The time of the last activity in the grouping bucket.
queryId String: The activity query id.
title String: The activity timeline title.

AnomalyTimelineItemResponse

AzureResourceId string: The anomaly azure resource id.
DisplayName string: The anomaly name.
EndTimeUtc string: The anomaly end time.
StartTimeUtc string: The anomaly start time.
TimeGenerated string: The anomaly generated time.
Description string: The anomaly description.
Intent string: The intent of the anomaly.
ProductName string: The anomaly product name.
Reasons List<string>: The reasons that cause the anomaly.
Techniques List<string>: The techniques of the anomaly.
Vendor string: The name of the anomaly vendor.

AzureResourceId string: The anomaly azure resource id.
DisplayName string: The anomaly name.
EndTimeUtc string: The anomaly end time.
StartTimeUtc string: The anomaly start time.
TimeGenerated string: The anomaly generated time.
Description string: The anomaly description.
Intent string: The intent of the anomaly.
ProductName string: The anomaly product name.
Reasons []string: The reasons that cause the anomaly.
Techniques []string: The techniques of the anomaly.
Vendor string: The name of the anomaly vendor.

azureResourceId String: The anomaly azure resource id.
displayName String: The anomaly name.
endTimeUtc String: The anomaly end time.
startTimeUtc String: The anomaly start time.
timeGenerated String: The anomaly generated time.
description String: The anomaly description.
intent String: The intent of the anomaly.
productName String: The anomaly product name.
reasons List<String>: The reasons that cause the anomaly.
techniques List<String>: The techniques of the anomaly.
vendor String: The name of the anomaly vendor.

azureResourceId string: The anomaly azure resource id.
displayName string: The anomaly name.
endTimeUtc string: The anomaly end time.
startTimeUtc string: The anomaly start time.
timeGenerated string: The anomaly generated time.
description string: The anomaly description.
intent string: The intent of the anomaly.
productName string: The anomaly product name.
reasons string[]: The reasons that cause the anomaly.
techniques string[]: The techniques of the anomaly.
vendor string: The name of the anomaly vendor.

azure_resource_id str: The anomaly azure resource id.
display_name str: The anomaly name.
end_time_utc str: The anomaly end time.
start_time_utc str: The anomaly start time.
time_generated str: The anomaly generated time.
description str: The anomaly description.
intent str: The intent of the anomaly.
product_name str: The anomaly product name.
reasons Sequence[str]: The reasons that cause the anomaly.
techniques Sequence[str]: The techniques of the anomaly.
vendor str: The name of the anomaly vendor.

azureResourceId String: The anomaly azure resource id.
displayName String: The anomaly name.
endTimeUtc String: The anomaly end time.
startTimeUtc String: The anomaly start time.
timeGenerated String: The anomaly generated time.
description String: The anomaly description.
intent String: The intent of the anomaly.
productName String: The anomaly product name.
reasons List<String>: The reasons that cause the anomaly.
techniques List<String>: The techniques of the anomaly.
vendor String: The name of the anomaly vendor.

BookmarkTimelineItemResponse

AzureResourceId string: The bookmark azure resource id.
CreatedBy Pulumi.AzureNative.SecurityInsights.Inputs.UserInfoResponse: Describes a user that created the bookmark
DisplayName string: The bookmark display name.
EndTimeUtc string: The bookmark end time.
EventTime string: The bookmark event time.
Labels List<string>: List of labels relevant to this bookmark
Notes string: The notes of the bookmark
StartTimeUtc string: The bookmark start time.

AzureResourceId string: The bookmark azure resource id.
CreatedBy UserInfoResponse: Describes a user that created the bookmark
DisplayName string: The bookmark display name.
EndTimeUtc string: The bookmark end time.
EventTime string: The bookmark event time.
Labels []string: List of labels relevant to this bookmark
Notes string: The notes of the bookmark
StartTimeUtc string: The bookmark start time.

azureResourceId String: The bookmark azure resource id.
createdBy UserInfoResponse: Describes a user that created the bookmark
displayName String: The bookmark display name.
endTimeUtc String: The bookmark end time.
eventTime String: The bookmark event time.
labels List<String>: List of labels relevant to this bookmark
notes String: The notes of the bookmark
startTimeUtc String: The bookmark start time.

azureResourceId string: The bookmark azure resource id.
createdBy UserInfoResponse: Describes a user that created the bookmark
displayName string: The bookmark display name.
endTimeUtc string: The bookmark end time.
eventTime string: The bookmark event time.
labels string[]: List of labels relevant to this bookmark
notes string: The notes of the bookmark
startTimeUtc string: The bookmark start time.

azure_resource_id str: The bookmark azure resource id.
created_by UserInfoResponse: Describes a user that created the bookmark
display_name str: The bookmark display name.
end_time_utc str: The bookmark end time.
event_time str: The bookmark event time.
labels Sequence[str]: List of labels relevant to this bookmark
notes str: The notes of the bookmark
start_time_utc str: The bookmark start time.

azureResourceId String: The bookmark azure resource id.
createdBy Property Map: Describes a user that created the bookmark
displayName String: The bookmark display name.
endTimeUtc String: The bookmark end time.
eventTime String: The bookmark event time.
labels List<String>: List of labels relevant to this bookmark
notes String: The notes of the bookmark
startTimeUtc String: The bookmark start time.

EntityTimelineKind

SecurityAlertTimelineItemResponse

AlertType string: The name of the alert type.
AzureResourceId string: The alert azure resource id.
DisplayName string: The alert name.
EndTimeUtc string: The alert end time.
Intent string: The intent of the alert.
Severity string: The alert severity.
StartTimeUtc string: The alert start time.
TimeGenerated string: The alert generated time.
Description string: The alert description.
ProductName string: The alert product name.
Techniques List<string>: The techniques of the alert.

AlertType string: The name of the alert type.
AzureResourceId string: The alert azure resource id.
DisplayName string: The alert name.
EndTimeUtc string: The alert end time.
Intent string: The intent of the alert.
Severity string: The alert severity.
StartTimeUtc string: The alert start time.
TimeGenerated string: The alert generated time.
Description string: The alert description.
ProductName string: The alert product name.
Techniques []string: The techniques of the alert.

alertType String: The name of the alert type.
azureResourceId String: The alert azure resource id.
displayName String: The alert name.
endTimeUtc String: The alert end time.
intent String: The intent of the alert.
severity String: The alert severity.
startTimeUtc String: The alert start time.
timeGenerated String: The alert generated time.
description String: The alert description.
productName String: The alert product name.
techniques List<String>: The techniques of the alert.

alertType string: The name of the alert type.
azureResourceId string: The alert azure resource id.
displayName string: The alert name.
endTimeUtc string: The alert end time.
intent string: The intent of the alert.
severity string: The alert severity.
startTimeUtc string: The alert start time.
timeGenerated string: The alert generated time.
description string: The alert description.
productName string: The alert product name.
techniques string[]: The techniques of the alert.

alert_type str: The name of the alert type.
azure_resource_id str: The alert azure resource id.
display_name str: The alert name.
end_time_utc str: The alert end time.
intent str: The intent of the alert.
severity str: The alert severity.
start_time_utc str: The alert start time.
time_generated str: The alert generated time.
description str: The alert description.
product_name str: The alert product name.
techniques Sequence[str]: The techniques of the alert.

alertType String: The name of the alert type.
azureResourceId String: The alert azure resource id.
displayName String: The alert name.
endTimeUtc String: The alert end time.
intent String: The intent of the alert.
severity String: The alert severity.
startTimeUtc String: The alert start time.
timeGenerated String: The alert generated time.
description String: The alert description.
productName String: The alert product name.
techniques List<String>: The techniques of the alert.

TimelineAggregationResponse

Count int: the total items found for a kind
Kind string: the query kind

Count int: the total items found for a kind
Kind string: the query kind

count Integer: the total items found for a kind
kind String: the query kind

count number: the total items found for a kind
kind string: the query kind

count int: the total items found for a kind
kind str: the query kind

count Number: the total items found for a kind
kind String: the query kind

TimelineErrorResponse

ErrorMessage string: the error message
Kind string: the query kind
QueryId string: the query id

ErrorMessage string: the error message
Kind string: the query kind
QueryId string: the query id

errorMessage String: the error message
kind String: the query kind
queryId String: the query id

errorMessage string: the error message
kind string: the query kind
queryId string: the query id

error_message str: the error message
kind str: the query kind
query_id str: the query id

errorMessage String: the error message
kind String: the query kind
queryId String: the query id

TimelineResultsMetadataResponse

Aggregations List<Pulumi.AzureNative.SecurityInsights.Inputs.TimelineAggregationResponse>: timeline aggregation per kind
TotalCount int: the total items found for the timeline request
Errors List<Pulumi.AzureNative.SecurityInsights.Inputs.TimelineErrorResponse>: information about the failure queries

Aggregations []TimelineAggregationResponse: timeline aggregation per kind
TotalCount int: the total items found for the timeline request
Errors []TimelineErrorResponse: information about the failure queries

aggregations List<TimelineAggregationResponse>: timeline aggregation per kind
totalCount Integer: the total items found for the timeline request
errors List<TimelineErrorResponse>: information about the failure queries

aggregations TimelineAggregationResponse[]: timeline aggregation per kind
totalCount number: the total items found for the timeline request
errors TimelineErrorResponse[]: information about the failure queries

aggregations Sequence[TimelineAggregationResponse]: timeline aggregation per kind
total_count int: the total items found for the timeline request
errors Sequence[TimelineErrorResponse]: information about the failure queries

aggregations List<Property Map>: timeline aggregation per kind
totalCount Number: the total items found for the timeline request
errors List<Property Map>: information about the failure queries

UserInfoResponse

Email string: The email of the user.
Name string: The name of the user.
ObjectId string: The object id of the user.

Email string: The email of the user.
Name string: The name of the user.
ObjectId string: The object id of the user.

email String: The email of the user.
name String: The name of the user.
objectId String: The object id of the user.

email string: The email of the user.
name string: The name of the user.
objectId string: The object id of the user.

email str: The email of the user.
name str: The name of the user.
object_id str: The object id of the user.

email String: The email of the user.
name String: The name of the user.
objectId String: The object id of the user.

Package Details

Repository: Azure Native pulumi/pulumi-azure-native
License: Apache-2.0

This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.

Azure Native v2.89.1 published on Sunday, Mar 2, 2025 by Pulumi

pulumi/pulumi-azure-native

azure-native.securityinsights.getEntitiesGetTimeline

On this page

On this page

Using getEntitiesGetTimeline

getEntitiesGetTimeline Result

Supporting Types

ActivityTimelineItemResponse

AnomalyTimelineItemResponse

BookmarkTimelineItemResponse

EntityTimelineKind

SecurityAlertTimelineItemResponse

TimelineAggregationResponse

TimelineErrorResponse

TimelineResultsMetadataResponse

UserInfoResponse

Package Details

On this page

On this page