Merge pull request #25546 from microsoftgraph/user/naalmog/sensorsv10

sensor apis v10

Author: Lauragra

api-reference/beta/api/security-identitycontainer-list-sensors.md

@@ -37,7 +37,7 @@ GET /security/identities/sensors
 
 ## Optional query parameters
 
-This method supports the following OData query parameters to help customize the response: `$count`, `$filter`, `$skip`, `$top`. For general information, see [OData query parameters](/graph/query-parameters).
+This method supports the `$count`, `$filter`, `$skip`, and `$top` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
 
 ## Request headers
 

api-reference/beta/api/security-identitycontainer-delete-sensors.md renamed to api-reference/beta/api/security-sensor-delete.md

@@ -22,8 +22,8 @@ Delete a [sensor](../resources/security-sensor.md) object.
 
 Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
 
-<!-- { "blockType": "permissions", "name": "security_identitycontainer_delete_sensors" } -->
-[!INCLUDE [permissions-table](../includes/permissions/security-identitycontainer-delete-sensors-permissions.md)]
+<!-- { "blockType": "permissions", "name": "security_sensor_delete" } -->
+[!INCLUDE [permissions-table](../includes/permissions/security-sensor-delete-permissions.md)]
 
 ## HTTP request
 

api-reference/beta/api/security-sensor-get.md

@@ -37,7 +37,7 @@ GET /security/identities/sensors/{sensorId}
 
 ## Optional query parameters
 
-This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+This method supports the `$select` and `$expand` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
 
 ## Request headers
 

api-reference/beta/includes/permissions/security-identitycontainer-delete-sensors-permissions.md

@@ -0,0 +1,11 @@
+---
+description: "Automatically generated file. DO NOT MODIFY"
+ms.topic: include
+ms.localizationpriority: medium
+---
+
+|Permission type|Least privileged permission|Higher privileged permissions|
+|:---|:---|:---|
+|Delegated (work or school account)|SecurityIdentitiesSensors.ReadWrite.All|Not available.|
+|Delegated (personal Microsoft account)|Not supported.|Not supported.|
+|Application|SecurityIdentitiesSensors.ReadWrite.All|Not available.|

api-reference/beta/includes/permissions/security-sensor-delete-permissions.md

@@ -131,6 +131,10 @@ The Microsoft Defender for Identity health issues API allows you to monitor the
 
 > **Note:** The Microsoft Defender for Identity health issues API is only available on the Defender for Identity plan or Microsoft 365 E5/A5/G5/F5 Security service plans.
 
+### Sensors
+
+The Defender for Identity sensors management API allows you to create detailed reports of the sensors in your workspace, including information about the server name, sensor version, type, state, and health status. It also enables you to manage sensor settings, such as adding descriptions, enabling or disabling delayed updates, and specifying the domain controller that the sensor connects to for querying Entra ID.
+
 ## Incidents
 
 An [incident](security-incident.md) is a collection of correlated  [alerts](security-alert.md) and associated data that make up the story of an attack. Incident management is part of Microsoft 365 Defender and is available in the Microsoft 365 Defender portal (https://security.microsoft.com/).
@@ -267,8 +271,8 @@ The following are some of the most popular requests for working with the Microso
 |Get details of a single message instance|[GET analyzedemails/Id](../api/security-analyzedemail-get.md)|[https://graph.microsoft.com/beta/security/collaboration/analyzedemails/{Id}](https://developer.microsoft.com/graph/graph-explorer?request=security/collaboration/analyzedemails/Id&method=GET&version=beta&GraphUrl=https://graph.microsoft.com)|
 |Remediate analyzed email|[analyzedEmail: remediate](../api/security-analyzedemail-remediate.md )|[https://graph.microsoft.com/beta/security/collaboration/analyzedemails/remediate](https://developer.microsoft.com/graph/graph-explorer?request=security/collaboration/analyzedemails/remediate&method=POST&version=beta&GraphUrl=https://graph.microsoft.com)|
 | **Identities**|||
-| List health issues | [List health issues](../api/security-identityContainer-list-healthIssues.md) | [https://graph.microsoft.com/beta/security/identities/healthIssues](https://developer.microsoft.com/graph/graph-explorer?request=security/identities/healthIssues&method=GET&version=beta&GraphUrl=https://graph.microsoft.com) |
-| List sensors | [List sensors](../api/security-identityContainer-list-sensors.md) | [https://graph.microsoft.com/beta/security/identities/sensors](https://developer.microsoft.com/graph/graph-explorer?request=security/identities/sensors&method=GET&version=beta&GraphUrl=https://graph.microsoft.com) |
+| List health issues | [List health issues](../api/security-identitycontainer-list-healthissues.md) | [https://graph.microsoft.com/beta/security/identities/healthIssues](https://developer.microsoft.com/graph/graph-explorer?request=security/identities/healthIssues&method=GET&version=beta&GraphUrl=https://graph.microsoft.com) |
+| List sensors | [List sensors](../api/security-identitycontainer-list-sensors.md) | [https://graph.microsoft.com/beta/security/identities/sensors](https://developer.microsoft.com/graph/graph-explorer?request=security/identities/sensors&method=GET&version=beta&GraphUrl=https://graph.microsoft.com) |
 
 
 You can use Microsoft Graph [webhooks](/graph/webhooks) to subscribe to and receive notifications about updates to Microsoft Graph security API entities.

api-reference/beta/resources/security-api-overview.md

@@ -16,13 +16,12 @@ Namespace: microsoft.graph.security
 
 Represents the network adapter from which the Microsoft Defender for Identity sensor analyzes network traffic.
 
-
-Inherits from [microsoft.graph.entity](../resources/entity.md).
+Inherits from [entity](../resources/entity.md).
 
 ## Properties
 |Property|Type|Description|
 |:---|:---|:---|
-|ID|String|A unique identifier that represents the network adapter.|
+|id|String|A unique identifier that represents the network adapter. Inherited from [entity](../resources/entity.md).|
 |isEnabled|Boolean|Indicates whether the network adapter is selected for capturing and analyzing network traffic.|
 |name|String|The name of the network adapter.|
 
@@ -46,4 +45,4 @@ The following JSON representation shows the resource type.
   "isEnabled": "Boolean",
   "name": "String"
 }
-```
+```

api-reference/beta/resources/security-networkadapter.md

@@ -16,71 +16,69 @@ Namespace: microsoft.graph.security
 
 Represents a Microsoft Defender for Identity sensor.
 
-Inherits from [microsoft.graph.entity](../resources/entity.md).
+Inherits from [entity](../resources/entity.md).
 
 ## Methods
 |Method|Return type|Description|
 |:---|:---|:---|
-|[List](../api/security-identitycontainer-list-sensors.md)|[microsoft.graph.security.sensor](../resources/security-sensor.md) collection|Get a list of the [microsoft.graph.security.sensor](../resources/security-sensor.md) objects and their properties.|
-|[Get](../api/security-sensor-get.md)|[microsoft.graph.security.sensor](../resources/security-sensor.md)|Read the properties and relationships of a [microsoft.graph.security.sensor](../resources/security-sensor.md) object.|
-|[Update](../api/security-sensor-update.md)|[microsoft.graph.security.sensor](../resources/security-sensor.md)|Update the properties of a [microsoft.graph.security.sensor](../resources/security-sensor.md) object.|
-|[Delete](../api/security-identitycontainer-delete-sensors.md)|None|Delete a [microsoft.graph.security.sensor](../resources/security-sensor.md) object.|
-|[Get deployment package URI](../api/security-sensor-getdeploymentpackageuri.md)|[microsoft.graph.security.sensorDeploymentPackage](../resources/security-sensordeploymentpackage.md)|Get the sensor deployment package URL and version. You can use this URL to download the installer to install the sensor on a server.|
+|[List](../api/security-identitycontainer-list-sensors.md)|[microsoft.graph.security.sensor](../resources/security-sensor.md) collection|Get a list of [sensor](../resources/security-sensor.md) objects and their properties.|
+|[Get](../api/security-sensor-get.md)|[microsoft.graph.security.sensor](../resources/security-sensor.md)|Read the properties and relationships of a [sensor](../resources/security-sensor.md) object.|
+|[Update](../api/security-sensor-update.md)|[microsoft.graph.security.sensor](../resources/security-sensor.md)|Update the properties of a [sensor](../resources/security-sensor.md) object.|
+|[Delete](../api/security-sensor-delete.md)|None|Delete a [sensor](../resources/security-sensor.md) object.|
 |[Get deployment access key](../api/security-sensor-getdeploymentaccesskey.md)|[microsoft.graph.security.deploymentAccessKeyType](../resources/security-deploymentaccesskeytype.md)|Get the deployment access key associated with the Microsoft Defender for Identity workspace, needed to install sensors associated with the workspace.|
+|[Get deployment package URI](../api/security-sensor-getdeploymentpackageuri.md)|[microsoft.graph.security.sensorDeploymentPackage](../resources/security-sensordeploymentpackage.md)|Get the sensor deployment package URL and version.|
 |[Regenerate deployment access key](../api/security-sensor-regeneratedeploymentaccesskey.md)|[microsoft.graph.security.deploymentAccessKeyType](../resources/security-deploymentaccesskeytype.md)|Generate a new deployment access key that can be used to install sensors associated with the workspace.|
 
 ## Properties
 |Property|Type|Description|
 |:---|:---|:---|
-|createdDateTime|DateTimeOffset|The date and time when the sensor was generated.|
+|createdDateTime|DateTimeOffset|The date and time when the sensor was generated. The Timestamp represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
 |deploymentStatus|[microsoft.graph.security.deploymentStatus](#deploymentstatus-values)|The deployment status of the sensor. The possible values are: `upToDate`, `outdated`, `updating`, `updateFailed`, `notConfigured`, `unreachable`, `disconnected`, `startFailure`, `syncing`, `unknownFutureValue`.|
 |displayName|String|The display name of the sensor.|
 |domainName|String|The fully qualified domain name of the sensor.|
 |healthStatus|[microsoft.graph.security.sensorHealthStatus](#sensorhealthstatus-values)|The health status of the sensor. The possible values are: `healthy`, `notHealthyLow`, `notHealthyMedium`, `notHealthyHigh`, `unknownFutureValue`.|
-|ID|String|Unique identifier to represent the sensor.|
+|id|String|Unique identifier to represent the sensor. Inherited from [entity](../resources/entity.md).|
 |openHealthIssuesCount|Int64|This field displays the count of health issues related to this sensor.|
 |sensorType|[microsoft.graph.security.sensorType](#sensortype-values)|The type of the sensor. The possible values are: `adConnectIntegrated`, `adcsIntegrated`, `adfsIntegrated`, `domainControllerIntegrated`, `domainControllerStandalone`, `unknownFutureValue`.|
 |settings|[microsoft.graph.security.sensorSettings](../resources/security-sensorsettings.md)|Sensor settings information.|
 |version|String|The version of the sensor.|
 
-#### deploymentStatus values
+### deploymentStatus values
 
-| Member                     | Description                                                                                                                  |
-| :--------------------------| :--------------------------------------------------------------------------------------------------------------------------- |
+| Member                     | Description                       |
+| :--------------------------| :-------------------------------- |
 | upToDate |Sensor is running a current version of the sensor.|
 | outdated |Sensor is running a version of the software that is at least three versions behind the current version.|
 | updating |Sensor software is being updated.|
 | updateFailed |Sensor failed to update to a new version.|
-| notConfigured |Sensor requires more configuration before it's fully operational. This applies to sensors installed on AD FS / AD CS servers or standalone sensors.|
+| notConfigured |Sensor requires more configuration before it's fully operational. This applies to sensors installed on ADFS and ADCS servers or standalone sensors.|
 | unreachable |The domain controller was deleted from Active Directory. However, the sensor installation wasn't uninstalled and removed from the domain controller before it was decommissioned. You can safely delete this entry.|
 | disconnected |The Defender for Identity service hasn't seen any communication from this sensor in 10 minutes.|
 | startFailure |Sensor didn't pull configuration for more than 30 minutes.|
 | syncing |Sensor has configuration updates pending, but it didn't yet pull the new configuration.|
 | unknownFutureValue |Evolvable enumeration sentinel value. Don't use.|
 
-#### sensorHealthStatus values
+### sensorHealthStatus values
 
-| Member                     | Description                                                                                                                  |
-| :--------------------------| :--------------------------------------------------------------------------------------------------------------------------- |
+| Member                     | Description                       |
+| :--------------------------| :-------------------------------- |
 | healthy |No opened health issues.|
 | notHealthyLow |The highest severity opened health issue is low.|
 | notHealthyMedium |The highest severity opened health issue is medium.|
 | notHealthyHigh |The highest severity opened health issue is high.|
 | unknownFutureValue |Evolvable enumeration sentinel value. Don't use.|
 
-#### sensorType values
+### sensorType values
 
-| Member                     | Description                                                                                                                  |
-| :--------------------------| :--------------------------------------------------------------------------------------------------------------------------- |
+| Member                     | Description                       |
+| :--------------------------| :-------------------------------- |
 | adConnectIntegrated |Entra Connect sensor.|
 | adcsIntegrated |Active Directory Certificate Services (ADCS) sensor.|
 | adfsIntegrated |Active Directory Federation Services (ADFS) sensor.|
-| domainControllerIntegrated |Domain Controller sensor.|
+| domainControllerIntegrated |Domain controller sensor.|
 | domainControllerStandalone |Standalone sensor.|
 | unknownFutureValue |Evolvable enumeration sentinel value. Don't use.|
 
-
-
 ## Relationships
 |Relationship|Type|Description|
 |:---|:---|:---|
@@ -99,17 +97,15 @@ The following JSON representation shows the resource type.
 ``` json
 {
   "@odata.type": "#microsoft.graph.security.sensor",
-  "id": "String (identifier)",
-  "displayName": "String",
-  "sensorType": "String",
-  "version": "String",
-  "deploymentStatus": "String",
   "createdDateTime": "String (timestamp)",
+  "deploymentStatus": "String",
+  "displayName": "String",
   "domainName": "String",
   "healthStatus": "String",
-  "openHealthIssuesCount": "Integer",
-  "settings": {
-    "@odata.type": "microsoft.graph.security.sensorSettings"
-  }
+  "id": "String (identifier)",
+  "openHealthIssuesCount": "Int64",
+  "sensorType": "String",
+  "settings": {"@odata.type": "microsoft.graph.security.sensorSettings"},
+  "version": "String"
 }
-```
+```

api-reference/beta/resources/security-sensor.md

@@ -485,13 +485,25 @@ items:
     - name: Update
       href: ../../api/security-sensor-update.md
     - name: Delete
-      href: ../../api/security-identitycontainer-delete-sensors.md
-    - name: Get deployment package URI
-      href: ../../api/security-sensor-getdeploymentpackageuri.md
+      href: ../../api/security-sensor-delete.md
     - name: Get deployment access key
       href: ../../api/security-sensor-getdeploymentaccesskey.md
+    - name: Get deployment package URI
+      href: ../../api/security-sensor-getdeploymentpackageuri.md
     - name: Regenerate deployment access key
       href: ../../api/security-sensor-regeneratedeploymentaccesskey.md
+  - name: Complex types
+    items:
+    - name: Deployment access key type
+      href: ../../resources/security-deploymentaccesskeytype.md
+    - name: Identity container
+      href: ../../resources/security-identitycontainer.md
+    - name: Network adapter
+      href: ../../resources/security-networkadapter.md
+    - name: Sensor deployment package
+      href: ../../resources/security-sensordeploymentpackage.md
+    - name: Sensor settings
+      href: ../../resources/security-sensorsettings.md
 - name: Information protection
   items:
   - name: Information protection label

api-reference/beta/toc/security/toc.yml

@@ -2521,6 +2521,13 @@
           "resources": [
             "microsoft.graph.security.healthIssue",
             "microsoft.graph.security.sensor"
+          ],
+          "complexTypes": [
+            "microsoft.graph.security.deploymentAccessKeyType",
+            "microsoft.graph.security.identityContainer",
+            "microsoft.graph.security.networkAdapter",
+            "microsoft.graph.security.sensorDeploymentPackage",
+            "microsoft.graph.security.sensorSettings"
           ]
         },
         {