Azure · lmazuel · Jun 12, 2018 · Jun 6, 2018
diff --git a/...ity/preview/2015-06-01-preview/examples/Alerts/GetAlertResourceGroupLocation_example.json b/...ity/preview/2015-06-01-preview/examples/Alerts/GetAlertResourceGroupLocation_example.json
@@ -19,7 +19,7 @@
                     "detectedTimeUtc": "2018-05-01T19:50:47.083633Z",
                     "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it",
                     "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM",
-                    "actionTaken": "Undefined",
+                    "actionTaken": "Detected",
                     "reportedSeverity": "High",
                     "compromisedEntity": "vm1",
                     "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1",

diff --git a/...rity/preview/2015-06-01-preview/examples/Alerts/GetAlertSubscriptionLocation_example.json b/...rity/preview/2015-06-01-preview/examples/Alerts/GetAlertSubscriptionLocation_example.json
@@ -18,7 +18,7 @@
                     "detectedTimeUtc": "2018-05-01T19:50:47.083633Z",
                     "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it",
                     "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM",
-                    "actionTaken": "Undefined",
+                    "actionTaken": "Detected",
                     "reportedSeverity": "High",
                     "compromisedEntity": "vm1",
                     "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1",

diff --git a/...ty/preview/2015-06-01-preview/examples/Alerts/GetAlertsResourceGroupLocation_example.json b/...ty/preview/2015-06-01-preview/examples/Alerts/GetAlertsResourceGroupLocation_example.json
@@ -19,7 +19,7 @@
                         "detectedTimeUtc": "2018-05-01T19:50:47.083633Z",
                         "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it",
                         "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM",
-                        "actionTaken": "Undefined",
+                        "actionTaken": "Detected",
                         "reportedSeverity": "High",
                         "compromisedEntity": "vm1",
                         "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1",

diff --git a/...t.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsResourceGroup_example.json b/...t.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsResourceGroup_example.json
@@ -18,7 +18,7 @@
                         "detectedTimeUtc": "2018-05-01T19:50:47.083633Z",
                         "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it",
                         "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM",
-                        "actionTaken": "Undefined",
+                        "actionTaken": "Detected",
                         "reportedSeverity": "High",
                         "compromisedEntity": "vm1",
                         "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1",

diff --git a/...ft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsSubscription_example.json b/...ft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsSubscription_example.json
@@ -17,7 +17,7 @@
                             "detectedTimeUtc": "2018-05-01T19:50:47.083633Z",
                             "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it",
                             "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM",
-                            "actionTaken": "Undefined",
+                            "actionTaken": "Detected",
                             "reportedSeverity": "High",
                             "compromisedEntity": "vm1",
                             "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1",
@@ -77,7 +77,7 @@
                             "detectedTimeUtc": "2018-05-07T13:51:45.0045913Z",
                             "description": "The process ‘%{process name}’ was observed executing from an uncommon location.\r\n\r\nFiles with the .scr extensions are screen saver files and are normally reside and execute from the Windows system directory.",
                             "remediationSteps": "1. Run Process Explorer and try to identify unknown running processes (see https://technet.microsoft.com/en-us/sysinternals/bb896653.aspx)\r\n2. Make sure the machine is completely updated and has an updated anti-malware application installed\r\n3. Run a full anti-malware scan and verify that the threat was removed\r\n4. Install and run Microsoft’s Malicious Software Removal Tool (see https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx)\r\n5. Run Microsoft’s Autoruns utility and try to identify unknown applications that are configured to run at login (see https://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)\r\n6. Escalate the alert to the information security team",
-                            "actionTaken": "Undefined",
+                            "actionTaken": "Detected",
                             "reportedSeverity": "Low",
                             "compromisedEntity": "vm2",
                             "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2",

diff --git a/...ty/preview/2015-06-01-preview/examples/Alerts/GetAlertsSubscriptionsLocation_example.json b/...ty/preview/2015-06-01-preview/examples/Alerts/GetAlertsSubscriptionsLocation_example.json
@@ -18,7 +18,7 @@
                             "detectedTimeUtc": "2018-05-01T19:50:47.083633Z",
                             "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it",
                             "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM",
-                            "actionTaken": "Undefined",
+                            "actionTaken": "Detected",
                             "reportedSeverity": "High",
                             "compromisedEntity": "vm1",
                             "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1",
@@ -78,7 +78,7 @@
                             "detectedTimeUtc": "2018-05-07T13:51:45.0045913Z",
                             "description": "The process ‘%{process name}’ was observed executing from an uncommon location.\r\n\r\nFiles with the .scr extensions are screen saver files and are normally reside and execute from the Windows system directory.",
                             "remediationSteps": "1. Run Process Explorer and try to identify unknown running processes (see https://technet.microsoft.com/en-us/sysinternals/bb896653.aspx)\r\n2. Make sure the machine is completely updated and has an updated anti-malware application installed\r\n3. Run a full anti-malware scan and verify that the threat was removed\r\n4. Install and run Microsoft’s Malicious Software Removal Tool (see https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx)\r\n5. Run Microsoft’s Autoruns utility and try to identify unknown applications that are configured to run at login (see https://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)\r\n6. Escalate the alert to the information security team",
-                            "actionTaken": "Undefined",
+                            "actionTaken": "Detected",
                             "reportedSeverity": "Low",
                             "compromisedEntity": "vm2",
                             "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2",

diff --git a/...06-01-preview/examples/JitNetworkAccessPolicies/InvokeJitNetworkAccessPolicy_example.json b/...06-01-preview/examples/JitNetworkAccessPolicies/InvokeJitNetworkAccessPolicy_example.json
@@ -22,7 +22,7 @@
         }        
     },
     "responses": {
-        "204": {
+        "202": {
         }
     }
 }