class Azure::Security::Mgmt::V2019_01_01::Models::Alert
Security
alert
Attributes
@return [String] The action that was taken as a response to the alert (Active, Blocked etc.)
@return [String] Display name of the alert type
@return [String] Name of the alert type
@return [String] Azure
resource ID of the associated resource
@return [String] The entity that the incident happened on
@return [Array<AlertConfidenceReason>] reasons the alert got the confidenceScore value
@return [Float] level of confidence we have on the alert
@return [String] Alerts
with the same CorrelationKey will be grouped together in Ibiza.
@return [String] Description of the incident and what it means
@return [DateTime] The time the incident was detected by the vendor
@return [Array<AlertEntity>] objects that are related to this alerts
@return
@return [String] Instance ID of the alert.
@return [Boolean] Whether this alert is for incident type or not (otherwise - single alert)
@return [String] Recommended steps to reradiate the incident
@return [ReportedSeverity] Estimated severity of this alert. Possible values include: 'Informational', 'Low', 'Medium', 'High'
@return [DateTime] The time the incident was reported to Microsoft.Security in UTC
@return [String] State of the alert (Active, Dismissed etc.)
@return [String] Azure
subscription ID of the resource that had the security alert or the subscription ID of the workspace that this resource reports to
@return [String] The type of the alerted resource (Azure
, Non-Azure)
@return [String] Name of the vendor that discovered the incident
@return [String] Azure
resource ID of the workspace that the alert was reported to.
Private Class Methods
Mapper for Alert
class as Ruby Hash. This will be used for serialization/deserialization.
# File lib/2019-01-01/generated/azure_mgmt_security/models/alert.rb, line 99 def self.mapper() { client_side_validation: true, required: false, serialized_name: 'Alert', type: { name: 'Composite', class_name: 'Alert', model_properties: { id: { client_side_validation: true, required: false, read_only: true, serialized_name: 'id', type: { name: 'String' } }, name: { client_side_validation: true, required: false, read_only: true, serialized_name: 'name', type: { name: 'String' } }, type: { client_side_validation: true, required: false, read_only: true, serialized_name: 'type', type: { name: 'String' } }, state: { client_side_validation: true, required: false, read_only: true, serialized_name: 'properties.state', type: { name: 'String' } }, reported_time_utc: { client_side_validation: true, required: false, read_only: true, serialized_name: 'properties.reportedTimeUtc', type: { name: 'DateTime' } }, vendor_name: { client_side_validation: true, required: false, read_only: true, serialized_name: 'properties.vendorName', type: { name: 'String' } }, alert_name: { client_side_validation: true, required: false, read_only: true, serialized_name: 'properties.alertName', type: { name: 'String' } }, alert_display_name: { client_side_validation: true, required: false, read_only: true, serialized_name: 'properties.alertDisplayName', type: { name: 'String' } }, detected_time_utc: { client_side_validation: true, required: false, read_only: true, serialized_name: 'properties.detectedTimeUtc', type: { name: 'DateTime' } }, description: { client_side_validation: true, required: false, read_only: true, serialized_name: 'properties.description', type: { name: 'String' } }, remediation_steps: { client_side_validation: true, required: false, read_only: true, serialized_name: 'properties.remediationSteps', type: { name: 'String' } }, action_taken: { client_side_validation: true, required: false, read_only: true, serialized_name: 'properties.actionTaken', type: { name: 'String' } }, reported_severity: { client_side_validation: true, required: false, read_only: true, serialized_name: 'properties.reportedSeverity', type: { name: 'String' } }, compromised_entity: { client_side_validation: true, required: false, read_only: true, serialized_name: 'properties.compromisedEntity', type: { name: 'String' } }, associated_resource: { client_side_validation: true, required: false, read_only: true, serialized_name: 'properties.associatedResource', type: { name: 'String' } }, extended_properties: { client_side_validation: true, required: false, serialized_name: 'properties.extendedProperties', type: { name: 'Dictionary', value: { client_side_validation: true, required: false, serialized_name: 'ObjectElementType', type: { name: 'Object' } } } }, system_source: { client_side_validation: true, required: false, read_only: true, serialized_name: 'properties.systemSource', type: { name: 'String' } }, can_be_investigated: { client_side_validation: true, required: false, read_only: true, serialized_name: 'properties.canBeInvestigated', type: { name: 'Boolean' } }, is_incident: { client_side_validation: true, required: false, read_only: true, serialized_name: 'properties.isIncident', type: { name: 'Boolean' } }, entities: { client_side_validation: true, required: false, serialized_name: 'properties.entities', type: { name: 'Sequence', element: { client_side_validation: true, required: false, serialized_name: 'AlertEntityElementType', type: { name: 'Composite', class_name: 'AlertEntity' } } } }, confidence_score: { client_side_validation: true, required: false, read_only: true, serialized_name: 'properties.confidenceScore', constraints: { InclusiveMaximum: 1, InclusiveMinimum: 0 }, type: { name: 'Double' } }, confidence_reasons: { client_side_validation: true, required: false, serialized_name: 'properties.confidenceReasons', type: { name: 'Sequence', element: { client_side_validation: true, required: false, serialized_name: 'AlertConfidenceReasonElementType', type: { name: 'Composite', class_name: 'AlertConfidenceReason' } } } }, subscription_id: { client_side_validation: true, required: false, read_only: true, serialized_name: 'properties.subscriptionId', type: { name: 'String' } }, instance_id: { client_side_validation: true, required: false, read_only: true, serialized_name: 'properties.instanceId', type: { name: 'String' } }, workspace_arm_id: { client_side_validation: true, required: false, read_only: true, serialized_name: 'properties.workspaceArmId', type: { name: 'String' } }, correlation_key: { client_side_validation: true, required: false, read_only: true, serialized_name: 'properties.correlationKey', type: { name: 'String' } } } } } end