class Azure::SecurityInsights::Mgmt::V2019_01_01_preview::Models::SecurityAlert

Represents a security alert entity.

Attributes

additional_data[RW]

@return A bag of custom fields that should be part of the entity and will be presented to the user.

alert_display_name[RW]

@return [String] The display name of the alert.

alert_type[RW]

@return [String] The type name of the alert.

compromised_entity[RW]

@return [String] Display name of the main entity being reported on.

confidence_level[RW]

@return [ConfidenceLevel] The confidence level of this alert. Possible values include: 'Unknown', 'Low', 'High'

confidence_reasons[RW]

@return [Array<SecurityAlertPropertiesConfidenceReasonsItem>] The confidence reasons

confidence_score[RW]

@return [Float] The confidence score of the alert.

confidence_score_status[RW]

@return [ConfidenceScoreStatus] The confidence score calculation status, i.e. indicating if score calculation is pending for this alert, not applicable or final. Possible values include: 'NotApplicable', 'InProcess', 'NotFinal', 'Final'

description[RW]

@return [String] Alert description.

end_time_utc[RW]

@return [DateTime] The impact end time of the alert (the time of the last event contributing to the alert).

friendly_name[RW]

@return [String] The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated.

intent[RW]

@return [KillChainIntent] Holds the alert intent stage(s) mapping for this alert. Possible values include: 'Unknown', 'Probing', 'Exploitation', 'Persistence', 'PrivilegeEscalation', 'DefenseEvasion', 'CredentialAccess', 'Discovery', 'LateralMovement', 'Execution', 'Collection', 'Exfiltration', 'CommandAndControl', 'Impact'

kind[RW]
processing_end_time[RW]

@return [DateTime] The time the alert was made available for consumption.

product_component_name[RW]

@return [String] The name of a component inside the product which generated the alert.

product_name[RW]

@return [String] The name of the product which published this alert.

product_version[RW]

@return [String] The version of the product generating the alert.

provider_alert_id[RW]

@return [String] The identifier of the alert inside the product which generated the alert.

remediation_steps[RW]

@return [Array<String>] Manual action items to take to remediate the alert.

resource_identifiers[RW]

@return The list of resource identifiers of the alert.

severity[RW]

@return [AlertSeverity] The severity of the alert. Possible values include: 'High', 'Medium', 'Low', 'Informational'

start_time_utc[RW]

@return [DateTime] The impact start time of the alert (the time of the first event contributing to the alert).

status[RW]

@return [AlertStatus] The lifecycle status of the alert. Possible values include: 'Unknown', 'New', 'Resolved', 'Dismissed', 'InProgress'

system_alert_id[RW]

@return [String] Holds the product identifier of the alert for the product.

tactics[RW]

@return [Array<AttackTactic>] The tactics of the alert

time_generated[RW]

@return [DateTime] The time the alert was generated.

vendor_name[RW]

@return [String] The name of the vendor that raise the alert.

Public Class Methods

mapper() click to toggle source

Mapper for SecurityAlert class as Ruby Hash. This will be used for serialization/deserialization.

# File lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb, line 129
def self.mapper()
  {
    client_side_validation: true,
    required: false,
    serialized_name: 'SecurityAlert',
    type: {
      name: 'Composite',
      class_name: 'SecurityAlert',
      model_properties: {
        id: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'id',
          type: {
            name: 'String'
          }
        },
        name: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'name',
          type: {
            name: 'String'
          }
        },
        type: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'type',
          type: {
            name: 'String'
          }
        },
        kind: {
          client_side_validation: true,
          required: true,
          serialized_name: 'kind',
          type: {
            name: 'String'
          }
        },
        additional_data: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.additionalData',
          type: {
            name: 'Dictionary',
            value: {
                client_side_validation: true,
                required: false,
                serialized_name: 'ObjectElementType',
                type: {
                  name: 'Object'
                }
            }
          }
        },
        friendly_name: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.friendlyName',
          type: {
            name: 'String'
          }
        },
        alert_display_name: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.alertDisplayName',
          type: {
            name: 'String'
          }
        },
        alert_type: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.alertType',
          type: {
            name: 'String'
          }
        },
        compromised_entity: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.compromisedEntity',
          type: {
            name: 'String'
          }
        },
        confidence_level: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.confidenceLevel',
          type: {
            name: 'String'
          }
        },
        confidence_reasons: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.confidenceReasons',
          type: {
            name: 'Sequence',
            element: {
                client_side_validation: true,
                required: false,
                serialized_name: 'SecurityAlertPropertiesConfidenceReasonsItemElementType',
                type: {
                  name: 'Composite',
                  class_name: 'SecurityAlertPropertiesConfidenceReasonsItem'
                }
            }
          }
        },
        confidence_score: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.confidenceScore',
          type: {
            name: 'Double'
          }
        },
        confidence_score_status: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.confidenceScoreStatus',
          type: {
            name: 'String'
          }
        },
        description: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.description',
          type: {
            name: 'String'
          }
        },
        end_time_utc: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.endTimeUtc',
          type: {
            name: 'DateTime'
          }
        },
        intent: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.intent',
          type: {
            name: 'String'
          }
        },
        provider_alert_id: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.providerAlertId',
          type: {
            name: 'String'
          }
        },
        processing_end_time: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.processingEndTime',
          type: {
            name: 'DateTime'
          }
        },
        product_component_name: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.productComponentName',
          type: {
            name: 'String'
          }
        },
        product_name: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.productName',
          type: {
            name: 'String'
          }
        },
        product_version: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.productVersion',
          type: {
            name: 'String'
          }
        },
        remediation_steps: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.remediationSteps',
          type: {
            name: 'Sequence',
            element: {
                client_side_validation: true,
                required: false,
                serialized_name: 'StringElementType',
                type: {
                  name: 'String'
                }
            }
          }
        },
        severity: {
          client_side_validation: true,
          required: false,
          serialized_name: 'properties.severity',
          type: {
            name: 'String'
          }
        },
        start_time_utc: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.startTimeUtc',
          type: {
            name: 'DateTime'
          }
        },
        status: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.status',
          type: {
            name: 'String'
          }
        },
        system_alert_id: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.systemAlertId',
          type: {
            name: 'String'
          }
        },
        tactics: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.tactics',
          type: {
            name: 'Sequence',
            element: {
                client_side_validation: true,
                required: false,
                serialized_name: 'AttackTacticElementType',
                type: {
                  name: 'String'
                }
            }
          }
        },
        time_generated: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.timeGenerated',
          type: {
            name: 'DateTime'
          }
        },
        vendor_name: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.vendorName',
          type: {
            name: 'String'
          }
        },
        alert_link: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.alertLink',
          type: {
            name: 'String'
          }
        },
        resource_identifiers: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.resourceIdentifiers',
          type: {
            name: 'Sequence',
            element: {
                client_side_validation: true,
                required: false,
                serialized_name: 'ObjectElementType',
                type: {
                  name: 'Object'
                }
            }
          }
        }
      }
    }
  }
end
new() click to toggle source
# File lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb, line 16
def initialize
  @kind = "SecurityAlert"
end