IIncidentConfiguration Interface
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
[System.ComponentModel.TypeConverter(typeof(Microsoft.Azure.PowerShell.Cmdlets.SecurityInsights.Models.Api20210901Preview.IncidentConfigurationTypeConverter))]
public interface IIncidentConfiguration : Microsoft.Azure.PowerShell.Cmdlets.SecurityInsights.Runtime.IJsonSerializable[<System.ComponentModel.TypeConverter(typeof(Microsoft.Azure.PowerShell.Cmdlets.SecurityInsights.Models.Api20210901Preview.IncidentConfigurationTypeConverter))>]
type IIncidentConfiguration = interface
interface IJsonSerializablePublic Interface IIncidentConfiguration
Implements IJsonSerializable- Derived
- Attributes
- Implements
Properties
| CreateIncident |
Create incidents from alerts triggered by this analytics rule |
| GroupingConfigurationEnabled |
Grouping enabled |
| GroupingConfigurationGroupByAlertDetail |
A list of alert details to group by (when matchingMethod is Selected) |
| GroupingConfigurationGroupByCustomDetail |
A list of custom details keys to group by (when matchingMethod is Selected). Only keys defined in the current alert rule may be used. |
| GroupingConfigurationGroupByEntity |
A list of entity types to group by (when matchingMethod is Selected). Only entities defined in the current alert rule may be used. |
| GroupingConfigurationLookbackDuration |
Limit the group to alerts created within the lookback duration (in ISO 8601 duration format) |
| GroupingConfigurationMatchingMethod |
Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, groupByCustomDetails must be provided and not empty. |
| GroupingConfigurationReopenClosedIncident |
Re-open closed matching incidents |
Methods
| ToJson(JsonObject, SerializationMode) | (Inherited from IJsonSerializable) |