INrtAlertRule Interface
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
[System.ComponentModel.TypeConverter(typeof(Microsoft.Azure.PowerShell.Cmdlets.SecurityInsights.Models.Api20210901Preview.NrtAlertRuleTypeConverter))]
public interface INrtAlertRule : Microsoft.Azure.PowerShell.Cmdlets.SecurityInsights.Models.Api20210901Preview.IAlertRule[<System.ComponentModel.TypeConverter(typeof(Microsoft.Azure.PowerShell.Cmdlets.SecurityInsights.Models.Api20210901Preview.NrtAlertRuleTypeConverter))>]
type INrtAlertRule = interface
interface IJsonSerializable
interface IAlertRule
interface IResourceWithEtag
interface IResourcePublic Interface INrtAlertRule
Implements IAlertRule- Derived
- Attributes
- Implements
Properties
| AlertDetailOverrideAlertDescriptionFormat |
the format containing columns name(s) to override the alert description |
| AlertDetailOverrideAlertDisplayNameFormat |
the format containing columns name(s) to override the alert name |
| AlertDetailOverrideAlertSeverityColumnName |
the column name to take the alert severity from |
| AlertDetailOverrideAlertTacticsColumnName |
the column name to take the alert tactics from |
| AlertRuleTemplateName |
The Name of the alert rule template used to create this rule. |
| CustomDetail |
Dictionary of string key-value pairs of columns to be attached to the alert |
| Description |
The description of the alert rule. |
| DisplayName |
The display name for alerts created by this alert rule. |
| Enabled |
Determines whether this alert rule is enabled or disabled. |
| EntityMapping |
Array of the entity mappings of the alert rule |
| Etag |
Etag of the azure resource (Inherited from IResourceWithEtag) |
| GroupingConfigurationEnabled |
Grouping enabled |
| GroupingConfigurationGroupByAlertDetail |
A list of alert details to group by (when matchingMethod is Selected) |
| GroupingConfigurationGroupByCustomDetail |
A list of custom details keys to group by (when matchingMethod is Selected). Only keys defined in the current alert rule may be used. |
| GroupingConfigurationGroupByEntity |
A list of entity types to group by (when matchingMethod is Selected). Only entities defined in the current alert rule may be used. |
| GroupingConfigurationLookbackDuration |
Limit the group to alerts created within the lookback duration (in ISO 8601 duration format) |
| GroupingConfigurationMatchingMethod |
Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, groupByCustomDetails must be provided and not empty. |
| GroupingConfigurationReopenClosedIncident |
Re-open closed matching incidents |
| Id |
Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} (Inherited from IResource) |
| IncidentConfigurationCreateIncident |
Create incidents from alerts triggered by this analytics rule |
| Kind |
The kind of the alert rule (Inherited from IAlertRule) |
| LastModifiedUtc |
The last time that this alert rule has been modified. |
| Name |
The name of the resource (Inherited from IResource) |
| Query |
The query that creates alerts for this rule. |
| Severity |
The severity for alerts created by this alert rule. |
| SuppressionDuration |
The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered. |
| SuppressionEnabled |
Determines whether the suppression for this alert rule is enabled or disabled. |
| SystemDataCreatedAt |
The timestamp of resource creation (UTC). (Inherited from IResource) |
| SystemDataCreatedBy |
The identity that created the resource. (Inherited from IResource) |
| SystemDataCreatedByType |
The type of identity that created the resource. (Inherited from IResource) |
| SystemDataLastModifiedAt |
The timestamp of resource last modification (UTC) (Inherited from IResource) |
| SystemDataLastModifiedBy |
The identity that last modified the resource. (Inherited from IResource) |
| SystemDataLastModifiedByType |
The type of identity that last modified the resource. (Inherited from IResource) |
| Tactic |
The tactics of the alert rule |
| TemplateVersion | |
| Type |
The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" (Inherited from IResource) |
Methods
| ToJson(JsonObject, SerializationMode) | (Inherited from IJsonSerializable) |