fileEvidence resource type
Namespace: microsoft.graph.security
A file that is reported in the alert as evidence.
Inherits from alertEvidence.
Properties
| Property | Type | Description |
|---|---|---|
| detectionStatus | microsoft.graph.security.detectionStatus | The status of the detection.The possible values are: detected, blocked, prevented, unknownFutureValue. |
| fileDetails | microsoft.graph.security.fileDetails | The file details. |
| mdeDeviceId | String | A unique identifier assigned to a device by Microsoft Defender for Endpoint. |
Relationships
None.
JSON representation
The following is a JSON representation of the resource.
{
"@odata.type": "#microsoft.graph.security.fileEvidence",
"createdDateTime": "String (timestamp)",
"verdict": "String",
"remediationStatus": "String",
"remediationStatusDetails": "String",
"roles": [
"String"
],
"tags": [
"String"
],
"fileDetails": {
"@odata.type": "microsoft.graph.security.fileDetails"
},
"detectionStatus": "String",
"mdeDeviceId": "String"
}
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for