FusionAlertRuleProperties interface
Fusion alert rule base property bag.
Properties
| alert |
The Name of the alert rule template used to create this rule. |
| description | The description of the alert rule. |
| display |
The display name for alerts created by this alert rule. |
| enabled | Determines whether this alert rule is enabled or disabled. |
| last |
The last time that this alert has been modified. |
| scenario |
Configuration to exclude scenarios in fusion detection. |
| severity | The severity for alerts created by this alert rule. |
| source |
Configuration for all supported source signals in fusion detection. |
| sub |
The sub-techniques of the alert rule |
| tactics | The tactics of the alert rule |
| techniques | The techniques of the alert rule |
Property Details
alertRuleTemplateName
The Name of the alert rule template used to create this rule.
alertRuleTemplateName: stringProperty Value
string
description
The description of the alert rule.
description?: stringProperty Value
string
displayName
The display name for alerts created by this alert rule.
displayName?: stringProperty Value
string
enabled
Determines whether this alert rule is enabled or disabled.
enabled: booleanProperty Value
boolean
lastModifiedUtc
The last time that this alert has been modified.
lastModifiedUtc?: DateProperty Value
Date
scenarioExclusionPatterns
Configuration to exclude scenarios in fusion detection.
scenarioExclusionPatterns?: FusionScenarioExclusionPattern[]Property Value
severity
The severity for alerts created by this alert rule.
severity?: stringProperty Value
string
sourceSettings
Configuration for all supported source signals in fusion detection.
sourceSettings?: FusionSourceSettings[]Property Value
subTechniques
The sub-techniques of the alert rule
subTechniques?: string[]Property Value
string[]
tactics
The tactics of the alert rule
tactics?: string[]Property Value
string[]
techniques
The techniques of the alert rule
techniques?: string[]Property Value
string[]
