NrtAlertRuleTemplateProperties interface

Reference

Package:: @azure/arm-securityinsight

NRT alert rule template properties

Extends: AlertRuleTemplateWithMitreProperties,QueryBasedAlertRuleTemplateProperties

Inherited Properties

alertDetailsOverride	The alert details override settings
alertRulesCreatedByTemplateCount	the number of alert rules that were created by this template
createdDateUTC	The time that this alert rule template has been added. NOTE: This property will not be serialized. It can only be populated by the server.
customDetails	Dictionary of string key-value pairs of columns to be attached to the alert
description	The description of the alert rule template.
displayName	The display name for alert rule template.
entityMappings	Array of the entity mappings of the alert rule
eventGroupingSettings	The event grouping settings.
lastUpdatedDateUTC	The last time that this alert rule template has been updated. NOTE: This property will not be serialized. It can only be populated by the server.
query	The query that creates alerts for this rule.
requiredDataConnectors	The required data sources for this template
severity	The severity for alerts created by this alert rule.
status	The alert rule template status.
tactics	The tactics of the alert rule
techniques	The techniques of the alert rule
version	The version of this template - in format <a.b.c>, where all are numbers. For example <1.0.2>.

Inherited Property Details

alertDetailsOverride

The alert details override settings

alertDetailsOverride?: AlertDetailsOverride

Property Value

AlertDetailsOverride

Inherited From QueryBasedAlertRuleTemplateProperties.alertDetailsOverride

alertRulesCreatedByTemplateCount

the number of alert rules that were created by this template

alertRulesCreatedByTemplateCount?: number

Property Value

number

Inherited From AlertRuleTemplateWithMitreProperties.alertRulesCreatedByTemplateCount

createdDateUTC

The time that this alert rule template has been added. NOTE: This property will not be serialized. It can only be populated by the server.

createdDateUTC?: Date

Property Value

Date

Inherited From AlertRuleTemplateWithMitreProperties.createdDateUTC

customDetails

Dictionary of string key-value pairs of columns to be attached to the alert

customDetails?: {[propertyName: string]: string}

Property Value

{[propertyName: string]: string}

Inherited From QueryBasedAlertRuleTemplateProperties.customDetails

description

The description of the alert rule template.

description?: string

Property Value

string

Inherited From AlertRuleTemplateWithMitreProperties.description

displayName

The display name for alert rule template.

displayName?: string

Property Value

string

Inherited From AlertRuleTemplateWithMitreProperties.displayName

entityMappings

Array of the entity mappings of the alert rule

entityMappings?: EntityMapping[]

Property Value

EntityMapping[]

Inherited From QueryBasedAlertRuleTemplateProperties.entityMappings

eventGroupingSettings

The event grouping settings.

eventGroupingSettings?: EventGroupingSettings

Property Value

EventGroupingSettings

Inherited From QueryBasedAlertRuleTemplateProperties.eventGroupingSettings

lastUpdatedDateUTC

The last time that this alert rule template has been updated. NOTE: This property will not be serialized. It can only be populated by the server.

lastUpdatedDateUTC?: Date

Property Value

Date

Inherited From AlertRuleTemplateWithMitreProperties.lastUpdatedDateUTC

query

The query that creates alerts for this rule.

query?: string

Property Value

string

Inherited From QueryBasedAlertRuleTemplateProperties.query

requiredDataConnectors

The required data sources for this template

requiredDataConnectors?: AlertRuleTemplateDataSource[]

Property Value

AlertRuleTemplateDataSource[]

Inherited From AlertRuleTemplateWithMitreProperties.requiredDataConnectors

severity

The severity for alerts created by this alert rule.

severity?: string

Property Value

string

Inherited From QueryBasedAlertRuleTemplateProperties.severity

status

The alert rule template status.

status?: string

Property Value

string

Inherited From AlertRuleTemplateWithMitreProperties.status

tactics

The tactics of the alert rule

tactics?: string[]

Property Value

string[]

Inherited From AlertRuleTemplateWithMitreProperties.tactics

techniques

The techniques of the alert rule

techniques?: string[]

Property Value

string[]

Inherited From AlertRuleTemplateWithMitreProperties.techniques

version

The version of this template - in format <a.b.c>, where all are numbers. For example <1.0.2>.

version?: string

Property Value

string

Inherited From QueryBasedAlertRuleTemplateProperties.version

Share via

NrtAlertRuleTemplateProperties interface

Inherited Properties

Inherited Property Details

alertDetailsOverride

Property Value

alertRulesCreatedByTemplateCount

Property Value

createdDateUTC

Property Value

customDetails

Property Value

description

Property Value

displayName

Property Value

entityMappings

Property Value

eventGroupingSettings

Property Value

lastUpdatedDateUTC

Property Value

query

Property Value

requiredDataConnectors

Property Value

severity

Property Value

status

Property Value

tactics

Property Value

techniques

Property Value

version

Property Value

Feedback

Additional resources