MicrosoftSecurityIncidentCreationAlertRuleTemplate interface

Represents MicrosoftSecurityIncidentCreation rule template.

Extends

Properties

alertRulesCreatedByTemplateCount

the number of alert rules that were created by this template

createdDateUTC

The time that this alert rule template has been added. NOTE: This property will not be serialized. It can only be populated by the server.

description

The description of the alert rule template.

displayName

The display name for alert rule template.

displayNamesExcludeFilter

the alerts' displayNames on which the cases will not be generated

displayNamesFilter

the alerts' displayNames on which the cases will be generated

kind

Polymorphic discriminator, which specifies the different types this object can be

lastUpdatedDateUTC

The last time that this alert rule template has been updated. NOTE: This property will not be serialized. It can only be populated by the server.

productFilter

The alerts' productName on which the cases will be generated

requiredDataConnectors

The required data sources for this template

severitiesFilter

the alerts' severities on which the cases will be generated

status

The alert rule template status.

Inherited Properties

id

Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} NOTE: This property will not be serialized. It can only be populated by the server.

name

The name of the resource NOTE: This property will not be serialized. It can only be populated by the server.

systemData

Azure Resource Manager metadata containing createdBy and modifiedBy information. NOTE: This property will not be serialized. It can only be populated by the server.

type

The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" NOTE: This property will not be serialized. It can only be populated by the server.

Property Details

alertRulesCreatedByTemplateCount

the number of alert rules that were created by this template

alertRulesCreatedByTemplateCount?: number

Property Value

number

createdDateUTC

The time that this alert rule template has been added. NOTE: This property will not be serialized. It can only be populated by the server.

createdDateUTC?: Date

Property Value

Date

description

The description of the alert rule template.

description?: string

Property Value

string

displayName

The display name for alert rule template.

displayName?: string

Property Value

string

displayNamesExcludeFilter

the alerts' displayNames on which the cases will not be generated

displayNamesExcludeFilter?: string[]

Property Value

string[]

displayNamesFilter

the alerts' displayNames on which the cases will be generated

displayNamesFilter?: string[]

Property Value

string[]

kind

Polymorphic discriminator, which specifies the different types this object can be

kind: "MicrosoftSecurityIncidentCreation"

Property Value

"MicrosoftSecurityIncidentCreation"

lastUpdatedDateUTC

The last time that this alert rule template has been updated. NOTE: This property will not be serialized. It can only be populated by the server.

lastUpdatedDateUTC?: Date

Property Value

Date

productFilter

The alerts' productName on which the cases will be generated

productFilter?: string

Property Value

string

requiredDataConnectors

The required data sources for this template

requiredDataConnectors?: AlertRuleTemplateDataSource[]

Property Value

severitiesFilter

the alerts' severities on which the cases will be generated

severitiesFilter?: string[]

Property Value

string[]

status

The alert rule template status.

status?: string

Property Value

string

Inherited Property Details

id

Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} NOTE: This property will not be serialized. It can only be populated by the server.

id?: string

Property Value

string

Inherited From AlertRuleTemplate.id

name

The name of the resource NOTE: This property will not be serialized. It can only be populated by the server.

name?: string

Property Value

string

Inherited From AlertRuleTemplate.name

systemData

Azure Resource Manager metadata containing createdBy and modifiedBy information. NOTE: This property will not be serialized. It can only be populated by the server.

systemData?: SystemData

Property Value

Inherited From AlertRuleTemplate.systemData

type

The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" NOTE: This property will not be serialized. It can only be populated by the server.

type?: string

Property Value

string

Inherited From AlertRuleTemplate.type