SecurityAlertProperties interface

Reference

Package:: @azure/arm-securityinsight

SecurityAlert entity property bag.

Extends: EntityCommonProperties

Properties

alertDisplayName	The display name of the alert. NOTE: This property will not be serialized. It can only be populated by the server.
alertLink	The uri link of the alert. NOTE: This property will not be serialized. It can only be populated by the server.
alertType	The type name of the alert. NOTE: This property will not be serialized. It can only be populated by the server.
compromisedEntity	Display name of the main entity being reported on. NOTE: This property will not be serialized. It can only be populated by the server.
confidenceLevel	The confidence level of this alert. NOTE: This property will not be serialized. It can only be populated by the server.
confidenceReasons	The confidence reasons NOTE: This property will not be serialized. It can only be populated by the server.
confidenceScore	The confidence score of the alert. NOTE: This property will not be serialized. It can only be populated by the server.
confidenceScoreStatus	The confidence score calculation status, i.e. indicating if score calculation is pending for this alert, not applicable or final. NOTE: This property will not be serialized. It can only be populated by the server.
description	Alert description. NOTE: This property will not be serialized. It can only be populated by the server.
endTimeUtc	The impact end time of the alert (the time of the last event contributing to the alert). NOTE: This property will not be serialized. It can only be populated by the server.
intent	Holds the alert intent stage(s) mapping for this alert. NOTE: This property will not be serialized. It can only be populated by the server.
processingEndTime	The time the alert was made available for consumption. NOTE: This property will not be serialized. It can only be populated by the server.
productComponentName	The name of a component inside the product which generated the alert. NOTE: This property will not be serialized. It can only be populated by the server.
productName	The name of the product which published this alert. NOTE: This property will not be serialized. It can only be populated by the server.
productVersion	The version of the product generating the alert. NOTE: This property will not be serialized. It can only be populated by the server.
providerAlertId	The identifier of the alert inside the product which generated the alert. NOTE: This property will not be serialized. It can only be populated by the server.
remediationSteps	Manual action items to take to remediate the alert. NOTE: This property will not be serialized. It can only be populated by the server.
resourceIdentifiers	The list of resource identifiers of the alert. NOTE: This property will not be serialized. It can only be populated by the server.
severity	The severity of the alert
startTimeUtc	The impact start time of the alert (the time of the first event contributing to the alert). NOTE: This property will not be serialized. It can only be populated by the server.
status	The lifecycle status of the alert. NOTE: This property will not be serialized. It can only be populated by the server.
systemAlertId	Holds the product identifier of the alert for the product. NOTE: This property will not be serialized. It can only be populated by the server.
tactics	The tactics of the alert NOTE: This property will not be serialized. It can only be populated by the server.
timeGenerated	The time the alert was generated. NOTE: This property will not be serialized. It can only be populated by the server.
vendorName	The name of the vendor that raise the alert. NOTE: This property will not be serialized. It can only be populated by the server.

Inherited Properties

additionalData	A bag of custom fields that should be part of the entity and will be presented to the user. NOTE: This property will not be serialized. It can only be populated by the server.
friendlyName	The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. NOTE: This property will not be serialized. It can only be populated by the server.

Property Details

alertDisplayName

The display name of the alert. NOTE: This property will not be serialized. It can only be populated by the server.

alertDisplayName?: string

Property Value

string

alertLink

The uri link of the alert. NOTE: This property will not be serialized. It can only be populated by the server.

alertLink?: string

Property Value

string

alertType

The type name of the alert. NOTE: This property will not be serialized. It can only be populated by the server.

alertType?: string

Property Value

string

compromisedEntity

Display name of the main entity being reported on. NOTE: This property will not be serialized. It can only be populated by the server.

compromisedEntity?: string

Property Value

string

confidenceLevel

The confidence level of this alert. NOTE: This property will not be serialized. It can only be populated by the server.

confidenceLevel?: string

Property Value

string

confidenceReasons

The confidence reasons NOTE: This property will not be serialized. It can only be populated by the server.

confidenceReasons?: SecurityAlertPropertiesConfidenceReasonsItem[]

Property Value

SecurityAlertPropertiesConfidenceReasonsItem[]

confidenceScore

The confidence score of the alert. NOTE: This property will not be serialized. It can only be populated by the server.

confidenceScore?: number

Property Value

number

confidenceScoreStatus

The confidence score calculation status, i.e. indicating if score calculation is pending for this alert, not applicable or final. NOTE: This property will not be serialized. It can only be populated by the server.

confidenceScoreStatus?: string

Property Value

string

description

Alert description. NOTE: This property will not be serialized. It can only be populated by the server.

description?: string

Property Value

string

endTimeUtc

The impact end time of the alert (the time of the last event contributing to the alert). NOTE: This property will not be serialized. It can only be populated by the server.

endTimeUtc?: Date

Property Value

Date

intent

Holds the alert intent stage(s) mapping for this alert. NOTE: This property will not be serialized. It can only be populated by the server.

intent?: string

Property Value

string

processingEndTime

The time the alert was made available for consumption. NOTE: This property will not be serialized. It can only be populated by the server.

processingEndTime?: Date

Property Value

Date

productComponentName

The name of a component inside the product which generated the alert. NOTE: This property will not be serialized. It can only be populated by the server.

productComponentName?: string

Property Value

string

productName

The name of the product which published this alert. NOTE: This property will not be serialized. It can only be populated by the server.

productName?: string

Property Value

string

productVersion

The version of the product generating the alert. NOTE: This property will not be serialized. It can only be populated by the server.

productVersion?: string

Property Value

string

providerAlertId

The identifier of the alert inside the product which generated the alert. NOTE: This property will not be serialized. It can only be populated by the server.

providerAlertId?: string

Property Value

string

remediationSteps

Manual action items to take to remediate the alert. NOTE: This property will not be serialized. It can only be populated by the server.

remediationSteps?: string[]

Property Value

string[]

resourceIdentifiers

The list of resource identifiers of the alert. NOTE: This property will not be serialized. It can only be populated by the server.

resourceIdentifiers?: Record<string, unknown>[]

Property Value

Record<string, unknown>[]

severity

The severity of the alert

severity?: string

Property Value

string

startTimeUtc

The impact start time of the alert (the time of the first event contributing to the alert). NOTE: This property will not be serialized. It can only be populated by the server.

startTimeUtc?: Date

Property Value

Date

status

The lifecycle status of the alert. NOTE: This property will not be serialized. It can only be populated by the server.

status?: string

Property Value

string

systemAlertId

Holds the product identifier of the alert for the product. NOTE: This property will not be serialized. It can only be populated by the server.

systemAlertId?: string

Property Value

string

tactics

The tactics of the alert NOTE: This property will not be serialized. It can only be populated by the server.

tactics?: string[]

Property Value

string[]

timeGenerated

The time the alert was generated. NOTE: This property will not be serialized. It can only be populated by the server.

timeGenerated?: Date

Property Value

Date

vendorName

The name of the vendor that raise the alert. NOTE: This property will not be serialized. It can only be populated by the server.

vendorName?: string

Property Value

string

Inherited Property Details

additionalData

A bag of custom fields that should be part of the entity and will be presented to the user. NOTE: This property will not be serialized. It can only be populated by the server.

additionalData?: {[propertyName: string]: Record<string, unknown>}

Property Value

{[propertyName: string]: Record<string, unknown>}

Inherited From EntityCommonProperties.additionalData

friendlyName

The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. NOTE: This property will not be serialized. It can only be populated by the server.

friendlyName?: string

Property Value

string

Inherited From EntityCommonProperties.friendlyName

SecurityAlertProperties interface

Properties

Inherited Properties

Property Details

alertDisplayName

Property Value

alertLink

Property Value

alertType

Property Value

compromisedEntity

Property Value

confidenceLevel

Property Value

confidenceReasons

Property Value

confidenceScore

Property Value

confidenceScoreStatus

Property Value

description

Property Value

endTimeUtc

Property Value

intent

Property Value

processingEndTime

Property Value

productComponentName

Property Value

productName

Property Value

productVersion

Property Value

providerAlertId

Property Value

remediationSteps

Property Value

resourceIdentifiers

Property Value

severity

Property Value

startTimeUtc

Property Value

status

Property Value

systemAlertId

Property Value

tactics

Property Value

timeGenerated

Property Value

vendorName

Property Value

Inherited Property Details

additionalData

Property Value

friendlyName

Property Value

Feedback

Additional resources