AlertInner Class
- java.
lang. Object - com.
azure. core. management. ProxyResource - com.
azure. resourcemanager. security. fluent. models. AlertInner
- com.
- com.
public final class AlertInner
extends ProxyResource
Security alert.
Method Summary
| Modifier and Type | Method and Description |
|---|---|
| String |
alertDisplayName()
Get the alert |
| String |
alertType()
Get the alert |
| String |
alertUri()
Get the alert |
| String |
compromisedEntity()
Get the compromised |
| String |
correlationKey()
Get the correlation |
| String |
description()
Get the description property: Description of the suspicious activity that was detected. |
|
Offset |
endTimeUtc()
Get the end |
|
List<Alert |
entities()
Get the entities property: A list of entities related to the alert. |
| List<Map<String,String>> |
extendedLinks()
Get the extended |
| Map<String,String> |
extendedProperties()
Get the extended |
|
static
Alert |
fromJson(JsonReader jsonReader)
Reads an instance of Alert |
| String |
id()
Get the id property: Fully qualified resource Id for the resource. |
| Intent |
intent()
Get the intent property: The kill chain related intent behind the alert. |
| Boolean |
isIncident()
Get the is |
| String |
name()
Get the name property: The name of the resource. |
|
Offset |
processingEndTimeUtc()
Get the processing |
| String |
productComponentName()
Get the product |
| String |
productName()
Get the product |
| List<String> |
remediationSteps()
Get the remediation |
|
List<Resource |
resourceIdentifiers()
Get the resource |
|
Alert |
severity()
Get the severity property: The risk level of the threat that was detected. |
|
Offset |
startTimeUtc()
Get the start |
|
Alert |
status()
Get the status property: The life cycle status of the alert. |
| List<String> |
subTechniques()
Get the sub |
|
Alert |
supportingEvidence()
Get the supporting |
| String |
systemAlertId()
Get the system |
|
System |
systemData()
Get the system |
| List<String> |
techniques()
Get the techniques property: kill chain related techniques behind the alert. |
|
Offset |
timeGeneratedUtc()
Get the time |
|
Json |
toJson(JsonWriter jsonWriter) |
| String |
type()
Get the type property: The type of the resource. |
| void |
validate()
Validates the instance. |
| String |
vendorName()
Get the vendor |
| String |
version()
Get the version property: Schema version. |
Methods inherited from ProxyResource
Methods inherited from java.lang.Object
Method Details
alertDisplayName
public String alertDisplayName()
Get the alertDisplayName property: The display name of the alert.
Returns:
alertType
public String alertType()
Get the alertType property: Unique identifier for the detection logic (all alert instances from the same detection logic will have the same alertType).
Returns:
alertUri
public String alertUri()
Get the alertUri property: A direct link to the alert page in Azure Portal.
Returns:
compromisedEntity
public String compromisedEntity()
Get the compromisedEntity property: The display name of the resource most related to this alert.
Returns:
correlationKey
public String correlationKey()
Get the correlationKey property: Key for corelating related alerts. Alerts with the same correlation key considered to be related.
Returns:
description
public String description()
Get the description property: Description of the suspicious activity that was detected.
Returns:
endTimeUtc
public OffsetDateTime endTimeUtc()
Get the endTimeUtc property: The UTC time of the last event or activity included in the alert in ISO8601 format.
Returns:
entities
public List<AlertEntity> entities()
Get the entities property: A list of entities related to the alert.
Returns:
extendedLinks
public List<Map<String,String>> extendedLinks()
Get the extendedLinks property: Links related to the alert.
Returns:
extendedProperties
public Map<String,String> extendedProperties()
Get the extendedProperties property: Custom properties for the alert.
Returns:
fromJson
public static AlertInner fromJson(JsonReader jsonReader)
Reads an instance of AlertInner from the JsonReader.
Parameters:
Returns:
Throws:
id
public String id()
Get the id property: Fully qualified resource Id for the resource.
Overrides:
AlertInner.id()Returns:
intent
public Intent intent()
Get the intent property: The kill chain related intent behind the alert. For list of supported values, and explanations of Azure Security Center's supported kill chain intents.
Returns:
isIncident
public Boolean isIncident()
Get the isIncident property: This field determines whether the alert is an incident (a compound grouping of several alerts) or a single alert.
Returns:
name
public String name()
Get the name property: The name of the resource.
Overrides:
AlertInner.name()Returns:
processingEndTimeUtc
public OffsetDateTime processingEndTimeUtc()
Get the processingEndTimeUtc property: The UTC processing end time of the alert in ISO8601 format.
Returns:
productComponentName
public String productComponentName()
Get the productComponentName property: The name of Azure Security Center pricing tier which powering this alert. Learn more: https://docs.microsoft.com/en-us/azure/security-center/security-center-pricing.
Returns:
productName
public String productName()
Get the productName property: The name of the product which published this alert (Microsoft Sentinel, Microsoft Defender for Identity, Microsoft Defender for Endpoint, Microsoft Defender for Office, Microsoft Defender for Cloud Apps, and so on).
Returns:
remediationSteps
public List<String> remediationSteps()
Get the remediationSteps property: Manual action items to take to remediate the alert.
Returns:
resourceIdentifiers
public List<ResourceIdentifier> resourceIdentifiers()
Get the resourceIdentifiers property: The resource identifiers that can be used to direct the alert to the right product exposure group (tenant, workspace, subscription etc.). There can be multiple identifiers of different type per alert.
Returns:
severity
public AlertSeverity severity()
Get the severity property: The risk level of the threat that was detected. Learn more: https://docs.microsoft.com/en-us/azure/security-center/security-center-alerts-overview\#how-are-alerts-classified.
Returns:
startTimeUtc
public OffsetDateTime startTimeUtc()
Get the startTimeUtc property: The UTC time of the first event or activity included in the alert in ISO8601 format.
Returns:
status
public AlertStatus status()
Get the status property: The life cycle status of the alert.
Returns:
subTechniques
public List<String> subTechniques()
Get the subTechniques property: Kill chain related sub-techniques behind the alert.
Returns:
supportingEvidence
public AlertPropertiesSupportingEvidence supportingEvidence()
Get the supportingEvidence property: Changing set of properties depending on the supportingEvidence type.
Returns:
systemAlertId
public String systemAlertId()
Get the systemAlertId property: Unique identifier for the alert.
Returns:
systemData
public SystemData systemData()
Get the systemData property: Azure Resource Manager metadata containing createdBy and modifiedBy information.
Returns:
techniques
public List<String> techniques()
Get the techniques property: kill chain related techniques behind the alert.
Returns:
timeGeneratedUtc
public OffsetDateTime timeGeneratedUtc()
Get the timeGeneratedUtc property: The UTC time the alert was generated in ISO8601 format.
Returns:
toJson
public JsonWriter toJson(JsonWriter jsonWriter)
Overrides:
AlertInner.toJson(JsonWriter jsonWriter)Parameters:
Throws:
type
public String type()
Get the type property: The type of the resource.
Overrides:
AlertInner.type()Returns:
validate
public void validate()
Validates the instance.
vendorName
public String vendorName()
Get the vendorName property: The name of the vendor that raises the alert.
Returns:
version
public String version()
Get the version property: Schema version.
Returns:
