你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站，请访问 https://docs.azure.cn。

Microsoft.Azure.PowerShell.Cmdlets.SecurityInsights.Support Namespace

Structs

AlertDetail	Alert detail
AlertRuleKind	The kind of the alert rule
AlertSeverity	The severity of the alert
AlertStatus	The lifecycle status of the alert.
AntispamMailDirection	The directionality of this mail message
AttackTactic	A list of relevant mitre attacks.
AutomationRuleActionType	The type of the automation rule action
AutomationRulePropertyConditionSupportedOperator	The operator to use for evaluation the condition
AutomationRulePropertyConditionSupportedProperty	The property to evaluate in an automation rule property condition
ConfidenceLevel	The confidence level of this alert.
ConfidenceScoreStatus	The confidence score calculation status, i.e. indicating if score calculation is pending for this alert, not applicable or final.
ConnectAuthKind	The authentication kind used to poll the data
ConnectivityType	type of connectivity
ContentType	The content type of a source control path.
CreatedByType	The type of identity that created the resource.
DataConnectorAuthorizationState	Describes the state of user's authorization for a connector kind.
DataConnectorKind	The kind of the data connector
DataConnectorLicenseState	Describes the state of user's license for a connector kind.
DataTypeState	Describe whether this data type connection is enabled or not.
DeliveryAction	The delivery action of this mail message like Delivered, Blocked, Replaced etc
DeliveryLocation	The delivery location of this mail message like Inbox, JunkFolder etc
ElevationToken	The elevation token associated with the process.
EntityKind	The kind of the entity
EntityMappingType	The V3 type of the mapped entity
EntityQueryKind	The kind of the entity query
EntityTimelineKind	The entity query kind
EntityType	The type of the entity
EventGroupingAggregationKind	The event grouping aggregation kinds
FileHashAlgorithm	The hash algorithm type.
IncidentClassification	The reason the incident was closed
IncidentClassificationReason	The classification reason the incident was closed with
IncidentLabelType	The type of the label
IncidentSeverity	The severity of the incident
IncidentStatus	The status of the incident
KillChainIntent	Holds the alert intent stage(s) mapping for this alert.
Kind	The kind of content the metadata is for.
MatchingMethod	Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, groupByCustomDetails must be provided and not empty.
MicrosoftSecurityProductName	The alerts' productName on which the cases will be generated
Operator	Operator used for list of dependencies in criteria array.
OSFamily	The operating system type.
OutputType	Insights Column type.
OwnerType	The type of the owner the incident is assigned to.
PermissionProviderScope	Permission provider scope
PollingFrequency	The polling frequency for the TAXII server.
ProviderName	Provider name
RegistryHive	the hive that holds the registry key.
RegistryValueKind	Specifies the data types to use when storing values in the registry, or identifies the data type of a value in the registry.
RepoType	The type of repository.
SettingKind	The kind of the setting
SettingType	The kind of the setting
SkuKind	The kind of the tier
SourceKind	Source type of the content
SupportTier	Type of support for content item
TemplateStatus	The alert rule template status.
ThreatIntelligenceSortingCriteriaEnum	Sorting order (ascending/descending/unsorted).
TriggerOperator	The operation against the threshold that triggers alert rule.
UebaDataSources	The data source that enriched by ueba.