Package com.azure.resourcemanager.securityinsights.models

Class NrtAlertRule

  • public final class NrtAlertRule
extends AlertRuleInner
    Represents NRT alert rule.

    • Constructor Detail

      • NrtAlertRule

        public NrtAlertRule()

    • Method Detail

      • withEtag

        public NrtAlertRule withEtag​(String etag)
        Set the etag property: Etag of the azure resource.
        Overrides:
        withEtag in class AlertRuleInner
        Parameters:
        etag - the etag value to set.
        Returns:
        the ResourceWithEtag object itself.

      • alertRuleTemplateName

        public String alertRuleTemplateName()
        Get the alertRuleTemplateName property: The Name of the alert rule template used to create this rule.
        Returns:
        the alertRuleTemplateName value.

      • withAlertRuleTemplateName

        public NrtAlertRule withAlertRuleTemplateName​(String alertRuleTemplateName)
        Set the alertRuleTemplateName property: The Name of the alert rule template used to create this rule.
        Parameters:
        alertRuleTemplateName - the alertRuleTemplateName value to set.
        Returns:
        the NrtAlertRule object itself.

      • templateVersion

        public String templateVersion()
        Get the templateVersion property: The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>.
        Returns:
        the templateVersion value.

      • withTemplateVersion

        public NrtAlertRule withTemplateVersion​(String templateVersion)
        Set the templateVersion property: The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>.
        Parameters:
        templateVersion - the templateVersion value to set.
        Returns:
        the NrtAlertRule object itself.

      • description

        public String description()
        Get the description property: The description of the alert rule.
        Returns:
        the description value.

      • withDescription

        public NrtAlertRule withDescription​(String description)
        Set the description property: The description of the alert rule.
        Parameters:
        description - the description value to set.
        Returns:
        the NrtAlertRule object itself.

      • query

        public String query()
        Get the query property: The query that creates alerts for this rule.
        Returns:
        the query value.

      • withQuery

        public NrtAlertRule withQuery​(String query)
        Set the query property: The query that creates alerts for this rule.
        Parameters:
        query - the query value to set.
        Returns:
        the NrtAlertRule object itself.

      • tactics

        public List<AttackTactic> tactics()
        Get the tactics property: The tactics of the alert rule.
        Returns:
        the tactics value.

      • withTactics

        public NrtAlertRule withTactics​(List<AttackTactic> tactics)
        Set the tactics property: The tactics of the alert rule.
        Parameters:
        tactics - the tactics value to set.
        Returns:
        the NrtAlertRule object itself.

      • techniques

        public List<String> techniques()
        Get the techniques property: The techniques of the alert rule.
        Returns:
        the techniques value.

      • withTechniques

        public NrtAlertRule withTechniques​(List<String> techniques)
        Set the techniques property: The techniques of the alert rule.
        Parameters:
        techniques - the techniques value to set.
        Returns:
        the NrtAlertRule object itself.

      • displayName

        public String displayName()
        Get the displayName property: The display name for alerts created by this alert rule.
        Returns:
        the displayName value.

      • withDisplayName

        public NrtAlertRule withDisplayName​(String displayName)
        Set the displayName property: The display name for alerts created by this alert rule.
        Parameters:
        displayName - the displayName value to set.
        Returns:
        the NrtAlertRule object itself.

      • enabled

        public Boolean enabled()
        Get the enabled property: Determines whether this alert rule is enabled or disabled.
        Returns:
        the enabled value.

      • withEnabled

        public NrtAlertRule withEnabled​(Boolean enabled)
        Set the enabled property: Determines whether this alert rule is enabled or disabled.
        Parameters:
        enabled - the enabled value to set.
        Returns:
        the NrtAlertRule object itself.

      • lastModifiedUtc

        public OffsetDateTime lastModifiedUtc()
        Get the lastModifiedUtc property: The last time that this alert rule has been modified.
        Returns:
        the lastModifiedUtc value.

      • suppressionDuration

        public Duration suppressionDuration()
        Get the suppressionDuration property: The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered.
        Returns:
        the suppressionDuration value.

      • withSuppressionDuration

        public NrtAlertRule withSuppressionDuration​(Duration suppressionDuration)
        Set the suppressionDuration property: The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered.
        Parameters:
        suppressionDuration - the suppressionDuration value to set.
        Returns:
        the NrtAlertRule object itself.

      • suppressionEnabled

        public Boolean suppressionEnabled()
        Get the suppressionEnabled property: Determines whether the suppression for this alert rule is enabled or disabled.
        Returns:
        the suppressionEnabled value.

      • withSuppressionEnabled

        public NrtAlertRule withSuppressionEnabled​(Boolean suppressionEnabled)
        Set the suppressionEnabled property: Determines whether the suppression for this alert rule is enabled or disabled.
        Parameters:
        suppressionEnabled - the suppressionEnabled value to set.
        Returns:
        the NrtAlertRule object itself.

      • severity

        public AlertSeverity severity()
        Get the severity property: The severity for alerts created by this alert rule.
        Returns:
        the severity value.

      • withSeverity

        public NrtAlertRule withSeverity​(AlertSeverity severity)
        Set the severity property: The severity for alerts created by this alert rule.
        Parameters:
        severity - the severity value to set.
        Returns:
        the NrtAlertRule object itself.

      • incidentConfiguration

        public IncidentConfiguration incidentConfiguration()
        Get the incidentConfiguration property: The settings of the incidents that created from alerts triggered by this analytics rule.
        Returns:
        the incidentConfiguration value.

      • withIncidentConfiguration

        public NrtAlertRule withIncidentConfiguration​(IncidentConfiguration incidentConfiguration)
        Set the incidentConfiguration property: The settings of the incidents that created from alerts triggered by this analytics rule.
        Parameters:
        incidentConfiguration - the incidentConfiguration value to set.
        Returns:
        the NrtAlertRule object itself.

      • customDetails

        public Map<String,​String> customDetails()
        Get the customDetails property: Dictionary of string key-value pairs of columns to be attached to the alert.
        Returns:
        the customDetails value.

      • withCustomDetails

        public NrtAlertRule withCustomDetails​(Map<String,​String> customDetails)
        Set the customDetails property: Dictionary of string key-value pairs of columns to be attached to the alert.
        Parameters:
        customDetails - the customDetails value to set.
        Returns:
        the NrtAlertRule object itself.

      • entityMappings

        public List<EntityMapping> entityMappings()
        Get the entityMappings property: Array of the entity mappings of the alert rule.
        Returns:
        the entityMappings value.

      • withEntityMappings

        public NrtAlertRule withEntityMappings​(List<EntityMapping> entityMappings)
        Set the entityMappings property: Array of the entity mappings of the alert rule.
        Parameters:
        entityMappings - the entityMappings value to set.
        Returns:
        the NrtAlertRule object itself.

      • alertDetailsOverride

        public AlertDetailsOverride alertDetailsOverride()
        Get the alertDetailsOverride property: The alert details override settings.
        Returns:
        the alertDetailsOverride value.

      • withAlertDetailsOverride

        public NrtAlertRule withAlertDetailsOverride​(AlertDetailsOverride alertDetailsOverride)
        Set the alertDetailsOverride property: The alert details override settings.
        Parameters:
        alertDetailsOverride - the alertDetailsOverride value to set.
        Returns:
        the NrtAlertRule object itself.