Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface SecurityAlert

Package version

Represents a security alert entity.

Hierarchy

Index

Properties

Properties

Optional additionalData

additionalData: undefined | {}

A bag of custom fields that should be part of the entity and will be presented to the user. NOTE: This property will not be serialized. It can only be populated by the server.

Optional alertDisplayName

alertDisplayName: undefined | string

The display name of the alert. NOTE: This property will not be serialized. It can only be populated by the server.

Optional alertLink

alertLink: undefined | string

The uri link of the alert. NOTE: This property will not be serialized. It can only be populated by the server.

Optional alertType

alertType: undefined | string

The type name of the alert. NOTE: This property will not be serialized. It can only be populated by the server.

Optional compromisedEntity

compromisedEntity: undefined | string

Display name of the main entity being reported on. NOTE: This property will not be serialized. It can only be populated by the server.

Optional confidenceLevel

confidenceLevel: ConfidenceLevel

The confidence level of this alert. NOTE: This property will not be serialized. It can only be populated by the server.

Optional confidenceReasons

confidenceReasons: SecurityAlertPropertiesConfidenceReasonsItem[]

The confidence reasons NOTE: This property will not be serialized. It can only be populated by the server.

Optional confidenceScore

confidenceScore: undefined | number

The confidence score of the alert. NOTE: This property will not be serialized. It can only be populated by the server.

Optional confidenceScoreStatus

confidenceScoreStatus: ConfidenceScoreStatus

The confidence score calculation status, i.e. indicating if score calculation is pending for this alert, not applicable or final. NOTE: This property will not be serialized. It can only be populated by the server.

Optional description

description: undefined | string

Alert description. NOTE: This property will not be serialized. It can only be populated by the server.

Optional endTimeUtc

endTimeUtc: Date

The impact end time of the alert (the time of the last event contributing to the alert). NOTE: This property will not be serialized. It can only be populated by the server.

Optional friendlyName

friendlyName: undefined | string

The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. NOTE: This property will not be serialized. It can only be populated by the server.

Optional id

id: undefined | string

Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} NOTE: This property will not be serialized. It can only be populated by the server.

Optional intent

intent: KillChainIntent

Holds the alert intent stage(s) mapping for this alert. NOTE: This property will not be serialized. It can only be populated by the server.

kind

kind: "SecurityAlert"

Polymorphic discriminator, which specifies the different types this object can be

Optional name

name: undefined | string

The name of the resource NOTE: This property will not be serialized. It can only be populated by the server.

Optional processingEndTime

processingEndTime: Date

The time the alert was made available for consumption. NOTE: This property will not be serialized. It can only be populated by the server.

Optional productComponentName

productComponentName: undefined | string

The name of a component inside the product which generated the alert. NOTE: This property will not be serialized. It can only be populated by the server.

Optional productName

productName: undefined | string

The name of the product which published this alert. NOTE: This property will not be serialized. It can only be populated by the server.

Optional productVersion

productVersion: undefined | string

The version of the product generating the alert. NOTE: This property will not be serialized. It can only be populated by the server.

Optional providerAlertId

providerAlertId: undefined | string

The identifier of the alert inside the product which generated the alert. NOTE: This property will not be serialized. It can only be populated by the server.

Optional remediationSteps

remediationSteps: string[]

Manual action items to take to remediate the alert. NOTE: This property will not be serialized. It can only be populated by the server.

Optional resourceIdentifiers

resourceIdentifiers: Record<string, unknown>[]

The list of resource identifiers of the alert. NOTE: This property will not be serialized. It can only be populated by the server.

Optional severity

severity: AlertSeverity

The severity of the alert

Optional startTimeUtc

startTimeUtc: Date

The impact start time of the alert (the time of the first event contributing to the alert). NOTE: This property will not be serialized. It can only be populated by the server.

Optional status

status: AlertStatus

The lifecycle status of the alert. NOTE: This property will not be serialized. It can only be populated by the server.

Optional systemAlertId

systemAlertId: undefined | string

Holds the product identifier of the alert for the product. NOTE: This property will not be serialized. It can only be populated by the server.

Optional systemData

systemData: SystemData

Azure Resource Manager metadata containing createdBy and modifiedBy information. NOTE: This property will not be serialized. It can only be populated by the server.

Optional tactics

tactics: AttackTactic[]

The tactics of the alert NOTE: This property will not be serialized. It can only be populated by the server.

Optional timeGenerated

timeGenerated: Date

The time the alert was generated. NOTE: This property will not be serialized. It can only be populated by the server.

Optional type

type: undefined | string

The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" NOTE: This property will not be serialized. It can only be populated by the server.

Optional vendorName

vendorName: undefined | string

The name of the vendor that raise the alert. NOTE: This property will not be serialized. It can only be populated by the server.

Generated using TypeDoc