IncidentPropertiesAction Class
IncidentPropertiesAction.
- Inheritance
-
IncidentPropertiesAction
Constructor
IncidentPropertiesAction(*, severity: Optional[Union[str, azure.mgmt.securityinsight.models._security_insights_enums.IncidentSeverity]] = None, status: Optional[Union[str, azure.mgmt.securityinsight.models._security_insights_enums.IncidentStatus]] = None, classification: Optional[Union[str, azure.mgmt.securityinsight.models._security_insights_enums.IncidentClassification]] = None, classification_reason: Optional[Union[str, azure.mgmt.securityinsight.models._security_insights_enums.IncidentClassificationReason]] = None, classification_comment: Optional[str] = None, owner: Optional[azure.mgmt.securityinsight.models._models_py3.IncidentOwnerInfo] = None, labels: Optional[List[azure.mgmt.securityinsight.models._models_py3.IncidentLabel]] = None, **kwargs)Variables
- severity
- str or IncidentSeverity
The severity of the incident. Possible values include: "High", "Medium", "Low", "Informational".
- status
- str or IncidentStatus
The status of the incident. Possible values include: "New", "Active", "Closed".
- classification
- str or IncidentClassification
The reason the incident was closed. Possible values include: "Undetermined", "TruePositive", "BenignPositive", "FalsePositive".
- classification_reason
- str or IncidentClassificationReason
The classification reason the incident was closed with. Possible values include: "SuspiciousActivity", "SuspiciousButExpected", "IncorrectAlertLogic", "InaccurateData".
- classification_comment
- str
Describes the reason the incident was closed.
- owner
- IncidentOwnerInfo
Information on the user an incident is assigned to.
- labels
- list[IncidentLabel]
List of labels to add to the incident.
Feedback
Submit and view feedback for