MicrosoftSecurityIncidentCreationAlertRuleCommonProperties Class

Reference

MicrosoftSecurityIncidentCreation rule common property bag.

All required parameters must be populated in order to send to Azure.

Inheritance: Model

MicrosoftSecurityIncidentCreationAlertRuleCommonProperties

Constructor

MicrosoftSecurityIncidentCreationAlertRuleCommonProperties(*, product_filter: Union[str, azure.mgmt.securityinsight.models._security_insights_enums.MicrosoftSecurityProductName], display_names_filter: Optional[List[str]] = None, display_names_exclude_filter: Optional[List[str]] = None, severities_filter: Optional[List[Union[str, azure.mgmt.securityinsight.models._security_insights_enums.AlertSeverity]]] = None, **kwargs)

Variables

display_names_filter: list[str]

the alerts' displayNames on which the cases will be generated.

display_names_exclude_filter: list[str]

the alerts' displayNames on which the cases will not be generated.

product_filter: str or MicrosoftSecurityProductName

Required. The alerts' productName on which the cases will be generated. Possible values include: "Microsoft Cloud App Security", "Azure Security Center", "Azure Advanced Threat Protection", "Azure Active Directory Identity Protection", "Azure Security Center for IoT", "Office 365 Advanced Threat Protection", "Microsoft Defender Advanced Threat Protection".

severities_filter: list[str or AlertSeverity]

the alerts' severities on which the cases will be generated.

MicrosoftSecurityIncidentCreationAlertRuleCommonProperties Class

Constructor

Variables

Feedback