MicrosoftSecurityIncidentCreationAlertRuleProperties Class
MicrosoftSecurityIncidentCreation rule property bag.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Inheritance
-
azure.mgmt.securityinsight.models._models_py3.MicrosoftSecurityIncidentCreationAlertRuleCommonPropertiesMicrosoftSecurityIncidentCreationAlertRuleProperties
Constructor
MicrosoftSecurityIncidentCreationAlertRuleProperties(*, product_filter: Union[str, azure.mgmt.securityinsight.models._security_insights_enums.MicrosoftSecurityProductName], display_name: str, enabled: bool, display_names_filter: Optional[List[str]] = None, display_names_exclude_filter: Optional[List[str]] = None, severities_filter: Optional[List[Union[str, azure.mgmt.securityinsight.models._security_insights_enums.AlertSeverity]]] = None, alert_rule_template_name: Optional[str] = None, description: Optional[str] = None, **kwargs)Variables
the alerts' displayNames on which the cases will not be generated.
- product_filter
- str or MicrosoftSecurityProductName
Required. The alerts' productName on which the cases will be generated. Possible values include: "Microsoft Cloud App Security", "Azure Security Center", "Azure Advanced Threat Protection", "Azure Active Directory Identity Protection", "Azure Security Center for IoT", "Office 365 Advanced Threat Protection", "Microsoft Defender Advanced Threat Protection".
- severities_filter
- list[str or AlertSeverity]
the alerts' severities on which the cases will be generated.
- alert_rule_template_name
- str
The Name of the alert rule template used to create this rule.
- description
- str
The description of the alert rule.
- display_name
- str
Required. The display name for alerts created by this alert rule.
- enabled
- bool
Required. Determines whether this alert rule is enabled or disabled.
- last_modified_utc
- datetime
The last time that this alert has been modified.
Feedback
Submit and view feedback for