Feedback Edit

MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties Class

  • Reference

MicrosoftSecurityIncidentCreation rule template properties.

Variables are only populated by the server, and will be ignored when sending a request.

Inheritance
azure.mgmt.securityinsight.models._models_py3.AlertRuleTemplatePropertiesBase
MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties

Constructor

MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties(*, alert_rules_created_by_template_count: Optional[int] = None, description: Optional[str] = None, display_name: Optional[str] = None, required_data_connectors: Optional[List[azure.mgmt.securityinsight.models._models_py3.AlertRuleTemplateDataSource]] = None, status: Optional[Union[str, azure.mgmt.securityinsight.models._security_insights_enums.TemplateStatus]] = None, display_names_filter: Optional[List[str]] = None, display_names_exclude_filter: Optional[List[str]] = None, product_filter: Optional[Union[str, azure.mgmt.securityinsight.models._security_insights_enums.MicrosoftSecurityProductName]] = None, severities_filter: Optional[List[Union[str, azure.mgmt.securityinsight.models._security_insights_enums.AlertSeverity]]] = None, **kwargs)

Variables

alert_rules_created_by_template_count
int

the number of alert rules that were created by this template.

last_updated_date_utc
datetime

The last time that this alert rule template has been updated.

created_date_utc
datetime

The time that this alert rule template has been added.

description
str

The description of the alert rule template.

display_name
str

The display name for alert rule template.

required_data_connectors
list[AlertRuleTemplateDataSource]

The required data sources for this template.

status
str or TemplateStatus

The alert rule template status. Possible values include: "Installed", "Available", "NotAvailable".

display_names_filter
list[str]

the alerts' displayNames on which the cases will be generated.

display_names_exclude_filter
list[str]

the alerts' displayNames on which the cases will not be generated.

product_filter
str or MicrosoftSecurityProductName

The alerts' productName on which the cases will be generated. Possible values include: "Microsoft Cloud App Security", "Azure Security Center", "Azure Advanced Threat Protection", "Azure Active Directory Identity Protection", "Azure Security Center for IoT", "Office 365 Advanced Threat Protection", "Microsoft Defender Advanced Threat Protection".

severities_filter
list[str or AlertSeverity]

the alerts' severities on which the cases will be generated.