Feedback Edit

MLBehaviorAnalyticsAlertRuleTemplate Class

  • Reference

Represents MLBehaviorAnalytics alert rule template.

Variables are only populated by the server, and will be ignored when sending a request.

All required parameters must be populated in order to send to Azure.

Inheritance
azure.mgmt.securityinsight.models._models_py3.AlertRuleTemplate
MLBehaviorAnalyticsAlertRuleTemplate

Constructor

MLBehaviorAnalyticsAlertRuleTemplate(*, alert_rules_created_by_template_count: Optional[int] = None, description: Optional[str] = None, display_name: Optional[str] = None, required_data_connectors: Optional[List[azure.mgmt.securityinsight.models._models_py3.AlertRuleTemplateDataSource]] = None, status: Optional[Union[str, azure.mgmt.securityinsight.models._security_insights_enums.TemplateStatus]] = None, tactics: Optional[List[Union[str, azure.mgmt.securityinsight.models._security_insights_enums.AttackTactic]]] = None, techniques: Optional[List[str]] = None, severity: Optional[Union[str, azure.mgmt.securityinsight.models._security_insights_enums.AlertSeverity]] = None, **kwargs)

Variables

id
str

Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}.

name
str

The name of the resource.

type
str

The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts".

system_data
SystemData

Azure Resource Manager metadata containing createdBy and modifiedBy information.

kind
str or AlertRuleKind

Required. The kind of the alert rule.Constant filled by server. Possible values include: "Scheduled", "MicrosoftSecurityIncidentCreation", "Fusion", "MLBehaviorAnalytics", "ThreatIntelligence", "NRT".

alert_rules_created_by_template_count
int

the number of alert rules that were created by this template.

last_updated_date_utc
datetime

The last time that this alert rule template has been updated.

created_date_utc
datetime

The time that this alert rule template has been added.

description
str

The description of the alert rule template.

display_name
str

The display name for alert rule template.

required_data_connectors
list[AlertRuleTemplateDataSource]

The required data sources for this template.

status
str or TemplateStatus

The alert rule template status. Possible values include: "Installed", "Available", "NotAvailable".

tactics
list[str or AttackTactic]

The tactics of the alert rule.

techniques
list[str]

The techniques of the alert rule.

severity
str or AlertSeverity

The severity for alerts created by this alert rule. Possible values include: "High", "Medium", "Low", "Informational".