ThreatIntelligenceAlertRule Class
Represents Threat Intelligence alert rule.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Inheritance
-
azure.mgmt.securityinsight.models._models_py3.AlertRuleThreatIntelligenceAlertRule
Constructor
ThreatIntelligenceAlertRule(*, etag: Optional[str] = None, alert_rule_template_name: Optional[str] = None, enabled: Optional[bool] = None, **kwargs)Variables
- id
- str
Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}.
- name
- str
The name of the resource.
- type
- str
The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts".
- system_data
- SystemData
Azure Resource Manager metadata containing createdBy and modifiedBy information.
- etag
- str
Etag of the azure resource.
- kind
- str or AlertRuleKind
Required. The kind of the alert rule.Constant filled by server. Possible values include: "Scheduled", "MicrosoftSecurityIncidentCreation", "Fusion", "MLBehaviorAnalytics", "ThreatIntelligence", "NRT".
- alert_rule_template_name
- str
The Name of the alert rule template used to create this rule.
- description
- str
The description of the alert rule.
- display_name
- str
The display name for alerts created by this alert rule.
- enabled
- bool
Determines whether this alert rule is enabled or disabled.
- last_modified_utc
- datetime
The last time that this alert has been modified.
- severity
- str or AlertSeverity
The severity for alerts created by this alert rule. Possible values include: "High", "Medium", "Low", "Informational".
- tactics
- list[str or AttackTactic]
The tactics of the alert rule.
Feedback
Submit and view feedback for