Iot Alert Types - List
List IoT alert types
GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/iotAlertTypes?api-version=2019-08-01
URI Parameters
Name | In | Required | Type | Description |
---|---|---|---|---|
resource
|
path | True |
string |
The name of the resource group within the user's subscription. The name is case insensitive. Regex pattern: |
solution
|
path | True |
string |
The name of the IoT Security solution. |
subscription
|
path | True |
string |
Azure subscription ID Regex pattern: |
api-version
|
query | True |
string |
API version for the operation |
Responses
Name | Type | Description |
---|---|---|
200 OK |
OK |
|
Other Status Codes |
Error response describing why the operation failed. |
Security
azure_auth
Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Name | Description |
---|---|
user_impersonation | impersonate your user account |
Examples
Get IoT Alert Types
Sample Request
GET https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myGroup/providers/Microsoft.Security/iotSecuritySolutions/mySolution/iotAlertTypes?api-version=2019-08-01
Sample Response
{
"value": [
{
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myGroup/providers/Microsoft.Security/iotSecuritySolutions/mySolution/iotAlertTypes",
"name": "IoT_PrivilegedContainer",
"type": "Microsoft.Security/iotSecuritySolutions/iotAlertTypes",
"properties": {
"alertDisplayName": "Privileged container detected",
"severity": "Medium",
"description": "Machine logs indicate that a privileged Docker container is running. A privileged container has full access to host resources. If compromised, a malicious actor can use the privileged container to gain access to the host machine.",
"providerName": "IoTSecurity",
"remediationSteps": [
"If the container doesn't need to run in privileged mode, remove the privileges from the container."
],
"intent": "Exploitation,Execution",
"vendorName": "Microsoft",
"productName": "Azure Security Center for IoT",
"productComponentName": "IoT Hub"
}
}
]
}
Definitions
Name | Description |
---|---|
alert |
Kill chain related intent behind the alert. Could contain multiple enum values (separated by commas) |
alert |
The severity of the alert |
Cloud |
Common error response for all Azure Resource Manager APIs to return error details for failed operations. (This also follows the OData error response format.). |
Cloud |
The error detail. |
Error |
The resource management error additional info. |
Iot |
IoT alert type. |
Iot |
List of alert types |
alertIntent
Kill chain related intent behind the alert. Could contain multiple enum values (separated by commas)
Name | Type | Description |
---|---|---|
Collection |
string |
|
CommandAndControl |
string |
|
CredentialAccess |
string |
|
DefenseEvasion |
string |
|
Discovery |
string |
|
Execution |
string |
|
Exfiltration |
string |
|
Exploitation |
string |
|
Impact |
string |
|
InitialAccess |
string |
|
LateralMovement |
string |
|
Persistence |
string |
|
PreAttack |
string |
|
PrivilegeEscalation |
string |
|
Probing |
string |
|
Unknown |
string |
alertSeverity
The severity of the alert
Name | Type | Description |
---|---|---|
High |
string |
|
Informational |
string |
|
Low |
string |
|
Medium |
string |
CloudError
Common error response for all Azure Resource Manager APIs to return error details for failed operations. (This also follows the OData error response format.).
Name | Type | Description |
---|---|---|
error.additionalInfo |
The error additional info. |
|
error.code |
string |
The error code. |
error.details |
The error details. |
|
error.message |
string |
The error message. |
error.target |
string |
The error target. |
CloudErrorBody
The error detail.
Name | Type | Description |
---|---|---|
additionalInfo |
The error additional info. |
|
code |
string |
The error code. |
details |
The error details. |
|
message |
string |
The error message. |
target |
string |
The error target. |
ErrorAdditionalInfo
The resource management error additional info.
Name | Type | Description |
---|---|---|
info |
object |
The additional info. |
type |
string |
The additional info type. |
IotAlertType
IoT alert type.
Name | Type | Description |
---|---|---|
id |
string |
Resource Id |
name |
string |
Resource name |
properties.alertDisplayName |
string |
The display name of the alert |
properties.description |
string |
Description of the suspected vulnerability and meaning. |
properties.intent |
Kill chain related intent behind the alert. Could contain multiple enum values (separated by commas) |
|
properties.productComponentName |
string |
The name of a component inside the product which generated the alert |
properties.productName |
string |
The name of the product which published this alert |
properties.providerName |
string |
The name of the alert provider or internal partner |
properties.remediationSteps |
string[] |
Manual action items to take to remediate the alert |
properties.severity |
The severity of the alert |
|
properties.vendorName |
string |
The name of the vendor that raise the alert |
type |
string |
Resource type |
IotAlertTypeList
List of alert types
Name | Type | Description |
---|---|---|
value |
List data |