Iot Alert Types - List

List IoT alert types

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/iotAlertTypes?api-version=2019-08-01

URI Parameters

Name In Required Type Description
resourceGroupName
path True
  • string

The name of the resource group within the user's subscription. The name is case insensitive.

Regex pattern: ^[-\w\._\(\)]+$

solutionName
path True
  • string

The name of the IoT Security solution.

subscriptionId
path True
  • string

Azure subscription ID

Regex pattern: ^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$

api-version
query True
  • string

API version for the operation

Responses

Name Type Description
200 OK

OK

Other Status Codes

Error response describing why the operation failed.

Security

azure_auth

Azure Active Directory OAuth2 Flow

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation impersonate your user account

Examples

Get IoT Alert Types

Sample Request

GET https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myGroup/providers/Microsoft.Security/iotSecuritySolutions/mySolution/iotAlertTypes?api-version=2019-08-01

Sample Response

{
  "value": [
    {
      "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myGroup/providers/Microsoft.Security/iotSecuritySolutions/mySolution/iotAlertTypes",
      "name": "IoT_PrivilegedContainer",
      "type": "Microsoft.Security/iotSecuritySolutions/iotAlertTypes",
      "properties": {
        "alertDisplayName": "Privileged container detected",
        "severity": "Medium",
        "description": "Machine logs indicate that a privileged Docker container is running. A privileged container has full access to host  resources. If compromised, a malicious actor can use the privileged container to gain access to the host machine.",
        "providerName": "IoTSecurity",
        "remediationSteps": [
          "If the container doesn't need to run in privileged mode, remove the privileges from the container."
        ],
        "intent": "Exploitation,Execution",
        "vendorName": "Microsoft",
        "productName": "Azure Security Center for IoT",
        "productComponentName": "IoT Hub"
      }
    }
  ]
}

Definitions

alertIntent

Kill chain related intent behind the alert. Could contain multiple enum values (separated by commas)

alertSeverity

The severity of the alert

CloudError

Common error response for all Azure Resource Manager APIs to return error details for failed operations. (This also follows the OData error response format.).

CloudErrorBody

The error detail.

ErrorAdditionalInfo

The resource management error additional info.

IotAlertType

IoT alert type.

IotAlertTypeList

List of alert types

alertIntent

Kill chain related intent behind the alert. Could contain multiple enum values (separated by commas)

Name Type Description
Collection
  • string
CommandAndControl
  • string
CredentialAccess
  • string
DefenseEvasion
  • string
Discovery
  • string
Execution
  • string
Exfiltration
  • string
Exploitation
  • string
Impact
  • string
InitialAccess
  • string
LateralMovement
  • string
Persistence
  • string
PreAttack
  • string
PrivilegeEscalation
  • string
Probing
  • string
Unknown
  • string

alertSeverity

The severity of the alert

Name Type Description
High
  • string
Informational
  • string
Low
  • string
Medium
  • string

CloudError

Common error response for all Azure Resource Manager APIs to return error details for failed operations. (This also follows the OData error response format.).

Name Type Description
error.additionalInfo

The error additional info.

error.code
  • string

The error code.

error.details

The error details.

error.message
  • string

The error message.

error.target
  • string

The error target.

CloudErrorBody

The error detail.

Name Type Description
additionalInfo

The error additional info.

code
  • string

The error code.

details

The error details.

message
  • string

The error message.

target
  • string

The error target.

ErrorAdditionalInfo

The resource management error additional info.

Name Type Description
info
  • object

The additional info.

type
  • string

The additional info type.

IotAlertType

IoT alert type.

Name Type Description
id
  • string

Resource Id

name
  • string

Resource name

properties.alertDisplayName
  • string

The display name of the alert

properties.description
  • string

Description of the suspected vulnerability and meaning.

properties.intent

Kill chain related intent behind the alert. Could contain multiple enum values (separated by commas)

properties.productComponentName
  • string

The name of a component inside the product which generated the alert

properties.productName
  • string

The name of the product which published this alert

properties.providerName
  • string

The name of the alert provider or internal partner

properties.remediationSteps
  • string[]

Manual action items to take to remediate the alert

properties.severity

The severity of the alert

properties.vendorName
  • string

The name of the vendor that raise the alert

type
  • string

Resource type

IotAlertTypeList

List of alert types

Name Type Description
value

List data