Assessments Metadata - Create In Subscription

Služba:

Defender for Cloud

Verze rozhraní API:

2021-06-01

Vytvoření informací o metadatech pro typ posouzení v konkrétním předplatném

PUT https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName}?api-version=2021-06-01

Parametry identifikátoru URI

Name	V	Vyžadováno	Typ	Description
assessmentMetadataName	path	True	string	Klíč posouzení – jedinečný klíč pro typ posouzení
subscriptionId	path	True	string	ID předplatného Azure Vzor regulárního výrazu: ^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$
api-version	query	True	string	Verze rozhraní API pro operaci

Text požadavku

Name	Vyžadováno	Typ	Description
properties.assessmentType	True	assessmentType	BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition
properties.displayName	True	string	Uživatelsky přívětivý zobrazovaný název posouzení
properties.severity	True	severity	Úroveň závažnosti posouzení
properties.categories		categories[]	Kategorie prostředků, které jsou ohroženy, když posouzení není v pořádku
properties.description		string	Human readable description of the assessment
properties.implementationEffort		implementationEffort	Úsilí o implementaci potřebné k nápravě tohoto posouzení
properties.partnerData		SecurityAssessmentMetadataPartnerData	Popisuje partnera, který vytvořil posouzení.
properties.plannedDeprecationDate		string
properties.preview		boolean	Hodnota True, pokud je toto posouzení ve stavu verze Preview
properties.publishDates		PublishDates
properties.remediationDescription		string	Popis toho, co byste měli udělat pro zmírnění tohoto problému se zabezpečením, je čitelný pro člověka
properties.tactics		tactics[]	Taktika posouzení
properties.techniques		techniques[]	Techniky posouzení
properties.threats		threats[]	Dopad posouzení na hrozby
properties.userImpact		userImpact	Dopad posouzení na uživatele

Odpovědi

Name	Typ	Description
200 OK	SecurityAssessmentMetadataResponse	OK
Other Status Codes	CloudError	Chybová odpověď popisující, proč operace selhala.

Zabezpečení

azure_auth

Azure Active Directory OAuth2 Flow

Typ: oauth2
Tok: implicit
URL autorizace: https://login.microsoftonline.com/common/oauth2/authorize

Rozsahy

Name	Description
user_impersonation	zosobnění uživatelského účtu

Příklady

Create security assessment metadata for subscription

Ukázkový požadavek

HTTP

PUT https://management.azure.com/subscriptions/0980887d-03d6-408c-9566-532f3456804e/providers/Microsoft.Security/assessmentMetadata/ca039e75-a276-4175-aebc-bcd41e4b14b7?api-version=2021-06-01

{
  "properties": {
    "displayName": "Install endpoint protection solution on virtual machine scale sets",
    "description": "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
    "remediationDescription": "To install an endpoint protection solution: 1.  <a href=\"https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set\">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>",
    "categories": [
      "Compute"
    ],
    "severity": "Medium",
    "userImpact": "Low",
    "implementationEffort": "Low",
    "threats": [
      "dataExfiltration",
      "dataSpillage",
      "maliciousInsider"
    ],
    "assessmentType": "CustomerManaged"
  }
}

Java

import com.azure.resourcemanager.security.models.AssessmentType;
import com.azure.resourcemanager.security.models.Categories;
import com.azure.resourcemanager.security.models.ImplementationEffort;
import com.azure.resourcemanager.security.models.Severity;
import com.azure.resourcemanager.security.models.Threats;
import com.azure.resourcemanager.security.models.UserImpact;
import java.util.Arrays;

/**
 * Samples for AssessmentsMetadata CreateInSubscription.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/
     * CreateAssessmentsMetadata_subscription_example.json
     */
    /**
     * Sample code: Create security assessment metadata for subscription.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void
        createSecurityAssessmentMetadataForSubscription(com.azure.resourcemanager.security.SecurityManager manager) {
        manager.assessmentsMetadatas().define("ca039e75-a276-4175-aebc-bcd41e4b14b7")
            .withDisplayName("Install endpoint protection solution on virtual machine scale sets")
            .withDescription(
                "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.")
            .withRemediationDescription(
                "To install an endpoint protection solution: 1.  <a href=\"https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set\">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>")
            .withCategories(Arrays.asList(Categories.COMPUTE)).withSeverity(Severity.MEDIUM)
            .withUserImpact(UserImpact.LOW).withImplementationEffort(ImplementationEffort.LOW)
            .withThreats(Arrays.asList(Threats.DATA_EXFILTRATION, Threats.DATA_SPILLAGE, Threats.MALICIOUS_INSIDER))
            .withAssessmentType(AssessmentType.CUSTOMER_MANAGED).create();
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Go

package armsecurity_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json
func ExampleAssessmentsMetadataClient_CreateInSubscription() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	res, err := clientFactory.NewAssessmentsMetadataClient().CreateInSubscription(ctx, "ca039e75-a276-4175-aebc-bcd41e4b14b7", armsecurity.AssessmentMetadataResponse{
		Properties: &armsecurity.AssessmentMetadataPropertiesResponse{
			Description:    to.Ptr("Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities."),
			AssessmentType: to.Ptr(armsecurity.AssessmentTypeCustomerManaged),
			Categories: []*armsecurity.Categories{
				to.Ptr(armsecurity.CategoriesCompute)},
			DisplayName:            to.Ptr("Install endpoint protection solution on virtual machine scale sets"),
			ImplementationEffort:   to.Ptr(armsecurity.ImplementationEffortLow),
			RemediationDescription: to.Ptr("To install an endpoint protection solution: 1.  <a href=\"https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set\">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>"),
			Severity:               to.Ptr(armsecurity.SeverityMedium),
			Threats: []*armsecurity.Threats{
				to.Ptr(armsecurity.ThreatsDataExfiltration),
				to.Ptr(armsecurity.ThreatsDataSpillage),
				to.Ptr(armsecurity.ThreatsMaliciousInsider)},
			UserImpact: to.Ptr(armsecurity.UserImpactLow),
		},
	}, nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.AssessmentMetadataResponse = armsecurity.AssessmentMetadataResponse{
	// 	Name: to.Ptr("ca039e75-a276-4175-aebc-bcd41e4b14b7"),
	// 	Type: to.Ptr("Microsoft.Security/assessmentMetadata"),
	// 	ID: to.Ptr("/providers/Microsoft.Security/assessmentMetadata/ca039e75-a276-4175-aebc-bcd41e4b14b7"),
	// 	Properties: &armsecurity.AssessmentMetadataPropertiesResponse{
	// 		Description: to.Ptr("Assessment that my organization created to view our security assessment in Azure Security Center"),
	// 		AssessmentType: to.Ptr(armsecurity.AssessmentTypeCustomerManaged),
	// 		Categories: []*armsecurity.Categories{
	// 			to.Ptr(armsecurity.CategoriesCompute)},
	// 			DisplayName: to.Ptr("My organization security assessment"),
	// 			ImplementationEffort: to.Ptr(armsecurity.ImplementationEffortLow),
	// 			RemediationDescription: to.Ptr("Fix it with these remediation instructions"),
	// 			Severity: to.Ptr(armsecurity.SeverityMedium),
	// 			Threats: []*armsecurity.Threats{
	// 				to.Ptr(armsecurity.ThreatsDataExfiltration),
	// 				to.Ptr(armsecurity.ThreatsDataSpillage),
	// 				to.Ptr(armsecurity.ThreatsMaliciousInsider)},
	// 				UserImpact: to.Ptr(armsecurity.UserImpactLow),
	// 			},
	// 		}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

JavaScript

const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Create metadata information on an assessment type in a specific subscription
 *
 * @summary Create metadata information on an assessment type in a specific subscription
 * x-ms-original-file: specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json
 */
async function createSecurityAssessmentMetadataForSubscription() {
  const subscriptionId =
    process.env["SECURITY_SUBSCRIPTION_ID"] || "0980887d-03d6-408c-9566-532f3456804e";
  const assessmentMetadataName = "ca039e75-a276-4175-aebc-bcd41e4b14b7";
  const assessmentMetadata = {
    description:
      "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
    assessmentType: "CustomerManaged",
    categories: ["Compute"],
    displayName: "Install endpoint protection solution on virtual machine scale sets",
    implementationEffort: "Low",
    remediationDescription:
      'To install an endpoint protection solution: 1.  <a href="https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>',
    severity: "Medium",
    threats: ["dataExfiltration", "dataSpillage", "maliciousInsider"],
    userImpact: "Low",
  };
  const credential = new DefaultAzureCredential();
  const client = new SecurityCenter(credential, subscriptionId);
  const result = await client.assessmentsMetadata.createInSubscription(
    assessmentMetadataName,
    assessmentMetadata,
  );
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

dotnet

using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.SecurityCenter;
using Azure.ResourceManager.SecurityCenter.Models;

// Generated from example definition: specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json
// this example is just showing the usage of "AssessmentsMetadata_CreateInSubscription" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this SubscriptionAssessmentMetadataResource created on azure
// for more information of creating SubscriptionAssessmentMetadataResource, please refer to the document of SubscriptionAssessmentMetadataResource
string subscriptionId = "0980887d-03d6-408c-9566-532f3456804e";
string assessmentMetadataName = "ca039e75-a276-4175-aebc-bcd41e4b14b7";
ResourceIdentifier subscriptionAssessmentMetadataResourceId = SubscriptionAssessmentMetadataResource.CreateResourceIdentifier(subscriptionId, assessmentMetadataName);
SubscriptionAssessmentMetadataResource subscriptionAssessmentMetadata = client.GetSubscriptionAssessmentMetadataResource(subscriptionAssessmentMetadataResourceId);

// invoke the operation
SecurityAssessmentMetadataData data = new SecurityAssessmentMetadataData()
{
    DisplayName = "Install endpoint protection solution on virtual machine scale sets",
    Description = "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
    RemediationDescription = "To install an endpoint protection solution: 1.  <a href=\"https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set\">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>",
    Categories =
    {
    SecurityAssessmentResourceCategory.Compute
    },
    Severity = SecurityAssessmentSeverity.Medium,
    UserImpact = SecurityAssessmentUserImpact.Low,
    ImplementationEffort = ImplementationEffort.Low,
    Threats =
    {
    SecurityThreat.DataExfiltration,SecurityThreat.DataSpillage,SecurityThreat.MaliciousInsider
    },
    AssessmentType = SecurityAssessmentType.CustomerManaged,
};
ArmOperation<SubscriptionAssessmentMetadataResource> lro = await subscriptionAssessmentMetadata.UpdateAsync(WaitUntil.Completed, data);
SubscriptionAssessmentMetadataResource result = lro.Value;

// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
SecurityAssessmentMetadataData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Ukázková odpověď

Stavový kód:

200

{
  "id": "/providers/Microsoft.Security/assessmentMetadata/ca039e75-a276-4175-aebc-bcd41e4b14b7",
  "name": "ca039e75-a276-4175-aebc-bcd41e4b14b7",
  "type": "Microsoft.Security/assessmentMetadata",
  "properties": {
    "displayName": "My organization security assessment",
    "description": "Assessment that my organization created to view our security assessment in Azure Security Center",
    "remediationDescription": "Fix it with these remediation instructions",
    "categories": [
      "Compute"
    ],
    "severity": "Medium",
    "userImpact": "Low",
    "implementationEffort": "Low",
    "threats": [
      "dataExfiltration",
      "dataSpillage",
      "maliciousInsider"
    ],
    "assessmentType": "CustomerManaged"
  }
}

Definice

Name	Description
assessmentType	BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition
categories
CloudError	Běžná chybová odpověď pro všechna rozhraní API Azure Resource Manageru pro vrácení podrobností o chybě pro neúspěšné operace (To se také řídí formátem odpovědi na chybu OData.)
CloudErrorBody	Podrobnosti o chybě.
ErrorAdditionalInfo	Další informace o chybě správy prostředků
implementationEffort	Úsilí o implementaci potřebné k nápravě tohoto posouzení
PublishDates
SecurityAssessmentMetadataPartnerData	Popisuje partnera, který vytvořil posouzení.
SecurityAssessmentMetadataResponse	Odpověď na metadata posouzení zabezpečení
severity	Úroveň závažnosti posouzení
tactics
techniques
threats
userImpact	Dopad posouzení na uživatele

assessmentType

BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition

Name	Typ	Description
BuiltIn	string	Posouzení spravovaná v programu Microsoft Defender pro cloud
CustomPolicy	string	Uživatelem definované zásady, které se automaticky ingestují ze služby Azure Policy do Microsoft Defenderu pro cloud
CustomerManaged	string	Hodnocení uživatelů nabízená přímo uživatelem nebo jinou třetí stranou do programu Microsoft Defender for Cloud
VerifiedPartner	string	Posouzení vytvořené ověřenou třetí stranou, pokud ho uživatel připojil k ASC

categories

Name	Typ	Description
Compute	string
Data	string
IdentityAndAccess	string
IoT	string
Networking	string

CloudError

Běžná chybová odpověď pro všechna rozhraní API Azure Resource Manageru pro vrácení podrobností o chybě pro neúspěšné operace (To se také řídí formátem odpovědi na chybu OData.)

Name	Typ	Description
error.additionalInfo	ErrorAdditionalInfo[]	Další informace o chybě.
error.code	string	Kód chyby.
error.details	CloudErrorBody[]	Podrobnosti o chybě.
error.message	string	Chybová zpráva.
error.target	string	Cíl chyby.

CloudErrorBody

Podrobnosti o chybě.

Name	Typ	Description
additionalInfo	ErrorAdditionalInfo[]	Další informace o chybě.
code	string	Kód chyby.
details	CloudErrorBody[]	Podrobnosti o chybě.
message	string	Chybová zpráva.
target	string	Cíl chyby.

ErrorAdditionalInfo

Další informace o chybě správy prostředků

Name	Typ	Description
info	object	Další informace.
type	string	Další typ informací.

implementationEffort

Úsilí o implementaci potřebné k nápravě tohoto posouzení

Name	Typ	Description
High	string
Low	string
Moderate	string

PublishDates

Name	Typ	Description
GA	string
public	string

SecurityAssessmentMetadataPartnerData

Popisuje partnera, který vytvořil posouzení.

Name	Typ	Description
partnerName	string	Název společnosti partnera
productName	string	Název produktu partnera, který posouzení vytvořil
secret	string	Tajný kód pro ověření partnera a ověření vytvoření posouzení – pouze zápis

SecurityAssessmentMetadataResponse

Odpověď na metadata posouzení zabezpečení

Name	Typ	Description
id	string	ID prostředku
name	string	Název prostředku
properties.assessmentType	assessmentType	BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition
properties.categories	categories[]	Kategorie prostředků, které jsou ohroženy, když posouzení není v pořádku
properties.description	string	Human readable description of the assessment
properties.displayName	string	Uživatelsky přívětivý zobrazovaný název posouzení
properties.implementationEffort	implementationEffort	Úsilí o implementaci potřebné k nápravě tohoto posouzení
properties.partnerData	SecurityAssessmentMetadataPartnerData	Popisuje partnera, který vytvořil posouzení.
properties.plannedDeprecationDate	string
properties.policyDefinitionId	string	ID prostředku Azure definice zásady, která tento výpočet posouzení zapne
properties.preview	boolean	Hodnota True, pokud je toto posouzení ve stavu verze Preview
properties.publishDates	PublishDates
properties.remediationDescription	string	Popis toho, co byste měli udělat pro zmírnění tohoto problému se zabezpečením, je čitelný pro člověka
properties.severity	severity	Úroveň závažnosti posouzení
properties.tactics	tactics[]	Taktika posouzení
properties.techniques	techniques[]	Techniky posouzení
properties.threats	threats[]	Dopad posouzení na hrozby
properties.userImpact	userImpact	Dopad posouzení na uživatele
type	string	Typ prostředku

severity

Úroveň závažnosti posouzení

Name	Typ	Description
High	string
Low	string
Medium	string

tactics

Name	Typ	Description
Collection	string
Command and Control	string
Credential Access	string
Defense Evasion	string
Discovery	string
Execution	string
Exfiltration	string
Impact	string
Initial Access	string
Lateral Movement	string
Persistence	string
Privilege Escalation	string
Reconnaissance	string
Resource Development	string

techniques

Name	Typ	Description
Abuse Elevation Control Mechanism	string
Access Token Manipulation	string
Account Discovery	string
Account Manipulation	string
Active Scanning	string
Application Layer Protocol	string
Audio Capture	string
Boot or Logon Autostart Execution	string
Boot or Logon Initialization Scripts	string
Brute Force	string
Cloud Infrastructure Discovery	string
Cloud Service Dashboard	string
Cloud Service Discovery	string
Command and Scripting Interpreter	string
Compromise Client Software Binary	string
Compromise Infrastructure	string
Container and Resource Discovery	string
Create Account	string
Create or Modify System Process	string
Credentials from Password Stores	string
Data Destruction	string
Data Encrypted for Impact	string
Data Manipulation	string
Data Staged	string
Data from Cloud Storage Object	string
Data from Configuration Repository	string
Data from Information Repositories	string
Data from Local System	string
Defacement	string
Deobfuscate/Decode Files or Information	string
Disk Wipe	string
Domain Trust Discovery	string
Drive-by Compromise	string
Dynamic Resolution	string
Endpoint Denial of Service	string
Event Triggered Execution	string
Exfiltration Over Alternative Protocol	string
Exploit Public-Facing Application	string
Exploitation for Client Execution	string
Exploitation for Credential Access	string
Exploitation for Defense Evasion	string
Exploitation for Privilege Escalation	string
Exploitation of Remote Services	string
External Remote Services	string
Fallback Channels	string
File and Directory Discovery	string
File and Directory Permissions Modification	string
Gather Victim Network Information	string
Hide Artifacts	string
Hijack Execution Flow	string
Impair Defenses	string
Implant Container Image	string
Indicator Removal on Host	string
Indirect Command Execution	string
Ingress Tool Transfer	string
Input Capture	string
Inter-Process Communication	string
Lateral Tool Transfer	string
Man-in-the-Middle	string
Masquerading	string
Modify Authentication Process	string
Modify Registry	string
Network Denial of Service	string
Network Service Scanning	string
Network Sniffing	string
Non-Application Layer Protocol	string
Non-Standard Port	string
OS Credential Dumping	string
Obfuscated Files or Information	string
Obtain Capabilities	string
Office Application Startup	string
Permission Groups Discovery	string
Phishing	string
Pre-OS Boot	string
Process Discovery	string
Process Injection	string
Protocol Tunneling	string
Proxy	string
Query Registry	string
Remote Access Software	string
Remote Service Session Hijacking	string
Remote Services	string
Remote System Discovery	string
Resource Hijacking	string
SQL Stored Procedures	string
Scheduled Task/Job	string
Screen Capture	string
Search Victim-Owned Websites	string
Server Software Component	string
Service Stop	string
Signed Binary Proxy Execution	string
Software Deployment Tools	string
Steal or Forge Kerberos Tickets	string
Subvert Trust Controls	string
Supply Chain Compromise	string
System Information Discovery	string
Taint Shared Content	string
Traffic Signaling	string
Transfer Data to Cloud Account	string
Trusted Relationship	string
Unsecured Credentials	string
User Execution	string
Valid Accounts	string
Windows Management Instrumentation	string

threats

Name	Typ	Description
accountBreach	string
dataExfiltration	string
dataSpillage	string
denialOfService	string
elevationOfPrivilege	string
maliciousInsider	string
missingCoverage	string
threatResistance	string

userImpact

Dopad posouzení na uživatele

Name	Typ	Description
High	string
Low	string
Moderate	string