Compartilhar via


ArmSecurityInsightsModelFactory.NrtAlertRule Method

Definition

Initializes a new instance of NrtAlertRule.

public static Azure.ResourceManager.SecurityInsights.Models.NrtAlertRule NrtAlertRule (Azure.Core.ResourceIdentifier id = default, string name = default, Azure.Core.ResourceType resourceType = default, Azure.ResourceManager.Models.SystemData systemData = default, Azure.ETag? etag = default, string alertRuleTemplateName = default, string templateVersion = default, string description = default, string query = default, System.Collections.Generic.IEnumerable<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAttackTactic> tactics = default, System.Collections.Generic.IEnumerable<string> techniques = default, System.Collections.Generic.IEnumerable<string> subTechniques = default, string displayName = default, bool? isEnabled = default, DateTimeOffset? lastModifiedOn = default, TimeSpan? suppressionDuration = default, bool? isSuppressionEnabled = default, Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertSeverity? severity = default, Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsIncidentConfiguration incidentConfiguration = default, System.Collections.Generic.IDictionary<string,string> customDetails = default, System.Collections.Generic.IEnumerable<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertRuleEntityMapping> entityMappings = default, Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertDetailsOverride alertDetailsOverride = default, Azure.ResourceManager.SecurityInsights.Models.EventGroupingAggregationKind? eventGroupingAggregationKind = default, System.Collections.Generic.IEnumerable<Azure.ResourceManager.SecurityInsights.Models.SentinelEntityMapping> sentinelEntitiesMappings = default);
static member NrtAlertRule : Azure.Core.ResourceIdentifier * string * Azure.Core.ResourceType * Azure.ResourceManager.Models.SystemData * Nullable<Azure.ETag> * string * string * string * string * seq<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAttackTactic> * seq<string> * seq<string> * string * Nullable<bool> * Nullable<DateTimeOffset> * Nullable<TimeSpan> * Nullable<bool> * Nullable<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertSeverity> * Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsIncidentConfiguration * System.Collections.Generic.IDictionary<string, string> * seq<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertRuleEntityMapping> * Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertDetailsOverride * Nullable<Azure.ResourceManager.SecurityInsights.Models.EventGroupingAggregationKind> * seq<Azure.ResourceManager.SecurityInsights.Models.SentinelEntityMapping> -> Azure.ResourceManager.SecurityInsights.Models.NrtAlertRule
Public Shared Function NrtAlertRule (Optional id As ResourceIdentifier = Nothing, Optional name As String = Nothing, Optional resourceType As ResourceType = Nothing, Optional systemData As SystemData = Nothing, Optional etag As Nullable(Of ETag) = Nothing, Optional alertRuleTemplateName As String = Nothing, Optional templateVersion As String = Nothing, Optional description As String = Nothing, Optional query As String = Nothing, Optional tactics As IEnumerable(Of SecurityInsightsAttackTactic) = Nothing, Optional techniques As IEnumerable(Of String) = Nothing, Optional subTechniques As IEnumerable(Of String) = Nothing, Optional displayName As String = Nothing, Optional isEnabled As Nullable(Of Boolean) = Nothing, Optional lastModifiedOn As Nullable(Of DateTimeOffset) = Nothing, Optional suppressionDuration As Nullable(Of TimeSpan) = Nothing, Optional isSuppressionEnabled As Nullable(Of Boolean) = Nothing, Optional severity As Nullable(Of SecurityInsightsAlertSeverity) = Nothing, Optional incidentConfiguration As SecurityInsightsIncidentConfiguration = Nothing, Optional customDetails As IDictionary(Of String, String) = Nothing, Optional entityMappings As IEnumerable(Of SecurityInsightsAlertRuleEntityMapping) = Nothing, Optional alertDetailsOverride As SecurityInsightsAlertDetailsOverride = Nothing, Optional eventGroupingAggregationKind As Nullable(Of EventGroupingAggregationKind) = Nothing, Optional sentinelEntitiesMappings As IEnumerable(Of SentinelEntityMapping) = Nothing) As NrtAlertRule

Parameters

id
ResourceIdentifier

The id.

name
String

The name.

resourceType
ResourceType

The resourceType.

systemData
SystemData

The systemData.

etag
Nullable<ETag>

Etag of the azure resource.

alertRuleTemplateName
String

The Name of the alert rule template used to create this rule.

templateVersion
String

The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>.

description
String

The description of the alert rule.

query
String

The query that creates alerts for this rule.

tactics
IEnumerable<SecurityInsightsAttackTactic>

The tactics of the alert rule.

techniques
IEnumerable<String>

The techniques of the alert rule.

subTechniques
IEnumerable<String>

The sub-techniques of the alert rule.

displayName
String

The display name for alerts created by this alert rule.

isEnabled
Nullable<Boolean>

Determines whether this alert rule is enabled or disabled.

lastModifiedOn
Nullable<DateTimeOffset>

The last time that this alert rule has been modified.

suppressionDuration
Nullable<TimeSpan>

The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered.

isSuppressionEnabled
Nullable<Boolean>

Determines whether the suppression for this alert rule is enabled or disabled.

severity
Nullable<SecurityInsightsAlertSeverity>

The severity for alerts created by this alert rule.

incidentConfiguration
SecurityInsightsIncidentConfiguration

The settings of the incidents that created from alerts triggered by this analytics rule.

customDetails
IDictionary<String,String>

Dictionary of string key-value pairs of columns to be attached to the alert.

entityMappings
IEnumerable<SecurityInsightsAlertRuleEntityMapping>

Array of the entity mappings of the alert rule.

alertDetailsOverride
SecurityInsightsAlertDetailsOverride

The alert details override settings.

eventGroupingAggregationKind
Nullable<EventGroupingAggregationKind>

The event grouping settings.

sentinelEntitiesMappings
IEnumerable<SentinelEntityMapping>

Array of the sentinel entity mappings of the alert rule.

Returns

A new NrtAlertRule instance for mocking.

Applies to