Compartilhar via


ArmSecurityInsightsModelFactory.SecurityInsightsScheduledAlertRule Método

Definição

Inicializa uma nova instância de SecurityInsightsScheduledAlertRule.

public static Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsScheduledAlertRule SecurityInsightsScheduledAlertRule (Azure.Core.ResourceIdentifier id = default, string name = default, Azure.Core.ResourceType resourceType = default, Azure.ResourceManager.Models.SystemData systemData = default, Azure.ETag? etag = default, string query = default, TimeSpan? queryFrequency = default, TimeSpan? queryPeriod = default, Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertSeverity? severity = default, Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertRuleTriggerOperator? triggerOperator = default, int? triggerThreshold = default, Azure.ResourceManager.SecurityInsights.Models.EventGroupingAggregationKind? eventGroupingAggregationKind = default, System.Collections.Generic.IDictionary<string,string> customDetails = default, System.Collections.Generic.IEnumerable<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertRuleEntityMapping> entityMappings = default, Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertDetailsOverride alertDetailsOverride = default, string alertRuleTemplateName = default, string templateVersion = default, string description = default, string displayName = default, bool? isEnabled = default, DateTimeOffset? lastModifiedOn = default, TimeSpan? suppressionDuration = default, bool? isSuppressionEnabled = default, System.Collections.Generic.IEnumerable<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAttackTactic> tactics = default, System.Collections.Generic.IEnumerable<string> techniques = default, Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsIncidentConfiguration incidentConfiguration = default);
static member SecurityInsightsScheduledAlertRule : Azure.Core.ResourceIdentifier * string * Azure.Core.ResourceType * Azure.ResourceManager.Models.SystemData * Nullable<Azure.ETag> * string * Nullable<TimeSpan> * Nullable<TimeSpan> * Nullable<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertSeverity> * Nullable<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertRuleTriggerOperator> * Nullable<int> * Nullable<Azure.ResourceManager.SecurityInsights.Models.EventGroupingAggregationKind> * System.Collections.Generic.IDictionary<string, string> * seq<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertRuleEntityMapping> * Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertDetailsOverride * string * string * string * string * Nullable<bool> * Nullable<DateTimeOffset> * Nullable<TimeSpan> * Nullable<bool> * seq<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAttackTactic> * seq<string> * Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsIncidentConfiguration -> Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsScheduledAlertRule
Public Shared Function SecurityInsightsScheduledAlertRule (Optional id As ResourceIdentifier = Nothing, Optional name As String = Nothing, Optional resourceType As ResourceType = Nothing, Optional systemData As SystemData = Nothing, Optional etag As Nullable(Of ETag) = Nothing, Optional query As String = Nothing, Optional queryFrequency As Nullable(Of TimeSpan) = Nothing, Optional queryPeriod As Nullable(Of TimeSpan) = Nothing, Optional severity As Nullable(Of SecurityInsightsAlertSeverity) = Nothing, Optional triggerOperator As Nullable(Of SecurityInsightsAlertRuleTriggerOperator) = Nothing, Optional triggerThreshold As Nullable(Of Integer) = Nothing, Optional eventGroupingAggregationKind As Nullable(Of EventGroupingAggregationKind) = Nothing, Optional customDetails As IDictionary(Of String, String) = Nothing, Optional entityMappings As IEnumerable(Of SecurityInsightsAlertRuleEntityMapping) = Nothing, Optional alertDetailsOverride As SecurityInsightsAlertDetailsOverride = Nothing, Optional alertRuleTemplateName As String = Nothing, Optional templateVersion As String = Nothing, Optional description As String = Nothing, Optional displayName As String = Nothing, Optional isEnabled As Nullable(Of Boolean) = Nothing, Optional lastModifiedOn As Nullable(Of DateTimeOffset) = Nothing, Optional suppressionDuration As Nullable(Of TimeSpan) = Nothing, Optional isSuppressionEnabled As Nullable(Of Boolean) = Nothing, Optional tactics As IEnumerable(Of SecurityInsightsAttackTactic) = Nothing, Optional techniques As IEnumerable(Of String) = Nothing, Optional incidentConfiguration As SecurityInsightsIncidentConfiguration = Nothing) As SecurityInsightsScheduledAlertRule

Parâmetros

name
String

O nome.

resourceType
ResourceType

O resourceType.

systemData
SystemData

O systemData.

etag
Nullable<ETag>

Etag do recurso do azure.

query
String

A consulta que cria alertas para essa regra.

queryFrequency
Nullable<TimeSpan>

A frequência (no formato de duração ISO 8601) para que essa regra de alerta seja executada.

queryPeriod
Nullable<TimeSpan>

O período (no formato de duração ISO 8601) que essa regra de alerta examina.

severity
Nullable<SecurityInsightsAlertSeverity>

A gravidade dos alertas criados por essa regra de alerta.

triggerOperator
Nullable<SecurityInsightsAlertRuleTriggerOperator>

A operação contra o limite que dispara a regra de alerta.

triggerThreshold
Nullable<Int32>

O limite dispara essa regra de alerta.

eventGroupingAggregationKind
Nullable<EventGroupingAggregationKind>

As configurações de agrupamento de eventos.

customDetails
IDictionary<String,String>

Dicionário de pares chave-valor de cadeia de caracteres de colunas a serem anexados ao alerta.

entityMappings
IEnumerable<SecurityInsightsAlertRuleEntityMapping>

Matriz dos mapeamentos de entidade da regra de alerta.

alertDetailsOverride
SecurityInsightsAlertDetailsOverride

Os detalhes do alerta substituem as configurações.

alertRuleTemplateName
String

O Nome do modelo de regra de alerta usado para criar essa regra.

templateVersion
String

A versão do modelo de regra de alerta usada para criar essa regra – no formato <a.b.c>, em que todos são números, por exemplo, 0 <1.0.2>.

description
String

A descrição da regra de alerta.

displayName
String

O nome de exibição para alertas criados por essa regra de alerta.

isEnabled
Nullable<Boolean>

Determina se essa regra de alerta está habilitada ou desabilitada.

lastModifiedOn
Nullable<DateTimeOffset>

A última vez que essa regra de alerta foi modificada.

suppressionDuration
Nullable<TimeSpan>

A supressão (no formato de duração ISO 8601) a aguardar desde a última vez em que essa regra de alerta foi disparada.

isSuppressionEnabled
Nullable<Boolean>

Determina se a supressão dessa regra de alerta está habilitada ou desabilitada.

tactics
IEnumerable<SecurityInsightsAttackTactic>

As táticas da regra de alerta.

techniques
IEnumerable<String>

As técnicas da regra de alerta.

incidentConfiguration
SecurityInsightsIncidentConfiguration

As configurações dos incidentes criados a partir de alertas disparados por essa regra de análise.

Retornos

Uma nova SecurityInsightsScheduledAlertRule instância para zombar.

Aplica-se a