ArmSecurityInsightsModelFactory.ScheduledAlertRuleTemplate Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Initializes a new instance of ScheduledAlertRuleTemplate.
public static Azure.ResourceManager.SecurityInsights.Models.ScheduledAlertRuleTemplate ScheduledAlertRuleTemplate (Azure.Core.ResourceIdentifier id = default, string name = default, Azure.Core.ResourceType resourceType = default, Azure.ResourceManager.Models.SystemData systemData = default, int? alertRulesCreatedByTemplateCount = default, DateTimeOffset? createdDateUTC = default, DateTimeOffset? lastUpdatedDateUTC = default, string description = default, string displayName = default, System.Collections.Generic.IEnumerable<Azure.ResourceManager.SecurityInsights.Models.AlertRuleTemplateDataSource> requiredDataConnectors = default, Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertRuleTemplateStatus? status = default, string query = default, TimeSpan? queryFrequency = default, TimeSpan? queryPeriod = default, Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertSeverity? severity = default, Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertRuleTriggerOperator? triggerOperator = default, int? triggerThreshold = default, System.Collections.Generic.IEnumerable<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAttackTactic> tactics = default, System.Collections.Generic.IEnumerable<string> techniques = default, System.Collections.Generic.IEnumerable<string> subTechniques = default, string version = default, Azure.ResourceManager.SecurityInsights.Models.EventGroupingAggregationKind? eventGroupingAggregationKind = default, System.Collections.Generic.IDictionary<string,string> customDetails = default, System.Collections.Generic.IEnumerable<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertRuleEntityMapping> entityMappings = default, Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertDetailsOverride alertDetailsOverride = default, System.Collections.Generic.IEnumerable<Azure.ResourceManager.SecurityInsights.Models.SentinelEntityMapping> sentinelEntitiesMappings = default);
static member ScheduledAlertRuleTemplate : Azure.Core.ResourceIdentifier * string * Azure.Core.ResourceType * Azure.ResourceManager.Models.SystemData * Nullable<int> * Nullable<DateTimeOffset> * Nullable<DateTimeOffset> * string * string * seq<Azure.ResourceManager.SecurityInsights.Models.AlertRuleTemplateDataSource> * Nullable<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertRuleTemplateStatus> * string * Nullable<TimeSpan> * Nullable<TimeSpan> * Nullable<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertSeverity> * Nullable<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertRuleTriggerOperator> * Nullable<int> * seq<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAttackTactic> * seq<string> * seq<string> * string * Nullable<Azure.ResourceManager.SecurityInsights.Models.EventGroupingAggregationKind> * System.Collections.Generic.IDictionary<string, string> * seq<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertRuleEntityMapping> * Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertDetailsOverride * seq<Azure.ResourceManager.SecurityInsights.Models.SentinelEntityMapping> -> Azure.ResourceManager.SecurityInsights.Models.ScheduledAlertRuleTemplate
Public Shared Function ScheduledAlertRuleTemplate (Optional id As ResourceIdentifier = Nothing, Optional name As String = Nothing, Optional resourceType As ResourceType = Nothing, Optional systemData As SystemData = Nothing, Optional alertRulesCreatedByTemplateCount As Nullable(Of Integer) = Nothing, Optional createdDateUTC As Nullable(Of DateTimeOffset) = Nothing, Optional lastUpdatedDateUTC As Nullable(Of DateTimeOffset) = Nothing, Optional description As String = Nothing, Optional displayName As String = Nothing, Optional requiredDataConnectors As IEnumerable(Of AlertRuleTemplateDataSource) = Nothing, Optional status As Nullable(Of SecurityInsightsAlertRuleTemplateStatus) = Nothing, Optional query As String = Nothing, Optional queryFrequency As Nullable(Of TimeSpan) = Nothing, Optional queryPeriod As Nullable(Of TimeSpan) = Nothing, Optional severity As Nullable(Of SecurityInsightsAlertSeverity) = Nothing, Optional triggerOperator As Nullable(Of SecurityInsightsAlertRuleTriggerOperator) = Nothing, Optional triggerThreshold As Nullable(Of Integer) = Nothing, Optional tactics As IEnumerable(Of SecurityInsightsAttackTactic) = Nothing, Optional techniques As IEnumerable(Of String) = Nothing, Optional subTechniques As IEnumerable(Of String) = Nothing, Optional version As String = Nothing, Optional eventGroupingAggregationKind As Nullable(Of EventGroupingAggregationKind) = Nothing, Optional customDetails As IDictionary(Of String, String) = Nothing, Optional entityMappings As IEnumerable(Of SecurityInsightsAlertRuleEntityMapping) = Nothing, Optional alertDetailsOverride As SecurityInsightsAlertDetailsOverride = Nothing, Optional sentinelEntitiesMappings As IEnumerable(Of SentinelEntityMapping) = Nothing) As ScheduledAlertRuleTemplate
Parameters
The id.
- name
- String
The name.
- resourceType
- ResourceType
The resourceType.
- systemData
- SystemData
The systemData.
the number of alert rules that were created by this template.
- createdDateUTC
- Nullable<DateTimeOffset>
The time that this alert rule template has been added.
- lastUpdatedDateUTC
- Nullable<DateTimeOffset>
The time that this alert rule template was last updated.
- description
- String
The description of the alert rule template.
- displayName
- String
The display name for alert rule template.
- requiredDataConnectors
- IEnumerable<AlertRuleTemplateDataSource>
The required data connectors for this template.
The alert rule template status.
- query
- String
The query that creates alerts for this rule.
The frequency (in ISO 8601 duration format) for this alert rule to run.
The period (in ISO 8601 duration format) that this alert rule looks at.
- severity
- Nullable<SecurityInsightsAlertSeverity>
The severity for alerts created by this alert rule.
- triggerOperator
- Nullable<SecurityInsightsAlertRuleTriggerOperator>
The operation against the threshold that triggers alert rule.
- tactics
- IEnumerable<SecurityInsightsAttackTactic>
The tactics of the alert rule template.
- techniques
- IEnumerable<String>
The techniques of the alert rule.
- subTechniques
- IEnumerable<String>
The sub-techniques of the alert rule.
- version
- String
The version of this template - in format <a.b.c>, where all are numbers. For example <1.0.2>.
- eventGroupingAggregationKind
- Nullable<EventGroupingAggregationKind>
The event grouping settings.
- customDetails
- IDictionary<String,String>
Dictionary of string key-value pairs of columns to be attached to the alert.
- entityMappings
- IEnumerable<SecurityInsightsAlertRuleEntityMapping>
Array of the entity mappings of the alert rule.
- alertDetailsOverride
- SecurityInsightsAlertDetailsOverride
The alert details override settings.
- sentinelEntitiesMappings
- IEnumerable<SentinelEntityMapping>
Array of the sentinel entity mappings of the alert rule.
Returns
A new ScheduledAlertRuleTemplate instance for mocking.