ArmSecurityInsightsModelFactory.SecurityInsightsScheduledAlertRule Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Initializes a new instance of SecurityInsightsScheduledAlertRule.
public static Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsScheduledAlertRule SecurityInsightsScheduledAlertRule (Azure.Core.ResourceIdentifier id = default, string name = default, Azure.Core.ResourceType resourceType = default, Azure.ResourceManager.Models.SystemData systemData = default, Azure.ETag? etag = default, string query = default, TimeSpan? queryFrequency = default, TimeSpan? queryPeriod = default, Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertSeverity? severity = default, Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertRuleTriggerOperator? triggerOperator = default, int? triggerThreshold = default, Azure.ResourceManager.SecurityInsights.Models.EventGroupingAggregationKind? eventGroupingAggregationKind = default, System.Collections.Generic.IDictionary<string,string> customDetails = default, System.Collections.Generic.IEnumerable<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertRuleEntityMapping> entityMappings = default, Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertDetailsOverride alertDetailsOverride = default, System.Collections.Generic.IEnumerable<Azure.ResourceManager.SecurityInsights.Models.SentinelEntityMapping> sentinelEntitiesMappings = default, string alertRuleTemplateName = default, string templateVersion = default, string description = default, string displayName = default, bool? isEnabled = default, DateTimeOffset? lastModifiedOn = default, TimeSpan? suppressionDuration = default, bool? isSuppressionEnabled = default, System.Collections.Generic.IEnumerable<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAttackTactic> tactics = default, System.Collections.Generic.IEnumerable<string> techniques = default, System.Collections.Generic.IEnumerable<string> subTechniques = default, Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsIncidentConfiguration incidentConfiguration = default);
static member SecurityInsightsScheduledAlertRule : Azure.Core.ResourceIdentifier * string * Azure.Core.ResourceType * Azure.ResourceManager.Models.SystemData * Nullable<Azure.ETag> * string * Nullable<TimeSpan> * Nullable<TimeSpan> * Nullable<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertSeverity> * Nullable<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertRuleTriggerOperator> * Nullable<int> * Nullable<Azure.ResourceManager.SecurityInsights.Models.EventGroupingAggregationKind> * System.Collections.Generic.IDictionary<string, string> * seq<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertRuleEntityMapping> * Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAlertDetailsOverride * seq<Azure.ResourceManager.SecurityInsights.Models.SentinelEntityMapping> * string * string * string * string * Nullable<bool> * Nullable<DateTimeOffset> * Nullable<TimeSpan> * Nullable<bool> * seq<Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsAttackTactic> * seq<string> * seq<string> * Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsIncidentConfiguration -> Azure.ResourceManager.SecurityInsights.Models.SecurityInsightsScheduledAlertRule
Public Shared Function SecurityInsightsScheduledAlertRule (Optional id As ResourceIdentifier = Nothing, Optional name As String = Nothing, Optional resourceType As ResourceType = Nothing, Optional systemData As SystemData = Nothing, Optional etag As Nullable(Of ETag) = Nothing, Optional query As String = Nothing, Optional queryFrequency As Nullable(Of TimeSpan) = Nothing, Optional queryPeriod As Nullable(Of TimeSpan) = Nothing, Optional severity As Nullable(Of SecurityInsightsAlertSeverity) = Nothing, Optional triggerOperator As Nullable(Of SecurityInsightsAlertRuleTriggerOperator) = Nothing, Optional triggerThreshold As Nullable(Of Integer) = Nothing, Optional eventGroupingAggregationKind As Nullable(Of EventGroupingAggregationKind) = Nothing, Optional customDetails As IDictionary(Of String, String) = Nothing, Optional entityMappings As IEnumerable(Of SecurityInsightsAlertRuleEntityMapping) = Nothing, Optional alertDetailsOverride As SecurityInsightsAlertDetailsOverride = Nothing, Optional sentinelEntitiesMappings As IEnumerable(Of SentinelEntityMapping) = Nothing, Optional alertRuleTemplateName As String = Nothing, Optional templateVersion As String = Nothing, Optional description As String = Nothing, Optional displayName As String = Nothing, Optional isEnabled As Nullable(Of Boolean) = Nothing, Optional lastModifiedOn As Nullable(Of DateTimeOffset) = Nothing, Optional suppressionDuration As Nullable(Of TimeSpan) = Nothing, Optional isSuppressionEnabled As Nullable(Of Boolean) = Nothing, Optional tactics As IEnumerable(Of SecurityInsightsAttackTactic) = Nothing, Optional techniques As IEnumerable(Of String) = Nothing, Optional subTechniques As IEnumerable(Of String) = Nothing, Optional incidentConfiguration As SecurityInsightsIncidentConfiguration = Nothing) As SecurityInsightsScheduledAlertRule
Parameters
The id.
- name
- String
The name.
- resourceType
- ResourceType
The resourceType.
- systemData
- SystemData
The systemData.
- query
- String
The query that creates alerts for this rule.
The frequency (in ISO 8601 duration format) for this alert rule to run.
The period (in ISO 8601 duration format) that this alert rule looks at.
- severity
- Nullable<SecurityInsightsAlertSeverity>
The severity for alerts created by this alert rule.
- triggerOperator
- Nullable<SecurityInsightsAlertRuleTriggerOperator>
The operation against the threshold that triggers alert rule.
- eventGroupingAggregationKind
- Nullable<EventGroupingAggregationKind>
The event grouping settings.
- customDetails
- IDictionary<String,String>
Dictionary of string key-value pairs of columns to be attached to the alert.
- entityMappings
- IEnumerable<SecurityInsightsAlertRuleEntityMapping>
Array of the entity mappings of the alert rule.
- alertDetailsOverride
- SecurityInsightsAlertDetailsOverride
The alert details override settings.
- sentinelEntitiesMappings
- IEnumerable<SentinelEntityMapping>
Array of the sentinel entity mappings of the alert rule.
- alertRuleTemplateName
- String
The Name of the alert rule template used to create this rule.
- templateVersion
- String
The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>.
- description
- String
The description of the alert rule.
- displayName
- String
The display name for alerts created by this alert rule.
- lastModifiedOn
- Nullable<DateTimeOffset>
The last time that this alert rule has been modified.
The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered.
Determines whether the suppression for this alert rule is enabled or disabled.
- tactics
- IEnumerable<SecurityInsightsAttackTactic>
The tactics of the alert rule.
- techniques
- IEnumerable<String>
The techniques of the alert rule.
- subTechniques
- IEnumerable<String>
The sub-techniques of the alert rule.
- incidentConfiguration
- SecurityInsightsIncidentConfiguration
The settings of the incidents that created from alerts triggered by this analytics rule.
Returns
A new SecurityInsightsScheduledAlertRule instance for mocking.