Class: Azure::SecurityInsights::Mgmt::V2019_01_01_preview::Models::SecurityAlert

Inherits:

Entity

• Object
• Entity
• Azure::SecurityInsights::Mgmt::V2019_01_01_preview::Models::SecurityAlert

Includes:

MsRestAzure

Defined in:

lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb

Overview

Represents a security alert entity.

Instance Attribute Summary

• #additional_data ⇒ Object

  will be presented to the user.

• #alert_display_name ⇒ String

  The display name of the alert.

• #alert_link ⇒ String

  The uri link of the alert.

• #alert_type ⇒ String

  The type name of the alert.

• #compromised_entity ⇒ String

  Display name of the main entity being reported on.

• #confidence_level ⇒ ConfidenceLevel

  values include: ‘Unknown’, ‘Low’, ‘High’.

• #confidence_reasons ⇒ Array<SecurityAlertPropertiesConfidenceReasonsItem>

  confidence reasons.

• #confidence_score ⇒ Float

  The confidence score of the alert.

• #confidence_score_status ⇒ ConfidenceScoreStatus

  status, i.e.

• #description ⇒ String

  Alert description.

• #end_time_utc ⇒ DateTime

  last event contributing to the alert).

• #friendly_name ⇒ String

  readable description of the graph item instance.

• #intent ⇒ KillChainIntent

  this alert.

• #kind ⇒ Object

  Returns the value of attribute kind.

• #processing_end_time ⇒ DateTime

  consumption.

• #product_component_name ⇒ String

  generated the alert.

• #product_name ⇒ String

  The name of the product which published this alert.

• #product_version ⇒ String

  The version of the product generating the alert.

• #provider_alert_id ⇒ String

  generated the alert.

• #remediation_steps ⇒ Array<String>

  alert.

• #resource_identifiers ⇒ Object

  The list of resource identifiers of the alert.

• #severity ⇒ AlertSeverity

  include: ‘High’, ‘Medium’, ‘Low’, ‘Informational’.

• #start_time_utc ⇒ DateTime

  first event contributing to the alert).

• #status ⇒ AlertStatus

  values include: ‘Unknown’, ‘New’, ‘Resolved’, ‘Dismissed’, ‘InProgress’.

• #system_alert_id ⇒ String

  product.

• #tactics ⇒ Array<AttackTactic>

  The tactics of the alert.

• #time_generated ⇒ DateTime

  The time the alert was generated.

• #vendor_name ⇒ String

  The name of the vendor that raise the alert.

Attributes inherited from Entity

#id, #name, #type

Class Method Summary

• .mapper ⇒ Object

  Mapper for SecurityAlert class as Ruby Hash.

Instance Method Summary

• #initialize ⇒ SecurityAlert constructor

  A new instance of SecurityAlert.

Constructor Details

#initialize ⇒ SecurityAlert

Returns a new instance of SecurityAlert.

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 16

def initialize
  @kind = "SecurityAlert"
end

Instance Attribute Details

#additional_data ⇒ Object

will be presented to the user.

Returns:

• A bag of custom fields that should be part of the entity and

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 24

def additional_data
  @additional_data
end

#alert_display_name ⇒ String

Returns The display name of the alert.

Returns:

• (String) —

  The display name of the alert.

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 32

def alert_display_name
  @alert_display_name
end

#alert_link ⇒ String

Returns The uri link of the alert.

Returns:

• (String) —

  The uri link of the alert.

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 119

def alert_link
  @alert_link
end

#alert_type ⇒ String

Returns The type name of the alert.

Returns:

• (String) —

  The type name of the alert.

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 35

def alert_type
  @alert_type
end

#compromised_entity ⇒ String

Returns Display name of the main entity being reported on.

Returns:

• (String) —

  Display name of the main entity being reported on.

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 38

def compromised_entity
  @compromised_entity
end

#confidence_level ⇒ ConfidenceLevel

values include: ‘Unknown’, ‘Low’, ‘High’

Returns:

• (ConfidenceLevel) —

  The confidence level of this alert. Possible

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 42

def confidence_level
  @confidence_level
end

#confidence_reasons ⇒ Array<SecurityAlertPropertiesConfidenceReasonsItem>

confidence reasons

Returns:

• (Array<SecurityAlertPropertiesConfidenceReasonsItem>) —

  The

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 46

def confidence_reasons
  @confidence_reasons
end

#confidence_score ⇒ Float

Returns The confidence score of the alert.

Returns:

• (Float) —

  The confidence score of the alert.

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 49

def confidence_score
  @confidence_score
end

#confidence_score_status ⇒ ConfidenceScoreStatus

status, i.e. indicating if score calculation is pending for this alert, not applicable or final. Possible values include: ‘NotApplicable’, ‘InProcess’, ‘NotFinal’, ‘Final’

Returns:

• (ConfidenceScoreStatus) —

  The confidence score calculation

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 55

def confidence_score_status
  @confidence_score_status
end

#description ⇒ String

Returns Alert description.

Returns:

• (String) —

  Alert description.

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 58

def description
  @description
end

#end_time_utc ⇒ DateTime

last event contributing to the alert).

Returns:

• (DateTime) —

  The impact end time of the alert (the time of the

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 62

def end_time_utc
  @end_time_utc
end

#friendly_name ⇒ String

readable description of the graph item instance. This property is optional and might be system generated.

Returns:

• (String) —

  The graph item display name which is a short humanly

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 29

def friendly_name
  @friendly_name
end

#intent ⇒ KillChainIntent

this alert. Possible values include: ‘Unknown’, ‘Probing’, ‘Exploitation’, ‘Persistence’, ‘PrivilegeEscalation’, ‘DefenseEvasion’, ‘CredentialAccess’, ‘Discovery’, ‘LateralMovement’, ‘Execution’, ‘Collection’, ‘Exfiltration’, ‘CommandAndControl’, ‘Impact’

Returns:

• (KillChainIntent) —

  Holds the alert intent stage(s) mapping for

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 69

def intent
  @intent
end

#kind ⇒ Object

Returns the value of attribute kind.

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 20

def kind
  @kind
end

#processing_end_time ⇒ DateTime

consumption.

Returns:

• (DateTime) —

  The time the alert was made available for

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 77

def processing_end_time
  @processing_end_time
end

#product_component_name ⇒ String

generated the alert.

Returns:

• (String) —

  The name of a component inside the product which

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 81

def product_component_name
  @product_component_name
end

#product_name ⇒ String

Returns The name of the product which published this alert.

Returns:

• (String) —

  The name of the product which published this alert.

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 84

def product_name
  @product_name
end

#product_version ⇒ String

Returns The version of the product generating the alert.

Returns:

• (String) —

  The version of the product generating the alert.

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 87

def product_version
  @product_version
end

#provider_alert_id ⇒ String

generated the alert.

Returns:

• (String) —

  The identifier of the alert inside the product which

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 73

def provider_alert_id
  @provider_alert_id
end

#remediation_steps ⇒ Array<String>

alert.

Returns:

• (Array<String>) —

  Manual action items to take to remediate the

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 91

def remediation_steps
  @remediation_steps
end

#resource_identifiers ⇒ Object

Returns The list of resource identifiers of the alert.

Returns:

• The list of resource identifiers of the alert.

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 122

def resource_identifiers
  @resource_identifiers
end

#severity ⇒ AlertSeverity

include: ‘High’, ‘Medium’, ‘Low’, ‘Informational’

Returns:

• (AlertSeverity) —

  The severity of the alert. Possible values

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 95

def severity
  @severity
end

#start_time_utc ⇒ DateTime

first event contributing to the alert).

Returns:

• (DateTime) —

  The impact start time of the alert (the time of the

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 99

def start_time_utc
  @start_time_utc
end

#status ⇒ AlertStatus

values include: ‘Unknown’, ‘New’, ‘Resolved’, ‘Dismissed’, ‘InProgress’

Returns:

• (AlertStatus) —

  The lifecycle status of the alert. Possible

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 103

def status
  @status
end

#system_alert_id ⇒ String

product.

Returns:

• (String) —

  Holds the product identifier of the alert for the

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 107

def system_alert_id
  @system_alert_id
end

#tactics ⇒ Array<AttackTactic>

Returns The tactics of the alert.

Returns:

• (Array<AttackTactic>) —

  The tactics of the alert

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 110

def tactics
  @tactics
end

#time_generated ⇒ DateTime

Returns The time the alert was generated.

Returns:

• (DateTime) —

  The time the alert was generated.

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 113

def time_generated
  @time_generated
end

#vendor_name ⇒ String

Returns The name of the vendor that raise the alert.

Returns:

• (String) —

  The name of the vendor that raise the alert.

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 116

def vendor_name
  @vendor_name
end

Class Method Details

.mapper ⇒ Object

Mapper for SecurityAlert class as Ruby Hash. This will be used for serialization/deserialization.

# File 'lib/2019-01-01-preview/generated/azure_mgmt_security_insights/models/security_alert.rb', line 129

def self.mapper()
  {
    client_side_validation: true,
    required: false,
    serialized_name: 'SecurityAlert',
    type: {
      name: 'Composite',
      class_name: 'SecurityAlert',
      model_properties: {
        id: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'id',
          type: {
            name: 'String'
          }
        },
        name: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'name',
          type: {
            name: 'String'
          }
        },
        type: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'type',
          type: {
            name: 'String'
          }
        },
        kind: {
          client_side_validation: true,
          required: true,
          serialized_name: 'kind',
          type: {
            name: 'String'
          }
        },
        additional_data: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.additionalData',
          type: {
            name: 'Dictionary',
            value: {
                client_side_validation: true,
                required: false,
                serialized_name: 'ObjectElementType',
                type: {
                  name: 'Object'
                }
            }
          }
        },
        friendly_name: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.friendlyName',
          type: {
            name: 'String'
          }
        },
        alert_display_name: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.alertDisplayName',
          type: {
            name: 'String'
          }
        },
        alert_type: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.alertType',
          type: {
            name: 'String'
          }
        },
        compromised_entity: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.compromisedEntity',
          type: {
            name: 'String'
          }
        },
        confidence_level: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.confidenceLevel',
          type: {
            name: 'String'
          }
        },
        confidence_reasons: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.confidenceReasons',
          type: {
            name: 'Sequence',
            element: {
                client_side_validation: true,
                required: false,
                serialized_name: 'SecurityAlertPropertiesConfidenceReasonsItemElementType',
                type: {
                  name: 'Composite',
                  class_name: 'SecurityAlertPropertiesConfidenceReasonsItem'
                }
            }
          }
        },
        confidence_score: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.confidenceScore',
          type: {
            name: 'Double'
          }
        },
        confidence_score_status: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.confidenceScoreStatus',
          type: {
            name: 'String'
          }
        },
        description: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.description',
          type: {
            name: 'String'
          }
        },
        end_time_utc: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.endTimeUtc',
          type: {
            name: 'DateTime'
          }
        },
        intent: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.intent',
          type: {
            name: 'String'
          }
        },
        provider_alert_id: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.providerAlertId',
          type: {
            name: 'String'
          }
        },
        processing_end_time: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.processingEndTime',
          type: {
            name: 'DateTime'
          }
        },
        product_component_name: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.productComponentName',
          type: {
            name: 'String'
          }
        },
        product_name: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.productName',
          type: {
            name: 'String'
          }
        },
        product_version: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.productVersion',
          type: {
            name: 'String'
          }
        },
        remediation_steps: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.remediationSteps',
          type: {
            name: 'Sequence',
            element: {
                client_side_validation: true,
                required: false,
                serialized_name: 'StringElementType',
                type: {
                  name: 'String'
                }
            }
          }
        },
        severity: {
          client_side_validation: true,
          required: false,
          serialized_name: 'properties.severity',
          type: {
            name: 'String'
          }
        },
        start_time_utc: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.startTimeUtc',
          type: {
            name: 'DateTime'
          }
        },
        status: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.status',
          type: {
            name: 'String'
          }
        },
        system_alert_id: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.systemAlertId',
          type: {
            name: 'String'
          }
        },
        tactics: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.tactics',
          type: {
            name: 'Sequence',
            element: {
                client_side_validation: true,
                required: false,
                serialized_name: 'AttackTacticElementType',
                type: {
                  name: 'String'
                }
            }
          }
        },
        time_generated: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.timeGenerated',
          type: {
            name: 'DateTime'
          }
        },
        vendor_name: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.vendorName',
          type: {
            name: 'String'
          }
        },
        alert_link: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.alertLink',
          type: {
            name: 'String'
          }
        },
        resource_identifiers: {
          client_side_validation: true,
          required: false,
          read_only: true,
          serialized_name: 'properties.resourceIdentifiers',
          type: {
            name: 'Sequence',
            element: {
                client_side_validation: true,
                required: false,
                serialized_name: 'ObjectElementType',
                type: {
                  name: 'Object'
                }
            }
          }
        }
      }
    }
  }
end