Class: MicrosoftGraph::Models::SecurityProcessEvidence

Inherits:

SecurityAlertEvidence

• Object
• SecurityAlertEvidence
• MicrosoftGraph::Models::SecurityProcessEvidence

Includes:

MicrosoftKiotaAbstractions::Parsable

Defined in:

lib/models/security_process_evidence.rb

Class Method Summary

• .create_from_discriminator_value(parse_node) ⇒ Object

  Creates a new instance of the appropriate class based on discriminator value.

Instance Method Summary

• #detection_status ⇒ Object

  Gets the detectionStatus property value.

• #detection_status=(value) ⇒ Object

  Sets the detectionStatus property value.

• #get_field_deserializers ⇒ Object

  The deserialization information for the current model.

• #image_file ⇒ Object

  Gets the imageFile property value.

• #image_file=(value) ⇒ Object

  Sets the imageFile property value.

• #initialize ⇒ Object constructor

  Instantiates a new securityProcessEvidence and sets the default values.

• #mde_device_id ⇒ Object

  Gets the mdeDeviceId property value.

• #mde_device_id=(value) ⇒ Object

  Sets the mdeDeviceId property value.

• #parent_process_creation_date_time ⇒ Object

  Gets the parentProcessCreationDateTime property value.

• #parent_process_creation_date_time=(value) ⇒ Object

  Sets the parentProcessCreationDateTime property value.

• #parent_process_id ⇒ Object

  Gets the parentProcessId property value.

• #parent_process_id=(value) ⇒ Object

  Sets the parentProcessId property value.

• #parent_process_image_file ⇒ Object

  Gets the parentProcessImageFile property value.

• #parent_process_image_file=(value) ⇒ Object

  Sets the parentProcessImageFile property value.

• #process_command_line ⇒ Object

  Gets the processCommandLine property value.

• #process_command_line=(value) ⇒ Object

  Sets the processCommandLine property value.

• #process_creation_date_time ⇒ Object

  Gets the processCreationDateTime property value.

• #process_creation_date_time=(value) ⇒ Object

  Sets the processCreationDateTime property value.

• #process_id ⇒ Object

  Gets the processId property value.

• #process_id=(value) ⇒ Object

  Sets the processId property value.

• #serialize(writer) ⇒ Object

  Serializes information the current object.

• #user_account ⇒ Object

  Gets the userAccount property value.

• #user_account=(value) ⇒ Object

  Sets the userAccount property value.

Methods inherited from SecurityAlertEvidence

#additional_data, #additional_data=, #created_date_time, #created_date_time=, #detailed_roles, #detailed_roles=, #odata_type, #odata_type=, #remediation_status, #remediation_status=, #remediation_status_details, #remediation_status_details=, #roles, #roles=, #tags, #tags=, #verdict, #verdict=

Constructor Details

#initialize ⇒ Object

Instantiates a new securityProcessEvidence and sets the default values.

# File 'lib/models/security_process_evidence.rb', line 44

def initialize()
    super
    @odata_type = "#microsoft.graph.security.processEvidence"
end

Class Method Details

.create_from_discriminator_value(parse_node) ⇒ Object

Creates a new instance of the appropriate class based on discriminator value

Parameters:

• parse_node —

  The parse node to use to read the discriminator value and create the object

Returns:

• a security_process_evidence

Raises:

• (StandardError)

# File 'lib/models/security_process_evidence.rb', line 53

def self.create_from_discriminator_value(parse_node)
    raise StandardError, 'parse_node cannot be null' if parse_node.nil?
    return SecurityProcessEvidence.new
end

Instance Method Details

#detection_status ⇒ Object

Gets the detectionStatus property value. The status of the detection.The possible values are: detected, blocked, prevented, unknownFutureValue.

Returns:

• a security_detection_status

# File 'lib/models/security_process_evidence.rb', line 61

def detection_status
    return @detection_status
end

#detection_status=(value) ⇒ Object

Sets the detectionStatus property value. The status of the detection.The possible values are: detected, blocked, prevented, unknownFutureValue.

Parameters:

• value —

  Value to set for the detectionStatus property.

Returns:

• a void

# File 'lib/models/security_process_evidence.rb', line 69

def detection_status=(value)
    @detection_status = value
end

#get_field_deserializers ⇒ Object

The deserialization information for the current model

Returns:

• a i_dictionary

# File 'lib/models/security_process_evidence.rb', line 76

def get_field_deserializers()
    return super.merge({
        "detectionStatus" => lambda {|n| @detection_status = n.get_enum_value(MicrosoftGraph::Models::SecurityDetectionStatus) },
        "imageFile" => lambda {|n| @image_file = n.get_object_value(lambda {|pn| MicrosoftGraph::Models::SecurityFileDetails.create_from_discriminator_value(pn) }) },
        "mdeDeviceId" => lambda {|n| @mde_device_id = n.get_string_value() },
        "parentProcessCreationDateTime" => lambda {|n| @parent_process_creation_date_time = n.get_date_time_value() },
        "parentProcessId" => lambda {|n| @parent_process_id = n.get_object_value(lambda {|pn| Int64.create_from_discriminator_value(pn) }) },
        "parentProcessImageFile" => lambda {|n| @parent_process_image_file = n.get_object_value(lambda {|pn| MicrosoftGraph::Models::SecurityFileDetails.create_from_discriminator_value(pn) }) },
        "processCommandLine" => lambda {|n| @process_command_line = n.get_string_value() },
        "processCreationDateTime" => lambda {|n| @process_creation_date_time = n.get_date_time_value() },
        "processId" => lambda {|n| @process_id = n.get_object_value(lambda {|pn| Int64.create_from_discriminator_value(pn) }) },
        "userAccount" => lambda {|n| @user_account = n.get_object_value(lambda {|pn| MicrosoftGraph::Models::SecurityUserAccount.create_from_discriminator_value(pn) }) },
    })
end

#image_file ⇒ Object

Gets the imageFile property value. Image file details.

Returns:

• a security_file_details

# File 'lib/models/security_process_evidence.rb', line 94

def image_file
    return @image_file
end

#image_file=(value) ⇒ Object

Sets the imageFile property value. Image file details.

Parameters:

• value —

  Value to set for the imageFile property.

Returns:

• a void

# File 'lib/models/security_process_evidence.rb', line 102

def image_file=(value)
    @image_file = value
end

#mde_device_id ⇒ Object

Gets the mdeDeviceId property value. A unique identifier assigned to a device by Microsoft Defender for Endpoint.

Returns:

• a string

# File 'lib/models/security_process_evidence.rb', line 109

def mde_device_id
    return @mde_device_id
end

#mde_device_id=(value) ⇒ Object

Sets the mdeDeviceId property value. A unique identifier assigned to a device by Microsoft Defender for Endpoint.

Parameters:

• value —

  Value to set for the mdeDeviceId property.

Returns:

• a void

# File 'lib/models/security_process_evidence.rb', line 117

def mde_device_id=(value)
    @mde_device_id = value
end

#parent_process_creation_date_time ⇒ Object

Gets the parentProcessCreationDateTime property value. Date and time when the parent of the process was created. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z.

Returns:

• a date_time

# File 'lib/models/security_process_evidence.rb', line 124

def parent_process_creation_date_time
    return @parent_process_creation_date_time
end

#parent_process_creation_date_time=(value) ⇒ Object

Sets the parentProcessCreationDateTime property value. Date and time when the parent of the process was created. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z.

Parameters:

• value —

  Value to set for the parentProcessCreationDateTime property.

Returns:

• a void

# File 'lib/models/security_process_evidence.rb', line 132

def parent_process_creation_date_time=(value)
    @parent_process_creation_date_time = value
end

#parent_process_id ⇒ Object

Gets the parentProcessId property value. Process ID (PID) of the parent process that spawned the process.

Returns:

• a int64

# File 'lib/models/security_process_evidence.rb', line 139

def parent_process_id
    return @parent_process_id
end

#parent_process_id=(value) ⇒ Object

Sets the parentProcessId property value. Process ID (PID) of the parent process that spawned the process.

Parameters:

• value —

  Value to set for the parentProcessId property.

Returns:

• a void

# File 'lib/models/security_process_evidence.rb', line 147

def parent_process_id=(value)
    @parent_process_id = value
end

#parent_process_image_file ⇒ Object

Gets the parentProcessImageFile property value. Parent process image file details.

Returns:

• a security_file_details

# File 'lib/models/security_process_evidence.rb', line 154

def parent_process_image_file
    return @parent_process_image_file
end

#parent_process_image_file=(value) ⇒ Object

Sets the parentProcessImageFile property value. Parent process image file details.

Parameters:

• value —

  Value to set for the parentProcessImageFile property.

Returns:

• a void

# File 'lib/models/security_process_evidence.rb', line 162

def parent_process_image_file=(value)
    @parent_process_image_file = value
end

#process_command_line ⇒ Object

Gets the processCommandLine property value. Command line used to create the new process.

Returns:

• a string

# File 'lib/models/security_process_evidence.rb', line 169

def process_command_line
    return @process_command_line
end

#process_command_line=(value) ⇒ Object

Sets the processCommandLine property value. Command line used to create the new process.

Parameters:

• value —

  Value to set for the processCommandLine property.

Returns:

• a void

# File 'lib/models/security_process_evidence.rb', line 177

def process_command_line=(value)
    @process_command_line = value
end

#process_creation_date_time ⇒ Object

Gets the processCreationDateTime property value. Date and time when the process was created. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z.

Returns:

• a date_time

# File 'lib/models/security_process_evidence.rb', line 184

def process_creation_date_time
    return @process_creation_date_time
end

#process_creation_date_time=(value) ⇒ Object

Sets the processCreationDateTime property value. Date and time when the process was created. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z.

Parameters:

• value —

  Value to set for the processCreationDateTime property.

Returns:

• a void

# File 'lib/models/security_process_evidence.rb', line 192

def process_creation_date_time=(value)
    @process_creation_date_time = value
end

#process_id ⇒ Object

Gets the processId property value. Process ID (PID) of the newly created process.

Returns:

• a int64

# File 'lib/models/security_process_evidence.rb', line 199

def process_id
    return @process_id
end

#process_id=(value) ⇒ Object

Sets the processId property value. Process ID (PID) of the newly created process.

Parameters:

• value —

  Value to set for the processId property.

Returns:

• a void

# File 'lib/models/security_process_evidence.rb', line 207

def process_id=(value)
    @process_id = value
end

#serialize(writer) ⇒ Object

Serializes information the current object

Parameters:

• writer —

  Serialization writer to use to serialize this model

Returns:

• a void

Raises:

• (StandardError)

# File 'lib/models/security_process_evidence.rb', line 215

def serialize(writer)
    raise StandardError, 'writer cannot be null' if writer.nil?
    super
    writer.write_enum_value("detectionStatus", @detection_status)
    writer.write_object_value("imageFile", @image_file)
    writer.write_string_value("mdeDeviceId", @mde_device_id)
    writer.write_date_time_value("parentProcessCreationDateTime", @parent_process_creation_date_time)
    writer.write_object_value("parentProcessId", @parent_process_id)
    writer.write_object_value("parentProcessImageFile", @parent_process_image_file)
    writer.write_string_value("processCommandLine", @process_command_line)
    writer.write_date_time_value("processCreationDateTime", @process_creation_date_time)
    writer.write_object_value("processId", @process_id)
    writer.write_object_value("userAccount", @user_account)
end

#user_account ⇒ Object

Gets the userAccount property value. User details of the user that ran the process.

Returns:

• a security_user_account

# File 'lib/models/security_process_evidence.rb', line 233

def user_account
    return @user_account
end

#user_account=(value) ⇒ Object

Sets the userAccount property value. User details of the user that ran the process.

Parameters:

• value —

  Value to set for the userAccount property.

Returns:

• a void

# File 'lib/models/security_process_evidence.rb', line 241

def user_account=(value)
    @user_account = value
end