Class: MicrosoftGraph::Models::SecurityIncident

Inherits:

Entity

• Object
• Entity
• MicrosoftGraph::Models::SecurityIncident

Includes:

MicrosoftKiotaAbstractions::Parsable

Defined in:

lib/models/security_incident.rb

Class Method Summary

• .create_from_discriminator_value(parse_node) ⇒ Object

  Creates a new instance of the appropriate class based on discriminator value.

Instance Method Summary

• #alerts ⇒ Object

  Gets the alerts property value.

• #alerts=(value) ⇒ Object

  Sets the alerts property value.

• #assigned_to ⇒ Object

  Gets the assignedTo property value.

• #assigned_to=(value) ⇒ Object

  Sets the assignedTo property value.

• #classification ⇒ Object

  Gets the classification property value.

• #classification=(value) ⇒ Object

  Sets the classification property value.

• #comments ⇒ Object

  Gets the comments property value.

• #comments=(value) ⇒ Object

  Sets the comments property value.

• #created_date_time ⇒ Object

  Gets the createdDateTime property value.

• #created_date_time=(value) ⇒ Object

  Sets the createdDateTime property value.

• #custom_tags ⇒ Object

  Gets the customTags property value.

• #custom_tags=(value) ⇒ Object

  Sets the customTags property value.

• #determination ⇒ Object

  Gets the determination property value.

• #determination=(value) ⇒ Object

  Sets the determination property value.

• #display_name ⇒ Object

  Gets the displayName property value.

• #display_name=(value) ⇒ Object

  Sets the displayName property value.

• #get_field_deserializers ⇒ Object

  The deserialization information for the current model.

• #incident_web_url ⇒ Object

  Gets the incidentWebUrl property value.

• #incident_web_url=(value) ⇒ Object

  Sets the incidentWebUrl property value.

• #initialize ⇒ Object constructor

  Instantiates a new securityIncident and sets the default values.

• #last_modified_by ⇒ Object

  Gets the lastModifiedBy property value.

• #last_modified_by=(value) ⇒ Object

  Sets the lastModifiedBy property value.

• #last_update_date_time ⇒ Object

  Gets the lastUpdateDateTime property value.

• #last_update_date_time=(value) ⇒ Object

  Sets the lastUpdateDateTime property value.

• #redirect_incident_id ⇒ Object

  Gets the redirectIncidentId property value.

• #redirect_incident_id=(value) ⇒ Object

  Sets the redirectIncidentId property value.

• #serialize(writer) ⇒ Object

  Serializes information the current object.

• #severity ⇒ Object

  Gets the severity property value.

• #severity=(value) ⇒ Object

  Sets the severity property value.

• #status ⇒ Object

  Gets the status property value.

• #status=(value) ⇒ Object

  Sets the status property value.

• #tenant_id ⇒ Object

  Gets the tenantId property value.

• #tenant_id=(value) ⇒ Object

  Sets the tenantId property value.

Methods inherited from Entity

#additional_data, #additional_data=, #id, #id=, #odata_type, #odata_type=

Constructor Details

#initialize ⇒ Object

Instantiates a new securityIncident and sets the default values.

# File 'lib/models/security_incident.rb', line 119

def initialize()
    super
end

Class Method Details

.create_from_discriminator_value(parse_node) ⇒ Object

Creates a new instance of the appropriate class based on discriminator value

Parameters:

• parse_node —

  The parse node to use to read the discriminator value and create the object

Returns:

• a security_incident

Raises:

• (StandardError)

# File 'lib/models/security_incident.rb', line 142

def self.create_from_discriminator_value(parse_node)
    raise StandardError, 'parse_node cannot be null' if parse_node.nil?
    return SecurityIncident.new
end

Instance Method Details

#alerts ⇒ Object

Gets the alerts property value. The list of related alerts. Supports $expand.

Returns:

• a security_alert

# File 'lib/models/security_incident.rb', line 59

def alerts
    return @alerts
end

#alerts=(value) ⇒ Object

Sets the alerts property value. The list of related alerts. Supports $expand.

Parameters:

• value —

  Value to set for the alerts property.

Returns:

• a void

# File 'lib/models/security_incident.rb', line 67

def alerts=(value)
    @alerts = value
end

#assigned_to ⇒ Object

Gets the assignedTo property value. Owner of the incident, or null if no owner is assigned. Free editable text.

Returns:

• a string

# File 'lib/models/security_incident.rb', line 74

def assigned_to
    return @assigned_to
end

#assigned_to=(value) ⇒ Object

Sets the assignedTo property value. Owner of the incident, or null if no owner is assigned. Free editable text.

Parameters:

• value —

  Value to set for the assignedTo property.

Returns:

• a void

# File 'lib/models/security_incident.rb', line 82

def assigned_to=(value)
    @assigned_to = value
end

#classification ⇒ Object

Gets the classification property value. The specification for the incident. Possible values are: unknown, falsePositive, truePositive, informationalExpectedActivity, unknownFutureValue.

Returns:

• a security_alert_classification

# File 'lib/models/security_incident.rb', line 89

def classification
    return @classification
end

#classification=(value) ⇒ Object

Sets the classification property value. The specification for the incident. Possible values are: unknown, falsePositive, truePositive, informationalExpectedActivity, unknownFutureValue.

Parameters:

• value —

  Value to set for the classification property.

Returns:

• a void

# File 'lib/models/security_incident.rb', line 97

def classification=(value)
    @classification = value
end

#comments ⇒ Object

Gets the comments property value. Array of comments created by the Security Operations (SecOps) team when the incident is managed.

Returns:

• a security_alert_comment

# File 'lib/models/security_incident.rb', line 104

def comments
    return @comments
end

#comments=(value) ⇒ Object

Sets the comments property value. Array of comments created by the Security Operations (SecOps) team when the incident is managed.

Parameters:

• value —

  Value to set for the comments property.

Returns:

• a void

# File 'lib/models/security_incident.rb', line 112

def comments=(value)
    @comments = value
end

#created_date_time ⇒ Object

Gets the createdDateTime property value. Time when the incident was first created.

Returns:

• a date_time

# File 'lib/models/security_incident.rb', line 126

def created_date_time
    return @created_date_time
end

#created_date_time=(value) ⇒ Object

Sets the createdDateTime property value. Time when the incident was first created.

Parameters:

• value —

  Value to set for the createdDateTime property.

Returns:

• a void

# File 'lib/models/security_incident.rb', line 134

def created_date_time=(value)
    @created_date_time = value
end

#custom_tags ⇒ Object

Gets the customTags property value. Array of custom tags associated with an incident.

Returns:

• a string

# File 'lib/models/security_incident.rb', line 150

def custom_tags
    return @custom_tags
end

#custom_tags=(value) ⇒ Object

Sets the customTags property value. Array of custom tags associated with an incident.

Parameters:

• value —

  Value to set for the customTags property.

Returns:

• a void

# File 'lib/models/security_incident.rb', line 158

def custom_tags=(value)
    @custom_tags = value
end

#determination ⇒ Object

Gets the determination property value. Specifies the determination of the incident. Possible values are: unknown, apt, malware, securityPersonnel, securityTesting, unwantedSoftware, other, multiStagedAttack, compromisedUser, phishing, maliciousUserActivity, clean, insufficientData, confirmedUserActivity, lineOfBusinessApplication, unknownFutureValue.

Returns:

• a security_alert_determination

# File 'lib/models/security_incident.rb', line 165

def determination
    return @determination
end

#determination=(value) ⇒ Object

Sets the determination property value. Specifies the determination of the incident. Possible values are: unknown, apt, malware, securityPersonnel, securityTesting, unwantedSoftware, other, multiStagedAttack, compromisedUser, phishing, maliciousUserActivity, clean, insufficientData, confirmedUserActivity, lineOfBusinessApplication, unknownFutureValue.

Parameters:

• value —

  Value to set for the determination property.

Returns:

• a void

# File 'lib/models/security_incident.rb', line 173

def determination=(value)
    @determination = value
end

#display_name ⇒ Object

Gets the displayName property value. The incident name.

Returns:

• a string

# File 'lib/models/security_incident.rb', line 180

def display_name
    return @display_name
end

#display_name=(value) ⇒ Object

Sets the displayName property value. The incident name.

Parameters:

• value —

  Value to set for the displayName property.

Returns:

• a void

# File 'lib/models/security_incident.rb', line 188

def display_name=(value)
    @display_name = value
end

#get_field_deserializers ⇒ Object

The deserialization information for the current model

Returns:

• a i_dictionary

# File 'lib/models/security_incident.rb', line 195

def get_field_deserializers()
    return super.merge({
        "alerts" => lambda {|n| @alerts = n.get_collection_of_object_values(lambda {|pn| MicrosoftGraph::Models::SecurityAlert.create_from_discriminator_value(pn) }) },
        "assignedTo" => lambda {|n| @assigned_to = n.get_string_value() },
        "classification" => lambda {|n| @classification = n.get_enum_value(MicrosoftGraph::Models::SecurityAlertClassification) },
        "comments" => lambda {|n| @comments = n.get_collection_of_object_values(lambda {|pn| MicrosoftGraph::Models::SecurityAlertComment.create_from_discriminator_value(pn) }) },
        "createdDateTime" => lambda {|n| @created_date_time = n.get_date_time_value() },
        "customTags" => lambda {|n| @custom_tags = n.get_collection_of_primitive_values(String) },
        "determination" => lambda {|n| @determination = n.get_enum_value(MicrosoftGraph::Models::SecurityAlertDetermination) },
        "displayName" => lambda {|n| @display_name = n.get_string_value() },
        "incidentWebUrl" => lambda {|n| @incident_web_url = n.get_string_value() },
        "lastModifiedBy" => lambda {|n| @last_modified_by = n.get_string_value() },
        "lastUpdateDateTime" => lambda {|n| @last_update_date_time = n.get_date_time_value() },
        "redirectIncidentId" => lambda {|n| @redirect_incident_id = n.get_string_value() },
        "severity" => lambda {|n| @severity = n.get_enum_value(MicrosoftGraph::Models::SecurityAlertSeverity) },
        "status" => lambda {|n| @status = n.get_enum_value(MicrosoftGraph::Models::SecurityIncidentStatus) },
        "tenantId" => lambda {|n| @tenant_id = n.get_string_value() },
    })
end

#incident_web_url ⇒ Object

Gets the incidentWebUrl property value. The URL for the incident page in the Microsoft 365 Defender portal.

Returns:

• a string

# File 'lib/models/security_incident.rb', line 218

def incident_web_url
    return @incident_web_url
end

#incident_web_url=(value) ⇒ Object

Sets the incidentWebUrl property value. The URL for the incident page in the Microsoft 365 Defender portal.

Parameters:

• value —

  Value to set for the incidentWebUrl property.

Returns:

• a void

# File 'lib/models/security_incident.rb', line 226

def incident_web_url=(value)
    @incident_web_url = value
end

#last_modified_by ⇒ Object

Gets the lastModifiedBy property value. The lastModifiedBy property

Returns:

• a string

# File 'lib/models/security_incident.rb', line 233

def last_modified_by
    return @last_modified_by
end

#last_modified_by=(value) ⇒ Object

Sets the lastModifiedBy property value. The lastModifiedBy property

Parameters:

• value —

  Value to set for the lastModifiedBy property.

Returns:

• a void

# File 'lib/models/security_incident.rb', line 241

def last_modified_by=(value)
    @last_modified_by = value
end

#last_update_date_time ⇒ Object

Gets the lastUpdateDateTime property value. Time when the incident was last updated.

Returns:

• a date_time

# File 'lib/models/security_incident.rb', line 248

def last_update_date_time
    return @last_update_date_time
end

#last_update_date_time=(value) ⇒ Object

Sets the lastUpdateDateTime property value. Time when the incident was last updated.

Parameters:

• value —

  Value to set for the lastUpdateDateTime property.

Returns:

• a void

# File 'lib/models/security_incident.rb', line 256

def last_update_date_time=(value)
    @last_update_date_time = value
end

#redirect_incident_id ⇒ Object

Gets the redirectIncidentId property value. Only populated in case an incident is grouped together with another incident, as part of the logic that processes incidents. In such a case, the status property is redirected.

Returns:

• a string

# File 'lib/models/security_incident.rb', line 263

def redirect_incident_id
    return @redirect_incident_id
end

#redirect_incident_id=(value) ⇒ Object

Sets the redirectIncidentId property value. Only populated in case an incident is grouped together with another incident, as part of the logic that processes incidents. In such a case, the status property is redirected.

Parameters:

• value —

  Value to set for the redirectIncidentId property.

Returns:

• a void

# File 'lib/models/security_incident.rb', line 271

def redirect_incident_id=(value)
    @redirect_incident_id = value
end

#serialize(writer) ⇒ Object

Serializes information the current object

Parameters:

• writer —

  Serialization writer to use to serialize this model

Returns:

• a void

Raises:

• (StandardError)

# File 'lib/models/security_incident.rb', line 279

def serialize(writer)
    raise StandardError, 'writer cannot be null' if writer.nil?
    super
    writer.write_collection_of_object_values("alerts", @alerts)
    writer.write_string_value("assignedTo", @assigned_to)
    writer.write_enum_value("classification", @classification)
    writer.write_collection_of_object_values("comments", @comments)
    writer.write_date_time_value("createdDateTime", @created_date_time)
    writer.write_collection_of_primitive_values("customTags", @custom_tags)
    writer.write_enum_value("determination", @determination)
    writer.write_string_value("displayName", @display_name)
    writer.write_string_value("incidentWebUrl", @incident_web_url)
    writer.write_string_value("lastModifiedBy", @last_modified_by)
    writer.write_date_time_value("lastUpdateDateTime", @last_update_date_time)
    writer.write_string_value("redirectIncidentId", @redirect_incident_id)
    writer.write_enum_value("severity", @severity)
    writer.write_enum_value("status", @status)
    writer.write_string_value("tenantId", @tenant_id)
end

#severity ⇒ Object

Gets the severity property value. The severity property

Returns:

• a security_alert_severity

# File 'lib/models/security_incident.rb', line 302

def severity
    return @severity
end

#severity=(value) ⇒ Object

Sets the severity property value. The severity property

Parameters:

• value —

  Value to set for the severity property.

Returns:

• a void

# File 'lib/models/security_incident.rb', line 310

def severity=(value)
    @severity = value
end

#status ⇒ Object

Gets the status property value. The status property

Returns:

• a security_incident_status

# File 'lib/models/security_incident.rb', line 317

def status
    return @status
end

#status=(value) ⇒ Object

Sets the status property value. The status property

Parameters:

• value —

  Value to set for the status property.

Returns:

• a void

# File 'lib/models/security_incident.rb', line 325

def status=(value)
    @status = value
end

#tenant_id ⇒ Object

Gets the tenantId property value. The Azure Active Directory tenant in which the alert was created.

Returns:

• a string

# File 'lib/models/security_incident.rb', line 332

def tenant_id
    return @tenant_id
end

#tenant_id=(value) ⇒ Object

Sets the tenantId property value. The Azure Active Directory tenant in which the alert was created.

Parameters:

• value —

  Value to set for the tenantId property.

Returns:

• a void

# File 'lib/models/security_incident.rb', line 340

def tenant_id=(value)
    @tenant_id = value
end