NrtAlertRuleTemplateProperties interface
NRT alert rule template properties
- Extends
Inherited Properties
| alert |
The alert details override settings |
| alert |
the number of alert rules that were created by this template |
| created |
The time that this alert rule template has been added. NOTE: This property will not be serialized. It can only be populated by the server. |
| custom |
Dictionary of string key-value pairs of columns to be attached to the alert |
| description | The description of the alert rule template. |
| display |
The display name for alert rule template. |
| entity |
Array of the entity mappings of the alert rule |
| event |
The event grouping settings. |
| last |
The last time that this alert rule template has been updated. NOTE: This property will not be serialized. It can only be populated by the server. |
| query | The query that creates alerts for this rule. |
| required |
The required data sources for this template |
| severity | The severity for alerts created by this alert rule. |
| status | The alert rule template status. |
| tactics | The tactics of the alert rule |
| techniques | The techniques of the alert rule |
| version | The version of this template - in format <a.b.c>, where all are numbers. For example <1.0.2>. |
Inherited Property Details
alertDetailsOverride
The alert details override settings
alertDetailsOverride?: AlertDetailsOverrideProperty Value
Inherited From QueryBasedAlertRuleTemplateProperties.alertDetailsOverride
alertRulesCreatedByTemplateCount
the number of alert rules that were created by this template
alertRulesCreatedByTemplateCount?: numberProperty Value
number
Inherited From AlertRuleTemplateWithMitreProperties.alertRulesCreatedByTemplateCount
createdDateUTC
The time that this alert rule template has been added. NOTE: This property will not be serialized. It can only be populated by the server.
createdDateUTC?: DateProperty Value
Date
Inherited From AlertRuleTemplateWithMitreProperties.createdDateUTC
customDetails
Dictionary of string key-value pairs of columns to be attached to the alert
customDetails?: {[propertyName: string]: string}Property Value
{[propertyName: string]: string}
Inherited From QueryBasedAlertRuleTemplateProperties.customDetails
description
The description of the alert rule template.
description?: stringProperty Value
string
Inherited From AlertRuleTemplateWithMitreProperties.description
displayName
The display name for alert rule template.
displayName?: stringProperty Value
string
Inherited From AlertRuleTemplateWithMitreProperties.displayName
entityMappings
Array of the entity mappings of the alert rule
entityMappings?: EntityMapping[]Property Value
Inherited From QueryBasedAlertRuleTemplateProperties.entityMappings
eventGroupingSettings
The event grouping settings.
eventGroupingSettings?: EventGroupingSettingsProperty Value
Inherited From QueryBasedAlertRuleTemplateProperties.eventGroupingSettings
lastUpdatedDateUTC
The last time that this alert rule template has been updated. NOTE: This property will not be serialized. It can only be populated by the server.
lastUpdatedDateUTC?: DateProperty Value
Date
Inherited From AlertRuleTemplateWithMitreProperties.lastUpdatedDateUTC
query
The query that creates alerts for this rule.
query?: stringProperty Value
string
Inherited From QueryBasedAlertRuleTemplateProperties.query
requiredDataConnectors
The required data sources for this template
requiredDataConnectors?: AlertRuleTemplateDataSource[]Property Value
Inherited From AlertRuleTemplateWithMitreProperties.requiredDataConnectors
severity
The severity for alerts created by this alert rule.
severity?: stringProperty Value
string
Inherited From QueryBasedAlertRuleTemplateProperties.severity
status
The alert rule template status.
status?: stringProperty Value
string
Inherited From AlertRuleTemplateWithMitreProperties.status
tactics
The tactics of the alert rule
tactics?: string[]Property Value
string[]
Inherited From AlertRuleTemplateWithMitreProperties.tactics
techniques
The techniques of the alert rule
techniques?: string[]Property Value
string[]
Inherited From AlertRuleTemplateWithMitreProperties.techniques
version
The version of this template - in format <a.b.c>, where all are numbers. For example <1.0.2>.
version?: stringProperty Value
string
Inherited From QueryBasedAlertRuleTemplateProperties.version
Azure SDK for JavaScript