This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.73.0 published on Wednesday, Nov 20, 2024 by Pulumi
azure-native.securityinsights.getScheduledAlertRule
Explore with Pulumi AI
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.73.0 published on Wednesday, Nov 20, 2024 by Pulumi
Gets the alert rule. Azure REST API version: 2023-02-01.
Using getScheduledAlertRule
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getScheduledAlertRule(args: GetScheduledAlertRuleArgs, opts?: InvokeOptions): Promise<GetScheduledAlertRuleResult>
function getScheduledAlertRuleOutput(args: GetScheduledAlertRuleOutputArgs, opts?: InvokeOptions): Output<GetScheduledAlertRuleResult>
def get_scheduled_alert_rule(resource_group_name: Optional[str] = None,
rule_id: Optional[str] = None,
workspace_name: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetScheduledAlertRuleResult
def get_scheduled_alert_rule_output(resource_group_name: Optional[pulumi.Input[str]] = None,
rule_id: Optional[pulumi.Input[str]] = None,
workspace_name: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetScheduledAlertRuleResult]
func LookupScheduledAlertRule(ctx *Context, args *LookupScheduledAlertRuleArgs, opts ...InvokeOption) (*LookupScheduledAlertRuleResult, error)
func LookupScheduledAlertRuleOutput(ctx *Context, args *LookupScheduledAlertRuleOutputArgs, opts ...InvokeOption) LookupScheduledAlertRuleResultOutput
> Note: This function is named LookupScheduledAlertRule
in the Go SDK.
public static class GetScheduledAlertRule
{
public static Task<GetScheduledAlertRuleResult> InvokeAsync(GetScheduledAlertRuleArgs args, InvokeOptions? opts = null)
public static Output<GetScheduledAlertRuleResult> Invoke(GetScheduledAlertRuleInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetScheduledAlertRuleResult> getScheduledAlertRule(GetScheduledAlertRuleArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: azure-native:securityinsights:getScheduledAlertRule
arguments:
# arguments dictionary
The following arguments are supported:
- Resource
Group stringName - The name of the resource group. The name is case insensitive.
- Rule
Id string - Alert rule ID
- Workspace
Name string - The name of the workspace.
- Resource
Group stringName - The name of the resource group. The name is case insensitive.
- Rule
Id string - Alert rule ID
- Workspace
Name string - The name of the workspace.
- resource
Group StringName - The name of the resource group. The name is case insensitive.
- rule
Id String - Alert rule ID
- workspace
Name String - The name of the workspace.
- resource
Group stringName - The name of the resource group. The name is case insensitive.
- rule
Id string - Alert rule ID
- workspace
Name string - The name of the workspace.
- resource_
group_ strname - The name of the resource group. The name is case insensitive.
- rule_
id str - Alert rule ID
- workspace_
name str - The name of the workspace.
- resource
Group StringName - The name of the resource group. The name is case insensitive.
- rule
Id String - Alert rule ID
- workspace
Name String - The name of the workspace.
getScheduledAlertRule Result
The following output properties are available:
- Display
Name string - The display name for alerts created by this alert rule.
- Enabled bool
- Determines whether this alert rule is enabled or disabled.
- Id string
- Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
- Last
Modified stringUtc - The last time that this alert rule has been modified.
- Name string
- The name of the resource
- Query string
- The query that creates alerts for this rule.
- Query
Frequency string - The frequency (in ISO 8601 duration format) for this alert rule to run.
- Query
Period string - The period (in ISO 8601 duration format) that this alert rule looks at.
- Severity string
- The severity for alerts created by this alert rule.
- Suppression
Duration string - The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered.
- Suppression
Enabled bool - Determines whether the suppression for this alert rule is enabled or disabled.
- System
Data Pulumi.Azure Native. Security Insights. Outputs. System Data Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- Trigger
Operator string - The operation against the threshold that triggers alert rule.
- Trigger
Threshold int - The threshold triggers this alert rule.
- Type string
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- Alert
Details Pulumi.Override Azure Native. Security Insights. Outputs. Alert Details Override Response - The alert details override settings
- Alert
Rule stringTemplate Name - The Name of the alert rule template used to create this rule.
- Custom
Details Dictionary<string, string> - Dictionary of string key-value pairs of columns to be attached to the alert
- Description string
- The description of the alert rule.
- Entity
Mappings List<Pulumi.Azure Native. Security Insights. Outputs. Entity Mapping Response> - Array of the entity mappings of the alert rule
- Etag string
- Etag of the azure resource
- Event
Grouping Pulumi.Settings Azure Native. Security Insights. Outputs. Event Grouping Settings Response - The event grouping settings.
- Incident
Configuration Pulumi.Azure Native. Security Insights. Outputs. Incident Configuration Response - The settings of the incidents that created from alerts triggered by this analytics rule
- Tactics List<string>
- The tactics of the alert rule
- Techniques List<string>
- The techniques of the alert rule
- Template
Version string - The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>
- Display
Name string - The display name for alerts created by this alert rule.
- Enabled bool
- Determines whether this alert rule is enabled or disabled.
- Id string
- Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
- Last
Modified stringUtc - The last time that this alert rule has been modified.
- Name string
- The name of the resource
- Query string
- The query that creates alerts for this rule.
- Query
Frequency string - The frequency (in ISO 8601 duration format) for this alert rule to run.
- Query
Period string - The period (in ISO 8601 duration format) that this alert rule looks at.
- Severity string
- The severity for alerts created by this alert rule.
- Suppression
Duration string - The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered.
- Suppression
Enabled bool - Determines whether the suppression for this alert rule is enabled or disabled.
- System
Data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- Trigger
Operator string - The operation against the threshold that triggers alert rule.
- Trigger
Threshold int - The threshold triggers this alert rule.
- Type string
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- Alert
Details AlertOverride Details Override Response - The alert details override settings
- Alert
Rule stringTemplate Name - The Name of the alert rule template used to create this rule.
- Custom
Details map[string]string - Dictionary of string key-value pairs of columns to be attached to the alert
- Description string
- The description of the alert rule.
- Entity
Mappings []EntityMapping Response - Array of the entity mappings of the alert rule
- Etag string
- Etag of the azure resource
- Event
Grouping EventSettings Grouping Settings Response - The event grouping settings.
- Incident
Configuration IncidentConfiguration Response - The settings of the incidents that created from alerts triggered by this analytics rule
- Tactics []string
- The tactics of the alert rule
- Techniques []string
- The techniques of the alert rule
- Template
Version string - The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>
- display
Name String - The display name for alerts created by this alert rule.
- enabled Boolean
- Determines whether this alert rule is enabled or disabled.
- id String
- Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
- last
Modified StringUtc - The last time that this alert rule has been modified.
- name String
- The name of the resource
- query String
- The query that creates alerts for this rule.
- query
Frequency String - The frequency (in ISO 8601 duration format) for this alert rule to run.
- query
Period String - The period (in ISO 8601 duration format) that this alert rule looks at.
- severity String
- The severity for alerts created by this alert rule.
- suppression
Duration String - The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered.
- suppression
Enabled Boolean - Determines whether the suppression for this alert rule is enabled or disabled.
- system
Data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- trigger
Operator String - The operation against the threshold that triggers alert rule.
- trigger
Threshold Integer - The threshold triggers this alert rule.
- type String
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- alert
Details AlertOverride Details Override Response - The alert details override settings
- alert
Rule StringTemplate Name - The Name of the alert rule template used to create this rule.
- custom
Details Map<String,String> - Dictionary of string key-value pairs of columns to be attached to the alert
- description String
- The description of the alert rule.
- entity
Mappings List<EntityMapping Response> - Array of the entity mappings of the alert rule
- etag String
- Etag of the azure resource
- event
Grouping EventSettings Grouping Settings Response - The event grouping settings.
- incident
Configuration IncidentConfiguration Response - The settings of the incidents that created from alerts triggered by this analytics rule
- tactics List<String>
- The tactics of the alert rule
- techniques List<String>
- The techniques of the alert rule
- template
Version String - The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>
- display
Name string - The display name for alerts created by this alert rule.
- enabled boolean
- Determines whether this alert rule is enabled or disabled.
- id string
- Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
- last
Modified stringUtc - The last time that this alert rule has been modified.
- name string
- The name of the resource
- query string
- The query that creates alerts for this rule.
- query
Frequency string - The frequency (in ISO 8601 duration format) for this alert rule to run.
- query
Period string - The period (in ISO 8601 duration format) that this alert rule looks at.
- severity string
- The severity for alerts created by this alert rule.
- suppression
Duration string - The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered.
- suppression
Enabled boolean - Determines whether the suppression for this alert rule is enabled or disabled.
- system
Data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- trigger
Operator string - The operation against the threshold that triggers alert rule.
- trigger
Threshold number - The threshold triggers this alert rule.
- type string
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- alert
Details AlertOverride Details Override Response - The alert details override settings
- alert
Rule stringTemplate Name - The Name of the alert rule template used to create this rule.
- custom
Details {[key: string]: string} - Dictionary of string key-value pairs of columns to be attached to the alert
- description string
- The description of the alert rule.
- entity
Mappings EntityMapping Response[] - Array of the entity mappings of the alert rule
- etag string
- Etag of the azure resource
- event
Grouping EventSettings Grouping Settings Response - The event grouping settings.
- incident
Configuration IncidentConfiguration Response - The settings of the incidents that created from alerts triggered by this analytics rule
- tactics string[]
- The tactics of the alert rule
- techniques string[]
- The techniques of the alert rule
- template
Version string - The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>
- display_
name str - The display name for alerts created by this alert rule.
- enabled bool
- Determines whether this alert rule is enabled or disabled.
- id str
- Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
- last_
modified_ strutc - The last time that this alert rule has been modified.
- name str
- The name of the resource
- query str
- The query that creates alerts for this rule.
- query_
frequency str - The frequency (in ISO 8601 duration format) for this alert rule to run.
- query_
period str - The period (in ISO 8601 duration format) that this alert rule looks at.
- severity str
- The severity for alerts created by this alert rule.
- suppression_
duration str - The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered.
- suppression_
enabled bool - Determines whether the suppression for this alert rule is enabled or disabled.
- system_
data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- trigger_
operator str - The operation against the threshold that triggers alert rule.
- trigger_
threshold int - The threshold triggers this alert rule.
- type str
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- alert_
details_ Alertoverride Details Override Response - The alert details override settings
- alert_
rule_ strtemplate_ name - The Name of the alert rule template used to create this rule.
- custom_
details Mapping[str, str] - Dictionary of string key-value pairs of columns to be attached to the alert
- description str
- The description of the alert rule.
- entity_
mappings Sequence[EntityMapping Response] - Array of the entity mappings of the alert rule
- etag str
- Etag of the azure resource
- event_
grouping_ Eventsettings Grouping Settings Response - The event grouping settings.
- incident_
configuration IncidentConfiguration Response - The settings of the incidents that created from alerts triggered by this analytics rule
- tactics Sequence[str]
- The tactics of the alert rule
- techniques Sequence[str]
- The techniques of the alert rule
- template_
version str - The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>
- display
Name String - The display name for alerts created by this alert rule.
- enabled Boolean
- Determines whether this alert rule is enabled or disabled.
- id String
- Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
- last
Modified StringUtc - The last time that this alert rule has been modified.
- name String
- The name of the resource
- query String
- The query that creates alerts for this rule.
- query
Frequency String - The frequency (in ISO 8601 duration format) for this alert rule to run.
- query
Period String - The period (in ISO 8601 duration format) that this alert rule looks at.
- severity String
- The severity for alerts created by this alert rule.
- suppression
Duration String - The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered.
- suppression
Enabled Boolean - Determines whether the suppression for this alert rule is enabled or disabled.
- system
Data Property Map - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- trigger
Operator String - The operation against the threshold that triggers alert rule.
- trigger
Threshold Number - The threshold triggers this alert rule.
- type String
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- alert
Details Property MapOverride - The alert details override settings
- alert
Rule StringTemplate Name - The Name of the alert rule template used to create this rule.
- custom
Details Map<String> - Dictionary of string key-value pairs of columns to be attached to the alert
- description String
- The description of the alert rule.
- entity
Mappings List<Property Map> - Array of the entity mappings of the alert rule
- etag String
- Etag of the azure resource
- event
Grouping Property MapSettings - The event grouping settings.
- incident
Configuration Property Map - The settings of the incidents that created from alerts triggered by this analytics rule
- tactics List<String>
- The tactics of the alert rule
- techniques List<String>
- The techniques of the alert rule
- template
Version String - The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>
Supporting Types
AlertDetailsOverrideResponse
- Alert
Description stringFormat - the format containing columns name(s) to override the alert description
- Alert
Display stringName Format - the format containing columns name(s) to override the alert name
- Alert
Dynamic List<Pulumi.Properties Azure Native. Security Insights. Inputs. Alert Property Mapping Response> - List of additional dynamic properties to override
- Alert
Severity stringColumn Name - the column name to take the alert severity from
- Alert
Tactics stringColumn Name - the column name to take the alert tactics from
- Alert
Description stringFormat - the format containing columns name(s) to override the alert description
- Alert
Display stringName Format - the format containing columns name(s) to override the alert name
- Alert
Dynamic []AlertProperties Property Mapping Response - List of additional dynamic properties to override
- Alert
Severity stringColumn Name - the column name to take the alert severity from
- Alert
Tactics stringColumn Name - the column name to take the alert tactics from
- alert
Description StringFormat - the format containing columns name(s) to override the alert description
- alert
Display StringName Format - the format containing columns name(s) to override the alert name
- alert
Dynamic List<AlertProperties Property Mapping Response> - List of additional dynamic properties to override
- alert
Severity StringColumn Name - the column name to take the alert severity from
- alert
Tactics StringColumn Name - the column name to take the alert tactics from
- alert
Description stringFormat - the format containing columns name(s) to override the alert description
- alert
Display stringName Format - the format containing columns name(s) to override the alert name
- alert
Dynamic AlertProperties Property Mapping Response[] - List of additional dynamic properties to override
- alert
Severity stringColumn Name - the column name to take the alert severity from
- alert
Tactics stringColumn Name - the column name to take the alert tactics from
- alert_
description_ strformat - the format containing columns name(s) to override the alert description
- alert_
display_ strname_ format - the format containing columns name(s) to override the alert name
- alert_
dynamic_ Sequence[Alertproperties Property Mapping Response] - List of additional dynamic properties to override
- alert_
severity_ strcolumn_ name - the column name to take the alert severity from
- alert_
tactics_ strcolumn_ name - the column name to take the alert tactics from
- alert
Description StringFormat - the format containing columns name(s) to override the alert description
- alert
Display StringName Format - the format containing columns name(s) to override the alert name
- alert
Dynamic List<Property Map>Properties - List of additional dynamic properties to override
- alert
Severity StringColumn Name - the column name to take the alert severity from
- alert
Tactics StringColumn Name - the column name to take the alert tactics from
AlertPropertyMappingResponse
- Alert
Property string - The V3 alert property
- Value string
- the column name to use to override this property
- Alert
Property string - The V3 alert property
- Value string
- the column name to use to override this property
- alert
Property String - The V3 alert property
- value String
- the column name to use to override this property
- alert
Property string - The V3 alert property
- value string
- the column name to use to override this property
- alert_
property str - The V3 alert property
- value str
- the column name to use to override this property
- alert
Property String - The V3 alert property
- value String
- the column name to use to override this property
EntityMappingResponse
- Entity
Type string - The V3 type of the mapped entity
- Field
Mappings List<Pulumi.Azure Native. Security Insights. Inputs. Field Mapping Response> - array of field mappings for the given entity mapping
- Entity
Type string - The V3 type of the mapped entity
- Field
Mappings []FieldMapping Response - array of field mappings for the given entity mapping
- entity
Type String - The V3 type of the mapped entity
- field
Mappings List<FieldMapping Response> - array of field mappings for the given entity mapping
- entity
Type string - The V3 type of the mapped entity
- field
Mappings FieldMapping Response[] - array of field mappings for the given entity mapping
- entity_
type str - The V3 type of the mapped entity
- field_
mappings Sequence[FieldMapping Response] - array of field mappings for the given entity mapping
- entity
Type String - The V3 type of the mapped entity
- field
Mappings List<Property Map> - array of field mappings for the given entity mapping
EventGroupingSettingsResponse
- Aggregation
Kind string - The event grouping aggregation kinds
- Aggregation
Kind string - The event grouping aggregation kinds
- aggregation
Kind String - The event grouping aggregation kinds
- aggregation
Kind string - The event grouping aggregation kinds
- aggregation_
kind str - The event grouping aggregation kinds
- aggregation
Kind String - The event grouping aggregation kinds
FieldMappingResponse
- Column
Name string - the column name to be mapped to the identifier
- Identifier string
- the V3 identifier of the entity
- Column
Name string - the column name to be mapped to the identifier
- Identifier string
- the V3 identifier of the entity
- column
Name String - the column name to be mapped to the identifier
- identifier String
- the V3 identifier of the entity
- column
Name string - the column name to be mapped to the identifier
- identifier string
- the V3 identifier of the entity
- column_
name str - the column name to be mapped to the identifier
- identifier str
- the V3 identifier of the entity
- column
Name String - the column name to be mapped to the identifier
- identifier String
- the V3 identifier of the entity
GroupingConfigurationResponse
- Enabled bool
- Grouping enabled
- Lookback
Duration string - Limit the group to alerts created within the lookback duration (in ISO 8601 duration format)
- Matching
Method string - Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, groupByCustomDetails must be provided and not empty.
- Reopen
Closed boolIncident - Re-open closed matching incidents
- Group
By List<string>Alert Details - A list of alert details to group by (when matchingMethod is Selected)
- Group
By List<string>Custom Details - A list of custom details keys to group by (when matchingMethod is Selected). Only keys defined in the current alert rule may be used.
- Group
By List<string>Entities - A list of entity types to group by (when matchingMethod is Selected). Only entities defined in the current alert rule may be used.
- Enabled bool
- Grouping enabled
- Lookback
Duration string - Limit the group to alerts created within the lookback duration (in ISO 8601 duration format)
- Matching
Method string - Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, groupByCustomDetails must be provided and not empty.
- Reopen
Closed boolIncident - Re-open closed matching incidents
- Group
By []stringAlert Details - A list of alert details to group by (when matchingMethod is Selected)
- Group
By []stringCustom Details - A list of custom details keys to group by (when matchingMethod is Selected). Only keys defined in the current alert rule may be used.
- Group
By []stringEntities - A list of entity types to group by (when matchingMethod is Selected). Only entities defined in the current alert rule may be used.
- enabled Boolean
- Grouping enabled
- lookback
Duration String - Limit the group to alerts created within the lookback duration (in ISO 8601 duration format)
- matching
Method String - Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, groupByCustomDetails must be provided and not empty.
- reopen
Closed BooleanIncident - Re-open closed matching incidents
- group
By List<String>Alert Details - A list of alert details to group by (when matchingMethod is Selected)
- group
By List<String>Custom Details - A list of custom details keys to group by (when matchingMethod is Selected). Only keys defined in the current alert rule may be used.
- group
By List<String>Entities - A list of entity types to group by (when matchingMethod is Selected). Only entities defined in the current alert rule may be used.
- enabled boolean
- Grouping enabled
- lookback
Duration string - Limit the group to alerts created within the lookback duration (in ISO 8601 duration format)
- matching
Method string - Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, groupByCustomDetails must be provided and not empty.
- reopen
Closed booleanIncident - Re-open closed matching incidents
- group
By string[]Alert Details - A list of alert details to group by (when matchingMethod is Selected)
- group
By string[]Custom Details - A list of custom details keys to group by (when matchingMethod is Selected). Only keys defined in the current alert rule may be used.
- group
By string[]Entities - A list of entity types to group by (when matchingMethod is Selected). Only entities defined in the current alert rule may be used.
- enabled bool
- Grouping enabled
- lookback_
duration str - Limit the group to alerts created within the lookback duration (in ISO 8601 duration format)
- matching_
method str - Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, groupByCustomDetails must be provided and not empty.
- reopen_
closed_ boolincident - Re-open closed matching incidents
- group_
by_ Sequence[str]alert_ details - A list of alert details to group by (when matchingMethod is Selected)
- group_
by_ Sequence[str]custom_ details - A list of custom details keys to group by (when matchingMethod is Selected). Only keys defined in the current alert rule may be used.
- group_
by_ Sequence[str]entities - A list of entity types to group by (when matchingMethod is Selected). Only entities defined in the current alert rule may be used.
- enabled Boolean
- Grouping enabled
- lookback
Duration String - Limit the group to alerts created within the lookback duration (in ISO 8601 duration format)
- matching
Method String - Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, groupByCustomDetails must be provided and not empty.
- reopen
Closed BooleanIncident - Re-open closed matching incidents
- group
By List<String>Alert Details - A list of alert details to group by (when matchingMethod is Selected)
- group
By List<String>Custom Details - A list of custom details keys to group by (when matchingMethod is Selected). Only keys defined in the current alert rule may be used.
- group
By List<String>Entities - A list of entity types to group by (when matchingMethod is Selected). Only entities defined in the current alert rule may be used.
IncidentConfigurationResponse
- Create
Incident bool - Create incidents from alerts triggered by this analytics rule
- Grouping
Configuration Pulumi.Azure Native. Security Insights. Inputs. Grouping Configuration Response - Set how the alerts that are triggered by this analytics rule, are grouped into incidents
- Create
Incident bool - Create incidents from alerts triggered by this analytics rule
- Grouping
Configuration GroupingConfiguration Response - Set how the alerts that are triggered by this analytics rule, are grouped into incidents
- create
Incident Boolean - Create incidents from alerts triggered by this analytics rule
- grouping
Configuration GroupingConfiguration Response - Set how the alerts that are triggered by this analytics rule, are grouped into incidents
- create
Incident boolean - Create incidents from alerts triggered by this analytics rule
- grouping
Configuration GroupingConfiguration Response - Set how the alerts that are triggered by this analytics rule, are grouped into incidents
- create_
incident bool - Create incidents from alerts triggered by this analytics rule
- grouping_
configuration GroupingConfiguration Response - Set how the alerts that are triggered by this analytics rule, are grouped into incidents
- create
Incident Boolean - Create incidents from alerts triggered by this analytics rule
- grouping
Configuration Property Map - Set how the alerts that are triggered by this analytics rule, are grouped into incidents
SystemDataResponse
- Created
At string - The timestamp of resource creation (UTC).
- Created
By string - The identity that created the resource.
- Created
By stringType - The type of identity that created the resource.
- Last
Modified stringAt - The timestamp of resource last modification (UTC)
- Last
Modified stringBy - The identity that last modified the resource.
- Last
Modified stringBy Type - The type of identity that last modified the resource.
- Created
At string - The timestamp of resource creation (UTC).
- Created
By string - The identity that created the resource.
- Created
By stringType - The type of identity that created the resource.
- Last
Modified stringAt - The timestamp of resource last modification (UTC)
- Last
Modified stringBy - The identity that last modified the resource.
- Last
Modified stringBy Type - The type of identity that last modified the resource.
- created
At String - The timestamp of resource creation (UTC).
- created
By String - The identity that created the resource.
- created
By StringType - The type of identity that created the resource.
- last
Modified StringAt - The timestamp of resource last modification (UTC)
- last
Modified StringBy - The identity that last modified the resource.
- last
Modified StringBy Type - The type of identity that last modified the resource.
- created
At string - The timestamp of resource creation (UTC).
- created
By string - The identity that created the resource.
- created
By stringType - The type of identity that created the resource.
- last
Modified stringAt - The timestamp of resource last modification (UTC)
- last
Modified stringBy - The identity that last modified the resource.
- last
Modified stringBy Type - The type of identity that last modified the resource.
- created_
at str - The timestamp of resource creation (UTC).
- created_
by str - The identity that created the resource.
- created_
by_ strtype - The type of identity that created the resource.
- last_
modified_ strat - The timestamp of resource last modification (UTC)
- last_
modified_ strby - The identity that last modified the resource.
- last_
modified_ strby_ type - The type of identity that last modified the resource.
- created
At String - The timestamp of resource creation (UTC).
- created
By String - The identity that created the resource.
- created
By StringType - The type of identity that created the resource.
- last
Modified StringAt - The timestamp of resource last modification (UTC)
- last
Modified StringBy - The identity that last modified the resource.
- last
Modified StringBy Type - The type of identity that last modified the resource.
Package Details
- Repository
- Azure Native pulumi/pulumi-azure-native
- License
- Apache-2.0
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.73.0 published on Wednesday, Nov 20, 2024 by Pulumi