Source code for azure.mgmt.security.models.alert_py3

# coding=utf-8
# --------------------------------------------------------------------------
# Copyright (c) Microsoft Corporation. All rights reserved.
# Licensed under the MIT License. See License.txt in the project root for
# license information.
#
# Code generated by Microsoft (R) AutoRest Code Generator.
# Changes may cause incorrect behavior and will be lost if the code is
# regenerated.
# --------------------------------------------------------------------------

from .resource_py3 import Resource


[docs]class Alert(Resource): """Security alert. Variables are only populated by the server, and will be ignored when sending a request. :ivar id: Resource Id :vartype id: str :ivar name: Resource name :vartype name: str :ivar type: Resource type :vartype type: str :ivar state: State of the alert (Active, Dismissed etc.) :vartype state: str :ivar reported_time_utc: The time the incident was reported to Microsoft.Security in UTC :vartype reported_time_utc: datetime :ivar vendor_name: Name of the vendor that discovered the incident :vartype vendor_name: str :ivar alert_name: Name of the alert type :vartype alert_name: str :ivar alert_display_name: Display name of the alert type :vartype alert_display_name: str :ivar detected_time_utc: The time the incident was detected by the vendor :vartype detected_time_utc: datetime :ivar description: Description of the incident and what it means :vartype description: str :ivar remediation_steps: Recommended steps to reradiate the incident :vartype remediation_steps: str :ivar action_taken: The action that was taken as a response to the alert (Active, Blocked etc.) :vartype action_taken: str :ivar reported_severity: Estimated severity of this alert :vartype reported_severity: str :ivar compromised_entity: The entity that the incident happened on :vartype compromised_entity: str :ivar associated_resource: Azure resource ID of the associated resource :vartype associated_resource: str :param extended_properties: :type extended_properties: dict[str, object] :ivar system_source: The type of the alerted resource (Azure, Non-Azure) :vartype system_source: str :ivar can_be_investigated: Whether this alert can be investigated with Azure Security Center :vartype can_be_investigated: bool :param entities: objects that are related to this alerts :type entities: list[~azure.mgmt.security.models.AlertEntity] :ivar confidence_score: level of confidence we have on the alert :vartype confidence_score: float :param confidence_reasons: reasons the alert got the confidenceScore value :type confidence_reasons: list[~azure.mgmt.security.models.AlertConfidenceReason] :ivar subscription_id: Azure subscription ID of the resource that had the security alert or the subscription ID of the workspace that this resource reports to :vartype subscription_id: str :ivar instance_id: Instance ID of the alert. :vartype instance_id: str :ivar workspace_arm_id: Azure resource ID of the workspace that the alert was reported to. :vartype workspace_arm_id: str """ _validation = { 'id': {'readonly': True}, 'name': {'readonly': True}, 'type': {'readonly': True}, 'state': {'readonly': True}, 'reported_time_utc': {'readonly': True}, 'vendor_name': {'readonly': True}, 'alert_name': {'readonly': True}, 'alert_display_name': {'readonly': True}, 'detected_time_utc': {'readonly': True}, 'description': {'readonly': True}, 'remediation_steps': {'readonly': True}, 'action_taken': {'readonly': True}, 'reported_severity': {'readonly': True}, 'compromised_entity': {'readonly': True}, 'associated_resource': {'readonly': True}, 'system_source': {'readonly': True}, 'can_be_investigated': {'readonly': True}, 'confidence_score': {'readonly': True, 'maximum': 1, 'minimum': 0}, 'subscription_id': {'readonly': True}, 'instance_id': {'readonly': True}, 'workspace_arm_id': {'readonly': True}, } _attribute_map = { 'id': {'key': 'id', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, 'state': {'key': 'properties.state', 'type': 'str'}, 'reported_time_utc': {'key': 'properties.reportedTimeUtc', 'type': 'iso-8601'}, 'vendor_name': {'key': 'properties.vendorName', 'type': 'str'}, 'alert_name': {'key': 'properties.alertName', 'type': 'str'}, 'alert_display_name': {'key': 'properties.alertDisplayName', 'type': 'str'}, 'detected_time_utc': {'key': 'properties.detectedTimeUtc', 'type': 'iso-8601'}, 'description': {'key': 'properties.description', 'type': 'str'}, 'remediation_steps': {'key': 'properties.remediationSteps', 'type': 'str'}, 'action_taken': {'key': 'properties.actionTaken', 'type': 'str'}, 'reported_severity': {'key': 'properties.reportedSeverity', 'type': 'str'}, 'compromised_entity': {'key': 'properties.compromisedEntity', 'type': 'str'}, 'associated_resource': {'key': 'properties.associatedResource', 'type': 'str'}, 'extended_properties': {'key': 'properties.extendedProperties', 'type': '{object}'}, 'system_source': {'key': 'properties.systemSource', 'type': 'str'}, 'can_be_investigated': {'key': 'properties.canBeInvestigated', 'type': 'bool'}, 'entities': {'key': 'properties.entities', 'type': '[AlertEntity]'}, 'confidence_score': {'key': 'properties.confidenceScore', 'type': 'float'}, 'confidence_reasons': {'key': 'properties.confidenceReasons', 'type': '[AlertConfidenceReason]'}, 'subscription_id': {'key': 'properties.subscriptionId', 'type': 'str'}, 'instance_id': {'key': 'properties.instanceId', 'type': 'str'}, 'workspace_arm_id': {'key': 'properties.workspaceArmId', 'type': 'str'}, } def __init__(self, *, extended_properties=None, entities=None, confidence_reasons=None, **kwargs) -> None: super(Alert, self).__init__(**kwargs) self.state = None self.reported_time_utc = None self.vendor_name = None self.alert_name = None self.alert_display_name = None self.detected_time_utc = None self.description = None self.remediation_steps = None self.action_taken = None self.reported_severity = None self.compromised_entity = None self.associated_resource = None self.extended_properties = extended_properties self.system_source = None self.can_be_investigated = None self.entities = entities self.confidence_score = None self.confidence_reasons = confidence_reasons self.subscription_id = None self.instance_id = None self.workspace_arm_id = None