IncidentAdditionalData interface
Incident additional data property bag.
Properties
| alert |
List of product names of alerts in the incident |
| alerts |
The number of alerts in the incident |
| bookmarks |
The number of bookmarks in the incident |
| comments |
The number of comments in the incident |
| merged |
The incident number of the incident that the current incident was merged into |
| merged |
The URL to the incident that the current incident was merged into |
| provider |
The provider incident url to the incident in Microsoft 365 Defender portal |
| tactics | The tactics associated with incident |
| techniques | The techniques associated with incident's tactics |
Property Details
alertProductNames
List of product names of alerts in the incident
alertProductNames?: string[]Property Value
string[]
alertsCount
The number of alerts in the incident
alertsCount?: numberProperty Value
number
bookmarksCount
The number of bookmarks in the incident
bookmarksCount?: numberProperty Value
number
commentsCount
The number of comments in the incident
commentsCount?: numberProperty Value
number
mergedIncidentNumber
The incident number of the incident that the current incident was merged into
mergedIncidentNumber?: stringProperty Value
string
mergedIncidentUrl
The URL to the incident that the current incident was merged into
mergedIncidentUrl?: stringProperty Value
string
providerIncidentUrl
The provider incident url to the incident in Microsoft 365 Defender portal
providerIncidentUrl?: stringProperty Value
string
tactics
The tactics associated with incident
tactics?: string[]Property Value
string[]
techniques
The techniques associated with incident's tactics
techniques?: string[]Property Value
string[]
