NrtAlertRule interface
Represents NRT alert rule.
- Extends
Properties
| alert |
The alert details override settings |
| alert |
The Name of the alert rule template used to create this rule. |
| custom |
Dictionary of string key-value pairs of columns to be attached to the alert |
| description | The description of the alert rule. |
| display |
The display name for alerts created by this alert rule. |
| enabled | Determines whether this alert rule is enabled or disabled. |
| entity |
Array of the entity mappings of the alert rule |
| event |
The event grouping settings. |
| incident |
The settings of the incidents that created from alerts triggered by this analytics rule |
| kind | The kind of the alert rule |
| last |
The last time that this alert rule has been modified. |
| query | The query that creates alerts for this rule. |
| sentinel |
Array of the sentinel entity mappings of the alert rule |
| severity | The severity for alerts created by this alert rule. |
| sub |
The sub-techniques of the alert rule |
| suppression |
The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered. |
| suppression |
Determines whether the suppression for this alert rule is enabled or disabled. |
| tactics | The tactics of the alert rule |
| techniques | The techniques of the alert rule |
| template |
The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2> |
Inherited Properties
| etag | Etag of the azure resource |
| id | Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} |
| name | The name of the resource |
| system |
Azure Resource Manager metadata containing createdBy and modifiedBy information. |
| type | The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
Property Details
alertDetailsOverride
The alert details override settings
alertDetailsOverride?: AlertDetailsOverrideProperty Value
alertRuleTemplateName
The Name of the alert rule template used to create this rule.
alertRuleTemplateName?: stringProperty Value
string
customDetails
Dictionary of string key-value pairs of columns to be attached to the alert
customDetails?: Record<string, string>Property Value
Record<string, string>
description
The description of the alert rule.
description?: stringProperty Value
string
displayName
The display name for alerts created by this alert rule.
displayName?: stringProperty Value
string
enabled
Determines whether this alert rule is enabled or disabled.
enabled?: booleanProperty Value
boolean
entityMappings
Array of the entity mappings of the alert rule
entityMappings?: EntityMapping[]Property Value
eventGroupingSettings
The event grouping settings.
eventGroupingSettings?: EventGroupingSettingsProperty Value
incidentConfiguration
The settings of the incidents that created from alerts triggered by this analytics rule
incidentConfiguration?: IncidentConfigurationProperty Value
kind
The kind of the alert rule
kind: "NRT"Property Value
"NRT"
lastModifiedUtc
The last time that this alert rule has been modified.
lastModifiedUtc?: DateProperty Value
Date
query
The query that creates alerts for this rule.
query?: stringProperty Value
string
sentinelEntitiesMappings
Array of the sentinel entity mappings of the alert rule
sentinelEntitiesMappings?: SentinelEntityMapping[]Property Value
severity
The severity for alerts created by this alert rule.
severity?: stringProperty Value
string
subTechniques
The sub-techniques of the alert rule
subTechniques?: string[]Property Value
string[]
suppressionDuration
The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered.
suppressionDuration?: stringProperty Value
string
suppressionEnabled
Determines whether the suppression for this alert rule is enabled or disabled.
suppressionEnabled?: booleanProperty Value
boolean
tactics
The tactics of the alert rule
tactics?: string[]Property Value
string[]
techniques
The techniques of the alert rule
techniques?: string[]Property Value
string[]
templateVersion
The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>
templateVersion?: stringProperty Value
string
Inherited Property Details
etag
id
Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
id?: stringProperty Value
string
Inherited From AlertRule.id
name
systemData
Azure Resource Manager metadata containing createdBy and modifiedBy information.
systemData?: SystemDataProperty Value
Inherited From AlertRule.systemData
type
The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
type?: stringProperty Value
string
Inherited From AlertRule.type
