Incident interface

Represents an incident in Azure Security Insights.

Extends

Properties

additionalData

Additional data on the incident

classification

The reason the incident was closed

classificationComment

Describes the reason the incident was closed

classificationReason

The classification reason the incident was closed with

createdTimeUtc

The time the incident was created

description

The description of the incident

etag

Etag of the azure resource

firstActivityTimeUtc

The time of the first activity in the incident

incidentNumber

A sequential number

incidentUrl

The deep-link url to the incident in Azure portal

labels

List of labels relevant to this incident

lastActivityTimeUtc

The time of the last activity in the incident

lastModifiedTimeUtc

The last time the incident was updated

owner

Describes a user that the incident is assigned to

providerIncidentId

The incident ID assigned by the incident provider

providerName

The name of the source provider that generated the incident

relatedAnalyticRuleIds

List of resource ids of Analytic rules related to the incident

severity

The severity of the incident

status

The status of the incident

teamInformation

Describes a team for the incident

title

The title of the incident

Inherited Properties

id

Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

name

The name of the resource

systemData

Azure Resource Manager metadata containing createdBy and modifiedBy information.

type

The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"

Property Details

additionalData

Additional data on the incident

additionalData?: IncidentAdditionalData

Property Value

classification

The reason the incident was closed

classification?: string

Property Value

string

classificationComment

Describes the reason the incident was closed

classificationComment?: string

Property Value

string

classificationReason

The classification reason the incident was closed with

classificationReason?: string

Property Value

string

createdTimeUtc

The time the incident was created

createdTimeUtc?: Date

Property Value

Date

description

The description of the incident

description?: string

Property Value

string

etag

Etag of the azure resource

etag?: string

Property Value

string

firstActivityTimeUtc

The time of the first activity in the incident

firstActivityTimeUtc?: Date

Property Value

Date

incidentNumber

A sequential number

incidentNumber?: number

Property Value

number

incidentUrl

The deep-link url to the incident in Azure portal

incidentUrl?: string

Property Value

string

labels

List of labels relevant to this incident

labels?: IncidentLabel[]

Property Value

lastActivityTimeUtc

The time of the last activity in the incident

lastActivityTimeUtc?: Date

Property Value

Date

lastModifiedTimeUtc

The last time the incident was updated

lastModifiedTimeUtc?: Date

Property Value

Date

owner

Describes a user that the incident is assigned to

owner?: IncidentOwnerInfo

Property Value

providerIncidentId

The incident ID assigned by the incident provider

providerIncidentId?: string

Property Value

string

providerName

The name of the source provider that generated the incident

providerName?: string

Property Value

string

relatedAnalyticRuleIds

List of resource ids of Analytic rules related to the incident

relatedAnalyticRuleIds?: string[]

Property Value

string[]

severity

The severity of the incident

severity?: string

Property Value

string

status

The status of the incident

status?: string

Property Value

string

teamInformation

Describes a team for the incident

teamInformation?: TeamInformation

Property Value

title

The title of the incident

title?: string

Property Value

string

Inherited Property Details

id

Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}

id?: string

Property Value

string

Inherited From ProxyResource.id

name

The name of the resource

name?: string

Property Value

string

Inherited From ProxyResource.name

systemData

Azure Resource Manager metadata containing createdBy and modifiedBy information.

systemData?: SystemData

Property Value

Inherited From ProxyResource.systemData

type

The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"

type?: string

Property Value

string

Inherited From ProxyResource.type