com.azure.resourcemanager.securityinsights.fluent.models.NrtAlertRuleProperties Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of azure-resourcemanager-securityinsights Show documentation
Show all versions of azure-resourcemanager-securityinsights Show documentation
This package contains Microsoft Azure SDK for SecurityInsights Management SDK. For documentation on how to use this package, please see https://aka.ms/azsdk/java/mgmt. API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider. Package tag package-preview-2022-09.
The newest version!
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.
// Code generated by Microsoft (R) AutoRest Code Generator.
package com.azure.resourcemanager.securityinsights.fluent.models;
import com.azure.core.annotation.Fluent;
import com.azure.core.util.CoreUtils;
import com.azure.core.util.logging.ClientLogger;
import com.azure.json.JsonReader;
import com.azure.json.JsonSerializable;
import com.azure.json.JsonToken;
import com.azure.json.JsonWriter;
import com.azure.resourcemanager.securityinsights.models.AlertDetailsOverride;
import com.azure.resourcemanager.securityinsights.models.AlertSeverity;
import com.azure.resourcemanager.securityinsights.models.AttackTactic;
import com.azure.resourcemanager.securityinsights.models.EntityMapping;
import com.azure.resourcemanager.securityinsights.models.EventGroupingSettings;
import com.azure.resourcemanager.securityinsights.models.IncidentConfiguration;
import java.io.IOException;
import java.time.Duration;
import java.time.OffsetDateTime;
import java.util.List;
import java.util.Map;
/**
* Nrt alert rule base property bag.
*/
@Fluent
public final class NrtAlertRuleProperties implements JsonSerializable {
/*
* The Name of the alert rule template used to create this rule.
*/
private String alertRuleTemplateName;
/*
* The version of the alert rule template used to create this rule - in format , where all are numbers, for
* example 0 <1.0.2>
*/
private String templateVersion;
/*
* The description of the alert rule.
*/
private String description;
/*
* The query that creates alerts for this rule.
*/
private String query;
/*
* The tactics of the alert rule
*/
private List tactics;
/*
* The techniques of the alert rule
*/
private List techniques;
/*
* The display name for alerts created by this alert rule.
*/
private String displayName;
/*
* Determines whether this alert rule is enabled or disabled.
*/
private boolean enabled;
/*
* The last time that this alert rule has been modified.
*/
private OffsetDateTime lastModifiedUtc;
/*
* The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered.
*/
private Duration suppressionDuration;
/*
* Determines whether the suppression for this alert rule is enabled or disabled.
*/
private boolean suppressionEnabled;
/*
* The severity for alerts created by this alert rule.
*/
private AlertSeverity severity;
/*
* The settings of the incidents that created from alerts triggered by this analytics rule
*/
private IncidentConfiguration incidentConfiguration;
/*
* Dictionary of string key-value pairs of columns to be attached to the alert
*/
private Map customDetails;
/*
* Array of the entity mappings of the alert rule
*/
private List entityMappings;
/*
* The alert details override settings
*/
private AlertDetailsOverride alertDetailsOverride;
/*
* The event grouping settings.
*/
private EventGroupingSettings eventGroupingSettings;
/**
* Creates an instance of NrtAlertRuleProperties class.
*/
public NrtAlertRuleProperties() {
}
/**
* Get the alertRuleTemplateName property: The Name of the alert rule template used to create this rule.
*
* @return the alertRuleTemplateName value.
*/
public String alertRuleTemplateName() {
return this.alertRuleTemplateName;
}
/**
* Set the alertRuleTemplateName property: The Name of the alert rule template used to create this rule.
*
* @param alertRuleTemplateName the alertRuleTemplateName value to set.
* @return the NrtAlertRuleProperties object itself.
*/
public NrtAlertRuleProperties withAlertRuleTemplateName(String alertRuleTemplateName) {
this.alertRuleTemplateName = alertRuleTemplateName;
return this;
}
/**
* Get the templateVersion property: The version of the alert rule template used to create this rule - in format
* <a.b.c>, where all are numbers, for example 0 <1.0.2>.
*
* @return the templateVersion value.
*/
public String templateVersion() {
return this.templateVersion;
}
/**
* Set the templateVersion property: The version of the alert rule template used to create this rule - in format
* <a.b.c>, where all are numbers, for example 0 <1.0.2>.
*
* @param templateVersion the templateVersion value to set.
* @return the NrtAlertRuleProperties object itself.
*/
public NrtAlertRuleProperties withTemplateVersion(String templateVersion) {
this.templateVersion = templateVersion;
return this;
}
/**
* Get the description property: The description of the alert rule.
*
* @return the description value.
*/
public String description() {
return this.description;
}
/**
* Set the description property: The description of the alert rule.
*
* @param description the description value to set.
* @return the NrtAlertRuleProperties object itself.
*/
public NrtAlertRuleProperties withDescription(String description) {
this.description = description;
return this;
}
/**
* Get the query property: The query that creates alerts for this rule.
*
* @return the query value.
*/
public String query() {
return this.query;
}
/**
* Set the query property: The query that creates alerts for this rule.
*
* @param query the query value to set.
* @return the NrtAlertRuleProperties object itself.
*/
public NrtAlertRuleProperties withQuery(String query) {
this.query = query;
return this;
}
/**
* Get the tactics property: The tactics of the alert rule.
*
* @return the tactics value.
*/
public List tactics() {
return this.tactics;
}
/**
* Set the tactics property: The tactics of the alert rule.
*
* @param tactics the tactics value to set.
* @return the NrtAlertRuleProperties object itself.
*/
public NrtAlertRuleProperties withTactics(List tactics) {
this.tactics = tactics;
return this;
}
/**
* Get the techniques property: The techniques of the alert rule.
*
* @return the techniques value.
*/
public List techniques() {
return this.techniques;
}
/**
* Set the techniques property: The techniques of the alert rule.
*
* @param techniques the techniques value to set.
* @return the NrtAlertRuleProperties object itself.
*/
public NrtAlertRuleProperties withTechniques(List techniques) {
this.techniques = techniques;
return this;
}
/**
* Get the displayName property: The display name for alerts created by this alert rule.
*
* @return the displayName value.
*/
public String displayName() {
return this.displayName;
}
/**
* Set the displayName property: The display name for alerts created by this alert rule.
*
* @param displayName the displayName value to set.
* @return the NrtAlertRuleProperties object itself.
*/
public NrtAlertRuleProperties withDisplayName(String displayName) {
this.displayName = displayName;
return this;
}
/**
* Get the enabled property: Determines whether this alert rule is enabled or disabled.
*
* @return the enabled value.
*/
public boolean enabled() {
return this.enabled;
}
/**
* Set the enabled property: Determines whether this alert rule is enabled or disabled.
*
* @param enabled the enabled value to set.
* @return the NrtAlertRuleProperties object itself.
*/
public NrtAlertRuleProperties withEnabled(boolean enabled) {
this.enabled = enabled;
return this;
}
/**
* Get the lastModifiedUtc property: The last time that this alert rule has been modified.
*
* @return the lastModifiedUtc value.
*/
public OffsetDateTime lastModifiedUtc() {
return this.lastModifiedUtc;
}
/**
* Get the suppressionDuration property: The suppression (in ISO 8601 duration format) to wait since last time this
* alert rule been triggered.
*
* @return the suppressionDuration value.
*/
public Duration suppressionDuration() {
return this.suppressionDuration;
}
/**
* Set the suppressionDuration property: The suppression (in ISO 8601 duration format) to wait since last time this
* alert rule been triggered.
*
* @param suppressionDuration the suppressionDuration value to set.
* @return the NrtAlertRuleProperties object itself.
*/
public NrtAlertRuleProperties withSuppressionDuration(Duration suppressionDuration) {
this.suppressionDuration = suppressionDuration;
return this;
}
/**
* Get the suppressionEnabled property: Determines whether the suppression for this alert rule is enabled or
* disabled.
*
* @return the suppressionEnabled value.
*/
public boolean suppressionEnabled() {
return this.suppressionEnabled;
}
/**
* Set the suppressionEnabled property: Determines whether the suppression for this alert rule is enabled or
* disabled.
*
* @param suppressionEnabled the suppressionEnabled value to set.
* @return the NrtAlertRuleProperties object itself.
*/
public NrtAlertRuleProperties withSuppressionEnabled(boolean suppressionEnabled) {
this.suppressionEnabled = suppressionEnabled;
return this;
}
/**
* Get the severity property: The severity for alerts created by this alert rule.
*
* @return the severity value.
*/
public AlertSeverity severity() {
return this.severity;
}
/**
* Set the severity property: The severity for alerts created by this alert rule.
*
* @param severity the severity value to set.
* @return the NrtAlertRuleProperties object itself.
*/
public NrtAlertRuleProperties withSeverity(AlertSeverity severity) {
this.severity = severity;
return this;
}
/**
* Get the incidentConfiguration property: The settings of the incidents that created from alerts triggered by this
* analytics rule.
*
* @return the incidentConfiguration value.
*/
public IncidentConfiguration incidentConfiguration() {
return this.incidentConfiguration;
}
/**
* Set the incidentConfiguration property: The settings of the incidents that created from alerts triggered by this
* analytics rule.
*
* @param incidentConfiguration the incidentConfiguration value to set.
* @return the NrtAlertRuleProperties object itself.
*/
public NrtAlertRuleProperties withIncidentConfiguration(IncidentConfiguration incidentConfiguration) {
this.incidentConfiguration = incidentConfiguration;
return this;
}
/**
* Get the customDetails property: Dictionary of string key-value pairs of columns to be attached to the alert.
*
* @return the customDetails value.
*/
public Map customDetails() {
return this.customDetails;
}
/**
* Set the customDetails property: Dictionary of string key-value pairs of columns to be attached to the alert.
*
* @param customDetails the customDetails value to set.
* @return the NrtAlertRuleProperties object itself.
*/
public NrtAlertRuleProperties withCustomDetails(Map customDetails) {
this.customDetails = customDetails;
return this;
}
/**
* Get the entityMappings property: Array of the entity mappings of the alert rule.
*
* @return the entityMappings value.
*/
public List entityMappings() {
return this.entityMappings;
}
/**
* Set the entityMappings property: Array of the entity mappings of the alert rule.
*
* @param entityMappings the entityMappings value to set.
* @return the NrtAlertRuleProperties object itself.
*/
public NrtAlertRuleProperties withEntityMappings(List entityMappings) {
this.entityMappings = entityMappings;
return this;
}
/**
* Get the alertDetailsOverride property: The alert details override settings.
*
* @return the alertDetailsOverride value.
*/
public AlertDetailsOverride alertDetailsOverride() {
return this.alertDetailsOverride;
}
/**
* Set the alertDetailsOverride property: The alert details override settings.
*
* @param alertDetailsOverride the alertDetailsOverride value to set.
* @return the NrtAlertRuleProperties object itself.
*/
public NrtAlertRuleProperties withAlertDetailsOverride(AlertDetailsOverride alertDetailsOverride) {
this.alertDetailsOverride = alertDetailsOverride;
return this;
}
/**
* Get the eventGroupingSettings property: The event grouping settings.
*
* @return the eventGroupingSettings value.
*/
public EventGroupingSettings eventGroupingSettings() {
return this.eventGroupingSettings;
}
/**
* Set the eventGroupingSettings property: The event grouping settings.
*
* @param eventGroupingSettings the eventGroupingSettings value to set.
* @return the NrtAlertRuleProperties object itself.
*/
public NrtAlertRuleProperties withEventGroupingSettings(EventGroupingSettings eventGroupingSettings) {
this.eventGroupingSettings = eventGroupingSettings;
return this;
}
/**
* Validates the instance.
*
* @throws IllegalArgumentException thrown if the instance is not valid.
*/
public void validate() {
if (query() == null) {
throw LOGGER.atError()
.log(new IllegalArgumentException("Missing required property query in model NrtAlertRuleProperties"));
}
if (displayName() == null) {
throw LOGGER.atError()
.log(new IllegalArgumentException(
"Missing required property displayName in model NrtAlertRuleProperties"));
}
if (suppressionDuration() == null) {
throw LOGGER.atError()
.log(new IllegalArgumentException(
"Missing required property suppressionDuration in model NrtAlertRuleProperties"));
}
if (severity() == null) {
throw LOGGER.atError()
.log(
new IllegalArgumentException("Missing required property severity in model NrtAlertRuleProperties"));
}
if (incidentConfiguration() != null) {
incidentConfiguration().validate();
}
if (entityMappings() != null) {
entityMappings().forEach(e -> e.validate());
}
if (alertDetailsOverride() != null) {
alertDetailsOverride().validate();
}
if (eventGroupingSettings() != null) {
eventGroupingSettings().validate();
}
}
private static final ClientLogger LOGGER = new ClientLogger(NrtAlertRuleProperties.class);
/**
* {@inheritDoc}
*/
@Override
public JsonWriter toJson(JsonWriter jsonWriter) throws IOException {
jsonWriter.writeStartObject();
jsonWriter.writeStringField("query", this.query);
jsonWriter.writeStringField("displayName", this.displayName);
jsonWriter.writeBooleanField("enabled", this.enabled);
jsonWriter.writeStringField("suppressionDuration",
CoreUtils.durationToStringWithDays(this.suppressionDuration));
jsonWriter.writeBooleanField("suppressionEnabled", this.suppressionEnabled);
jsonWriter.writeStringField("severity", this.severity == null ? null : this.severity.toString());
jsonWriter.writeStringField("alertRuleTemplateName", this.alertRuleTemplateName);
jsonWriter.writeStringField("templateVersion", this.templateVersion);
jsonWriter.writeStringField("description", this.description);
jsonWriter.writeArrayField("tactics", this.tactics,
(writer, element) -> writer.writeString(element == null ? null : element.toString()));
jsonWriter.writeArrayField("techniques", this.techniques, (writer, element) -> writer.writeString(element));
jsonWriter.writeJsonField("incidentConfiguration", this.incidentConfiguration);
jsonWriter.writeMapField("customDetails", this.customDetails, (writer, element) -> writer.writeString(element));
jsonWriter.writeArrayField("entityMappings", this.entityMappings,
(writer, element) -> writer.writeJson(element));
jsonWriter.writeJsonField("alertDetailsOverride", this.alertDetailsOverride);
jsonWriter.writeJsonField("eventGroupingSettings", this.eventGroupingSettings);
return jsonWriter.writeEndObject();
}
/**
* Reads an instance of NrtAlertRuleProperties from the JsonReader.
*
* @param jsonReader The JsonReader being read.
* @return An instance of NrtAlertRuleProperties if the JsonReader was pointing to an instance of it, or null if it
* was pointing to JSON null.
* @throws IllegalStateException If the deserialized JSON object was missing any required properties.
* @throws IOException If an error occurs while reading the NrtAlertRuleProperties.
*/
public static NrtAlertRuleProperties fromJson(JsonReader jsonReader) throws IOException {
return jsonReader.readObject(reader -> {
NrtAlertRuleProperties deserializedNrtAlertRuleProperties = new NrtAlertRuleProperties();
while (reader.nextToken() != JsonToken.END_OBJECT) {
String fieldName = reader.getFieldName();
reader.nextToken();
if ("query".equals(fieldName)) {
deserializedNrtAlertRuleProperties.query = reader.getString();
} else if ("displayName".equals(fieldName)) {
deserializedNrtAlertRuleProperties.displayName = reader.getString();
} else if ("enabled".equals(fieldName)) {
deserializedNrtAlertRuleProperties.enabled = reader.getBoolean();
} else if ("suppressionDuration".equals(fieldName)) {
deserializedNrtAlertRuleProperties.suppressionDuration
= reader.getNullable(nonNullReader -> Duration.parse(nonNullReader.getString()));
} else if ("suppressionEnabled".equals(fieldName)) {
deserializedNrtAlertRuleProperties.suppressionEnabled = reader.getBoolean();
} else if ("severity".equals(fieldName)) {
deserializedNrtAlertRuleProperties.severity = AlertSeverity.fromString(reader.getString());
} else if ("alertRuleTemplateName".equals(fieldName)) {
deserializedNrtAlertRuleProperties.alertRuleTemplateName = reader.getString();
} else if ("templateVersion".equals(fieldName)) {
deserializedNrtAlertRuleProperties.templateVersion = reader.getString();
} else if ("description".equals(fieldName)) {
deserializedNrtAlertRuleProperties.description = reader.getString();
} else if ("tactics".equals(fieldName)) {
List tactics
= reader.readArray(reader1 -> AttackTactic.fromString(reader1.getString()));
deserializedNrtAlertRuleProperties.tactics = tactics;
} else if ("techniques".equals(fieldName)) {
List techniques = reader.readArray(reader1 -> reader1.getString());
deserializedNrtAlertRuleProperties.techniques = techniques;
} else if ("lastModifiedUtc".equals(fieldName)) {
deserializedNrtAlertRuleProperties.lastModifiedUtc = reader
.getNullable(nonNullReader -> CoreUtils.parseBestOffsetDateTime(nonNullReader.getString()));
} else if ("incidentConfiguration".equals(fieldName)) {
deserializedNrtAlertRuleProperties.incidentConfiguration = IncidentConfiguration.fromJson(reader);
} else if ("customDetails".equals(fieldName)) {
Map customDetails = reader.readMap(reader1 -> reader1.getString());
deserializedNrtAlertRuleProperties.customDetails = customDetails;
} else if ("entityMappings".equals(fieldName)) {
List entityMappings = reader.readArray(reader1 -> EntityMapping.fromJson(reader1));
deserializedNrtAlertRuleProperties.entityMappings = entityMappings;
} else if ("alertDetailsOverride".equals(fieldName)) {
deserializedNrtAlertRuleProperties.alertDetailsOverride = AlertDetailsOverride.fromJson(reader);
} else if ("eventGroupingSettings".equals(fieldName)) {
deserializedNrtAlertRuleProperties.eventGroupingSettings = EventGroupingSettings.fromJson(reader);
} else {
reader.skipChildren();
}
}
return deserializedNrtAlertRuleProperties;
});
}
}