com.pulumi.azure.sentinel.outputs.AlertRuleNrtIncidentGrouping Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of azure Show documentation
Show all versions of azure Show documentation
A Pulumi package for creating and managing Microsoft Azure cloud resources, based on the Terraform azurerm provider. We recommend using the [Azure Native provider](https://github.com/pulumi/pulumi-azure-native) to provision Azure infrastructure. Azure Native provides complete coverage of Azure resources and same-day access to new resources and resource updates.
// *** WARNING: this file was generated by pulumi-java-gen. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
package com.pulumi.azure.sentinel.outputs;
import com.pulumi.core.annotations.CustomType;
import java.lang.Boolean;
import java.lang.String;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import javax.annotation.Nullable;
@CustomType
public final class AlertRuleNrtIncidentGrouping {
/**
* @return A list of alert details to group by, only when the `entity_matching_method` is `Selected`. Possible values are `DisplayName` and `Severity`.
*
*/
private @Nullable List byAlertDetails;
/**
* @return A list of custom details keys to group by, only when the `entity_matching_method` is `Selected`. Only keys defined in the `custom_details` may be used.
*
*/
private @Nullable List byCustomDetails;
/**
* @return A list of entity types to group by, only when the `entity_matching_method` is `Selected`. Possible values are `Account`, `AzureResource`, `CloudApplication`, `DNS`, `File`, `FileHash`, `Host`, `IP`, `Mailbox`, `MailCluster`, `MailMessage`, `Malware`, `Process`, `RegistryKey`, `RegistryValue`, `SecurityGroup`, `SubmissionMail`, `URL`.
*
*/
private @Nullable List byEntities;
/**
* @return Enable grouping incidents created from alerts triggered by this Sentinel NRT Alert Rule. Defaults to `true`.
*
*/
private @Nullable Boolean enabled;
/**
* @return The method used to group incidents. Possible values are `AnyAlert`, `Selected` and `AllEntities`. Defaults to `AnyAlert`.
*
*/
private @Nullable String entityMatchingMethod;
/**
* @return Limit the group to alerts created within the lookback duration (in ISO 8601 duration format). Defaults to `PT5M`.
*
*/
private @Nullable String lookbackDuration;
/**
* @return Whether to re-open closed matching incidents? Defaults to `false`.
*
*/
private @Nullable Boolean reopenClosedIncidents;
private AlertRuleNrtIncidentGrouping() {}
/**
* @return A list of alert details to group by, only when the `entity_matching_method` is `Selected`. Possible values are `DisplayName` and `Severity`.
*
*/
public List byAlertDetails() {
return this.byAlertDetails == null ? List.of() : this.byAlertDetails;
}
/**
* @return A list of custom details keys to group by, only when the `entity_matching_method` is `Selected`. Only keys defined in the `custom_details` may be used.
*
*/
public List byCustomDetails() {
return this.byCustomDetails == null ? List.of() : this.byCustomDetails;
}
/**
* @return A list of entity types to group by, only when the `entity_matching_method` is `Selected`. Possible values are `Account`, `AzureResource`, `CloudApplication`, `DNS`, `File`, `FileHash`, `Host`, `IP`, `Mailbox`, `MailCluster`, `MailMessage`, `Malware`, `Process`, `RegistryKey`, `RegistryValue`, `SecurityGroup`, `SubmissionMail`, `URL`.
*
*/
public List byEntities() {
return this.byEntities == null ? List.of() : this.byEntities;
}
/**
* @return Enable grouping incidents created from alerts triggered by this Sentinel NRT Alert Rule. Defaults to `true`.
*
*/
public Optional enabled() {
return Optional.ofNullable(this.enabled);
}
/**
* @return The method used to group incidents. Possible values are `AnyAlert`, `Selected` and `AllEntities`. Defaults to `AnyAlert`.
*
*/
public Optional entityMatchingMethod() {
return Optional.ofNullable(this.entityMatchingMethod);
}
/**
* @return Limit the group to alerts created within the lookback duration (in ISO 8601 duration format). Defaults to `PT5M`.
*
*/
public Optional lookbackDuration() {
return Optional.ofNullable(this.lookbackDuration);
}
/**
* @return Whether to re-open closed matching incidents? Defaults to `false`.
*
*/
public Optional reopenClosedIncidents() {
return Optional.ofNullable(this.reopenClosedIncidents);
}
public static Builder builder() {
return new Builder();
}
public static Builder builder(AlertRuleNrtIncidentGrouping defaults) {
return new Builder(defaults);
}
@CustomType.Builder
public static final class Builder {
private @Nullable List byAlertDetails;
private @Nullable List byCustomDetails;
private @Nullable List byEntities;
private @Nullable Boolean enabled;
private @Nullable String entityMatchingMethod;
private @Nullable String lookbackDuration;
private @Nullable Boolean reopenClosedIncidents;
public Builder() {}
public Builder(AlertRuleNrtIncidentGrouping defaults) {
Objects.requireNonNull(defaults);
this.byAlertDetails = defaults.byAlertDetails;
this.byCustomDetails = defaults.byCustomDetails;
this.byEntities = defaults.byEntities;
this.enabled = defaults.enabled;
this.entityMatchingMethod = defaults.entityMatchingMethod;
this.lookbackDuration = defaults.lookbackDuration;
this.reopenClosedIncidents = defaults.reopenClosedIncidents;
}
@CustomType.Setter
public Builder byAlertDetails(@Nullable List byAlertDetails) {
this.byAlertDetails = byAlertDetails;
return this;
}
public Builder byAlertDetails(String... byAlertDetails) {
return byAlertDetails(List.of(byAlertDetails));
}
@CustomType.Setter
public Builder byCustomDetails(@Nullable List byCustomDetails) {
this.byCustomDetails = byCustomDetails;
return this;
}
public Builder byCustomDetails(String... byCustomDetails) {
return byCustomDetails(List.of(byCustomDetails));
}
@CustomType.Setter
public Builder byEntities(@Nullable List byEntities) {
this.byEntities = byEntities;
return this;
}
public Builder byEntities(String... byEntities) {
return byEntities(List.of(byEntities));
}
@CustomType.Setter
public Builder enabled(@Nullable Boolean enabled) {
this.enabled = enabled;
return this;
}
@CustomType.Setter
public Builder entityMatchingMethod(@Nullable String entityMatchingMethod) {
this.entityMatchingMethod = entityMatchingMethod;
return this;
}
@CustomType.Setter
public Builder lookbackDuration(@Nullable String lookbackDuration) {
this.lookbackDuration = lookbackDuration;
return this;
}
@CustomType.Setter
public Builder reopenClosedIncidents(@Nullable Boolean reopenClosedIncidents) {
this.reopenClosedIncidents = reopenClosedIncidents;
return this;
}
public AlertRuleNrtIncidentGrouping build() {
final var _resultValue = new AlertRuleNrtIncidentGrouping();
_resultValue.byAlertDetails = byAlertDetails;
_resultValue.byCustomDetails = byCustomDetails;
_resultValue.byEntities = byEntities;
_resultValue.enabled = enabled;
_resultValue.entityMatchingMethod = entityMatchingMethod;
_resultValue.lookbackDuration = lookbackDuration;
_resultValue.reopenClosedIncidents = reopenClosedIncidents;
return _resultValue;
}
}
}