• Home
• org.virtuslab
• pulumi-azure-kotlin
• 5.87.0.0
• source code
• AlertRuleNrtIncidentGrouping.kt

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.pulumi.azure.sentinel.kotlin.outputs.AlertRuleNrtIncidentGrouping.kt Maven / Gradle / Ivy

@file:Suppress("NAME_SHADOWING", "DEPRECATION")

package com.pulumi.azure.sentinel.kotlin.outputs

import kotlin.Boolean
import kotlin.String
import kotlin.Suppress
import kotlin.collections.List

/**
 *
 * @property byAlertDetails A list of alert details to group by, only when the `entity_matching_method` is `Selected`. Possible values are `DisplayName` and `Severity`.
 * @property byCustomDetails A list of custom details keys to group by, only when the `entity_matching_method` is `Selected`. Only keys defined in the `custom_details` may be used.
 * @property byEntities A list of entity types to group by, only when the `entity_matching_method` is `Selected`. Possible values are `Account`, `AzureResource`, `CloudApplication`, `DNS`, `File`, `FileHash`, `Host`, `IP`, `Mailbox`, `MailCluster`, `MailMessage`, `Malware`, `Process`, `RegistryKey`, `RegistryValue`, `SecurityGroup`, `SubmissionMail`, `URL`.
 * @property enabled Enable grouping incidents created from alerts triggered by this Sentinel NRT Alert Rule. Defaults to `true`.
 * @property entityMatchingMethod The method used to group incidents. Possible values are `AnyAlert`, `Selected` and `AllEntities`. Defaults to `AnyAlert`.
 * @property lookbackDuration Limit the group to alerts created within the lookback duration (in ISO 8601 duration format). Defaults to `PT5M`.
 * @property reopenClosedIncidents Whether to re-open closed matching incidents? Defaults to `false`.
 */
public data class AlertRuleNrtIncidentGrouping(
    public val byAlertDetails: List? = null,
    public val byCustomDetails: List? = null,
    public val byEntities: List? = null,
    public val enabled: Boolean? = null,
    public val entityMatchingMethod: String? = null,
    public val lookbackDuration: String? = null,
    public val reopenClosedIncidents: Boolean? = null,
) {
    public companion object {
        public fun toKotlin(javaType: com.pulumi.azure.sentinel.outputs.AlertRuleNrtIncidentGrouping): AlertRuleNrtIncidentGrouping = AlertRuleNrtIncidentGrouping(
            byAlertDetails = javaType.byAlertDetails().map({ args0 -> args0 }),
            byCustomDetails = javaType.byCustomDetails().map({ args0 -> args0 }),
            byEntities = javaType.byEntities().map({ args0 -> args0 }),
            enabled = javaType.enabled().map({ args0 -> args0 }).orElse(null),
            entityMatchingMethod = javaType.entityMatchingMethod().map({ args0 -> args0 }).orElse(null),
            lookbackDuration = javaType.lookbackDuration().map({ args0 -> args0 }).orElse(null),
            reopenClosedIncidents = javaType.reopenClosedIncidents().map({ args0 -> args0 }).orElse(null),
        )
    }
}