Class SecurityMonitoringStandardRulePayload

The payload of a rule.

Hierarchy

  • SecurityMonitoringStandardRulePayload

Constructors

Properties

additionalProperties?: {
    [key: string]: any;
}

A container for additional, undeclared properties. This is a holder for any undeclared properties as specified with the 'additionalProperties' keyword in the OAS document.

Type declaration

  • [key: string]: any

Cases for generating signals.

customMessage?: string

Custom/Overridden message for generated signals (used in case of Default rule update).

customName?: string

Custom/Overridden name of the rule (used in case of Default rule update).

Additional queries to filter matched events before they are processed. This field is deprecated for log detection, signal correlation, and workload security rules.

groupSignalsBy?: string[]

Additional grouping to perform on top of the existing groups in the query section. Must be a subset of the existing groups.

hasExtendedTitle?: boolean

Whether the notifications include the triggering group-by values in their title.

isEnabled: boolean

Whether the rule is enabled.

message: string

Message for generated signals.

name: string

The name of the rule.

Options.

Queries for selecting logs which are part of the rule.

Reference tables for the rule.

tags?: string[]

Tags for generated signals.

Cases for generating signals from third-party rules. Only available for third-party rules.

The rule type.

Generated using TypeDoc