alerts_resource_group_levels
Creates, updates, deletes, gets or lists a alerts_resource_group_levels resource.
Overview
| Name | alerts_resource_group_levels |
| Type | Resource |
| Id | azure.security.alerts_resource_group_levels |
Fields
- vw_alerts_resource_group_levels
- alerts_resource_group_levels
| Name | Datatype | Description |
|---|---|---|
id | text | Resource Id |
name | text | Resource name |
description | text | field from the properties object |
alertName | text | field from the properties object |
alert_display_name | text | field from the properties object |
alert_type | text | field from the properties object |
alert_uri | text | field from the properties object |
ascLocation | text | field from the properties object |
compromised_entity | text | field from the properties object |
correlation_key | text | field from the properties object |
end_time_utc | text | field from the properties object |
entities | text | field from the properties object |
extended_links | text | field from the properties object |
extended_properties | text | field from the properties object |
intent | text | field from the properties object |
is_incident | text | field from the properties object |
processing_end_time_utc | text | field from the properties object |
product_component_name | text | field from the properties object |
product_name | text | field from the properties object |
remediation_steps | text | field from the properties object |
resourceGroupName | text | field from the properties object |
resource_identifiers | text | field from the properties object |
severity | text | field from the properties object |
start_time_utc | text | field from the properties object |
status | text | field from the properties object |
sub_techniques | text | field from the properties object |
subscriptionId | text | field from the properties object |
supporting_evidence | text | field from the properties object |
system_alert_id | text | field from the properties object |
techniques | text | field from the properties object |
time_generated_utc | text | field from the properties object |
type | text | Resource type |
vendor_name | text | field from the properties object |
version | text | field from the properties object |
| Name | Datatype | Description |
|---|---|---|
id | string | Resource Id |
name | string | Resource name |
properties | object | describes security alert properties. |
type | string | Resource type |
Methods
| Name | Accessible by | Required Params | Description |
|---|---|---|---|
get | SELECT | alertName, ascLocation, resourceGroupName, subscriptionId | Get an alert that is associated a resource group or a resource in a resource group |
SELECT examples
Get an alert that is associated a resource group or a resource in a resource group
- vw_alerts_resource_group_levels
- alerts_resource_group_levels
SELECT
id,
name,
description,
alertName,
alert_display_name,
alert_type,
alert_uri,
ascLocation,
compromised_entity,
correlation_key,
end_time_utc,
entities,
extended_links,
extended_properties,
intent,
is_incident,
processing_end_time_utc,
product_component_name,
product_name,
remediation_steps,
resourceGroupName,
resource_identifiers,
severity,
start_time_utc,
status,
sub_techniques,
subscriptionId,
supporting_evidence,
system_alert_id,
techniques,
time_generated_utc,
type,
vendor_name,
version
FROM azure.security.vw_alerts_resource_group_levels
WHERE alertName = '{{ alertName }}'
AND ascLocation = '{{ ascLocation }}'
AND resourceGroupName = '{{ resourceGroupName }}'
AND subscriptionId = '{{ subscriptionId }}';
SELECT
id,
name,
properties,
type
FROM azure.security.alerts_resource_group_levels
WHERE alertName = '{{ alertName }}'
AND ascLocation = '{{ ascLocation }}'
AND resourceGroupName = '{{ resourceGroupName }}'
AND subscriptionId = '{{ subscriptionId }}';