alerts_subscription_levels
Creates, updates, deletes, gets or lists a alerts_subscription_levels resource.
Overview
| Name | alerts_subscription_levels |
| Type | Resource |
| Id | azure.security.alerts_subscription_levels |
Fields
- vw_alerts_subscription_levels
- alerts_subscription_levels
| Name | Datatype | Description |
|---|---|---|
id | text | Resource Id |
name | text | Resource name |
description | text | field from the properties object |
alertName | text | field from the properties object |
alert_display_name | text | field from the properties object |
alert_type | text | field from the properties object |
alert_uri | text | field from the properties object |
ascLocation | text | field from the properties object |
compromised_entity | text | field from the properties object |
correlation_key | text | field from the properties object |
end_time_utc | text | field from the properties object |
entities | text | field from the properties object |
extended_links | text | field from the properties object |
extended_properties | text | field from the properties object |
intent | text | field from the properties object |
is_incident | text | field from the properties object |
processing_end_time_utc | text | field from the properties object |
product_component_name | text | field from the properties object |
product_name | text | field from the properties object |
remediation_steps | text | field from the properties object |
resource_identifiers | text | field from the properties object |
severity | text | field from the properties object |
start_time_utc | text | field from the properties object |
status | text | field from the properties object |
sub_techniques | text | field from the properties object |
subscriptionId | text | field from the properties object |
supporting_evidence | text | field from the properties object |
system_alert_id | text | field from the properties object |
techniques | text | field from the properties object |
time_generated_utc | text | field from the properties object |
type | text | Resource type |
vendor_name | text | field from the properties object |
version | text | field from the properties object |
| Name | Datatype | Description |
|---|---|---|
id | string | Resource Id |
name | string | Resource name |
properties | object | describes security alert properties. |
type | string | Resource type |
Methods
| Name | Accessible by | Required Params | Description |
|---|---|---|---|
get | SELECT | alertName, ascLocation, subscriptionId | Get an alert that is associated with a subscription |
SELECT examples
Get an alert that is associated with a subscription
- vw_alerts_subscription_levels
- alerts_subscription_levels
SELECT
id,
name,
description,
alertName,
alert_display_name,
alert_type,
alert_uri,
ascLocation,
compromised_entity,
correlation_key,
end_time_utc,
entities,
extended_links,
extended_properties,
intent,
is_incident,
processing_end_time_utc,
product_component_name,
product_name,
remediation_steps,
resource_identifiers,
severity,
start_time_utc,
status,
sub_techniques,
subscriptionId,
supporting_evidence,
system_alert_id,
techniques,
time_generated_utc,
type,
vendor_name,
version
FROM azure.security.vw_alerts_subscription_levels
WHERE alertName = '{{ alertName }}'
AND ascLocation = '{{ ascLocation }}'
AND subscriptionId = '{{ subscriptionId }}';
SELECT
id,
name,
properties,
type
FROM azure.security.alerts_subscription_levels
WHERE alertName = '{{ alertName }}'
AND ascLocation = '{{ ascLocation }}'
AND subscriptionId = '{{ subscriptionId }}';