Azure Native v3.2.0, Apr 14 25

This is the latest version of Azure Native. Use the Azure Native v2 docs if using the v2 version of this package.

Azure Native v3.2.0 published on Monday, Apr 14, 2025 by Pulumi

azure-native.securityinsights.getScheduledAlertRule

Explore with Pulumi AI

This is the latest version of Azure Native. Use the Azure Native v2 docs if using the v2 version of this package.

Azure Native v3.2.0 published on Monday, Apr 14, 2025 by Pulumi

Using getScheduledAlertRule

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

TypeScript
Python
Go
C#
Java
YAML

function getScheduledAlertRule(args: GetScheduledAlertRuleArgs, opts?: InvokeOptions): Promise<GetScheduledAlertRuleResult>
function getScheduledAlertRuleOutput(args: GetScheduledAlertRuleOutputArgs, opts?: InvokeOptions): Output<GetScheduledAlertRuleResult>

def get_scheduled_alert_rule(resource_group_name: Optional[str] = None,
                             rule_id: Optional[str] = None,
                             workspace_name: Optional[str] = None,
                             opts: Optional[InvokeOptions] = None) -> GetScheduledAlertRuleResult
def get_scheduled_alert_rule_output(resource_group_name: Optional[pulumi.Input[str]] = None,
                             rule_id: Optional[pulumi.Input[str]] = None,
                             workspace_name: Optional[pulumi.Input[str]] = None,
                             opts: Optional[InvokeOptions] = None) -> Output[GetScheduledAlertRuleResult]

func LookupScheduledAlertRule(ctx *Context, args *LookupScheduledAlertRuleArgs, opts ...InvokeOption) (*LookupScheduledAlertRuleResult, error)
func LookupScheduledAlertRuleOutput(ctx *Context, args *LookupScheduledAlertRuleOutputArgs, opts ...InvokeOption) LookupScheduledAlertRuleResultOutput

> Note: This function is named LookupScheduledAlertRule in the Go SDK.

public static class GetScheduledAlertRule 
{
    public static Task<GetScheduledAlertRuleResult> InvokeAsync(GetScheduledAlertRuleArgs args, InvokeOptions? opts = null)
    public static Output<GetScheduledAlertRuleResult> Invoke(GetScheduledAlertRuleInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetScheduledAlertRuleResult> getScheduledAlertRule(GetScheduledAlertRuleArgs args, InvokeOptions options)
public static Output<GetScheduledAlertRuleResult> getScheduledAlertRule(GetScheduledAlertRuleArgs args, InvokeOptions options)

fn::invoke:
  function: azure-native:securityinsights:getScheduledAlertRule
  arguments:
    # arguments dictionary

The following arguments are supported:

ResourceGroupName string: The name of the resource group. The name is case insensitive.
RuleId string: Alert rule ID
WorkspaceName string: The name of the workspace.

ResourceGroupName string: The name of the resource group. The name is case insensitive.
RuleId string: Alert rule ID
WorkspaceName string: The name of the workspace.

resourceGroupName String: The name of the resource group. The name is case insensitive.
ruleId String: Alert rule ID
workspaceName String: The name of the workspace.

resourceGroupName string: The name of the resource group. The name is case insensitive.
ruleId string: Alert rule ID
workspaceName string: The name of the workspace.

resource_group_name str: The name of the resource group. The name is case insensitive.
rule_id str: Alert rule ID
workspace_name str: The name of the workspace.

resourceGroupName String: The name of the resource group. The name is case insensitive.
ruleId String: Alert rule ID
workspaceName String: The name of the workspace.

getScheduledAlertRule Result

The following output properties are available:

AzureApiVersion string: The Azure API version of the resource.
DisplayName string: The display name for alerts created by this alert rule.
Enabled bool: Determines whether this alert rule is enabled or disabled.
Id string: Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
LastModifiedUtc string: The last time that this alert rule has been modified.
Name string: The name of the resource
Query string: The query that creates alerts for this rule.
QueryFrequency string: The frequency (in ISO 8601 duration format) for this alert rule to run.
QueryPeriod string: The period (in ISO 8601 duration format) that this alert rule looks at.
Severity string: The severity for alerts created by this alert rule.
SuppressionDuration string: The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered.
SuppressionEnabled bool: Determines whether the suppression for this alert rule is enabled or disabled.
SystemData Pulumi.AzureNative.SecurityInsights.Outputs.SystemDataResponse: Azure Resource Manager metadata containing createdBy and modifiedBy information.
TriggerOperator string: The operation against the threshold that triggers alert rule.
TriggerThreshold int: The threshold triggers this alert rule.
Type string: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
AlertDetailsOverride Pulumi.AzureNative.SecurityInsights.Outputs.AlertDetailsOverrideResponse: The alert details override settings
AlertRuleTemplateName string: The Name of the alert rule template used to create this rule.
CustomDetails Dictionary<string, string>: Dictionary of string key-value pairs of columns to be attached to the alert
Description string: The description of the alert rule.
EntityMappings List<Pulumi.AzureNative.SecurityInsights.Outputs.EntityMappingResponse>: Array of the entity mappings of the alert rule
Etag string: Etag of the azure resource
EventGroupingSettings Pulumi.AzureNative.SecurityInsights.Outputs.EventGroupingSettingsResponse: The event grouping settings.
IncidentConfiguration Pulumi.AzureNative.SecurityInsights.Outputs.IncidentConfigurationResponse: The settings of the incidents that created from alerts triggered by this analytics rule
Tactics List<string>: The tactics of the alert rule
Techniques List<string>: The techniques of the alert rule
TemplateVersion string: The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>

AzureApiVersion string: The Azure API version of the resource.
DisplayName string: The display name for alerts created by this alert rule.
Enabled bool: Determines whether this alert rule is enabled or disabled.
Id string: Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
LastModifiedUtc string: The last time that this alert rule has been modified.
Name string: The name of the resource
Query string: The query that creates alerts for this rule.
QueryFrequency string: The frequency (in ISO 8601 duration format) for this alert rule to run.
QueryPeriod string: The period (in ISO 8601 duration format) that this alert rule looks at.
Severity string: The severity for alerts created by this alert rule.
SuppressionDuration string: The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered.
SuppressionEnabled bool: Determines whether the suppression for this alert rule is enabled or disabled.
SystemData SystemDataResponse: Azure Resource Manager metadata containing createdBy and modifiedBy information.
TriggerOperator string: The operation against the threshold that triggers alert rule.
TriggerThreshold int: The threshold triggers this alert rule.
Type string: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
AlertDetailsOverride AlertDetailsOverrideResponse: The alert details override settings
AlertRuleTemplateName string: The Name of the alert rule template used to create this rule.
CustomDetails map[string]string: Dictionary of string key-value pairs of columns to be attached to the alert
Description string: The description of the alert rule.
EntityMappings []EntityMappingResponse: Array of the entity mappings of the alert rule
Etag string: Etag of the azure resource
EventGroupingSettings EventGroupingSettingsResponse: The event grouping settings.
IncidentConfiguration IncidentConfigurationResponse: The settings of the incidents that created from alerts triggered by this analytics rule
Tactics []string: The tactics of the alert rule
Techniques []string: The techniques of the alert rule
TemplateVersion string: The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>

azureApiVersion String: The Azure API version of the resource.
displayName String: The display name for alerts created by this alert rule.
enabled Boolean: Determines whether this alert rule is enabled or disabled.
id String: Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
lastModifiedUtc String: The last time that this alert rule has been modified.
name String: The name of the resource
query String: The query that creates alerts for this rule.
queryFrequency String: The frequency (in ISO 8601 duration format) for this alert rule to run.
queryPeriod String: The period (in ISO 8601 duration format) that this alert rule looks at.
severity String: The severity for alerts created by this alert rule.
suppressionDuration String: The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered.
suppressionEnabled Boolean: Determines whether the suppression for this alert rule is enabled or disabled.
systemData SystemDataResponse: Azure Resource Manager metadata containing createdBy and modifiedBy information.
triggerOperator String: The operation against the threshold that triggers alert rule.
triggerThreshold Integer: The threshold triggers this alert rule.
type String: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
alertDetailsOverride AlertDetailsOverrideResponse: The alert details override settings
alertRuleTemplateName String: The Name of the alert rule template used to create this rule.
customDetails Map<String,String>: Dictionary of string key-value pairs of columns to be attached to the alert
description String: The description of the alert rule.
entityMappings List<EntityMappingResponse>: Array of the entity mappings of the alert rule
etag String: Etag of the azure resource
eventGroupingSettings EventGroupingSettingsResponse: The event grouping settings.
incidentConfiguration IncidentConfigurationResponse: The settings of the incidents that created from alerts triggered by this analytics rule
tactics List<String>: The tactics of the alert rule
techniques List<String>: The techniques of the alert rule
templateVersion String: The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>

azureApiVersion string: The Azure API version of the resource.
displayName string: The display name for alerts created by this alert rule.
enabled boolean: Determines whether this alert rule is enabled or disabled.
id string: Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
lastModifiedUtc string: The last time that this alert rule has been modified.
name string: The name of the resource
query string: The query that creates alerts for this rule.
queryFrequency string: The frequency (in ISO 8601 duration format) for this alert rule to run.
queryPeriod string: The period (in ISO 8601 duration format) that this alert rule looks at.
severity string: The severity for alerts created by this alert rule.
suppressionDuration string: The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered.
suppressionEnabled boolean: Determines whether the suppression for this alert rule is enabled or disabled.
systemData SystemDataResponse: Azure Resource Manager metadata containing createdBy and modifiedBy information.
triggerOperator string: The operation against the threshold that triggers alert rule.
triggerThreshold number: The threshold triggers this alert rule.
type string: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
alertDetailsOverride AlertDetailsOverrideResponse: The alert details override settings
alertRuleTemplateName string: The Name of the alert rule template used to create this rule.
customDetails {[key: string]: string}: Dictionary of string key-value pairs of columns to be attached to the alert
description string: The description of the alert rule.
entityMappings EntityMappingResponse[]: Array of the entity mappings of the alert rule
etag string: Etag of the azure resource
eventGroupingSettings EventGroupingSettingsResponse: The event grouping settings.
incidentConfiguration IncidentConfigurationResponse: The settings of the incidents that created from alerts triggered by this analytics rule
tactics string[]: The tactics of the alert rule
techniques string[]: The techniques of the alert rule
templateVersion string: The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>

azure_api_version str: The Azure API version of the resource.
display_name str: The display name for alerts created by this alert rule.
enabled bool: Determines whether this alert rule is enabled or disabled.
id str: Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
last_modified_utc str: The last time that this alert rule has been modified.
name str: The name of the resource
query str: The query that creates alerts for this rule.
query_frequency str: The frequency (in ISO 8601 duration format) for this alert rule to run.
query_period str: The period (in ISO 8601 duration format) that this alert rule looks at.
severity str: The severity for alerts created by this alert rule.
suppression_duration str: The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered.
suppression_enabled bool: Determines whether the suppression for this alert rule is enabled or disabled.
system_data SystemDataResponse: Azure Resource Manager metadata containing createdBy and modifiedBy information.
trigger_operator str: The operation against the threshold that triggers alert rule.
trigger_threshold int: The threshold triggers this alert rule.
type str: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
alert_details_override AlertDetailsOverrideResponse: The alert details override settings
alert_rule_template_name str: The Name of the alert rule template used to create this rule.
custom_details Mapping[str, str]: Dictionary of string key-value pairs of columns to be attached to the alert
description str: The description of the alert rule.
entity_mappings Sequence[EntityMappingResponse]: Array of the entity mappings of the alert rule
etag str: Etag of the azure resource
event_grouping_settings EventGroupingSettingsResponse: The event grouping settings.
incident_configuration IncidentConfigurationResponse: The settings of the incidents that created from alerts triggered by this analytics rule
tactics Sequence[str]: The tactics of the alert rule
techniques Sequence[str]: The techniques of the alert rule
template_version str: The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>

azureApiVersion String: The Azure API version of the resource.
displayName String: The display name for alerts created by this alert rule.
enabled Boolean: Determines whether this alert rule is enabled or disabled.
id String: Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
lastModifiedUtc String: The last time that this alert rule has been modified.
name String: The name of the resource
query String: The query that creates alerts for this rule.
queryFrequency String: The frequency (in ISO 8601 duration format) for this alert rule to run.
queryPeriod String: The period (in ISO 8601 duration format) that this alert rule looks at.
severity String: The severity for alerts created by this alert rule.
suppressionDuration String: The suppression (in ISO 8601 duration format) to wait since last time this alert rule been triggered.
suppressionEnabled Boolean: Determines whether the suppression for this alert rule is enabled or disabled.
systemData Property Map: Azure Resource Manager metadata containing createdBy and modifiedBy information.
triggerOperator String: The operation against the threshold that triggers alert rule.
triggerThreshold Number: The threshold triggers this alert rule.
type String: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
alertDetailsOverride Property Map: The alert details override settings
alertRuleTemplateName String: The Name of the alert rule template used to create this rule.
customDetails Map<String>: Dictionary of string key-value pairs of columns to be attached to the alert
description String: The description of the alert rule.
entityMappings List<Property Map>: Array of the entity mappings of the alert rule
etag String: Etag of the azure resource
eventGroupingSettings Property Map: The event grouping settings.
incidentConfiguration Property Map: The settings of the incidents that created from alerts triggered by this analytics rule
tactics List<String>: The tactics of the alert rule
techniques List<String>: The techniques of the alert rule
templateVersion String: The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>

Supporting Types

AlertDetailsOverrideResponse

AlertDescriptionFormat string: the format containing columns name(s) to override the alert description
AlertDisplayNameFormat string: the format containing columns name(s) to override the alert name
AlertDynamicProperties List<Pulumi.AzureNative.SecurityInsights.Inputs.AlertPropertyMappingResponse>: List of additional dynamic properties to override
AlertSeverityColumnName string: the column name to take the alert severity from
AlertTacticsColumnName string: the column name to take the alert tactics from

AlertDescriptionFormat string: the format containing columns name(s) to override the alert description
AlertDisplayNameFormat string: the format containing columns name(s) to override the alert name
AlertDynamicProperties []AlertPropertyMappingResponse: List of additional dynamic properties to override
AlertSeverityColumnName string: the column name to take the alert severity from
AlertTacticsColumnName string: the column name to take the alert tactics from

alertDescriptionFormat String: the format containing columns name(s) to override the alert description
alertDisplayNameFormat String: the format containing columns name(s) to override the alert name
alertDynamicProperties List<AlertPropertyMappingResponse>: List of additional dynamic properties to override
alertSeverityColumnName String: the column name to take the alert severity from
alertTacticsColumnName String: the column name to take the alert tactics from

alertDescriptionFormat string: the format containing columns name(s) to override the alert description
alertDisplayNameFormat string: the format containing columns name(s) to override the alert name
alertDynamicProperties AlertPropertyMappingResponse[]: List of additional dynamic properties to override
alertSeverityColumnName string: the column name to take the alert severity from
alertTacticsColumnName string: the column name to take the alert tactics from

alert_description_format str: the format containing columns name(s) to override the alert description
alert_display_name_format str: the format containing columns name(s) to override the alert name
alert_dynamic_properties Sequence[AlertPropertyMappingResponse]: List of additional dynamic properties to override
alert_severity_column_name str: the column name to take the alert severity from
alert_tactics_column_name str: the column name to take the alert tactics from

alertDescriptionFormat String: the format containing columns name(s) to override the alert description
alertDisplayNameFormat String: the format containing columns name(s) to override the alert name
alertDynamicProperties List<Property Map>: List of additional dynamic properties to override
alertSeverityColumnName String: the column name to take the alert severity from
alertTacticsColumnName String: the column name to take the alert tactics from

AlertPropertyMappingResponse

AlertProperty string: The V3 alert property
Value string: the column name to use to override this property

AlertProperty string: The V3 alert property
Value string: the column name to use to override this property

alertProperty String: The V3 alert property
value String: the column name to use to override this property

alertProperty string: The V3 alert property
value string: the column name to use to override this property

alert_property str: The V3 alert property
value str: the column name to use to override this property

alertProperty String: The V3 alert property
value String: the column name to use to override this property

EntityMappingResponse

EntityType string: The V3 type of the mapped entity
FieldMappings List<Pulumi.AzureNative.SecurityInsights.Inputs.FieldMappingResponse>: array of field mappings for the given entity mapping

EntityType string: The V3 type of the mapped entity
FieldMappings []FieldMappingResponse: array of field mappings for the given entity mapping

entityType String: The V3 type of the mapped entity
fieldMappings List<FieldMappingResponse>: array of field mappings for the given entity mapping

entityType string: The V3 type of the mapped entity
fieldMappings FieldMappingResponse[]: array of field mappings for the given entity mapping

entity_type str: The V3 type of the mapped entity
field_mappings Sequence[FieldMappingResponse]: array of field mappings for the given entity mapping

entityType String: The V3 type of the mapped entity
fieldMappings List<Property Map>: array of field mappings for the given entity mapping

EventGroupingSettingsResponse

AggregationKind string: The event grouping aggregation kinds

AggregationKind string: The event grouping aggregation kinds

aggregationKind String: The event grouping aggregation kinds

aggregationKind string: The event grouping aggregation kinds

aggregation_kind str: The event grouping aggregation kinds

aggregationKind String: The event grouping aggregation kinds

FieldMappingResponse

ColumnName string: the column name to be mapped to the identifier
Identifier string: the V3 identifier of the entity

ColumnName string: the column name to be mapped to the identifier
Identifier string: the V3 identifier of the entity

columnName String: the column name to be mapped to the identifier
identifier String: the V3 identifier of the entity

columnName string: the column name to be mapped to the identifier
identifier string: the V3 identifier of the entity

column_name str: the column name to be mapped to the identifier
identifier str: the V3 identifier of the entity

columnName String: the column name to be mapped to the identifier
identifier String: the V3 identifier of the entity

GroupingConfigurationResponse

Enabled bool: Grouping enabled
LookbackDuration string: Limit the group to alerts created within the lookback duration (in ISO 8601 duration format)
MatchingMethod string: Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, groupByCustomDetails must be provided and not empty.
ReopenClosedIncident bool: Re-open closed matching incidents
GroupByAlertDetails List<string>: A list of alert details to group by (when matchingMethod is Selected)
GroupByCustomDetails List<string>: A list of custom details keys to group by (when matchingMethod is Selected). Only keys defined in the current alert rule may be used.
GroupByEntities List<string>: A list of entity types to group by (when matchingMethod is Selected). Only entities defined in the current alert rule may be used.

Enabled bool: Grouping enabled
LookbackDuration string: Limit the group to alerts created within the lookback duration (in ISO 8601 duration format)
MatchingMethod string: Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, groupByCustomDetails must be provided and not empty.
ReopenClosedIncident bool: Re-open closed matching incidents
GroupByAlertDetails []string: A list of alert details to group by (when matchingMethod is Selected)
GroupByCustomDetails []string: A list of custom details keys to group by (when matchingMethod is Selected). Only keys defined in the current alert rule may be used.
GroupByEntities []string: A list of entity types to group by (when matchingMethod is Selected). Only entities defined in the current alert rule may be used.

enabled Boolean: Grouping enabled
lookbackDuration String: Limit the group to alerts created within the lookback duration (in ISO 8601 duration format)
matchingMethod String: Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, groupByCustomDetails must be provided and not empty.
reopenClosedIncident Boolean: Re-open closed matching incidents
groupByAlertDetails List<String>: A list of alert details to group by (when matchingMethod is Selected)
groupByCustomDetails List<String>: A list of custom details keys to group by (when matchingMethod is Selected). Only keys defined in the current alert rule may be used.
groupByEntities List<String>: A list of entity types to group by (when matchingMethod is Selected). Only entities defined in the current alert rule may be used.

enabled boolean: Grouping enabled
lookbackDuration string: Limit the group to alerts created within the lookback duration (in ISO 8601 duration format)
matchingMethod string: Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, groupByCustomDetails must be provided and not empty.
reopenClosedIncident boolean: Re-open closed matching incidents
groupByAlertDetails string[]: A list of alert details to group by (when matchingMethod is Selected)
groupByCustomDetails string[]: A list of custom details keys to group by (when matchingMethod is Selected). Only keys defined in the current alert rule may be used.
groupByEntities string[]: A list of entity types to group by (when matchingMethod is Selected). Only entities defined in the current alert rule may be used.

enabled bool: Grouping enabled
lookback_duration str: Limit the group to alerts created within the lookback duration (in ISO 8601 duration format)
matching_method str: Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, groupByCustomDetails must be provided and not empty.
reopen_closed_incident bool: Re-open closed matching incidents
group_by_alert_details Sequence[str]: A list of alert details to group by (when matchingMethod is Selected)
group_by_custom_details Sequence[str]: A list of custom details keys to group by (when matchingMethod is Selected). Only keys defined in the current alert rule may be used.
group_by_entities Sequence[str]: A list of entity types to group by (when matchingMethod is Selected). Only entities defined in the current alert rule may be used.

enabled Boolean: Grouping enabled
lookbackDuration String: Limit the group to alerts created within the lookback duration (in ISO 8601 duration format)
matchingMethod String: Grouping matching method. When method is Selected at least one of groupByEntities, groupByAlertDetails, groupByCustomDetails must be provided and not empty.
reopenClosedIncident Boolean: Re-open closed matching incidents
groupByAlertDetails List<String>: A list of alert details to group by (when matchingMethod is Selected)
groupByCustomDetails List<String>: A list of custom details keys to group by (when matchingMethod is Selected). Only keys defined in the current alert rule may be used.
groupByEntities List<String>: A list of entity types to group by (when matchingMethod is Selected). Only entities defined in the current alert rule may be used.

IncidentConfigurationResponse

CreateIncident bool: Create incidents from alerts triggered by this analytics rule
GroupingConfiguration Pulumi.AzureNative.SecurityInsights.Inputs.GroupingConfigurationResponse: Set how the alerts that are triggered by this analytics rule, are grouped into incidents

CreateIncident bool: Create incidents from alerts triggered by this analytics rule
GroupingConfiguration GroupingConfigurationResponse: Set how the alerts that are triggered by this analytics rule, are grouped into incidents

createIncident Boolean: Create incidents from alerts triggered by this analytics rule
groupingConfiguration GroupingConfigurationResponse: Set how the alerts that are triggered by this analytics rule, are grouped into incidents

createIncident boolean: Create incidents from alerts triggered by this analytics rule
groupingConfiguration GroupingConfigurationResponse: Set how the alerts that are triggered by this analytics rule, are grouped into incidents

create_incident bool: Create incidents from alerts triggered by this analytics rule
grouping_configuration GroupingConfigurationResponse: Set how the alerts that are triggered by this analytics rule, are grouped into incidents

createIncident Boolean: Create incidents from alerts triggered by this analytics rule
groupingConfiguration Property Map: Set how the alerts that are triggered by this analytics rule, are grouped into incidents

SystemDataResponse

CreatedAt string: The timestamp of resource creation (UTC).
CreatedBy string: The identity that created the resource.
CreatedByType string: The type of identity that created the resource.
LastModifiedAt string: The timestamp of resource last modification (UTC)
LastModifiedBy string: The identity that last modified the resource.
LastModifiedByType string: The type of identity that last modified the resource.

CreatedAt string: The timestamp of resource creation (UTC).
CreatedBy string: The identity that created the resource.
CreatedByType string: The type of identity that created the resource.
LastModifiedAt string: The timestamp of resource last modification (UTC)
LastModifiedBy string: The identity that last modified the resource.
LastModifiedByType string: The type of identity that last modified the resource.

createdAt String: The timestamp of resource creation (UTC).
createdBy String: The identity that created the resource.
createdByType String: The type of identity that created the resource.
lastModifiedAt String: The timestamp of resource last modification (UTC)
lastModifiedBy String: The identity that last modified the resource.
lastModifiedByType String: The type of identity that last modified the resource.

createdAt string: The timestamp of resource creation (UTC).
createdBy string: The identity that created the resource.
createdByType string: The type of identity that created the resource.
lastModifiedAt string: The timestamp of resource last modification (UTC)
lastModifiedBy string: The identity that last modified the resource.
lastModifiedByType string: The type of identity that last modified the resource.

created_at str: The timestamp of resource creation (UTC).
created_by str: The identity that created the resource.
created_by_type str: The type of identity that created the resource.
last_modified_at str: The timestamp of resource last modification (UTC)
last_modified_by str: The identity that last modified the resource.
last_modified_by_type str: The type of identity that last modified the resource.

createdAt String: The timestamp of resource creation (UTC).
createdBy String: The identity that created the resource.
createdByType String: The type of identity that created the resource.
lastModifiedAt String: The timestamp of resource last modification (UTC)
lastModifiedBy String: The identity that last modified the resource.
lastModifiedByType String: The type of identity that last modified the resource.

Package Details

Repository: Azure Native pulumi/pulumi-azure-native
License: Apache-2.0

This is the latest version of Azure Native. Use the Azure Native v2 docs if using the v2 version of this package.

Azure Native v3.2.0 published on Monday, Apr 14, 2025 by Pulumi

pulumi/pulumi-azure-native

azure-native.securityinsights.getScheduledAlertRule

On this page

On this page

Using getScheduledAlertRule

getScheduledAlertRule Result

Supporting Types

AlertDetailsOverrideResponse

AlertPropertyMappingResponse

EntityMappingResponse

EventGroupingSettingsResponse

FieldMappingResponse

GroupingConfigurationResponse

IncidentConfigurationResponse

SystemDataResponse

Package Details

On this page

On this page