Azure Native

v1.88.1 published on Thursday, Dec 1, 2022 by Pulumi

getIncident

Represents an incident in Azure Security Insights. API Version: 2020-01-01.

Using getIncident

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getIncident(args: GetIncidentArgs, opts?: InvokeOptions): Promise<GetIncidentResult>
function getIncidentOutput(args: GetIncidentOutputArgs, opts?: InvokeOptions): Output<GetIncidentResult>

def get_incident(incident_id: Optional[str] = None,
                 resource_group_name: Optional[str] = None,
                 workspace_name: Optional[str] = None,
                 opts: Optional[InvokeOptions] = None) -> GetIncidentResult
def get_incident_output(incident_id: Optional[pulumi.Input[str]] = None,
                 resource_group_name: Optional[pulumi.Input[str]] = None,
                 workspace_name: Optional[pulumi.Input[str]] = None,
                 opts: Optional[InvokeOptions] = None) -> Output[GetIncidentResult]

func LookupIncident(ctx *Context, args *LookupIncidentArgs, opts ...InvokeOption) (*LookupIncidentResult, error)
func LookupIncidentOutput(ctx *Context, args *LookupIncidentOutputArgs, opts ...InvokeOption) LookupIncidentResultOutput

> Note: This function is named LookupIncident in the Go SDK.

public static class GetIncident 
{
    public static Task<GetIncidentResult> InvokeAsync(GetIncidentArgs args, InvokeOptions? opts = null)
    public static Output<GetIncidentResult> Invoke(GetIncidentInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetIncidentResult> getIncident(GetIncidentArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet

fn::invoke:
  function: azure-native:securityinsights:getIncident
  arguments:
    # arguments dictionary

The following arguments are supported:

IncidentId string: Incident ID
ResourceGroupName string: The name of the resource group within the user's subscription. The name is case insensitive.
WorkspaceName string: The name of the workspace.

IncidentId string: Incident ID
ResourceGroupName string: The name of the resource group within the user's subscription. The name is case insensitive.
WorkspaceName string: The name of the workspace.

incidentId String: Incident ID
resourceGroupName String: The name of the resource group within the user's subscription. The name is case insensitive.
workspaceName String: The name of the workspace.

incidentId string: Incident ID
resourceGroupName string: The name of the resource group within the user's subscription. The name is case insensitive.
workspaceName string: The name of the workspace.

incident_id str: Incident ID
resource_group_name str: The name of the resource group within the user's subscription. The name is case insensitive.
workspace_name str: The name of the workspace.

incidentId String: Incident ID
resourceGroupName String: The name of the resource group within the user's subscription. The name is case insensitive.
workspaceName String: The name of the workspace.

getIncident Result

The following output properties are available:

AdditionalData Pulumi.AzureNative.SecurityInsights.Outputs.IncidentAdditionalDataResponse: Additional data on the incident
CreatedTimeUtc string: The time the incident was created
Id string: Azure resource Id
IncidentNumber int: A sequential number
IncidentUrl string: The deep-link url to the incident in Azure portal
LastModifiedTimeUtc string: The last time the incident was updated
Name string: Azure resource name
RelatedAnalyticRuleIds List<string>: List of resource ids of Analytic rules related to the incident
Severity string: The severity of the incident
Status string: The status of the incident
Title string: The title of the incident
Type string: Azure resource type
Classification string: The reason the incident was closed
ClassificationComment string: Describes the reason the incident was closed
ClassificationReason string: The classification reason the incident was closed with
Description string: The description of the incident
Etag string: Etag of the azure resource
FirstActivityTimeUtc string: The time of the first activity in the incident
Labels List<Pulumi.AzureNative.SecurityInsights.Outputs.IncidentLabelResponse>: List of labels relevant to this incident
LastActivityTimeUtc string: The time of the last activity in the incident
Owner Pulumi.AzureNative.SecurityInsights.Outputs.IncidentOwnerInfoResponse: Describes a user that the incident is assigned to

AdditionalData IncidentAdditionalDataResponse: Additional data on the incident
CreatedTimeUtc string: The time the incident was created
Id string: Azure resource Id
IncidentNumber int: A sequential number
IncidentUrl string: The deep-link url to the incident in Azure portal
LastModifiedTimeUtc string: The last time the incident was updated
Name string: Azure resource name
RelatedAnalyticRuleIds []string: List of resource ids of Analytic rules related to the incident
Severity string: The severity of the incident
Status string: The status of the incident
Title string: The title of the incident
Type string: Azure resource type
Classification string: The reason the incident was closed
ClassificationComment string: Describes the reason the incident was closed
ClassificationReason string: The classification reason the incident was closed with
Description string: The description of the incident
Etag string: Etag of the azure resource
FirstActivityTimeUtc string: The time of the first activity in the incident
Labels []IncidentLabelResponse: List of labels relevant to this incident
LastActivityTimeUtc string: The time of the last activity in the incident
Owner IncidentOwnerInfoResponse: Describes a user that the incident is assigned to

additionalData IncidentAdditionalDataResponse: Additional data on the incident
createdTimeUtc String: The time the incident was created
id String: Azure resource Id
incidentNumber Integer: A sequential number
incidentUrl String: The deep-link url to the incident in Azure portal
lastModifiedTimeUtc String: The last time the incident was updated
name String: Azure resource name
relatedAnalyticRuleIds List<String>: List of resource ids of Analytic rules related to the incident
severity String: The severity of the incident
status String: The status of the incident
title String: The title of the incident
type String: Azure resource type
classification String: The reason the incident was closed
classificationComment String: Describes the reason the incident was closed
classificationReason String: The classification reason the incident was closed with
description String: The description of the incident
etag String: Etag of the azure resource
firstActivityTimeUtc String: The time of the first activity in the incident
labels List<IncidentLabelResponse>: List of labels relevant to this incident
lastActivityTimeUtc String: The time of the last activity in the incident
owner IncidentOwnerInfoResponse: Describes a user that the incident is assigned to

additionalData IncidentAdditionalDataResponse: Additional data on the incident
createdTimeUtc string: The time the incident was created
id string: Azure resource Id
incidentNumber number: A sequential number
incidentUrl string: The deep-link url to the incident in Azure portal
lastModifiedTimeUtc string: The last time the incident was updated
name string: Azure resource name
relatedAnalyticRuleIds string[]: List of resource ids of Analytic rules related to the incident
severity string: The severity of the incident
status string: The status of the incident
title string: The title of the incident
type string: Azure resource type
classification string: The reason the incident was closed
classificationComment string: Describes the reason the incident was closed
classificationReason string: The classification reason the incident was closed with
description string: The description of the incident
etag string: Etag of the azure resource
firstActivityTimeUtc string: The time of the first activity in the incident
labels IncidentLabelResponse[]: List of labels relevant to this incident
lastActivityTimeUtc string: The time of the last activity in the incident
owner IncidentOwnerInfoResponse: Describes a user that the incident is assigned to

additional_data IncidentAdditionalDataResponse: Additional data on the incident
created_time_utc str: The time the incident was created
id str: Azure resource Id
incident_number int: A sequential number
incident_url str: The deep-link url to the incident in Azure portal
last_modified_time_utc str: The last time the incident was updated
name str: Azure resource name
related_analytic_rule_ids Sequence[str]: List of resource ids of Analytic rules related to the incident
severity str: The severity of the incident
status str: The status of the incident
title str: The title of the incident
type str: Azure resource type
classification str: The reason the incident was closed
classification_comment str: Describes the reason the incident was closed
classification_reason str: The classification reason the incident was closed with
description str: The description of the incident
etag str: Etag of the azure resource
first_activity_time_utc str: The time of the first activity in the incident
labels Sequence[IncidentLabelResponse]: List of labels relevant to this incident
last_activity_time_utc str: The time of the last activity in the incident
owner IncidentOwnerInfoResponse: Describes a user that the incident is assigned to

additionalData Property Map: Additional data on the incident
createdTimeUtc String: The time the incident was created
id String: Azure resource Id
incidentNumber Number: A sequential number
incidentUrl String: The deep-link url to the incident in Azure portal
lastModifiedTimeUtc String: The last time the incident was updated
name String: Azure resource name
relatedAnalyticRuleIds List<String>: List of resource ids of Analytic rules related to the incident
severity String: The severity of the incident
status String: The status of the incident
title String: The title of the incident
type String: Azure resource type
classification String: The reason the incident was closed
classificationComment String: Describes the reason the incident was closed
classificationReason String: The classification reason the incident was closed with
description String: The description of the incident
etag String: Etag of the azure resource
firstActivityTimeUtc String: The time of the first activity in the incident
labels List<Property Map>: List of labels relevant to this incident
lastActivityTimeUtc String: The time of the last activity in the incident
owner Property Map: Describes a user that the incident is assigned to

Supporting Types

IncidentAdditionalDataResponse

AlertProductNames List<string>: List of product names of alerts in the incident
AlertsCount int: The number of alerts in the incident
BookmarksCount int: The number of bookmarks in the incident
CommentsCount int: The number of comments in the incident
Tactics List<string>: The tactics associated with incident

AlertProductNames []string: List of product names of alerts in the incident
AlertsCount int: The number of alerts in the incident
BookmarksCount int: The number of bookmarks in the incident
CommentsCount int: The number of comments in the incident
Tactics []string: The tactics associated with incident

alertProductNames List<String>: List of product names of alerts in the incident
alertsCount Integer: The number of alerts in the incident
bookmarksCount Integer: The number of bookmarks in the incident
commentsCount Integer: The number of comments in the incident
tactics List<String>: The tactics associated with incident

alertProductNames string[]: List of product names of alerts in the incident
alertsCount number: The number of alerts in the incident
bookmarksCount number: The number of bookmarks in the incident
commentsCount number: The number of comments in the incident
tactics string[]: The tactics associated with incident

alert_product_names Sequence[str]: List of product names of alerts in the incident
alerts_count int: The number of alerts in the incident
bookmarks_count int: The number of bookmarks in the incident
comments_count int: The number of comments in the incident
tactics Sequence[str]: The tactics associated with incident

alertProductNames List<String>: List of product names of alerts in the incident
alertsCount Number: The number of alerts in the incident
bookmarksCount Number: The number of bookmarks in the incident
commentsCount Number: The number of comments in the incident
tactics List<String>: The tactics associated with incident

IncidentLabelResponse

LabelName string: The name of the label
LabelType string: The type of the label

LabelName string: The name of the label
LabelType string: The type of the label

labelName String: The name of the label
labelType String: The type of the label

labelName string: The name of the label
labelType string: The type of the label

label_name str: The name of the label
label_type str: The type of the label

labelName String: The name of the label
labelType String: The type of the label

IncidentOwnerInfoResponse

AssignedTo string: The name of the user the incident is assigned to.
Email string: The email of the user the incident is assigned to.
ObjectId string: The object id of the user the incident is assigned to.
UserPrincipalName string: The user principal name of the user the incident is assigned to.

AssignedTo string: The name of the user the incident is assigned to.
Email string: The email of the user the incident is assigned to.
ObjectId string: The object id of the user the incident is assigned to.
UserPrincipalName string: The user principal name of the user the incident is assigned to.

assignedTo String: The name of the user the incident is assigned to.
email String: The email of the user the incident is assigned to.
objectId String: The object id of the user the incident is assigned to.
userPrincipalName String: The user principal name of the user the incident is assigned to.

assignedTo string: The name of the user the incident is assigned to.
email string: The email of the user the incident is assigned to.
objectId string: The object id of the user the incident is assigned to.
userPrincipalName string: The user principal name of the user the incident is assigned to.

assigned_to str: The name of the user the incident is assigned to.
email str: The email of the user the incident is assigned to.
object_id str: The object id of the user the incident is assigned to.
user_principal_name str: The user principal name of the user the incident is assigned to.

assignedTo String: The name of the user the incident is assigned to.
email String: The email of the user the incident is assigned to.
objectId String: The object id of the user the incident is assigned to.
userPrincipalName String: The user principal name of the user the incident is assigned to.

Package Details

Repository: https://github.com/pulumi/pulumi-azure-native
License: Apache-2.0