← All packages

Azure Native

Pulumi Official

Package maintained by Pulumi

v1.67.0 published on Tuesday, Jul 12, 2022 by Pulumi

Source code

getIncident

Represents an incident in Azure Security Insights. API Version: 2020-01-01.

Using getIncident

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getIncident(args: GetIncidentArgs, opts?: InvokeOptions): Promise<GetIncidentResult>
function getIncidentOutput(args: GetIncidentOutputArgs, opts?: InvokeOptions): Output<GetIncidentResult>

def get_incident(incident_id: Optional[str] = None,
                 resource_group_name: Optional[str] = None,
                 workspace_name: Optional[str] = None,
                 opts: Optional[InvokeOptions] = None) -> GetIncidentResult
def get_incident_output(incident_id: Optional[pulumi.Input[str]] = None,
                 resource_group_name: Optional[pulumi.Input[str]] = None,
                 workspace_name: Optional[pulumi.Input[str]] = None,
                 opts: Optional[InvokeOptions] = None) -> Output[GetIncidentResult]

func LookupIncident(ctx *Context, args *LookupIncidentArgs, opts ...InvokeOption) (*LookupIncidentResult, error)
func LookupIncidentOutput(ctx *Context, args *LookupIncidentOutputArgs, opts ...InvokeOption) LookupIncidentResultOutput

> Note: This function is named LookupIncident in the Go SDK.

public static class GetIncident 
{
    public static Task<GetIncidentResult> InvokeAsync(GetIncidentArgs args, InvokeOptions? opts = null)
    public static Output<GetIncidentResult> Invoke(GetIncidentInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetIncidentResult> getIncident(GetIncidentArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet

Fn::Invoke:
  Function: azure-native:securityinsights:getIncident
  Arguments:
    # Arguments dictionary

The following arguments are supported:

IncidentId string: Incident ID
ResourceGroupName string: The name of the resource group within the user's subscription. The name is case insensitive.
WorkspaceName string: The name of the workspace.

IncidentId string: Incident ID
ResourceGroupName string: The name of the resource group within the user's subscription. The name is case insensitive.
WorkspaceName string: The name of the workspace.

incidentId String: Incident ID
resourceGroupName String: The name of the resource group within the user's subscription. The name is case insensitive.
workspaceName String: The name of the workspace.

incidentId string: Incident ID
resourceGroupName string: The name of the resource group within the user's subscription. The name is case insensitive.
workspaceName string: The name of the workspace.

incident_id str: Incident ID
resource_group_name str: The name of the resource group within the user's subscription. The name is case insensitive.
workspace_name str: The name of the workspace.

incidentId String: Incident ID
resourceGroupName String: The name of the resource group within the user's subscription. The name is case insensitive.
workspaceName String: The name of the workspace.

getIncident Result

The following output properties are available:

AdditionalData Pulumi.AzureNative.SecurityInsights.Outputs.IncidentAdditionalDataResponse: Additional data on the incident
CreatedTimeUtc string: The time the incident was created
Id string: Azure resource Id
IncidentNumber int: A sequential number
IncidentUrl string: The deep-link url to the incident in Azure portal
LastModifiedTimeUtc string: The last time the incident was updated
Name string: Azure resource name
RelatedAnalyticRuleIds List<string>: List of resource ids of Analytic rules related to the incident
Severity string: The severity of the incident
Status string: The status of the incident
Title string: The title of the incident
Type string: Azure resource type
Classification string: The reason the incident was closed
ClassificationComment string: Describes the reason the incident was closed
ClassificationReason string: The classification reason the incident was closed with
Description string: The description of the incident
Etag string: Etag of the azure resource
FirstActivityTimeUtc string: The time of the first activity in the incident
Labels List<Pulumi.AzureNative.SecurityInsights.Outputs.IncidentLabelResponse>: List of labels relevant to this incident
LastActivityTimeUtc string: The time of the last activity in the incident
Owner Pulumi.AzureNative.SecurityInsights.Outputs.IncidentOwnerInfoResponse: Describes a user that the incident is assigned to

AdditionalData IncidentAdditionalDataResponse: Additional data on the incident
CreatedTimeUtc string: The time the incident was created
Id string: Azure resource Id
IncidentNumber int: A sequential number
IncidentUrl string: The deep-link url to the incident in Azure portal
LastModifiedTimeUtc string: The last time the incident was updated
Name string: Azure resource name
RelatedAnalyticRuleIds []string: List of resource ids of Analytic rules related to the incident
Severity string: The severity of the incident
Status string: The status of the incident
Title string: The title of the incident
Type string: Azure resource type
Classification string: The reason the incident was closed
ClassificationComment string: Describes the reason the incident was closed
ClassificationReason string: The classification reason the incident was closed with
Description string: The description of the incident
Etag string: Etag of the azure resource
FirstActivityTimeUtc string: The time of the first activity in the incident
Labels []IncidentLabelResponse: List of labels relevant to this incident
LastActivityTimeUtc string: The time of the last activity in the incident
Owner IncidentOwnerInfoResponse: Describes a user that the incident is assigned to

additionalData IncidentAdditionalDataResponse: Additional data on the incident
createdTimeUtc String: The time the incident was created
id String: Azure resource Id
incidentNumber Integer: A sequential number
incidentUrl String: The deep-link url to the incident in Azure portal
lastModifiedTimeUtc String: The last time the incident was updated
name String: Azure resource name
relatedAnalyticRuleIds List<String>: List of resource ids of Analytic rules related to the incident
severity String: The severity of the incident
status String: The status of the incident
title String: The title of the incident
type String: Azure resource type
classification String: The reason the incident was closed
classificationComment String: Describes the reason the incident was closed
classificationReason String: The classification reason the incident was closed with
description String: The description of the incident
etag String: Etag of the azure resource
firstActivityTimeUtc String: The time of the first activity in the incident
labels List<IncidentLabelResponse>: List of labels relevant to this incident
lastActivityTimeUtc String: The time of the last activity in the incident
owner IncidentOwnerInfoResponse: Describes a user that the incident is assigned to

additionalData IncidentAdditionalDataResponse: Additional data on the incident
createdTimeUtc string: The time the incident was created
id string: Azure resource Id
incidentNumber number: A sequential number
incidentUrl string: The deep-link url to the incident in Azure portal
lastModifiedTimeUtc string: The last time the incident was updated
name string: Azure resource name
relatedAnalyticRuleIds string[]: List of resource ids of Analytic rules related to the incident
severity string: The severity of the incident
status string: The status of the incident
title string: The title of the incident
type string: Azure resource type
classification string: The reason the incident was closed
classificationComment string: Describes the reason the incident was closed
classificationReason string: The classification reason the incident was closed with
description string: The description of the incident
etag string: Etag of the azure resource
firstActivityTimeUtc string: The time of the first activity in the incident
labels IncidentLabelResponse[]: List of labels relevant to this incident
lastActivityTimeUtc string: The time of the last activity in the incident
owner IncidentOwnerInfoResponse: Describes a user that the incident is assigned to

additional_data IncidentAdditionalDataResponse: Additional data on the incident
created_time_utc str: The time the incident was created
id str: Azure resource Id
incident_number int: A sequential number
incident_url str: The deep-link url to the incident in Azure portal
last_modified_time_utc str: The last time the incident was updated
name str: Azure resource name
related_analytic_rule_ids Sequence[str]: List of resource ids of Analytic rules related to the incident
severity str: The severity of the incident
status str: The status of the incident
title str: The title of the incident
type str: Azure resource type
classification str: The reason the incident was closed
classification_comment str: Describes the reason the incident was closed
classification_reason str: The classification reason the incident was closed with
description str: The description of the incident
etag str: Etag of the azure resource
first_activity_time_utc str: The time of the first activity in the incident
labels Sequence[IncidentLabelResponse]: List of labels relevant to this incident
last_activity_time_utc str: The time of the last activity in the incident
owner IncidentOwnerInfoResponse: Describes a user that the incident is assigned to

additionalData Property Map: Additional data on the incident
createdTimeUtc String: The time the incident was created
id String: Azure resource Id
incidentNumber Number: A sequential number
incidentUrl String: The deep-link url to the incident in Azure portal
lastModifiedTimeUtc String: The last time the incident was updated
name String: Azure resource name
relatedAnalyticRuleIds List<String>: List of resource ids of Analytic rules related to the incident
severity String: The severity of the incident
status String: The status of the incident
title String: The title of the incident
type String: Azure resource type
classification String: The reason the incident was closed
classificationComment String: Describes the reason the incident was closed
classificationReason String: The classification reason the incident was closed with
description String: The description of the incident
etag String: Etag of the azure resource
firstActivityTimeUtc String: The time of the first activity in the incident
labels List<Property Map>: List of labels relevant to this incident
lastActivityTimeUtc String: The time of the last activity in the incident
owner Property Map: Describes a user that the incident is assigned to

Supporting Types

IncidentAdditionalDataResponse

AlertProductNames List<string>: List of product names of alerts in the incident
AlertsCount int: The number of alerts in the incident
BookmarksCount int: The number of bookmarks in the incident
CommentsCount int: The number of comments in the incident
Tactics List<string>: The tactics associated with incident

AlertProductNames []string: List of product names of alerts in the incident
AlertsCount int: The number of alerts in the incident
BookmarksCount int: The number of bookmarks in the incident
CommentsCount int: The number of comments in the incident
Tactics []string: The tactics associated with incident

alertProductNames List<String>: List of product names of alerts in the incident
alertsCount Integer: The number of alerts in the incident
bookmarksCount Integer: The number of bookmarks in the incident
commentsCount Integer: The number of comments in the incident
tactics List<String>: The tactics associated with incident

alertProductNames string[]: List of product names of alerts in the incident
alertsCount number: The number of alerts in the incident
bookmarksCount number: The number of bookmarks in the incident
commentsCount number: The number of comments in the incident
tactics string[]: The tactics associated with incident

alert_product_names Sequence[str]: List of product names of alerts in the incident
alerts_count int: The number of alerts in the incident
bookmarks_count int: The number of bookmarks in the incident
comments_count int: The number of comments in the incident
tactics Sequence[str]: The tactics associated with incident

alertProductNames List<String>: List of product names of alerts in the incident
alertsCount Number: The number of alerts in the incident
bookmarksCount Number: The number of bookmarks in the incident
commentsCount Number: The number of comments in the incident
tactics List<String>: The tactics associated with incident

IncidentLabelResponse

LabelName string: The name of the label
LabelType string: The type of the label

LabelName string: The name of the label
LabelType string: The type of the label

labelName String: The name of the label
labelType String: The type of the label

labelName string: The name of the label
labelType string: The type of the label

label_name str: The name of the label
label_type str: The type of the label

labelName String: The name of the label
labelType String: The type of the label

IncidentOwnerInfoResponse

AssignedTo string: The name of the user the incident is assigned to.
Email string: The email of the user the incident is assigned to.
ObjectId string: The object id of the user the incident is assigned to.
UserPrincipalName string: The user principal name of the user the incident is assigned to.

AssignedTo string: The name of the user the incident is assigned to.
Email string: The email of the user the incident is assigned to.
ObjectId string: The object id of the user the incident is assigned to.
UserPrincipalName string: The user principal name of the user the incident is assigned to.

assignedTo String: The name of the user the incident is assigned to.
email String: The email of the user the incident is assigned to.
objectId String: The object id of the user the incident is assigned to.
userPrincipalName String: The user principal name of the user the incident is assigned to.

assignedTo string: The name of the user the incident is assigned to.
email string: The email of the user the incident is assigned to.
objectId string: The object id of the user the incident is assigned to.
userPrincipalName string: The user principal name of the user the incident is assigned to.

assigned_to str: The name of the user the incident is assigned to.
email str: The email of the user the incident is assigned to.
object_id str: The object id of the user the incident is assigned to.
user_principal_name str: The user principal name of the user the incident is assigned to.

assignedTo String: The name of the user the incident is assigned to.
email String: The email of the user the incident is assigned to.
objectId String: The object id of the user the incident is assigned to.
userPrincipalName String: The user principal name of the user the incident is assigned to.

Package Details

Repository: https://github.com/pulumi/pulumi-azure-native
License: Apache-2.0