We recommend using Azure Native.
azure.sentinel.getAlertRuleAnomaly
Explore with Pulumi AI
Use this data source to access information about an existing Anomaly Alert Rule.
Example Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new()
{
Location = "West Europe",
});
var exampleAnalyticsWorkspace = new Azure.OperationalInsights.AnalyticsWorkspace("exampleAnalyticsWorkspace", new()
{
Location = exampleResourceGroup.Location,
ResourceGroupName = exampleResourceGroup.Name,
Sku = "PerGB2018",
});
var exampleLogAnalyticsWorkspaceOnboarding = new Azure.Sentinel.LogAnalyticsWorkspaceOnboarding("exampleLogAnalyticsWorkspaceOnboarding", new()
{
WorkspaceId = exampleAnalyticsWorkspace.Id,
CustomerManagedKeyEnabled = false,
});
var exampleAlertRuleAnomaly = Azure.Sentinel.GetAlertRuleAnomaly.Invoke(new()
{
LogAnalyticsWorkspaceId = exampleLogAnalyticsWorkspaceOnboarding.WorkspaceId,
DisplayName = "Potential data staging",
});
return new Dictionary<string, object?>
{
["id"] = exampleAlertRuleAnomaly.Apply(getAlertRuleAnomalyResult => getAlertRuleAnomalyResult.Id),
};
});
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/operationalinsights"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/sentinel"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleAnalyticsWorkspace, err := operationalinsights.NewAnalyticsWorkspace(ctx, "exampleAnalyticsWorkspace", &operationalinsights.AnalyticsWorkspaceArgs{
Location: exampleResourceGroup.Location,
ResourceGroupName: exampleResourceGroup.Name,
Sku: pulumi.String("PerGB2018"),
})
if err != nil {
return err
}
exampleLogAnalyticsWorkspaceOnboarding, err := sentinel.NewLogAnalyticsWorkspaceOnboarding(ctx, "exampleLogAnalyticsWorkspaceOnboarding", &sentinel.LogAnalyticsWorkspaceOnboardingArgs{
WorkspaceId: exampleAnalyticsWorkspace.ID(),
CustomerManagedKeyEnabled: pulumi.Bool(false),
})
if err != nil {
return err
}
exampleAlertRuleAnomaly := sentinel.GetAlertRuleAnomalyOutput(ctx, sentinel.GetAlertRuleAnomalyOutputArgs{
LogAnalyticsWorkspaceId: exampleLogAnalyticsWorkspaceOnboarding.WorkspaceId,
DisplayName: pulumi.String("Potential data staging"),
}, nil)
ctx.Export("id", exampleAlertRuleAnomaly.ApplyT(func(exampleAlertRuleAnomaly sentinel.GetAlertRuleAnomalyResult) (*string, error) {
return &exampleAlertRuleAnomaly.Id, nil
}).(pulumi.StringPtrOutput))
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.operationalinsights.AnalyticsWorkspace;
import com.pulumi.azure.operationalinsights.AnalyticsWorkspaceArgs;
import com.pulumi.azure.sentinel.LogAnalyticsWorkspaceOnboarding;
import com.pulumi.azure.sentinel.LogAnalyticsWorkspaceOnboardingArgs;
import com.pulumi.azure.sentinel.SentinelFunctions;
import com.pulumi.azure.sentinel.inputs.GetAlertRuleAnomalyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
.location("West Europe")
.build());
var exampleAnalyticsWorkspace = new AnalyticsWorkspace("exampleAnalyticsWorkspace", AnalyticsWorkspaceArgs.builder()
.location(exampleResourceGroup.location())
.resourceGroupName(exampleResourceGroup.name())
.sku("PerGB2018")
.build());
var exampleLogAnalyticsWorkspaceOnboarding = new LogAnalyticsWorkspaceOnboarding("exampleLogAnalyticsWorkspaceOnboarding", LogAnalyticsWorkspaceOnboardingArgs.builder()
.workspaceId(exampleAnalyticsWorkspace.id())
.customerManagedKeyEnabled(false)
.build());
final var exampleAlertRuleAnomaly = SentinelFunctions.getAlertRuleAnomaly(GetAlertRuleAnomalyArgs.builder()
.logAnalyticsWorkspaceId(exampleLogAnalyticsWorkspaceOnboarding.workspaceId())
.displayName("Potential data staging")
.build());
ctx.export("id", exampleAlertRuleAnomaly.applyValue(getAlertRuleAnomalyResult -> getAlertRuleAnomalyResult).applyValue(exampleAlertRuleAnomaly -> exampleAlertRuleAnomaly.applyValue(getAlertRuleAnomalyResult -> getAlertRuleAnomalyResult.id())));
}
}
import pulumi
import pulumi_azure as azure
example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_analytics_workspace = azure.operationalinsights.AnalyticsWorkspace("exampleAnalyticsWorkspace",
location=example_resource_group.location,
resource_group_name=example_resource_group.name,
sku="PerGB2018")
example_log_analytics_workspace_onboarding = azure.sentinel.LogAnalyticsWorkspaceOnboarding("exampleLogAnalyticsWorkspaceOnboarding",
workspace_id=example_analytics_workspace.id,
customer_managed_key_enabled=False)
example_alert_rule_anomaly = azure.sentinel.get_alert_rule_anomaly_output(log_analytics_workspace_id=example_log_analytics_workspace_onboarding.workspace_id,
display_name="Potential data staging")
pulumi.export("id", example_alert_rule_anomaly.id)
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"});
const exampleAnalyticsWorkspace = new azure.operationalinsights.AnalyticsWorkspace("exampleAnalyticsWorkspace", {
location: exampleResourceGroup.location,
resourceGroupName: exampleResourceGroup.name,
sku: "PerGB2018",
});
const exampleLogAnalyticsWorkspaceOnboarding = new azure.sentinel.LogAnalyticsWorkspaceOnboarding("exampleLogAnalyticsWorkspaceOnboarding", {
workspaceId: exampleAnalyticsWorkspace.id,
customerManagedKeyEnabled: false,
});
const exampleAlertRuleAnomaly = azure.sentinel.getAlertRuleAnomalyOutput({
logAnalyticsWorkspaceId: exampleLogAnalyticsWorkspaceOnboarding.workspaceId,
displayName: "Potential data staging",
});
export const id = exampleAlertRuleAnomaly.apply(exampleAlertRuleAnomaly => exampleAlertRuleAnomaly.id);
resources:
exampleResourceGroup:
type: azure:core:ResourceGroup
properties:
location: West Europe
exampleAnalyticsWorkspace:
type: azure:operationalinsights:AnalyticsWorkspace
properties:
location: ${exampleResourceGroup.location}
resourceGroupName: ${exampleResourceGroup.name}
sku: PerGB2018
exampleLogAnalyticsWorkspaceOnboarding:
type: azure:sentinel:LogAnalyticsWorkspaceOnboarding
properties:
workspaceId: ${exampleAnalyticsWorkspace.id}
customerManagedKeyEnabled: false
variables:
exampleAlertRuleAnomaly:
fn::invoke:
Function: azure:sentinel:getAlertRuleAnomaly
Arguments:
logAnalyticsWorkspaceId: ${exampleLogAnalyticsWorkspaceOnboarding.workspaceId}
displayName: Potential data staging
outputs:
id: ${exampleAlertRuleAnomaly.id}
Using getAlertRuleAnomaly
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getAlertRuleAnomaly(args: GetAlertRuleAnomalyArgs, opts?: InvokeOptions): Promise<GetAlertRuleAnomalyResult>
function getAlertRuleAnomalyOutput(args: GetAlertRuleAnomalyOutputArgs, opts?: InvokeOptions): Output<GetAlertRuleAnomalyResult>
def get_alert_rule_anomaly(display_name: Optional[str] = None,
log_analytics_workspace_id: Optional[str] = None,
name: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetAlertRuleAnomalyResult
def get_alert_rule_anomaly_output(display_name: Optional[pulumi.Input[str]] = None,
log_analytics_workspace_id: Optional[pulumi.Input[str]] = None,
name: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetAlertRuleAnomalyResult]
func GetAlertRuleAnomaly(ctx *Context, args *GetAlertRuleAnomalyArgs, opts ...InvokeOption) (*GetAlertRuleAnomalyResult, error)
func GetAlertRuleAnomalyOutput(ctx *Context, args *GetAlertRuleAnomalyOutputArgs, opts ...InvokeOption) GetAlertRuleAnomalyResultOutput
> Note: This function is named GetAlertRuleAnomaly
in the Go SDK.
public static class GetAlertRuleAnomaly
{
public static Task<GetAlertRuleAnomalyResult> InvokeAsync(GetAlertRuleAnomalyArgs args, InvokeOptions? opts = null)
public static Output<GetAlertRuleAnomalyResult> Invoke(GetAlertRuleAnomalyInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetAlertRuleAnomalyResult> getAlertRuleAnomaly(GetAlertRuleAnomalyArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: azure:sentinel/getAlertRuleAnomaly:getAlertRuleAnomaly
arguments:
# arguments dictionary
The following arguments are supported:
- Log
Analytics stringWorkspace Id The ID of the Log Analytics Workspace.
- Display
Name string The display name of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.NOTE One of
name
ordisplay_name
must be specified.- Name string
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.
- Log
Analytics stringWorkspace Id The ID of the Log Analytics Workspace.
- Display
Name string The display name of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.NOTE One of
name
ordisplay_name
must be specified.- Name string
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.
- log
Analytics StringWorkspace Id The ID of the Log Analytics Workspace.
- display
Name String The display name of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.NOTE One of
name
ordisplay_name
must be specified.- name String
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.
- log
Analytics stringWorkspace Id The ID of the Log Analytics Workspace.
- display
Name string The display name of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.NOTE One of
name
ordisplay_name
must be specified.- name string
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.
- log_
analytics_ strworkspace_ id The ID of the Log Analytics Workspace.
- display_
name str The display name of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.NOTE One of
name
ordisplay_name
must be specified.- name str
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.
- log
Analytics StringWorkspace Id The ID of the Log Analytics Workspace.
- display
Name String The display name of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.NOTE One of
name
ordisplay_name
must be specified.- name String
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.
getAlertRuleAnomaly Result
The following output properties are available:
- Anomaly
Settings intVersion The version of the Anomaly Security ML Analytics Settings.
- Anomaly
Version string The anomaly version of the Anomaly Alert Rule.
- Description string
The description of the threshold observation.
- Display
Name string - Enabled bool
Is the Anomaly Alert Rule enabled?
- Frequency string
The frequency the Anomaly Alert Rule will be run.
- Id string
The provider-assigned unique ID for this managed resource.
- Log
Analytics stringWorkspace Id - Mode string
- Multi
Select List<GetObservations Alert Rule Anomaly Multi Select Observation> A list of
multi_select_observation
blocks as defined below.- Name string
The name of the threshold observation.
- Prioritized
Exclude List<GetObservations Alert Rule Anomaly Prioritized Exclude Observation> A list of
prioritized_exclude_observation
blocks as defined below.- Required
Data List<GetConnectors Alert Rule Anomaly Required Data Connector> A
required_data_connector
block as defined below.- Settings
Definition stringId The ID of the anomaly settings definition Id.
- Single
Select List<GetObservations Alert Rule Anomaly Single Select Observation> A list of
single_select_observation
blocks as defined below.- Tactics List<string>
A list of categories of attacks by which to classify the rule.
- Techniques List<string>
A list of techniques of attacks by which to classify the rule.
- Threshold
Observations List<GetAlert Rule Anomaly Threshold Observation> A list of
threshold_observation
blocks as defined below.
- Anomaly
Settings intVersion The version of the Anomaly Security ML Analytics Settings.
- Anomaly
Version string The anomaly version of the Anomaly Alert Rule.
- Description string
The description of the threshold observation.
- Display
Name string - Enabled bool
Is the Anomaly Alert Rule enabled?
- Frequency string
The frequency the Anomaly Alert Rule will be run.
- Id string
The provider-assigned unique ID for this managed resource.
- Log
Analytics stringWorkspace Id - Mode string
- Multi
Select []GetObservations Alert Rule Anomaly Multi Select Observation A list of
multi_select_observation
blocks as defined below.- Name string
The name of the threshold observation.
- Prioritized
Exclude []GetObservations Alert Rule Anomaly Prioritized Exclude Observation A list of
prioritized_exclude_observation
blocks as defined below.- Required
Data []GetConnectors Alert Rule Anomaly Required Data Connector A
required_data_connector
block as defined below.- Settings
Definition stringId The ID of the anomaly settings definition Id.
- Single
Select []GetObservations Alert Rule Anomaly Single Select Observation A list of
single_select_observation
blocks as defined below.- Tactics []string
A list of categories of attacks by which to classify the rule.
- Techniques []string
A list of techniques of attacks by which to classify the rule.
- Threshold
Observations []GetAlert Rule Anomaly Threshold Observation A list of
threshold_observation
blocks as defined below.
- anomaly
Settings IntegerVersion The version of the Anomaly Security ML Analytics Settings.
- anomaly
Version String The anomaly version of the Anomaly Alert Rule.
- description String
The description of the threshold observation.
- display
Name String - enabled Boolean
Is the Anomaly Alert Rule enabled?
- frequency String
The frequency the Anomaly Alert Rule will be run.
- id String
The provider-assigned unique ID for this managed resource.
- log
Analytics StringWorkspace Id - mode String
- multi
Select List<GetObservations Alert Rule Anomaly Multi Select Observation> A list of
multi_select_observation
blocks as defined below.- name String
The name of the threshold observation.
- prioritized
Exclude List<GetObservations Alert Rule Anomaly Prioritized Exclude Observation> A list of
prioritized_exclude_observation
blocks as defined below.- required
Data List<GetConnectors Alert Rule Anomaly Required Data Connector> A
required_data_connector
block as defined below.- settings
Definition StringId The ID of the anomaly settings definition Id.
- single
Select List<GetObservations Alert Rule Anomaly Single Select Observation> A list of
single_select_observation
blocks as defined below.- tactics List<String>
A list of categories of attacks by which to classify the rule.
- techniques List<String>
A list of techniques of attacks by which to classify the rule.
- threshold
Observations List<GetAlert Rule Anomaly Threshold Observation> A list of
threshold_observation
blocks as defined below.
- anomaly
Settings numberVersion The version of the Anomaly Security ML Analytics Settings.
- anomaly
Version string The anomaly version of the Anomaly Alert Rule.
- description string
The description of the threshold observation.
- display
Name string - enabled boolean
Is the Anomaly Alert Rule enabled?
- frequency string
The frequency the Anomaly Alert Rule will be run.
- id string
The provider-assigned unique ID for this managed resource.
- log
Analytics stringWorkspace Id - mode string
- multi
Select GetObservations Alert Rule Anomaly Multi Select Observation[] A list of
multi_select_observation
blocks as defined below.- name string
The name of the threshold observation.
- prioritized
Exclude GetObservations Alert Rule Anomaly Prioritized Exclude Observation[] A list of
prioritized_exclude_observation
blocks as defined below.- required
Data GetConnectors Alert Rule Anomaly Required Data Connector[] A
required_data_connector
block as defined below.- settings
Definition stringId The ID of the anomaly settings definition Id.
- single
Select GetObservations Alert Rule Anomaly Single Select Observation[] A list of
single_select_observation
blocks as defined below.- tactics string[]
A list of categories of attacks by which to classify the rule.
- techniques string[]
A list of techniques of attacks by which to classify the rule.
- threshold
Observations GetAlert Rule Anomaly Threshold Observation[] A list of
threshold_observation
blocks as defined below.
- anomaly_
settings_ intversion The version of the Anomaly Security ML Analytics Settings.
- anomaly_
version str The anomaly version of the Anomaly Alert Rule.
- description str
The description of the threshold observation.
- display_
name str - enabled bool
Is the Anomaly Alert Rule enabled?
- frequency str
The frequency the Anomaly Alert Rule will be run.
- id str
The provider-assigned unique ID for this managed resource.
- log_
analytics_ strworkspace_ id - mode str
- multi_
select_ Sequence[Getobservations Alert Rule Anomaly Multi Select Observation] A list of
multi_select_observation
blocks as defined below.- name str
The name of the threshold observation.
- prioritized_
exclude_ Sequence[Getobservations Alert Rule Anomaly Prioritized Exclude Observation] A list of
prioritized_exclude_observation
blocks as defined below.- required_
data_ Sequence[Getconnectors Alert Rule Anomaly Required Data Connector] A
required_data_connector
block as defined below.- settings_
definition_ strid The ID of the anomaly settings definition Id.
- single_
select_ Sequence[Getobservations Alert Rule Anomaly Single Select Observation] A list of
single_select_observation
blocks as defined below.- tactics Sequence[str]
A list of categories of attacks by which to classify the rule.
- techniques Sequence[str]
A list of techniques of attacks by which to classify the rule.
- threshold_
observations Sequence[GetAlert Rule Anomaly Threshold Observation] A list of
threshold_observation
blocks as defined below.
- anomaly
Settings NumberVersion The version of the Anomaly Security ML Analytics Settings.
- anomaly
Version String The anomaly version of the Anomaly Alert Rule.
- description String
The description of the threshold observation.
- display
Name String - enabled Boolean
Is the Anomaly Alert Rule enabled?
- frequency String
The frequency the Anomaly Alert Rule will be run.
- id String
The provider-assigned unique ID for this managed resource.
- log
Analytics StringWorkspace Id - mode String
- multi
Select List<Property Map>Observations A list of
multi_select_observation
blocks as defined below.- name String
The name of the threshold observation.
- prioritized
Exclude List<Property Map>Observations A list of
prioritized_exclude_observation
blocks as defined below.- required
Data List<Property Map>Connectors A
required_data_connector
block as defined below.- settings
Definition StringId The ID of the anomaly settings definition Id.
- single
Select List<Property Map>Observations A list of
single_select_observation
blocks as defined below.- tactics List<String>
A list of categories of attacks by which to classify the rule.
- techniques List<String>
A list of techniques of attacks by which to classify the rule.
- threshold
Observations List<Property Map> A list of
threshold_observation
blocks as defined below.
Supporting Types
GetAlertRuleAnomalyMultiSelectObservation
- Description string
The description of the threshold observation.
- Name string
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- Supported
Values List<string> A list of supported values of the single select observation.
- Values List<string>
A list of values of the single select observation.
- Description string
The description of the threshold observation.
- Name string
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- Supported
Values []string A list of supported values of the single select observation.
- Values []string
A list of values of the single select observation.
- description String
The description of the threshold observation.
- name String
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- supported
Values List<String> A list of supported values of the single select observation.
- values List<String>
A list of values of the single select observation.
- description string
The description of the threshold observation.
- name string
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- supported
Values string[] A list of supported values of the single select observation.
- values string[]
A list of values of the single select observation.
- description str
The description of the threshold observation.
- name str
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- supported_
values Sequence[str] A list of supported values of the single select observation.
- values Sequence[str]
A list of values of the single select observation.
- description String
The description of the threshold observation.
- name String
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- supported
Values List<String> A list of supported values of the single select observation.
- values List<String>
A list of values of the single select observation.
GetAlertRuleAnomalyPrioritizedExcludeObservation
- Description string
The description of the threshold observation.
- Exclude string
The excluded value per
description
.- Name string
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- Prioritize string
The prioritized value per
description
.
- Description string
The description of the threshold observation.
- Exclude string
The excluded value per
description
.- Name string
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- Prioritize string
The prioritized value per
description
.
- description String
The description of the threshold observation.
- exclude String
The excluded value per
description
.- name String
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- prioritize String
The prioritized value per
description
.
- description string
The description of the threshold observation.
- exclude string
The excluded value per
description
.- name string
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- prioritize string
The prioritized value per
description
.
- description str
The description of the threshold observation.
- exclude str
The excluded value per
description
.- name str
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- prioritize str
The prioritized value per
description
.
- description String
The description of the threshold observation.
- exclude String
The excluded value per
description
.- name String
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- prioritize String
The prioritized value per
description
.
GetAlertRuleAnomalyRequiredDataConnector
- Connector
Id string The ID of the required Data Connector.
- Data
Types List<string> A list of data types of the required Data Connector.
- Connector
Id string The ID of the required Data Connector.
- Data
Types []string A list of data types of the required Data Connector.
- connector
Id String The ID of the required Data Connector.
- data
Types List<String> A list of data types of the required Data Connector.
- connector
Id string The ID of the required Data Connector.
- data
Types string[] A list of data types of the required Data Connector.
- connector_
id str The ID of the required Data Connector.
- data_
types Sequence[str] A list of data types of the required Data Connector.
- connector
Id String The ID of the required Data Connector.
- data
Types List<String> A list of data types of the required Data Connector.
GetAlertRuleAnomalySingleSelectObservation
- Description string
The description of the threshold observation.
- Name string
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- Supported
Values List<string> A list of supported values of the single select observation.
- Value string
The value of the threshold observation.
- Description string
The description of the threshold observation.
- Name string
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- Supported
Values []string A list of supported values of the single select observation.
- Value string
The value of the threshold observation.
- description String
The description of the threshold observation.
- name String
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- supported
Values List<String> A list of supported values of the single select observation.
- value String
The value of the threshold observation.
- description string
The description of the threshold observation.
- name string
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- supported
Values string[] A list of supported values of the single select observation.
- value string
The value of the threshold observation.
- description str
The description of the threshold observation.
- name str
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- supported_
values Sequence[str] A list of supported values of the single select observation.
- value str
The value of the threshold observation.
- description String
The description of the threshold observation.
- name String
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- supported
Values List<String> A list of supported values of the single select observation.
- value String
The value of the threshold observation.
GetAlertRuleAnomalyThresholdObservation
- Description string
The description of the threshold observation.
- Max string
The max value of the threshold observation.
- Min string
The min value of the threshold observation.
- Name string
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- Value string
The value of the threshold observation.
- Description string
The description of the threshold observation.
- Max string
The max value of the threshold observation.
- Min string
The min value of the threshold observation.
- Name string
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- Value string
The value of the threshold observation.
- description String
The description of the threshold observation.
- max String
The max value of the threshold observation.
- min String
The min value of the threshold observation.
- name String
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- value String
The value of the threshold observation.
- description string
The description of the threshold observation.
- max string
The max value of the threshold observation.
- min string
The min value of the threshold observation.
- name string
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- value string
The value of the threshold observation.
- description str
The description of the threshold observation.
- max str
The max value of the threshold observation.
- min str
The min value of the threshold observation.
- name str
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- value str
The value of the threshold observation.
- description String
The description of the threshold observation.
- max String
The max value of the threshold observation.
- min String
The min value of the threshold observation.
- name String
The guid of this Sentinel Alert Rule Template. Either
display_name
orname
have to be specified.- value String
The value of the threshold observation.
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
azurerm
Terraform Provider.