Package com.microsoft.graph.security.models

Class AlertEvidence

java.lang.Object

com.microsoft.graph.security.models.AlertEvidence

All Implemented Interfaces:

com.microsoft.graph.serializer.IJsonBackedObject

Direct Known Subclasses:

AnalyzedMessageEvidence, CloudApplicationEvidence, DeviceEvidence, FileEvidence, IpEvidence, MailboxEvidence, MailClusterEvidence, OauthApplicationEvidence, ProcessEvidence, RegistryKeyEvidence, RegistryValueEvidence, SecurityGroupEvidence, UrlEvidence, UserEvidence

public class AlertEvidence
extends Object
implements com.microsoft.graph.serializer.IJsonBackedObject

The class for the Alert Evidence.

Field Summary

Fields

Modifier and Type	Field	Description
OffsetDateTime	createdDateTime	The Created Date Time.
String	oDataType	the OData type of the object as returned by the service
EvidenceRemediationStatus	remediationStatus	The Remediation Status.
String	remediationStatusDetails	The Remediation Status Details.
List<EvidenceRole>	roles	The Roles.
List<String>	tags	The Tags.
EvidenceVerdict	verdict	The Verdict.

Constructor Summary

Constructors

Constructor	Description
AlertEvidence()

Method Summary

Modifier and Type	Method	Description
final com.microsoft.graph.serializer.AdditionalDataManager	additionalDataManager()
void	setRawObject(com.microsoft.graph.serializer.ISerializer serializer, com.google.gson.JsonObject json)	Sets the raw JSON object

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

oDataType

@SerializedName("@odata.type")
@Expose
@Nullable
public String oDataType

the OData type of the object as returned by the service

createdDateTime

@SerializedName(value="createdDateTime",
                alternate="CreatedDateTime")
@Expose
@Nullable
public OffsetDateTime createdDateTime

The Created Date Time. The time the evidence was created and added to the alert.

remediationStatus

@SerializedName(value="remediationStatus",
                alternate="RemediationStatus")
@Expose
@Nullable
public EvidenceRemediationStatus remediationStatus

The Remediation Status. Status of the remediation action taken. The possible values are: none, remediated, prevented, blocked, notFound, unknownFutureValue.

remediationStatusDetails

@SerializedName(value="remediationStatusDetails",
                alternate="RemediationStatusDetails")
@Expose
@Nullable
public String remediationStatusDetails

The Remediation Status Details. Details about the remediation status.

roles

@SerializedName(value="roles",
                alternate="Roles")
@Expose
@Nullable
public List<EvidenceRole> roles

The Roles. The role/s that an evidence entity represents in an alert, e.g., an IP address that is associated with an attacker will have the evidence role 'Attacker'.

tags

@SerializedName(value="tags",
                alternate="Tags")
@Expose
@Nullable
public List<String> tags

The Tags. Array of custom tags associated with an evidence instance, for example to denote a group of devices, high value assets, etc.

verdict

@SerializedName(value="verdict",
                alternate="Verdict")
@Expose
@Nullable
public EvidenceVerdict verdict

The Verdict. The decision reached by automated investigation. The possible values are: unknown, suspicious, malicious, noThreatsFound, unknownFutureValue.

Constructor Details

AlertEvidence

public AlertEvidence()

Method Details

additionalDataManager

@Nonnull
public final com.microsoft.graph.serializer.AdditionalDataManager additionalDataManager()

Specified by:

additionalDataManager in interface com.microsoft.graph.serializer.IJsonBackedObject

setRawObject

public void setRawObject(@Nonnull
 com.microsoft.graph.serializer.ISerializer serializer,
 @Nonnull
 com.google.gson.JsonObject json)

Sets the raw JSON object

Specified by:

setRawObject in interface com.microsoft.graph.serializer.IJsonBackedObject

Parameters:

serializer - the serializer

json - the JSON object to set this object to