Package com.microsoft.graph.security.models

Class ProcessEvidence

java.lang.Object
com.microsoft.graph.security.models.AlertEvidence
com.microsoft.graph.security.models.ProcessEvidence
All Implemented Interfaces:
com.microsoft.graph.serializer.IJsonBackedObject
public class ProcessEvidence extends AlertEvidence implements com.microsoft.graph.serializer.IJsonBackedObject
The class for the Process Evidence.

  • Field Details

    • detectionStatus

      @SerializedName(value="detectionStatus", alternate="DetectionStatus") @Expose @Nullable public DetectionStatus detectionStatus
      The Detection Status. The status of the detection.The possible values are: detected, blocked, prevented, unknownFutureValue.

    • imageFile

      @SerializedName(value="imageFile", alternate="ImageFile") @Expose @Nullable public FileDetails imageFile
      The Image File. Image file details.

    • mdeDeviceId

      @SerializedName(value="mdeDeviceId", alternate="MdeDeviceId") @Expose @Nullable public String mdeDeviceId
      The Mde Device Id. A unique identifier assigned to a device by Microsoft Defender for Endpoint.

    • parentProcessCreationDateTime

      @SerializedName(value="parentProcessCreationDateTime", alternate="ParentProcessCreationDateTime") @Expose @Nullable public OffsetDateTime parentProcessCreationDateTime
      The Parent Process Creation Date Time. Date and time when the parent of the process was created.

    • parentProcessId

      @SerializedName(value="parentProcessId", alternate="ParentProcessId") @Expose @Nullable public Long parentProcessId
      The Parent Process Id. Process ID (PID) of the parent process that spawned the process.

    • parentProcessImageFile

      @SerializedName(value="parentProcessImageFile", alternate="ParentProcessImageFile") @Expose @Nullable public FileDetails parentProcessImageFile
      The Parent Process Image File. Parent process image file details.

    • processCommandLine

      @SerializedName(value="processCommandLine", alternate="ProcessCommandLine") @Expose @Nullable public String processCommandLine
      The Process Command Line. Command line used to create the new process.

    • processCreationDateTime

      @SerializedName(value="processCreationDateTime", alternate="ProcessCreationDateTime") @Expose @Nullable public OffsetDateTime processCreationDateTime
      The Process Creation Date Time. Date and time the process was created.

    • processId

      @SerializedName(value="processId", alternate="ProcessId") @Expose @Nullable public Long processId
      The Process Id. Process ID (PID) of the newly created process.

    • userAccount

      @SerializedName(value="userAccount", alternate="UserAccount") @Expose @Nullable public UserAccount userAccount
      The User Account. User details of the user that ran the process.

  • Constructor Details

    • ProcessEvidence

      public ProcessEvidence()

  • Method Details

    • setRawObject

      public void setRawObject(@Nonnull com.microsoft.graph.serializer.ISerializer serializer, @Nonnull com.google.gson.JsonObject json)
      Sets the raw JSON object
      Specified by:
      setRawObject in interface com.microsoft.graph.serializer.IJsonBackedObject
      Overrides:
      setRawObject in class AlertEvidence
      Parameters:
      serializer - the serializer
      json - the JSON object to set this object to