/// <summary>
/// Initializes a new instance of the ScheduledAlertRule class.
/// </summary>
/// <param name="queryFrequency">The frequency (in ISO 8601 duration
/// format) for this alert rule to run.</param>
/// <param name="queryPeriod">The period (in ISO 8601 duration format)
/// that this alert rule looks at.</param>
/// <param name="triggerOperator">The operation against the threshold
/// that triggers alert rule. Possible values include: 'GreaterThan',
/// 'LessThan', 'Equal', 'NotEqual'</param>
/// <param name="triggerThreshold">The threshold triggers this alert
/// rule.</param>
/// <param name="query">The query that creates alerts for this
/// rule.</param>
/// <param name="displayName">The display name for alerts created by
/// this alert rule.</param>
/// <param name="enabled">Determines whether this alert rule is enabled
/// or disabled.</param>
/// <param name="suppressionDuration">The suppression (in ISO 8601
/// duration format) to wait since last time this alert rule been
/// triggered.</param>
/// <param name="suppressionEnabled">Determines whether the suppression
/// for this alert rule is enabled or disabled.</param>
/// <param name="severity">The severity for alerts created by this
/// alert rule. Possible values include: 'High', 'Medium', 'Low',
/// 'Informational'</param>
/// <param name="id">Fully qualified resource ID for the resource. Ex -
/// /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}</param>
/// <param name="name">The name of the resource</param>
/// <param name="type">The type of the resource. E.g.
/// "Microsoft.Compute/virtualMachines" or
/// "Microsoft.Storage/storageAccounts"</param>
/// <param name="systemData">Azure Resource Manager metadata containing
/// createdBy and modifiedBy information.</param>
/// <param name="etag">Etag of the azure resource</param>
/// <param name="eventGroupingSettings">The event grouping
/// settings.</param>
/// <param name="alertRuleTemplateName">The Name of the alert rule
/// template used to create this rule.</param>
/// <param name="templateVersion">The version of the alert rule
/// template used to create this rule - in format <a.b.c>, where
/// all are numbers, for example 0 <1.0.2></param>
/// <param name="description">The description of the alert
/// rule.</param>
/// <param name="lastModifiedUtc">The last time that this alert rule
/// has been modified.</param>
/// <param name="tactics">The tactics of the alert rule</param>
/// <param name="incidentConfiguration">The settings of the incidents
/// that created from alerts triggered by this analytics rule</param>
/// <param name="customDetails">Dictionary of string key-value pairs of
/// columns to be attached to the alert</param>
/// <param name="entityMappings">Array of the entity mappings of the
/// alert rule</param>
/// <param name="alertDetailsOverride">The alert details override
/// settings</param>
public ScheduledAlertRule(System.TimeSpan queryFrequency, System.TimeSpan queryPeriod, TriggerOperator triggerOperator, int triggerThreshold, string query, string displayName, bool enabled, System.TimeSpan suppressionDuration, bool suppressionEnabled, string severity, string id = default(string), string name = default(string), string type = default(string), SystemData systemData = default(SystemData), string etag = default(string), EventGroupingSettings eventGroupingSettings = default(EventGroupingSettings), string alertRuleTemplateName = default(string), string templateVersion = default(string), string description = default(string), System.DateTime?lastModifiedUtc = default(System.DateTime?), IList <string> tactics = default(IList <string>), IncidentConfiguration incidentConfiguration = default(IncidentConfiguration), IDictionary <string, string> customDetails = default(IDictionary <string, string>), IList <EntityMapping> entityMappings = default(IList <EntityMapping>), AlertDetailsOverride alertDetailsOverride = default(AlertDetailsOverride))
: base(id, name, type, systemData, etag)
{
QueryFrequency = queryFrequency;
QueryPeriod = queryPeriod;
TriggerOperator = triggerOperator;
TriggerThreshold = triggerThreshold;
EventGroupingSettings = eventGroupingSettings;
AlertRuleTemplateName = alertRuleTemplateName;
TemplateVersion = templateVersion;
Description = description;
Query = query;
DisplayName = displayName;
Enabled = enabled;
LastModifiedUtc = lastModifiedUtc;
SuppressionDuration = suppressionDuration;
SuppressionEnabled = suppressionEnabled;
Severity = severity;
Tactics = tactics;
IncidentConfiguration = incidentConfiguration;
CustomDetails = customDetails;
EntityMappings = entityMappings;
AlertDetailsOverride = alertDetailsOverride;
CustomInit();
}
/// <summary>
/// Validate the object.
/// </summary>
/// <exception cref="ValidationException">
/// Thrown if validation fails
/// </exception>
public virtual void Validate()
{
if (DisplayName == null)
{
throw new ValidationException(ValidationRules.CannotBeNull, "DisplayName");
}
if (IncidentConfiguration != null)
{
IncidentConfiguration.Validate();
}
}
/// <summary>
/// Initializes a new instance of the QueryBasedAlertRuleProperties
/// class.
/// </summary>
/// <param name="displayName">The display name for alerts created by
/// this alert rule.</param>
/// <param name="enabled">Determines whether this alert rule is enabled
/// or disabled.</param>
/// <param name="suppressionDuration">The suppression (in ISO 8601
/// duration format) to wait since last time this alert rule been
/// triggered.</param>
/// <param name="suppressionEnabled">Determines whether the suppression
/// for this alert rule is enabled or disabled.</param>
/// <param name="alertRuleTemplateName">The Name of the alert rule
/// template used to create this rule.</param>
/// <param name="templateVersion">The version of the alert rule
/// template used to create this rule - in format <a.b.c>, where
/// all are numbers, for example 0 <1.0.2></param>
/// <param name="description">The description of the alert
/// rule.</param>
/// <param name="query">The query that creates alerts for this
/// rule.</param>
/// <param name="lastModifiedUtc">The last time that this alert rule
/// has been modified.</param>
/// <param name="severity">The severity for alerts created by this
/// alert rule. Possible values include: 'High', 'Medium', 'Low',
/// 'Informational'</param>
/// <param name="tactics">The tactics of the alert rule</param>
/// <param name="incidentConfiguration">The settings of the incidents
/// that created from alerts triggered by this analytics rule</param>
/// <param name="customDetails">Dictionary of string key-value pairs of
/// columns to be attached to the alert</param>
/// <param name="entityMappings">Array of the entity mappings of the
/// alert rule</param>
/// <param name="alertDetailsOverride">The alert details override
/// settings</param>
public QueryBasedAlertRuleProperties(string displayName, bool enabled, System.TimeSpan suppressionDuration, bool suppressionEnabled, string alertRuleTemplateName = default(string), string templateVersion = default(string), string description = default(string), string query = default(string), System.DateTime?lastModifiedUtc = default(System.DateTime?), string severity = default(string), IList <string> tactics = default(IList <string>), IncidentConfiguration incidentConfiguration = default(IncidentConfiguration), IDictionary <string, string> customDetails = default(IDictionary <string, string>), IList <EntityMapping> entityMappings = default(IList <EntityMapping>), AlertDetailsOverride alertDetailsOverride = default(AlertDetailsOverride))
{
AlertRuleTemplateName = alertRuleTemplateName;
TemplateVersion = templateVersion;
Description = description;
Query = query;
DisplayName = displayName;
Enabled = enabled;
LastModifiedUtc = lastModifiedUtc;
SuppressionDuration = suppressionDuration;
SuppressionEnabled = suppressionEnabled;
Severity = severity;
Tactics = tactics;
IncidentConfiguration = incidentConfiguration;
CustomDetails = customDetails;
EntityMappings = entityMappings;
AlertDetailsOverride = alertDetailsOverride;
CustomInit();
}
/// <summary>
/// Initializes a new instance of the NrtAlertRule class.
/// </summary>
/// <param name="query">The query that creates alerts for this
/// rule.</param>
/// <param name="displayName">The display name for alerts created by
/// this alert rule.</param>
/// <param name="enabled">Determines whether this alert rule is enabled
/// or disabled.</param>
/// <param name="suppressionDuration">The suppression (in ISO 8601
/// duration format) to wait since last time this alert rule been
/// triggered.</param>
/// <param name="suppressionEnabled">Determines whether the suppression
/// for this alert rule is enabled or disabled.</param>
/// <param name="severity">The severity for alerts created by this
/// alert rule. Possible values include: 'High', 'Medium', 'Low',
/// 'Informational'</param>
/// <param name="id">Fully qualified resource ID for the resource. Ex -
/// /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}</param>
/// <param name="name">The name of the resource</param>
/// <param name="type">The type of the resource. E.g.
/// "Microsoft.Compute/virtualMachines" or
/// "Microsoft.Storage/storageAccounts"</param>
/// <param name="systemData">Azure Resource Manager metadata containing
/// createdBy and modifiedBy information.</param>
/// <param name="etag">Etag of the azure resource</param>
/// <param name="alertRuleTemplateName">The Name of the alert rule
/// template used to create this rule.</param>
/// <param name="templateVersion">The version of the alert rule
/// template used to create this rule - in format <a.b.c>, where
/// all are numbers, for example 0 <1.0.2></param>
/// <param name="description">The description of the alert
/// rule.</param>
/// <param name="tactics">The tactics of the alert rule</param>
/// <param name="techniques">The techniques of the alert rule</param>
/// <param name="lastModifiedUtc">The last time that this alert rule
/// has been modified.</param>
/// <param name="incidentConfiguration">The settings of the incidents
/// that created from alerts triggered by this analytics rule</param>
/// <param name="customDetails">Dictionary of string key-value pairs of
/// columns to be attached to the alert</param>
/// <param name="entityMappings">Array of the entity mappings of the
/// alert rule</param>
/// <param name="alertDetailsOverride">The alert details override
/// settings</param>
public NrtAlertRule(string query, string displayName, bool enabled, System.TimeSpan suppressionDuration, bool suppressionEnabled, string severity, string id = default(string), string name = default(string), string type = default(string), SystemData systemData = default(SystemData), string etag = default(string), string alertRuleTemplateName = default(string), string templateVersion = default(string), string description = default(string), IList <string> tactics = default(IList <string>), IList <string> techniques = default(IList <string>), System.DateTime?lastModifiedUtc = default(System.DateTime?), IncidentConfiguration incidentConfiguration = default(IncidentConfiguration), IDictionary <string, string> customDetails = default(IDictionary <string, string>), IList <EntityMapping> entityMappings = default(IList <EntityMapping>), AlertDetailsOverride alertDetailsOverride = default(AlertDetailsOverride))
: base(id, name, type, systemData, etag)
{
AlertRuleTemplateName = alertRuleTemplateName;
TemplateVersion = templateVersion;
Description = description;
Query = query;
Tactics = tactics;
Techniques = techniques;
DisplayName = displayName;
Enabled = enabled;
LastModifiedUtc = lastModifiedUtc;
SuppressionDuration = suppressionDuration;
SuppressionEnabled = suppressionEnabled;
Severity = severity;
IncidentConfiguration = incidentConfiguration;
CustomDetails = customDetails;
EntityMappings = entityMappings;
AlertDetailsOverride = alertDetailsOverride;
CustomInit();
}