Resource: SecurityIncident
Represents an SecurityIncident resource.
JSON representation |
---|
{ "name": string, "displayName": string, "firstDetectedTime": string, "lastDetectedTime": string, "detectionTypes": [ string ], "trafficCount": string, "riskLevel": enum ( |
Fields | |
---|---|
name |
Immutable. Name of the security incident resource. Format: organizations/{org}/environments/{environment}/securityIncidents/{incident} Example: organizations/apigee-org/environments/dev/securityIncidents/1234-5678-9101-1111 |
displayName |
Optional. Display name of the security incident. |
firstDetectedTime |
Output only. The time when events associated with the incident were first detected. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
lastDetectedTime |
Output only. The time when events associated with the incident were last detected. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
detectionTypes[] |
Output only. Detection types which are part of the incident. Examples: Flooder, OAuth Abuser, Static Content Scraper, Anomaly Detection. |
trafficCount |
Total traffic detected as part of the incident. |
riskLevel |
Output only. Risk level of the incident. |
observability |
Optional. Indicates if the user archived this incident. |
lastObservabilityChangeTime |
Output only. The time when the incident observability was last changed. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
RiskLevel
RiskLevel indicates the severity of the incident.
Enums | |
---|---|
RISK_LEVEL_UNSPECIFIED |
Risk Level Unspecified. |
LOW |
Risk level of the incident is low. |
MODERATE |
Risk level of the incident is moderate. |
SEVERE |
Risk level of the incident is severe. |
Observability
The current observability of the incident.
Enums | |
---|---|
OBSERVABILITY_UNSPECIFIED |
The incident observability is unspecified. |
ACTIVE |
The incident is currently active. Can change to this status from archived. |
ARCHIVED |
The incident is currently archived and was archived by the customer. |
Methods |
|
---|---|
|
BatchUpdateSecurityIncident updates multiple existing security incidents. |
|
GetSecurityIncident gets the specified security incident. |
|
ListSecurityIncidents lists all the security incident associated with the environment. |
|
UpdateSecurityIncidents updates an existing security incident. |