REST Resource: organizations.environments.securityIncidents

Resource: SecurityIncident

Represents an SecurityIncident resource.

JSON representation
{
  "name": string,
  "displayName": string,
  "firstDetectedTime": string,
  "lastDetectedTime": string,
  "detectionTypes": [
    string
  ],
  "trafficCount": string,
  "riskLevel": enum (RiskLevel),
  "observability": enum (Observability),
  "lastObservabilityChangeTime": string
}
Fields
name

string

Immutable. Name of the security incident resource. Format: organizations/{org}/environments/{environment}/securityIncidents/{incident} Example: organizations/apigee-org/environments/dev/securityIncidents/1234-5678-9101-1111

displayName

string

Optional. Display name of the security incident.

firstDetectedTime

string (Timestamp format)

Output only. The time when events associated with the incident were first detected.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

lastDetectedTime

string (Timestamp format)

Output only. The time when events associated with the incident were last detected.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

detectionTypes[]

string

Output only. Detection types which are part of the incident. Examples: Flooder, OAuth Abuser, Static Content Scraper, Anomaly Detection.

trafficCount

string (int64 format)

Total traffic detected as part of the incident.

riskLevel

enum (RiskLevel)

Output only. Risk level of the incident.

observability

enum (Observability)

Optional. Indicates if the user archived this incident.

lastObservabilityChangeTime

string (Timestamp format)

Output only. The time when the incident observability was last changed.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

RiskLevel

RiskLevel indicates the severity of the incident.

Enums
RISK_LEVEL_UNSPECIFIED Risk Level Unspecified.
LOW Risk level of the incident is low.
MODERATE Risk level of the incident is moderate.
SEVERE Risk level of the incident is severe.

Observability

The current observability of the incident.

Enums
OBSERVABILITY_UNSPECIFIED The incident observability is unspecified.
ACTIVE The incident is currently active. Can change to this status from archived.
ARCHIVED The incident is currently archived and was archived by the customer.

Methods

batchUpdate

BatchUpdateSecurityIncident updates multiple existing security incidents.

get

GetSecurityIncident gets the specified security incident.

list

ListSecurityIncidents lists all the security incident associated with the environment.

patch

UpdateSecurityIncidents updates an existing security incident.