Espacio de nombres: microsoft.graph
Importante
Las API de la versión /beta de Microsoft Graph están sujetas a cambios. No se admite el uso de estas API en aplicaciones de producción. Para determinar si una API está disponible en la versión 1.0, use el selector de Versión.
Actualice varias alertas en una solicitud en lugar de varias solicitudes.
Esta API está disponible en las siguientes implementaciones nacionales de nube.
| Servicio global |
Gobierno de EE. UU. L4 |
Us Government L5 (DOD) |
China operada por 21Vianet |
| ✅ |
❌ |
❌ |
❌ |
Permissions
Elija el permiso o los permisos marcados como con privilegios mínimos para esta API. Use un permiso o permisos con privilegios superiores solo si la aplicación lo requiere. Para obtener más información sobre los permisos delegados y de aplicación, consulte Tipos de permisos. Para obtener más información sobre estos permisos, consulte la referencia de permisos.
| Tipo de permiso |
Permisos con privilegios mínimos |
Permisos con privilegios más altos |
| Delegado (cuenta profesional o educativa) |
SecurityEvents.ReadWrite.All |
No disponible. |
| Delegado (cuenta personal de Microsoft) |
No admitida. |
No admitida. |
| Aplicación |
SecurityEvents.ReadWrite.All |
No disponible. |
Solicitud HTTP
POST /security/alerts/updateAlerts
Cuerpo de la solicitud
En el cuerpo de la solicitud, proporcione un objeto JSON con los siguientes parámetros. Cada entidad debe tener propiedades id y vendorInformation . Para obtener más información sobre las propiedades que se pueden actualizar, consulte Actualizar alerta.
| Parámetro |
Tipo |
Descripción |
| value |
Colección alert |
Colección de alertas que se van a actualizar. Cada entidad debe tener id, vendorInformation y otras propiedades modificables que se van a actualizar. |
Respuesta
Si se ejecuta correctamente, este método devuelve 200, OK el código de respuesta y el objeto de colección de alertas en el cuerpo de la respuesta.
Ejemplos
En el siguiente ejemplo se muestra cómo llamar a esta API.
Solicitud
En el ejemplo siguiente se muestra la solicitud.
POST https://graph.microsoft.com/beta/security/alerts/updateAlerts
Content-type: application/json
{
"value": [
{
"assignedTo": "String",
"closedDateTime": "String (timestamp)",
"comments": ["String"],
"feedback": {"@odata.type": "microsoft.graph.alertFeedback"},
"id": "String (identifier)",
"status": {"@odata.type": "microsoft.graph.alertStatus"},
"tags": ["String"],
"vendorInformation":
{
"provider": "String",
"vendor": "String"
}
}
]
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Security.Alerts.UpdateAlerts;
using Microsoft.Graph.Beta.Models;
var requestBody = new UpdateAlertsPostRequestBody
{
Value = new List<Alert>
{
new Alert
{
AssignedTo = "String",
ClosedDateTime = DateTimeOffset.Parse("String (timestamp)"),
Comments = new List<string>
{
"String",
},
Feedback = new AlertFeedback
{
AdditionalData = new Dictionary<string, object>
{
{
"@odata.type" , "microsoft.graph.alertFeedback"
},
},
},
Id = "String (identifier)",
Status = new AlertStatus
{
AdditionalData = new Dictionary<string, object>
{
{
"@odata.type" , "microsoft.graph.alertStatus"
},
},
},
Tags = new List<string>
{
"String",
},
VendorInformation = new SecurityVendorInformation
{
Provider = "String",
Vendor = "String",
},
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Security.Alerts.UpdateAlerts.PostAsUpdateAlertsPostResponseAsync(requestBody);
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphsecurity "github.com/microsoftgraph/msgraph-beta-sdk-go/security"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphsecurity.NewUpdateAlertsPostRequestBody()
alert := graphmodels.NewAlert()
assignedTo := "String"
alert.SetAssignedTo(&assignedTo)
closedDateTime , err := time.Parse(time.RFC3339, "String (timestamp)")
alert.SetClosedDateTime(&closedDateTime)
comments := []string {
"String",
}
alert.SetComments(comments)
feedback := graphmodels.NewAlertFeedback()
additionalData := map[string]interface{}{
}
feedback.SetAdditionalData(additionalData)
alert.SetFeedback(feedback)
id := "String (identifier)"
alert.SetId(&id)
status := graphmodels.NewAlertStatus()
additionalData := map[string]interface{}{
}
status.SetAdditionalData(additionalData)
alert.SetStatus(status)
tags := []string {
"String",
}
alert.SetTags(tags)
vendorInformation := graphmodels.NewSecurityVendorInformation()
provider := "String"
vendorInformation.SetProvider(&provider)
vendor := "String"
vendorInformation.SetVendor(&vendor)
alert.SetVendorInformation(vendorInformation)
value := []graphmodels.Alertable {
alert,
}
requestBody.SetValue(value)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
updateAlerts, err := graphClient.Security().Alerts().UpdateAlerts().PostAsUpdateAlertsPostResponse(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
com.microsoft.graph.beta.security.alerts.updatealerts.UpdateAlertsPostRequestBody updateAlertsPostRequestBody = new com.microsoft.graph.beta.security.alerts.updatealerts.UpdateAlertsPostRequestBody();
LinkedList<Alert> value = new LinkedList<Alert>();
Alert alert = new Alert();
alert.setAssignedTo("String");
OffsetDateTime closedDateTime = OffsetDateTime.parse("String (timestamp)");
alert.setClosedDateTime(closedDateTime);
LinkedList<String> comments = new LinkedList<String>();
comments.add("String");
alert.setComments(comments);
AlertFeedback feedback = new AlertFeedback();
HashMap<String, Object> additionalData = new HashMap<String, Object>();
additionalData.put("@odata.type", "microsoft.graph.alertFeedback");
feedback.setAdditionalData(additionalData);
alert.setFeedback(feedback);
alert.setId("String (identifier)");
AlertStatus status = new AlertStatus();
HashMap<String, Object> additionalData1 = new HashMap<String, Object>();
additionalData1.put("@odata.type", "microsoft.graph.alertStatus");
status.setAdditionalData(additionalData1);
alert.setStatus(status);
LinkedList<String> tags = new LinkedList<String>();
tags.add("String");
alert.setTags(tags);
SecurityVendorInformation vendorInformation = new SecurityVendorInformation();
vendorInformation.setProvider("String");
vendorInformation.setVendor("String");
alert.setVendorInformation(vendorInformation);
value.add(alert);
updateAlertsPostRequestBody.setValue(value);
var result = graphClient.security().alerts().updateAlerts().post(updateAlertsPostRequestBody);
const options = {
authProvider,
};
const client = Client.init(options);
const alert = {
value: [
{
assignedTo: 'String',
closedDateTime: 'String (timestamp)',
comments: ['String'],
feedback: {'@odata.type': 'microsoft.graph.alertFeedback'},
id: 'String (identifier)',
status: {'@odata.type': 'microsoft.graph.alertStatus'},
tags: ['String'],
vendorInformation:
{
provider: 'String',
vendor: 'String'
}
}
]
};
await client.api('/security/alerts/updateAlerts')
.version('beta')
.post(alert);
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Security\Alerts\UpdateAlerts\UpdateAlertsPostRequestBody;
use Microsoft\Graph\Beta\Generated\Models\Alert;
use Microsoft\Graph\Beta\Generated\Models\AlertFeedback;
use Microsoft\Graph\Beta\Generated\Models\AlertStatus;
use Microsoft\Graph\Beta\Generated\Models\SecurityVendorInformation;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new UpdateAlertsPostRequestBody();
$valueAlert1 = new Alert();
$valueAlert1->setAssignedTo('String');
$valueAlert1->setClosedDateTime(new \DateTime('String (timestamp)'));
$valueAlert1->setComments(['String', ]);
$valueAlert1Feedback = new AlertFeedback();
$additionalData = [
'@odata.type' => 'microsoft.graph.alertFeedback',
];
$valueAlert1Feedback->setAdditionalData($additionalData);
$valueAlert1->setFeedback($valueAlert1Feedback);
$valueAlert1->setId('String (identifier)');
$valueAlert1Status = new AlertStatus();
$additionalData = [
'@odata.type' => 'microsoft.graph.alertStatus',
];
$valueAlert1Status->setAdditionalData($additionalData);
$valueAlert1->setStatus($valueAlert1Status);
$valueAlert1->setTags(['String', ]);
$valueAlert1VendorInformation = new SecurityVendorInformation();
$valueAlert1VendorInformation->setProvider('String');
$valueAlert1VendorInformation->setVendor('String');
$valueAlert1->setVendorInformation($valueAlert1VendorInformation);
$valueArray []= $valueAlert1;
$requestBody->setValue($valueArray);
$result = $graphServiceClient->security()->alerts()->updateAlerts()->post($requestBody)->wait();
Import-Module Microsoft.Graph.Beta.Security
$params = @{
value = @(
@{
assignedTo = "String"
closedDateTime = [System.DateTime]::Parse("String (timestamp)")
comments = @(
"String"
)
feedback = @{
"@odata.type" = "microsoft.graph.alertFeedback"
}
id = "String (identifier)"
status = @{
"@odata.type" = "microsoft.graph.alertStatus"
}
tags = @(
"String"
)
vendorInformation = @{
provider = "String"
vendor = "String"
}
}
)
}
Update-MgBetaSecurityAlertMultiple -BodyParameter $params
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.security.alerts.update_alerts.update_alerts_post_request_body import UpdateAlertsPostRequestBody
from msgraph_beta.generated.models.alert import Alert
from msgraph_beta.generated.models.alert_feedback import AlertFeedback
from msgraph_beta.generated.models.alert_status import AlertStatus
from msgraph_beta.generated.models.security_vendor_information import SecurityVendorInformation
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = UpdateAlertsPostRequestBody(
value = [
Alert(
assigned_to = "String",
closed_date_time = "String (timestamp)",
comments = [
"String",
],
feedback = AlertFeedback(
additional_data = {
"@odata_type" : "microsoft.graph.alertFeedback",
}
),
id = "String (identifier)",
status = AlertStatus(
additional_data = {
"@odata_type" : "microsoft.graph.alertStatus",
}
),
tags = [
"String",
],
vendor_information = SecurityVendorInformation(
provider = "String",
vendor = "String",
),
),
],
)
result = await graph_client.security.alerts.update_alerts.post(request_body)
Respuesta
En el ejemplo siguiente se muestra la respuesta.
Nota:
El objeto de respuesta que se muestra aquí puede estar acortado para mejorar la legibilidad.
HTTP/1.1 200 OK
Content-type: application/json
{
"value": [
{
"activityGroupName": "activityGroupName-value",
"assignedTo": "assignedTo-value",
"azureSubscriptionId": "azureSubscriptionId-value",
"azureTenantId": "azureTenantId-value",
"category": "category-value",
"closedDateTime": "datetime-value"
}
]
}