Package com.microsoft.graph.security.models

Class DeviceEvidence

java.lang.Object
com.microsoft.graph.security.models.AlertEvidence
com.microsoft.graph.security.models.DeviceEvidence
All Implemented Interfaces:
com.microsoft.graph.serializer.IJsonBackedObject
public class DeviceEvidence extends AlertEvidence implements com.microsoft.graph.serializer.IJsonBackedObject
The class for the Device Evidence.

  • Field Details

    • azureAdDeviceId

      @SerializedName(value="azureAdDeviceId", alternate="AzureAdDeviceId") @Expose @Nullable public String azureAdDeviceId
      The Azure Ad Device Id. A unique identifier assigned to a device by Azure Active Directory (Azure AD) when device is Azure AD-joined.

    • defenderAvStatus

      @SerializedName(value="defenderAvStatus", alternate="DefenderAvStatus") @Expose @Nullable public DefenderAvStatus defenderAvStatus
      The Defender Av Status. State of the Defender AntiMalware engine. The possible values are: notReporting, disabled, notUpdated, updated, unknown, notSupported, unknownFutureValue.

    • deviceDnsName

      @SerializedName(value="deviceDnsName", alternate="DeviceDnsName") @Expose @Nullable public String deviceDnsName
      The Device Dns Name. The fully qualified domain name (FQDN) for the device.

    • firstSeenDateTime

      @SerializedName(value="firstSeenDateTime", alternate="FirstSeenDateTime") @Expose @Nullable public OffsetDateTime firstSeenDateTime
      The First Seen Date Time. The date and time when the device was first seen.

    • healthStatus

      @SerializedName(value="healthStatus", alternate="HealthStatus") @Expose @Nullable public DeviceHealthStatus healthStatus
      The Health Status. The health state of the device.The possible values are: active, inactive, impairedCommunication, noSensorData, noSensorDataImpairedCommunication, unknown, unknownFutureValue.

    • ipInterfaces

      @SerializedName(value="ipInterfaces", alternate="IpInterfaces") @Expose @Nullable public List<String> ipInterfaces
      The Ip Interfaces.

    • loggedOnUsers

      @SerializedName(value="loggedOnUsers", alternate="LoggedOnUsers") @Expose @Nullable public List<LoggedOnUser> loggedOnUsers
      The Logged On Users. Users that were logged on the machine during the time of the alert.

    • mdeDeviceId

      @SerializedName(value="mdeDeviceId", alternate="MdeDeviceId") @Expose @Nullable public String mdeDeviceId
      The Mde Device Id. A unique identifier assigned to a device by Microsoft Defender for Endpoint.

    • onboardingStatus

      @SerializedName(value="onboardingStatus", alternate="OnboardingStatus") @Expose @Nullable public OnboardingStatus onboardingStatus
      The Onboarding Status. The status of the machine onboarding to Microsoft Defender for Endpoint.The possible values are: insufficientInfo, onboarded, canBeOnboarded, unsupported, unknownFutureValue.

    • osBuild

      @SerializedName(value="osBuild", alternate="OsBuild") @Expose @Nullable public Long osBuild
      The Os Build. The build version for the operating system the device is running.

    • osPlatform

      @SerializedName(value="osPlatform", alternate="OsPlatform") @Expose @Nullable public String osPlatform
      The Os Platform. The operating system platform the device is running.

    • rbacGroupId

      @SerializedName(value="rbacGroupId", alternate="RbacGroupId") @Expose @Nullable public Integer rbacGroupId
      The Rbac Group Id. The ID of the role-based access control (RBAC) device group.

    • rbacGroupName

      @SerializedName(value="rbacGroupName", alternate="RbacGroupName") @Expose @Nullable public String rbacGroupName
      The Rbac Group Name. The name of the RBAC device group.

    • riskScore

      @SerializedName(value="riskScore", alternate="RiskScore") @Expose @Nullable public DeviceRiskScore riskScore
      The Risk Score. Risk score as evaluated by Microsoft Defender for Endpoint. The possible values are: none, informational, low, medium, high, unknownFutureValue.

    • version

      @SerializedName(value="version", alternate="Version") @Expose @Nullable public String version
      The Version. The version of the operating system platform.

    • vmMetadata

      @SerializedName(value="vmMetadata", alternate="VmMetadata") @Expose @Nullable public VmMetadata vmMetadata
      The Vm Metadata. Metadata of the virtual machine (VM) on which Microsoft Defender for Endpoint is running.

  • Constructor Details

    • DeviceEvidence

      public DeviceEvidence()

  • Method Details

    • setRawObject

      public void setRawObject(@Nonnull com.microsoft.graph.serializer.ISerializer serializer, @Nonnull com.google.gson.JsonObject json)
      Sets the raw JSON object
      Specified by:
      setRawObject in interface com.microsoft.graph.serializer.IJsonBackedObject
      Overrides:
      setRawObject in class AlertEvidence
      Parameters:
      serializer - the serializer
      json - the JSON object to set this object to