Package com.microsoft.graph.security.models

Class ProcessEvidence

java.lang.Object
com.microsoft.graph.security.models.AlertEvidence
com.microsoft.graph.security.models.ProcessEvidence
All Implemented Interfaces:
com.microsoft.graph.serializer.IJsonBackedObject
public class ProcessEvidence extends AlertEvidence implements com.microsoft.graph.serializer.IJsonBackedObject
The class for the Process Evidence.

  • Field Details

    • detectionStatus

      @SerializedName(value="detectionStatus", alternate="DetectionStatus") @Expose @Nullable public DetectionStatus detectionStatus
      The Detection Status. The status of the detection.The possible values are: detected, blocked, prevented, unknownFutureValue.

    • imageFile

      @SerializedName(value="imageFile", alternate="ImageFile") @Expose @Nullable public FileDetails imageFile
      The Image File. Image file details.

    • mdeDeviceId

      @SerializedName(value="mdeDeviceId", alternate="MdeDeviceId") @Expose @Nullable public String mdeDeviceId
      The Mde Device Id. A unique identifier assigned to a device by Microsoft Defender for Endpoint.

    • parentProcessCreationDateTime

      @SerializedName(value="parentProcessCreationDateTime", alternate="ParentProcessCreationDateTime") @Expose @Nullable public OffsetDateTime parentProcessCreationDateTime
      The Parent Process Creation Date Time. Date and time when the parent of the process was created. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z.

    • parentProcessId

      @SerializedName(value="parentProcessId", alternate="ParentProcessId") @Expose @Nullable public Long parentProcessId
      The Parent Process Id. Process ID (PID) of the parent process that spawned the process.

    • parentProcessImageFile

      @SerializedName(value="parentProcessImageFile", alternate="ParentProcessImageFile") @Expose @Nullable public FileDetails parentProcessImageFile
      The Parent Process Image File. Parent process image file details.

    • processCommandLine

      @SerializedName(value="processCommandLine", alternate="ProcessCommandLine") @Expose @Nullable public String processCommandLine
      The Process Command Line. Command line used to create the new process.

    • processCreationDateTime

      @SerializedName(value="processCreationDateTime", alternate="ProcessCreationDateTime") @Expose @Nullable public OffsetDateTime processCreationDateTime
      The Process Creation Date Time. Date and time when the process was created. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z.

    • processId

      @SerializedName(value="processId", alternate="ProcessId") @Expose @Nullable public Long processId
      The Process Id. Process ID (PID) of the newly created process.

    • userAccount

      @SerializedName(value="userAccount", alternate="UserAccount") @Expose @Nullable public UserAccount userAccount
      The User Account. User details of the user that ran the process.

  • Constructor Details

    • ProcessEvidence

      public ProcessEvidence()

  • Method Details

    • setRawObject

      public void setRawObject(@Nonnull com.microsoft.graph.serializer.ISerializer serializer, @Nonnull com.google.gson.JsonObject json)
      Sets the raw JSON object
      Specified by:
      setRawObject in interface com.microsoft.graph.serializer.IJsonBackedObject
      Overrides:
      setRawObject in class AlertEvidence
      Parameters:
      serializer - the serializer
      json - the JSON object to set this object to