Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Namespace: microsoft.graph.networkaccess
Important
APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.
Represents a rule that defines how to evaluate and respond to specific threat intelligence matches in network traffic through Global Secure Access. These rules determine what action to take when traffic matches specified threat intelligence criteria.
Inherits from microsoft.graph.networkaccess.policyRule.
Methods
| Method | Return type | Description |
|---|---|---|
| List | microsoft.graph.networkaccess.threatIntelligenceRule collection | Get a list of the threatIntelligencePolicyRule objects and their properties. |
| Create | microsoft.graph.networkaccess.policyRule | Create a new threatIntelligencePolicyRule object. |
| Get | microsoft.graph.networkaccess.threatIntelligenceRule | Read the properties and relationships of a threatIntelligenceRule object. |
| Update | microsoft.graph.networkaccess.threatIntelligenceRule | Update the properties of a threatIntelligenceRule object. |
| Delete | None | Delete a threatIntelligenceRule object. |
Properties
| Property | Type | Description |
|---|---|---|
| action | microsoft.graph.networkaccess.threatIntelligenceAction | The action to take when network traffic matches this rule's conditions. The possible values are: allow, block, unknownFutureValue. Supports $filter (eq). |
| description | String | A description of the threat intelligence rule. Supports $filter (eq). |
| id | String | The unique identifier for the threat intelligence rule. Inherited from microsoft.graph.networkaccess.policyRule. Inherits from entity. Supports $filter (eq). |
| matchingConditions | microsoft.graph.networkaccess.threatIntelligenceMatchingConditions | Conditions that define what network traffic should be evaluated by this rule. |
| name | String | The display name of the threat intelligence rule. Inherited from microsoft.graph.networkaccess.policyRule. Supports $filter (eq). |
| priority | Int64 | The priority of the rule which determines the order of rule evaluation. Lower values indicate higher priority. Supports $filter (eq). |
| settings | microsoft.graph.networkaccess.threatIntelligenceRuleSettings | Settings that define how the threat intelligence rule operates and is enforced. |
Relationships
None.
JSON representation
The following JSON representation shows the resource type.
{
"@odata.type": "#microsoft.graph.networkaccess.threatIntelligenceRule",
"id": "String (identifier)",
"name": "String",
"description": "String",
"action": "String",
"priority": "Integer",
"settings": {
"@odata.type": "microsoft.graph.networkaccess.threatIntelligenceRuleSettings"
},
"matchingConditions": {
"@odata.type": "microsoft.graph.networkaccess.threatIntelligenceMatchingConditions"
}
}