Package com.microsoft.graph.models

Class RiskDetection

java.lang.Object
com.microsoft.graph.models.Entity
com.microsoft.graph.models.RiskDetection
All Implemented Interfaces:
com.microsoft.kiota.serialization.AdditionalDataHolder, com.microsoft.kiota.serialization.Parsable, com.microsoft.kiota.store.BackedModel
@Generated("com.microsoft.kiota") public class RiskDetection extends Entity implements com.microsoft.kiota.serialization.Parsable

  • Constructor Details

    • RiskDetection

      public RiskDetection()
      Instantiates a new RiskDetection and sets the default values.

  • Method Details

    • createFromDiscriminatorValue

      @Nonnull public static RiskDetection createFromDiscriminatorValue(@Nonnull com.microsoft.kiota.serialization.ParseNode parseNode)
      Creates a new instance of the appropriate class based on discriminator value
      Parameters:
      parseNode - The parse node to use to read the discriminator value and create the object
      Returns:
      a RiskDetection

    • getActivity

      @Nullable public ActivityType getActivity()
      Gets the activity property value. Indicates the activity type the detected risk is linked to. Possible values are: signin, user, unknownFutureValue.
      Returns:
      a ActivityType

    • getActivityDateTime

      @Nullable public OffsetDateTime getActivityDateTime()
      Gets the activityDateTime property value. Date and time that the risky activity occurred. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is look like this: 2014-01-01T00:00:00Z
      Returns:
      a OffsetDateTime

    • getAdditionalInfo

      @Nullable public String getAdditionalInfo()
      Gets the additionalInfo property value. Additional information associated with the risk detection in JSON format. For example, '[{/'Key/':/'userAgent/',/'Value/':/'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36/'}]'. Possible keys in the additionalInfo JSON string are: userAgent, alertUrl, relatedEventTimeInUtc, relatedUserAgent, deviceInformation, relatedLocation, requestId, correlationId, lastActivityTimeInUtc, malwareName, clientLocation, clientIp, riskReasons. For more information about riskReasons and possible values, see riskReasons values.
      Returns:
      a String

    • getCorrelationId

      @Nullable public String getCorrelationId()
      Gets the correlationId property value. Correlation ID of the sign-in associated with the risk detection. This property is null if the risk detection is not associated with a sign-in.
      Returns:
      a String

    • getDetectedDateTime

      @Nullable public OffsetDateTime getDetectedDateTime()
      Gets the detectedDateTime property value. Date and time that the risk was detected. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 looks like this: 2014-01-01T00:00:00Z
      Returns:
      a OffsetDateTime

    • getDetectionTimingType

      @Nullable public RiskDetectionTimingType getDetectionTimingType()
      Gets the detectionTimingType property value. Timing of the detected risk (real-time/offline). Possible values are: notDefined, realtime, nearRealtime, offline, unknownFutureValue.
      Returns:
      a RiskDetectionTimingType

    • getFieldDeserializers

      @Nonnull public Map<String,Consumer<com.microsoft.kiota.serialization.ParseNode>> getFieldDeserializers()
      The deserialization information for the current model
      Specified by:
      getFieldDeserializers in interface com.microsoft.kiota.serialization.Parsable
      Overrides:
      getFieldDeserializers in class Entity
      Returns:
      a Map<String,Consumer<com.microsoft.kiota.serialization.ParseNode>>

    • getIpAddress

      @Nullable public String getIpAddress()
      Gets the ipAddress property value. Provides the IP address of the client from where the risk occurred.
      Returns:
      a String

    • getLastUpdatedDateTime

      @Nullable public OffsetDateTime getLastUpdatedDateTime()
      Gets the lastUpdatedDateTime property value. Date and time that the risk detection was last updated. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is look like this: 2014-01-01T00:00:00Z
      Returns:
      a OffsetDateTime

    • getLocation

      @Nullable public SignInLocation getLocation()
      Gets the location property value. Location of the sign-in.
      Returns:
      a SignInLocation

    • getRequestId

      @Nullable public String getRequestId()
      Gets the requestId property value. Request ID of the sign-in associated with the risk detection. This property is null if the risk detection is not associated with a sign-in.
      Returns:
      a String

    • getRiskDetail

      @Nullable public RiskDetail getRiskDetail()
      Gets the riskDetail property value. Details of the detected risk. The possible values are: none, adminGeneratedTemporaryPassword, userChangedPasswordOnPremises, userPerformedSecuredPasswordChange, userPerformedSecuredPasswordReset, adminConfirmedSigninSafe, aiConfirmedSigninSafe, userPassedMFADrivenByRiskBasedPolicy, adminDismissedAllRiskForUser, adminConfirmedSigninCompromised, hidden, adminConfirmedUserCompromised, unknownFutureValue, m365DAdminDismissedDetection. Use the Prefer: include - unknown -enum-members request header to get the following value(s) in this evolvable enum: m365DAdminDismissedDetection.
      Returns:
      a RiskDetail

    • getRiskEventType

      @Nullable public String getRiskEventType()
      Gets the riskEventType property value. The type of risk event detected. The possible values are adminConfirmedUserCompromised, anomalousToken, anomalousUserActivity, anonymizedIPAddress, generic, impossibleTravel, investigationsThreatIntelligence, suspiciousSendingPatterns, leakedCredentials, maliciousIPAddress,malwareInfectedIPAddress, mcasSuspiciousInboxManipulationRules, newCountry, passwordSpray,riskyIPAddress, suspiciousAPITraffic, suspiciousBrowser,suspiciousInboxForwarding, suspiciousIPAddress, tokenIssuerAnomaly, unfamiliarFeatures, unlikelyTravel. If the risk detection is a premium detection, will show generic. For more information about each value, see Risk types and detection.
      Returns:
      a String

    • getRiskLevel

      @Nullable public RiskLevel getRiskLevel()
      Gets the riskLevel property value. Level of the detected risk. Possible values are: low, medium, high, hidden, none, unknownFutureValue.
      Returns:
      a RiskLevel

    • getRiskState

      @Nullable public RiskState getRiskState()
      Gets the riskState property value. The state of a detected risky user or sign-in. Possible values are: none, confirmedSafe, remediated, dismissed, atRisk, confirmedCompromised, unknownFutureValue.
      Returns:
      a RiskState

    • getSource

      @Nullable public String getSource()
      Gets the source property value. Source of the risk detection. For example, activeDirectory.
      Returns:
      a String

    • getTokenIssuerType

      @Nullable public TokenIssuerType getTokenIssuerType()
      Gets the tokenIssuerType property value. Indicates the type of token issuer for the detected sign-in risk. Possible values are: AzureAD, ADFederationServices, UnknownFutureValue.
      Returns:
      a TokenIssuerType

    • getUserDisplayName

      @Nullable public String getUserDisplayName()
      Gets the userDisplayName property value. The user principal name (UPN) of the user.
      Returns:
      a String

    • getUserId

      @Nullable public String getUserId()
      Gets the userId property value. Unique ID of the user.
      Returns:
      a String

    • getUserPrincipalName

      @Nullable public String getUserPrincipalName()
      Gets the userPrincipalName property value. The user principal name (UPN) of the user.
      Returns:
      a String

    • serialize

      public void serialize(@Nonnull com.microsoft.kiota.serialization.SerializationWriter writer)
      Serializes information the current object
      Specified by:
      serialize in interface com.microsoft.kiota.serialization.Parsable
      Overrides:
      serialize in class Entity
      Parameters:
      writer - Serialization writer to use to serialize this model

    • setActivity

      public void setActivity(@Nullable ActivityType value)
      Sets the activity property value. Indicates the activity type the detected risk is linked to. Possible values are: signin, user, unknownFutureValue.
      Parameters:
      value - Value to set for the activity property.

    • setActivityDateTime

      public void setActivityDateTime(@Nullable OffsetDateTime value)
      Sets the activityDateTime property value. Date and time that the risky activity occurred. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is look like this: 2014-01-01T00:00:00Z
      Parameters:
      value - Value to set for the activityDateTime property.

    • setAdditionalInfo

      public void setAdditionalInfo(@Nullable String value)
      Sets the additionalInfo property value. Additional information associated with the risk detection in JSON format. For example, '[{/'Key/':/'userAgent/',/'Value/':/'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36/'}]'. Possible keys in the additionalInfo JSON string are: userAgent, alertUrl, relatedEventTimeInUtc, relatedUserAgent, deviceInformation, relatedLocation, requestId, correlationId, lastActivityTimeInUtc, malwareName, clientLocation, clientIp, riskReasons. For more information about riskReasons and possible values, see riskReasons values.
      Parameters:
      value - Value to set for the additionalInfo property.

    • setCorrelationId

      public void setCorrelationId(@Nullable String value)
      Sets the correlationId property value. Correlation ID of the sign-in associated with the risk detection. This property is null if the risk detection is not associated with a sign-in.
      Parameters:
      value - Value to set for the correlationId property.

    • setDetectedDateTime

      public void setDetectedDateTime(@Nullable OffsetDateTime value)
      Sets the detectedDateTime property value. Date and time that the risk was detected. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 looks like this: 2014-01-01T00:00:00Z
      Parameters:
      value - Value to set for the detectedDateTime property.

    • setDetectionTimingType

      public void setDetectionTimingType(@Nullable RiskDetectionTimingType value)
      Sets the detectionTimingType property value. Timing of the detected risk (real-time/offline). Possible values are: notDefined, realtime, nearRealtime, offline, unknownFutureValue.
      Parameters:
      value - Value to set for the detectionTimingType property.

    • setIpAddress

      public void setIpAddress(@Nullable String value)
      Sets the ipAddress property value. Provides the IP address of the client from where the risk occurred.
      Parameters:
      value - Value to set for the ipAddress property.

    • setLastUpdatedDateTime

      public void setLastUpdatedDateTime(@Nullable OffsetDateTime value)
      Sets the lastUpdatedDateTime property value. Date and time that the risk detection was last updated. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is look like this: 2014-01-01T00:00:00Z
      Parameters:
      value - Value to set for the lastUpdatedDateTime property.

    • setLocation

      public void setLocation(@Nullable SignInLocation value)
      Sets the location property value. Location of the sign-in.
      Parameters:
      value - Value to set for the location property.

    • setRequestId

      public void setRequestId(@Nullable String value)
      Sets the requestId property value. Request ID of the sign-in associated with the risk detection. This property is null if the risk detection is not associated with a sign-in.
      Parameters:
      value - Value to set for the requestId property.

    • setRiskDetail

      public void setRiskDetail(@Nullable RiskDetail value)
      Sets the riskDetail property value. Details of the detected risk. The possible values are: none, adminGeneratedTemporaryPassword, userChangedPasswordOnPremises, userPerformedSecuredPasswordChange, userPerformedSecuredPasswordReset, adminConfirmedSigninSafe, aiConfirmedSigninSafe, userPassedMFADrivenByRiskBasedPolicy, adminDismissedAllRiskForUser, adminConfirmedSigninCompromised, hidden, adminConfirmedUserCompromised, unknownFutureValue, m365DAdminDismissedDetection. Use the Prefer: include - unknown -enum-members request header to get the following value(s) in this evolvable enum: m365DAdminDismissedDetection.
      Parameters:
      value - Value to set for the riskDetail property.

    • setRiskEventType

      public void setRiskEventType(@Nullable String value)
      Sets the riskEventType property value. The type of risk event detected. The possible values are adminConfirmedUserCompromised, anomalousToken, anomalousUserActivity, anonymizedIPAddress, generic, impossibleTravel, investigationsThreatIntelligence, suspiciousSendingPatterns, leakedCredentials, maliciousIPAddress,malwareInfectedIPAddress, mcasSuspiciousInboxManipulationRules, newCountry, passwordSpray,riskyIPAddress, suspiciousAPITraffic, suspiciousBrowser,suspiciousInboxForwarding, suspiciousIPAddress, tokenIssuerAnomaly, unfamiliarFeatures, unlikelyTravel. If the risk detection is a premium detection, will show generic. For more information about each value, see Risk types and detection.
      Parameters:
      value - Value to set for the riskEventType property.

    • setRiskLevel

      public void setRiskLevel(@Nullable RiskLevel value)
      Sets the riskLevel property value. Level of the detected risk. Possible values are: low, medium, high, hidden, none, unknownFutureValue.
      Parameters:
      value - Value to set for the riskLevel property.

    • setRiskState

      public void setRiskState(@Nullable RiskState value)
      Sets the riskState property value. The state of a detected risky user or sign-in. Possible values are: none, confirmedSafe, remediated, dismissed, atRisk, confirmedCompromised, unknownFutureValue.
      Parameters:
      value - Value to set for the riskState property.

    • setSource

      public void setSource(@Nullable String value)
      Sets the source property value. Source of the risk detection. For example, activeDirectory.
      Parameters:
      value - Value to set for the source property.

    • setTokenIssuerType

      public void setTokenIssuerType(@Nullable TokenIssuerType value)
      Sets the tokenIssuerType property value. Indicates the type of token issuer for the detected sign-in risk. Possible values are: AzureAD, ADFederationServices, UnknownFutureValue.
      Parameters:
      value - Value to set for the tokenIssuerType property.

    • setUserDisplayName

      public void setUserDisplayName(@Nullable String value)
      Sets the userDisplayName property value. The user principal name (UPN) of the user.
      Parameters:
      value - Value to set for the userDisplayName property.

    • setUserId

      public void setUserId(@Nullable String value)
      Sets the userId property value. Unique ID of the user.
      Parameters:
      value - Value to set for the userId property.

    • setUserPrincipalName

      public void setUserPrincipalName(@Nullable String value)
      Sets the userPrincipalName property value. The user principal name (UPN) of the user.
      Parameters:
      value - Value to set for the userPrincipalName property.