[ { "kind": "it:rule:detection", "predicate": { "id": "b73fc7b3-af84-48b6-bb2f-f3afd115a453", "definition": {}, "patterns": [ {} ], "predicates": [ {} ], "lists": [ {} ] }, "actions": [ [ { "kind": "it:rule:action:kind:incident", "parameters": { "probability": 0.15, "impact": 0.1, "score": 0.015, "urgency": 0.2, "severity": "incident:severity:100:low" } }, { "kind": "it:rule:action:kind:notification", "parameters": { "target": { "id": "someUUID" } } } ], [ { "kind": "it:rule:action:kind:incident", "parameters": { "probability": 0.15, "impact": 0.1, "score": 0.015, "urgency": 0.2, "severity": "incident:severity:100:low" } }, { "kind": "it:rule:action:kind:notification", "parameters": { "target": { "id": "someUUID" } } } ], [ { "kind": "it:rule:action:kind:incident", "parameters": { "probability": 0.15, "impact": 0.1, "score": 0.015, "urgency": 0.2, "severity": "incident:severity:100:low" } }, { "kind": "it:rule:action:kind:notification", "parameters": { "target": { "id": "someUUID" } } } ], [ { "kind": "it:rule:action:kind:incident", "parameters": { "probability": 0.15, "impact": 0.1, "score": 0.015, "urgency": 0.2, "severity": "incident:severity:100:low" } }, { "kind": "it:rule:action:kind:notification", "parameters": { "target": { "id": "someUUID" } } } ], [ { "kind": "it:rule:action:kind:incident", "parameters": { "probability": 0.15, "impact": 0.1, "score": 0.015, "urgency": 0.2, "severity": "incident:severity:100:low" } }, { "kind": "it:rule:action:kind:notification", "parameters": { "target": { "id": "someUUID" } } } ], [ { "kind": "it:rule:action:kind:incident", "parameters": { "probability": 0.15, "impact": 0.1, "score": 0.015, "urgency": 0.2, "severity": "incident:severity:100:low" } }, { "kind": "it:rule:action:kind:notification", "parameters": { "target": { "id": "someUUID" } } } ], [ { "kind": "it:rule:action:kind:incident", "parameters": { "probability": 0.15, "impact": 0.1, "score": 0.015, "urgency": 0.2, "severity": "incident:severity:100:low" } }, { "kind": "it:rule:action:kind:notification", "parameters": { "target": { "id": "someUUID" } } } ], [ { "kind": "it:rule:action:kind:incident", "parameters": { "probability": 0.15, "impact": 0.1, "score": 0.015, "urgency": 0.2, "severity": "incident:severity:100:low" } }, { "kind": "it:rule:action:kind:notification", "parameters": { "target": { "id": "someUUID" } } } ], [ { "kind": "it:rule:action:kind:incident", "parameters": { "probability": 0.15, "impact": 0.1, "score": 0.015, "urgency": 0.2, "severity": "incident:severity:100:low" } }, { "kind": "it:rule:action:kind:notification", "parameters": { "target": { "id": "someUUID" } } } ], [ { "kind": "it:rule:action:kind:incident", "parameters": { "probability": 0.15, "impact": 0.1, "score": 0.015, "urgency": 0.2, "severity": "incident:severity:100:low" } }, { "kind": "it:rule:action:kind:notification", "parameters": { "target": { "id": "someUUID" } } } ] ], "target": { "defaults": [ { "kind": "endpoint:agent", "overlay": true } ], "realms": [ { "id": "b73fc7b3-af84-48b6-bb2f-f3afd115a453", "overlay": true } ] }, "options": { "filter": { "simple": { "include": [ { "activity.clumps.primary.item.designations": [ "it:activity:clump:item:first", "it:activity:clump:item:intermediate", "it:activity:clump:item:last" ] } ] } } }, "details": { "name": "USA Part Codes", "description": "Two-letter codes of all USA parts including states, territories and the DC" }, "alias": "USA_PART_CODES", "iver": 319, "sver": "1.2.3", "createdAt": "2018-04-12T16:36:51.700Z", "createdBy": { "principal": { "id": "b73fc7b3-af84-48b6-bb2f-f3afd115a453" } }, "updatedAt": "2018-04-12T16:36:51.700Z", "updatedBy": { "principal": { "id": "b73fc7b3-af84-48b6-bb2f-f3afd115a453" } }, "tenant": 123456789, "extent": "tenant", "status": "active", "tags": [ "rules", "windows", "agent" ], "id": "b73fc7b3-af84-48b6-bb2f-f3afd115a453" }]
Preview this Workflow on desktop