Skip to main content

Alert Data Model

The Alert data model is a security finding that serves as a notification of potential risks identified within your organization’s environments. It includes details on the affected resources and the nature of the risk. It extends the Finding data model.

The following table details the default attributes of the Alert data model:

Attribute NameAttribute TypeRelationship TypeRequired
ageInDaysCalculated (Number)N/ANo
assessmentReference (Assessment)DISCOVERED_INNo
attachmentsAttachmentsN/ANo
baseRiskScoreCalculated (Number)N/ANo
categoriesText (Multivalued)N/ANo
commentsCommentsN/ANo
complianceStatusSingle ChoiceN/ANo
confidenceSingle ChoiceN/ANo
connectorCategoriesText (Multivalued)N/ANo
connectorNamesText (Multivalued)N/ANo
createdByTextN/ANo
dataIntegrationTitlesText (Multivalued)N/ANo
dataModelNameCalculated (Text)N/ANo
dateCreatedDate TimeN/ANo
daysToFixCalculated (Number)N/ANo
descriptionTextN/ANo
displayNameCalculated (Text)N/AYes
dueDateCalculated (Date Time)N/ANo
extendedDueDateDate TimeN/ANo
firstFoundDate TimeN/ANo
flowStateTextN/ANo
informedUsersCategoryN/ANo
lastFixedDate TimeN/ANo
lastFoundDate TimeN/ANo
lastUpdatedDate TimeN/ANo
nameTextN/ANo
remediationOwnerCategoryN/ANo
remediationSLANumberN/ANo
resultsTextN/ANo
riskFactorOffsetCalculated (Number)N/ANo
riskFactorsRisk FactorsN/ANo
riskOwnerCategoryN/ANo
riskRatingCalculated (Single Choice)N/ANo
riskScoreCalculated (Number)N/ANo
riskScoringModelRisk Scoring ModelN/ANo
severitySingle ChoiceN/ANo
slaCalculated (Number)N/ANo
slaDefinitionSLAN/ANo
slaLevelCalculated (Text)N/ANo
sourcesReference (Source model)SOURCED_FROMNo
sourcesIconsSource data models iconsN/ANo
sourceUidsText (Multivalued)N/ANo
statusStatusN/ANo
statusCategorySingle ChoiceN/ANo
summaryTextN/ANo
targetsReference (Asset)HASNo
typeReference (Alert definition)ISNo
uidTextN/AYes
updatedByTextN/ANo
FOOTNOTES
  • The attribute names are used in Brinqa Query Language (BQL) queries and Brinqa Condition Language (BCL) predicates.
  • In the Type column, Calculated means that the value of the attribute is computed by executing a script. The text in the parentheses after Calculated denotes the type of the outcome.
  • In the Type column, Reference means that two data models are related. The name in the parentheses after Reference indicates the other data model.
  • The Relationship Type column only applies to the Reference type attributes. You can use the relationship type keyword in BQL queries.