| notificationId |
string |
Unique identifier for this notification delivery. |
| type |
string |
Notification type identifier. |
| tsg_id |
string |
Tenant Service Group identifier indicating which tenant context the incident belongs to. |
| severity |
string |
Severity classification of the security incident. |
| title |
string |
Brief title summarizing the incident. |
| description |
string |
Detailed description of the incident including affected resources, detection context, and recommended actions. |
| timestamp |
string |
Timestamp when the incident was detected. |
| category |
string |
Incident category such as threat, policy_violation, anomaly, or data_loss. |
| affectedResources |
array |
List of resources affected by the incident. |
| callbackUrl |
string |
Direct link to the incident in the SASE management console. |