Class: DatadogAPIClient::V2::EntityRiskScoresAPI

Inherits:

Object

• Object
• DatadogAPIClient::V2::EntityRiskScoresAPI

Defined in:

lib/datadog_api_client/v2/api/entity_risk_scores_api.rb

Instance Attribute Summary

• #api_client ⇒ Object

  Returns the value of attribute api_client.

Instance Method Summary

• #get_entity_risk_score(entity_id, opts = {}) ⇒ Object

  Get Entity Risk Score.

• #get_entity_risk_score_with_http_info(entity_id, opts = {}) ⇒ Array<(SecurityEntityRiskScoreResponse, Integer, Hash)>

  Get Entity Risk Score.

• #initialize(api_client = DatadogAPIClient::APIClient.default) ⇒ EntityRiskScoresAPI constructor

  A new instance of EntityRiskScoresAPI.

• #list_entity_risk_scores(opts = {}) ⇒ Object

  List Entity Risk Scores.

• #list_entity_risk_scores_with_http_info(opts = {}) ⇒ Array<(SecurityEntityRiskScoresResponse, Integer, Hash)>

  List Entity Risk Scores.

Constructor Details

#initialize(api_client = DatadogAPIClient::APIClient.default) ⇒ EntityRiskScoresAPI

Returns a new instance of EntityRiskScoresAPI.

# File 'lib/datadog_api_client/v2/api/entity_risk_scores_api.rb', line 22

def initialize(api_client = DatadogAPIClient::APIClient.default)
  @api_client = api_client
end

Instance Attribute Details

#api_client ⇒ Object

Returns the value of attribute api_client.

# File 'lib/datadog_api_client/v2/api/entity_risk_scores_api.rb', line 20

def api_client
  @api_client
end

Instance Method Details

#get_entity_risk_score(entity_id, opts = {}) ⇒ Object

Get Entity Risk Score.

See Also:

• #get_entity_risk_score_with_http_info

# File 'lib/datadog_api_client/v2/api/entity_risk_scores_api.rb', line 29

def get_entity_risk_score(entity_id, opts = {})
  data, _status_code, _headers = get_entity_risk_score_with_http_info(entity_id, opts)
  data
end

#get_entity_risk_score_with_http_info(entity_id, opts = {}) ⇒ Array<(SecurityEntityRiskScoreResponse, Integer, Hash)>

Get Entity Risk Score.

Get the risk score for a specific entity by its ID. Returns security risk assessment including risk score, severity, detected signals, misconfigurations, and identity risks.

Parameters:

• entity_id (String) —

  The URL-encoded unique identifier for the entity.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityEntityRiskScoreResponse, Integer, Hash)>) —

  SecurityEntityRiskScoreResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/entity_risk_scores_api.rb', line 41

def get_entity_risk_score_with_http_info(entity_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_entity_risk_score".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_entity_risk_score")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_entity_risk_score"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: EntityRiskScoresAPI.get_entity_risk_score ...'
  end
  # verify the required parameter 'entity_id' is set
  if @api_client.config.client_side_validation && entity_id.nil?
    fail ArgumentError, "Missing the required parameter 'entity_id' when calling EntityRiskScoresAPI.get_entity_risk_score"
  end
  # resource path
  local_var_path = '/api/v2/security-entities/risk-scores/{entity_id}'.sub('{entity_id}', CGI.escape(entity_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityEntityRiskScoreResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_entity_risk_score,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: EntityRiskScoresAPI#get_entity_risk_score\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_entity_risk_scores(opts = {}) ⇒ Object

List Entity Risk Scores.

See Also:

• #list_entity_risk_scores_with_http_info

# File 'lib/datadog_api_client/v2/api/entity_risk_scores_api.rb', line 100

def list_entity_risk_scores(opts = {})
  data, _status_code, _headers = list_entity_risk_scores_with_http_info(opts)
  data
end

#list_entity_risk_scores_with_http_info(opts = {}) ⇒ Array<(SecurityEntityRiskScoresResponse, Integer, Hash)>

List Entity Risk Scores.

Get a list of entity risk scores for your organization. Entity risk scores provide security risk assessment for entities like cloud resources, identities, or services based on detected signals, misconfigurations, and identity risks.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :from (Integer) —

  Start time for the query in Unix timestamp (milliseconds). Defaults to 2 weeks ago.

• :to (Integer) —

  End time for the query in Unix timestamp (milliseconds). Defaults to now.

• :page_size (Integer) —

  Size of the page to return. Maximum is 1000.

• :page_number (Integer) —

  Page number to return (1-indexed).

• :page_query_id (String) —

  Query ID for pagination consistency.

• :filter_sort (String) —

  Sort order for results. Format: field:direction where direction is asc or desc. Supported fields: riskScore, lastDetected, firstDetected, entityName, signalsDetected.

• :filter_query (String) —

  Supports filtering by entity attributes, risk scores, severity, and more. Example: severity:critical AND entityType:aws_iam_user

• :entity_type (Array<String>) —

  Filter by entity type(s). Can specify multiple values.

Returns:

• (Array<(SecurityEntityRiskScoresResponse, Integer, Hash)>) —

  SecurityEntityRiskScoresResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/entity_risk_scores_api.rb', line 119

def list_entity_risk_scores_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_entity_risk_scores".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_entity_risk_scores")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_entity_risk_scores"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: EntityRiskScoresAPI.list_entity_risk_scores ...'
  end
  # resource path
  local_var_path = '/api/v2/security-entities/risk-scores'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'from'] = opts[:'from'] if !opts[:'from'].nil?
  query_params[:'to'] = opts[:'to'] if !opts[:'to'].nil?
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'page[queryId]'] = opts[:'page_query_id'] if !opts[:'page_query_id'].nil?
  query_params[:'filter[sort]'] = opts[:'filter_sort'] if !opts[:'filter_sort'].nil?
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?
  query_params[:'entityType'] = @api_client.build_collection_param(opts[:'entity_type'], :multi) if !opts[:'entity_type'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityEntityRiskScoresResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :list_entity_risk_scores,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )
  new_options[:query_string_normalizer] = HTTParty::Request::NON_RAILS_QUERY_STRING_NORMALIZER

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: EntityRiskScoresAPI#list_entity_risk_scores\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end