Class: DatadogAPIClient::V2::SecurityMonitoringAPI

Inherits:

Object

• Object
• DatadogAPIClient::V2::SecurityMonitoringAPI

Defined in:

lib/datadog_api_client/v2/api/security_monitoring_api.rb

Instance Attribute Summary

• #api_client ⇒ Object

  Returns the value of attribute api_client.

Instance Method Summary

• #activate_content_pack(content_pack_id, opts = {}) ⇒ Object

  Activate content pack.

• #activate_content_pack_with_http_info(content_pack_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Activate content pack.

• #attach_case(case_id, body, opts = {}) ⇒ Object

  Attach security findings to a case.

• #attach_case_with_http_info(case_id, body, opts = {}) ⇒ Array<(FindingCaseResponse, Integer, Hash)>

  Attach security findings to a case.

• #attach_jira_issue(body, opts = {}) ⇒ Object

  Attach security findings to a Jira issue.

• #attach_jira_issue_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponse, Integer, Hash)>

  Attach security findings to a Jira issue.

• #attach_service_now_ticket(body, opts = {}) ⇒ Object

  Attach security findings to a ServiceNow ticket.

• #attach_service_now_ticket_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponse, Integer, Hash)>

  Attach security findings to a ServiceNow ticket.

• #batch_get_security_monitoring_dataset_dependencies(body, opts = {}) ⇒ Object

  Get dataset dependencies.

• #batch_get_security_monitoring_dataset_dependencies_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringDatasetDependenciesResponse, Integer, Hash)>

  Get dataset dependencies.

• #bulk_convert_existing_security_monitoring_rules(body, opts = {}) ⇒ Object

  Bulk convert rules to Terraform.

• #bulk_convert_existing_security_monitoring_rules_with_http_info(body, opts = {}) ⇒ Array<(File, Integer, Hash)>

  Bulk convert rules to Terraform.

• #bulk_create_sample_log_generation_subscriptions(body, opts = {}) ⇒ Object

  Bulk subscribe to sample log generation.

• #bulk_create_sample_log_generation_subscriptions_with_http_info(body, opts = {}) ⇒ Array<(SampleLogGenerationBulkSubscriptionResponse, Integer, Hash)>

  Bulk subscribe to sample log generation.

• #bulk_delete_security_monitoring_rules(body, opts = {}) ⇒ Object

  Bulk delete security monitoring rules.

• #bulk_delete_security_monitoring_rules_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleBulkDeleteResponse, Integer, Hash)>

  Bulk delete security monitoring rules.

• #bulk_edit_security_monitoring_signals(body, opts = {}) ⇒ Object

  Bulk update security signals.

• #bulk_edit_security_monitoring_signals_assignee(body, opts = {}) ⇒ Object

  Bulk update triage assignee of security signals.

• #bulk_edit_security_monitoring_signals_assignee_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>

  Bulk update triage assignee of security signals.

• #bulk_edit_security_monitoring_signals_state(body, opts = {}) ⇒ Object

  Bulk update triage state of security signals.

• #bulk_edit_security_monitoring_signals_state_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>

  Bulk update triage state of security signals.

• #bulk_edit_security_monitoring_signals_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>

  Bulk update security signals.

• #bulk_export_security_monitoring_rules(body, opts = {}) ⇒ Object

  Bulk export security monitoring rules.

• #bulk_export_security_monitoring_rules_with_http_info(body, opts = {}) ⇒ Array<(File, Integer, Hash)>

  Bulk export security monitoring rules.

• #bulk_export_security_monitoring_terraform_resources(resource_type, body, opts = {}) ⇒ Object

  Export security monitoring resources to Terraform.

• #bulk_export_security_monitoring_terraform_resources_with_http_info(resource_type, body, opts = {}) ⇒ Array<(File, Integer, Hash)>

  Export security monitoring resources to Terraform.

• #cancel_historical_job(job_id, opts = {}) ⇒ Object

  Cancel a historical job.

• #cancel_historical_job_with_http_info(job_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Cancel a historical job.

• #convert_existing_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

  Convert an existing rule from JSON to Terraform.

• #convert_existing_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>

  Convert an existing rule from JSON to Terraform.

• #convert_job_result_to_signal(body, opts = {}) ⇒ Object

  Convert a job result to a signal.

• #convert_job_result_to_signal_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Convert a job result to a signal.

• #convert_security_monitoring_rule_from_json_to_terraform(body, opts = {}) ⇒ Object

  Convert a rule from JSON to Terraform.

• #convert_security_monitoring_rule_from_json_to_terraform_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>

  Convert a rule from JSON to Terraform.

• #convert_security_monitoring_terraform_resource(resource_type, body, opts = {}) ⇒ Object

  Convert security monitoring resource to Terraform.

• #convert_security_monitoring_terraform_resource_with_http_info(resource_type, body, opts = {}) ⇒ Array<(SecurityMonitoringTerraformExportResponse, Integer, Hash)>

  Convert security monitoring resource to Terraform.

• #create_cases(body, opts = {}) ⇒ Object

  Create cases for security findings.

• #create_cases_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponseArray, Integer, Hash)>

  Create cases for security findings.

• #create_custom_framework(body, opts = {}) ⇒ Object

  Create a custom framework.

• #create_custom_framework_with_http_info(body, opts = {}) ⇒ Array<(CreateCustomFrameworkResponse, Integer, Hash)>

  Create a custom framework.

• #create_jira_issues(body, opts = {}) ⇒ Object

  Create Jira issues for security findings.

• #create_jira_issues_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponseArray, Integer, Hash)>

  Create Jira issues for security findings.

• #create_sample_log_generation_subscription(body, opts = {}) ⇒ Object

  Subscribe to sample log generation.

• #create_sample_log_generation_subscription_with_http_info(body, opts = {}) ⇒ Array<(SampleLogGenerationSubscriptionResponse, Integer, Hash)>

  Subscribe to sample log generation.

• #create_security_filter(body, opts = {}) ⇒ Object

  Create a security filter.

• #create_security_filter_with_http_info(body, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

  Create a security filter.

• #create_security_monitoring_critical_asset(body, opts = {}) ⇒ Object

  Create a critical asset.

• #create_security_monitoring_critical_asset_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

  Create a critical asset.

• #create_security_monitoring_dataset(body, opts = {}) ⇒ Object

  Create a dataset.

• #create_security_monitoring_dataset_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringDatasetCreateResponse, Integer, Hash)>

  Create a dataset.

• #create_security_monitoring_integration_config(body, opts = {}) ⇒ Object

  Create an entity context sync configuration.

• #create_security_monitoring_integration_config_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringIntegrationConfigResponse, Integer, Hash)>

  Create an entity context sync configuration.

• #create_security_monitoring_rule(body, opts = {}) ⇒ Object

  Create a detection rule.

• #create_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

  Create a detection rule.

• #create_security_monitoring_suppression(body, opts = {}) ⇒ Object

  Create a suppression rule.

• #create_security_monitoring_suppression_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

  Create a suppression rule.

• #create_service_now_tickets(body, opts = {}) ⇒ Object

  Create ServiceNow tickets for security findings.

• #create_service_now_tickets_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponseArray, Integer, Hash)>

  Create ServiceNow tickets for security findings.

• #create_signal_notification_rule(body, opts = {}) ⇒ Object

  Create a new signal-based notification rule.

• #create_signal_notification_rule_with_http_info(body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Create a new signal-based notification rule.

• #create_static_analysis_ast(body, opts = {}) ⇒ Object

  Get AST for source code.

• #create_static_analysis_ast_with_http_info(body, opts = {}) ⇒ Array<(GetAstResponse, Integer, Hash)>

  Get AST for source code.

• #create_static_analysis_server_analysis(body, opts = {}) ⇒ Object

  Analyze code.

• #create_static_analysis_server_analysis_with_http_info(body, opts = {}) ⇒ Array<(AnalysisResponse, Integer, Hash)>

  Analyze code.

• #create_vulnerability_notification_rule(body, opts = {}) ⇒ Object

  Create a new vulnerability-based notification rule.

• #create_vulnerability_notification_rule_with_http_info(body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Create a new vulnerability-based notification rule.

• #deactivate_content_pack(content_pack_id, opts = {}) ⇒ Object

  Deactivate content pack.

• #deactivate_content_pack_with_http_info(content_pack_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Deactivate content pack.

• #delete_custom_framework(handle, version, opts = {}) ⇒ Object

  Delete a custom framework.

• #delete_custom_framework_with_http_info(handle, version, opts = {}) ⇒ Array<(DeleteCustomFrameworkResponse, Integer, Hash)>

  Delete a custom framework.

• #delete_historical_job(job_id, opts = {}) ⇒ Object

  Delete an existing job.

• #delete_historical_job_with_http_info(job_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete an existing job.

• #delete_sample_log_generation_subscription(content_pack_id, opts = {}) ⇒ Object

  Unsubscribe from sample log generation.

• #delete_sample_log_generation_subscription_with_http_info(content_pack_id, opts = {}) ⇒ Array<(SampleLogGenerationSubscriptionResponse, Integer, Hash)>

  Unsubscribe from sample log generation.

• #delete_security_filter(security_filter_id, opts = {}) ⇒ Object

  Delete a security filter.

• #delete_security_filter_with_http_info(security_filter_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a security filter.

• #delete_security_monitoring_critical_asset(critical_asset_id, opts = {}) ⇒ Object

  Delete a critical asset.

• #delete_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a critical asset.

• #delete_security_monitoring_dataset(dataset_id, opts = {}) ⇒ Object

  Delete a dataset.

• #delete_security_monitoring_dataset_with_http_info(dataset_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a dataset.

• #delete_security_monitoring_integration_config(integration_config_id, opts = {}) ⇒ Object

  Delete an entity context sync configuration.

• #delete_security_monitoring_integration_config_with_http_info(integration_config_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete an entity context sync configuration.

• #delete_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

  Delete an existing rule.

• #delete_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete an existing rule.

• #delete_security_monitoring_suppression(suppression_id, opts = {}) ⇒ Object

  Delete a suppression rule.

• #delete_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a suppression rule.

• #delete_signal_notification_rule(id, opts = {}) ⇒ Object

  Delete a signal-based notification rule.

• #delete_signal_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a signal-based notification rule.

• #delete_vulnerability_notification_rule(id, opts = {}) ⇒ Object

  Delete a vulnerability-based notification rule.

• #delete_vulnerability_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a vulnerability-based notification rule.

• #detach_case(body, opts = {}) ⇒ Object

  Detach security findings from their case.

• #detach_case_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Detach security findings from their case.

• #edit_security_monitoring_signal(signal_id, body, opts = {}) ⇒ Object

  Update security signal triage state or assignee.

• #edit_security_monitoring_signal_assignee(signal_id, body, opts = {}) ⇒ Object

  Modify the triage assignee of a security signal.

• #edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

  Modify the triage assignee of a security signal.

• #edit_security_monitoring_signal_incidents(signal_id, body, opts = {}) ⇒ Object

  Change the related incidents of a security signal.

• #edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

  Change the related incidents of a security signal.

• #edit_security_monitoring_signal_state(signal_id, body, opts = {}) ⇒ Object

  Change the triage state of a security signal.

• #edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

  Change the triage state of a security signal.

• #edit_security_monitoring_signal_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

  Update security signal triage state or assignee.

• #export_security_monitoring_terraform_resource(resource_type, resource_id, opts = {}) ⇒ Object

  Export security monitoring resource to Terraform.

• #export_security_monitoring_terraform_resource_with_http_info(resource_type, resource_id, opts = {}) ⇒ Array<(SecurityMonitoringTerraformExportResponse, Integer, Hash)>

  Export security monitoring resource to Terraform.

• #get_content_packs_states(opts = {}) ⇒ Object

  Get content pack states.

• #get_content_packs_states_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringContentPackStatesResponse, Integer, Hash)>

  Get content pack states.

• #get_critical_assets_affecting_rule(rule_id, opts = {}) ⇒ Object

  Get critical assets affecting a specific rule.

• #get_critical_assets_affecting_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>

  Get critical assets affecting a specific rule.

• #get_custom_framework(handle, version, opts = {}) ⇒ Object

  Get a custom framework.

• #get_custom_framework_with_http_info(handle, version, opts = {}) ⇒ Array<(GetCustomFrameworkResponse, Integer, Hash)>

  Get a custom framework.

• #get_entity_context(opts = {}) ⇒ Object

  Get entity context.

• #get_entity_context_with_http_info(opts = {}) ⇒ Array<(EntityContextResponse, Integer, Hash)>

  Get entity context.

• #get_finding(finding_id, opts = {}) ⇒ Object

  Get a finding.

• #get_finding_with_http_info(finding_id, opts = {}) ⇒ Array<(GetFindingResponse, Integer, Hash)>

  Get a finding.

• #get_historical_job(job_id, opts = {}) ⇒ Object

  Get a job's details.

• #get_historical_job_with_http_info(job_id, opts = {}) ⇒ Array<(HistoricalJobResponse, Integer, Hash)>

  Get a job's details.

• #get_indicator_of_compromise(indicator, opts = {}) ⇒ Object

  Get an indicator of compromise.

• #get_indicator_of_compromise_with_http_info(indicator, opts = {}) ⇒ Array<(GetIoCIndicatorResponse, Integer, Hash)>

  Get an indicator of compromise.

• #get_investigation_log_queries_matching_signal(signal_id, opts = {}) ⇒ Object

  Get investigation queries for a signal.

• #get_investigation_log_queries_matching_signal_with_http_info(signal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalSuggestedActionsResponse, Integer, Hash)>

  Get investigation queries for a signal.

• #get_resource_evaluation_filters(opts = {}) ⇒ Object

  List resource filters.

• #get_resource_evaluation_filters_with_http_info(opts = {}) ⇒ Array<(GetResourceEvaluationFiltersResponse, Integer, Hash)>

  List resource filters.

• #get_rule_version_history(rule_id, opts = {}) ⇒ Object

  Get a rule's version history.

• #get_rule_version_history_with_http_info(rule_id, opts = {}) ⇒ Array<(GetRuleVersionHistoryResponse, Integer, Hash)>

  Get a rule's version history.

• #get_sbom(asset_type, filter_asset_name, opts = {}) ⇒ Object

  Get SBOM.

• #get_sbom_with_http_info(asset_type, filter_asset_name, opts = {}) ⇒ Array<(GetSBOMResponse, Integer, Hash)>

  Get SBOM.

• #get_secrets_rules(opts = {}) ⇒ Object

  Returns a list of Secrets rules.

• #get_secrets_rules_with_http_info(opts = {}) ⇒ Array<(SecretRuleArray, Integer, Hash)>

  Returns a list of Secrets rules.

• #get_security_filter(security_filter_id, opts = {}) ⇒ Object

  Get a security filter.

• #get_security_filter_with_http_info(security_filter_id, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

  Get a security filter.

• #get_security_monitoring_critical_asset(critical_asset_id, opts = {}) ⇒ Object

  Get a critical asset.

• #get_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

  Get a critical asset.

• #get_security_monitoring_dataset(dataset_id, opts = {}) ⇒ Object

  Get a dataset.

• #get_security_monitoring_dataset_by_version(dataset_id, version, opts = {}) ⇒ Object

  Get a dataset at a specific version.

• #get_security_monitoring_dataset_by_version_with_http_info(dataset_id, version, opts = {}) ⇒ Array<(SecurityMonitoringDatasetResponse, Integer, Hash)>

  Get a dataset at a specific version.

• #get_security_monitoring_dataset_version_history(dataset_id, opts = {}) ⇒ Object

  Get the version history of a dataset.

• #get_security_monitoring_dataset_version_history_with_http_info(dataset_id, opts = {}) ⇒ Array<(SecurityMonitoringDatasetVersionHistoryResponse, Integer, Hash)>

  Get the version history of a dataset.

• #get_security_monitoring_dataset_with_http_info(dataset_id, opts = {}) ⇒ Array<(SecurityMonitoringDatasetResponse, Integer, Hash)>

  Get a dataset.

• #get_security_monitoring_histsignal(histsignal_id, opts = {}) ⇒ Object

  Get a hist signal's details.

• #get_security_monitoring_histsignal_with_http_info(histsignal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalResponse, Integer, Hash)>

  Get a hist signal's details.

• #get_security_monitoring_histsignals_by_job_id(job_id, opts = {}) ⇒ Object

  Get a job's hist signals.

• #get_security_monitoring_histsignals_by_job_id_with_http_info(job_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  Get a job's hist signals.

• #get_security_monitoring_integration_config(integration_config_id, opts = {}) ⇒ Object

  Get an entity context sync configuration.

• #get_security_monitoring_integration_config_with_http_info(integration_config_id, opts = {}) ⇒ Array<(SecurityMonitoringIntegrationConfigResponse, Integer, Hash)>

  Get an entity context sync configuration.

• #get_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

  Get a rule's details.

• #get_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

  Get a rule's details.

• #get_security_monitoring_signal(signal_id, opts = {}) ⇒ Object

  Get a signal's details.

• #get_security_monitoring_signal_with_http_info(signal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalResponse, Integer, Hash)>

  Get a signal's details.

• #get_security_monitoring_suppression(suppression_id, opts = {}) ⇒ Object

  Get a suppression rule.

• #get_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

  Get a suppression rule.

• #get_signal_entities(signal_id, opts = {}) ⇒ Object

  Get entities related to a signal.

• #get_signal_entities_with_http_info(signal_id, opts = {}) ⇒ Array<(SignalEntitiesResponse, Integer, Hash)>

  Get entities related to a signal.

• #get_signal_notification_rule(id, opts = {}) ⇒ Object

  Get details of a signal-based notification rule.

• #get_signal_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Get details of a signal-based notification rule.

• #get_signal_notification_rules(opts = {}) ⇒ Object

  Get the list of signal-based notification rules.

• #get_signal_notification_rules_with_http_info(opts = {}) ⇒ Array<(NotificationRulesListResponse, Integer, Hash)>

  Get the list of signal-based notification rules.

• #get_single_entity_context(id, opts = {}) ⇒ Object

  Get a single entity context.

• #get_single_entity_context_with_http_info(id, opts = {}) ⇒ Array<(SingleEntityContextResponse, Integer, Hash)>

  Get a single entity context.

• #get_static_analysis_default_rulesets(language, opts = {}) ⇒ Object

  Get default rulesets for a language.

• #get_static_analysis_default_rulesets_with_http_info(language, opts = {}) ⇒ Array<(DefaultRulesetsPerLanguageResponse, Integer, Hash)>

  Get default rulesets for a language.

• #get_static_analysis_node_types(language, opts = {}) ⇒ Object

  Get node types for a language.

• #get_static_analysis_node_types_with_http_info(language, opts = {}) ⇒ Array<(NodeTypesResponse, Integer, Hash)>

  Get node types for a language.

• #get_static_analysis_ruleset(ruleset_name, opts = {}) ⇒ Object

  Get a SAST ruleset.

• #get_static_analysis_ruleset_with_http_info(ruleset_name, opts = {}) ⇒ Array<(SastRulesetResponse, Integer, Hash)>

  Get a SAST ruleset.

• #get_static_analysis_tree_sitter_wasm(file, opts = {}) ⇒ Object

  Get tree-sitter WASM file.

• #get_static_analysis_tree_sitter_wasm_with_http_info(file, opts = {}) ⇒ Array<(File, Integer, Hash)>

  Get tree-sitter WASM file.

• #get_suggested_actions_matching_signal(signal_id, opts = {}) ⇒ Object

  Get suggested actions for a signal.

• #get_suggested_actions_matching_signal_with_http_info(signal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalSuggestedActionsResponse, Integer, Hash)>

  Get suggested actions for a signal.

• #get_suppression_version_history(suppression_id, opts = {}) ⇒ Object

  Get a suppression's version history.

• #get_suppression_version_history_with_http_info(suppression_id, opts = {}) ⇒ Array<(GetSuppressionVersionHistoryResponse, Integer, Hash)>

  Get a suppression's version history.

• #get_suppressions_affecting_future_rule(body, opts = {}) ⇒ Object

  Get suppressions affecting future rule.

• #get_suppressions_affecting_future_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>

  Get suppressions affecting future rule.

• #get_suppressions_affecting_rule(rule_id, opts = {}) ⇒ Object

  Get suppressions affecting a specific rule.

• #get_suppressions_affecting_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>

  Get suppressions affecting a specific rule.

• #get_vulnerability_notification_rule(id, opts = {}) ⇒ Object

  Get details of a vulnerability notification rule.

• #get_vulnerability_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Get details of a vulnerability notification rule.

• #get_vulnerability_notification_rules(opts = {}) ⇒ Object

  Get the list of vulnerability notification rules.

• #get_vulnerability_notification_rules_with_http_info(opts = {}) ⇒ Array<(NotificationRulesListResponse, Integer, Hash)>

  Get the list of vulnerability notification rules.

• #initialize(api_client = DatadogAPIClient::APIClient.default) ⇒ SecurityMonitoringAPI constructor

  A new instance of SecurityMonitoringAPI.

• #list_assets_sbo_ms(opts = {}) ⇒ Object

  List assets SBOMs.

• #list_assets_sbo_ms_with_http_info(opts = {}) ⇒ Array<(ListAssetsSBOMsResponse, Integer, Hash)>

  List assets SBOMs.

• #list_findings(opts = {}) ⇒ Object

  List findings.

• #list_findings_with_http_info(opts = {}) ⇒ Array<(ListFindingsResponse, Integer, Hash)>

  List findings.

• #list_findings_with_pagination(opts = {}) {|Finding| ... } ⇒ Object

  List findings.

• #list_historical_jobs(opts = {}) ⇒ Object

  List historical jobs.

• #list_historical_jobs_with_http_info(opts = {}) ⇒ Array<(ListHistoricalJobsResponse, Integer, Hash)>

  List historical jobs.

• #list_indicators_of_compromise(opts = {}) ⇒ Object

  List indicators of compromise.

• #list_indicators_of_compromise_with_http_info(opts = {}) ⇒ Array<(IoCExplorerListResponse, Integer, Hash)>

  List indicators of compromise.

• #list_multiple_rulesets(body, opts = {}) ⇒ Object

  Ruleset get multiple.

• #list_multiple_rulesets_with_http_info(body, opts = {}) ⇒ Array<(GetMultipleRulesetsResponse, Integer, Hash)>

  Ruleset get multiple.

• #list_sample_log_generation_subscriptions(opts = {}) ⇒ Object

  Get sample log generation subscriptions.

• #list_sample_log_generation_subscriptions_with_http_info(opts = {}) ⇒ Array<(SampleLogGenerationSubscriptionsResponse, Integer, Hash)>

  Get sample log generation subscriptions.

• #list_scanned_assets_metadata(opts = {}) ⇒ Object

  List scanned assets metadata.

• #list_scanned_assets_metadata_with_http_info(opts = {}) ⇒ Array<(ScannedAssetsMetadata, Integer, Hash)>

  List scanned assets metadata.

• #list_security_filter_versions(opts = {}) ⇒ Object

  Get the version history of security filters.

• #list_security_filter_versions_with_http_info(opts = {}) ⇒ Array<(SecurityFilterVersionsResponse, Integer, Hash)>

  Get the version history of security filters.

• #list_security_filters(opts = {}) ⇒ Object

  Get all security filters.

• #list_security_filters_with_http_info(opts = {}) ⇒ Array<(SecurityFiltersResponse, Integer, Hash)>

  Get all security filters.

• #list_security_findings(opts = {}) ⇒ Object

  List security findings.

• #list_security_findings_with_http_info(opts = {}) ⇒ Array<(ListSecurityFindingsResponse, Integer, Hash)>

  List security findings.

• #list_security_findings_with_pagination(opts = {}) {|SecurityFindingsData| ... } ⇒ Object

  List security findings.

• #list_security_monitoring_critical_assets(opts = {}) ⇒ Object

  Get all critical assets.

• #list_security_monitoring_critical_assets_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>

  Get all critical assets.

• #list_security_monitoring_datasets(opts = {}) ⇒ Object

  List datasets.

• #list_security_monitoring_datasets_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringDatasetsListResponse, Integer, Hash)>

  List datasets.

• #list_security_monitoring_histsignals(opts = {}) ⇒ Object

  List hist signals.

• #list_security_monitoring_histsignals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  List hist signals.

• #list_security_monitoring_integration_configs(opts = {}) ⇒ Object

  List entity context sync configurations.

• #list_security_monitoring_integration_configs_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringIntegrationConfigsResponse, Integer, Hash)>

  List entity context sync configurations.

• #list_security_monitoring_rules(opts = {}) ⇒ Object

  List rules.

• #list_security_monitoring_rules_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringListRulesResponse, Integer, Hash)>

  List rules.

• #list_security_monitoring_signals(opts = {}) ⇒ Object

  Get a quick list of security signals.

• #list_security_monitoring_signals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  Get a quick list of security signals.

• #list_security_monitoring_signals_with_pagination(opts = {}) {|SecurityMonitoringSignal| ... } ⇒ Object

  Get a quick list of security signals.

• #list_security_monitoring_suppressions(opts = {}) ⇒ Object

  Get all suppression rules.

• #list_security_monitoring_suppressions_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringPaginatedSuppressionsResponse, Integer, Hash)>

  Get all suppression rules.

• #list_static_analysis_codegen_rulesets(opts = {}) ⇒ Object

  List codegen rulesets.

• #list_static_analysis_codegen_rulesets_with_http_info(opts = {}) ⇒ Array<(SastRulesetsResponse, Integer, Hash)>

  List codegen rulesets.

• #list_vulnerabilities(opts = {}) ⇒ Object

  List vulnerabilities.

• #list_vulnerabilities_with_http_info(opts = {}) ⇒ Array<(ListVulnerabilitiesResponse, Integer, Hash)> deprecated Deprecated.

  This API is deprecated.

• #list_vulnerable_assets(opts = {}) ⇒ Object

  List vulnerable assets.

• #list_vulnerable_assets_with_http_info(opts = {}) ⇒ Array<(ListVulnerableAssetsResponse, Integer, Hash)>

  List vulnerable assets.

• #mute_findings(body, opts = {}) ⇒ Object

  Mute or unmute a batch of findings.

• #mute_findings_with_http_info(body, opts = {}) ⇒ Array<(BulkMuteFindingsResponse, Integer, Hash)>

  Mute or unmute a batch of findings.

• #mute_security_findings(body, opts = {}) ⇒ Object

  Mute or unmute security findings.

• #mute_security_findings_with_http_info(body, opts = {}) ⇒ Array<(MuteFindingsResponse, Integer, Hash)>

  Mute or unmute security findings.

• #patch_signal_notification_rule(id, body, opts = {}) ⇒ Object

  Patch a signal-based notification rule.

• #patch_signal_notification_rule_with_http_info(id, body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Patch a signal-based notification rule.

• #patch_vulnerability_notification_rule(id, body, opts = {}) ⇒ Object

  Patch a vulnerability-based notification rule.

• #patch_vulnerability_notification_rule_with_http_info(id, body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Patch a vulnerability-based notification rule.

• #run_historical_job(body, opts = {}) ⇒ Object

  Run a historical job.

• #run_historical_job_with_http_info(body, opts = {}) ⇒ Array<(JobCreateResponse, Integer, Hash)>

  Run a historical job.

• #search_security_findings(body, opts = {}) ⇒ Object

  Search security findings.

• #search_security_findings_with_http_info(body, opts = {}) ⇒ Array<(ListSecurityFindingsResponse, Integer, Hash)>

  Search security findings.

• #search_security_findings_with_pagination(body, opts = {}) {|SecurityFindingsData| ... } ⇒ Object

  Search security findings.

• #search_security_monitoring_histsignals(opts = {}) ⇒ Object

  Search hist signals.

• #search_security_monitoring_histsignals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  Search hist signals.

• #search_security_monitoring_signals(opts = {}) ⇒ Object

  Get a list of security signals.

• #search_security_monitoring_signals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  Get a list of security signals.

• #search_security_monitoring_signals_with_pagination(opts = {}) {|SecurityMonitoringSignal| ... } ⇒ Object

  Get a list of security signals.

• #send_security_monitoring_notification_preview(body, opts = {}) ⇒ Object

  Test a notification rule.

• #send_security_monitoring_notification_preview_with_http_info(body, opts = {}) ⇒ Array<(NotificationRulePreviewResponse, Integer, Hash)>

  Test a notification rule.

• #test_existing_security_monitoring_rule(rule_id, body, opts = {}) ⇒ Object

  Test an existing rule.

• #test_existing_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) ⇒ Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>

  Test an existing rule.

• #test_security_monitoring_rule(body, opts = {}) ⇒ Object

  Test a rule.

• #test_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>

  Test a rule.

• #update_custom_framework(handle, version, body, opts = {}) ⇒ Object

  Update a custom framework.

• #update_custom_framework_with_http_info(handle, version, body, opts = {}) ⇒ Array<(UpdateCustomFrameworkResponse, Integer, Hash)>

  Update a custom framework.

• #update_findings_assignee(body, opts = {}) ⇒ Object

  Assign or unassign security findings.

• #update_findings_assignee_with_http_info(body, opts = {}) ⇒ Array<(AssigneeResponse, Integer, Hash)>

  Assign or unassign security findings.

• #update_resource_evaluation_filters(body, opts = {}) ⇒ Object

  Update resource filters.

• #update_resource_evaluation_filters_with_http_info(body, opts = {}) ⇒ Array<(UpdateResourceEvaluationFiltersResponse, Integer, Hash)>

  Update resource filters.

• #update_security_filter(security_filter_id, body, opts = {}) ⇒ Object

  Update a security filter.

• #update_security_filter_with_http_info(security_filter_id, body, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

  Update a security filter.

• #update_security_monitoring_critical_asset(critical_asset_id, body, opts = {}) ⇒ Object

  Update a critical asset.

• #update_security_monitoring_critical_asset_with_http_info(critical_asset_id, body, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

  Update a critical asset.

• #update_security_monitoring_dataset(dataset_id, body, opts = {}) ⇒ Object

  Update a dataset.

• #update_security_monitoring_dataset_with_http_info(dataset_id, body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Update a dataset.

• #update_security_monitoring_integration_config(integration_config_id, body, opts = {}) ⇒ Object

  Update an entity context sync configuration.

• #update_security_monitoring_integration_config_with_http_info(integration_config_id, body, opts = {}) ⇒ Array<(SecurityMonitoringIntegrationConfigResponse, Integer, Hash)>

  Update an entity context sync configuration.

• #update_security_monitoring_rule(rule_id, body, opts = {}) ⇒ Object

  Update an existing rule.

• #update_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

  Update an existing rule.

• #update_security_monitoring_suppression(suppression_id, body, opts = {}) ⇒ Object

  Update a suppression rule.

• #update_security_monitoring_suppression_with_http_info(suppression_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

  Update a suppression rule.

• #validate_security_monitoring_integration_config(integration_config_id, opts = {}) ⇒ Object

  Validate an entity context sync configuration.

• #validate_security_monitoring_integration_config_with_http_info(integration_config_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Validate an entity context sync configuration.

• #validate_security_monitoring_integration_credentials(body, opts = {}) ⇒ Object

  Validate entity context sync credentials.

• #validate_security_monitoring_integration_credentials_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Validate entity context sync credentials.

• #validate_security_monitoring_rule(body, opts = {}) ⇒ Object

  Validate a detection rule.

• #validate_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Validate a detection rule.

• #validate_security_monitoring_suppression(body, opts = {}) ⇒ Object

  Validate a suppression rule.

• #validate_security_monitoring_suppression_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Validate a suppression rule.

Constructor Details

#initialize(api_client = DatadogAPIClient::APIClient.default) ⇒ SecurityMonitoringAPI

Returns a new instance of SecurityMonitoringAPI.

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 22

def initialize(api_client = DatadogAPIClient::APIClient.default)
  @api_client = api_client
end

Instance Attribute Details

#api_client ⇒ Object

Returns the value of attribute api_client.

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 20

def api_client
  @api_client
end

Instance Method Details

#activate_content_pack(content_pack_id, opts = {}) ⇒ Object

Activate content pack.

See Also:

• #activate_content_pack_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 29

def activate_content_pack(content_pack_id, opts = {})
  activate_content_pack_with_http_info(content_pack_id, opts)
  nil
end

#activate_content_pack_with_http_info(content_pack_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Activate content pack.

Activate a Cloud SIEM content pack. This operation configures the necessary log filters or security filters depending on the pricing model and updates the content pack activation state.

Parameters:

• content_pack_id (String) —

  The ID of the content pack to activate (for example, aws-cloudtrail).

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 43

def activate_content_pack_with_http_info(content_pack_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.activate_content_pack".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.activate_content_pack")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.activate_content_pack"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.activate_content_pack ...'
  end
  # verify the required parameter 'content_pack_id' is set
  if @api_client.config.client_side_validation && content_pack_id.nil?
    fail ArgumentError, "Missing the required parameter 'content_pack_id' when calling SecurityMonitoringAPI.activate_content_pack"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/content_packs/{content_pack_id}/activate'.sub('{content_pack_id}', CGI.escape(content_pack_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :activate_content_pack,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Put, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#activate_content_pack\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#attach_case(case_id, body, opts = {}) ⇒ Object

Attach security findings to a case.

See Also:

• #attach_case_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 102

def attach_case(case_id, body, opts = {})
  data, _status_code, _headers = attach_case_with_http_info(case_id, body, opts)
  data
end

#attach_case_with_http_info(case_id, body, opts = {}) ⇒ Array<(FindingCaseResponse, Integer, Hash)>

Attach security findings to a case.

Attach security findings to a case. You can attach up to 50 security findings per case. Security findings that are already attached to another case will be detached from their previous case and attached to the specified case.

Parameters:

• case_id (String) —

  Unique identifier of the case to attach security findings to

• body (AttachCaseRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(FindingCaseResponse, Integer, Hash)>) —

  FindingCaseResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 116

def attach_case_with_http_info(case_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.attach_case ...'
  end
  # verify the required parameter 'case_id' is set
  if @api_client.config.client_side_validation && case_id.nil?
    fail ArgumentError, "Missing the required parameter 'case_id' when calling SecurityMonitoringAPI.attach_case"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.attach_case"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/cases/{case_id}'.sub('{case_id}', CGI.escape(case_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'FindingCaseResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :attach_case,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#attach_case\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#attach_jira_issue(body, opts = {}) ⇒ Object

Attach security findings to a Jira issue.

See Also:

• #attach_jira_issue_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 175

def attach_jira_issue(body, opts = {})
  data, _status_code, _headers = attach_jira_issue_with_http_info(body, opts)
  data
end

#attach_jira_issue_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponse, Integer, Hash)>

Attach security findings to a Jira issue.

Attach security findings to a Jira issue by providing the Jira issue URL. You can attach up to 50 security findings per Jira issue. If the Jira issue is not linked to any case, this operation will create a case for the security findings and link the Jira issue to the newly created case. To configure the Jira integration, see Bidirectional ticket syncing with Jira. Security findings that are already attached to another Jira issue will be detached from their previous Jira issue and attached to the specified Jira issue.

Parameters:

• body (AttachJiraIssueRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(FindingCaseResponse, Integer, Hash)>) —

  FindingCaseResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 188

def attach_jira_issue_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.attach_jira_issue ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.attach_jira_issue"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/jira_issues'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'FindingCaseResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :attach_jira_issue,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#attach_jira_issue\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#attach_service_now_ticket(body, opts = {}) ⇒ Object

Attach security findings to a ServiceNow ticket.

See Also:

• #attach_service_now_ticket_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 243

def attach_service_now_ticket(body, opts = {})
  data, _status_code, _headers = attach_service_now_ticket_with_http_info(body, opts)
  data
end

#attach_service_now_ticket_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponse, Integer, Hash)>

Attach security findings to a ServiceNow ticket.

Attach security findings to a ServiceNow ticket by providing the ServiceNow ticket URL. You can attach up to 50 security findings per ServiceNow ticket. If the ServiceNow ticket is not linked to any case, this operation will create a case for the security findings and link the ServiceNow ticket to the newly created case. Security findings that are already attached to another ServiceNow ticket will be detached from their previous ServiceNow ticket and attached to the specified ServiceNow ticket.

Parameters:

• body (AttachServiceNowTicketRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(FindingCaseResponse, Integer, Hash)>) —

  FindingCaseResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 256

def attach_service_now_ticket_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.attach_service_now_ticket".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.attach_service_now_ticket")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.attach_service_now_ticket"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.attach_service_now_ticket ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.attach_service_now_ticket"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/servicenow_tickets'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'FindingCaseResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :attach_service_now_ticket,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#attach_service_now_ticket\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#batch_get_security_monitoring_dataset_dependencies(body, opts = {}) ⇒ Object

Get dataset dependencies.

See Also:

• #batch_get_security_monitoring_dataset_dependencies_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 317

def batch_get_security_monitoring_dataset_dependencies(body, opts = {})
  data, _status_code, _headers = batch_get_security_monitoring_dataset_dependencies_with_http_info(body, opts)
  data
end

#batch_get_security_monitoring_dataset_dependencies_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringDatasetDependenciesResponse, Integer, Hash)>

Get dataset dependencies.

Return, for each of the requested datasets, the list of detection rules that depend on it. Useful for understanding the impact of updating or deleting a dataset.

Parameters:

• body (SecurityMonitoringDatasetDependenciesRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringDatasetDependenciesResponse, Integer, Hash)>) —

  SecurityMonitoringDatasetDependenciesResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 330

def batch_get_security_monitoring_dataset_dependencies_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.batch_get_security_monitoring_dataset_dependencies".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.batch_get_security_monitoring_dataset_dependencies")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.batch_get_security_monitoring_dataset_dependencies"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.batch_get_security_monitoring_dataset_dependencies ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.batch_get_security_monitoring_dataset_dependencies"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/datasets/dependencies'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringDatasetDependenciesResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :batch_get_security_monitoring_dataset_dependencies,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#batch_get_security_monitoring_dataset_dependencies\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#bulk_convert_existing_security_monitoring_rules(body, opts = {}) ⇒ Object

Bulk convert rules to Terraform.

See Also:

• #bulk_convert_existing_security_monitoring_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 391

def bulk_convert_existing_security_monitoring_rules(body, opts = {})
  data, _status_code, _headers = bulk_convert_existing_security_monitoring_rules_with_http_info(body, opts)
  data
end

#bulk_convert_existing_security_monitoring_rules_with_http_info(body, opts = {}) ⇒ Array<(File, Integer, Hash)>

Bulk convert rules to Terraform.

Convert a list of existing security monitoring rules to Terraform for the Datadog provider resource datadog_security_monitoring_rule. Returns a ZIP archive containing one Terraform file per rule. You can convert rules for the following types:

• App and API Protection
• Cloud SIEM (log detection and signal correlation)
• Workload Protection

Parameters:

• body (SecurityMonitoringRuleConvertBulkPayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(File, Integer, Hash)>) —

  File data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 408

def bulk_convert_existing_security_monitoring_rules_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.bulk_convert_existing_security_monitoring_rules ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.bulk_convert_existing_security_monitoring_rules"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/convert/bulk'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/zip', 'application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'File'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :bulk_convert_existing_security_monitoring_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#bulk_convert_existing_security_monitoring_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#bulk_create_sample_log_generation_subscriptions(body, opts = {}) ⇒ Object

Bulk subscribe to sample log generation.

See Also:

• #bulk_create_sample_log_generation_subscriptions_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 463

def bulk_create_sample_log_generation_subscriptions(body, opts = {})
  data, _status_code, _headers = bulk_create_sample_log_generation_subscriptions_with_http_info(body, opts)
  data
end

#bulk_create_sample_log_generation_subscriptions_with_http_info(body, opts = {}) ⇒ Array<(SampleLogGenerationBulkSubscriptionResponse, Integer, Hash)>

Bulk subscribe to sample log generation.

Subscribe to sample log generation for multiple Cloud SIEM content packs in a single call. Each requested content pack is processed independently; the response includes a per-item status so partial successes can be inspected.

Availability: this endpoint is restricted to Cloud SIEM trial organizations on an eligible pricing model. Non-trial orgs receive 403 Forbidden, the feature flag may also reject requests with 400 Bad Request, and legacy pricing tiers receive per-item responses with status: not_available.

Parameters:

• body (SampleLogGenerationBulkSubscriptionRequest) —

  The content packs to subscribe to and the desired duration of the subscriptions.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SampleLogGenerationBulkSubscriptionResponse, Integer, Hash)>) —

  SampleLogGenerationBulkSubscriptionResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 481

def bulk_create_sample_log_generation_subscriptions_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.bulk_create_sample_log_generation_subscriptions".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.bulk_create_sample_log_generation_subscriptions")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.bulk_create_sample_log_generation_subscriptions"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.bulk_create_sample_log_generation_subscriptions ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.bulk_create_sample_log_generation_subscriptions"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/sample_log_generation/subscriptions/bulk'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SampleLogGenerationBulkSubscriptionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :bulk_create_sample_log_generation_subscriptions,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#bulk_create_sample_log_generation_subscriptions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#bulk_delete_security_monitoring_rules(body, opts = {}) ⇒ Object

Bulk delete security monitoring rules.

See Also:

• #bulk_delete_security_monitoring_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 542

def bulk_delete_security_monitoring_rules(body, opts = {})
  data, _status_code, _headers = bulk_delete_security_monitoring_rules_with_http_info(body, opts)
  data
end

#bulk_delete_security_monitoring_rules_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleBulkDeleteResponse, Integer, Hash)>

Bulk delete security monitoring rules.

Delete multiple security monitoring rules in a single request. Default rules cannot be deleted.

Parameters:

• body (SecurityMonitoringRuleBulkDeletePayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleBulkDeleteResponse, Integer, Hash)>) —

  SecurityMonitoringRuleBulkDeleteResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 554

def bulk_delete_security_monitoring_rules_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.bulk_delete_security_monitoring_rules ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.bulk_delete_security_monitoring_rules"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/bulk_delete'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleBulkDeleteResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :bulk_delete_security_monitoring_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#bulk_delete_security_monitoring_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#bulk_edit_security_monitoring_signals(body, opts = {}) ⇒ Object

Bulk update security signals.

See Also:

• #bulk_edit_security_monitoring_signals_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 609

def bulk_edit_security_monitoring_signals(body, opts = {})
  data, _status_code, _headers = bulk_edit_security_monitoring_signals_with_http_info(body, opts)
  data
end

#bulk_edit_security_monitoring_signals_assignee(body, opts = {}) ⇒ Object

Bulk update triage assignee of security signals.

See Also:

• #bulk_edit_security_monitoring_signals_assignee_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 677

def bulk_edit_security_monitoring_signals_assignee(body, opts = {})
  data, _status_code, _headers = bulk_edit_security_monitoring_signals_assignee_with_http_info(body, opts)
  data
end

#bulk_edit_security_monitoring_signals_assignee_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>

Bulk update triage assignee of security signals.

Change the triage assignees of multiple security signals at once. The maximum number of signals that can be updated in a single request is 199.

Parameters:

• body (SecurityMonitoringSignalsBulkAssigneeUpdateRequest) —

  Attributes describing the signal assignee updates.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsBulkTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 690

def bulk_edit_security_monitoring_signals_assignee_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.bulk_edit_security_monitoring_signals_assignee ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.bulk_edit_security_monitoring_signals_assignee"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/bulk/assignee'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsBulkTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :bulk_edit_security_monitoring_signals_assignee,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#bulk_edit_security_monitoring_signals_assignee\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#bulk_edit_security_monitoring_signals_state(body, opts = {}) ⇒ Object

Bulk update triage state of security signals.

See Also:

• #bulk_edit_security_monitoring_signals_state_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 745

def bulk_edit_security_monitoring_signals_state(body, opts = {})
  data, _status_code, _headers = bulk_edit_security_monitoring_signals_state_with_http_info(body, opts)
  data
end

#bulk_edit_security_monitoring_signals_state_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>

Bulk update triage state of security signals.

Change the triage states of multiple security signals at once. The maximum number of signals that can be updated in a single request is 199.

Parameters:

• body (SecurityMonitoringSignalsBulkStateUpdateRequest) —

  Attributes describing the signal state updates.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsBulkTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 758

def bulk_edit_security_monitoring_signals_state_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.bulk_edit_security_monitoring_signals_state ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.bulk_edit_security_monitoring_signals_state"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/bulk/state'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsBulkTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :bulk_edit_security_monitoring_signals_state,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#bulk_edit_security_monitoring_signals_state\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#bulk_edit_security_monitoring_signals_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>

Bulk update security signals.

Update the triage state or assignee of multiple security signals at once. The maximum number of signals that can be updated in a single request is 199.

Parameters:

• body (SecurityMonitoringSignalsBulkUpdateRequest) —

  Attributes describing the signal updates.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsBulkTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 622

def bulk_edit_security_monitoring_signals_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.bulk_edit_security_monitoring_signals ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.bulk_edit_security_monitoring_signals"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/bulk/update'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsBulkTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :bulk_edit_security_monitoring_signals,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#bulk_edit_security_monitoring_signals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#bulk_export_security_monitoring_rules(body, opts = {}) ⇒ Object

Bulk export security monitoring rules.

See Also:

• #bulk_export_security_monitoring_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 813

def bulk_export_security_monitoring_rules(body, opts = {})
  data, _status_code, _headers = bulk_export_security_monitoring_rules_with_http_info(body, opts)
  data
end

#bulk_export_security_monitoring_rules_with_http_info(body, opts = {}) ⇒ Array<(File, Integer, Hash)>

Bulk export security monitoring rules.

Export a list of security monitoring rules as a ZIP file containing JSON rule definitions. The endpoint accepts a list of rule IDs and returns a ZIP archive where each rule is saved as a separate JSON file named after the rule.

Parameters:

• body (SecurityMonitoringRuleBulkExportPayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(File, Integer, Hash)>) —

  File data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 827

def bulk_export_security_monitoring_rules_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.bulk_export_security_monitoring_rules ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.bulk_export_security_monitoring_rules"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/bulk_export'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/zip', 'application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'File'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :bulk_export_security_monitoring_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#bulk_export_security_monitoring_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#bulk_export_security_monitoring_terraform_resources(resource_type, body, opts = {}) ⇒ Object

Export security monitoring resources to Terraform.

See Also:

• #bulk_export_security_monitoring_terraform_resources_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 882

def bulk_export_security_monitoring_terraform_resources(resource_type, body, opts = {})
  data, _status_code, _headers = bulk_export_security_monitoring_terraform_resources_with_http_info(resource_type, body, opts)
  data
end

#bulk_export_security_monitoring_terraform_resources_with_http_info(resource_type, body, opts = {}) ⇒ Array<(File, Integer, Hash)>

Export security monitoring resources to Terraform.

Export multiple security monitoring resources to Terraform, packaged as a zip archive. The resource_type path parameter specifies the type of resources to export and must be one of suppressions or critical_assets. A maximum of 1000 resources can be exported in a single request.

Parameters:

• resource_type (SecurityMonitoringTerraformResourceType) —

  The type of security monitoring resource to export.

• body (SecurityMonitoringTerraformBulkExportRequest) —

  The resource IDs to export.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(File, Integer, Hash)>) —

  File data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 898

def bulk_export_security_monitoring_terraform_resources_with_http_info(resource_type, body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.bulk_export_security_monitoring_terraform_resources".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.bulk_export_security_monitoring_terraform_resources")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.bulk_export_security_monitoring_terraform_resources"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.bulk_export_security_monitoring_terraform_resources ...'
  end
  # verify the required parameter 'resource_type' is set
  if @api_client.config.client_side_validation && resource_type.nil?
    fail ArgumentError, "Missing the required parameter 'resource_type' when calling SecurityMonitoringAPI.bulk_export_security_monitoring_terraform_resources"
  end
  # verify enum value
  allowable_values = ['suppressions', 'critical_assets']
  if @api_client.config.client_side_validation && !allowable_values.include?(resource_type)
    fail ArgumentError, "invalid value for \"resource_type\", must be one of #{allowable_values}"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.bulk_export_security_monitoring_terraform_resources"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/terraform/{resource_type}/bulk'.sub('{resource_type}', CGI.escape(resource_type.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/zip', 'application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'File'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :bulk_export_security_monitoring_terraform_resources,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#bulk_export_security_monitoring_terraform_resources\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#cancel_historical_job(job_id, opts = {}) ⇒ Object

Cancel a historical job.

See Also:

• #cancel_historical_job_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 968

def cancel_historical_job(job_id, opts = {})
  cancel_historical_job_with_http_info(job_id, opts)
  nil
end

#cancel_historical_job_with_http_info(job_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Cancel a historical job.

Cancel a historical job.

Parameters:

• job_id (String) —

  The ID of the job.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 980

def cancel_historical_job_with_http_info(job_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.cancel_historical_job".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.cancel_historical_job")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.cancel_historical_job"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.cancel_historical_job ...'
  end
  # verify the required parameter 'job_id' is set
  if @api_client.config.client_side_validation && job_id.nil?
    fail ArgumentError, "Missing the required parameter 'job_id' when calling SecurityMonitoringAPI.cancel_historical_job"
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/jobs/{job_id}/cancel'.sub('{job_id}', CGI.escape(job_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :cancel_historical_job,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#cancel_historical_job\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#convert_existing_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

Convert an existing rule from JSON to Terraform.

See Also:

• #convert_existing_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1039

def convert_existing_security_monitoring_rule(rule_id, opts = {})
  data, _status_code, _headers = convert_existing_security_monitoring_rule_with_http_info(rule_id, opts)
  data
end

#convert_existing_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>

Convert an existing rule from JSON to Terraform.

Convert an existing rule from JSON to Terraform for Datadog provider resource datadog_security_monitoring_rule. You can do so for the following rule types:

• App and API Protection
• Cloud SIEM (log detection and signal correlation)
• Workload Protection

You can convert Cloud Security configuration rules using Terraform's Datadog Cloud Configuration Rule resource.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>) —

  SecurityMonitoringRuleConvertResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1057

def convert_existing_security_monitoring_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.convert_existing_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.convert_existing_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}/convert'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleConvertResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :convert_existing_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#convert_existing_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#convert_job_result_to_signal(body, opts = {}) ⇒ Object

Convert a job result to a signal.

See Also:

• #convert_job_result_to_signal_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1110

def convert_job_result_to_signal(body, opts = {})
  convert_job_result_to_signal_with_http_info(body, opts)
  nil
end

#convert_job_result_to_signal_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Convert a job result to a signal.

Convert a job result to a signal.

Parameters:

• body (ConvertJobResultsToSignalsRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1122

def convert_job_result_to_signal_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.convert_job_result_to_signal".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.convert_job_result_to_signal")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.convert_job_result_to_signal"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.convert_job_result_to_signal ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.convert_job_result_to_signal"
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/jobs/signal_convert'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :convert_job_result_to_signal,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#convert_job_result_to_signal\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#convert_security_monitoring_rule_from_json_to_terraform(body, opts = {}) ⇒ Object

Convert a rule from JSON to Terraform.

See Also:

• #convert_security_monitoring_rule_from_json_to_terraform_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1183

def convert_security_monitoring_rule_from_json_to_terraform(body, opts = {})
  data, _status_code, _headers = convert_security_monitoring_rule_from_json_to_terraform_with_http_info(body, opts)
  data
end

#convert_security_monitoring_rule_from_json_to_terraform_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>

Convert a rule from JSON to Terraform.

Convert a rule that doesn't (yet) exist from JSON to Terraform for Datadog provider resource datadog_security_monitoring_rule. You can do so for the following rule types:

• App and API Protection
• Cloud SIEM (log detection and signal correlation)
• Workload Protection

You can convert Cloud Security configuration rules using Terraform's Datadog Cloud Configuration Rule resource.

Parameters:

• body (SecurityMonitoringRuleConvertPayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>) —

  SecurityMonitoringRuleConvertResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1201

def convert_security_monitoring_rule_from_json_to_terraform_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.convert_security_monitoring_rule_from_json_to_terraform ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.convert_security_monitoring_rule_from_json_to_terraform"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/convert'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleConvertResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :convert_security_monitoring_rule_from_json_to_terraform,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#convert_security_monitoring_rule_from_json_to_terraform\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#convert_security_monitoring_terraform_resource(resource_type, body, opts = {}) ⇒ Object

Convert security monitoring resource to Terraform.

See Also:

• #convert_security_monitoring_terraform_resource_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1256

def convert_security_monitoring_terraform_resource(resource_type, body, opts = {})
  data, _status_code, _headers = convert_security_monitoring_terraform_resource_with_http_info(resource_type, body, opts)
  data
end

#convert_security_monitoring_terraform_resource_with_http_info(resource_type, body, opts = {}) ⇒ Array<(SecurityMonitoringTerraformExportResponse, Integer, Hash)>

Convert security monitoring resource to Terraform.

Convert a security monitoring resource that doesn't (yet) exist from JSON to Terraform. The resource_type path parameter specifies the type of resource to convert and must be one of suppressions or critical_assets.

Parameters:

• resource_type (SecurityMonitoringTerraformResourceType) —

  The type of security monitoring resource to export.

• body (SecurityMonitoringTerraformConvertRequest) —

  The resource JSON to convert.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringTerraformExportResponse, Integer, Hash)>) —

  SecurityMonitoringTerraformExportResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1271

def convert_security_monitoring_terraform_resource_with_http_info(resource_type, body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.convert_security_monitoring_terraform_resource".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.convert_security_monitoring_terraform_resource")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.convert_security_monitoring_terraform_resource"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.convert_security_monitoring_terraform_resource ...'
  end
  # verify the required parameter 'resource_type' is set
  if @api_client.config.client_side_validation && resource_type.nil?
    fail ArgumentError, "Missing the required parameter 'resource_type' when calling SecurityMonitoringAPI.convert_security_monitoring_terraform_resource"
  end
  # verify enum value
  allowable_values = ['suppressions', 'critical_assets']
  if @api_client.config.client_side_validation && !allowable_values.include?(resource_type)
    fail ArgumentError, "invalid value for \"resource_type\", must be one of #{allowable_values}"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.convert_security_monitoring_terraform_resource"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/terraform/{resource_type}/convert'.sub('{resource_type}', CGI.escape(resource_type.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringTerraformExportResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :convert_security_monitoring_terraform_resource,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#convert_security_monitoring_terraform_resource\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_cases(body, opts = {}) ⇒ Object

Create cases for security findings.

See Also:

• #create_cases_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1341

def create_cases(body, opts = {})
  data, _status_code, _headers = create_cases_with_http_info(body, opts)
  data
end

#create_cases_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponseArray, Integer, Hash)>

Create cases for security findings.

Create cases for security findings. You can create up to 50 cases per request and associate up to 50 security findings per case. Security findings that are already attached to another case will be detached from their previous case and attached to the newly created case.

Parameters:

• body (CreateCaseRequestArray)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(FindingCaseResponseArray, Integer, Hash)>) —

  FindingCaseResponseArray data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1354

def create_cases_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_cases ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_cases"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/cases'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'FindingCaseResponseArray'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_cases,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_cases\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_custom_framework(body, opts = {}) ⇒ Object

Create a custom framework.

See Also:

• #create_custom_framework_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1409

def create_custom_framework(body, opts = {})
  data, _status_code, _headers = create_custom_framework_with_http_info(body, opts)
  data
end

#create_custom_framework_with_http_info(body, opts = {}) ⇒ Array<(CreateCustomFrameworkResponse, Integer, Hash)>

Create a custom framework.

Create a custom framework.

Parameters:

• body (CreateCustomFrameworkRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(CreateCustomFrameworkResponse, Integer, Hash)>) —

  CreateCustomFrameworkResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1421

def create_custom_framework_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_custom_framework ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_custom_framework"
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/custom_frameworks'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'CreateCustomFrameworkResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_custom_framework,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_custom_framework\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_jira_issues(body, opts = {}) ⇒ Object

Create Jira issues for security findings.

See Also:

• #create_jira_issues_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1476

def create_jira_issues(body, opts = {})
  data, _status_code, _headers = create_jira_issues_with_http_info(body, opts)
  data
end

#create_jira_issues_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponseArray, Integer, Hash)>

Create Jira issues for security findings.

Create Jira issues for security findings. This operation creates a case in Datadog and a Jira issue linked to that case for bidirectional sync between Datadog and Jira. To configure the Jira integration, see Bidirectional ticket syncing with Jira. You can create up to 50 Jira issues per request and associate up to 50 security findings per Jira issue. Security findings that are already attached to another Jira issue will be detached from their previous Jira issue and attached to the newly created Jira issue.

Parameters:

• body (CreateJiraIssueRequestArray)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(FindingCaseResponseArray, Integer, Hash)>) —

  FindingCaseResponseArray data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1489

def create_jira_issues_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_jira_issues ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_jira_issues"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/jira_issues'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'FindingCaseResponseArray'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_jira_issues,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_jira_issues\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_sample_log_generation_subscription(body, opts = {}) ⇒ Object

Subscribe to sample log generation.

See Also:

• #create_sample_log_generation_subscription_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1544

def create_sample_log_generation_subscription(body, opts = {})
  data, _status_code, _headers = create_sample_log_generation_subscription_with_http_info(body, opts)
  data
end

#create_sample_log_generation_subscription_with_http_info(body, opts = {}) ⇒ Array<(SampleLogGenerationSubscriptionResponse, Integer, Hash)>

Subscribe to sample log generation.

Subscribe to sample log generation for a Cloud SIEM content pack. Sample logs for the requested content pack are injected into the Logs platform for the duration of the subscription, so detection rules can be exercised without onboarding the underlying integration first.

Availability: this endpoint is restricted to Cloud SIEM trial organizations on an eligible pricing model. Non-trial orgs receive 403 Forbidden, the feature flag may also reject requests with 400 Bad Request, and legacy pricing tiers receive a response with status: not_available.

Parameters:

• body (SampleLogGenerationSubscriptionCreateRequest) —

  The content pack to subscribe to and the desired duration of the subscription.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SampleLogGenerationSubscriptionResponse, Integer, Hash)>) —

  SampleLogGenerationSubscriptionResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1562

def create_sample_log_generation_subscription_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.create_sample_log_generation_subscription".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.create_sample_log_generation_subscription")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.create_sample_log_generation_subscription"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_sample_log_generation_subscription ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_sample_log_generation_subscription"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/sample_log_generation/subscriptions'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SampleLogGenerationSubscriptionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_sample_log_generation_subscription,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_sample_log_generation_subscription\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_filter(body, opts = {}) ⇒ Object

Create a security filter.

See Also:

• #create_security_filter_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1623

def create_security_filter(body, opts = {})
  data, _status_code, _headers = create_security_filter_with_http_info(body, opts)
  data
end

#create_security_filter_with_http_info(body, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

Create a security filter.

Create a security filter.

See the security filter guide for more examples.

Parameters:

• body (SecurityFilterCreateRequest) —

  The definition of the new security filter.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFilterResponse, Integer, Hash)>) —

  SecurityFilterResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1638

def create_security_filter_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_filter ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_filter"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFilterResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_security_filter,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_monitoring_critical_asset(body, opts = {}) ⇒ Object

Create a critical asset.

See Also:

• #create_security_monitoring_critical_asset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1693

def create_security_monitoring_critical_asset(body, opts = {})
  data, _status_code, _headers = create_security_monitoring_critical_asset_with_http_info(body, opts)
  data
end

#create_security_monitoring_critical_asset_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

Create a critical asset.

Create a new critical asset.

Parameters:

• body (SecurityMonitoringCriticalAssetCreateRequest) —

  The definition of the new critical asset.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>) —

  SecurityMonitoringCriticalAssetResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1705

def create_security_monitoring_critical_asset_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_monitoring_critical_asset ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_monitoring_critical_asset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_security_monitoring_critical_asset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_monitoring_critical_asset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_monitoring_dataset(body, opts = {}) ⇒ Object

Create a dataset.

See Also:

• #create_security_monitoring_dataset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1760

def create_security_monitoring_dataset(body, opts = {})
  data, _status_code, _headers = create_security_monitoring_dataset_with_http_info(body, opts)
  data
end

#create_security_monitoring_dataset_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringDatasetCreateResponse, Integer, Hash)>

Create a dataset.

Create a new Cloud SIEM dataset. A dataset bundles a data source, a set of indexes, and a search query that can be referenced from detection rules.

Parameters:

• body (SecurityMonitoringDatasetCreateRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringDatasetCreateResponse, Integer, Hash)>) —

  SecurityMonitoringDatasetCreateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1773

def create_security_monitoring_dataset_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.create_security_monitoring_dataset".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.create_security_monitoring_dataset")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.create_security_monitoring_dataset"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_monitoring_dataset ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_monitoring_dataset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/datasets'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringDatasetCreateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_security_monitoring_dataset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_monitoring_dataset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_monitoring_integration_config(body, opts = {}) ⇒ Object

Create an entity context sync configuration.

See Also:

• #create_security_monitoring_integration_config_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1834

def create_security_monitoring_integration_config(body, opts = {})
  data, _status_code, _headers = create_security_monitoring_integration_config_with_http_info(body, opts)
  data
end

#create_security_monitoring_integration_config_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringIntegrationConfigResponse, Integer, Hash)>

Create an entity context sync configuration.

Create a new entity context sync configuration so Cloud SIEM can ingest entities from an external source. The credentials provided in secrets are validated against the source before the configuration is stored and never returned in subsequent responses.

Parameters:

• body (SecurityMonitoringIntegrationConfigCreateRequest) —

  The definition of the new integration configuration.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringIntegrationConfigResponse, Integer, Hash)>) —

  SecurityMonitoringIntegrationConfigResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1848

def create_security_monitoring_integration_config_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.create_security_monitoring_integration_config".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.create_security_monitoring_integration_config")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.create_security_monitoring_integration_config"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_monitoring_integration_config ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_monitoring_integration_config"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/integration_config'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringIntegrationConfigResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_security_monitoring_integration_config,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_monitoring_integration_config\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_monitoring_rule(body, opts = {}) ⇒ Object

Create a detection rule.

See Also:

• #create_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1909

def create_security_monitoring_rule(body, opts = {})
  data, _status_code, _headers = create_security_monitoring_rule_with_http_info(body, opts)
  data
end

#create_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

Create a detection rule.

Create a detection rule.

Parameters:

• body (SecurityMonitoringRuleCreatePayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleResponse, Integer, Hash)>) —

  SecurityMonitoringRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1921

def create_security_monitoring_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_monitoring_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_monitoring_suppression(body, opts = {}) ⇒ Object

Create a suppression rule.

See Also:

• #create_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1976

def create_security_monitoring_suppression(body, opts = {})
  data, _status_code, _headers = create_security_monitoring_suppression_with_http_info(body, opts)
  data
end

#create_security_monitoring_suppression_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

Create a suppression rule.

Create a new suppression rule.

Parameters:

• body (SecurityMonitoringSuppressionCreateRequest) —

  The definition of the new suppression rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1988

def create_security_monitoring_suppression_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_monitoring_suppression ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_service_now_tickets(body, opts = {}) ⇒ Object

Create ServiceNow tickets for security findings.

See Also:

• #create_service_now_tickets_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2043

def create_service_now_tickets(body, opts = {})
  data, _status_code, _headers = create_service_now_tickets_with_http_info(body, opts)
  data
end

#create_service_now_tickets_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponseArray, Integer, Hash)>

Create ServiceNow tickets for security findings.

Create ServiceNow tickets for security findings. This operation creates a case in Datadog and a ServiceNow ticket linked to that case for bidirectional sync between Datadog and ServiceNow. You can create up to 50 ServiceNow tickets per request and associate up to 50 security findings per ServiceNow ticket. Security findings that are already attached to another ServiceNow ticket will be detached from their previous ServiceNow ticket and attached to the newly created ServiceNow ticket.

Parameters:

• body (CreateServiceNowTicketRequestArray)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(FindingCaseResponseArray, Integer, Hash)>) —

  FindingCaseResponseArray data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2056

def create_service_now_tickets_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.create_service_now_tickets".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.create_service_now_tickets")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.create_service_now_tickets"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_service_now_tickets ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_service_now_tickets"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/servicenow_tickets'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'FindingCaseResponseArray'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_service_now_tickets,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_service_now_tickets\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_signal_notification_rule(body, opts = {}) ⇒ Object

Create a new signal-based notification rule.

See Also:

• #create_signal_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2117

def create_signal_notification_rule(body, opts = {})
  data, _status_code, _headers = create_signal_notification_rule_with_http_info(body, opts)
  data
end

#create_signal_notification_rule_with_http_info(body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Create a new signal-based notification rule.

Create a new notification rule for security signals and return the created rule.

Parameters:

• body (CreateNotificationRuleParameters) —

  The body of the create notification rule request is composed of the rule type and the rule attributes: the rule name, the selectors, the notification targets, and the rule enabled status.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2129

def create_signal_notification_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_signal_notification_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_signal_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/signals/notification_rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :create_signal_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_signal_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_static_analysis_ast(body, opts = {}) ⇒ Object

Get AST for source code.

See Also:

• #create_static_analysis_ast_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2184

def create_static_analysis_ast(body, opts = {})
  data, _status_code, _headers = create_static_analysis_ast_with_http_info(body, opts)
  data
end

#create_static_analysis_ast_with_http_info(body, opts = {}) ⇒ Array<(GetAstResponse, Integer, Hash)>

Get AST for source code.

Parse source code into an abstract syntax tree (AST) for the specified language.

Parameters:

• body (GetAstRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(GetAstResponse, Integer, Hash)>) —

  GetAstResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2196

def create_static_analysis_ast_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.create_static_analysis_ast".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.create_static_analysis_ast")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.create_static_analysis_ast"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_static_analysis_ast ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_static_analysis_ast"
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/static-analysis-server/get-ast'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'GetAstResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_static_analysis_ast,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_static_analysis_ast\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_static_analysis_server_analysis(body, opts = {}) ⇒ Object

Analyze code.

See Also:

• #create_static_analysis_server_analysis_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2257

def create_static_analysis_server_analysis(body, opts = {})
  data, _status_code, _headers = create_static_analysis_server_analysis_with_http_info(body, opts)
  data
end

#create_static_analysis_server_analysis_with_http_info(body, opts = {}) ⇒ Array<(AnalysisResponse, Integer, Hash)>

Analyze code.

Run static analysis rules against a source code file and return violations found.

Parameters:

• body (AnalysisRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(AnalysisResponse, Integer, Hash)>) —

  AnalysisResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2269

def create_static_analysis_server_analysis_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.create_static_analysis_server_analysis".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.create_static_analysis_server_analysis")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.create_static_analysis_server_analysis"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_static_analysis_server_analysis ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_static_analysis_server_analysis"
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/static-analysis-server/analyze'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'AnalysisResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_static_analysis_server_analysis,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_static_analysis_server_analysis\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_vulnerability_notification_rule(body, opts = {}) ⇒ Object

Create a new vulnerability-based notification rule.

See Also:

• #create_vulnerability_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2330

def create_vulnerability_notification_rule(body, opts = {})
  data, _status_code, _headers = create_vulnerability_notification_rule_with_http_info(body, opts)
  data
end

#create_vulnerability_notification_rule_with_http_info(body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Create a new vulnerability-based notification rule.

Create a new notification rule for security vulnerabilities and return the created rule.

Parameters:

• body (CreateNotificationRuleParameters) —

  The body of the create notification rule request is composed of the rule type and the rule attributes: the rule name, the selectors, the notification targets, and the rule enabled status.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2342

def create_vulnerability_notification_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_vulnerability_notification_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_vulnerability_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities/notification_rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :create_vulnerability_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_vulnerability_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#deactivate_content_pack(content_pack_id, opts = {}) ⇒ Object

Deactivate content pack.

See Also:

• #deactivate_content_pack_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2397

def deactivate_content_pack(content_pack_id, opts = {})
  deactivate_content_pack_with_http_info(content_pack_id, opts)
  nil
end

#deactivate_content_pack_with_http_info(content_pack_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Deactivate content pack.

Deactivate a Cloud SIEM content pack. This operation removes the content pack's configuration from log filters or security filters and updates the content pack activation state.

Parameters:

• content_pack_id (String) —

  The ID of the content pack to deactivate (for example, aws-cloudtrail).

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2410

def deactivate_content_pack_with_http_info(content_pack_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.deactivate_content_pack".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.deactivate_content_pack")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.deactivate_content_pack"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.deactivate_content_pack ...'
  end
  # verify the required parameter 'content_pack_id' is set
  if @api_client.config.client_side_validation && content_pack_id.nil?
    fail ArgumentError, "Missing the required parameter 'content_pack_id' when calling SecurityMonitoringAPI.deactivate_content_pack"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/content_packs/{content_pack_id}/deactivate'.sub('{content_pack_id}', CGI.escape(content_pack_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :deactivate_content_pack,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Put, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#deactivate_content_pack\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_custom_framework(handle, version, opts = {}) ⇒ Object

Delete a custom framework.

See Also:

• #delete_custom_framework_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2469

def delete_custom_framework(handle, version, opts = {})
  data, _status_code, _headers = delete_custom_framework_with_http_info(handle, version, opts)
  data
end

#delete_custom_framework_with_http_info(handle, version, opts = {}) ⇒ Array<(DeleteCustomFrameworkResponse, Integer, Hash)>

Delete a custom framework.

Delete a custom framework.

Parameters:

• handle (String) —

  The framework handle

• version (String) —

  The framework version

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(DeleteCustomFrameworkResponse, Integer, Hash)>) —

  DeleteCustomFrameworkResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2482

def delete_custom_framework_with_http_info(handle, version, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_custom_framework ...'
  end
  # verify the required parameter 'handle' is set
  if @api_client.config.client_side_validation && handle.nil?
    fail ArgumentError, "Missing the required parameter 'handle' when calling SecurityMonitoringAPI.delete_custom_framework"
  end
  # verify the required parameter 'version' is set
  if @api_client.config.client_side_validation && version.nil?
    fail ArgumentError, "Missing the required parameter 'version' when calling SecurityMonitoringAPI.delete_custom_framework"
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/custom_frameworks/{handle}/{version}'.sub('{handle}', CGI.escape(handle.to_s).gsub('%2F', '/')).sub('{version}', CGI.escape(version.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'DeleteCustomFrameworkResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_custom_framework,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_custom_framework\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_historical_job(job_id, opts = {}) ⇒ Object

Delete an existing job.

See Also:

• #delete_historical_job_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2539

def delete_historical_job(job_id, opts = {})
  delete_historical_job_with_http_info(job_id, opts)
  nil
end

#delete_historical_job_with_http_info(job_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete an existing job.

Delete an existing job.

Parameters:

• job_id (String) —

  The ID of the job.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2551

def delete_historical_job_with_http_info(job_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.delete_historical_job".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.delete_historical_job")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.delete_historical_job"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_historical_job ...'
  end
  # verify the required parameter 'job_id' is set
  if @api_client.config.client_side_validation && job_id.nil?
    fail ArgumentError, "Missing the required parameter 'job_id' when calling SecurityMonitoringAPI.delete_historical_job"
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/jobs/{job_id}'.sub('{job_id}', CGI.escape(job_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_historical_job,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_historical_job\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_sample_log_generation_subscription(content_pack_id, opts = {}) ⇒ Object

Unsubscribe from sample log generation.

See Also:

• #delete_sample_log_generation_subscription_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2610

def delete_sample_log_generation_subscription(content_pack_id, opts = {})
  data, _status_code, _headers = delete_sample_log_generation_subscription_with_http_info(content_pack_id, opts)
  data
end

#delete_sample_log_generation_subscription_with_http_info(content_pack_id, opts = {}) ⇒ Array<(SampleLogGenerationSubscriptionResponse, Integer, Hash)>

Unsubscribe from sample log generation.

Unsubscribe from sample log generation for a Cloud SIEM content pack. After unsubscribing, no more sample logs are generated for the requested content pack.

Availability: this endpoint is restricted to Cloud SIEM trial organizations on an eligible pricing model. Non-trial orgs receive 403 Forbidden, the feature flag may also reject requests with 400 Bad Request, and legacy pricing tiers receive a response with status: not_available.

Parameters:

• content_pack_id (String) —

  The identifier of the Cloud SIEM content pack to operate on (for example, aws-cloudtrail).

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SampleLogGenerationSubscriptionResponse, Integer, Hash)>) —

  SampleLogGenerationSubscriptionResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2627

def delete_sample_log_generation_subscription_with_http_info(content_pack_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.delete_sample_log_generation_subscription".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.delete_sample_log_generation_subscription")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.delete_sample_log_generation_subscription"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_sample_log_generation_subscription ...'
  end
  # verify the required parameter 'content_pack_id' is set
  if @api_client.config.client_side_validation && content_pack_id.nil?
    fail ArgumentError, "Missing the required parameter 'content_pack_id' when calling SecurityMonitoringAPI.delete_sample_log_generation_subscription"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/sample_log_generation/subscriptions/{content_pack_id}'.sub('{content_pack_id}', CGI.escape(content_pack_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SampleLogGenerationSubscriptionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_sample_log_generation_subscription,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_sample_log_generation_subscription\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_filter(security_filter_id, opts = {}) ⇒ Object

Delete a security filter.

See Also:

• #delete_security_filter_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2686

def delete_security_filter(security_filter_id, opts = {})
  delete_security_filter_with_http_info(security_filter_id, opts)
  nil
end

#delete_security_filter_with_http_info(security_filter_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a security filter.

Delete a specific security filter.

Parameters:

• security_filter_id (String) —

  The ID of the security filter.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2698

def delete_security_filter_with_http_info(security_filter_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_filter ...'
  end
  # verify the required parameter 'security_filter_id' is set
  if @api_client.config.client_side_validation && security_filter_id.nil?
    fail ArgumentError, "Missing the required parameter 'security_filter_id' when calling SecurityMonitoringAPI.delete_security_filter"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}'.sub('{security_filter_id}', CGI.escape(security_filter_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_security_filter,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_monitoring_critical_asset(critical_asset_id, opts = {}) ⇒ Object

Delete a critical asset.

See Also:

• #delete_security_monitoring_critical_asset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2751

def delete_security_monitoring_critical_asset(critical_asset_id, opts = {})
  delete_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts)
  nil
end

#delete_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a critical asset.

Delete a specific critical asset.

Parameters:

• critical_asset_id (String) —

  The ID of the critical asset.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2763

def delete_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_monitoring_critical_asset ...'
  end
  # verify the required parameter 'critical_asset_id' is set
  if @api_client.config.client_side_validation && critical_asset_id.nil?
    fail ArgumentError, "Missing the required parameter 'critical_asset_id' when calling SecurityMonitoringAPI.delete_security_monitoring_critical_asset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id}'.sub('{critical_asset_id}', CGI.escape(critical_asset_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_security_monitoring_critical_asset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_monitoring_critical_asset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_monitoring_dataset(dataset_id, opts = {}) ⇒ Object

Delete a dataset.

See Also:

• #delete_security_monitoring_dataset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2816

def delete_security_monitoring_dataset(dataset_id, opts = {})
  delete_security_monitoring_dataset_with_http_info(dataset_id, opts)
  nil
end

#delete_security_monitoring_dataset_with_http_info(dataset_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a dataset.

Delete a Cloud SIEM dataset. Out-of-the-box datasets cannot be deleted and deleting a dataset that is referenced by a detection rule is rejected.

Parameters:

• dataset_id (String) —

  The UUID of the dataset.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2829

def delete_security_monitoring_dataset_with_http_info(dataset_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.delete_security_monitoring_dataset".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.delete_security_monitoring_dataset")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.delete_security_monitoring_dataset"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_monitoring_dataset ...'
  end
  # verify the required parameter 'dataset_id' is set
  if @api_client.config.client_side_validation && dataset_id.nil?
    fail ArgumentError, "Missing the required parameter 'dataset_id' when calling SecurityMonitoringAPI.delete_security_monitoring_dataset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/datasets/{dataset_id}'.sub('{dataset_id}', CGI.escape(dataset_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_security_monitoring_dataset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_monitoring_dataset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_monitoring_integration_config(integration_config_id, opts = {}) ⇒ Object

Delete an entity context sync configuration.

See Also:

• #delete_security_monitoring_integration_config_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2888

def delete_security_monitoring_integration_config(integration_config_id, opts = {})
  delete_security_monitoring_integration_config_with_http_info(integration_config_id, opts)
  nil
end

#delete_security_monitoring_integration_config_with_http_info(integration_config_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete an entity context sync configuration.

Delete an entity context sync configuration. Cloud SIEM stops ingesting entities from this source, and the credentials stored for the configuration are removed from the secrets store.

Parameters:

• integration_config_id (String) —

  The ID of the entity context sync configuration.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2901

def delete_security_monitoring_integration_config_with_http_info(integration_config_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.delete_security_monitoring_integration_config".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.delete_security_monitoring_integration_config")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.delete_security_monitoring_integration_config"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_monitoring_integration_config ...'
  end
  # verify the required parameter 'integration_config_id' is set
  if @api_client.config.client_side_validation && integration_config_id.nil?
    fail ArgumentError, "Missing the required parameter 'integration_config_id' when calling SecurityMonitoringAPI.delete_security_monitoring_integration_config"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/integration_config/{integration_config_id}'.sub('{integration_config_id}', CGI.escape(integration_config_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_security_monitoring_integration_config,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_monitoring_integration_config\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

Delete an existing rule.

See Also:

• #delete_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2960

def delete_security_monitoring_rule(rule_id, opts = {})
  delete_security_monitoring_rule_with_http_info(rule_id, opts)
  nil
end

#delete_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete an existing rule.

Delete an existing rule. Default rules cannot be deleted.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2972

def delete_security_monitoring_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.delete_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_monitoring_suppression(suppression_id, opts = {}) ⇒ Object

Delete a suppression rule.

See Also:

• #delete_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3025

def delete_security_monitoring_suppression(suppression_id, opts = {})
  delete_security_monitoring_suppression_with_http_info(suppression_id, opts)
  nil
end

#delete_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a suppression rule.

Delete a specific suppression rule.

Parameters:

• suppression_id (String) —

  The ID of the suppression rule

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3037

def delete_security_monitoring_suppression_with_http_info(suppression_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_monitoring_suppression ...'
  end
  # verify the required parameter 'suppression_id' is set
  if @api_client.config.client_side_validation && suppression_id.nil?
    fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.delete_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_signal_notification_rule(id, opts = {}) ⇒ Object

Delete a signal-based notification rule.

See Also:

• #delete_signal_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3090

def delete_signal_notification_rule(id, opts = {})
  delete_signal_notification_rule_with_http_info(id, opts)
  nil
end

#delete_signal_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a signal-based notification rule.

Delete a notification rule for security signals.

Parameters:

• id (String) —

  ID of the notification rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3102

def delete_signal_notification_rule_with_http_info(id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_signal_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.delete_signal_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/signals/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :delete_signal_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_signal_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_vulnerability_notification_rule(id, opts = {}) ⇒ Object

Delete a vulnerability-based notification rule.

See Also:

• #delete_vulnerability_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3155

def delete_vulnerability_notification_rule(id, opts = {})
  delete_vulnerability_notification_rule_with_http_info(id, opts)
  nil
end

#delete_vulnerability_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a vulnerability-based notification rule.

Delete a notification rule for security vulnerabilities.

Parameters:

• id (String) —

  ID of the notification rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3167

def delete_vulnerability_notification_rule_with_http_info(id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_vulnerability_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.delete_vulnerability_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :delete_vulnerability_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_vulnerability_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#detach_case(body, opts = {}) ⇒ Object

Detach security findings from their case.

See Also:

• #detach_case_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3220

def detach_case(body, opts = {})
  detach_case_with_http_info(body, opts)
  nil
end

#detach_case_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Detach security findings from their case.

Detach security findings from their case. This operation dissociates security findings from their associated cases without deleting the cases themselves. You can detach security findings from multiple different cases in a single request, with a limit of 50 security findings per request. Security findings that are not currently attached to any case will be ignored.

Parameters:

• body (DetachCaseRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3233

def detach_case_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.detach_case ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.detach_case"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/cases'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :detach_case,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#detach_case\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#edit_security_monitoring_signal(signal_id, body, opts = {}) ⇒ Object

Update security signal triage state or assignee.

See Also:

• #edit_security_monitoring_signal_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3288

def edit_security_monitoring_signal(signal_id, body, opts = {})
  data, _status_code, _headers = edit_security_monitoring_signal_with_http_info(signal_id, body, opts)
  data
end

#edit_security_monitoring_signal_assignee(signal_id, body, opts = {}) ⇒ Object

Modify the triage assignee of a security signal.

See Also:

• #edit_security_monitoring_signal_assignee_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3360

def edit_security_monitoring_signal_assignee(signal_id, body, opts = {})
  data, _status_code, _headers = edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts)
  data
end

#edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

Modify the triage assignee of a security signal.

Modify the triage assignee of a security signal.

Parameters:

• signal_id (String) —

  The ID of the signal.

• body (SecurityMonitoringSignalAssigneeUpdateRequest) —

  Attributes describing the signal update.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3373

def edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.edit_security_monitoring_signal_assignee ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_assignee"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_assignee"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/assignee'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :edit_security_monitoring_signal_assignee,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#edit_security_monitoring_signal_assignee\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#edit_security_monitoring_signal_incidents(signal_id, body, opts = {}) ⇒ Object

Change the related incidents of a security signal.

See Also:

• #edit_security_monitoring_signal_incidents_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3432

def edit_security_monitoring_signal_incidents(signal_id, body, opts = {})
  data, _status_code, _headers = edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts)
  data
end

#edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

Change the related incidents of a security signal.

Change the related incidents for a security signal.

Parameters:

• signal_id (String) —

  The ID of the signal.

• body (SecurityMonitoringSignalIncidentsUpdateRequest) —

  Attributes describing the signal update.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3445

def edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.edit_security_monitoring_signal_incidents ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_incidents"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_incidents"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/incidents'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :edit_security_monitoring_signal_incidents,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#edit_security_monitoring_signal_incidents\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#edit_security_monitoring_signal_state(signal_id, body, opts = {}) ⇒ Object

Change the triage state of a security signal.

See Also:

• #edit_security_monitoring_signal_state_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3504

def edit_security_monitoring_signal_state(signal_id, body, opts = {})
  data, _status_code, _headers = edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts)
  data
end

#edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

Change the triage state of a security signal.

Change the triage state of a security signal.

Parameters:

• signal_id (String) —

  The ID of the signal.

• body (SecurityMonitoringSignalStateUpdateRequest) —

  Attributes describing the signal update.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3517

def edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.edit_security_monitoring_signal_state ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_state"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_state"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/state'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :edit_security_monitoring_signal_state,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#edit_security_monitoring_signal_state\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#edit_security_monitoring_signal_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

Update security signal triage state or assignee.

Update the triage state or assignee of a security signal.

Parameters:

• signal_id (String) —

  The ID of the signal.

• body (SecurityMonitoringSignalUpdateRequest) —

  Attributes describing the signal triage state or assignee update.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3301

def edit_security_monitoring_signal_with_http_info(signal_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.edit_security_monitoring_signal ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.edit_security_monitoring_signal"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.edit_security_monitoring_signal"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/update'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :edit_security_monitoring_signal,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#edit_security_monitoring_signal\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#export_security_monitoring_terraform_resource(resource_type, resource_id, opts = {}) ⇒ Object

Export security monitoring resource to Terraform.

See Also:

• #export_security_monitoring_terraform_resource_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3576

def export_security_monitoring_terraform_resource(resource_type, resource_id, opts = {})
  data, _status_code, _headers = export_security_monitoring_terraform_resource_with_http_info(resource_type, resource_id, opts)
  data
end

#export_security_monitoring_terraform_resource_with_http_info(resource_type, resource_id, opts = {}) ⇒ Array<(SecurityMonitoringTerraformExportResponse, Integer, Hash)>

Export security monitoring resource to Terraform.

Export a security monitoring resource to a Terraform configuration. The resource_type path parameter specifies the type of resource to export and must be one of suppressions or critical_assets.

Parameters:

• resource_type (SecurityMonitoringTerraformResourceType) —

  The type of security monitoring resource to export.

• resource_id (String) —

  The ID of the security monitoring resource to export.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringTerraformExportResponse, Integer, Hash)>) —

  SecurityMonitoringTerraformExportResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3591

def export_security_monitoring_terraform_resource_with_http_info(resource_type, resource_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.export_security_monitoring_terraform_resource".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.export_security_monitoring_terraform_resource")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.export_security_monitoring_terraform_resource"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.export_security_monitoring_terraform_resource ...'
  end
  # verify the required parameter 'resource_type' is set
  if @api_client.config.client_side_validation && resource_type.nil?
    fail ArgumentError, "Missing the required parameter 'resource_type' when calling SecurityMonitoringAPI.export_security_monitoring_terraform_resource"
  end
  # verify enum value
  allowable_values = ['suppressions', 'critical_assets']
  if @api_client.config.client_side_validation && !allowable_values.include?(resource_type)
    fail ArgumentError, "invalid value for \"resource_type\", must be one of #{allowable_values}"
  end
  # verify the required parameter 'resource_id' is set
  if @api_client.config.client_side_validation && resource_id.nil?
    fail ArgumentError, "Missing the required parameter 'resource_id' when calling SecurityMonitoringAPI.export_security_monitoring_terraform_resource"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/terraform/{resource_type}/{resource_id}'.sub('{resource_type}', CGI.escape(resource_type.to_s).gsub('%2F', '/')).sub('{resource_id}', CGI.escape(resource_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringTerraformExportResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :export_security_monitoring_terraform_resource,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#export_security_monitoring_terraform_resource\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_content_packs_states(opts = {}) ⇒ Object

Get content pack states.

See Also:

• #get_content_packs_states_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3659

def get_content_packs_states(opts = {})
  data, _status_code, _headers = get_content_packs_states_with_http_info(opts)
  data
end

#get_content_packs_states_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringContentPackStatesResponse, Integer, Hash)>

Get content pack states.

Get the activation state, integration status, and log collection status for all Cloud SIEM content packs.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringContentPackStatesResponse, Integer, Hash)>) —

  SecurityMonitoringContentPackStatesResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3671

def get_content_packs_states_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_content_packs_states".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_content_packs_states")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_content_packs_states"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_content_packs_states ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/content_packs/states'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringContentPackStatesResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_content_packs_states,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_content_packs_states\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_critical_assets_affecting_rule(rule_id, opts = {}) ⇒ Object

Get critical assets affecting a specific rule.

See Also:

• #get_critical_assets_affecting_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3726

def get_critical_assets_affecting_rule(rule_id, opts = {})
  data, _status_code, _headers = get_critical_assets_affecting_rule_with_http_info(rule_id, opts)
  data
end

#get_critical_assets_affecting_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>

Get critical assets affecting a specific rule.

Get the list of critical assets that affect a specific existing rule by the rule's ID.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>) —

  SecurityMonitoringCriticalAssetsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3738

def get_critical_assets_affecting_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_critical_assets_affecting_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.get_critical_assets_affecting_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_critical_assets_affecting_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_critical_assets_affecting_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_custom_framework(handle, version, opts = {}) ⇒ Object

Get a custom framework.

See Also:

• #get_custom_framework_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3791

def get_custom_framework(handle, version, opts = {})
  data, _status_code, _headers = get_custom_framework_with_http_info(handle, version, opts)
  data
end

#get_custom_framework_with_http_info(handle, version, opts = {}) ⇒ Array<(GetCustomFrameworkResponse, Integer, Hash)>

Get a custom framework.

Get a custom framework.

Parameters:

• handle (String) —

  The framework handle

• version (String) —

  The framework version

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(GetCustomFrameworkResponse, Integer, Hash)>) —

  GetCustomFrameworkResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3804

def get_custom_framework_with_http_info(handle, version, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_custom_framework ...'
  end
  # verify the required parameter 'handle' is set
  if @api_client.config.client_side_validation && handle.nil?
    fail ArgumentError, "Missing the required parameter 'handle' when calling SecurityMonitoringAPI.get_custom_framework"
  end
  # verify the required parameter 'version' is set
  if @api_client.config.client_side_validation && version.nil?
    fail ArgumentError, "Missing the required parameter 'version' when calling SecurityMonitoringAPI.get_custom_framework"
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/custom_frameworks/{handle}/{version}'.sub('{handle}', CGI.escape(handle.to_s).gsub('%2F', '/')).sub('{version}', CGI.escape(version.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetCustomFrameworkResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_custom_framework,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_custom_framework\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_entity_context(opts = {}) ⇒ Object

Get entity context.

See Also:

• #get_entity_context_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3861

def get_entity_context(opts = {})
  data, _status_code, _headers = get_entity_context_with_http_info(opts)
  data
end

#get_entity_context_with_http_info(opts = {}) ⇒ Array<(EntityContextResponse, Integer, Hash)>

Get entity context.

Search the Cloud SIEM entity context store for entities that match a query, and return the historical revisions of each entity in the requested time range. The endpoint can either return revisions across an interval (from / to) or the snapshot of each entity at a single point in time (as_of); the two modes are mutually exclusive.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :query (String) —

  A free-text query (for example, an email address or principal ID) used to filter the entities returned.

• :from (String) —

  The start of the time range to query, as an RFC3339 timestamp or a relative time (for example, now-7d). Defaults to now-7d. Ignored when as_of is set.

• :to (String) —

  The end of the time range to query, as an RFC3339 timestamp or a relative time (for example, now). Defaults to now. Ignored when as_of is set.

• :as_of (String) —

  A point in time at which to query the entity revisions, as an RFC3339 timestamp, a Unix timestamp (in seconds), or a relative time (for example, now-1d). When set, from and to are ignored. Cannot be combined with custom from / to values.

• :limit (Integer) —

  The maximum number of entities to return.

• :page_token (String) —

  An opaque token used to fetch the next page of results, as returned in meta.page.next_token of a previous response.

Returns:

• (Array<(EntityContextResponse, Integer, Hash)>) —

  EntityContextResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3881

def get_entity_context_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_entity_context".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_entity_context")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_entity_context"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_entity_context ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/entity_context'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'query'] = opts[:'query'] if !opts[:'query'].nil?
  query_params[:'from'] = opts[:'from'] if !opts[:'from'].nil?
  query_params[:'to'] = opts[:'to'] if !opts[:'to'].nil?
  query_params[:'as_of'] = opts[:'as_of'] if !opts[:'as_of'].nil?
  query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
  query_params[:'page_token'] = opts[:'page_token'] if !opts[:'page_token'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'EntityContextResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_entity_context,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_entity_context\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_finding(finding_id, opts = {}) ⇒ Object

Get a finding.

See Also:

• #get_finding_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3942

def get_finding(finding_id, opts = {})
  data, _status_code, _headers = get_finding_with_http_info(finding_id, opts)
  data
end

#get_finding_with_http_info(finding_id, opts = {}) ⇒ Array<(GetFindingResponse, Integer, Hash)>

Get a finding.

Returns a single finding with message and resource configuration.

Parameters:

• finding_id (String) —

  The ID of the finding.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :snapshot_timestamp (Integer) —

  Return the finding for a given snapshot of time (Unix ms).

Returns:

• (Array<(GetFindingResponse, Integer, Hash)>) —

  GetFindingResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3955

def get_finding_with_http_info(finding_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_finding".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_finding")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_finding"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_finding ...'
  end
  # verify the required parameter 'finding_id' is set
  if @api_client.config.client_side_validation && finding_id.nil?
    fail ArgumentError, "Missing the required parameter 'finding_id' when calling SecurityMonitoringAPI.get_finding"
  end
  if @api_client.config.client_side_validation && !opts[:'snapshot_timestamp'].nil? && opts[:'snapshot_timestamp'] < 1
    fail ArgumentError, 'invalid value for "opts[:"snapshot_timestamp"]" when calling SecurityMonitoringAPI.get_finding, must be greater than or equal to 1.'
  end
  # resource path
  local_var_path = '/api/v2/posture_management/findings/{finding_id}'.sub('{finding_id}', CGI.escape(finding_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'snapshot_timestamp'] = opts[:'snapshot_timestamp'] if !opts[:'snapshot_timestamp'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetFindingResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_finding,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_finding\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_historical_job(job_id, opts = {}) ⇒ Object

Get a job's details.

See Also:

• #get_historical_job_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4018

def get_historical_job(job_id, opts = {})
  data, _status_code, _headers = get_historical_job_with_http_info(job_id, opts)
  data
end

#get_historical_job_with_http_info(job_id, opts = {}) ⇒ Array<(HistoricalJobResponse, Integer, Hash)>

Get a job's details.

Get a job's details.

Parameters:

• job_id (String) —

  The ID of the job.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(HistoricalJobResponse, Integer, Hash)>) —

  HistoricalJobResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4030

def get_historical_job_with_http_info(job_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_historical_job".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_historical_job")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_historical_job"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_historical_job ...'
  end
  # verify the required parameter 'job_id' is set
  if @api_client.config.client_side_validation && job_id.nil?
    fail ArgumentError, "Missing the required parameter 'job_id' when calling SecurityMonitoringAPI.get_historical_job"
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/jobs/{job_id}'.sub('{job_id}', CGI.escape(job_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'HistoricalJobResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_historical_job,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_historical_job\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_indicator_of_compromise(indicator, opts = {}) ⇒ Object

Get an indicator of compromise.

See Also:

• #get_indicator_of_compromise_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4089

def get_indicator_of_compromise(indicator, opts = {})
  data, _status_code, _headers = get_indicator_of_compromise_with_http_info(indicator, opts)
  data
end

#get_indicator_of_compromise_with_http_info(indicator, opts = {}) ⇒ Array<(GetIoCIndicatorResponse, Integer, Hash)>

Get an indicator of compromise.

Get detailed information about a specific indicator of compromise (IoC).

Parameters:

• indicator (String) —

  The indicator value to look up (for example, an IP address or domain).

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(GetIoCIndicatorResponse, Integer, Hash)>) —

  GetIoCIndicatorResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4101

def get_indicator_of_compromise_with_http_info(indicator, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_indicator_of_compromise".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_indicator_of_compromise")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_indicator_of_compromise"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_indicator_of_compromise ...'
  end
  # verify the required parameter 'indicator' is set
  if @api_client.config.client_side_validation && indicator.nil?
    fail ArgumentError, "Missing the required parameter 'indicator' when calling SecurityMonitoringAPI.get_indicator_of_compromise"
  end
  # resource path
  local_var_path = '/api/v2/security/siem/ioc-explorer/indicator'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'indicator'] = indicator

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetIoCIndicatorResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_indicator_of_compromise,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_indicator_of_compromise\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_investigation_log_queries_matching_signal(signal_id, opts = {}) ⇒ Object

Get investigation queries for a signal.

See Also:

• #get_investigation_log_queries_matching_signal_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4161

def get_investigation_log_queries_matching_signal(signal_id, opts = {})
  data, _status_code, _headers = get_investigation_log_queries_matching_signal_with_http_info(signal_id, opts)
  data
end

#get_investigation_log_queries_matching_signal_with_http_info(signal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalSuggestedActionsResponse, Integer, Hash)>

Get investigation queries for a signal.

Get the list of investigation log queries available for a given security signal.

Parameters:

• signal_id (String) —

  The ID of the signal.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalSuggestedActionsResponse, Integer, Hash)>) —

  SecurityMonitoringSignalSuggestedActionsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4173

def get_investigation_log_queries_matching_signal_with_http_info(signal_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_investigation_log_queries_matching_signal ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.get_investigation_log_queries_matching_signal"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/investigation_queries'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalSuggestedActionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_investigation_log_queries_matching_signal,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_investigation_log_queries_matching_signal\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_resource_evaluation_filters(opts = {}) ⇒ Object

List resource filters.

See Also:

• #get_resource_evaluation_filters_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4226

def get_resource_evaluation_filters(opts = {})
  data, _status_code, _headers = get_resource_evaluation_filters_with_http_info(opts)
  data
end

#get_resource_evaluation_filters_with_http_info(opts = {}) ⇒ Array<(GetResourceEvaluationFiltersResponse, Integer, Hash)>

List resource filters.

List resource filters.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :cloud_provider (String) —

  Filter resource filters by cloud provider (e.g. aws, gcp, azure).

• :account_id (String) —

  Filter resource filters by cloud provider account ID. This parameter is only valid when provider is specified.

• :skip_cache (Boolean) —

  Skip cache for resource filters.

Returns:

• (Array<(GetResourceEvaluationFiltersResponse, Integer, Hash)>) —

  GetResourceEvaluationFiltersResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4240

def get_resource_evaluation_filters_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_resource_evaluation_filters ...'
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/resource_filters'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'cloud_provider'] = opts[:'cloud_provider'] if !opts[:'cloud_provider'].nil?
  query_params[:'account_id'] = opts[:'account_id'] if !opts[:'account_id'].nil?
  query_params[:'skip_cache'] = opts[:'skip_cache'] if !opts[:'skip_cache'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetResourceEvaluationFiltersResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_resource_evaluation_filters,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_resource_evaluation_filters\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_rule_version_history(rule_id, opts = {}) ⇒ Object

Get a rule's version history.

See Also:

• #get_rule_version_history_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4292

def get_rule_version_history(rule_id, opts = {})
  data, _status_code, _headers = get_rule_version_history_with_http_info(rule_id, opts)
  data
end

#get_rule_version_history_with_http_info(rule_id, opts = {}) ⇒ Array<(GetRuleVersionHistoryResponse, Integer, Hash)>

Get a rule's version history.

Get a rule's version history.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

Returns:

• (Array<(GetRuleVersionHistoryResponse, Integer, Hash)>) —

  GetRuleVersionHistoryResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4306

def get_rule_version_history_with_http_info(rule_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_rule_version_history".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_rule_version_history")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_rule_version_history"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_rule_version_history ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.get_rule_version_history"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}/version_history'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetRuleVersionHistoryResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_rule_version_history,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_rule_version_history\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_sbom(asset_type, filter_asset_name, opts = {}) ⇒ Object

Get SBOM.

See Also:

• #get_sbom_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4367

def get_sbom(asset_type, filter_asset_name, opts = {})
  data, _status_code, _headers = get_sbom_with_http_info(asset_type, filter_asset_name, opts)
  data
end

#get_sbom_with_http_info(asset_type, filter_asset_name, opts = {}) ⇒ Array<(GetSBOMResponse, Integer, Hash)>

Get SBOM.

Get a single SBOM related to an asset by its type and name.

Parameters:

• asset_type (AssetType) —

  The type of the asset for the SBOM request.

• filter_asset_name (String) —

  The name of the asset for the SBOM request.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_repo_digest (String) —

  The container image repo_digest for the SBOM request. When the requested asset type is 'Image', this filter is mandatory.

• :ext_format (SBOMFormat) —

  The standard of the SBOM.

Returns:

• (Array<(GetSBOMResponse, Integer, Hash)>) —

  GetSBOMResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4382

def get_sbom_with_http_info(asset_type, filter_asset_name, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_sbom ...'
  end
  # verify the required parameter 'asset_type' is set
  if @api_client.config.client_side_validation && asset_type.nil?
    fail ArgumentError, "Missing the required parameter 'asset_type' when calling SecurityMonitoringAPI.get_sbom"
  end
  # verify enum value
  allowable_values = ['Repository', 'Service', 'Host', 'HostImage', 'Image']
  if @api_client.config.client_side_validation && !allowable_values.include?(asset_type)
    fail ArgumentError, "invalid value for \"asset_type\", must be one of #{allowable_values}"
  end
  # verify the required parameter 'filter_asset_name' is set
  if @api_client.config.client_side_validation && filter_asset_name.nil?
    fail ArgumentError, "Missing the required parameter 'filter_asset_name' when calling SecurityMonitoringAPI.get_sbom"
  end
  allowable_values = ['CycloneDX', 'SPDX']
  if @api_client.config.client_side_validation && opts[:'ext_format'] && !allowable_values.include?(opts[:'ext_format'])
    fail ArgumentError, "invalid value for \"ext_format\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/sboms/{asset_type}'.sub('{asset_type}', CGI.escape(asset_type.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[asset_name]'] = filter_asset_name
  query_params[:'filter[repo_digest]'] = opts[:'filter_repo_digest'] if !opts[:'filter_repo_digest'].nil?
  query_params[:'ext:format'] = opts[:'ext_format'] if !opts[:'ext_format'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetSBOMResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_sbom,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_sbom\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_secrets_rules(opts = {}) ⇒ Object

Returns a list of Secrets rules.

See Also:

• #get_secrets_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4451

def get_secrets_rules(opts = {})
  data, _status_code, _headers = get_secrets_rules_with_http_info(opts)
  data
end

#get_secrets_rules_with_http_info(opts = {}) ⇒ Array<(SecretRuleArray, Integer, Hash)>

Returns a list of Secrets rules.

Returns a list of Secrets rules with ID, Pattern, Description, Priority, and SDS ID.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecretRuleArray, Integer, Hash)>) —

  SecretRuleArray data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4462

def get_secrets_rules_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_secrets_rules".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_secrets_rules")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_secrets_rules"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_secrets_rules ...'
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/secrets/rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecretRuleArray'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_secrets_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_secrets_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_filter(security_filter_id, opts = {}) ⇒ Object

Get a security filter.

See Also:

• #get_security_filter_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4517

def get_security_filter(security_filter_id, opts = {})
  data, _status_code, _headers = get_security_filter_with_http_info(security_filter_id, opts)
  data
end

#get_security_filter_with_http_info(security_filter_id, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

Get a security filter.

Get the details of a specific security filter.

See the security filter guide for more examples.

Parameters:

• security_filter_id (String) —

  The ID of the security filter.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFilterResponse, Integer, Hash)>) —

  SecurityFilterResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4532

def get_security_filter_with_http_info(security_filter_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_filter ...'
  end
  # verify the required parameter 'security_filter_id' is set
  if @api_client.config.client_side_validation && security_filter_id.nil?
    fail ArgumentError, "Missing the required parameter 'security_filter_id' when calling SecurityMonitoringAPI.get_security_filter"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}'.sub('{security_filter_id}', CGI.escape(security_filter_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFilterResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_filter,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_critical_asset(critical_asset_id, opts = {}) ⇒ Object

Get a critical asset.

See Also:

• #get_security_monitoring_critical_asset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4585

def get_security_monitoring_critical_asset(critical_asset_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts)
  data
end

#get_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

Get a critical asset.

Get the details of a specific critical asset.

Parameters:

• critical_asset_id (String) —

  The ID of the critical asset.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>) —

  SecurityMonitoringCriticalAssetResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4597

def get_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_critical_asset ...'
  end
  # verify the required parameter 'critical_asset_id' is set
  if @api_client.config.client_side_validation && critical_asset_id.nil?
    fail ArgumentError, "Missing the required parameter 'critical_asset_id' when calling SecurityMonitoringAPI.get_security_monitoring_critical_asset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id}'.sub('{critical_asset_id}', CGI.escape(critical_asset_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_critical_asset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_critical_asset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_dataset(dataset_id, opts = {}) ⇒ Object

Get a dataset.

See Also:

• #get_security_monitoring_dataset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4650

def get_security_monitoring_dataset(dataset_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_dataset_with_http_info(dataset_id, opts)
  data
end

#get_security_monitoring_dataset_by_version(dataset_id, version, opts = {}) ⇒ Object

Get a dataset at a specific version.

See Also:

• #get_security_monitoring_dataset_by_version_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4721

def get_security_monitoring_dataset_by_version(dataset_id, version, opts = {})
  data, _status_code, _headers = get_security_monitoring_dataset_by_version_with_http_info(dataset_id, version, opts)
  data
end

#get_security_monitoring_dataset_by_version_with_http_info(dataset_id, version, opts = {}) ⇒ Array<(SecurityMonitoringDatasetResponse, Integer, Hash)>

Get a dataset at a specific version.

Retrieve a specific historical version of a Cloud SIEM dataset.

Parameters:

• dataset_id (String) —

  The UUID of the dataset.

• version (Integer) —

  The version number of the dataset to retrieve.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringDatasetResponse, Integer, Hash)>) —

  SecurityMonitoringDatasetResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4734

def get_security_monitoring_dataset_by_version_with_http_info(dataset_id, version, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_security_monitoring_dataset_by_version".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_security_monitoring_dataset_by_version")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_security_monitoring_dataset_by_version"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_dataset_by_version ...'
  end
  # verify the required parameter 'dataset_id' is set
  if @api_client.config.client_side_validation && dataset_id.nil?
    fail ArgumentError, "Missing the required parameter 'dataset_id' when calling SecurityMonitoringAPI.get_security_monitoring_dataset_by_version"
  end
  # verify the required parameter 'version' is set
  if @api_client.config.client_side_validation && version.nil?
    fail ArgumentError, "Missing the required parameter 'version' when calling SecurityMonitoringAPI.get_security_monitoring_dataset_by_version"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/datasets/{dataset_id}/version/{version}'.sub('{dataset_id}', CGI.escape(dataset_id.to_s).gsub('%2F', '/')).sub('{version}', CGI.escape(version.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringDatasetResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_dataset_by_version,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_dataset_by_version\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_dataset_version_history(dataset_id, opts = {}) ⇒ Object

Get the version history of a dataset.

See Also:

• #get_security_monitoring_dataset_version_history_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4797

def get_security_monitoring_dataset_version_history(dataset_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_dataset_version_history_with_http_info(dataset_id, opts)
  data
end

#get_security_monitoring_dataset_version_history_with_http_info(dataset_id, opts = {}) ⇒ Array<(SecurityMonitoringDatasetVersionHistoryResponse, Integer, Hash)>

Get the version history of a dataset.

Retrieve the version history of a Cloud SIEM dataset, including the changes made at each version.

Parameters:

• dataset_id (String) —

  The UUID of the dataset.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

Returns:

• (Array<(SecurityMonitoringDatasetVersionHistoryResponse, Integer, Hash)>) —

  SecurityMonitoringDatasetVersionHistoryResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4811

def get_security_monitoring_dataset_version_history_with_http_info(dataset_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_security_monitoring_dataset_version_history".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_security_monitoring_dataset_version_history")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_security_monitoring_dataset_version_history"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_dataset_version_history ...'
  end
  # verify the required parameter 'dataset_id' is set
  if @api_client.config.client_side_validation && dataset_id.nil?
    fail ArgumentError, "Missing the required parameter 'dataset_id' when calling SecurityMonitoringAPI.get_security_monitoring_dataset_version_history"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/datasets/{dataset_id}/version_history'.sub('{dataset_id}', CGI.escape(dataset_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringDatasetVersionHistoryResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_dataset_version_history,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_dataset_version_history\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_dataset_with_http_info(dataset_id, opts = {}) ⇒ Array<(SecurityMonitoringDatasetResponse, Integer, Hash)>

Get a dataset.

Get the current version of a Cloud SIEM dataset by ID.

Parameters:

• dataset_id (String) —

  The UUID of the dataset.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringDatasetResponse, Integer, Hash)>) —

  SecurityMonitoringDatasetResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4662

def get_security_monitoring_dataset_with_http_info(dataset_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_security_monitoring_dataset".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_security_monitoring_dataset")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_security_monitoring_dataset"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_dataset ...'
  end
  # verify the required parameter 'dataset_id' is set
  if @api_client.config.client_side_validation && dataset_id.nil?
    fail ArgumentError, "Missing the required parameter 'dataset_id' when calling SecurityMonitoringAPI.get_security_monitoring_dataset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/datasets/{dataset_id}'.sub('{dataset_id}', CGI.escape(dataset_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringDatasetResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_dataset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_dataset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_histsignal(histsignal_id, opts = {}) ⇒ Object

Get a hist signal's details.

See Also:

• #get_security_monitoring_histsignal_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4872

def get_security_monitoring_histsignal(histsignal_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_histsignal_with_http_info(histsignal_id, opts)
  data
end

#get_security_monitoring_histsignal_with_http_info(histsignal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalResponse, Integer, Hash)>

Get a hist signal's details.

Get a hist signal's details.

Parameters:

• histsignal_id (String) —

  The ID of the historical signal.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalResponse, Integer, Hash)>) —

  SecurityMonitoringSignalResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4884

def get_security_monitoring_histsignal_with_http_info(histsignal_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_security_monitoring_histsignal".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_security_monitoring_histsignal")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_security_monitoring_histsignal"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_histsignal ...'
  end
  # verify the required parameter 'histsignal_id' is set
  if @api_client.config.client_side_validation && histsignal_id.nil?
    fail ArgumentError, "Missing the required parameter 'histsignal_id' when calling SecurityMonitoringAPI.get_security_monitoring_histsignal"
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/histsignals/{histsignal_id}'.sub('{histsignal_id}', CGI.escape(histsignal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_histsignal,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_histsignal\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_histsignals_by_job_id(job_id, opts = {}) ⇒ Object

Get a job's hist signals.

See Also:

• #get_security_monitoring_histsignals_by_job_id_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4943

def get_security_monitoring_histsignals_by_job_id(job_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_histsignals_by_job_id_with_http_info(job_id, opts)
  data
end

#get_security_monitoring_histsignals_by_job_id_with_http_info(job_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

Get a job's hist signals.

Get a job's hist signals.

Parameters:

• job_id (String) —

  The ID of the job.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_query (String) —

  The search query for security signals.

• :filter_from (Time) —

  The minimum timestamp for requested security signals.

• :filter_to (Time) —

  The maximum timestamp for requested security signals.

• :sort (SecurityMonitoringSignalsSort) —

  The order of the security signals in results.

• :page_cursor (String) —

  A list of results using the cursor provided in the previous query.

• :page_limit (Integer) —

  The maximum number of security signals in the response.

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4961

def get_security_monitoring_histsignals_by_job_id_with_http_info(job_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_security_monitoring_histsignals_by_job_id".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_security_monitoring_histsignals_by_job_id")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_security_monitoring_histsignals_by_job_id"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_histsignals_by_job_id ...'
  end
  # verify the required parameter 'job_id' is set
  if @api_client.config.client_side_validation && job_id.nil?
    fail ArgumentError, "Missing the required parameter 'job_id' when calling SecurityMonitoringAPI.get_security_monitoring_histsignals_by_job_id"
  end
  allowable_values = ['timestamp', '-timestamp']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.get_security_monitoring_histsignals_by_job_id, must be smaller than or equal to 1000.'
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/jobs/{job_id}/histsignals'.sub('{job_id}', CGI.escape(job_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?
  query_params[:'filter[from]'] = opts[:'filter_from'] if !opts[:'filter_from'].nil?
  query_params[:'filter[to]'] = opts[:'filter_to'] if !opts[:'filter_to'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_histsignals_by_job_id,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_histsignals_by_job_id\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_integration_config(integration_config_id, opts = {}) ⇒ Object

Get an entity context sync configuration.

See Also:

• #get_security_monitoring_integration_config_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5033

def get_security_monitoring_integration_config(integration_config_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_integration_config_with_http_info(integration_config_id, opts)
  data
end

#get_security_monitoring_integration_config_with_http_info(integration_config_id, opts = {}) ⇒ Array<(SecurityMonitoringIntegrationConfigResponse, Integer, Hash)>

Get an entity context sync configuration.

Get the details of a specific entity context sync configuration.

Parameters:

• integration_config_id (String) —

  The ID of the entity context sync configuration.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringIntegrationConfigResponse, Integer, Hash)>) —

  SecurityMonitoringIntegrationConfigResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5045

def get_security_monitoring_integration_config_with_http_info(integration_config_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_security_monitoring_integration_config".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_security_monitoring_integration_config")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_security_monitoring_integration_config"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_integration_config ...'
  end
  # verify the required parameter 'integration_config_id' is set
  if @api_client.config.client_side_validation && integration_config_id.nil?
    fail ArgumentError, "Missing the required parameter 'integration_config_id' when calling SecurityMonitoringAPI.get_security_monitoring_integration_config"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/integration_config/{integration_config_id}'.sub('{integration_config_id}', CGI.escape(integration_config_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringIntegrationConfigResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_integration_config,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_integration_config\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

Get a rule's details.

See Also:

• #get_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5104

def get_security_monitoring_rule(rule_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_rule_with_http_info(rule_id, opts)
  data
end

#get_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

Get a rule's details.

Get a rule's details.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleResponse, Integer, Hash)>) —

  SecurityMonitoringRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5116

def get_security_monitoring_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.get_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_signal(signal_id, opts = {}) ⇒ Object

Get a signal's details.

See Also:

• #get_security_monitoring_signal_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5169

def get_security_monitoring_signal(signal_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_signal_with_http_info(signal_id, opts)
  data
end

#get_security_monitoring_signal_with_http_info(signal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalResponse, Integer, Hash)>

Get a signal's details.

Get a signal's details.

Parameters:

• signal_id (String) —

  The ID of the signal.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalResponse, Integer, Hash)>) —

  SecurityMonitoringSignalResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5181

def get_security_monitoring_signal_with_http_info(signal_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_signal ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.get_security_monitoring_signal"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_signal,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_signal\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_suppression(suppression_id, opts = {}) ⇒ Object

Get a suppression rule.

See Also:

• #get_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5234

def get_security_monitoring_suppression(suppression_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_suppression_with_http_info(suppression_id, opts)
  data
end

#get_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

Get a suppression rule.

Get the details of a specific suppression rule.

Parameters:

• suppression_id (String) —

  The ID of the suppression rule

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5246

def get_security_monitoring_suppression_with_http_info(suppression_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_suppression ...'
  end
  # verify the required parameter 'suppression_id' is set
  if @api_client.config.client_side_validation && suppression_id.nil?
    fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.get_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_signal_entities(signal_id, opts = {}) ⇒ Object

Get entities related to a signal.

See Also:

• #get_signal_entities_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5299

def get_signal_entities(signal_id, opts = {})
  data, _status_code, _headers = get_signal_entities_with_http_info(signal_id, opts)
  data
end

#get_signal_entities_with_http_info(signal_id, opts = {}) ⇒ Array<(SignalEntitiesResponse, Integer, Hash)>

Get entities related to a signal.

Get the list of entities related to a security signal, captured at the signal's timestamp.

Parameters:

• signal_id (String) —

  The ID of the signal.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :limit (Integer) —

  The maximum number of entities to return.

Returns:

• (Array<(SignalEntitiesResponse, Integer, Hash)>) —

  SignalEntitiesResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5312

def get_signal_entities_with_http_info(signal_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_signal_entities".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_signal_entities")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_signal_entities"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_signal_entities ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.get_signal_entities"
  end
  if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SecurityMonitoringAPI.get_signal_entities, must be smaller than or equal to 1000.'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/entities'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SignalEntitiesResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_signal_entities,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_signal_entities\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_signal_notification_rule(id, opts = {}) ⇒ Object

Get details of a signal-based notification rule.

See Also:

• #get_signal_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5375

def get_signal_notification_rule(id, opts = {})
  data, _status_code, _headers = get_signal_notification_rule_with_http_info(id, opts)
  data
end

#get_signal_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Get details of a signal-based notification rule.

Get the details of a notification rule for security signals.

Parameters:

• id (String) —

  ID of the notification rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5387

def get_signal_notification_rule_with_http_info(id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_signal_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.get_signal_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/signals/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_signal_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_signal_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_signal_notification_rules(opts = {}) ⇒ Object

Get the list of signal-based notification rules.

See Also:

• #get_signal_notification_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5440

def get_signal_notification_rules(opts = {})
  data, _status_code, _headers = get_signal_notification_rules_with_http_info(opts)
  data
end

#get_signal_notification_rules_with_http_info(opts = {}) ⇒ Array<(NotificationRulesListResponse, Integer, Hash)>

Get the list of signal-based notification rules.

Returns the list of notification rules for security signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRulesListResponse, Integer, Hash)>) —

  NotificationRulesListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5451

def get_signal_notification_rules_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_signal_notification_rules ...'
  end
  # resource path
  local_var_path = '/api/v2/security/signals/notification_rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRulesListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_signal_notification_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_signal_notification_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_single_entity_context(id, opts = {}) ⇒ Object

Get a single entity context.

See Also:

• #get_single_entity_context_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5500

def get_single_entity_context(id, opts = {})
  data, _status_code, _headers = get_single_entity_context_with_http_info(id, opts)
  data
end

#get_single_entity_context_with_http_info(id, opts = {}) ⇒ Array<(SingleEntityContextResponse, Integer, Hash)>

Get a single entity context.

Get a single entity from the Cloud SIEM entity context store by its identifier, returning the historical revisions of the entity in the requested time range. The endpoint can either return revisions across an interval (from / to) or the snapshot of the entity at a single point in time (as_of); the two modes are mutually exclusive.

Parameters:

• id (String) —

  The unique identifier of the entity to retrieve.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :from (String) —

  The start of the time range to query, as an RFC3339 timestamp or a relative time (for example, now-7d). Defaults to now-7d. Ignored when as_of is set.

• :to (String) —

  The end of the time range to query, as an RFC3339 timestamp or a relative time (for example, now). Defaults to now. Ignored when as_of is set.

• :as_of (String) —

  A point in time at which to query the entity revisions, as an RFC3339 timestamp, a Unix timestamp (in seconds), or a relative time (for example, now-1d). When set, from and to are ignored. Cannot be combined with custom from / to values.

Returns:

• (Array<(SingleEntityContextResponse, Integer, Hash)>) —

  SingleEntityContextResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5518

def get_single_entity_context_with_http_info(id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_single_entity_context".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_single_entity_context")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_single_entity_context"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_single_entity_context ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.get_single_entity_context"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/entity_context/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'from'] = opts[:'from'] if !opts[:'from'].nil?
  query_params[:'to'] = opts[:'to'] if !opts[:'to'].nil?
  query_params[:'as_of'] = opts[:'as_of'] if !opts[:'as_of'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SingleEntityContextResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_single_entity_context,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_single_entity_context\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_static_analysis_default_rulesets(language, opts = {}) ⇒ Object

Get default rulesets for a language.

See Also:

• #get_static_analysis_default_rulesets_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5580

def get_static_analysis_default_rulesets(language, opts = {})
  data, _status_code, _headers = get_static_analysis_default_rulesets_with_http_info(language, opts)
  data
end

#get_static_analysis_default_rulesets_with_http_info(language, opts = {}) ⇒ Array<(DefaultRulesetsPerLanguageResponse, Integer, Hash)>

Get default rulesets for a language.

Get the default SAST ruleset names for a given programming language.

Parameters:

• language (String) —

  The programming language for which to retrieve the default rulesets.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(DefaultRulesetsPerLanguageResponse, Integer, Hash)>) —

  DefaultRulesetsPerLanguageResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5592

def get_static_analysis_default_rulesets_with_http_info(language, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_static_analysis_default_rulesets".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_static_analysis_default_rulesets")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_static_analysis_default_rulesets"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_static_analysis_default_rulesets ...'
  end
  # verify the required parameter 'language' is set
  if @api_client.config.client_side_validation && language.nil?
    fail ArgumentError, "Missing the required parameter 'language' when calling SecurityMonitoringAPI.get_static_analysis_default_rulesets"
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/default-rulesets/{language}'.sub('{language}', CGI.escape(language.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'DefaultRulesetsPerLanguageResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_static_analysis_default_rulesets,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_static_analysis_default_rulesets\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_static_analysis_node_types(language, opts = {}) ⇒ Object

Get node types for a language.

See Also:

• #get_static_analysis_node_types_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5651

def get_static_analysis_node_types(language, opts = {})
  data, _status_code, _headers = get_static_analysis_node_types_with_http_info(language, opts)
  data
end

#get_static_analysis_node_types_with_http_info(language, opts = {}) ⇒ Array<(NodeTypesResponse, Integer, Hash)>

Get node types for a language.

Retrieve tree-sitter node type definitions for a given programming language.

Parameters:

• language (String) —

  The programming language for which to retrieve node type definitions.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NodeTypesResponse, Integer, Hash)>) —

  NodeTypesResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5663

def get_static_analysis_node_types_with_http_info(language, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_static_analysis_node_types".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_static_analysis_node_types")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_static_analysis_node_types"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_static_analysis_node_types ...'
  end
  # verify the required parameter 'language' is set
  if @api_client.config.client_side_validation && language.nil?
    fail ArgumentError, "Missing the required parameter 'language' when calling SecurityMonitoringAPI.get_static_analysis_node_types"
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/static-analysis-server/node-types/{language}'.sub('{language}', CGI.escape(language.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'NodeTypesResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_static_analysis_node_types,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_static_analysis_node_types\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_static_analysis_ruleset(ruleset_name, opts = {}) ⇒ Object

Get a SAST ruleset.

See Also:

• #get_static_analysis_ruleset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5722

def get_static_analysis_ruleset(ruleset_name, opts = {})
  data, _status_code, _headers = get_static_analysis_ruleset_with_http_info(ruleset_name, opts)
  data
end

#get_static_analysis_ruleset_with_http_info(ruleset_name, opts = {}) ⇒ Array<(SastRulesetResponse, Integer, Hash)>

Get a SAST ruleset.

Get a SAST ruleset by name, including all its rules.

Parameters:

• ruleset_name (String) —

  The name of the ruleset to retrieve.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :include_tests (Boolean) —

  When true, test cases for each rule are included in the response.

• :include_testing_rules (Boolean) —

  When true, rules that are in testing mode are included in the response.

Returns:

• (Array<(SastRulesetResponse, Integer, Hash)>) —

  SastRulesetResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5736

def get_static_analysis_ruleset_with_http_info(ruleset_name, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_static_analysis_ruleset".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_static_analysis_ruleset")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_static_analysis_ruleset"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_static_analysis_ruleset ...'
  end
  # verify the required parameter 'ruleset_name' is set
  if @api_client.config.client_side_validation && ruleset_name.nil?
    fail ArgumentError, "Missing the required parameter 'ruleset_name' when calling SecurityMonitoringAPI.get_static_analysis_ruleset"
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/rulesets/{ruleset_name}'.sub('{ruleset_name}', CGI.escape(ruleset_name.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'include_tests'] = opts[:'include_tests'] if !opts[:'include_tests'].nil?
  query_params[:'include_testing_rules'] = opts[:'include_testing_rules'] if !opts[:'include_testing_rules'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SastRulesetResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_static_analysis_ruleset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_static_analysis_ruleset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_static_analysis_tree_sitter_wasm(file, opts = {}) ⇒ Object

Get tree-sitter WASM file.

See Also:

• #get_static_analysis_tree_sitter_wasm_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5797

def get_static_analysis_tree_sitter_wasm(file, opts = {})
  data, _status_code, _headers = get_static_analysis_tree_sitter_wasm_with_http_info(file, opts)
  data
end

#get_static_analysis_tree_sitter_wasm_with_http_info(file, opts = {}) ⇒ Array<(File, Integer, Hash)>

Get tree-sitter WASM file.

Download the WebAssembly binary for a tree-sitter grammar by file name.

Parameters:

• file (String) —

  The name of the WASM file to download.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(File, Integer, Hash)>) —

  File data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5809

def get_static_analysis_tree_sitter_wasm_with_http_info(file, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_static_analysis_tree_sitter_wasm".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_static_analysis_tree_sitter_wasm")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_static_analysis_tree_sitter_wasm"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_static_analysis_tree_sitter_wasm ...'
  end
  # verify the required parameter 'file' is set
  if @api_client.config.client_side_validation && file.nil?
    fail ArgumentError, "Missing the required parameter 'file' when calling SecurityMonitoringAPI.get_static_analysis_tree_sitter_wasm"
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/static-analysis-server/tree-sitter-wasm/{file}'.sub('{file}', CGI.escape(file.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/octet-stream', 'application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'File'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_static_analysis_tree_sitter_wasm,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_static_analysis_tree_sitter_wasm\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_suggested_actions_matching_signal(signal_id, opts = {}) ⇒ Object

Get suggested actions for a signal.

See Also:

• #get_suggested_actions_matching_signal_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5868

def get_suggested_actions_matching_signal(signal_id, opts = {})
  data, _status_code, _headers = get_suggested_actions_matching_signal_with_http_info(signal_id, opts)
  data
end

#get_suggested_actions_matching_signal_with_http_info(signal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalSuggestedActionsResponse, Integer, Hash)>

Get suggested actions for a signal.

Get the list of suggested actions for a given security signal.

Parameters:

• signal_id (String) —

  The ID of the signal.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalSuggestedActionsResponse, Integer, Hash)>) —

  SecurityMonitoringSignalSuggestedActionsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5880

def get_suggested_actions_matching_signal_with_http_info(signal_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_suggested_actions_matching_signal ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.get_suggested_actions_matching_signal"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/suggested_actions'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalSuggestedActionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_suggested_actions_matching_signal,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_suggested_actions_matching_signal\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_suppression_version_history(suppression_id, opts = {}) ⇒ Object

Get a suppression's version history.

See Also:

• #get_suppression_version_history_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6065

def get_suppression_version_history(suppression_id, opts = {})
  data, _status_code, _headers = get_suppression_version_history_with_http_info(suppression_id, opts)
  data
end

#get_suppression_version_history_with_http_info(suppression_id, opts = {}) ⇒ Array<(GetSuppressionVersionHistoryResponse, Integer, Hash)>

Get a suppression's version history.

Get a suppression's version history.

Parameters:

• suppression_id (String) —

  The ID of the suppression rule

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

Returns:

• (Array<(GetSuppressionVersionHistoryResponse, Integer, Hash)>) —

  GetSuppressionVersionHistoryResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6079

def get_suppression_version_history_with_http_info(suppression_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_suppression_version_history ...'
  end
  # verify the required parameter 'suppression_id' is set
  if @api_client.config.client_side_validation && suppression_id.nil?
    fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.get_suppression_version_history"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}/version_history'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetSuppressionVersionHistoryResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_suppression_version_history,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_suppression_version_history\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_suppressions_affecting_future_rule(body, opts = {}) ⇒ Object

Get suppressions affecting future rule.

See Also:

• #get_suppressions_affecting_future_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5933

def get_suppressions_affecting_future_rule(body, opts = {})
  data, _status_code, _headers = get_suppressions_affecting_future_rule_with_http_info(body, opts)
  data
end

#get_suppressions_affecting_future_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>

Get suppressions affecting future rule.

Get the list of suppressions that would affect a rule.

Parameters:

• body (SecurityMonitoringRuleCreatePayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5945

def get_suppressions_affecting_future_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_suppressions_affecting_future_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.get_suppressions_affecting_future_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_suppressions_affecting_future_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_suppressions_affecting_future_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_suppressions_affecting_rule(rule_id, opts = {}) ⇒ Object

Get suppressions affecting a specific rule.

See Also:

• #get_suppressions_affecting_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6000

def get_suppressions_affecting_rule(rule_id, opts = {})
  data, _status_code, _headers = get_suppressions_affecting_rule_with_http_info(rule_id, opts)
  data
end

#get_suppressions_affecting_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>

Get suppressions affecting a specific rule.

Get the list of suppressions that affect a specific existing rule by its ID.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6012

def get_suppressions_affecting_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_suppressions_affecting_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.get_suppressions_affecting_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_suppressions_affecting_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_suppressions_affecting_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_vulnerability_notification_rule(id, opts = {}) ⇒ Object

Get details of a vulnerability notification rule.

See Also:

• #get_vulnerability_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6134

def get_vulnerability_notification_rule(id, opts = {})
  data, _status_code, _headers = get_vulnerability_notification_rule_with_http_info(id, opts)
  data
end

#get_vulnerability_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Get details of a vulnerability notification rule.

Get the details of a notification rule for security vulnerabilities.

Parameters:

• id (String) —

  ID of the notification rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6146

def get_vulnerability_notification_rule_with_http_info(id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_vulnerability_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.get_vulnerability_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_vulnerability_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_vulnerability_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_vulnerability_notification_rules(opts = {}) ⇒ Object

Get the list of vulnerability notification rules.

See Also:

• #get_vulnerability_notification_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6199

def get_vulnerability_notification_rules(opts = {})
  data, _status_code, _headers = get_vulnerability_notification_rules_with_http_info(opts)
  data
end

#get_vulnerability_notification_rules_with_http_info(opts = {}) ⇒ Array<(NotificationRulesListResponse, Integer, Hash)>

Get the list of vulnerability notification rules.

Returns the list of notification rules for security vulnerabilities.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRulesListResponse, Integer, Hash)>) —

  NotificationRulesListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6210

def get_vulnerability_notification_rules_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_vulnerability_notification_rules ...'
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities/notification_rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRulesListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_vulnerability_notification_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_vulnerability_notification_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_assets_sbo_ms(opts = {}) ⇒ Object

List assets SBOMs.

See Also:

• #list_assets_sbo_ms_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6259

def list_assets_sbo_ms(opts = {})
  data, _status_code, _headers = list_assets_sbo_ms_with_http_info(opts)
  data
end

#list_assets_sbo_ms_with_http_info(opts = {}) ⇒ Array<(ListAssetsSBOMsResponse, Integer, Hash)>

List assets SBOMs.

Get a list of assets SBOMs for an organization.

Pagination

Please review the Pagination section for the "List Vulnerabilities" endpoint.

Filtering

Please review the Filtering section for the "List Vulnerabilities" endpoint.

Metadata

Please review the Metadata section for the "List Vulnerabilities" endpoint.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_token (String) —

  Its value must come from the links section of the response of the first request. Do not manually edit it.

• :page_number (Integer) —

  The page number to be retrieved. It should be equal to or greater than 1.

• :filter_asset_type (AssetType) —

  The type of the assets for the SBOM request.

• :filter_asset_name (String) —

  The name of the asset for the SBOM request.

• :filter_package_name (String) —

  The name of the component that is a dependency of an asset.

• :filter_package_version (String) —

  The version of the component that is a dependency of an asset.

• :filter_license_name (String) —

  The software license name of the component that is a dependency of an asset.

• :filter_license_type (SBOMComponentLicenseType) —

  The software license type of the component that is a dependency of an asset.

Returns:

• (Array<(ListAssetsSBOMsResponse, Integer, Hash)>) —

  ListAssetsSBOMsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6290

def list_assets_sbo_ms_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_assets_sbo_ms ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_number'].nil? && opts[:'page_number'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_number"]" when calling SecurityMonitoringAPI.list_assets_sbo_ms, must be greater than or equal to 1.'
  end
  allowable_values = ['Repository', 'Service', 'Host', 'HostImage', 'Image']
  if @api_client.config.client_side_validation && opts[:'filter_asset_type'] && !allowable_values.include?(opts[:'filter_asset_type'])
    fail ArgumentError, "invalid value for \"filter_asset_type\", must be one of #{allowable_values}"
  end
  allowable_values = ['network_strong_copyleft', 'non_standard_copyleft', 'other_non_free', 'other_non_standard', 'permissive', 'public_domain', 'strong_copyleft', 'weak_copyleft']
  if @api_client.config.client_side_validation && opts[:'filter_license_type'] && !allowable_values.include?(opts[:'filter_license_type'])
    fail ArgumentError, "invalid value for \"filter_license_type\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/sboms'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[token]'] = opts[:'page_token'] if !opts[:'page_token'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'filter[asset_type]'] = opts[:'filter_asset_type'] if !opts[:'filter_asset_type'].nil?
  query_params[:'filter[asset_name]'] = opts[:'filter_asset_name'] if !opts[:'filter_asset_name'].nil?
  query_params[:'filter[package_name]'] = opts[:'filter_package_name'] if !opts[:'filter_package_name'].nil?
  query_params[:'filter[package_version]'] = opts[:'filter_package_version'] if !opts[:'filter_package_version'].nil?
  query_params[:'filter[license_name]'] = opts[:'filter_license_name'] if !opts[:'filter_license_name'].nil?
  query_params[:'filter[license_type]'] = opts[:'filter_license_type'] if !opts[:'filter_license_type'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListAssetsSBOMsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :list_assets_sbo_ms,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_assets_sbo_ms\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_findings(opts = {}) ⇒ Object

List findings.

See Also:

• #list_findings_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6358

def list_findings(opts = {})
  data, _status_code, _headers = list_findings_with_http_info(opts)
  data
end

#list_findings_with_http_info(opts = {}) ⇒ Array<(ListFindingsResponse, Integer, Hash)>

List findings.

Get a list of findings. These include both misconfigurations and identity risks.

Note: To filter and return only identity risks, add the following query parameter: ?filter[tags]=dd_rule_type:ciem

Filtering

Filters can be applied by appending query parameters to the URL.

• Using a single filter: ?filter[attribute_key]=attribute_value
• Chaining filters: ?filter[attribute_key]=attribute_value&filter[attribute_key]=attribute_value...
• Filtering on tags: ?filter[tags]=tag_key:tag_value&filter[tags]=tag_key_2:tag_value_2

Here, attribute_key can be any of the filter keys described further below.

Query parameters of type integer support comparison operators (>, >=, <, <=). This is particularly useful when filtering by evaluation_changed_at or resource_discovery_timestamp. For example: ?filter[evaluation_changed_at]=>20123123121.

You can also use the negation operator on strings. For example, use filter[resource_type]=-aws* to filter for any non-AWS resources.

The operator must come after the equal sign. For example, to filter with the >= operator, add the operator after the equal sign: filter[evaluation_changed_at]=>=1678809373257.

Query parameters must be only among the documented ones and with values of correct types. Duplicated query parameters (e.g. filter[status]=low&filter[status]=info) are not allowed.

Additional extension fields

Additional extension fields are available for some findings.

The data is available when you include the query parameter ?detailed_findings=true in the request.

The following fields are available for findings:

• external_id: The resource external ID related to the finding.
• description: The description and remediation steps for the finding.
• datadog_link: The Datadog relative link for the finding.
• ip_addresses: The list of private IP addresses for the resource related to the finding.

Response

The response includes an array of finding objects, pagination metadata, and a count of items that match the query.

Each finding object contains the following:

• The finding ID that can be used in a GetFinding request to retrieve the full finding details.
• Core attributes, including status, evaluation, high-level resource details, muted state, and rule details.
• evaluation_changed_at and resource_discovery_date time stamps.
• An array of associated tags.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_limit (Integer) —

  Limit the number of findings returned. Must be <= 1000.

• :snapshot_timestamp (Integer) —

  Return findings for a given snapshot of time (Unix ms).

• :page_cursor (String) —

  Return the next page of findings pointed to by the cursor.

• :filter_tags (String) —

  Return findings that have these associated tags (repeatable).

• :filter_evaluation_changed_at (String) —

  Return findings that have changed from pass to fail or vice versa on a specified date (Unix ms) or date range (using comparison operators).

• :filter_muted (Boolean) —

  Set to true to return findings that are muted. Set to false to return unmuted findings.

• :filter_rule_id (String) —

  Return findings for the specified rule ID.

• :filter_rule_name (String) —

  Return findings for the specified rule.

• :filter_resource_type (String) —

  Return only findings for the specified resource type.

• :filter_resource_id (String) —

  Return only findings for the specified resource id.

• :filter_discovery_timestamp (String) —

  Return findings that were found on a specified date (Unix ms) or date range (using comparison operators).

• :filter_evaluation (FindingEvaluation) —

  Return only pass or fail findings.

• :filter_status (FindingStatus) —

  Return only findings with the specified status.

• :filter_vulnerability_type (Array<FindingVulnerabilityType>) —

  Return findings that match the selected vulnerability types (repeatable).

• :detailed_findings (Boolean) —

  Return additional fields for some findings.

Returns:

• (Array<(ListFindingsResponse, Integer, Hash)>) —

  ListFindingsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6427

def list_findings_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_findings".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_findings")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_findings"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_findings ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_findings, must be smaller than or equal to 1000.'
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_findings, must be greater than or equal to 1.'
  end
  if @api_client.config.client_side_validation && !opts[:'snapshot_timestamp'].nil? && opts[:'snapshot_timestamp'] < 1
    fail ArgumentError, 'invalid value for "opts[:"snapshot_timestamp"]" when calling SecurityMonitoringAPI.list_findings, must be greater than or equal to 1.'
  end
  allowable_values = ['pass', 'fail']
  if @api_client.config.client_side_validation && opts[:'filter_evaluation'] && !allowable_values.include?(opts[:'filter_evaluation'])
    fail ArgumentError, "invalid value for \"filter_evaluation\", must be one of #{allowable_values}"
  end
  allowable_values = ['critical', 'high', 'medium', 'low', 'info']
  if @api_client.config.client_side_validation && opts[:'filter_status'] && !allowable_values.include?(opts[:'filter_status'])
    fail ArgumentError, "invalid value for \"filter_status\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/posture_management/findings'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?
  query_params[:'snapshot_timestamp'] = opts[:'snapshot_timestamp'] if !opts[:'snapshot_timestamp'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'filter[tags]'] = opts[:'filter_tags'] if !opts[:'filter_tags'].nil?
  query_params[:'filter[evaluation_changed_at]'] = opts[:'filter_evaluation_changed_at'] if !opts[:'filter_evaluation_changed_at'].nil?
  query_params[:'filter[muted]'] = opts[:'filter_muted'] if !opts[:'filter_muted'].nil?
  query_params[:'filter[rule_id]'] = opts[:'filter_rule_id'] if !opts[:'filter_rule_id'].nil?
  query_params[:'filter[rule_name]'] = opts[:'filter_rule_name'] if !opts[:'filter_rule_name'].nil?
  query_params[:'filter[resource_type]'] = opts[:'filter_resource_type'] if !opts[:'filter_resource_type'].nil?
  query_params[:'filter[@resource_id]'] = opts[:'filter_resource_id'] if !opts[:'filter_resource_id'].nil?
  query_params[:'filter[discovery_timestamp]'] = opts[:'filter_discovery_timestamp'] if !opts[:'filter_discovery_timestamp'].nil?
  query_params[:'filter[evaluation]'] = opts[:'filter_evaluation'] if !opts[:'filter_evaluation'].nil?
  query_params[:'filter[status]'] = opts[:'filter_status'] if !opts[:'filter_status'].nil?
  query_params[:'filter[vulnerability_type]'] = @api_client.build_collection_param(opts[:'filter_vulnerability_type'], :multi) if !opts[:'filter_vulnerability_type'].nil?
  query_params[:'detailed_findings'] = opts[:'detailed_findings'] if !opts[:'detailed_findings'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListFindingsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_findings,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )
  new_options[:query_string_normalizer] = HTTParty::Request::NON_RAILS_QUERY_STRING_NORMALIZER

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_findings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_findings_with_pagination(opts = {}) {|Finding| ... } ⇒ Object

List findings.

Provide a paginated version of #list_findings, returning all items.

To use it you need to use a block: list_findings_with_pagination { |item| p item }

Yields:

• (Finding) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6519

def list_findings_with_pagination(opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(opts, "page_limit", 100)
    @api_client.set_attribute_from_path(api_version, opts, "page_limit", Integer, page_size)
    while true do
        response = list_findings(opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length == 0
          break
        end
        @api_client.set_attribute_from_path(api_version, opts, "page_cursor", String, @api_client.get_attribute_from_path(response, "meta.page.cursor"))
    end
end

#list_historical_jobs(opts = {}) ⇒ Object

List historical jobs.

See Also:

• #list_historical_jobs_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6536

def list_historical_jobs(opts = {})
  data, _status_code, _headers = list_historical_jobs_with_http_info(opts)
  data
end

#list_historical_jobs_with_http_info(opts = {}) ⇒ Array<(ListHistoricalJobsResponse, Integer, Hash)>

List historical jobs.

List historical jobs.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

• :sort (String) —

  The order of the jobs in results.

• :filter_query (String) —

  Query used to filter items from the fetched list.

Returns:

• (Array<(ListHistoricalJobsResponse, Integer, Hash)>) —

  ListHistoricalJobsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6551

def list_historical_jobs_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_historical_jobs".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_historical_jobs")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_historical_jobs"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_historical_jobs ...'
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/jobs'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListHistoricalJobsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_historical_jobs,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_historical_jobs\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_indicators_of_compromise(opts = {}) ⇒ Object

List indicators of compromise.

See Also:

• #list_indicators_of_compromise_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6610

def list_indicators_of_compromise(opts = {})
  data, _status_code, _headers = list_indicators_of_compromise_with_http_info(opts)
  data
end

#list_indicators_of_compromise_with_http_info(opts = {}) ⇒ Array<(IoCExplorerListResponse, Integer, Hash)>

List indicators of compromise.

Get a list of indicators of compromise (IoCs) matching the specified filters.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :limit (Integer) —

  Number of results per page.

• :offset (Integer) —

  Pagination offset.

• :query (String) —

  Search/filter query (supports field:value syntax).

• :sort_column (String) —

  Sort column: score, first_seen_ts_epoch, last_seen_ts_epoch, indicator, indicator_type, signal_count, log_count, category, as_type.

• :sort_order (String) —

  Sort order: asc or desc.

Returns:

• (Array<(IoCExplorerListResponse, Integer, Hash)>) —

  IoCExplorerListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6626

def list_indicators_of_compromise_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_indicators_of_compromise".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_indicators_of_compromise")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_indicators_of_compromise"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_indicators_of_compromise ...'
  end
  if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 2147483647
    fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SecurityMonitoringAPI.list_indicators_of_compromise, must be smaller than or equal to 2147483647.'
  end
  if @api_client.config.client_side_validation && !opts[:'offset'].nil? && opts[:'offset'] > 2147483647
    fail ArgumentError, 'invalid value for "opts[:"offset"]" when calling SecurityMonitoringAPI.list_indicators_of_compromise, must be smaller than or equal to 2147483647.'
  end
  # resource path
  local_var_path = '/api/v2/security/siem/ioc-explorer'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
  query_params[:'offset'] = opts[:'offset'] if !opts[:'offset'].nil?
  query_params[:'query'] = opts[:'query'] if !opts[:'query'].nil?
  query_params[:'sort[column]'] = opts[:'sort_column'] if !opts[:'sort_column'].nil?
  query_params[:'sort[order]'] = opts[:'sort_order'] if !opts[:'sort_order'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'IoCExplorerListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_indicators_of_compromise,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_indicators_of_compromise\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_multiple_rulesets(body, opts = {}) ⇒ Object

Ruleset get multiple.

See Also:

• #list_multiple_rulesets_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6692

def list_multiple_rulesets(body, opts = {})
  data, _status_code, _headers = list_multiple_rulesets_with_http_info(body, opts)
  data
end

#list_multiple_rulesets_with_http_info(body, opts = {}) ⇒ Array<(GetMultipleRulesetsResponse, Integer, Hash)>

Ruleset get multiple.

Get rules for multiple rulesets in batch.

Parameters:

• body (GetMultipleRulesetsRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(GetMultipleRulesetsResponse, Integer, Hash)>) —

  GetMultipleRulesetsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6704

def list_multiple_rulesets_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_multiple_rulesets".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_multiple_rulesets")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_multiple_rulesets"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_multiple_rulesets ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.list_multiple_rulesets"
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/rulesets'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'GetMultipleRulesetsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_multiple_rulesets,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_multiple_rulesets\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_sample_log_generation_subscriptions(opts = {}) ⇒ Object

Get sample log generation subscriptions.

See Also:

• #list_sample_log_generation_subscriptions_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6765

def list_sample_log_generation_subscriptions(opts = {})
  data, _status_code, _headers = list_sample_log_generation_subscriptions_with_http_info(opts)
  data
end

#list_sample_log_generation_subscriptions_with_http_info(opts = {}) ⇒ Array<(SampleLogGenerationSubscriptionsResponse, Integer, Hash)>

Get sample log generation subscriptions.

Get the sample log generation subscriptions for the organization. Sample log generation injects representative example logs for a given Cloud SIEM content pack into the Logs platform, which can be used to test detection rules without onboarding the underlying integration first.

Availability: this endpoint is restricted to Cloud SIEM trial organizations on an eligible pricing model. Other organizations receive a 403 Forbidden (non-trial orgs) or a 400 Bad Request (feature disabled), and legacy pricing tiers receive a response with status: not_available.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :status (SampleLogGenerationSubscriptionsStatusFilter) —

  Filter the subscriptions by status. Use active to return only currently active subscriptions, or all to return every subscription including expired ones. Ignored when start_timestamp is provided. Defaults to active.

• :start_timestamp (Time) —

  The start of the time range, as an RFC3339 timestamp. When provided, the response includes every subscription that was active at any point in [start_timestamp, end_timestamp], and the status filter is ignored.

• :end_timestamp (Time) —

  The end of the time range, as an RFC3339 timestamp. Ignored unless start_timestamp is set. Defaults to the current time when start_timestamp is provided.

Returns:

• (Array<(SampleLogGenerationSubscriptionsResponse, Integer, Hash)>) —

  SampleLogGenerationSubscriptionsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6785

def list_sample_log_generation_subscriptions_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_sample_log_generation_subscriptions".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_sample_log_generation_subscriptions")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_sample_log_generation_subscriptions"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_sample_log_generation_subscriptions ...'
  end
  allowable_values = ['active', 'all']
  if @api_client.config.client_side_validation && opts[:'status'] && !allowable_values.include?(opts[:'status'])
    fail ArgumentError, "invalid value for \"status\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/sample_log_generation/subscriptions'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'status'] = opts[:'status'] if !opts[:'status'].nil?
  query_params[:'start_timestamp'] = opts[:'start_timestamp'] if !opts[:'start_timestamp'].nil?
  query_params[:'end_timestamp'] = opts[:'end_timestamp'] if !opts[:'end_timestamp'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SampleLogGenerationSubscriptionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_sample_log_generation_subscriptions,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_sample_log_generation_subscriptions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_scanned_assets_metadata(opts = {}) ⇒ Object

List scanned assets metadata.

See Also:

• #list_scanned_assets_metadata_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6847

def list_scanned_assets_metadata(opts = {})
  data, _status_code, _headers = list_scanned_assets_metadata_with_http_info(opts)
  data
end

#list_scanned_assets_metadata_with_http_info(opts = {}) ⇒ Array<(ScannedAssetsMetadata, Integer, Hash)>

List scanned assets metadata.

Get a list of security scanned assets metadata for an organization.

Pagination

For the "List Vulnerabilities" endpoint, see the Pagination section.

Filtering

For the "List Vulnerabilities" endpoint, see the Filtering section.

Metadata

For the "List Vulnerabilities" endpoint, see the Metadata section.

Related endpoints

This endpoint returns additional metadata for cloud resources that is not available from the standard resource endpoints. To access a richer dataset, call this endpoint together with the relevant resource endpoint(s) and merge (join) their results using the resource identifier.

Hosts

To enrich host data, join the response from the Hosts endpoint with the response from the scanned-assets-metadata endpoint on the following key fields:

ENDPOINT	JOIN KEY	TYPE
/api/v1/hosts	host_list.host_name	string
/api/v2/security/scanned-assets-metadata	data.attributes.asset.name	string

Host Images

To enrich host image data, join the response from the Hosts endpoint with the response from the scanned-assets-metadata endpoint on the following key fields:

ENDPOINT	JOIN KEY	TYPE
/api/v1/hosts	host_list.tags_by_source["Amazon Web Services"]["image"]	string
/api/v2/security/scanned-assets-metadata	data.attributes.asset.name	string

Container Images

To enrich container image data, join the response from the Container Images endpoint with the response from the scanned-assets-metadata endpoint on the following key fields:

ENDPOINT	JOIN KEY	TYPE
/api/v2/container_images	data.attributes.name@data.attributes.repo_digest	string
/api/v2/security/scanned-assets-metadata	data.attributes.asset.name	string

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_token (String) —

  Its value must come from the links section of the response of the first request. Do not manually edit it.

• :page_number (Integer) —

  The page number to be retrieved. It should be equal to or greater than 1.

• :filter_asset_type (CloudAssetType) —

  The type of the scanned asset.

• :filter_asset_name (String) —

  The name of the scanned asset.

• :filter_last_success_origin (String) —

  The origin of last success scan.

• :filter_last_success_env (String) —

  The environment of last success scan.

Returns:

• (Array<(ScannedAssetsMetadata, Integer, Hash)>) —

  ScannedAssetsMetadata data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6907

def list_scanned_assets_metadata_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_scanned_assets_metadata".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_scanned_assets_metadata")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_scanned_assets_metadata"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_scanned_assets_metadata ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_number'].nil? && opts[:'page_number'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_number"]" when calling SecurityMonitoringAPI.list_scanned_assets_metadata, must be greater than or equal to 1.'
  end
  allowable_values = ['Host', 'HostImage', 'Image']
  if @api_client.config.client_side_validation && opts[:'filter_asset_type'] && !allowable_values.include?(opts[:'filter_asset_type'])
    fail ArgumentError, "invalid value for \"filter_asset_type\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/scanned-assets-metadata'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[token]'] = opts[:'page_token'] if !opts[:'page_token'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'filter[asset.type]'] = opts[:'filter_asset_type'] if !opts[:'filter_asset_type'].nil?
  query_params[:'filter[asset.name]'] = opts[:'filter_asset_name'] if !opts[:'filter_asset_name'].nil?
  query_params[:'filter[last_success.origin]'] = opts[:'filter_last_success_origin'] if !opts[:'filter_last_success_origin'].nil?
  query_params[:'filter[last_success.env]'] = opts[:'filter_last_success_env'] if !opts[:'filter_last_success_env'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ScannedAssetsMetadata'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :list_scanned_assets_metadata,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_scanned_assets_metadata\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_filter_versions(opts = {}) ⇒ Object

Get the version history of security filters.

See Also:

• #list_security_filter_versions_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7035

def list_security_filter_versions(opts = {})
  data, _status_code, _headers = list_security_filter_versions_with_http_info(opts)
  data
end

#list_security_filter_versions_with_http_info(opts = {}) ⇒ Array<(SecurityFilterVersionsResponse, Integer, Hash)>

Get the version history of security filters.

Get the configured security filters at each historical version of the configuration. Each entry in the response represents the set of all security filters at a given version, ordered from the most recent version to the oldest.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFilterVersionsResponse, Integer, Hash)>) —

  SecurityFilterVersionsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7048

def list_security_filter_versions_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_filter_versions ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters/versions'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFilterVersionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_filter_versions,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_filter_versions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_filters(opts = {}) ⇒ Object

Get all security filters.

See Also:

• #list_security_filters_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6975

def list_security_filters(opts = {})
  data, _status_code, _headers = list_security_filters_with_http_info(opts)
  data
end

#list_security_filters_with_http_info(opts = {}) ⇒ Array<(SecurityFiltersResponse, Integer, Hash)>

Get all security filters.

Get the list of configured security filters with their definitions.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFiltersResponse, Integer, Hash)>) —

  SecurityFiltersResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6986

def list_security_filters_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_filters ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFiltersResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_filters,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_filters\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_findings(opts = {}) ⇒ Object

List security findings.

See Also:

• #list_security_findings_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7097

def list_security_findings(opts = {})
  data, _status_code, _headers = list_security_findings_with_http_info(opts)
  data
end

#list_security_findings_with_http_info(opts = {}) ⇒ Array<(ListSecurityFindingsResponse, Integer, Hash)>

List security findings.

Get a list of security findings that match a search query. See the schema for security findings.

Query Syntax

This endpoint uses the logs query syntax. Findings attributes (living in the attributes.attributes. namespace) are prefixed by @ when queried. Tags are queried without a prefix.

Example: @severity:(critical OR high) @status:open team:platform

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_query (String) —

  The search query following log search syntax.

• :page_cursor (String) —

  Get the next page of results with a cursor provided in the previous query.

• :page_limit (Integer) —

  The maximum number of findings in the response.

• :sort (SecurityFindingsSort) —

  Sorts by @detection_changed_at.

Returns:

• (Array<(ListSecurityFindingsResponse, Integer, Hash)>) —

  ListSecurityFindingsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7118

def list_security_findings_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_findings ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 150
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_security_findings, must be smaller than or equal to 150.'
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_security_findings, must be greater than or equal to 1.'
  end
  allowable_values = ['@detection_changed_at', '-@detection_changed_at']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/findings'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListSecurityFindingsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_findings,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_findings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_findings_with_pagination(opts = {}) {|SecurityFindingsData| ... } ⇒ Object

List security findings.

Provide a paginated version of #list_security_findings, returning all items.

To use it you need to use a block: list_security_findings_with_pagination { |item| p item }

Yields:

• (SecurityFindingsData) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7185

def list_security_findings_with_pagination(opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(opts, "page_limit", 10)
    @api_client.set_attribute_from_path(api_version, opts, "page_limit", Integer, page_size)
    while true do
        response = list_security_findings(opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length == 0
          break
        end
        @api_client.set_attribute_from_path(api_version, opts, "page_cursor", String, @api_client.get_attribute_from_path(response, "meta.page.after"))
    end
end

#list_security_monitoring_critical_assets(opts = {}) ⇒ Object

Get all critical assets.

See Also:

• #list_security_monitoring_critical_assets_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7202

def list_security_monitoring_critical_assets(opts = {})
  data, _status_code, _headers = list_security_monitoring_critical_assets_with_http_info(opts)
  data
end

#list_security_monitoring_critical_assets_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>

Get all critical assets.

Get the list of all critical assets.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>) —

  SecurityMonitoringCriticalAssetsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7213

def list_security_monitoring_critical_assets_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_critical_assets ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_critical_assets,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_critical_assets\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_datasets(opts = {}) ⇒ Object

List datasets.

See Also:

• #list_security_monitoring_datasets_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7262

def list_security_monitoring_datasets(opts = {})
  data, _status_code, _headers = list_security_monitoring_datasets_with_http_info(opts)
  data
end

#list_security_monitoring_datasets_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringDatasetsListResponse, Integer, Hash)>

List datasets.

List all Cloud SIEM datasets available to the organization, including both customer-defined datasets and Datadog out-of-the-box datasets.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

• :sort (String) —

  Attribute used to sort datasets. Prefix with - to sort in descending order.

• :filter_query (String) —

  A search query to filter datasets by name or description.

Returns:

• (Array<(SecurityMonitoringDatasetsListResponse, Integer, Hash)>) —

  SecurityMonitoringDatasetsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7278

def list_security_monitoring_datasets_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_security_monitoring_datasets".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_security_monitoring_datasets")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_security_monitoring_datasets"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_datasets ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/datasets'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringDatasetsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_datasets,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_datasets\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_histsignals(opts = {}) ⇒ Object

List hist signals.

See Also:

• #list_security_monitoring_histsignals_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7337

def list_security_monitoring_histsignals(opts = {})
  data, _status_code, _headers = list_security_monitoring_histsignals_with_http_info(opts)
  data
end

#list_security_monitoring_histsignals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

List hist signals.

List hist signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_query (String) —

  The search query for security signals.

• :filter_from (Time) —

  The minimum timestamp for requested security signals.

• :filter_to (Time) —

  The maximum timestamp for requested security signals.

• :sort (SecurityMonitoringSignalsSort) —

  The order of the security signals in results.

• :page_cursor (String) —

  A list of results using the cursor provided in the previous query.

• :page_limit (Integer) —

  The maximum number of security signals in the response.

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7354

def list_security_monitoring_histsignals_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_security_monitoring_histsignals".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_security_monitoring_histsignals")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_security_monitoring_histsignals"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_histsignals ...'
  end
  allowable_values = ['timestamp', '-timestamp']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_security_monitoring_histsignals, must be smaller than or equal to 1000.'
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/histsignals'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?
  query_params[:'filter[from]'] = opts[:'filter_from'] if !opts[:'filter_from'].nil?
  query_params[:'filter[to]'] = opts[:'filter_to'] if !opts[:'filter_to'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_histsignals,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_histsignals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_integration_configs(opts = {}) ⇒ Object

List entity context sync configurations.

See Also:

• #list_security_monitoring_integration_configs_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7422

def list_security_monitoring_integration_configs(opts = {})
  data, _status_code, _headers = list_security_monitoring_integration_configs_with_http_info(opts)
  data
end

#list_security_monitoring_integration_configs_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringIntegrationConfigsResponse, Integer, Hash)>

List entity context sync configurations.

List the entity context sync configurations for Cloud SIEM. Each configuration connects Cloud SIEM to an external source that provides entities (for example, users from an identity provider) for use in signals and the entity explorer.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_integration_type (SecurityMonitoringIntegrationType) —

  Filter the entity context sync configurations by source type.

Returns:

• (Array<(SecurityMonitoringIntegrationConfigsResponse, Integer, Hash)>) —

  SecurityMonitoringIntegrationConfigsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7436

def list_security_monitoring_integration_configs_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_security_monitoring_integration_configs".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_security_monitoring_integration_configs")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_security_monitoring_integration_configs"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_integration_configs ...'
  end
  allowable_values = ['GOOGLE_WORKSPACE', 'OKTA', 'ENTRA_ID']
  if @api_client.config.client_side_validation && opts[:'filter_integration_type'] && !allowable_values.include?(opts[:'filter_integration_type'])
    fail ArgumentError, "invalid value for \"filter_integration_type\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/integration_config'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[integration_type]'] = opts[:'filter_integration_type'] if !opts[:'filter_integration_type'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringIntegrationConfigsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_integration_configs,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_integration_configs\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_rules(opts = {}) ⇒ Object

List rules.

See Also:

• #list_security_monitoring_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7496

def list_security_monitoring_rules(opts = {})
  data, _status_code, _headers = list_security_monitoring_rules_with_http_info(opts)
  data
end

#list_security_monitoring_rules_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringListRulesResponse, Integer, Hash)>

List rules.

List rules.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

• :query (String) —

  A search query to filter security rules. You can filter by attributes such as type, source, tags.

• :sort (SecurityMonitoringRuleSort) —

  Attribute used to sort rules. Prefix with - to sort in descending order.

Returns:

• (Array<(SecurityMonitoringListRulesResponse, Integer, Hash)>) —

  SecurityMonitoringListRulesResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7511

def list_security_monitoring_rules_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_rules ...'
  end
  allowable_values = ['name', 'creation_date', 'update_date', 'enabled', 'type', 'highest_severity', 'source', '-name', '-creation_date', '-update_date', '-enabled', '-type', '-highest_severity', '-source']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'query'] = opts[:'query'] if !opts[:'query'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringListRulesResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_signals(opts = {}) ⇒ Object

Get a quick list of security signals.

See Also:

• #list_security_monitoring_signals_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7568

def list_security_monitoring_signals(opts = {})
  data, _status_code, _headers = list_security_monitoring_signals_with_http_info(opts)
  data
end

#list_security_monitoring_signals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

Get a quick list of security signals.

The list endpoint returns security signals that match a search query. Both this endpoint and the POST endpoint can be used interchangeably when listing security signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_query (String) —

  The search query for security signals.

• :filter_from (Time) —

  The minimum timestamp for requested security signals.

• :filter_to (Time) —

  The maximum timestamp for requested security signals.

• :sort (SecurityMonitoringSignalsSort) —

  The order of the security signals in results.

• :page_cursor (String) —

  A list of results using the cursor provided in the previous query.

• :page_limit (Integer) —

  The maximum number of security signals in the response.

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7587

def list_security_monitoring_signals_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_signals ...'
  end
  allowable_values = ['timestamp', '-timestamp']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_security_monitoring_signals, must be smaller than or equal to 1000.'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?
  query_params[:'filter[from]'] = opts[:'filter_from'] if !opts[:'filter_from'].nil?
  query_params[:'filter[to]'] = opts[:'filter_to'] if !opts[:'filter_to'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_signals,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_signals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_signals_with_pagination(opts = {}) {|SecurityMonitoringSignal| ... } ⇒ Object

Get a quick list of security signals.

Provide a paginated version of #list_security_monitoring_signals, returning all items.

To use it you need to use a block: list_security_monitoring_signals_with_pagination { |item| p item }

Yields:

• (SecurityMonitoringSignal) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7653

def list_security_monitoring_signals_with_pagination(opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(opts, "page_limit", 10)
    @api_client.set_attribute_from_path(api_version, opts, "page_limit", Integer, page_size)
    while true do
        response = list_security_monitoring_signals(opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length == 0
          break
        end
        @api_client.set_attribute_from_path(api_version, opts, "page_cursor", String, @api_client.get_attribute_from_path(response, "meta.page.after"))
    end
end

#list_security_monitoring_suppressions(opts = {}) ⇒ Object

Get all suppression rules.

See Also:

• #list_security_monitoring_suppressions_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7670

def list_security_monitoring_suppressions(opts = {})
  data, _status_code, _headers = list_security_monitoring_suppressions_with_http_info(opts)
  data
end

#list_security_monitoring_suppressions_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringPaginatedSuppressionsResponse, Integer, Hash)>

Get all suppression rules.

Get the list of all suppression rules.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :query (String) —

  Query string.

• :sort (SecurityMonitoringSuppressionSort) —

  Attribute used to sort the list of suppression rules. Prefix with - to sort in descending order.

• :page_size (Integer) —

  Size for a given page. Use -1 to return all items.

• :page_number (Integer) —

  Specific page number to return.

Returns:

• (Array<(SecurityMonitoringPaginatedSuppressionsResponse, Integer, Hash)>) —

  SecurityMonitoringPaginatedSuppressionsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7685

def list_security_monitoring_suppressions_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_suppressions ...'
  end
  allowable_values = ['name', 'start_date', 'expiration_date', 'update_date', 'enabled', '-name', '-start_date', '-expiration_date', '-update_date', '-creation_date', '-enabled']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'query'] = opts[:'query'] if !opts[:'query'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringPaginatedSuppressionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_suppressions,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_suppressions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_static_analysis_codegen_rulesets(opts = {}) ⇒ Object

List codegen rulesets.

See Also:

• #list_static_analysis_codegen_rulesets_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7742

def list_static_analysis_codegen_rulesets(opts = {})
  data, _status_code, _headers = list_static_analysis_codegen_rulesets_with_http_info(opts)
  data
end

#list_static_analysis_codegen_rulesets_with_http_info(opts = {}) ⇒ Array<(SastRulesetsResponse, Integer, Hash)>

List codegen rulesets.

Get the rulesets relevant for code generation for the authenticated user.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SastRulesetsResponse, Integer, Hash)>) —

  SastRulesetsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7753

def list_static_analysis_codegen_rulesets_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_static_analysis_codegen_rulesets".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_static_analysis_codegen_rulesets")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_static_analysis_codegen_rulesets"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_static_analysis_codegen_rulesets ...'
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/codegen/rulesets'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SastRulesetsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_static_analysis_codegen_rulesets,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_static_analysis_codegen_rulesets\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_vulnerabilities(opts = {}) ⇒ Object

List vulnerabilities.

See Also:

• #list_vulnerabilities_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7808

def list_vulnerabilities(opts = {})
  data, _status_code, _headers = list_vulnerabilities_with_http_info(opts)
  data
end

#list_vulnerabilities_with_http_info(opts = {}) ⇒ Array<(ListVulnerabilitiesResponse, Integer, Hash)>

Deprecated.

This API is deprecated.

List vulnerabilities.

Get a list of vulnerabilities.

Pagination

Pagination is enabled by default in both vulnerabilities and assets. The size of the page varies depending on the endpoint and cannot be modified. To automate the request of the next page, you can use the links section in the response.

This endpoint will return paginated responses. The pages are stored in the links section of the response:

{
  "data": [...],
  "meta": {...},
  "links": {
    "self": "https://.../api/v2/security/vulnerabilities",
    "first": "https://.../api/v2/security/vulnerabilities?page[number]=1&page[token]=abc",
    "last": "https://.../api/v2/security/vulnerabilities?page[number]=43&page[token]=abc",
    "next": "https://.../api/v2/security/vulnerabilities?page[number]=2&page[token]=abc"
  }
}

• links.previous is empty if the first page is requested.
• links.next is empty if the last page is requested.

Token

Vulnerabilities can be created, updated or deleted at any point in time.

Upon the first request, a token is created to ensure consistency across subsequent paginated requests.

A token is valid only for 24 hours.

First request

We consider a request to be the first request when there is no page[token] parameter.

The response of this first request contains the newly created token in the links section.

This token can then be used in the subsequent paginated requests.

Note: The first request may take longer to complete than subsequent requests.

Subsequent requests

Any request containing valid page[token] and page[number] parameters will be considered a subsequent request.

If the token is invalid, a 404 response will be returned.

If the page number is invalid, a 400 response will be returned.

The returned token is valid for all requests in the pagination sequence. To send paginated requests in parallel, reuse the same token and change only the page[number] parameter.

Filtering

The request can include some filter parameters to filter the data to be retrieved. The format of the filter parameters follows the JSON:API format: filter[$prop_name], where prop_name is the property name in the entity being filtered by.

All filters can include multiple values, where data will be filtered with an OR clause: filter[title]=Title1,Title2 will filter all vulnerabilities where title is equal to Title1 OR Title2.

String filters are case sensitive.

Boolean filters accept true or false as values.

Number filters must include an operator as a second filter input: filter[$prop_name][$operator]. For example, for the vulnerabilities endpoint: filter[cvss.base.score][lte]=8.

Available operators are: eq (==), lt (<), lte (<=), gt (>) and gte (>=).

Metadata

Following JSON:API format, object including non-standard meta-information.

This endpoint includes the meta member in the response. For more details on each of the properties included in this section, check the endpoints response tables.

{
  "data": [...],
  "meta": {
    "total": 1500,
    "count": 18732,
    "token": "some_token"
  },
  "links": {...}
}

Extensions

Requests may include extensions to modify the behavior of the requested endpoint. The filter parameters follow the JSON:API format format: ext:$extension_name, where extension_name is the name of the modifier that is being applied.

Extensions can only include one value: ext:modifier=value.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_token (String) —

  Its value must come from the links section of the response of the first request. Do not manually edit it.

• :page_number (Integer) —

  The page number to be retrieved. It should be equal or greater than 1

• :filter_type (VulnerabilityType) —

  Filter by vulnerability type.

• :filter_cvss_base_score_op (Float) —

  Filter by vulnerability base (i.e. from the original advisory) severity score.

• :filter_cvss_base_severity (VulnerabilitySeverity) —

  Filter by vulnerability base severity.

• :filter_cvss_base_vector (String) —

  Filter by vulnerability base CVSS vector.

• :filter_cvss_datadog_score_op (Float) —

  Filter by vulnerability Datadog severity score.

• :filter_cvss_datadog_severity (VulnerabilitySeverity) —

  Filter by vulnerability Datadog severity.

• :filter_cvss_datadog_vector (String) —

  Filter by vulnerability Datadog CVSS vector.

• :filter_status (VulnerabilityStatus) —

  Filter by the status of the vulnerability.

• :filter_tool (VulnerabilityTool) —

  Filter by the tool of the vulnerability.

• :filter_library_name (String) —

  Filter by library name.

• :filter_library_version (String) —

  Filter by library version.

• :filter_advisory_id (String) —

  Filter by advisory ID.

• :filter_risks_exploitation_probability (Boolean) —

  Filter by exploitation probability.

• :filter_risks_poc_exploit_available (Boolean) —

  Filter by POC exploit availability.

• :filter_risks_exploit_available (Boolean) —

  Filter by public exploit availability.

• :filter_risks_epss_score_op (Float) —

  Filter by vulnerability EPSS severity score.

• :filter_risks_epss_severity (VulnerabilitySeverity) —

  Filter by vulnerability EPSS severity.

• :filter_language (String) —

  Filter by language.

• :filter_ecosystem (VulnerabilityEcosystem) —

  Filter by ecosystem.

• :filter_code_location_location (String) —

  Filter by vulnerability location.

• :filter_code_location_file_path (String) —

  Filter by vulnerability file path.

• :filter_code_location_method (String) —

  Filter by method.

• :filter_fix_available (Boolean) —

  Filter by fix availability.

• :filter_repo_digests (String) —

  Filter by vulnerability repo_digest (when the vulnerability is related to Image asset).

• :filter_origin (String) —

  Filter by origin.

• :filter_running_kernel (Boolean) —

  Filter for whether the vulnerability affects a running kernel (for vulnerabilities related to a Host asset).

• :filter_asset_name (String) —

  Filter by asset name. This field supports the usage of wildcards (*).

• :filter_asset_type (AssetType) —

  Filter by asset type.

• :filter_asset_version_first (String) —

  Filter by the first version of the asset this vulnerability has been detected on.

• :filter_asset_version_last (String) —

  Filter by the last version of the asset this vulnerability has been detected on.

• :filter_asset_repository_url (String) —

  Filter by the repository url associated to the asset.

• :filter_asset_risks_in_production (Boolean) —

  Filter whether the asset is in production or not.

• :filter_asset_risks_under_attack (Boolean) —

  Filter whether the asset is under attack or not.

• :filter_asset_risks_is_publicly_accessible (Boolean) —

  Filter whether the asset is publicly accessible or not.

• :filter_asset_risks_has_privileged_access (Boolean) —

  Filter whether the asset is publicly accessible or not.

• :filter_asset_risks_has_access_to_sensitive_data (Boolean) —

  Filter whether the asset has access to sensitive data or not.

• :filter_asset_environments (String) —

  Filter by asset environments.

• :filter_asset_teams (String) —

  Filter by asset teams.

• :filter_asset_arch (String) —

  Filter by asset architecture.

• :filter_asset_operating_system_name (String) —

  Filter by asset operating system name.

• :filter_asset_operating_system_version (String) —

  Filter by asset operating system version.

Returns:

• (Array<(ListVulnerabilitiesResponse, Integer, Hash)>) —

  ListVulnerabilitiesResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7952

def list_vulnerabilities_with_http_info(opts = {})
  warn "[DEPRECATION] `ListVulnerabilities` is deprecated."
  unstable_enabled = @api_client.config.unstable_operations["v2.list_vulnerabilities".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_vulnerabilities")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_vulnerabilities"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_vulnerabilities ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_number'].nil? && opts[:'page_number'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_number"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be greater than or equal to 1.'
  end
  allowable_values = ['AdminConsoleActive', 'CodeInjection', 'CommandInjection', 'ComponentWithKnownVulnerability', 'DangerousWorkflows', 'DefaultAppDeployed', 'DefaultHtmlEscapeInvalid', 'DirectoryListingLeak', 'EmailHtmlInjection', 'EndOfLife', 'HardcodedPassword', 'HardcodedSecret', 'HeaderInjection', 'HstsHeaderMissing', 'InsecureAuthProtocol', 'InsecureCookie', 'InsecureJspLayout', 'LdapInjection', 'MaliciousPackage', 'MandatoryRemediation', 'NoHttpOnlyCookie', 'NoSameSiteCookie', 'NoSqlMongoDbInjection', 'PathTraversal', 'ReflectionInjection', 'RiskyLicense', 'SessionRewriting', 'SessionTimeout', 'SqlInjection', 'Ssrf', 'StackTraceLeak', 'TrustBoundaryViolation', 'Unmaintained', 'UntrustedDeserialization', 'UnvalidatedRedirect', 'VerbTampering', 'WeakCipher', 'WeakHash', 'WeakRandomness', 'XContentTypeHeaderMissing', 'XPathInjection', 'Xss']
  if @api_client.config.client_side_validation && opts[:'filter_type'] && !allowable_values.include?(opts[:'filter_type'])
    fail ArgumentError, "invalid value for \"filter_type\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'filter_cvss_base_score_op'].nil? && opts[:'filter_cvss_base_score_op'] > 10
    fail ArgumentError, 'invalid value for "opts[:"filter_cvss_base_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be smaller than or equal to 10.'
  end
  if @api_client.config.client_side_validation && !opts[:'filter_cvss_base_score_op'].nil? && opts[:'filter_cvss_base_score_op'] < 0
    fail ArgumentError, 'invalid value for "opts[:"filter_cvss_base_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be greater than or equal to 0.'
  end
  allowable_values = ['Unknown', 'None', 'Low', 'Medium', 'High', 'Critical']
  if @api_client.config.client_side_validation && opts[:'filter_cvss_base_severity'] && !allowable_values.include?(opts[:'filter_cvss_base_severity'])
    fail ArgumentError, "invalid value for \"filter_cvss_base_severity\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'filter_cvss_datadog_score_op'].nil? && opts[:'filter_cvss_datadog_score_op'] > 10
    fail ArgumentError, 'invalid value for "opts[:"filter_cvss_datadog_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be smaller than or equal to 10.'
  end
  if @api_client.config.client_side_validation && !opts[:'filter_cvss_datadog_score_op'].nil? && opts[:'filter_cvss_datadog_score_op'] < 0
    fail ArgumentError, 'invalid value for "opts[:"filter_cvss_datadog_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be greater than or equal to 0.'
  end
  allowable_values = ['Unknown', 'None', 'Low', 'Medium', 'High', 'Critical']
  if @api_client.config.client_side_validation && opts[:'filter_cvss_datadog_severity'] && !allowable_values.include?(opts[:'filter_cvss_datadog_severity'])
    fail ArgumentError, "invalid value for \"filter_cvss_datadog_severity\", must be one of #{allowable_values}"
  end
  allowable_values = ['Open', 'Muted', 'Remediated', 'InProgress', 'AutoClosed']
  if @api_client.config.client_side_validation && opts[:'filter_status'] && !allowable_values.include?(opts[:'filter_status'])
    fail ArgumentError, "invalid value for \"filter_status\", must be one of #{allowable_values}"
  end
  allowable_values = ['IAST', 'SCA', 'Infra', 'SAST']
  if @api_client.config.client_side_validation && opts[:'filter_tool'] && !allowable_values.include?(opts[:'filter_tool'])
    fail ArgumentError, "invalid value for \"filter_tool\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'filter_risks_epss_score_op'].nil? && opts[:'filter_risks_epss_score_op'] > 1
    fail ArgumentError, 'invalid value for "opts[:"filter_risks_epss_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be smaller than or equal to 1.'
  end
  if @api_client.config.client_side_validation && !opts[:'filter_risks_epss_score_op'].nil? && opts[:'filter_risks_epss_score_op'] < 0
    fail ArgumentError, 'invalid value for "opts[:"filter_risks_epss_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be greater than or equal to 0.'
  end
  allowable_values = ['Unknown', 'None', 'Low', 'Medium', 'High', 'Critical']
  if @api_client.config.client_side_validation && opts[:'filter_risks_epss_severity'] && !allowable_values.include?(opts[:'filter_risks_epss_severity'])
    fail ArgumentError, "invalid value for \"filter_risks_epss_severity\", must be one of #{allowable_values}"
  end
  allowable_values = ['PyPI', 'Maven', 'NuGet', 'Npm', 'RubyGems', 'Go', 'Packagist', 'Deb', 'Rpm', 'Apk', 'Windows', 'Generic', 'MacOs', 'Oci', 'BottleRocket', 'None']
  if @api_client.config.client_side_validation && opts[:'filter_ecosystem'] && !allowable_values.include?(opts[:'filter_ecosystem'])
    fail ArgumentError, "invalid value for \"filter_ecosystem\", must be one of #{allowable_values}"
  end
  allowable_values = ['Repository', 'Service', 'Host', 'HostImage', 'Image']
  if @api_client.config.client_side_validation && opts[:'filter_asset_type'] && !allowable_values.include?(opts[:'filter_asset_type'])
    fail ArgumentError, "invalid value for \"filter_asset_type\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[token]'] = opts[:'page_token'] if !opts[:'page_token'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'filter[type]'] = opts[:'filter_type'] if !opts[:'filter_type'].nil?
  query_params[:'filter[cvss.base.score][`$op`]'] = opts[:'filter_cvss_base_score_op'] if !opts[:'filter_cvss_base_score_op'].nil?
  query_params[:'filter[cvss.base.severity]'] = opts[:'filter_cvss_base_severity'] if !opts[:'filter_cvss_base_severity'].nil?
  query_params[:'filter[cvss.base.vector]'] = opts[:'filter_cvss_base_vector'] if !opts[:'filter_cvss_base_vector'].nil?
  query_params[:'filter[cvss.datadog.score][`$op`]'] = opts[:'filter_cvss_datadog_score_op'] if !opts[:'filter_cvss_datadog_score_op'].nil?
  query_params[:'filter[cvss.datadog.severity]'] = opts[:'filter_cvss_datadog_severity'] if !opts[:'filter_cvss_datadog_severity'].nil?
  query_params[:'filter[cvss.datadog.vector]'] = opts[:'filter_cvss_datadog_vector'] if !opts[:'filter_cvss_datadog_vector'].nil?
  query_params[:'filter[status]'] = opts[:'filter_status'] if !opts[:'filter_status'].nil?
  query_params[:'filter[tool]'] = opts[:'filter_tool'] if !opts[:'filter_tool'].nil?
  query_params[:'filter[library.name]'] = opts[:'filter_library_name'] if !opts[:'filter_library_name'].nil?
  query_params[:'filter[library.version]'] = opts[:'filter_library_version'] if !opts[:'filter_library_version'].nil?
  query_params[:'filter[advisory.id]'] = opts[:'filter_advisory_id'] if !opts[:'filter_advisory_id'].nil?
  query_params[:'filter[risks.exploitation_probability]'] = opts[:'filter_risks_exploitation_probability'] if !opts[:'filter_risks_exploitation_probability'].nil?
  query_params[:'filter[risks.poc_exploit_available]'] = opts[:'filter_risks_poc_exploit_available'] if !opts[:'filter_risks_poc_exploit_available'].nil?
  query_params[:'filter[risks.exploit_available]'] = opts[:'filter_risks_exploit_available'] if !opts[:'filter_risks_exploit_available'].nil?
  query_params[:'filter[risks.epss.score][`$op`]'] = opts[:'filter_risks_epss_score_op'] if !opts[:'filter_risks_epss_score_op'].nil?
  query_params[:'filter[risks.epss.severity]'] = opts[:'filter_risks_epss_severity'] if !opts[:'filter_risks_epss_severity'].nil?
  query_params[:'filter[language]'] = opts[:'filter_language'] if !opts[:'filter_language'].nil?
  query_params[:'filter[ecosystem]'] = opts[:'filter_ecosystem'] if !opts[:'filter_ecosystem'].nil?
  query_params[:'filter[code_location.location]'] = opts[:'filter_code_location_location'] if !opts[:'filter_code_location_location'].nil?
  query_params[:'filter[code_location.file_path]'] = opts[:'filter_code_location_file_path'] if !opts[:'filter_code_location_file_path'].nil?
  query_params[:'filter[code_location.method]'] = opts[:'filter_code_location_method'] if !opts[:'filter_code_location_method'].nil?
  query_params[:'filter[fix_available]'] = opts[:'filter_fix_available'] if !opts[:'filter_fix_available'].nil?
  query_params[:'filter[repo_digests]'] = opts[:'filter_repo_digests'] if !opts[:'filter_repo_digests'].nil?
  query_params[:'filter[origin]'] = opts[:'filter_origin'] if !opts[:'filter_origin'].nil?
  query_params[:'filter[running_kernel]'] = opts[:'filter_running_kernel'] if !opts[:'filter_running_kernel'].nil?
  query_params[:'filter[asset.name]'] = opts[:'filter_asset_name'] if !opts[:'filter_asset_name'].nil?
  query_params[:'filter[asset.type]'] = opts[:'filter_asset_type'] if !opts[:'filter_asset_type'].nil?
  query_params[:'filter[asset.version.first]'] = opts[:'filter_asset_version_first'] if !opts[:'filter_asset_version_first'].nil?
  query_params[:'filter[asset.version.last]'] = opts[:'filter_asset_version_last'] if !opts[:'filter_asset_version_last'].nil?
  query_params[:'filter[asset.repository_url]'] = opts[:'filter_asset_repository_url'] if !opts[:'filter_asset_repository_url'].nil?
  query_params[:'filter[asset.risks.in_production]'] = opts[:'filter_asset_risks_in_production'] if !opts[:'filter_asset_risks_in_production'].nil?
  query_params[:'filter[asset.risks.under_attack]'] = opts[:'filter_asset_risks_under_attack'] if !opts[:'filter_asset_risks_under_attack'].nil?
  query_params[:'filter[asset.risks.is_publicly_accessible]'] = opts[:'filter_asset_risks_is_publicly_accessible'] if !opts[:'filter_asset_risks_is_publicly_accessible'].nil?
  query_params[:'filter[asset.risks.has_privileged_access]'] = opts[:'filter_asset_risks_has_privileged_access'] if !opts[:'filter_asset_risks_has_privileged_access'].nil?
  query_params[:'filter[asset.risks.has_access_to_sensitive_data]'] = opts[:'filter_asset_risks_has_access_to_sensitive_data'] if !opts[:'filter_asset_risks_has_access_to_sensitive_data'].nil?
  query_params[:'filter[asset.environments]'] = opts[:'filter_asset_environments'] if !opts[:'filter_asset_environments'].nil?
  query_params[:'filter[asset.teams]'] = opts[:'filter_asset_teams'] if !opts[:'filter_asset_teams'].nil?
  query_params[:'filter[asset.arch]'] = opts[:'filter_asset_arch'] if !opts[:'filter_asset_arch'].nil?
  query_params[:'filter[asset.operating_system.name]'] = opts[:'filter_asset_operating_system_name'] if !opts[:'filter_asset_operating_system_name'].nil?
  query_params[:'filter[asset.operating_system.version]'] = opts[:'filter_asset_operating_system_version'] if !opts[:'filter_asset_operating_system_version'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListVulnerabilitiesResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :list_vulnerabilities,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_vulnerabilities\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_vulnerable_assets(opts = {}) ⇒ Object

List vulnerable assets.

See Also:

• #list_vulnerable_assets_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8104

def list_vulnerable_assets(opts = {})
  data, _status_code, _headers = list_vulnerable_assets_with_http_info(opts)
  data
end

#list_vulnerable_assets_with_http_info(opts = {}) ⇒ Array<(ListVulnerableAssetsResponse, Integer, Hash)>

List vulnerable assets.

Get a list of vulnerable assets.

Pagination

Please review the Pagination section for the "List Vulnerabilities" endpoint.

Filtering

Please review the Filtering section for the "List Vulnerabilities" endpoint.

Metadata

Please review the Metadata section for the "List Vulnerabilities" endpoint.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_token (String) —

  Its value must come from the links section of the response of the first request. Do not manually edit it.

• :page_number (Integer) —

  The page number to be retrieved. It should be equal or greater than 1

• :filter_name (String) —

  Filter by name. This field supports the usage of wildcards (*).

• :filter_type (AssetType) —

  Filter by type.

• :filter_version_first (String) —

  Filter by the first version of the asset since it has been vulnerable.

• :filter_version_last (String) —

  Filter by the last detected version of the asset.

• :filter_repository_url (String) —

  Filter by the repository url associated to the asset.

• :filter_risks_in_production (Boolean) —

  Filter whether the asset is in production or not.

• :filter_risks_under_attack (Boolean) —

  Filter whether the asset (Service) is under attack or not.

• :filter_risks_is_publicly_accessible (Boolean) —

  Filter whether the asset (Host) is publicly accessible or not.

• :filter_risks_has_privileged_access (Boolean) —

  Filter whether the asset (Host) has privileged access or not.

• :filter_risks_has_access_to_sensitive_data (Boolean) —

  Filter whether the asset (Host) has access to sensitive data or not.

• :filter_environments (String) —

  Filter by environment.

• :filter_teams (String) —

  Filter by teams.

• :filter_arch (String) —

  Filter by architecture.

• :filter_operating_system_name (String) —

  Filter by operating system name.

• :filter_operating_system_version (String) —

  Filter by operating system version.

Returns:

• (Array<(ListVulnerableAssetsResponse, Integer, Hash)>) —

  ListVulnerableAssetsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8144

def list_vulnerable_assets_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_vulnerable_assets".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_vulnerable_assets")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_vulnerable_assets"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_vulnerable_assets ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_number'].nil? && opts[:'page_number'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_number"]" when calling SecurityMonitoringAPI.list_vulnerable_assets, must be greater than or equal to 1.'
  end
  allowable_values = ['Repository', 'Service', 'Host', 'HostImage', 'Image']
  if @api_client.config.client_side_validation && opts[:'filter_type'] && !allowable_values.include?(opts[:'filter_type'])
    fail ArgumentError, "invalid value for \"filter_type\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerable-assets'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[token]'] = opts[:'page_token'] if !opts[:'page_token'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'filter[name]'] = opts[:'filter_name'] if !opts[:'filter_name'].nil?
  query_params[:'filter[type]'] = opts[:'filter_type'] if !opts[:'filter_type'].nil?
  query_params[:'filter[version.first]'] = opts[:'filter_version_first'] if !opts[:'filter_version_first'].nil?
  query_params[:'filter[version.last]'] = opts[:'filter_version_last'] if !opts[:'filter_version_last'].nil?
  query_params[:'filter[repository_url]'] = opts[:'filter_repository_url'] if !opts[:'filter_repository_url'].nil?
  query_params[:'filter[risks.in_production]'] = opts[:'filter_risks_in_production'] if !opts[:'filter_risks_in_production'].nil?
  query_params[:'filter[risks.under_attack]'] = opts[:'filter_risks_under_attack'] if !opts[:'filter_risks_under_attack'].nil?
  query_params[:'filter[risks.is_publicly_accessible]'] = opts[:'filter_risks_is_publicly_accessible'] if !opts[:'filter_risks_is_publicly_accessible'].nil?
  query_params[:'filter[risks.has_privileged_access]'] = opts[:'filter_risks_has_privileged_access'] if !opts[:'filter_risks_has_privileged_access'].nil?
  query_params[:'filter[risks.has_access_to_sensitive_data]'] = opts[:'filter_risks_has_access_to_sensitive_data'] if !opts[:'filter_risks_has_access_to_sensitive_data'].nil?
  query_params[:'filter[environments]'] = opts[:'filter_environments'] if !opts[:'filter_environments'].nil?
  query_params[:'filter[teams]'] = opts[:'filter_teams'] if !opts[:'filter_teams'].nil?
  query_params[:'filter[arch]'] = opts[:'filter_arch'] if !opts[:'filter_arch'].nil?
  query_params[:'filter[operating_system.name]'] = opts[:'filter_operating_system_name'] if !opts[:'filter_operating_system_name'].nil?
  query_params[:'filter[operating_system.version]'] = opts[:'filter_operating_system_version'] if !opts[:'filter_operating_system_version'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListVulnerableAssetsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :list_vulnerable_assets,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_vulnerable_assets\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#mute_findings(body, opts = {}) ⇒ Object

Mute or unmute a batch of findings.

See Also:

• #mute_findings_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8223

def mute_findings(body, opts = {})
  data, _status_code, _headers = mute_findings_with_http_info(body, opts)
  data
end

#mute_findings_with_http_info(body, opts = {}) ⇒ Array<(BulkMuteFindingsResponse, Integer, Hash)>

Mute or unmute a batch of findings.

Mute or unmute findings.

Parameters:

• body (BulkMuteFindingsRequest) —

  Attributes All findings are updated with the same attributes. The request body must include at least two attributes: muted and reason. The allowed reasons depend on whether the finding is being muted or unmuted: - To mute a finding: PENDING_FIX, FALSE_POSITIVE, ACCEPTED_RISK, OTHER. - To unmute a finding : NO_PENDING_FIX, HUMAN_ERROR, NO_LONGER_ACCEPTED_RISK, OTHER. ### Meta The request body must include a list of the finding IDs to be updated.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(BulkMuteFindingsResponse, Integer, Hash)>) —

  BulkMuteFindingsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8235

def mute_findings_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.mute_findings".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.mute_findings")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.mute_findings"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.mute_findings ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.mute_findings"
  end
  # resource path
  local_var_path = '/api/v2/posture_management/findings'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'BulkMuteFindingsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :mute_findings,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#mute_findings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#mute_security_findings(body, opts = {}) ⇒ Object

Mute or unmute security findings.

See Also:

• #mute_security_findings_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8296

def mute_security_findings(body, opts = {})
  data, _status_code, _headers = mute_security_findings_with_http_info(body, opts)
  data
end

#mute_security_findings_with_http_info(body, opts = {}) ⇒ Array<(MuteFindingsResponse, Integer, Hash)>

Mute or unmute security findings.

Mute or unmute security findings. You can mute or unmute up to 100 security findings per request. The request body must include is_muted and reason attributes. The allowed reasons depend on whether the finding is being muted or unmuted:

• To mute a finding: PENDING_FIX, FALSE_POSITIVE, OTHER, NO_FIX, DUPLICATE, RISK_ACCEPTED.
• To unmute a finding: NO_PENDING_FIX, HUMAN_ERROR, NO_LONGER_ACCEPTED_RISK, OTHER.

Parameters:

• body (MuteFindingsRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(MuteFindingsResponse, Integer, Hash)>) —

  MuteFindingsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8311

def mute_security_findings_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.mute_security_findings ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.mute_security_findings"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/mute'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'MuteFindingsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :mute_security_findings,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#mute_security_findings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#patch_signal_notification_rule(id, body, opts = {}) ⇒ Object

Patch a signal-based notification rule.

See Also:

• #patch_signal_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8366

def patch_signal_notification_rule(id, body, opts = {})
  data, _status_code, _headers = patch_signal_notification_rule_with_http_info(id, body, opts)
  data
end

#patch_signal_notification_rule_with_http_info(id, body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Patch a signal-based notification rule.

Partially update the notification rule. All fields are optional; if a field is not provided, it is not updated.

Parameters:

• id (String) —

  ID of the notification rule.

• body (PatchNotificationRuleParameters)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8379

def patch_signal_notification_rule_with_http_info(id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.patch_signal_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.patch_signal_notification_rule"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.patch_signal_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/signals/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :patch_signal_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#patch_signal_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#patch_vulnerability_notification_rule(id, body, opts = {}) ⇒ Object

Patch a vulnerability-based notification rule.

See Also:

• #patch_vulnerability_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8438

def patch_vulnerability_notification_rule(id, body, opts = {})
  data, _status_code, _headers = patch_vulnerability_notification_rule_with_http_info(id, body, opts)
  data
end

#patch_vulnerability_notification_rule_with_http_info(id, body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Patch a vulnerability-based notification rule.

Partially update the notification rule. All fields are optional; if a field is not provided, it is not updated.

Parameters:

• id (String) —

  ID of the notification rule.

• body (PatchNotificationRuleParameters)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8451

def patch_vulnerability_notification_rule_with_http_info(id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.patch_vulnerability_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.patch_vulnerability_notification_rule"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.patch_vulnerability_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :patch_vulnerability_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#patch_vulnerability_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#run_historical_job(body, opts = {}) ⇒ Object

Run a historical job.

See Also:

• #run_historical_job_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8510

def run_historical_job(body, opts = {})
  data, _status_code, _headers = run_historical_job_with_http_info(body, opts)
  data
end

#run_historical_job_with_http_info(body, opts = {}) ⇒ Array<(JobCreateResponse, Integer, Hash)>

Run a historical job.

Run a historical job.

Parameters:

• body (RunHistoricalJobRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(JobCreateResponse, Integer, Hash)>) —

  JobCreateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8522

def run_historical_job_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.run_historical_job".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.run_historical_job")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.run_historical_job"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.run_historical_job ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.run_historical_job"
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/jobs'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'JobCreateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :run_historical_job,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#run_historical_job\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#search_security_findings(body, opts = {}) ⇒ Object

Search security findings.

See Also:

• #search_security_findings_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8583

def search_security_findings(body, opts = {})
  data, _status_code, _headers = search_security_findings_with_http_info(body, opts)
  data
end

#search_security_findings_with_http_info(body, opts = {}) ⇒ Array<(ListSecurityFindingsResponse, Integer, Hash)>

Search security findings.

Get a list of security findings that match a search query. See the schema for security findings.

Query Syntax

The API uses the logs query syntax. Findings attributes (living in the attributes.attributes. namespace) are prefixed by @ when queried. Tags are queried without a prefix.

Example: @severity:(critical OR high) @status:open team:platform

Parameters:

• body (SecurityFindingsSearchRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(ListSecurityFindingsResponse, Integer, Hash)>) —

  ListSecurityFindingsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8601

def search_security_findings_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.search_security_findings ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.search_security_findings"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/search'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'ListSecurityFindingsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :search_security_findings,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#search_security_findings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#search_security_findings_with_pagination(body, opts = {}) {|SecurityFindingsData| ... } ⇒ Object

Search security findings.

Provide a paginated version of #search_security_findings, returning all items.

To use it you need to use a block: search_security_findings_with_pagination { |item| p item }

Yields:

• (SecurityFindingsData) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8660

def search_security_findings_with_pagination(body, opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(body, "data.attributes.page.limit", 10)
    @api_client.set_attribute_from_path(api_version, body, "data.attributes.page.limit", SecurityFindingsSearchRequestData, page_size)
    while true do
        response = search_security_findings(body, opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length == 0
          break
        end
        @api_client.set_attribute_from_path(api_version, body, "data.attributes.page.cursor", SecurityFindingsSearchRequestData, @api_client.get_attribute_from_path(response, "meta.page.after"))
    end
end

#search_security_monitoring_histsignals(opts = {}) ⇒ Object

Search hist signals.

See Also:

• #search_security_monitoring_histsignals_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8677

def search_security_monitoring_histsignals(opts = {})
  data, _status_code, _headers = search_security_monitoring_histsignals_with_http_info(opts)
  data
end

#search_security_monitoring_histsignals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

Search hist signals.

Search hist signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :body (SecurityMonitoringSignalListRequest)

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8689

def search_security_monitoring_histsignals_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.search_security_monitoring_histsignals".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.search_security_monitoring_histsignals")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.search_security_monitoring_histsignals"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.search_security_monitoring_histsignals ...'
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/histsignals/search'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(opts[:'body'])

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :search_security_monitoring_histsignals,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#search_security_monitoring_histsignals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#search_security_monitoring_signals(opts = {}) ⇒ Object

Get a list of security signals.

See Also:

• #search_security_monitoring_signals_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8746

def search_security_monitoring_signals(opts = {})
  data, _status_code, _headers = search_security_monitoring_signals_with_http_info(opts)
  data
end

#search_security_monitoring_signals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

Get a list of security signals.

Returns security signals that match a search query. Both this endpoint and the GET endpoint can be used interchangeably for listing security signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :body (SecurityMonitoringSignalListRequest)

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8760

def search_security_monitoring_signals_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.search_security_monitoring_signals ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/search'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(opts[:'body'])

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :search_security_monitoring_signals,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#search_security_monitoring_signals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#search_security_monitoring_signals_with_pagination(opts = {}) {|SecurityMonitoringSignal| ... } ⇒ Object

Get a list of security signals.

Provide a paginated version of #search_security_monitoring_signals, returning all items.

To use it you need to use a block: search_security_monitoring_signals_with_pagination { |item| p item }

Yields:

• (SecurityMonitoringSignal) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8815

def search_security_monitoring_signals_with_pagination(opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(opts, "body.page.limit", 10)
    @api_client.set_attribute_from_path(api_version, opts, "body.page.limit", SecurityMonitoringSignalListRequest, page_size)
    while true do
        response = search_security_monitoring_signals(opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length == 0
          break
        end
        @api_client.set_attribute_from_path(api_version, opts, "body.page.cursor", SecurityMonitoringSignalListRequest, @api_client.get_attribute_from_path(response, "meta.page.after"))
    end
end

#send_security_monitoring_notification_preview(body, opts = {}) ⇒ Object

Test a notification rule.

See Also:

• #send_security_monitoring_notification_preview_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8832

def send_security_monitoring_notification_preview(body, opts = {})
  data, _status_code, _headers = send_security_monitoring_notification_preview_with_http_info(body, opts)
  data
end

#send_security_monitoring_notification_preview_with_http_info(body, opts = {}) ⇒ Array<(NotificationRulePreviewResponse, Integer, Hash)>

Test a notification rule.

Send a notification preview to test that a notification rule's targets are properly configured.

Parameters:

• body (CreateNotificationRuleParameters)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRulePreviewResponse, Integer, Hash)>) —

  NotificationRulePreviewResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8844

def send_security_monitoring_notification_preview_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.send_security_monitoring_notification_preview ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.send_security_monitoring_notification_preview"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/notification_rules/send_notification_preview'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRulePreviewResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :send_security_monitoring_notification_preview,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#send_security_monitoring_notification_preview\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#test_existing_security_monitoring_rule(rule_id, body, opts = {}) ⇒ Object

Test an existing rule.

See Also:

• #test_existing_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8899

def test_existing_security_monitoring_rule(rule_id, body, opts = {})
  data, _status_code, _headers = test_existing_security_monitoring_rule_with_http_info(rule_id, body, opts)
  data
end

#test_existing_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) ⇒ Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>

Test an existing rule.

Test an existing rule.

Parameters:

• rule_id (String) —

  The ID of the rule.

• body (SecurityMonitoringRuleTestRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>) —

  SecurityMonitoringRuleTestResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8912

def test_existing_security_monitoring_rule_with_http_info(rule_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.test_existing_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.test_existing_security_monitoring_rule"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.test_existing_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}/test'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleTestResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :test_existing_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#test_existing_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#test_security_monitoring_rule(body, opts = {}) ⇒ Object

Test a rule.

See Also:

• #test_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8971

def test_security_monitoring_rule(body, opts = {})
  data, _status_code, _headers = test_security_monitoring_rule_with_http_info(body, opts)
  data
end

#test_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>

Test a rule.

Test a rule.

Parameters:

• body (SecurityMonitoringRuleTestRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>) —

  SecurityMonitoringRuleTestResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8983

def test_security_monitoring_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.test_security_monitoring_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.test_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/test'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleTestResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :test_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#test_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_custom_framework(handle, version, body, opts = {}) ⇒ Object

Update a custom framework.

See Also:

• #update_custom_framework_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9038

def update_custom_framework(handle, version, body, opts = {})
  data, _status_code, _headers = update_custom_framework_with_http_info(handle, version, body, opts)
  data
end

#update_custom_framework_with_http_info(handle, version, body, opts = {}) ⇒ Array<(UpdateCustomFrameworkResponse, Integer, Hash)>

Update a custom framework.

Update a custom framework.

Parameters:

• handle (String) —

  The framework handle

• version (String) —

  The framework version

• body (UpdateCustomFrameworkRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(UpdateCustomFrameworkResponse, Integer, Hash)>) —

  UpdateCustomFrameworkResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9052

def update_custom_framework_with_http_info(handle, version, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_custom_framework ...'
  end
  # verify the required parameter 'handle' is set
  if @api_client.config.client_side_validation && handle.nil?
    fail ArgumentError, "Missing the required parameter 'handle' when calling SecurityMonitoringAPI.update_custom_framework"
  end
  # verify the required parameter 'version' is set
  if @api_client.config.client_side_validation && version.nil?
    fail ArgumentError, "Missing the required parameter 'version' when calling SecurityMonitoringAPI.update_custom_framework"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_custom_framework"
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/custom_frameworks/{handle}/{version}'.sub('{handle}', CGI.escape(handle.to_s).gsub('%2F', '/')).sub('{version}', CGI.escape(version.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'UpdateCustomFrameworkResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_custom_framework,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Put, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_custom_framework\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_findings_assignee(body, opts = {}) ⇒ Object

Assign or unassign security findings.

See Also:

• #update_findings_assignee_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9115

def update_findings_assignee(body, opts = {})
  data, _status_code, _headers = update_findings_assignee_with_http_info(body, opts)
  data
end

#update_findings_assignee_with_http_info(body, opts = {}) ⇒ Array<(AssigneeResponse, Integer, Hash)>

Assign or unassign security findings.

Assign or unassign security findings. You can assign up to 100 security findings per request. Set assignee_id to the unique identifier of the Datadog user you want to assign the findings to. Omit assignee_id (or set it to null) to unassign the findings. Per-finding warnings and failures are returned in the response meta object.

Parameters:

• body (AssigneeRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(AssigneeResponse, Integer, Hash)>) —

  AssigneeResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9128

def update_findings_assignee_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.update_findings_assignee".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.update_findings_assignee")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.update_findings_assignee"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_findings_assignee ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_findings_assignee"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/assignee'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'AssigneeResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_findings_assignee,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_findings_assignee\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_resource_evaluation_filters(body, opts = {}) ⇒ Object

Update resource filters.

See Also:

• #update_resource_evaluation_filters_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9189

def update_resource_evaluation_filters(body, opts = {})
  data, _status_code, _headers = update_resource_evaluation_filters_with_http_info(body, opts)
  data
end

#update_resource_evaluation_filters_with_http_info(body, opts = {}) ⇒ Array<(UpdateResourceEvaluationFiltersResponse, Integer, Hash)>

Update resource filters.

Update resource filters.

Parameters:

• body (UpdateResourceEvaluationFiltersRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(UpdateResourceEvaluationFiltersResponse, Integer, Hash)>) —

  UpdateResourceEvaluationFiltersResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9201

def update_resource_evaluation_filters_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_resource_evaluation_filters ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_resource_evaluation_filters"
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/resource_filters'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'UpdateResourceEvaluationFiltersResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_resource_evaluation_filters,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Put, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_resource_evaluation_filters\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_filter(security_filter_id, body, opts = {}) ⇒ Object

Update a security filter.

See Also:

• #update_security_filter_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9256

def update_security_filter(security_filter_id, body, opts = {})
  data, _status_code, _headers = update_security_filter_with_http_info(security_filter_id, body, opts)
  data
end

#update_security_filter_with_http_info(security_filter_id, body, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

Update a security filter.

Update a specific security filter. Returns the security filter object when the request is successful.

Parameters:

• security_filter_id (String) —

  The ID of the security filter.

• body (SecurityFilterUpdateRequest) —

  New definition of the security filter.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFilterResponse, Integer, Hash)>) —

  SecurityFilterResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9270

def update_security_filter_with_http_info(security_filter_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_filter ...'
  end
  # verify the required parameter 'security_filter_id' is set
  if @api_client.config.client_side_validation && security_filter_id.nil?
    fail ArgumentError, "Missing the required parameter 'security_filter_id' when calling SecurityMonitoringAPI.update_security_filter"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_filter"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}'.sub('{security_filter_id}', CGI.escape(security_filter_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFilterResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_security_filter,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_monitoring_critical_asset(critical_asset_id, body, opts = {}) ⇒ Object

Update a critical asset.

See Also:

• #update_security_monitoring_critical_asset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9329

def update_security_monitoring_critical_asset(critical_asset_id, body, opts = {})
  data, _status_code, _headers = update_security_monitoring_critical_asset_with_http_info(critical_asset_id, body, opts)
  data
end

#update_security_monitoring_critical_asset_with_http_info(critical_asset_id, body, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

Update a critical asset.

Update a specific critical asset.

Parameters:

• critical_asset_id (String) —

  The ID of the critical asset.

• body (SecurityMonitoringCriticalAssetUpdateRequest) —

  New definition of the critical asset. Supports partial updates.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>) —

  SecurityMonitoringCriticalAssetResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9342

def update_security_monitoring_critical_asset_with_http_info(critical_asset_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_monitoring_critical_asset ...'
  end
  # verify the required parameter 'critical_asset_id' is set
  if @api_client.config.client_side_validation && critical_asset_id.nil?
    fail ArgumentError, "Missing the required parameter 'critical_asset_id' when calling SecurityMonitoringAPI.update_security_monitoring_critical_asset"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_monitoring_critical_asset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id}'.sub('{critical_asset_id}', CGI.escape(critical_asset_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_security_monitoring_critical_asset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_monitoring_critical_asset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_monitoring_dataset(dataset_id, body, opts = {}) ⇒ Object

Update a dataset.

See Also:

• #update_security_monitoring_dataset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9401

def update_security_monitoring_dataset(dataset_id, body, opts = {})
  update_security_monitoring_dataset_with_http_info(dataset_id, body, opts)
  nil
end

#update_security_monitoring_dataset_with_http_info(dataset_id, body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Update a dataset.

Update an existing Cloud SIEM dataset. The current version of the dataset can be provided to detect concurrent modifications.

Parameters:

• dataset_id (String) —

  The UUID of the dataset.

• body (SecurityMonitoringDatasetUpdateRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9415

def update_security_monitoring_dataset_with_http_info(dataset_id, body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.update_security_monitoring_dataset".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.update_security_monitoring_dataset")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.update_security_monitoring_dataset"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_monitoring_dataset ...'
  end
  # verify the required parameter 'dataset_id' is set
  if @api_client.config.client_side_validation && dataset_id.nil?
    fail ArgumentError, "Missing the required parameter 'dataset_id' when calling SecurityMonitoringAPI.update_security_monitoring_dataset"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_monitoring_dataset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/datasets/{dataset_id}'.sub('{dataset_id}', CGI.escape(dataset_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_security_monitoring_dataset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_monitoring_dataset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_monitoring_integration_config(integration_config_id, body, opts = {}) ⇒ Object

Update an entity context sync configuration.

See Also:

• #update_security_monitoring_integration_config_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9480

def update_security_monitoring_integration_config(integration_config_id, body, opts = {})
  data, _status_code, _headers = update_security_monitoring_integration_config_with_http_info(integration_config_id, body, opts)
  data
end

#update_security_monitoring_integration_config_with_http_info(integration_config_id, body, opts = {}) ⇒ Array<(SecurityMonitoringIntegrationConfigResponse, Integer, Hash)>

Update an entity context sync configuration.

Update an existing entity context sync configuration. Supports partial updates; only the fields provided in the request body are modified.

Parameters:

• integration_config_id (String) —

  The ID of the entity context sync configuration.

• body (SecurityMonitoringIntegrationConfigUpdateRequest) —

  The fields to update on the integration configuration.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringIntegrationConfigResponse, Integer, Hash)>) —

  SecurityMonitoringIntegrationConfigResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9493

def update_security_monitoring_integration_config_with_http_info(integration_config_id, body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.update_security_monitoring_integration_config".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.update_security_monitoring_integration_config")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.update_security_monitoring_integration_config"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_monitoring_integration_config ...'
  end
  # verify the required parameter 'integration_config_id' is set
  if @api_client.config.client_side_validation && integration_config_id.nil?
    fail ArgumentError, "Missing the required parameter 'integration_config_id' when calling SecurityMonitoringAPI.update_security_monitoring_integration_config"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_monitoring_integration_config"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/integration_config/{integration_config_id}'.sub('{integration_config_id}', CGI.escape(integration_config_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringIntegrationConfigResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_security_monitoring_integration_config,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_monitoring_integration_config\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_monitoring_rule(rule_id, body, opts = {}) ⇒ Object

Update an existing rule.

See Also:

• #update_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9558

def update_security_monitoring_rule(rule_id, body, opts = {})
  data, _status_code, _headers = update_security_monitoring_rule_with_http_info(rule_id, body, opts)
  data
end

#update_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

Update an existing rule.

Update an existing rule. When updating cases, queries or options, the whole field must be included. For example, when modifying a query all queries must be included. Default rules can only be updated to be enabled, to change notifications, or to update the tags (default tags cannot be removed).

Parameters:

• rule_id (String) —

  The ID of the rule.

• body (SecurityMonitoringRuleUpdatePayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleResponse, Integer, Hash)>) —

  SecurityMonitoringRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9574

def update_security_monitoring_rule_with_http_info(rule_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.update_security_monitoring_rule"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Put, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_monitoring_suppression(suppression_id, body, opts = {}) ⇒ Object

Update a suppression rule.

See Also:

• #update_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9633

def update_security_monitoring_suppression(suppression_id, body, opts = {})
  data, _status_code, _headers = update_security_monitoring_suppression_with_http_info(suppression_id, body, opts)
  data
end

#update_security_monitoring_suppression_with_http_info(suppression_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

Update a suppression rule.

Update a specific suppression rule.

Parameters:

• suppression_id (String) —

  The ID of the suppression rule

• body (SecurityMonitoringSuppressionUpdateRequest) —

  New definition of the suppression rule. Supports partial updates.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9646

def update_security_monitoring_suppression_with_http_info(suppression_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_monitoring_suppression ...'
  end
  # verify the required parameter 'suppression_id' is set
  if @api_client.config.client_side_validation && suppression_id.nil?
    fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.update_security_monitoring_suppression"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#validate_security_monitoring_integration_config(integration_config_id, opts = {}) ⇒ Object

Validate an entity context sync configuration.

See Also:

• #validate_security_monitoring_integration_config_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9705

def validate_security_monitoring_integration_config(integration_config_id, opts = {})
  validate_security_monitoring_integration_config_with_http_info(integration_config_id, opts)
  nil
end

#validate_security_monitoring_integration_config_with_http_info(integration_config_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Validate an entity context sync configuration.

Validate the credentials currently stored on an existing entity context sync configuration. Returns a 200 status code if the credentials are still valid against the external entity source.

Parameters:

• integration_config_id (String) —

  The ID of the entity context sync configuration.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9718

def validate_security_monitoring_integration_config_with_http_info(integration_config_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.validate_security_monitoring_integration_config".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.validate_security_monitoring_integration_config")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.validate_security_monitoring_integration_config"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.validate_security_monitoring_integration_config ...'
  end
  # verify the required parameter 'integration_config_id' is set
  if @api_client.config.client_side_validation && integration_config_id.nil?
    fail ArgumentError, "Missing the required parameter 'integration_config_id' when calling SecurityMonitoringAPI.validate_security_monitoring_integration_config"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/integration_config/{integration_config_id}/validate'.sub('{integration_config_id}', CGI.escape(integration_config_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :validate_security_monitoring_integration_config,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#validate_security_monitoring_integration_config\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#validate_security_monitoring_integration_credentials(body, opts = {}) ⇒ Object

Validate entity context sync credentials.

See Also:

• #validate_security_monitoring_integration_credentials_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9777

def validate_security_monitoring_integration_credentials(body, opts = {})
  validate_security_monitoring_integration_credentials_with_http_info(body, opts)
  nil
end

#validate_security_monitoring_integration_credentials_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Validate entity context sync credentials.

Validate a set of credentials against the external entity source before creating a sync configuration. Returns a 200 status code if the credentials are valid.

Parameters:

• body (SecurityMonitoringIntegrationCredentialsValidateRequest) —

  The credentials to validate.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9790

def validate_security_monitoring_integration_credentials_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.validate_security_monitoring_integration_credentials".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.validate_security_monitoring_integration_credentials")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.validate_security_monitoring_integration_credentials"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.validate_security_monitoring_integration_credentials ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.validate_security_monitoring_integration_credentials"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/integration_config/validate'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :validate_security_monitoring_integration_credentials,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#validate_security_monitoring_integration_credentials\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#validate_security_monitoring_rule(body, opts = {}) ⇒ Object

Validate a detection rule.

See Also:

• #validate_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9851

def validate_security_monitoring_rule(body, opts = {})
  validate_security_monitoring_rule_with_http_info(body, opts)
  nil
end

#validate_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Validate a detection rule.

Validate a detection rule.

Parameters:

• body (SecurityMonitoringRuleValidatePayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9863

def validate_security_monitoring_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.validate_security_monitoring_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.validate_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/validation'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :validate_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#validate_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#validate_security_monitoring_suppression(body, opts = {}) ⇒ Object

Validate a suppression rule.

See Also:

• #validate_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9918

def validate_security_monitoring_suppression(body, opts = {})
  validate_security_monitoring_suppression_with_http_info(body, opts)
  nil
end

#validate_security_monitoring_suppression_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Validate a suppression rule.

Validate a suppression rule.

Parameters:

• body (SecurityMonitoringSuppressionCreateRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9930

def validate_security_monitoring_suppression_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.validate_security_monitoring_suppression ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.validate_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/validation'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :validate_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#validate_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end