Class: DatadogAPIClient::V2::SecurityMonitoringAPI

Inherits:

Object

• Object
• DatadogAPIClient::V2::SecurityMonitoringAPI

Defined in:

lib/datadog_api_client/v2/api/security_monitoring_api.rb

Instance Attribute Summary

• #api_client ⇒ Object

  Returns the value of attribute api_client.

Instance Method Summary

• #cancel_historical_job(job_id, opts = {}) ⇒ Object

  Cancel a historical job.

• #cancel_historical_job_with_http_info(job_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Cancel a historical job.

• #convert_existing_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

  Convert an existing rule from JSON to Terraform.

• #convert_existing_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>

  Convert an existing rule from JSON to Terraform.

• #convert_job_result_to_signal(body, opts = {}) ⇒ Object

  Convert a job result to a signal.

• #convert_job_result_to_signal_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Convert a job result to a signal.

• #convert_security_monitoring_rule_from_json_to_terraform(body, opts = {}) ⇒ Object

  Convert a rule from JSON to Terraform.

• #convert_security_monitoring_rule_from_json_to_terraform_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>

  Convert a rule from JSON to Terraform.

• #create_security_filter(body, opts = {}) ⇒ Object

  Create a security filter.

• #create_security_filter_with_http_info(body, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

  Create a security filter.

• #create_security_monitoring_rule(body, opts = {}) ⇒ Object

  Create a detection rule.

• #create_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

  Create a detection rule.

• #create_security_monitoring_suppression(body, opts = {}) ⇒ Object

  Create a suppression rule.

• #create_security_monitoring_suppression_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

  Create a suppression rule.

• #delete_historical_job(job_id, opts = {}) ⇒ Object

  Delete an existing job.

• #delete_historical_job_with_http_info(job_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete an existing job.

• #delete_security_filter(security_filter_id, opts = {}) ⇒ Object

  Delete a security filter.

• #delete_security_filter_with_http_info(security_filter_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a security filter.

• #delete_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

  Delete an existing rule.

• #delete_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete an existing rule.

• #delete_security_monitoring_suppression(suppression_id, opts = {}) ⇒ Object

  Delete a suppression rule.

• #delete_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a suppression rule.

• #edit_security_monitoring_signal_assignee(signal_id, body, opts = {}) ⇒ Object

  Modify the triage assignee of a security signal.

• #edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

  Modify the triage assignee of a security signal.

• #edit_security_monitoring_signal_incidents(signal_id, body, opts = {}) ⇒ Object

  Change the related incidents of a security signal.

• #edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

  Change the related incidents of a security signal.

• #edit_security_monitoring_signal_state(signal_id, body, opts = {}) ⇒ Object

  Change the triage state of a security signal.

• #edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

  Change the triage state of a security signal.

• #get_finding(finding_id, opts = {}) ⇒ Object

  Get a finding.

• #get_finding_with_http_info(finding_id, opts = {}) ⇒ Array<(GetFindingResponse, Integer, Hash)>

  Get a finding.

• #get_historical_job(job_id, opts = {}) ⇒ Object

  Get a job's details.

• #get_historical_job_with_http_info(job_id, opts = {}) ⇒ Array<(HistoricalJobResponse, Integer, Hash)>

  Get a job's details.

• #get_security_filter(security_filter_id, opts = {}) ⇒ Object

  Get a security filter.

• #get_security_filter_with_http_info(security_filter_id, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

  Get a security filter.

• #get_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

  Get a rule's details.

• #get_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

  Get a rule's details.

• #get_security_monitoring_signal(signal_id, opts = {}) ⇒ Object

  Get a signal's details.

• #get_security_monitoring_signal_with_http_info(signal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalResponse, Integer, Hash)>

  Get a signal's details.

• #get_security_monitoring_suppression(suppression_id, opts = {}) ⇒ Object

  Get a suppression rule.

• #get_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

  Get a suppression rule.

• #initialize(api_client = DatadogAPIClient::APIClient.default) ⇒ SecurityMonitoringAPI constructor

  A new instance of SecurityMonitoringAPI.

• #list_findings(opts = {}) ⇒ Object

  List findings.

• #list_findings_with_http_info(opts = {}) ⇒ Array<(ListFindingsResponse, Integer, Hash)>

  List findings.

• #list_findings_with_pagination(opts = {}) {|Finding| ... } ⇒ Object

  List findings.

• #list_historical_jobs(opts = {}) ⇒ Object

  List historical jobs.

• #list_historical_jobs_with_http_info(opts = {}) ⇒ Array<(ListHistoricalJobsResponse, Integer, Hash)>

  List historical jobs.

• #list_security_filters(opts = {}) ⇒ Object

  Get all security filters.

• #list_security_filters_with_http_info(opts = {}) ⇒ Array<(SecurityFiltersResponse, Integer, Hash)>

  Get all security filters.

• #list_security_monitoring_rules(opts = {}) ⇒ Object

  List rules.

• #list_security_monitoring_rules_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringListRulesResponse, Integer, Hash)>

  List rules.

• #list_security_monitoring_signals(opts = {}) ⇒ Object

  Get a quick list of security signals.

• #list_security_monitoring_signals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  Get a quick list of security signals.

• #list_security_monitoring_signals_with_pagination(opts = {}) {|SecurityMonitoringSignal| ... } ⇒ Object

  Get a quick list of security signals.

• #list_security_monitoring_suppressions(opts = {}) ⇒ Object

  Get all suppression rules.

• #list_security_monitoring_suppressions_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>

  Get all suppression rules.

• #mute_findings(body, opts = {}) ⇒ Object

  Mute or unmute a batch of findings.

• #mute_findings_with_http_info(body, opts = {}) ⇒ Array<(BulkMuteFindingsResponse, Integer, Hash)>

  Mute or unmute a batch of findings.

• #run_historical_job(body, opts = {}) ⇒ Object

  Run a historical job.

• #run_historical_job_with_http_info(body, opts = {}) ⇒ Array<(JobCreateResponse, Integer, Hash)>

  Run a historical job.

• #search_security_monitoring_signals(opts = {}) ⇒ Object

  Get a list of security signals.

• #search_security_monitoring_signals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  Get a list of security signals.

• #search_security_monitoring_signals_with_pagination(opts = {}) {|SecurityMonitoringSignal| ... } ⇒ Object

  Get a list of security signals.

• #test_existing_security_monitoring_rule(rule_id, body, opts = {}) ⇒ Object

  Test an existing rule.

• #test_existing_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) ⇒ Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>

  Test an existing rule.

• #test_security_monitoring_rule(body, opts = {}) ⇒ Object

  Test a rule.

• #test_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>

  Test a rule.

• #update_security_filter(security_filter_id, body, opts = {}) ⇒ Object

  Update a security filter.

• #update_security_filter_with_http_info(security_filter_id, body, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

  Update a security filter.

• #update_security_monitoring_rule(rule_id, body, opts = {}) ⇒ Object

  Update an existing rule.

• #update_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

  Update an existing rule.

• #update_security_monitoring_suppression(suppression_id, body, opts = {}) ⇒ Object

  Update a suppression rule.

• #update_security_monitoring_suppression_with_http_info(suppression_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

  Update a suppression rule.

• #validate_security_monitoring_rule(body, opts = {}) ⇒ Object

  Validate a detection rule.

• #validate_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Validate a detection rule.

Constructor Details

#initialize(api_client = DatadogAPIClient::APIClient.default) ⇒ SecurityMonitoringAPI

Returns a new instance of SecurityMonitoringAPI.

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 22

def initialize(api_client = APIClient.default)
  @api_client = api_client
end

Instance Attribute Details

#api_client ⇒ Object

Returns the value of attribute api_client.

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 20

def api_client
  @api_client
end

Instance Method Details

#cancel_historical_job(job_id, opts = {}) ⇒ Object

Cancel a historical job.

See Also:

• #cancel_historical_job_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 29

def cancel_historical_job(job_id, opts = {})
  cancel_historical_job_with_http_info(job_id, opts)
  nil
end

#cancel_historical_job_with_http_info(job_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Cancel a historical job.

Cancel a historical job.

Parameters:

• job_id (String) —

  The ID of the job.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 41

def cancel_historical_job_with_http_info(job_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.cancel_historical_job".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.cancel_historical_job")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.cancel_historical_job"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.cancel_historical_job ...'
  end
  # verify the required parameter 'job_id' is set
  if @api_client.config.client_side_validation && job_id.nil?
    fail ArgumentError, "Missing the required parameter 'job_id' when calling SecurityMonitoringAPI.cancel_historical_job"
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/jobs/{job_id}/cancel'.sub('{job_id}', CGI.escape(job_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :cancel_historical_job,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#cancel_historical_job\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#convert_existing_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

Convert an existing rule from JSON to Terraform.

See Also:

• #convert_existing_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 100

def convert_existing_security_monitoring_rule(rule_id, opts = {})
  data, _status_code, _headers = convert_existing_security_monitoring_rule_with_http_info(rule_id, opts)
  data
end

#convert_existing_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>

Convert an existing rule from JSON to Terraform.

Convert an existing rule from JSON to Terraform for datadog provider resource datadog_security_monitoring_rule.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>) —

  SecurityMonitoringRuleConvertResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 113

def convert_existing_security_monitoring_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.convert_existing_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.convert_existing_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}/convert'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleConvertResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :convert_existing_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#convert_existing_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#convert_job_result_to_signal(body, opts = {}) ⇒ Object

Convert a job result to a signal.

See Also:

• #convert_job_result_to_signal_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 166

def convert_job_result_to_signal(body, opts = {})
  convert_job_result_to_signal_with_http_info(body, opts)
  nil
end

#convert_job_result_to_signal_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Convert a job result to a signal.

Convert a job result to a signal.

Parameters:

• body (ConvertJobResultsToSignalsRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 178

def convert_job_result_to_signal_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.convert_job_result_to_signal".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.convert_job_result_to_signal")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.convert_job_result_to_signal"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.convert_job_result_to_signal ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.convert_job_result_to_signal"
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/jobs/signal_convert'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :convert_job_result_to_signal,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#convert_job_result_to_signal\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#convert_security_monitoring_rule_from_json_to_terraform(body, opts = {}) ⇒ Object

Convert a rule from JSON to Terraform.

See Also:

• #convert_security_monitoring_rule_from_json_to_terraform_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 239

def convert_security_monitoring_rule_from_json_to_terraform(body, opts = {})
  data, _status_code, _headers = convert_security_monitoring_rule_from_json_to_terraform_with_http_info(body, opts)
  data
end

#convert_security_monitoring_rule_from_json_to_terraform_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>

Convert a rule from JSON to Terraform.

Convert a rule that doesn't (yet) exist from JSON to Terraform for datadog provider resource datadog_security_monitoring_rule.

Parameters:

• body (SecurityMonitoringRuleConvertPayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>) —

  SecurityMonitoringRuleConvertResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 252

def convert_security_monitoring_rule_from_json_to_terraform_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.convert_security_monitoring_rule_from_json_to_terraform ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.convert_security_monitoring_rule_from_json_to_terraform"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/convert'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleConvertResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :convert_security_monitoring_rule_from_json_to_terraform,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#convert_security_monitoring_rule_from_json_to_terraform\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_filter(body, opts = {}) ⇒ Object

Create a security filter.

See Also:

• #create_security_filter_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 30

def create_security_filter(body, opts = {})
  data, _status_code, _headers = create_security_filter_with_http_info(body, opts)
  data
end

#create_security_filter_with_http_info(body, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

Create a security filter.

Create a security filter.

See the security filter guide for more examples.

Parameters:

• body (SecurityFilterCreateRequest) —

  The definition of the new security filter.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFilterResponse, Integer, Hash)>) —

  SecurityFilterResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 40

def create_security_filter_with_http_info(body, opts = {})

  if @api_client.config.unstable_operations.has_key?(:create_security_filter)
    unstable_enabled = @api_client.config.unstable_operations[:create_security_filter]
    if unstable_enabled
      @api_client.config.logger.warn format("Using unstable operation '%s'", "create_security_filter")
    else
      raise APIError.new(message: format("Unstable operation '%s' is disabled", "create_security_filter"))
    end
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_filter ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_filter"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFilterResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:AuthZ, :apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :create_security_filter,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_monitoring_rule(body, opts = {}) ⇒ Object

Create a detection rule.

See Also:

• #create_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 105

def create_security_monitoring_rule(body, opts = {})
  data, _status_code, _headers = create_security_monitoring_rule_with_http_info(body, opts)
  data
end

#create_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

Create a detection rule.

Create a detection rule.

Parameters:

• body (SecurityMonitoringRuleCreatePayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleResponse, Integer, Hash)>) —

  SecurityMonitoringRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 115

def create_security_monitoring_rule_with_http_info(body, opts = {})

  if @api_client.config.unstable_operations.has_key?(:create_security_monitoring_rule)
    unstable_enabled = @api_client.config.unstable_operations[:create_security_monitoring_rule]
    if unstable_enabled
      @api_client.config.logger.warn format("Using unstable operation '%s'", "create_security_monitoring_rule")
    else
      raise APIError.new(message: format("Unstable operation '%s' is disabled", "create_security_monitoring_rule"))
    end
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_monitoring_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:AuthZ, :apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :create_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_monitoring_suppression(body, opts = {}) ⇒ Object

Create a suppression rule.

See Also:

• #create_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 444

def create_security_monitoring_suppression(body, opts = {})
  data, _status_code, _headers = create_security_monitoring_suppression_with_http_info(body, opts)
  data
end

#create_security_monitoring_suppression_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

Create a suppression rule.

Create a new suppression rule.

Parameters:

• body (SecurityMonitoringSuppressionCreateRequest) —

  The definition of the new suppression rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 456

def create_security_monitoring_suppression_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_monitoring_suppression ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_historical_job(job_id, opts = {}) ⇒ Object

Delete an existing job.

See Also:

• #delete_historical_job_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 511

def delete_historical_job(job_id, opts = {})
  delete_historical_job_with_http_info(job_id, opts)
  nil
end

#delete_historical_job_with_http_info(job_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete an existing job.

Delete an existing job.

Parameters:

• job_id (String) —

  The ID of the job.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 523

def delete_historical_job_with_http_info(job_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.delete_historical_job".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.delete_historical_job")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.delete_historical_job"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_historical_job ...'
  end
  # verify the required parameter 'job_id' is set
  if @api_client.config.client_side_validation && job_id.nil?
    fail ArgumentError, "Missing the required parameter 'job_id' when calling SecurityMonitoringAPI.delete_historical_job"
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/jobs/{job_id}'.sub('{job_id}', CGI.escape(job_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_historical_job,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_historical_job\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_filter(security_filter_id, opts = {}) ⇒ Object

Delete a security filter.

See Also:

• #delete_security_filter_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 180

def delete_security_filter(security_filter_id, opts = {})
  delete_security_filter_with_http_info(security_filter_id, opts)
  nil
end

#delete_security_filter_with_http_info(security_filter_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a security filter.

Delete a specific security filter.

Parameters:

• security_filter_id (String) —

  The ID of the security filter.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 190

def delete_security_filter_with_http_info(security_filter_id, opts = {})

  if @api_client.config.unstable_operations.has_key?(:delete_security_filter)
    unstable_enabled = @api_client.config.unstable_operations[:delete_security_filter]
    if unstable_enabled
      @api_client.config.logger.warn format("Using unstable operation '%s'", "delete_security_filter")
    else
      raise APIError.new(message: format("Unstable operation '%s' is disabled", "delete_security_filter"))
    end
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_filter ...'
  end
  # verify the required parameter 'security_filter_id' is set
  if @api_client.config.client_side_validation && security_filter_id.nil?
    fail ArgumentError, "Missing the required parameter 'security_filter_id' when calling SecurityMonitoringAPI.delete_security_filter"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}'.sub('{' + 'security_filter_id' + '}', CGI.escape(security_filter_id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:AuthZ, :apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :delete_security_filter,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

Delete an existing rule.

See Also:

• #delete_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 253

def delete_security_monitoring_rule(rule_id, opts = {})
  delete_security_monitoring_rule_with_http_info(rule_id, opts)
  nil
end

#delete_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete an existing rule.

Delete an existing rule. Default rules cannot be deleted.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 263

def delete_security_monitoring_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.unstable_operations.has_key?(:delete_security_monitoring_rule)
    unstable_enabled = @api_client.config.unstable_operations[:delete_security_monitoring_rule]
    if unstable_enabled
      @api_client.config.logger.warn format("Using unstable operation '%s'", "delete_security_monitoring_rule")
    else
      raise APIError.new(message: format("Unstable operation '%s' is disabled", "delete_security_monitoring_rule"))
    end
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.delete_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}'.sub('{' + 'rule_id' + '}', CGI.escape(rule_id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:AuthZ, :apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :delete_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_monitoring_suppression(suppression_id, opts = {}) ⇒ Object

Delete a suppression rule.

See Also:

• #delete_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 712

def delete_security_monitoring_suppression(suppression_id, opts = {})
  delete_security_monitoring_suppression_with_http_info(suppression_id, opts)
  nil
end

#delete_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a suppression rule.

Delete a specific suppression rule.

Parameters:

• suppression_id (String) —

  The ID of the suppression rule

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 724

def delete_security_monitoring_suppression_with_http_info(suppression_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_monitoring_suppression ...'
  end
  # verify the required parameter 'suppression_id' is set
  if @api_client.config.client_side_validation && suppression_id.nil?
    fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.delete_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#edit_security_monitoring_signal_assignee(signal_id, body, opts = {}) ⇒ Object

Modify the triage assignee of a security signal.

See Also:

• #edit_security_monitoring_signal_assignee_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 777

def edit_security_monitoring_signal_assignee(signal_id, body, opts = {})
  data, _status_code, _headers = edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts)
  data
end

#edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

Modify the triage assignee of a security signal.

Modify the triage assignee of a security signal.

Parameters:

• signal_id (String) —

  The ID of the signal.

• body (SecurityMonitoringSignalAssigneeUpdateRequest) —

  Attributes describing the signal update.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 790

def edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.edit_security_monitoring_signal_assignee ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_assignee"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_assignee"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/assignee'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :edit_security_monitoring_signal_assignee,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#edit_security_monitoring_signal_assignee\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#edit_security_monitoring_signal_incidents(signal_id, body, opts = {}) ⇒ Object

Change the related incidents of a security signal.

See Also:

• #edit_security_monitoring_signal_incidents_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 849

def edit_security_monitoring_signal_incidents(signal_id, body, opts = {})
  data, _status_code, _headers = edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts)
  data
end

#edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

Change the related incidents of a security signal.

Change the related incidents for a security signal.

Parameters:

• signal_id (String) —

  The ID of the signal.

• body (SecurityMonitoringSignalIncidentsUpdateRequest) —

  Attributes describing the signal update.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 862

def edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.edit_security_monitoring_signal_incidents ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_incidents"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_incidents"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/incidents'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :edit_security_monitoring_signal_incidents,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#edit_security_monitoring_signal_incidents\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#edit_security_monitoring_signal_state(signal_id, body, opts = {}) ⇒ Object

Change the triage state of a security signal.

See Also:

• #edit_security_monitoring_signal_state_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 921

def edit_security_monitoring_signal_state(signal_id, body, opts = {})
  data, _status_code, _headers = edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts)
  data
end

#edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

Change the triage state of a security signal.

Change the triage state of a security signal.

Parameters:

• signal_id (String) —

  The ID of the signal.

• body (SecurityMonitoringSignalStateUpdateRequest) —

  Attributes describing the signal update.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 934

def edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.edit_security_monitoring_signal_state ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_state"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_state"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/state'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :edit_security_monitoring_signal_state,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#edit_security_monitoring_signal_state\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_finding(finding_id, opts = {}) ⇒ Object

Get a finding.

See Also:

• #get_finding_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 993

def get_finding(finding_id, opts = {})
  data, _status_code, _headers = get_finding_with_http_info(finding_id, opts)
  data
end

#get_finding_with_http_info(finding_id, opts = {}) ⇒ Array<(GetFindingResponse, Integer, Hash)>

Get a finding.

Returns a single finding with message and resource configuration.

Parameters:

• finding_id (String) —

  The ID of the finding.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :snapshot_timestamp (Integer) —

  Return the finding for a given snapshot of time (Unix ms).

Returns:

• (Array<(GetFindingResponse, Integer, Hash)>) —

  GetFindingResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1006

def get_finding_with_http_info(finding_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_finding".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_finding")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_finding"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_finding ...'
  end
  # verify the required parameter 'finding_id' is set
  if @api_client.config.client_side_validation && finding_id.nil?
    fail ArgumentError, "Missing the required parameter 'finding_id' when calling SecurityMonitoringAPI.get_finding"
  end
  if @api_client.config.client_side_validation && !opts[:'snapshot_timestamp'].nil? && opts[:'snapshot_timestamp'] < 1
    fail ArgumentError, 'invalid value for "opts[:"snapshot_timestamp"]" when calling SecurityMonitoringAPI.get_finding, must be greater than or equal to 1.'
  end
  # resource path
  local_var_path = '/api/v2/posture_management/findings/{finding_id}'.sub('{finding_id}', CGI.escape(finding_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'snapshot_timestamp'] = opts[:'snapshot_timestamp'] if !opts[:'snapshot_timestamp'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetFindingResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_finding,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_finding\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_historical_job(job_id, opts = {}) ⇒ Object

Get a job's details.

See Also:

• #get_historical_job_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1069

def get_historical_job(job_id, opts = {})
  data, _status_code, _headers = get_historical_job_with_http_info(job_id, opts)
  data
end

#get_historical_job_with_http_info(job_id, opts = {}) ⇒ Array<(HistoricalJobResponse, Integer, Hash)>

Get a job's details.

Get a job's details.

Parameters:

• job_id (String) —

  The ID of the job.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(HistoricalJobResponse, Integer, Hash)>) —

  HistoricalJobResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1081

def get_historical_job_with_http_info(job_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_historical_job".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_historical_job")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_historical_job"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_historical_job ...'
  end
  # verify the required parameter 'job_id' is set
  if @api_client.config.client_side_validation && job_id.nil?
    fail ArgumentError, "Missing the required parameter 'job_id' when calling SecurityMonitoringAPI.get_historical_job"
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/jobs/{job_id}'.sub('{job_id}', CGI.escape(job_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'HistoricalJobResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_historical_job,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_historical_job\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_filter(security_filter_id, opts = {}) ⇒ Object

Get a security filter.

See Also:

• #get_security_filter_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 326

def get_security_filter(security_filter_id, opts = {})
  data, _status_code, _headers = get_security_filter_with_http_info(security_filter_id, opts)
  data
end

#get_security_filter_with_http_info(security_filter_id, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

Get a security filter.

Get the details of a specific security filter.

See the security filter guide for more examples.

Parameters:

• security_filter_id (String) —

  The ID of the security filter.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFilterResponse, Integer, Hash)>) —

  SecurityFilterResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 336

def get_security_filter_with_http_info(security_filter_id, opts = {})

  if @api_client.config.unstable_operations.has_key?(:get_security_filter)
    unstable_enabled = @api_client.config.unstable_operations[:get_security_filter]
    if unstable_enabled
      @api_client.config.logger.warn format("Using unstable operation '%s'", "get_security_filter")
    else
      raise APIError.new(message: format("Unstable operation '%s' is disabled", "get_security_filter"))
    end
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_filter ...'
  end
  # verify the required parameter 'security_filter_id' is set
  if @api_client.config.client_side_validation && security_filter_id.nil?
    fail ArgumentError, "Missing the required parameter 'security_filter_id' when calling SecurityMonitoringAPI.get_security_filter"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}'.sub('{' + 'security_filter_id' + '}', CGI.escape(security_filter_id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFilterResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:AuthZ, :apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_security_filter,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

Get a rule's details.

See Also:

• #get_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 399

def get_security_monitoring_rule(rule_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_rule_with_http_info(rule_id, opts)
  data
end

#get_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

Get a rule's details.

Get a rule's details.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleResponse, Integer, Hash)>) —

  SecurityMonitoringRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 409

def get_security_monitoring_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.unstable_operations.has_key?(:get_security_monitoring_rule)
    unstable_enabled = @api_client.config.unstable_operations[:get_security_monitoring_rule]
    if unstable_enabled
      @api_client.config.logger.warn format("Using unstable operation '%s'", "get_security_monitoring_rule")
    else
      raise APIError.new(message: format("Unstable operation '%s' is disabled", "get_security_monitoring_rule"))
    end
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.get_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}'.sub('{' + 'rule_id' + '}', CGI.escape(rule_id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:AuthZ, :apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_signal(signal_id, opts = {}) ⇒ Object

Get a signal's details.

See Also:

• #get_security_monitoring_signal_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1273

def get_security_monitoring_signal(signal_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_signal_with_http_info(signal_id, opts)
  data
end

#get_security_monitoring_signal_with_http_info(signal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalResponse, Integer, Hash)>

Get a signal's details.

Get a signal's details.

Parameters:

• signal_id (String) —

  The ID of the signal.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalResponse, Integer, Hash)>) —

  SecurityMonitoringSignalResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1285

def get_security_monitoring_signal_with_http_info(signal_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_signal ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.get_security_monitoring_signal"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_signal,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_signal\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_suppression(suppression_id, opts = {}) ⇒ Object

Get a suppression rule.

See Also:

• #get_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1338

def get_security_monitoring_suppression(suppression_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_suppression_with_http_info(suppression_id, opts)
  data
end

#get_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

Get a suppression rule.

Get the details of a specific suppression rule.

Parameters:

• suppression_id (String) —

  The ID of the suppression rule

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1350

def get_security_monitoring_suppression_with_http_info(suppression_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_suppression ...'
  end
  # verify the required parameter 'suppression_id' is set
  if @api_client.config.client_side_validation && suppression_id.nil?
    fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.get_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_findings(opts = {}) ⇒ Object

List findings.

See Also:

• #list_findings_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1403

def list_findings(opts = {})
  data, _status_code, _headers = list_findings_with_http_info(opts)
  data
end

#list_findings_with_http_info(opts = {}) ⇒ Array<(ListFindingsResponse, Integer, Hash)>

List findings.

Get a list of findings. These include both misconfigurations and identity risks.

Filtering

Filters can be applied by appending query parameters to the URL.

• Using a single filter: ?filter[attribute_key]=attribute_value
• Chaining filters: ?filter[attribute_key]=attribute_value&filter[attribute_key]=attribute_value...
• Filtering on tags: ?filter[tags]=tag_key:tag_value&filter[tags]=tag_key_2:tag_value_2

Here, attribute_key can be any of the filter keys described further below.

Query parameters of type integer support comparison operators (>, >=, <, <=). This is particularly useful when filtering by evaluation_changed_at or resource_discovery_timestamp. For example: ?filter[evaluation_changed_at]=>20123123121.

You can also use the negation operator on strings. For example, use filter[resource_type]=-aws* to filter for any non-AWS resources.

The operator must come after the equal sign. For example, to filter with the >= operator, add the operator after the equal sign: filter[evaluation_changed_at]=>=1678809373257.

Query parameters must be only among the documented ones and with values of correct types. Duplicated query parameters (e.g. filter[status]=low&filter[status]=info) are not allowed.

Response

The response includes an array of finding objects, pagination metadata, and a count of items that match the query.

Each finding object contains the following:

• The finding ID that can be used in a GetFinding request to retrieve the full finding details.
• Core attributes, including status, evaluation, high-level resource details, muted state, and rule details.
• evaluation_changed_at and resource_discovery_date time stamps.
• An array of associated tags.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_limit (Integer) —

  Limit the number of findings returned. Must be <= 1000.

• :snapshot_timestamp (Integer) —

  Return findings for a given snapshot of time (Unix ms).

• :page_cursor (String) —

  Return the next page of findings pointed to by the cursor.

• :filter_tags (String) —

  Return findings that have these associated tags (repeatable).

• :filter_evaluation_changed_at (String) —

  Return findings that have changed from pass to fail or vice versa on a specified date (Unix ms) or date range (using comparison operators).

• :filter_muted (Boolean) —

  Set to true to return findings that are muted. Set to false to return unmuted findings.

• :filter_rule_id (String) —

  Return findings for the specified rule ID.

• :filter_rule_name (String) —

  Return findings for the specified rule.

• :filter_resource_type (String) —

  Return only findings for the specified resource type.

• :filter_discovery_timestamp (String) —

  Return findings that were found on a specified date (Unix ms) or date range (using comparison operators).

• :filter_evaluation (FindingEvaluation) —

  Return only pass or fail findings.

• :filter_status (FindingStatus) —

  Return only findings with the specified status.

• :filter_vulnerability_type (Array<FindingVulnerabilityType>) —

  Return findings that match the selected vulnerability types (repeatable).

Returns:

• (Array<(ListFindingsResponse, Integer, Hash)>) —

  ListFindingsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1457

def list_findings_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_findings".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_findings")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_findings"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_findings ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_findings, must be smaller than or equal to 1000.'
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_findings, must be greater than or equal to 1.'
  end
  if @api_client.config.client_side_validation && !opts[:'snapshot_timestamp'].nil? && opts[:'snapshot_timestamp'] < 1
    fail ArgumentError, 'invalid value for "opts[:"snapshot_timestamp"]" when calling SecurityMonitoringAPI.list_findings, must be greater than or equal to 1.'
  end
  allowable_values = ['pass', 'fail']
  if @api_client.config.client_side_validation && opts[:'filter_evaluation'] && !allowable_values.include?(opts[:'filter_evaluation'])
    fail ArgumentError, "invalid value for \"filter_evaluation\", must be one of #{allowable_values}"
  end
  allowable_values = ['critical', 'high', 'medium', 'low', 'info']
  if @api_client.config.client_side_validation && opts[:'filter_status'] && !allowable_values.include?(opts[:'filter_status'])
    fail ArgumentError, "invalid value for \"filter_status\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/posture_management/findings'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?
  query_params[:'snapshot_timestamp'] = opts[:'snapshot_timestamp'] if !opts[:'snapshot_timestamp'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'filter[tags]'] = opts[:'filter_tags'] if !opts[:'filter_tags'].nil?
  query_params[:'filter[evaluation_changed_at]'] = opts[:'filter_evaluation_changed_at'] if !opts[:'filter_evaluation_changed_at'].nil?
  query_params[:'filter[muted]'] = opts[:'filter_muted'] if !opts[:'filter_muted'].nil?
  query_params[:'filter[rule_id]'] = opts[:'filter_rule_id'] if !opts[:'filter_rule_id'].nil?
  query_params[:'filter[rule_name]'] = opts[:'filter_rule_name'] if !opts[:'filter_rule_name'].nil?
  query_params[:'filter[resource_type]'] = opts[:'filter_resource_type'] if !opts[:'filter_resource_type'].nil?
  query_params[:'filter[discovery_timestamp]'] = opts[:'filter_discovery_timestamp'] if !opts[:'filter_discovery_timestamp'].nil?
  query_params[:'filter[evaluation]'] = opts[:'filter_evaluation'] if !opts[:'filter_evaluation'].nil?
  query_params[:'filter[status]'] = opts[:'filter_status'] if !opts[:'filter_status'].nil?
  query_params[:'filter[vulnerability_type]'] = @api_client.build_collection_param(opts[:'filter_vulnerability_type'], :multi) if !opts[:'filter_vulnerability_type'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListFindingsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_findings,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )
  new_options[:query_string_normalizer] = HTTParty::Request::NON_RAILS_QUERY_STRING_NORMALIZER

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_findings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_findings_with_pagination(opts = {}) {|Finding| ... } ⇒ Object

List findings.

Provide a paginated version of #list_findings, returning all items.

To use it you need to use a block: list_findings_with_pagination { |item| p item }

Yields:

• (Finding) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1547

def list_findings_with_pagination(opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(opts, "page_limit", 100)
    @api_client.set_attribute_from_path(api_version, opts, "page_limit", Integer, page_size)
    while true do
        response = list_findings(opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length < page_size
          break
        end
        @api_client.set_attribute_from_path(api_version, opts, "page_cursor", String, @api_client.get_attribute_from_path(response, "meta.page.cursor"))
    end
end

#list_historical_jobs(opts = {}) ⇒ Object

List historical jobs.

See Also:

• #list_historical_jobs_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1564

def list_historical_jobs(opts = {})
  data, _status_code, _headers = list_historical_jobs_with_http_info(opts)
  data
end

#list_historical_jobs_with_http_info(opts = {}) ⇒ Array<(ListHistoricalJobsResponse, Integer, Hash)>

List historical jobs.

List historical jobs.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

• :sort (String) —

  The order of the jobs in results.

• :filter_query (String) —

  Query used to filter items from the fetched list.

Returns:

• (Array<(ListHistoricalJobsResponse, Integer, Hash)>) —

  ListHistoricalJobsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1579

def list_historical_jobs_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_historical_jobs".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_historical_jobs")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_historical_jobs"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_historical_jobs ...'
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/jobs'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListHistoricalJobsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_historical_jobs,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_historical_jobs\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_filters(opts = {}) ⇒ Object

Get all security filters.

See Also:

• #list_security_filters_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 471

def list_security_filters(opts = {})
  data, _status_code, _headers = list_security_filters_with_http_info(opts)
  data
end

#list_security_filters_with_http_info(opts = {}) ⇒ Array<(SecurityFiltersResponse, Integer, Hash)>

Get all security filters.

Get the list of configured security filters with their definitions.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFiltersResponse, Integer, Hash)>) —

  SecurityFiltersResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 480

def list_security_filters_with_http_info(opts = {})

  if @api_client.config.unstable_operations.has_key?(:list_security_filters)
    unstable_enabled = @api_client.config.unstable_operations[:list_security_filters]
    if unstable_enabled
      @api_client.config.logger.warn format("Using unstable operation '%s'", "list_security_filters")
    else
      raise APIError.new(message: format("Unstable operation '%s' is disabled", "list_security_filters"))
    end
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_filters ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFiltersResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:AuthZ, :apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :list_security_filters,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_filters\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_rules(opts = {}) ⇒ Object

List rules.

See Also:

• #list_security_monitoring_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 540

def list_security_monitoring_rules(opts = {})
  data, _status_code, _headers = list_security_monitoring_rules_with_http_info(opts)
  data
end

#list_security_monitoring_rules_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringListRulesResponse, Integer, Hash)>

List rules.

List rules.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

Returns:

• (Array<(SecurityMonitoringListRulesResponse, Integer, Hash)>) —

  SecurityMonitoringListRulesResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 551

def list_security_monitoring_rules_with_http_info(opts = {})

  if @api_client.config.unstable_operations.has_key?(:list_security_monitoring_rules)
    unstable_enabled = @api_client.config.unstable_operations[:list_security_monitoring_rules]
    if unstable_enabled
      @api_client.config.logger.warn format("Using unstable operation '%s'", "list_security_monitoring_rules")
    else
      raise APIError.new(message: format("Unstable operation '%s' is disabled", "list_security_monitoring_rules"))
    end
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_rules ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringListRulesResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:AuthZ, :apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :list_security_monitoring_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_signals(opts = {}) ⇒ Object

Get a quick list of security signals.

See Also:

• #list_security_monitoring_signals_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 617

def list_security_monitoring_signals(opts = {})
  data, _status_code, _headers = list_security_monitoring_signals_with_http_info(opts)
  data
end

#list_security_monitoring_signals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

Get a quick list of security signals.

The list endpoint returns security signals that match a search query. Both this endpoint and the POST endpoint can be used interchangeably when listing security signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_query (String) —

  The search query for security signals.

• :filter_from (Time) —

  The minimum timestamp for requested security signals.

• :filter_to (Time) —

  The maximum timestamp for requested security signals.

• :sort (SecurityMonitoringSignalsSort) —

  The order of the security signals in results.

• :page_cursor (String) —

  A list of results using the cursor provided in the previous query.

• :page_limit (Integer) —

  The maximum number of security signals in the response.

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 632

def list_security_monitoring_signals_with_http_info(opts = {})

  if @api_client.config.unstable_operations.has_key?(:list_security_monitoring_signals)
    unstable_enabled = @api_client.config.unstable_operations[:list_security_monitoring_signals]
    if unstable_enabled
      @api_client.config.logger.warn format("Using unstable operation '%s'", "list_security_monitoring_signals")
    else
      raise APIError.new(message: format("Unstable operation '%s' is disabled", "list_security_monitoring_signals"))
    end
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_signals ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_security_monitoring_signals, must be smaller than or equal to 1000.'
  end

  # resource path
  local_var_path = '/api/v2/security_monitoring/signals'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?
  query_params[:'filter[from]'] = opts[:'filter_from'] if !opts[:'filter_from'].nil?
  query_params[:'filter[to]'] = opts[:'filter_to'] if !opts[:'filter_to'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:AuthZ, :apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :list_security_monitoring_signals,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_signals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_signals_with_pagination(opts = {}) {|SecurityMonitoringSignal| ... } ⇒ Object

Get a quick list of security signals.

Provide a paginated version of #list_security_monitoring_signals, returning all items.

To use it you need to use a block: list_security_monitoring_signals_with_pagination { |item| p item }

Yields:

• (SecurityMonitoringSignal) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1847

def list_security_monitoring_signals_with_pagination(opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(opts, "page_limit", 10)
    @api_client.set_attribute_from_path(api_version, opts, "page_limit", Integer, page_size)
    while true do
        response = list_security_monitoring_signals(opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length < page_size
          break
        end
        @api_client.set_attribute_from_path(api_version, opts, "page_cursor", String, @api_client.get_attribute_from_path(response, "meta.page.after"))
    end
end

#list_security_monitoring_suppressions(opts = {}) ⇒ Object

Get all suppression rules.

See Also:

• #list_security_monitoring_suppressions_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1864

def list_security_monitoring_suppressions(opts = {})
  data, _status_code, _headers = list_security_monitoring_suppressions_with_http_info(opts)
  data
end

#list_security_monitoring_suppressions_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>

Get all suppression rules.

Get the list of all suppression rules.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1875

def list_security_monitoring_suppressions_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_suppressions ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_suppressions,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_suppressions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#mute_findings(body, opts = {}) ⇒ Object

Mute or unmute a batch of findings.

See Also:

• #mute_findings_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1924

def mute_findings(body, opts = {})
  data, _status_code, _headers = mute_findings_with_http_info(body, opts)
  data
end

#mute_findings_with_http_info(body, opts = {}) ⇒ Array<(BulkMuteFindingsResponse, Integer, Hash)>

Mute or unmute a batch of findings.

Mute or unmute findings.

Parameters:

• body (BulkMuteFindingsRequest) —

  Attributes All findings are updated with the same attributes. The request body must include at least two attributes: muted and reason. The allowed reasons depend on whether the finding is being muted or unmuted: - To mute a finding: PENDING_FIX, FALSE_POSITIVE, ACCEPTED_RISK, OTHER. - To unmute a finding : NO_PENDING_FIX, HUMAN_ERROR, NO_LONGER_ACCEPTED_RISK, OTHER. ### Meta The request body must include a list of the finding IDs to be updated.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(BulkMuteFindingsResponse, Integer, Hash)>) —

  BulkMuteFindingsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1936

def mute_findings_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.mute_findings".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.mute_findings")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.mute_findings"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.mute_findings ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.mute_findings"
  end
  # resource path
  local_var_path = '/api/v2/posture_management/findings'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'BulkMuteFindingsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :mute_findings,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#mute_findings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#run_historical_job(body, opts = {}) ⇒ Object

Run a historical job.

See Also:

• #run_historical_job_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1997

def run_historical_job(body, opts = {})
  data, _status_code, _headers = run_historical_job_with_http_info(body, opts)
  data
end

#run_historical_job_with_http_info(body, opts = {}) ⇒ Array<(JobCreateResponse, Integer, Hash)>

Run a historical job.

Run a historical job.

Parameters:

• body (RunHistoricalJobRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(JobCreateResponse, Integer, Hash)>) —

  JobCreateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2009

def run_historical_job_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.run_historical_job".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.run_historical_job")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.run_historical_job"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.run_historical_job ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.run_historical_job"
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/jobs'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'JobCreateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :run_historical_job,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#run_historical_job\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#search_security_monitoring_signals(opts = {}) ⇒ Object

Get a list of security signals.

See Also:

• #search_security_monitoring_signals_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 701

def search_security_monitoring_signals(opts = {})
  data, _status_code, _headers = search_security_monitoring_signals_with_http_info(opts)
  data
end

#search_security_monitoring_signals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

Get a list of security signals.

Returns security signals that match a search query. Both this endpoint and the GET endpoint can be used interchangeably for listing security signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :body (SecurityMonitoringSignalListRequest)

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 711

def search_security_monitoring_signals_with_http_info(opts = {})

  if @api_client.config.unstable_operations.has_key?(:search_security_monitoring_signals)
    unstable_enabled = @api_client.config.unstable_operations[:search_security_monitoring_signals]
    if unstable_enabled
      @api_client.config.logger.warn format("Using unstable operation '%s'", "search_security_monitoring_signals")
    else
      raise APIError.new(message: format("Unstable operation '%s' is disabled", "search_security_monitoring_signals"))
    end
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.search_security_monitoring_signals ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/search'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(opts[:'body'])

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:AuthZ, :apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :search_security_monitoring_signals,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#search_security_monitoring_signals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#search_security_monitoring_signals_with_pagination(opts = {}) {|SecurityMonitoringSignal| ... } ⇒ Object

Get a list of security signals.

Provide a paginated version of #search_security_monitoring_signals, returning all items.

To use it you need to use a block: search_security_monitoring_signals_with_pagination { |item| p item }

Yields:

• (SecurityMonitoringSignal) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2139

def search_security_monitoring_signals_with_pagination(opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(opts, "body.page.limit", 10)
    @api_client.set_attribute_from_path(api_version, opts, "body.page.limit", SecurityMonitoringSignalListRequest, page_size)
    while true do
        response = search_security_monitoring_signals(opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length < page_size
          break
        end
        @api_client.set_attribute_from_path(api_version, opts, "body.page.cursor", SecurityMonitoringSignalListRequest, @api_client.get_attribute_from_path(response, "meta.page.after"))
    end
end

#test_existing_security_monitoring_rule(rule_id, body, opts = {}) ⇒ Object

Test an existing rule.

See Also:

• #test_existing_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2156

def test_existing_security_monitoring_rule(rule_id, body, opts = {})
  data, _status_code, _headers = test_existing_security_monitoring_rule_with_http_info(rule_id, body, opts)
  data
end

#test_existing_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) ⇒ Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>

Test an existing rule.

Test an existing rule.

Parameters:

• rule_id (String) —

  The ID of the rule.

• body (SecurityMonitoringRuleTestRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>) —

  SecurityMonitoringRuleTestResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2169

def test_existing_security_monitoring_rule_with_http_info(rule_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.test_existing_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.test_existing_security_monitoring_rule"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.test_existing_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}/test'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleTestResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :test_existing_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#test_existing_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#test_security_monitoring_rule(body, opts = {}) ⇒ Object

Test a rule.

See Also:

• #test_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2228

def test_security_monitoring_rule(body, opts = {})
  data, _status_code, _headers = test_security_monitoring_rule_with_http_info(body, opts)
  data
end

#test_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>

Test a rule.

Test a rule.

Parameters:

• body (SecurityMonitoringRuleTestRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>) —

  SecurityMonitoringRuleTestResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2240

def test_security_monitoring_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.test_security_monitoring_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.test_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/test'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleTestResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :test_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#test_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_filter(security_filter_id, body, opts = {}) ⇒ Object

Update a security filter.

See Also:

• #update_security_filter_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 773

def update_security_filter(security_filter_id, body, opts = {})
  data, _status_code, _headers = update_security_filter_with_http_info(security_filter_id, body, opts)
  data
end

#update_security_filter_with_http_info(security_filter_id, body, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

Update a security filter.

Update a specific security filter. Returns the security filter object when the request is successful.

Parameters:

• security_filter_id (String) —

  The ID of the security filter.

• body (SecurityFilterUpdateRequest) —

  New definition of the security filter.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFilterResponse, Integer, Hash)>) —

  SecurityFilterResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 784

def update_security_filter_with_http_info(security_filter_id, body, opts = {})

  if @api_client.config.unstable_operations.has_key?(:update_security_filter)
    unstable_enabled = @api_client.config.unstable_operations[:update_security_filter]
    if unstable_enabled
      @api_client.config.logger.warn format("Using unstable operation '%s'", "update_security_filter")
    else
      raise APIError.new(message: format("Unstable operation '%s' is disabled", "update_security_filter"))
    end
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_filter ...'
  end
  # verify the required parameter 'security_filter_id' is set
  if @api_client.config.client_side_validation && security_filter_id.nil?
    fail ArgumentError, "Missing the required parameter 'security_filter_id' when calling SecurityMonitoringAPI.update_security_filter"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_filter"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}'.sub('{' + 'security_filter_id' + '}', CGI.escape(security_filter_id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFilterResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:AuthZ, :apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :update_security_filter,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_monitoring_rule(rule_id, body, opts = {}) ⇒ Object

Update an existing rule.

See Also:

• #update_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 854

def update_security_monitoring_rule(rule_id, body, opts = {})
  data, _status_code, _headers = update_security_monitoring_rule_with_http_info(rule_id, body, opts)
  data
end

#update_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

Update an existing rule.

Update an existing rule. When updating cases, queries or options, the whole field must be included. For example, when modifying a query all queries must be included. Default rules can only be updated to be enabled, to change notifications, or to update the tags (default tags cannot be removed).

Parameters:

• rule_id (String) —

  The ID of the rule.

• body (SecurityMonitoringRuleUpdatePayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleResponse, Integer, Hash)>) —

  SecurityMonitoringRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 865

def update_security_monitoring_rule_with_http_info(rule_id, body, opts = {})

  if @api_client.config.unstable_operations.has_key?(:update_security_monitoring_rule)
    unstable_enabled = @api_client.config.unstable_operations[:update_security_monitoring_rule]
    if unstable_enabled
      @api_client.config.logger.warn format("Using unstable operation '%s'", "update_security_monitoring_rule")
    else
      raise APIError.new(message: format("Unstable operation '%s' is disabled", "update_security_monitoring_rule"))
    end
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.update_security_monitoring_rule"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}'.sub('{' + 'rule_id' + '}', CGI.escape(rule_id.to_s))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:AuthZ, :apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :update_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:PUT, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_monitoring_suppression(suppression_id, body, opts = {}) ⇒ Object

Update a suppression rule.

See Also:

• #update_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2443

def update_security_monitoring_suppression(suppression_id, body, opts = {})
  data, _status_code, _headers = update_security_monitoring_suppression_with_http_info(suppression_id, body, opts)
  data
end

#update_security_monitoring_suppression_with_http_info(suppression_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

Update a suppression rule.

Update a specific suppression rule.

Parameters:

• suppression_id (String) —

  The ID of the suppression rule

• body (SecurityMonitoringSuppressionUpdateRequest) —

  New definition of the suppression rule. Supports partial updates.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2456

def update_security_monitoring_suppression_with_http_info(suppression_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_monitoring_suppression ...'
  end
  # verify the required parameter 'suppression_id' is set
  if @api_client.config.client_side_validation && suppression_id.nil?
    fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.update_security_monitoring_suppression"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#validate_security_monitoring_rule(body, opts = {}) ⇒ Object

Validate a detection rule.

See Also:

• #validate_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2515

def validate_security_monitoring_rule(body, opts = {})
  validate_security_monitoring_rule_with_http_info(body, opts)
  nil
end

#validate_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Validate a detection rule.

Validate a detection rule.

Parameters:

• body (SecurityMonitoringRuleValidatePayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2527

def validate_security_monitoring_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.validate_security_monitoring_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.validate_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/validation'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :validate_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#validate_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end