Class: DatadogAPIClient::V2::SecurityMonitoringAPI

Inherits:

Object

• Object
• DatadogAPIClient::V2::SecurityMonitoringAPI

Defined in:

lib/datadog_api_client/v2/api/security_monitoring_api.rb

Instance Attribute Summary

• #api_client ⇒ Object

  Returns the value of attribute api_client.

Instance Method Summary

• #activate_content_pack(content_pack_id, opts = {}) ⇒ Object

  Activate content pack.

• #activate_content_pack_with_http_info(content_pack_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Activate content pack.

• #attach_case(case_id, body, opts = {}) ⇒ Object

  Attach security findings to a case.

• #attach_case_with_http_info(case_id, body, opts = {}) ⇒ Array<(FindingCaseResponse, Integer, Hash)>

  Attach security findings to a case.

• #attach_jira_issue(body, opts = {}) ⇒ Object

  Attach security findings to a Jira issue.

• #attach_jira_issue_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponse, Integer, Hash)>

  Attach security findings to a Jira issue.

• #bulk_edit_security_monitoring_signals_assignee(body, opts = {}) ⇒ Object

  Bulk update triage assignee of security signals.

• #bulk_edit_security_monitoring_signals_assignee_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>

  Bulk update triage assignee of security signals.

• #bulk_edit_security_monitoring_signals_state(body, opts = {}) ⇒ Object

  Bulk update triage state of security signals.

• #bulk_edit_security_monitoring_signals_state_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>

  Bulk update triage state of security signals.

• #bulk_export_security_monitoring_rules(body, opts = {}) ⇒ Object

  Bulk export security monitoring rules.

• #bulk_export_security_monitoring_rules_with_http_info(body, opts = {}) ⇒ Array<(File, Integer, Hash)>

  Bulk export security monitoring rules.

• #cancel_threat_hunting_job(job_id, opts = {}) ⇒ Object

  Cancel a threat hunting job.

• #cancel_threat_hunting_job_with_http_info(job_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Cancel a threat hunting job.

• #convert_existing_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

  Convert an existing rule from JSON to Terraform.

• #convert_existing_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>

  Convert an existing rule from JSON to Terraform.

• #convert_job_result_to_signal(body, opts = {}) ⇒ Object

  Convert a job result to a signal.

• #convert_job_result_to_signal_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Convert a job result to a signal.

• #convert_security_monitoring_rule_from_json_to_terraform(body, opts = {}) ⇒ Object

  Convert a rule from JSON to Terraform.

• #convert_security_monitoring_rule_from_json_to_terraform_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>

  Convert a rule from JSON to Terraform.

• #create_cases(body, opts = {}) ⇒ Object

  Create cases for security findings.

• #create_cases_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponseArray, Integer, Hash)>

  Create cases for security findings.

• #create_custom_framework(body, opts = {}) ⇒ Object

  Create a custom framework.

• #create_custom_framework_with_http_info(body, opts = {}) ⇒ Array<(CreateCustomFrameworkResponse, Integer, Hash)>

  Create a custom framework.

• #create_jira_issues(body, opts = {}) ⇒ Object

  Create Jira issues for security findings.

• #create_jira_issues_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponseArray, Integer, Hash)>

  Create Jira issues for security findings.

• #create_security_filter(body, opts = {}) ⇒ Object

  Create a security filter.

• #create_security_filter_with_http_info(body, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

  Create a security filter.

• #create_security_monitoring_critical_asset(body, opts = {}) ⇒ Object

  Create a critical asset.

• #create_security_monitoring_critical_asset_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

  Create a critical asset.

• #create_security_monitoring_rule(body, opts = {}) ⇒ Object

  Create a detection rule.

• #create_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

  Create a detection rule.

• #create_security_monitoring_suppression(body, opts = {}) ⇒ Object

  Create a suppression rule.

• #create_security_monitoring_suppression_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

  Create a suppression rule.

• #create_signal_notification_rule(body, opts = {}) ⇒ Object

  Create a new signal-based notification rule.

• #create_signal_notification_rule_with_http_info(body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Create a new signal-based notification rule.

• #create_vulnerability_notification_rule(body, opts = {}) ⇒ Object

  Create a new vulnerability-based notification rule.

• #create_vulnerability_notification_rule_with_http_info(body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Create a new vulnerability-based notification rule.

• #deactivate_content_pack(content_pack_id, opts = {}) ⇒ Object

  Deactivate content pack.

• #deactivate_content_pack_with_http_info(content_pack_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Deactivate content pack.

• #delete_custom_framework(handle, version, opts = {}) ⇒ Object

  Delete a custom framework.

• #delete_custom_framework_with_http_info(handle, version, opts = {}) ⇒ Array<(DeleteCustomFrameworkResponse, Integer, Hash)>

  Delete a custom framework.

• #delete_security_filter(security_filter_id, opts = {}) ⇒ Object

  Delete a security filter.

• #delete_security_filter_with_http_info(security_filter_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a security filter.

• #delete_security_monitoring_critical_asset(critical_asset_id, opts = {}) ⇒ Object

  Delete a critical asset.

• #delete_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a critical asset.

• #delete_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

  Delete an existing rule.

• #delete_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete an existing rule.

• #delete_security_monitoring_suppression(suppression_id, opts = {}) ⇒ Object

  Delete a suppression rule.

• #delete_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a suppression rule.

• #delete_signal_notification_rule(id, opts = {}) ⇒ Object

  Delete a signal-based notification rule.

• #delete_signal_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a signal-based notification rule.

• #delete_threat_hunting_job(job_id, opts = {}) ⇒ Object

  Delete an existing job.

• #delete_threat_hunting_job_with_http_info(job_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete an existing job.

• #delete_vulnerability_notification_rule(id, opts = {}) ⇒ Object

  Delete a vulnerability-based notification rule.

• #delete_vulnerability_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a vulnerability-based notification rule.

• #detach_case(body, opts = {}) ⇒ Object

  Detach security findings from their case.

• #detach_case_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Detach security findings from their case.

• #edit_security_monitoring_signal_assignee(signal_id, body, opts = {}) ⇒ Object

  Modify the triage assignee of a security signal.

• #edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

  Modify the triage assignee of a security signal.

• #edit_security_monitoring_signal_incidents(signal_id, body, opts = {}) ⇒ Object

  Change the related incidents of a security signal.

• #edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

  Change the related incidents of a security signal.

• #edit_security_monitoring_signal_state(signal_id, body, opts = {}) ⇒ Object

  Change the triage state of a security signal.

• #edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

  Change the triage state of a security signal.

• #get_content_packs_states(opts = {}) ⇒ Object

  Get content pack states.

• #get_content_packs_states_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringContentPackStatesResponse, Integer, Hash)>

  Get content pack states.

• #get_critical_assets_affecting_rule(rule_id, opts = {}) ⇒ Object

  Get critical assets affecting a specific rule.

• #get_critical_assets_affecting_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>

  Get critical assets affecting a specific rule.

• #get_custom_framework(handle, version, opts = {}) ⇒ Object

  Get a custom framework.

• #get_custom_framework_with_http_info(handle, version, opts = {}) ⇒ Array<(GetCustomFrameworkResponse, Integer, Hash)>

  Get a custom framework.

• #get_finding(finding_id, opts = {}) ⇒ Object

  Get a finding.

• #get_finding_with_http_info(finding_id, opts = {}) ⇒ Array<(GetFindingResponse, Integer, Hash)>

  Get a finding.

• #get_resource_evaluation_filters(opts = {}) ⇒ Object

  List resource filters.

• #get_resource_evaluation_filters_with_http_info(opts = {}) ⇒ Array<(GetResourceEvaluationFiltersResponse, Integer, Hash)>

  List resource filters.

• #get_rule_version_history(rule_id, opts = {}) ⇒ Object

  Get a rule's version history.

• #get_rule_version_history_with_http_info(rule_id, opts = {}) ⇒ Array<(GetRuleVersionHistoryResponse, Integer, Hash)>

  Get a rule's version history.

• #get_sbom(asset_type, filter_asset_name, opts = {}) ⇒ Object

  Get SBOM.

• #get_sbom_with_http_info(asset_type, filter_asset_name, opts = {}) ⇒ Array<(GetSBOMResponse, Integer, Hash)>

  Get SBOM.

• #get_secrets_rules(opts = {}) ⇒ Object

  Returns a list of Secrets rules.

• #get_secrets_rules_with_http_info(opts = {}) ⇒ Array<(SecretRuleArray, Integer, Hash)>

  Returns a list of Secrets rules.

• #get_security_filter(security_filter_id, opts = {}) ⇒ Object

  Get a security filter.

• #get_security_filter_with_http_info(security_filter_id, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

  Get a security filter.

• #get_security_monitoring_critical_asset(critical_asset_id, opts = {}) ⇒ Object

  Get a critical asset.

• #get_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

  Get a critical asset.

• #get_security_monitoring_histsignal(histsignal_id, opts = {}) ⇒ Object

  Get a hist signal's details.

• #get_security_monitoring_histsignal_with_http_info(histsignal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalResponse, Integer, Hash)>

  Get a hist signal's details.

• #get_security_monitoring_histsignals_by_job_id(job_id, opts = {}) ⇒ Object

  Get a job's hist signals.

• #get_security_monitoring_histsignals_by_job_id_with_http_info(job_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  Get a job's hist signals.

• #get_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

  Get a rule's details.

• #get_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

  Get a rule's details.

• #get_security_monitoring_signal(signal_id, opts = {}) ⇒ Object

  Get a signal's details.

• #get_security_monitoring_signal_with_http_info(signal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalResponse, Integer, Hash)>

  Get a signal's details.

• #get_security_monitoring_suppression(suppression_id, opts = {}) ⇒ Object

  Get a suppression rule.

• #get_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

  Get a suppression rule.

• #get_signal_notification_rule(id, opts = {}) ⇒ Object

  Get details of a signal-based notification rule.

• #get_signal_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Get details of a signal-based notification rule.

• #get_signal_notification_rules(opts = {}) ⇒ Object

  Get the list of signal-based notification rules.

• #get_signal_notification_rules_with_http_info(opts = {}) ⇒ Array<(Object, Integer, Hash)>

  Get the list of signal-based notification rules.

• #get_suppression_version_history(suppression_id, opts = {}) ⇒ Object

  Get a suppression's version history.

• #get_suppression_version_history_with_http_info(suppression_id, opts = {}) ⇒ Array<(GetSuppressionVersionHistoryResponse, Integer, Hash)>

  Get a suppression's version history.

• #get_suppressions_affecting_future_rule(body, opts = {}) ⇒ Object

  Get suppressions affecting future rule.

• #get_suppressions_affecting_future_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>

  Get suppressions affecting future rule.

• #get_suppressions_affecting_rule(rule_id, opts = {}) ⇒ Object

  Get suppressions affecting a specific rule.

• #get_suppressions_affecting_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>

  Get suppressions affecting a specific rule.

• #get_threat_hunting_job(job_id, opts = {}) ⇒ Object

  Get a job's details.

• #get_threat_hunting_job_with_http_info(job_id, opts = {}) ⇒ Array<(ThreatHuntingJobResponse, Integer, Hash)>

  Get a job's details.

• #get_vulnerability_notification_rule(id, opts = {}) ⇒ Object

  Get details of a vulnerability notification rule.

• #get_vulnerability_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Get details of a vulnerability notification rule.

• #get_vulnerability_notification_rules(opts = {}) ⇒ Object

  Get the list of vulnerability notification rules.

• #get_vulnerability_notification_rules_with_http_info(opts = {}) ⇒ Array<(Object, Integer, Hash)>

  Get the list of vulnerability notification rules.

• #initialize(api_client = DatadogAPIClient::APIClient.default) ⇒ SecurityMonitoringAPI constructor

  A new instance of SecurityMonitoringAPI.

• #list_assets_sbo_ms(opts = {}) ⇒ Object

  List assets SBOMs.

• #list_assets_sbo_ms_with_http_info(opts = {}) ⇒ Array<(ListAssetsSBOMsResponse, Integer, Hash)>

  List assets SBOMs.

• #list_findings(opts = {}) ⇒ Object

  List findings.

• #list_findings_with_http_info(opts = {}) ⇒ Array<(ListFindingsResponse, Integer, Hash)>

  List findings.

• #list_findings_with_pagination(opts = {}) {|Finding| ... } ⇒ Object

  List findings.

• #list_multiple_rulesets(body, opts = {}) ⇒ Object

  Ruleset get multiple.

• #list_multiple_rulesets_with_http_info(body, opts = {}) ⇒ Array<(GetMultipleRulesetsResponse, Integer, Hash)>

  Ruleset get multiple.

• #list_scanned_assets_metadata(opts = {}) ⇒ Object

  List scanned assets metadata.

• #list_scanned_assets_metadata_with_http_info(opts = {}) ⇒ Array<(ScannedAssetsMetadata, Integer, Hash)>

  List scanned assets metadata.

• #list_security_filters(opts = {}) ⇒ Object

  Get all security filters.

• #list_security_filters_with_http_info(opts = {}) ⇒ Array<(SecurityFiltersResponse, Integer, Hash)>

  Get all security filters.

• #list_security_findings(opts = {}) ⇒ Object

  List security findings.

• #list_security_findings_with_http_info(opts = {}) ⇒ Array<(ListSecurityFindingsResponse, Integer, Hash)>

  List security findings.

• #list_security_findings_with_pagination(opts = {}) {|SecurityFindingsData| ... } ⇒ Object

  List security findings.

• #list_security_monitoring_critical_assets(opts = {}) ⇒ Object

  Get all critical assets.

• #list_security_monitoring_critical_assets_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>

  Get all critical assets.

• #list_security_monitoring_histsignals(opts = {}) ⇒ Object

  List hist signals.

• #list_security_monitoring_histsignals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  List hist signals.

• #list_security_monitoring_rules(opts = {}) ⇒ Object

  List rules.

• #list_security_monitoring_rules_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringListRulesResponse, Integer, Hash)>

  List rules.

• #list_security_monitoring_signals(opts = {}) ⇒ Object

  Get a quick list of security signals.

• #list_security_monitoring_signals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  Get a quick list of security signals.

• #list_security_monitoring_signals_with_pagination(opts = {}) {|SecurityMonitoringSignal| ... } ⇒ Object

  Get a quick list of security signals.

• #list_security_monitoring_suppressions(opts = {}) ⇒ Object

  Get all suppression rules.

• #list_security_monitoring_suppressions_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringPaginatedSuppressionsResponse, Integer, Hash)>

  Get all suppression rules.

• #list_threat_hunting_jobs(opts = {}) ⇒ Object

  List threat hunting jobs.

• #list_threat_hunting_jobs_with_http_info(opts = {}) ⇒ Array<(ListThreatHuntingJobsResponse, Integer, Hash)>

  List threat hunting jobs.

• #list_vulnerabilities(opts = {}) ⇒ Object

  List vulnerabilities.

• #list_vulnerabilities_with_http_info(opts = {}) ⇒ Array<(ListVulnerabilitiesResponse, Integer, Hash)> deprecated Deprecated.

  This API is deprecated.

• #list_vulnerable_assets(opts = {}) ⇒ Object

  List vulnerable assets.

• #list_vulnerable_assets_with_http_info(opts = {}) ⇒ Array<(ListVulnerableAssetsResponse, Integer, Hash)>

  List vulnerable assets.

• #mute_findings(body, opts = {}) ⇒ Object

  Mute or unmute a batch of findings.

• #mute_findings_with_http_info(body, opts = {}) ⇒ Array<(BulkMuteFindingsResponse, Integer, Hash)>

  Mute or unmute a batch of findings.

• #patch_signal_notification_rule(id, body, opts = {}) ⇒ Object

  Patch a signal-based notification rule.

• #patch_signal_notification_rule_with_http_info(id, body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Patch a signal-based notification rule.

• #patch_vulnerability_notification_rule(id, body, opts = {}) ⇒ Object

  Patch a vulnerability-based notification rule.

• #patch_vulnerability_notification_rule_with_http_info(id, body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Patch a vulnerability-based notification rule.

• #run_threat_hunting_job(body, opts = {}) ⇒ Object

  Run a threat hunting job.

• #run_threat_hunting_job_with_http_info(body, opts = {}) ⇒ Array<(JobCreateResponse, Integer, Hash)>

  Run a threat hunting job.

• #search_security_findings(body, opts = {}) ⇒ Object

  Search security findings.

• #search_security_findings_with_http_info(body, opts = {}) ⇒ Array<(ListSecurityFindingsResponse, Integer, Hash)>

  Search security findings.

• #search_security_findings_with_pagination(body, opts = {}) {|SecurityFindingsData| ... } ⇒ Object

  Search security findings.

• #search_security_monitoring_histsignals(opts = {}) ⇒ Object

  Search hist signals.

• #search_security_monitoring_histsignals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  Search hist signals.

• #search_security_monitoring_signals(opts = {}) ⇒ Object

  Get a list of security signals.

• #search_security_monitoring_signals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  Get a list of security signals.

• #search_security_monitoring_signals_with_pagination(opts = {}) {|SecurityMonitoringSignal| ... } ⇒ Object

  Get a list of security signals.

• #test_existing_security_monitoring_rule(rule_id, body, opts = {}) ⇒ Object

  Test an existing rule.

• #test_existing_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) ⇒ Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>

  Test an existing rule.

• #test_security_monitoring_rule(body, opts = {}) ⇒ Object

  Test a rule.

• #test_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>

  Test a rule.

• #update_custom_framework(handle, version, body, opts = {}) ⇒ Object

  Update a custom framework.

• #update_custom_framework_with_http_info(handle, version, body, opts = {}) ⇒ Array<(UpdateCustomFrameworkResponse, Integer, Hash)>

  Update a custom framework.

• #update_resource_evaluation_filters(body, opts = {}) ⇒ Object

  Update resource filters.

• #update_resource_evaluation_filters_with_http_info(body, opts = {}) ⇒ Array<(UpdateResourceEvaluationFiltersResponse, Integer, Hash)>

  Update resource filters.

• #update_security_filter(security_filter_id, body, opts = {}) ⇒ Object

  Update a security filter.

• #update_security_filter_with_http_info(security_filter_id, body, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

  Update a security filter.

• #update_security_monitoring_critical_asset(critical_asset_id, body, opts = {}) ⇒ Object

  Update a critical asset.

• #update_security_monitoring_critical_asset_with_http_info(critical_asset_id, body, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

  Update a critical asset.

• #update_security_monitoring_rule(rule_id, body, opts = {}) ⇒ Object

  Update an existing rule.

• #update_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

  Update an existing rule.

• #update_security_monitoring_suppression(suppression_id, body, opts = {}) ⇒ Object

  Update a suppression rule.

• #update_security_monitoring_suppression_with_http_info(suppression_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

  Update a suppression rule.

• #validate_security_monitoring_rule(body, opts = {}) ⇒ Object

  Validate a detection rule.

• #validate_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Validate a detection rule.

• #validate_security_monitoring_suppression(body, opts = {}) ⇒ Object

  Validate a suppression rule.

• #validate_security_monitoring_suppression_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Validate a suppression rule.

Constructor Details

#initialize(api_client = DatadogAPIClient::APIClient.default) ⇒ SecurityMonitoringAPI

Returns a new instance of SecurityMonitoringAPI.

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 22

def initialize(api_client = DatadogAPIClient::APIClient.default)
  @api_client = api_client
end

Instance Attribute Details

#api_client ⇒ Object

Returns the value of attribute api_client.

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 20

def api_client
  @api_client
end

Instance Method Details

#activate_content_pack(content_pack_id, opts = {}) ⇒ Object

Activate content pack.

See Also:

• #activate_content_pack_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 29

def activate_content_pack(content_pack_id, opts = {})
  activate_content_pack_with_http_info(content_pack_id, opts)
  nil
end

#activate_content_pack_with_http_info(content_pack_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Activate content pack.

Activate a security monitoring content pack. This operation configures the necessary log filters or security filters depending on the pricing model and updates the content pack activation state.

Parameters:

• content_pack_id (String) —

  The ID of the content pack to activate.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 43

def activate_content_pack_with_http_info(content_pack_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.activate_content_pack".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.activate_content_pack")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.activate_content_pack"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.activate_content_pack ...'
  end
  # verify the required parameter 'content_pack_id' is set
  if @api_client.config.client_side_validation && content_pack_id.nil?
    fail ArgumentError, "Missing the required parameter 'content_pack_id' when calling SecurityMonitoringAPI.activate_content_pack"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/content_packs/{content_pack_id}/activate'.sub('{content_pack_id}', CGI.escape(content_pack_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :activate_content_pack,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Put, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#activate_content_pack\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#attach_case(case_id, body, opts = {}) ⇒ Object

Attach security findings to a case.

See Also:

• #attach_case_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 102

def attach_case(case_id, body, opts = {})
  data, _status_code, _headers = attach_case_with_http_info(case_id, body, opts)
  data
end

#attach_case_with_http_info(case_id, body, opts = {}) ⇒ Array<(FindingCaseResponse, Integer, Hash)>

Attach security findings to a case.

Attach security findings to a case. You can attach up to 50 security findings per case. Security findings that are already attached to another case will be detached from their previous case and attached to the specified case.

Parameters:

• case_id (String) —

  Unique identifier of the case to attach security findings to

• body (AttachCaseRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(FindingCaseResponse, Integer, Hash)>) —

  FindingCaseResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 116

def attach_case_with_http_info(case_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.attach_case ...'
  end
  # verify the required parameter 'case_id' is set
  if @api_client.config.client_side_validation && case_id.nil?
    fail ArgumentError, "Missing the required parameter 'case_id' when calling SecurityMonitoringAPI.attach_case"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.attach_case"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/cases/{case_id}'.sub('{case_id}', CGI.escape(case_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'FindingCaseResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :attach_case,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#attach_case\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#attach_jira_issue(body, opts = {}) ⇒ Object

Attach security findings to a Jira issue.

See Also:

• #attach_jira_issue_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 175

def attach_jira_issue(body, opts = {})
  data, _status_code, _headers = attach_jira_issue_with_http_info(body, opts)
  data
end

#attach_jira_issue_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponse, Integer, Hash)>

Attach security findings to a Jira issue.

Attach security findings to a Jira issue by providing the Jira issue URL. You can attach up to 50 security findings per Jira issue. If the Jira issue is not linked to any case, this operation will create a case for the security findings and link the Jira issue to the newly created case. To configure the Jira integration, see Bidirectional ticket syncing with Jira. Security findings that are already attached to another Jira issue will be detached from their previous Jira issue and attached to the specified Jira issue.

Parameters:

• body (AttachJiraIssueRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(FindingCaseResponse, Integer, Hash)>) —

  FindingCaseResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 188

def attach_jira_issue_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.attach_jira_issue ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.attach_jira_issue"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/jira_issues'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'FindingCaseResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :attach_jira_issue,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#attach_jira_issue\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#bulk_edit_security_monitoring_signals_assignee(body, opts = {}) ⇒ Object

Bulk update triage assignee of security signals.

See Also:

• #bulk_edit_security_monitoring_signals_assignee_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 243

def bulk_edit_security_monitoring_signals_assignee(body, opts = {})
  data, _status_code, _headers = bulk_edit_security_monitoring_signals_assignee_with_http_info(body, opts)
  data
end

#bulk_edit_security_monitoring_signals_assignee_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>

Bulk update triage assignee of security signals.

Change the triage assignees of multiple security signals at once. The maximum number of signals that can be updated in a single request is 199.

Parameters:

• body (SecurityMonitoringSignalsBulkAssigneeUpdateRequest) —

  Attributes describing the signal assignee updates.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsBulkTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 256

def bulk_edit_security_monitoring_signals_assignee_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.bulk_edit_security_monitoring_signals_assignee ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.bulk_edit_security_monitoring_signals_assignee"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/bulk/assignee'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsBulkTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :bulk_edit_security_monitoring_signals_assignee,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#bulk_edit_security_monitoring_signals_assignee\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#bulk_edit_security_monitoring_signals_state(body, opts = {}) ⇒ Object

Bulk update triage state of security signals.

See Also:

• #bulk_edit_security_monitoring_signals_state_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 311

def bulk_edit_security_monitoring_signals_state(body, opts = {})
  data, _status_code, _headers = bulk_edit_security_monitoring_signals_state_with_http_info(body, opts)
  data
end

#bulk_edit_security_monitoring_signals_state_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>

Bulk update triage state of security signals.

Change the triage states of multiple security signals at once. The maximum number of signals that can be updated in a single request is 199.

Parameters:

• body (SecurityMonitoringSignalsBulkStateUpdateRequest) —

  Attributes describing the signal state updates.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsBulkTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 324

def bulk_edit_security_monitoring_signals_state_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.bulk_edit_security_monitoring_signals_state ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.bulk_edit_security_monitoring_signals_state"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/bulk/state'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsBulkTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :bulk_edit_security_monitoring_signals_state,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#bulk_edit_security_monitoring_signals_state\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#bulk_export_security_monitoring_rules(body, opts = {}) ⇒ Object

Bulk export security monitoring rules.

See Also:

• #bulk_export_security_monitoring_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 379

def bulk_export_security_monitoring_rules(body, opts = {})
  data, _status_code, _headers = bulk_export_security_monitoring_rules_with_http_info(body, opts)
  data
end

#bulk_export_security_monitoring_rules_with_http_info(body, opts = {}) ⇒ Array<(File, Integer, Hash)>

Bulk export security monitoring rules.

Export a list of security monitoring rules as a ZIP file containing JSON rule definitions. The endpoint accepts a list of rule IDs and returns a ZIP archive where each rule is saved as a separate JSON file named after the rule.

Parameters:

• body (SecurityMonitoringRuleBulkExportPayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(File, Integer, Hash)>) —

  File data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 393

def bulk_export_security_monitoring_rules_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.bulk_export_security_monitoring_rules ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.bulk_export_security_monitoring_rules"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/bulk_export'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/zip', 'application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'File'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :bulk_export_security_monitoring_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#bulk_export_security_monitoring_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#cancel_threat_hunting_job(job_id, opts = {}) ⇒ Object

Cancel a threat hunting job.

See Also:

• #cancel_threat_hunting_job_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 448

def cancel_threat_hunting_job(job_id, opts = {})
  cancel_threat_hunting_job_with_http_info(job_id, opts)
  nil
end

#cancel_threat_hunting_job_with_http_info(job_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Cancel a threat hunting job.

Cancel a threat hunting job.

Parameters:

• job_id (String) —

  The ID of the job.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 460

def cancel_threat_hunting_job_with_http_info(job_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.cancel_threat_hunting_job".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.cancel_threat_hunting_job")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.cancel_threat_hunting_job"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.cancel_threat_hunting_job ...'
  end
  # verify the required parameter 'job_id' is set
  if @api_client.config.client_side_validation && job_id.nil?
    fail ArgumentError, "Missing the required parameter 'job_id' when calling SecurityMonitoringAPI.cancel_threat_hunting_job"
  end
  # resource path
  local_var_path = '/api/v2/siem-threat-hunting/jobs/{job_id}/cancel'.sub('{job_id}', CGI.escape(job_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :cancel_threat_hunting_job,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#cancel_threat_hunting_job\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#convert_existing_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

Convert an existing rule from JSON to Terraform.

See Also:

• #convert_existing_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 519

def convert_existing_security_monitoring_rule(rule_id, opts = {})
  data, _status_code, _headers = convert_existing_security_monitoring_rule_with_http_info(rule_id, opts)
  data
end

#convert_existing_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>

Convert an existing rule from JSON to Terraform.

Convert an existing rule from JSON to Terraform for Datadog provider resource datadog_security_monitoring_rule. You can do so for the following rule types:

• App and API Protection
• Cloud SIEM (log detection and signal correlation)
• Workload Protection

You can convert Cloud Security configuration rules using Terraform's Datadog Cloud Configuration Rule resource.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>) —

  SecurityMonitoringRuleConvertResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 537

def convert_existing_security_monitoring_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.convert_existing_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.convert_existing_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}/convert'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleConvertResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :convert_existing_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#convert_existing_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#convert_job_result_to_signal(body, opts = {}) ⇒ Object

Convert a job result to a signal.

See Also:

• #convert_job_result_to_signal_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 590

def convert_job_result_to_signal(body, opts = {})
  convert_job_result_to_signal_with_http_info(body, opts)
  nil
end

#convert_job_result_to_signal_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Convert a job result to a signal.

Convert a job result to a signal.

Parameters:

• body (ConvertJobResultsToSignalsRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 602

def convert_job_result_to_signal_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.convert_job_result_to_signal".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.convert_job_result_to_signal")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.convert_job_result_to_signal"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.convert_job_result_to_signal ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.convert_job_result_to_signal"
  end
  # resource path
  local_var_path = '/api/v2/siem-threat-hunting/jobs/signal_convert'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :convert_job_result_to_signal,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#convert_job_result_to_signal\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#convert_security_monitoring_rule_from_json_to_terraform(body, opts = {}) ⇒ Object

Convert a rule from JSON to Terraform.

See Also:

• #convert_security_monitoring_rule_from_json_to_terraform_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 663

def convert_security_monitoring_rule_from_json_to_terraform(body, opts = {})
  data, _status_code, _headers = convert_security_monitoring_rule_from_json_to_terraform_with_http_info(body, opts)
  data
end

#convert_security_monitoring_rule_from_json_to_terraform_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>

Convert a rule from JSON to Terraform.

Convert a rule that doesn't (yet) exist from JSON to Terraform for Datadog provider resource datadog_security_monitoring_rule. You can do so for the following rule types:

• App and API Protection
• Cloud SIEM (log detection and signal correlation)
• Workload Protection

You can convert Cloud Security configuration rules using Terraform's Datadog Cloud Configuration Rule resource.

Parameters:

• body (SecurityMonitoringRuleConvertPayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>) —

  SecurityMonitoringRuleConvertResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 681

def convert_security_monitoring_rule_from_json_to_terraform_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.convert_security_monitoring_rule_from_json_to_terraform ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.convert_security_monitoring_rule_from_json_to_terraform"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/convert'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleConvertResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :convert_security_monitoring_rule_from_json_to_terraform,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#convert_security_monitoring_rule_from_json_to_terraform\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_cases(body, opts = {}) ⇒ Object

Create cases for security findings.

See Also:

• #create_cases_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 736

def create_cases(body, opts = {})
  data, _status_code, _headers = create_cases_with_http_info(body, opts)
  data
end

#create_cases_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponseArray, Integer, Hash)>

Create cases for security findings.

Create cases for security findings. You can create up to 50 cases per request and associate up to 50 security findings per case. Security findings that are already attached to another case will be detached from their previous case and attached to the newly created case.

Parameters:

• body (CreateCaseRequestArray)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(FindingCaseResponseArray, Integer, Hash)>) —

  FindingCaseResponseArray data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 749

def create_cases_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_cases ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_cases"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/cases'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'FindingCaseResponseArray'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_cases,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_cases\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_custom_framework(body, opts = {}) ⇒ Object

Create a custom framework.

See Also:

• #create_custom_framework_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 804

def create_custom_framework(body, opts = {})
  data, _status_code, _headers = create_custom_framework_with_http_info(body, opts)
  data
end

#create_custom_framework_with_http_info(body, opts = {}) ⇒ Array<(CreateCustomFrameworkResponse, Integer, Hash)>

Create a custom framework.

Create a custom framework.

Parameters:

• body (CreateCustomFrameworkRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(CreateCustomFrameworkResponse, Integer, Hash)>) —

  CreateCustomFrameworkResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 816

def create_custom_framework_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_custom_framework ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_custom_framework"
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/custom_frameworks'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'CreateCustomFrameworkResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_custom_framework,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_custom_framework\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_jira_issues(body, opts = {}) ⇒ Object

Create Jira issues for security findings.

See Also:

• #create_jira_issues_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 871

def create_jira_issues(body, opts = {})
  data, _status_code, _headers = create_jira_issues_with_http_info(body, opts)
  data
end

#create_jira_issues_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponseArray, Integer, Hash)>

Create Jira issues for security findings.

Create Jira issues for security findings. This operation creates a case in Datadog and a Jira issue linked to that case for bidirectional sync between Datadog and Jira. To configure the Jira integration, see Bidirectional ticket syncing with Jira. You can create up to 50 Jira issues per request and associate up to 50 security findings per Jira issue. Security findings that are already attached to another Jira issue will be detached from their previous Jira issue and attached to the newly created Jira issue.

Parameters:

• body (CreateJiraIssueRequestArray)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(FindingCaseResponseArray, Integer, Hash)>) —

  FindingCaseResponseArray data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 884

def create_jira_issues_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_jira_issues ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_jira_issues"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/jira_issues'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'FindingCaseResponseArray'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_jira_issues,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_jira_issues\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_filter(body, opts = {}) ⇒ Object

Create a security filter.

See Also:

• #create_security_filter_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 939

def create_security_filter(body, opts = {})
  data, _status_code, _headers = create_security_filter_with_http_info(body, opts)
  data
end

#create_security_filter_with_http_info(body, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

Create a security filter.

Create a security filter.

See the security filter guide for more examples.

Parameters:

• body (SecurityFilterCreateRequest) —

  The definition of the new security filter.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFilterResponse, Integer, Hash)>) —

  SecurityFilterResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 954

def create_security_filter_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_filter ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_filter"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFilterResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_security_filter,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_monitoring_critical_asset(body, opts = {}) ⇒ Object

Create a critical asset.

See Also:

• #create_security_monitoring_critical_asset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1009

def create_security_monitoring_critical_asset(body, opts = {})
  data, _status_code, _headers = create_security_monitoring_critical_asset_with_http_info(body, opts)
  data
end

#create_security_monitoring_critical_asset_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

Create a critical asset.

Create a new critical asset.

Parameters:

• body (SecurityMonitoringCriticalAssetCreateRequest) —

  The definition of the new critical asset.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>) —

  SecurityMonitoringCriticalAssetResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1021

def create_security_monitoring_critical_asset_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_monitoring_critical_asset ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_monitoring_critical_asset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_security_monitoring_critical_asset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_monitoring_critical_asset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_monitoring_rule(body, opts = {}) ⇒ Object

Create a detection rule.

See Also:

• #create_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1076

def create_security_monitoring_rule(body, opts = {})
  data, _status_code, _headers = create_security_monitoring_rule_with_http_info(body, opts)
  data
end

#create_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

Create a detection rule.

Create a detection rule.

Parameters:

• body (SecurityMonitoringRuleCreatePayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleResponse, Integer, Hash)>) —

  SecurityMonitoringRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1088

def create_security_monitoring_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_monitoring_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_monitoring_suppression(body, opts = {}) ⇒ Object

Create a suppression rule.

See Also:

• #create_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1143

def create_security_monitoring_suppression(body, opts = {})
  data, _status_code, _headers = create_security_monitoring_suppression_with_http_info(body, opts)
  data
end

#create_security_monitoring_suppression_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

Create a suppression rule.

Create a new suppression rule.

Parameters:

• body (SecurityMonitoringSuppressionCreateRequest) —

  The definition of the new suppression rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1155

def create_security_monitoring_suppression_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_monitoring_suppression ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_signal_notification_rule(body, opts = {}) ⇒ Object

Create a new signal-based notification rule.

See Also:

• #create_signal_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1210

def create_signal_notification_rule(body, opts = {})
  data, _status_code, _headers = create_signal_notification_rule_with_http_info(body, opts)
  data
end

#create_signal_notification_rule_with_http_info(body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Create a new signal-based notification rule.

Create a new notification rule for security signals and return the created rule.

Parameters:

• body (CreateNotificationRuleParameters) —

  The body of the create notification rule request is composed of the rule type and the rule attributes: the rule name, the selectors, the notification targets, and the rule enabled status.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1222

def create_signal_notification_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_signal_notification_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_signal_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/signals/notification_rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :create_signal_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_signal_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_vulnerability_notification_rule(body, opts = {}) ⇒ Object

Create a new vulnerability-based notification rule.

See Also:

• #create_vulnerability_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1277

def create_vulnerability_notification_rule(body, opts = {})
  data, _status_code, _headers = create_vulnerability_notification_rule_with_http_info(body, opts)
  data
end

#create_vulnerability_notification_rule_with_http_info(body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Create a new vulnerability-based notification rule.

Create a new notification rule for security vulnerabilities and return the created rule.

Parameters:

• body (CreateNotificationRuleParameters) —

  The body of the create notification rule request is composed of the rule type and the rule attributes: the rule name, the selectors, the notification targets, and the rule enabled status.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1289

def create_vulnerability_notification_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_vulnerability_notification_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_vulnerability_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities/notification_rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :create_vulnerability_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_vulnerability_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#deactivate_content_pack(content_pack_id, opts = {}) ⇒ Object

Deactivate content pack.

See Also:

• #deactivate_content_pack_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1344

def deactivate_content_pack(content_pack_id, opts = {})
  deactivate_content_pack_with_http_info(content_pack_id, opts)
  nil
end

#deactivate_content_pack_with_http_info(content_pack_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Deactivate content pack.

Deactivate a security monitoring content pack. This operation removes the content pack's configuration from log filters or security filters and updates the content pack activation state.

Parameters:

• content_pack_id (String) —

  The ID of the content pack to deactivate.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1357

def deactivate_content_pack_with_http_info(content_pack_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.deactivate_content_pack".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.deactivate_content_pack")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.deactivate_content_pack"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.deactivate_content_pack ...'
  end
  # verify the required parameter 'content_pack_id' is set
  if @api_client.config.client_side_validation && content_pack_id.nil?
    fail ArgumentError, "Missing the required parameter 'content_pack_id' when calling SecurityMonitoringAPI.deactivate_content_pack"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/content_packs/{content_pack_id}/deactivate'.sub('{content_pack_id}', CGI.escape(content_pack_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :deactivate_content_pack,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Put, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#deactivate_content_pack\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_custom_framework(handle, version, opts = {}) ⇒ Object

Delete a custom framework.

See Also:

• #delete_custom_framework_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1416

def delete_custom_framework(handle, version, opts = {})
  data, _status_code, _headers = delete_custom_framework_with_http_info(handle, version, opts)
  data
end

#delete_custom_framework_with_http_info(handle, version, opts = {}) ⇒ Array<(DeleteCustomFrameworkResponse, Integer, Hash)>

Delete a custom framework.

Delete a custom framework.

Parameters:

• handle (String) —

  The framework handle

• version (String) —

  The framework version

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(DeleteCustomFrameworkResponse, Integer, Hash)>) —

  DeleteCustomFrameworkResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1429

def delete_custom_framework_with_http_info(handle, version, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_custom_framework ...'
  end
  # verify the required parameter 'handle' is set
  if @api_client.config.client_side_validation && handle.nil?
    fail ArgumentError, "Missing the required parameter 'handle' when calling SecurityMonitoringAPI.delete_custom_framework"
  end
  # verify the required parameter 'version' is set
  if @api_client.config.client_side_validation && version.nil?
    fail ArgumentError, "Missing the required parameter 'version' when calling SecurityMonitoringAPI.delete_custom_framework"
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/custom_frameworks/{handle}/{version}'.sub('{handle}', CGI.escape(handle.to_s).gsub('%2F', '/')).sub('{version}', CGI.escape(version.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'DeleteCustomFrameworkResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_custom_framework,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_custom_framework\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_filter(security_filter_id, opts = {}) ⇒ Object

Delete a security filter.

See Also:

• #delete_security_filter_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1486

def delete_security_filter(security_filter_id, opts = {})
  delete_security_filter_with_http_info(security_filter_id, opts)
  nil
end

#delete_security_filter_with_http_info(security_filter_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a security filter.

Delete a specific security filter.

Parameters:

• security_filter_id (String) —

  The ID of the security filter.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1498

def delete_security_filter_with_http_info(security_filter_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_filter ...'
  end
  # verify the required parameter 'security_filter_id' is set
  if @api_client.config.client_side_validation && security_filter_id.nil?
    fail ArgumentError, "Missing the required parameter 'security_filter_id' when calling SecurityMonitoringAPI.delete_security_filter"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}'.sub('{security_filter_id}', CGI.escape(security_filter_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_security_filter,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_monitoring_critical_asset(critical_asset_id, opts = {}) ⇒ Object

Delete a critical asset.

See Also:

• #delete_security_monitoring_critical_asset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1551

def delete_security_monitoring_critical_asset(critical_asset_id, opts = {})
  delete_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts)
  nil
end

#delete_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a critical asset.

Delete a specific critical asset.

Parameters:

• critical_asset_id (String) —

  The ID of the critical asset.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1563

def delete_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_monitoring_critical_asset ...'
  end
  # verify the required parameter 'critical_asset_id' is set
  if @api_client.config.client_side_validation && critical_asset_id.nil?
    fail ArgumentError, "Missing the required parameter 'critical_asset_id' when calling SecurityMonitoringAPI.delete_security_monitoring_critical_asset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id}'.sub('{critical_asset_id}', CGI.escape(critical_asset_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_security_monitoring_critical_asset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_monitoring_critical_asset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

Delete an existing rule.

See Also:

• #delete_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1616

def delete_security_monitoring_rule(rule_id, opts = {})
  delete_security_monitoring_rule_with_http_info(rule_id, opts)
  nil
end

#delete_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete an existing rule.

Delete an existing rule. Default rules cannot be deleted.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1628

def delete_security_monitoring_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.delete_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_monitoring_suppression(suppression_id, opts = {}) ⇒ Object

Delete a suppression rule.

See Also:

• #delete_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1681

def delete_security_monitoring_suppression(suppression_id, opts = {})
  delete_security_monitoring_suppression_with_http_info(suppression_id, opts)
  nil
end

#delete_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a suppression rule.

Delete a specific suppression rule.

Parameters:

• suppression_id (String) —

  The ID of the suppression rule

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1693

def delete_security_monitoring_suppression_with_http_info(suppression_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_monitoring_suppression ...'
  end
  # verify the required parameter 'suppression_id' is set
  if @api_client.config.client_side_validation && suppression_id.nil?
    fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.delete_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_signal_notification_rule(id, opts = {}) ⇒ Object

Delete a signal-based notification rule.

See Also:

• #delete_signal_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1746

def delete_signal_notification_rule(id, opts = {})
  delete_signal_notification_rule_with_http_info(id, opts)
  nil
end

#delete_signal_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a signal-based notification rule.

Delete a notification rule for security signals.

Parameters:

• id (String) —

  ID of the notification rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1758

def delete_signal_notification_rule_with_http_info(id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_signal_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.delete_signal_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/signals/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :delete_signal_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_signal_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_threat_hunting_job(job_id, opts = {}) ⇒ Object

Delete an existing job.

See Also:

• #delete_threat_hunting_job_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1811

def delete_threat_hunting_job(job_id, opts = {})
  delete_threat_hunting_job_with_http_info(job_id, opts)
  nil
end

#delete_threat_hunting_job_with_http_info(job_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete an existing job.

Delete an existing job.

Parameters:

• job_id (String) —

  The ID of the job.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1823

def delete_threat_hunting_job_with_http_info(job_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.delete_threat_hunting_job".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.delete_threat_hunting_job")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.delete_threat_hunting_job"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_threat_hunting_job ...'
  end
  # verify the required parameter 'job_id' is set
  if @api_client.config.client_side_validation && job_id.nil?
    fail ArgumentError, "Missing the required parameter 'job_id' when calling SecurityMonitoringAPI.delete_threat_hunting_job"
  end
  # resource path
  local_var_path = '/api/v2/siem-threat-hunting/jobs/{job_id}'.sub('{job_id}', CGI.escape(job_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_threat_hunting_job,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_threat_hunting_job\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_vulnerability_notification_rule(id, opts = {}) ⇒ Object

Delete a vulnerability-based notification rule.

See Also:

• #delete_vulnerability_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1882

def delete_vulnerability_notification_rule(id, opts = {})
  delete_vulnerability_notification_rule_with_http_info(id, opts)
  nil
end

#delete_vulnerability_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a vulnerability-based notification rule.

Delete a notification rule for security vulnerabilities.

Parameters:

• id (String) —

  ID of the notification rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1894

def delete_vulnerability_notification_rule_with_http_info(id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_vulnerability_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.delete_vulnerability_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :delete_vulnerability_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_vulnerability_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#detach_case(body, opts = {}) ⇒ Object

Detach security findings from their case.

See Also:

• #detach_case_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1947

def detach_case(body, opts = {})
  detach_case_with_http_info(body, opts)
  nil
end

#detach_case_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Detach security findings from their case.

Detach security findings from their case. This operation dissociates security findings from their associated cases without deleting the cases themselves. You can detach security findings from multiple different cases in a single request, with a limit of 50 security findings per request. Security findings that are not currently attached to any case will be ignored.

Parameters:

• body (DetachCaseRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1960

def detach_case_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.detach_case ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.detach_case"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/cases'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :detach_case,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#detach_case\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#edit_security_monitoring_signal_assignee(signal_id, body, opts = {}) ⇒ Object

Modify the triage assignee of a security signal.

See Also:

• #edit_security_monitoring_signal_assignee_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2015

def edit_security_monitoring_signal_assignee(signal_id, body, opts = {})
  data, _status_code, _headers = edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts)
  data
end

#edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

Modify the triage assignee of a security signal.

Modify the triage assignee of a security signal.

Parameters:

• signal_id (String) —

  The ID of the signal.

• body (SecurityMonitoringSignalAssigneeUpdateRequest) —

  Attributes describing the signal update.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2028

def edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.edit_security_monitoring_signal_assignee ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_assignee"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_assignee"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/assignee'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :edit_security_monitoring_signal_assignee,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#edit_security_monitoring_signal_assignee\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#edit_security_monitoring_signal_incidents(signal_id, body, opts = {}) ⇒ Object

Change the related incidents of a security signal.

See Also:

• #edit_security_monitoring_signal_incidents_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2087

def edit_security_monitoring_signal_incidents(signal_id, body, opts = {})
  data, _status_code, _headers = edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts)
  data
end

#edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

Change the related incidents of a security signal.

Change the related incidents for a security signal.

Parameters:

• signal_id (String) —

  The ID of the signal.

• body (SecurityMonitoringSignalIncidentsUpdateRequest) —

  Attributes describing the signal update.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2100

def edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.edit_security_monitoring_signal_incidents ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_incidents"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_incidents"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/incidents'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :edit_security_monitoring_signal_incidents,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#edit_security_monitoring_signal_incidents\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#edit_security_monitoring_signal_state(signal_id, body, opts = {}) ⇒ Object

Change the triage state of a security signal.

See Also:

• #edit_security_monitoring_signal_state_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2159

def edit_security_monitoring_signal_state(signal_id, body, opts = {})
  data, _status_code, _headers = edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts)
  data
end

#edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

Change the triage state of a security signal.

Change the triage state of a security signal.

Parameters:

• signal_id (String) —

  The ID of the signal.

• body (SecurityMonitoringSignalStateUpdateRequest) —

  Attributes describing the signal update.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2172

def edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.edit_security_monitoring_signal_state ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_state"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_state"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/state'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :edit_security_monitoring_signal_state,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#edit_security_monitoring_signal_state\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_content_packs_states(opts = {}) ⇒ Object

Get content pack states.

See Also:

• #get_content_packs_states_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2231

def get_content_packs_states(opts = {})
  data, _status_code, _headers = get_content_packs_states_with_http_info(opts)
  data
end

#get_content_packs_states_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringContentPackStatesResponse, Integer, Hash)>

Get content pack states.

Get the activation and configuration states for all security monitoring content packs. This endpoint returns status information about each content pack including activation state, integration status, and log collection status.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringContentPackStatesResponse, Integer, Hash)>) —

  SecurityMonitoringContentPackStatesResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2244

def get_content_packs_states_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_content_packs_states".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_content_packs_states")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_content_packs_states"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_content_packs_states ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/content_packs/states'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringContentPackStatesResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_content_packs_states,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_content_packs_states\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_critical_assets_affecting_rule(rule_id, opts = {}) ⇒ Object

Get critical assets affecting a specific rule.

See Also:

• #get_critical_assets_affecting_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2299

def get_critical_assets_affecting_rule(rule_id, opts = {})
  data, _status_code, _headers = get_critical_assets_affecting_rule_with_http_info(rule_id, opts)
  data
end

#get_critical_assets_affecting_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>

Get critical assets affecting a specific rule.

Get the list of critical assets that affect a specific existing rule by the rule's ID.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>) —

  SecurityMonitoringCriticalAssetsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2311

def get_critical_assets_affecting_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_critical_assets_affecting_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.get_critical_assets_affecting_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_critical_assets_affecting_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_critical_assets_affecting_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_custom_framework(handle, version, opts = {}) ⇒ Object

Get a custom framework.

See Also:

• #get_custom_framework_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2364

def get_custom_framework(handle, version, opts = {})
  data, _status_code, _headers = get_custom_framework_with_http_info(handle, version, opts)
  data
end

#get_custom_framework_with_http_info(handle, version, opts = {}) ⇒ Array<(GetCustomFrameworkResponse, Integer, Hash)>

Get a custom framework.

Get a custom framework.

Parameters:

• handle (String) —

  The framework handle

• version (String) —

  The framework version

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(GetCustomFrameworkResponse, Integer, Hash)>) —

  GetCustomFrameworkResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2377

def get_custom_framework_with_http_info(handle, version, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_custom_framework ...'
  end
  # verify the required parameter 'handle' is set
  if @api_client.config.client_side_validation && handle.nil?
    fail ArgumentError, "Missing the required parameter 'handle' when calling SecurityMonitoringAPI.get_custom_framework"
  end
  # verify the required parameter 'version' is set
  if @api_client.config.client_side_validation && version.nil?
    fail ArgumentError, "Missing the required parameter 'version' when calling SecurityMonitoringAPI.get_custom_framework"
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/custom_frameworks/{handle}/{version}'.sub('{handle}', CGI.escape(handle.to_s).gsub('%2F', '/')).sub('{version}', CGI.escape(version.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetCustomFrameworkResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_custom_framework,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_custom_framework\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_finding(finding_id, opts = {}) ⇒ Object

Get a finding.

See Also:

• #get_finding_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2434

def get_finding(finding_id, opts = {})
  data, _status_code, _headers = get_finding_with_http_info(finding_id, opts)
  data
end

#get_finding_with_http_info(finding_id, opts = {}) ⇒ Array<(GetFindingResponse, Integer, Hash)>

Get a finding.

Returns a single finding with message and resource configuration.

Parameters:

• finding_id (String) —

  The ID of the finding.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :snapshot_timestamp (Integer) —

  Return the finding for a given snapshot of time (Unix ms).

Returns:

• (Array<(GetFindingResponse, Integer, Hash)>) —

  GetFindingResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2447

def get_finding_with_http_info(finding_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_finding".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_finding")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_finding"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_finding ...'
  end
  # verify the required parameter 'finding_id' is set
  if @api_client.config.client_side_validation && finding_id.nil?
    fail ArgumentError, "Missing the required parameter 'finding_id' when calling SecurityMonitoringAPI.get_finding"
  end
  if @api_client.config.client_side_validation && !opts[:'snapshot_timestamp'].nil? && opts[:'snapshot_timestamp'] < 1
    fail ArgumentError, 'invalid value for "opts[:"snapshot_timestamp"]" when calling SecurityMonitoringAPI.get_finding, must be greater than or equal to 1.'
  end
  # resource path
  local_var_path = '/api/v2/posture_management/findings/{finding_id}'.sub('{finding_id}', CGI.escape(finding_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'snapshot_timestamp'] = opts[:'snapshot_timestamp'] if !opts[:'snapshot_timestamp'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetFindingResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_finding,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_finding\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_resource_evaluation_filters(opts = {}) ⇒ Object

List resource filters.

See Also:

• #get_resource_evaluation_filters_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2510

def get_resource_evaluation_filters(opts = {})
  data, _status_code, _headers = get_resource_evaluation_filters_with_http_info(opts)
  data
end

#get_resource_evaluation_filters_with_http_info(opts = {}) ⇒ Array<(GetResourceEvaluationFiltersResponse, Integer, Hash)>

List resource filters.

List resource filters.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :cloud_provider (String) —

  Filter resource filters by cloud provider (e.g. aws, gcp, azure).

• :account_id (String) —

  Filter resource filters by cloud provider account ID. This parameter is only valid when provider is specified.

• :skip_cache (Boolean) —

  Skip cache for resource filters.

Returns:

• (Array<(GetResourceEvaluationFiltersResponse, Integer, Hash)>) —

  GetResourceEvaluationFiltersResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2524

def get_resource_evaluation_filters_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_resource_evaluation_filters ...'
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/resource_filters'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'cloud_provider'] = opts[:'cloud_provider'] if !opts[:'cloud_provider'].nil?
  query_params[:'account_id'] = opts[:'account_id'] if !opts[:'account_id'].nil?
  query_params[:'skip_cache'] = opts[:'skip_cache'] if !opts[:'skip_cache'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetResourceEvaluationFiltersResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_resource_evaluation_filters,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_resource_evaluation_filters\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_rule_version_history(rule_id, opts = {}) ⇒ Object

Get a rule's version history.

See Also:

• #get_rule_version_history_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2576

def get_rule_version_history(rule_id, opts = {})
  data, _status_code, _headers = get_rule_version_history_with_http_info(rule_id, opts)
  data
end

#get_rule_version_history_with_http_info(rule_id, opts = {}) ⇒ Array<(GetRuleVersionHistoryResponse, Integer, Hash)>

Get a rule's version history.

Get a rule's version history.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

Returns:

• (Array<(GetRuleVersionHistoryResponse, Integer, Hash)>) —

  GetRuleVersionHistoryResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2590

def get_rule_version_history_with_http_info(rule_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_rule_version_history".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_rule_version_history")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_rule_version_history"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_rule_version_history ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.get_rule_version_history"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}/version_history'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetRuleVersionHistoryResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_rule_version_history,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_rule_version_history\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_sbom(asset_type, filter_asset_name, opts = {}) ⇒ Object

Get SBOM.

See Also:

• #get_sbom_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2651

def get_sbom(asset_type, filter_asset_name, opts = {})
  data, _status_code, _headers = get_sbom_with_http_info(asset_type, filter_asset_name, opts)
  data
end

#get_sbom_with_http_info(asset_type, filter_asset_name, opts = {}) ⇒ Array<(GetSBOMResponse, Integer, Hash)>

Get SBOM.

Get a single SBOM related to an asset by its type and name.

Parameters:

• asset_type (AssetType) —

  The type of the asset for the SBOM request.

• filter_asset_name (String) —

  The name of the asset for the SBOM request.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_repo_digest (String) —

  The container image repo_digest for the SBOM request. When the requested asset type is 'Image', this filter is mandatory.

• :ext_format (SBOMFormat) —

  The standard of the SBOM.

Returns:

• (Array<(GetSBOMResponse, Integer, Hash)>) —

  GetSBOMResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2666

def get_sbom_with_http_info(asset_type, filter_asset_name, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_sbom ...'
  end
  # verify the required parameter 'asset_type' is set
  if @api_client.config.client_side_validation && asset_type.nil?
    fail ArgumentError, "Missing the required parameter 'asset_type' when calling SecurityMonitoringAPI.get_sbom"
  end
  # verify enum value
  allowable_values = ['Repository', 'Service', 'Host', 'HostImage', 'Image']
  if @api_client.config.client_side_validation && !allowable_values.include?(asset_type)
    fail ArgumentError, "invalid value for \"asset_type\", must be one of #{allowable_values}"
  end
  # verify the required parameter 'filter_asset_name' is set
  if @api_client.config.client_side_validation && filter_asset_name.nil?
    fail ArgumentError, "Missing the required parameter 'filter_asset_name' when calling SecurityMonitoringAPI.get_sbom"
  end
  allowable_values = ['CycloneDX', 'SPDX']
  if @api_client.config.client_side_validation && opts[:'ext_format'] && !allowable_values.include?(opts[:'ext_format'])
    fail ArgumentError, "invalid value for \"ext_format\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/sboms/{asset_type}'.sub('{asset_type}', CGI.escape(asset_type.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[asset_name]'] = filter_asset_name
  query_params[:'filter[repo_digest]'] = opts[:'filter_repo_digest'] if !opts[:'filter_repo_digest'].nil?
  query_params[:'ext:format'] = opts[:'ext_format'] if !opts[:'ext_format'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetSBOMResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_sbom,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_sbom\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_secrets_rules(opts = {}) ⇒ Object

Returns a list of Secrets rules.

See Also:

• #get_secrets_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2735

def get_secrets_rules(opts = {})
  data, _status_code, _headers = get_secrets_rules_with_http_info(opts)
  data
end

#get_secrets_rules_with_http_info(opts = {}) ⇒ Array<(SecretRuleArray, Integer, Hash)>

Returns a list of Secrets rules.

Returns a list of Secrets rules with ID, Pattern, Description, Priority, and SDS ID.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecretRuleArray, Integer, Hash)>) —

  SecretRuleArray data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2746

def get_secrets_rules_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_secrets_rules".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_secrets_rules")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_secrets_rules"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_secrets_rules ...'
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/secrets/rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecretRuleArray'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_secrets_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_secrets_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_filter(security_filter_id, opts = {}) ⇒ Object

Get a security filter.

See Also:

• #get_security_filter_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2801

def get_security_filter(security_filter_id, opts = {})
  data, _status_code, _headers = get_security_filter_with_http_info(security_filter_id, opts)
  data
end

#get_security_filter_with_http_info(security_filter_id, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

Get a security filter.

Get the details of a specific security filter.

See the security filter guide for more examples.

Parameters:

• security_filter_id (String) —

  The ID of the security filter.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFilterResponse, Integer, Hash)>) —

  SecurityFilterResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2816

def get_security_filter_with_http_info(security_filter_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_filter ...'
  end
  # verify the required parameter 'security_filter_id' is set
  if @api_client.config.client_side_validation && security_filter_id.nil?
    fail ArgumentError, "Missing the required parameter 'security_filter_id' when calling SecurityMonitoringAPI.get_security_filter"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}'.sub('{security_filter_id}', CGI.escape(security_filter_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFilterResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_filter,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_critical_asset(critical_asset_id, opts = {}) ⇒ Object

Get a critical asset.

See Also:

• #get_security_monitoring_critical_asset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2869

def get_security_monitoring_critical_asset(critical_asset_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts)
  data
end

#get_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

Get a critical asset.

Get the details of a specific critical asset.

Parameters:

• critical_asset_id (String) —

  The ID of the critical asset.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>) —

  SecurityMonitoringCriticalAssetResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2881

def get_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_critical_asset ...'
  end
  # verify the required parameter 'critical_asset_id' is set
  if @api_client.config.client_side_validation && critical_asset_id.nil?
    fail ArgumentError, "Missing the required parameter 'critical_asset_id' when calling SecurityMonitoringAPI.get_security_monitoring_critical_asset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id}'.sub('{critical_asset_id}', CGI.escape(critical_asset_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_critical_asset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_critical_asset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_histsignal(histsignal_id, opts = {}) ⇒ Object

Get a hist signal's details.

See Also:

• #get_security_monitoring_histsignal_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2934

def get_security_monitoring_histsignal(histsignal_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_histsignal_with_http_info(histsignal_id, opts)
  data
end

#get_security_monitoring_histsignal_with_http_info(histsignal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalResponse, Integer, Hash)>

Get a hist signal's details.

Get a hist signal's details.

Parameters:

• histsignal_id (String) —

  The ID of the threat hunting signal.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalResponse, Integer, Hash)>) —

  SecurityMonitoringSignalResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2946

def get_security_monitoring_histsignal_with_http_info(histsignal_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_security_monitoring_histsignal".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_security_monitoring_histsignal")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_security_monitoring_histsignal"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_histsignal ...'
  end
  # verify the required parameter 'histsignal_id' is set
  if @api_client.config.client_side_validation && histsignal_id.nil?
    fail ArgumentError, "Missing the required parameter 'histsignal_id' when calling SecurityMonitoringAPI.get_security_monitoring_histsignal"
  end
  # resource path
  local_var_path = '/api/v2/siem-threat-hunting/histsignals/{histsignal_id}'.sub('{histsignal_id}', CGI.escape(histsignal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_histsignal,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_histsignal\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_histsignals_by_job_id(job_id, opts = {}) ⇒ Object

Get a job's hist signals.

See Also:

• #get_security_monitoring_histsignals_by_job_id_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3005

def get_security_monitoring_histsignals_by_job_id(job_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_histsignals_by_job_id_with_http_info(job_id, opts)
  data
end

#get_security_monitoring_histsignals_by_job_id_with_http_info(job_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

Get a job's hist signals.

Get a job's hist signals.

Parameters:

• job_id (String) —

  The ID of the job.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_query (String) —

  The search query for security signals.

• :filter_from (Time) —

  The minimum timestamp for requested security signals.

• :filter_to (Time) —

  The maximum timestamp for requested security signals.

• :sort (SecurityMonitoringSignalsSort) —

  The order of the security signals in results.

• :page_cursor (String) —

  A list of results using the cursor provided in the previous query.

• :page_limit (Integer) —

  The maximum number of security signals in the response.

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3023

def get_security_monitoring_histsignals_by_job_id_with_http_info(job_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_security_monitoring_histsignals_by_job_id".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_security_monitoring_histsignals_by_job_id")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_security_monitoring_histsignals_by_job_id"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_histsignals_by_job_id ...'
  end
  # verify the required parameter 'job_id' is set
  if @api_client.config.client_side_validation && job_id.nil?
    fail ArgumentError, "Missing the required parameter 'job_id' when calling SecurityMonitoringAPI.get_security_monitoring_histsignals_by_job_id"
  end
  allowable_values = ['timestamp', '-timestamp']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.get_security_monitoring_histsignals_by_job_id, must be smaller than or equal to 1000.'
  end
  # resource path
  local_var_path = '/api/v2/siem-threat-hunting/jobs/{job_id}/histsignals'.sub('{job_id}', CGI.escape(job_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?
  query_params[:'filter[from]'] = opts[:'filter_from'] if !opts[:'filter_from'].nil?
  query_params[:'filter[to]'] = opts[:'filter_to'] if !opts[:'filter_to'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_histsignals_by_job_id,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_histsignals_by_job_id\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

Get a rule's details.

See Also:

• #get_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3095

def get_security_monitoring_rule(rule_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_rule_with_http_info(rule_id, opts)
  data
end

#get_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

Get a rule's details.

Get a rule's details.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleResponse, Integer, Hash)>) —

  SecurityMonitoringRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3107

def get_security_monitoring_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.get_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_signal(signal_id, opts = {}) ⇒ Object

Get a signal's details.

See Also:

• #get_security_monitoring_signal_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3160

def get_security_monitoring_signal(signal_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_signal_with_http_info(signal_id, opts)
  data
end

#get_security_monitoring_signal_with_http_info(signal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalResponse, Integer, Hash)>

Get a signal's details.

Get a signal's details.

Parameters:

• signal_id (String) —

  The ID of the signal.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalResponse, Integer, Hash)>) —

  SecurityMonitoringSignalResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3172

def get_security_monitoring_signal_with_http_info(signal_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_signal ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.get_security_monitoring_signal"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_signal,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_signal\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_suppression(suppression_id, opts = {}) ⇒ Object

Get a suppression rule.

See Also:

• #get_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3225

def get_security_monitoring_suppression(suppression_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_suppression_with_http_info(suppression_id, opts)
  data
end

#get_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

Get a suppression rule.

Get the details of a specific suppression rule.

Parameters:

• suppression_id (String) —

  The ID of the suppression rule

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3237

def get_security_monitoring_suppression_with_http_info(suppression_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_suppression ...'
  end
  # verify the required parameter 'suppression_id' is set
  if @api_client.config.client_side_validation && suppression_id.nil?
    fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.get_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_signal_notification_rule(id, opts = {}) ⇒ Object

Get details of a signal-based notification rule.

See Also:

• #get_signal_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3290

def get_signal_notification_rule(id, opts = {})
  data, _status_code, _headers = get_signal_notification_rule_with_http_info(id, opts)
  data
end

#get_signal_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Get details of a signal-based notification rule.

Get the details of a notification rule for security signals.

Parameters:

• id (String) —

  ID of the notification rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3302

def get_signal_notification_rule_with_http_info(id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_signal_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.get_signal_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/signals/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_signal_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_signal_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_signal_notification_rules(opts = {}) ⇒ Object

Get the list of signal-based notification rules.

See Also:

• #get_signal_notification_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3355

def get_signal_notification_rules(opts = {})
  data, _status_code, _headers = get_signal_notification_rules_with_http_info(opts)
  data
end

#get_signal_notification_rules_with_http_info(opts = {}) ⇒ Array<(Object, Integer, Hash)>

Get the list of signal-based notification rules.

Returns the list of notification rules for security signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(Object, Integer, Hash)>) —

  Object data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3366

def get_signal_notification_rules_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_signal_notification_rules ...'
  end
  # resource path
  local_var_path = '/api/v2/security/signals/notification_rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'Object'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_signal_notification_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_signal_notification_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_suppression_version_history(suppression_id, opts = {}) ⇒ Object

Get a suppression's version history.

See Also:

• #get_suppression_version_history_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3547

def get_suppression_version_history(suppression_id, opts = {})
  data, _status_code, _headers = get_suppression_version_history_with_http_info(suppression_id, opts)
  data
end

#get_suppression_version_history_with_http_info(suppression_id, opts = {}) ⇒ Array<(GetSuppressionVersionHistoryResponse, Integer, Hash)>

Get a suppression's version history.

Get a suppression's version history.

Parameters:

• suppression_id (String) —

  The ID of the suppression rule

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

Returns:

• (Array<(GetSuppressionVersionHistoryResponse, Integer, Hash)>) —

  GetSuppressionVersionHistoryResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3561

def get_suppression_version_history_with_http_info(suppression_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_suppression_version_history ...'
  end
  # verify the required parameter 'suppression_id' is set
  if @api_client.config.client_side_validation && suppression_id.nil?
    fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.get_suppression_version_history"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}/version_history'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetSuppressionVersionHistoryResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_suppression_version_history,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_suppression_version_history\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_suppressions_affecting_future_rule(body, opts = {}) ⇒ Object

Get suppressions affecting future rule.

See Also:

• #get_suppressions_affecting_future_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3415

def get_suppressions_affecting_future_rule(body, opts = {})
  data, _status_code, _headers = get_suppressions_affecting_future_rule_with_http_info(body, opts)
  data
end

#get_suppressions_affecting_future_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>

Get suppressions affecting future rule.

Get the list of suppressions that would affect a rule.

Parameters:

• body (SecurityMonitoringRuleCreatePayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3427

def get_suppressions_affecting_future_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_suppressions_affecting_future_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.get_suppressions_affecting_future_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_suppressions_affecting_future_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_suppressions_affecting_future_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_suppressions_affecting_rule(rule_id, opts = {}) ⇒ Object

Get suppressions affecting a specific rule.

See Also:

• #get_suppressions_affecting_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3482

def get_suppressions_affecting_rule(rule_id, opts = {})
  data, _status_code, _headers = get_suppressions_affecting_rule_with_http_info(rule_id, opts)
  data
end

#get_suppressions_affecting_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>

Get suppressions affecting a specific rule.

Get the list of suppressions that affect a specific existing rule by its ID.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3494

def get_suppressions_affecting_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_suppressions_affecting_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.get_suppressions_affecting_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_suppressions_affecting_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_suppressions_affecting_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_threat_hunting_job(job_id, opts = {}) ⇒ Object

Get a job's details.

See Also:

• #get_threat_hunting_job_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3616

def get_threat_hunting_job(job_id, opts = {})
  data, _status_code, _headers = get_threat_hunting_job_with_http_info(job_id, opts)
  data
end

#get_threat_hunting_job_with_http_info(job_id, opts = {}) ⇒ Array<(ThreatHuntingJobResponse, Integer, Hash)>

Get a job's details.

Get a job's details.

Parameters:

• job_id (String) —

  The ID of the job.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(ThreatHuntingJobResponse, Integer, Hash)>) —

  ThreatHuntingJobResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3628

def get_threat_hunting_job_with_http_info(job_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_threat_hunting_job".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_threat_hunting_job")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_threat_hunting_job"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_threat_hunting_job ...'
  end
  # verify the required parameter 'job_id' is set
  if @api_client.config.client_side_validation && job_id.nil?
    fail ArgumentError, "Missing the required parameter 'job_id' when calling SecurityMonitoringAPI.get_threat_hunting_job"
  end
  # resource path
  local_var_path = '/api/v2/siem-threat-hunting/jobs/{job_id}'.sub('{job_id}', CGI.escape(job_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ThreatHuntingJobResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_threat_hunting_job,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_threat_hunting_job\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_vulnerability_notification_rule(id, opts = {}) ⇒ Object

Get details of a vulnerability notification rule.

See Also:

• #get_vulnerability_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3687

def get_vulnerability_notification_rule(id, opts = {})
  data, _status_code, _headers = get_vulnerability_notification_rule_with_http_info(id, opts)
  data
end

#get_vulnerability_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Get details of a vulnerability notification rule.

Get the details of a notification rule for security vulnerabilities.

Parameters:

• id (String) —

  ID of the notification rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3699

def get_vulnerability_notification_rule_with_http_info(id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_vulnerability_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.get_vulnerability_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_vulnerability_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_vulnerability_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_vulnerability_notification_rules(opts = {}) ⇒ Object

Get the list of vulnerability notification rules.

See Also:

• #get_vulnerability_notification_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3752

def get_vulnerability_notification_rules(opts = {})
  data, _status_code, _headers = get_vulnerability_notification_rules_with_http_info(opts)
  data
end

#get_vulnerability_notification_rules_with_http_info(opts = {}) ⇒ Array<(Object, Integer, Hash)>

Get the list of vulnerability notification rules.

Returns the list of notification rules for security vulnerabilities.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(Object, Integer, Hash)>) —

  Object data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3763

def get_vulnerability_notification_rules_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_vulnerability_notification_rules ...'
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities/notification_rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'Object'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_vulnerability_notification_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_vulnerability_notification_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_assets_sbo_ms(opts = {}) ⇒ Object

List assets SBOMs.

See Also:

• #list_assets_sbo_ms_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3812

def list_assets_sbo_ms(opts = {})
  data, _status_code, _headers = list_assets_sbo_ms_with_http_info(opts)
  data
end

#list_assets_sbo_ms_with_http_info(opts = {}) ⇒ Array<(ListAssetsSBOMsResponse, Integer, Hash)>

List assets SBOMs.

Get a list of assets SBOMs for an organization.

Pagination

Please review the Pagination section for the "List Vulnerabilities" endpoint.

Filtering

Please review the Filtering section for the "List Vulnerabilities" endpoint.

Metadata

Please review the Metadata section for the "List Vulnerabilities" endpoint.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_token (String) —

  Its value must come from the links section of the response of the first request. Do not manually edit it.

• :page_number (Integer) —

  The page number to be retrieved. It should be equal to or greater than 1.

• :filter_asset_type (AssetType) —

  The type of the assets for the SBOM request.

• :filter_asset_name (String) —

  The name of the asset for the SBOM request.

• :filter_package_name (String) —

  The name of the component that is a dependency of an asset.

• :filter_package_version (String) —

  The version of the component that is a dependency of an asset.

• :filter_license_name (String) —

  The software license name of the component that is a dependency of an asset.

• :filter_license_type (SBOMComponentLicenseType) —

  The software license type of the component that is a dependency of an asset.

Returns:

• (Array<(ListAssetsSBOMsResponse, Integer, Hash)>) —

  ListAssetsSBOMsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3843

def list_assets_sbo_ms_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_assets_sbo_ms ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_number'].nil? && opts[:'page_number'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_number"]" when calling SecurityMonitoringAPI.list_assets_sbo_ms, must be greater than or equal to 1.'
  end
  allowable_values = ['Repository', 'Service', 'Host', 'HostImage', 'Image']
  if @api_client.config.client_side_validation && opts[:'filter_asset_type'] && !allowable_values.include?(opts[:'filter_asset_type'])
    fail ArgumentError, "invalid value for \"filter_asset_type\", must be one of #{allowable_values}"
  end
  allowable_values = ['network_strong_copyleft', 'non_standard_copyleft', 'other_non_free', 'other_non_standard', 'permissive', 'public_domain', 'strong_copyleft', 'weak_copyleft']
  if @api_client.config.client_side_validation && opts[:'filter_license_type'] && !allowable_values.include?(opts[:'filter_license_type'])
    fail ArgumentError, "invalid value for \"filter_license_type\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/sboms'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[token]'] = opts[:'page_token'] if !opts[:'page_token'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'filter[asset_type]'] = opts[:'filter_asset_type'] if !opts[:'filter_asset_type'].nil?
  query_params[:'filter[asset_name]'] = opts[:'filter_asset_name'] if !opts[:'filter_asset_name'].nil?
  query_params[:'filter[package_name]'] = opts[:'filter_package_name'] if !opts[:'filter_package_name'].nil?
  query_params[:'filter[package_version]'] = opts[:'filter_package_version'] if !opts[:'filter_package_version'].nil?
  query_params[:'filter[license_name]'] = opts[:'filter_license_name'] if !opts[:'filter_license_name'].nil?
  query_params[:'filter[license_type]'] = opts[:'filter_license_type'] if !opts[:'filter_license_type'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListAssetsSBOMsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :list_assets_sbo_ms,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_assets_sbo_ms\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_findings(opts = {}) ⇒ Object

List findings.

See Also:

• #list_findings_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3911

def list_findings(opts = {})
  data, _status_code, _headers = list_findings_with_http_info(opts)
  data
end

#list_findings_with_http_info(opts = {}) ⇒ Array<(ListFindingsResponse, Integer, Hash)>

List findings.

Get a list of findings. These include both misconfigurations and identity risks.

Note: To filter and return only identity risks, add the following query parameter: ?filter[tags]=dd_rule_type:ciem

Filtering

Filters can be applied by appending query parameters to the URL.

• Using a single filter: ?filter[attribute_key]=attribute_value
• Chaining filters: ?filter[attribute_key]=attribute_value&filter[attribute_key]=attribute_value...
• Filtering on tags: ?filter[tags]=tag_key:tag_value&filter[tags]=tag_key_2:tag_value_2

Here, attribute_key can be any of the filter keys described further below.

Query parameters of type integer support comparison operators (>, >=, <, <=). This is particularly useful when filtering by evaluation_changed_at or resource_discovery_timestamp. For example: ?filter[evaluation_changed_at]=>20123123121.

You can also use the negation operator on strings. For example, use filter[resource_type]=-aws* to filter for any non-AWS resources.

The operator must come after the equal sign. For example, to filter with the >= operator, add the operator after the equal sign: filter[evaluation_changed_at]=>=1678809373257.

Query parameters must be only among the documented ones and with values of correct types. Duplicated query parameters (e.g. filter[status]=low&filter[status]=info) are not allowed.

Additional extension fields

Additional extension fields are available for some findings.

The data is available when you include the query parameter ?detailed_findings=true in the request.

The following fields are available for findings:

• external_id: The resource external ID related to the finding.
• description: The description and remediation steps for the finding.
• datadog_link: The Datadog relative link for the finding.
• ip_addresses: The list of private IP addresses for the resource related to the finding.

Response

The response includes an array of finding objects, pagination metadata, and a count of items that match the query.

Each finding object contains the following:

• The finding ID that can be used in a GetFinding request to retrieve the full finding details.
• Core attributes, including status, evaluation, high-level resource details, muted state, and rule details.
• evaluation_changed_at and resource_discovery_date time stamps.
• An array of associated tags.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_limit (Integer) —

  Limit the number of findings returned. Must be <= 1000.

• :snapshot_timestamp (Integer) —

  Return findings for a given snapshot of time (Unix ms).

• :page_cursor (String) —

  Return the next page of findings pointed to by the cursor.

• :filter_tags (String) —

  Return findings that have these associated tags (repeatable).

• :filter_evaluation_changed_at (String) —

  Return findings that have changed from pass to fail or vice versa on a specified date (Unix ms) or date range (using comparison operators).

• :filter_muted (Boolean) —

  Set to true to return findings that are muted. Set to false to return unmuted findings.

• :filter_rule_id (String) —

  Return findings for the specified rule ID.

• :filter_rule_name (String) —

  Return findings for the specified rule.

• :filter_resource_type (String) —

  Return only findings for the specified resource type.

• :filter_resource_id (String) —

  Return only findings for the specified resource id.

• :filter_discovery_timestamp (String) —

  Return findings that were found on a specified date (Unix ms) or date range (using comparison operators).

• :filter_evaluation (FindingEvaluation) —

  Return only pass or fail findings.

• :filter_status (FindingStatus) —

  Return only findings with the specified status.

• :filter_vulnerability_type (Array<FindingVulnerabilityType>) —

  Return findings that match the selected vulnerability types (repeatable).

• :detailed_findings (Boolean) —

  Return additional fields for some findings.

Returns:

• (Array<(ListFindingsResponse, Integer, Hash)>) —

  ListFindingsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3980

def list_findings_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_findings".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_findings")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_findings"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_findings ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_findings, must be smaller than or equal to 1000.'
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_findings, must be greater than or equal to 1.'
  end
  if @api_client.config.client_side_validation && !opts[:'snapshot_timestamp'].nil? && opts[:'snapshot_timestamp'] < 1
    fail ArgumentError, 'invalid value for "opts[:"snapshot_timestamp"]" when calling SecurityMonitoringAPI.list_findings, must be greater than or equal to 1.'
  end
  allowable_values = ['pass', 'fail']
  if @api_client.config.client_side_validation && opts[:'filter_evaluation'] && !allowable_values.include?(opts[:'filter_evaluation'])
    fail ArgumentError, "invalid value for \"filter_evaluation\", must be one of #{allowable_values}"
  end
  allowable_values = ['critical', 'high', 'medium', 'low', 'info']
  if @api_client.config.client_side_validation && opts[:'filter_status'] && !allowable_values.include?(opts[:'filter_status'])
    fail ArgumentError, "invalid value for \"filter_status\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/posture_management/findings'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?
  query_params[:'snapshot_timestamp'] = opts[:'snapshot_timestamp'] if !opts[:'snapshot_timestamp'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'filter[tags]'] = opts[:'filter_tags'] if !opts[:'filter_tags'].nil?
  query_params[:'filter[evaluation_changed_at]'] = opts[:'filter_evaluation_changed_at'] if !opts[:'filter_evaluation_changed_at'].nil?
  query_params[:'filter[muted]'] = opts[:'filter_muted'] if !opts[:'filter_muted'].nil?
  query_params[:'filter[rule_id]'] = opts[:'filter_rule_id'] if !opts[:'filter_rule_id'].nil?
  query_params[:'filter[rule_name]'] = opts[:'filter_rule_name'] if !opts[:'filter_rule_name'].nil?
  query_params[:'filter[resource_type]'] = opts[:'filter_resource_type'] if !opts[:'filter_resource_type'].nil?
  query_params[:'filter[@resource_id]'] = opts[:'filter_resource_id'] if !opts[:'filter_resource_id'].nil?
  query_params[:'filter[discovery_timestamp]'] = opts[:'filter_discovery_timestamp'] if !opts[:'filter_discovery_timestamp'].nil?
  query_params[:'filter[evaluation]'] = opts[:'filter_evaluation'] if !opts[:'filter_evaluation'].nil?
  query_params[:'filter[status]'] = opts[:'filter_status'] if !opts[:'filter_status'].nil?
  query_params[:'filter[vulnerability_type]'] = @api_client.build_collection_param(opts[:'filter_vulnerability_type'], :multi) if !opts[:'filter_vulnerability_type'].nil?
  query_params[:'detailed_findings'] = opts[:'detailed_findings'] if !opts[:'detailed_findings'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListFindingsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_findings,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )
  new_options[:query_string_normalizer] = HTTParty::Request::NON_RAILS_QUERY_STRING_NORMALIZER

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_findings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_findings_with_pagination(opts = {}) {|Finding| ... } ⇒ Object

List findings.

Provide a paginated version of #list_findings, returning all items.

To use it you need to use a block: list_findings_with_pagination { |item| p item }

Yields:

• (Finding) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4072

def list_findings_with_pagination(opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(opts, "page_limit", 100)
    @api_client.set_attribute_from_path(api_version, opts, "page_limit", Integer, page_size)
    while true do
        response = list_findings(opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length == 0
          break
        end
        @api_client.set_attribute_from_path(api_version, opts, "page_cursor", String, @api_client.get_attribute_from_path(response, "meta.page.cursor"))
    end
end

#list_multiple_rulesets(body, opts = {}) ⇒ Object

Ruleset get multiple.

See Also:

• #list_multiple_rulesets_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4089

def list_multiple_rulesets(body, opts = {})
  data, _status_code, _headers = list_multiple_rulesets_with_http_info(body, opts)
  data
end

#list_multiple_rulesets_with_http_info(body, opts = {}) ⇒ Array<(GetMultipleRulesetsResponse, Integer, Hash)>

Ruleset get multiple.

Get rules for multiple rulesets in batch.

Parameters:

• body (GetMultipleRulesetsRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(GetMultipleRulesetsResponse, Integer, Hash)>) —

  GetMultipleRulesetsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4101

def list_multiple_rulesets_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_multiple_rulesets".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_multiple_rulesets")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_multiple_rulesets"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_multiple_rulesets ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.list_multiple_rulesets"
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/rulesets'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'GetMultipleRulesetsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_multiple_rulesets,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_multiple_rulesets\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_scanned_assets_metadata(opts = {}) ⇒ Object

List scanned assets metadata.

See Also:

• #list_scanned_assets_metadata_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4162

def list_scanned_assets_metadata(opts = {})
  data, _status_code, _headers = list_scanned_assets_metadata_with_http_info(opts)
  data
end

#list_scanned_assets_metadata_with_http_info(opts = {}) ⇒ Array<(ScannedAssetsMetadata, Integer, Hash)>

List scanned assets metadata.

Get a list of security scanned assets metadata for an organization.

Pagination

For the "List Vulnerabilities" endpoint, see the Pagination section.

Filtering

For the "List Vulnerabilities" endpoint, see the Filtering section.

Metadata

For the "List Vulnerabilities" endpoint, see the Metadata section.

Related endpoints

This endpoint returns additional metadata for cloud resources that is not available from the standard resource endpoints. To access a richer dataset, call this endpoint together with the relevant resource endpoint(s) and merge (join) their results using the resource identifier.

Hosts

To enrich host data, join the response from the Hosts endpoint with the response from the scanned-assets-metadata endpoint on the following key fields:

ENDPOINT	JOIN KEY	TYPE
/api/v1/hosts	host_list.host_name	string
/api/v2/security/scanned-assets-metadata	data.attributes.asset.name	string

Host Images

To enrich host image data, join the response from the Hosts endpoint with the response from the scanned-assets-metadata endpoint on the following key fields:

ENDPOINT	JOIN KEY	TYPE
/api/v1/hosts	host_list.tags_by_source["Amazon Web Services"]["image"]	string
/api/v2/security/scanned-assets-metadata	data.attributes.asset.name	string

Container Images

To enrich container image data, join the response from the Container Images endpoint with the response from the scanned-assets-metadata endpoint on the following key fields:

ENDPOINT	JOIN KEY	TYPE
/api/v2/container_images	data.attributes.name@data.attributes.repo_digest	string
/api/v2/security/scanned-assets-metadata	data.attributes.asset.name	string

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_token (String) —

  Its value must come from the links section of the response of the first request. Do not manually edit it.

• :page_number (Integer) —

  The page number to be retrieved. It should be equal to or greater than 1.

• :filter_asset_type (CloudAssetType) —

  The type of the scanned asset.

• :filter_asset_name (String) —

  The name of the scanned asset.

• :filter_last_success_origin (String) —

  The origin of last success scan.

• :filter_last_success_env (String) —

  The environment of last success scan.

Returns:

• (Array<(ScannedAssetsMetadata, Integer, Hash)>) —

  ScannedAssetsMetadata data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4222

def list_scanned_assets_metadata_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_scanned_assets_metadata".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_scanned_assets_metadata")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_scanned_assets_metadata"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_scanned_assets_metadata ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_number'].nil? && opts[:'page_number'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_number"]" when calling SecurityMonitoringAPI.list_scanned_assets_metadata, must be greater than or equal to 1.'
  end
  allowable_values = ['Host', 'HostImage', 'Image']
  if @api_client.config.client_side_validation && opts[:'filter_asset_type'] && !allowable_values.include?(opts[:'filter_asset_type'])
    fail ArgumentError, "invalid value for \"filter_asset_type\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/scanned-assets-metadata'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[token]'] = opts[:'page_token'] if !opts[:'page_token'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'filter[asset.type]'] = opts[:'filter_asset_type'] if !opts[:'filter_asset_type'].nil?
  query_params[:'filter[asset.name]'] = opts[:'filter_asset_name'] if !opts[:'filter_asset_name'].nil?
  query_params[:'filter[last_success.origin]'] = opts[:'filter_last_success_origin'] if !opts[:'filter_last_success_origin'].nil?
  query_params[:'filter[last_success.env]'] = opts[:'filter_last_success_env'] if !opts[:'filter_last_success_env'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ScannedAssetsMetadata'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :list_scanned_assets_metadata,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_scanned_assets_metadata\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_filters(opts = {}) ⇒ Object

Get all security filters.

See Also:

• #list_security_filters_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4290

def list_security_filters(opts = {})
  data, _status_code, _headers = list_security_filters_with_http_info(opts)
  data
end

#list_security_filters_with_http_info(opts = {}) ⇒ Array<(SecurityFiltersResponse, Integer, Hash)>

Get all security filters.

Get the list of configured security filters with their definitions.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFiltersResponse, Integer, Hash)>) —

  SecurityFiltersResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4301

def list_security_filters_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_filters ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFiltersResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_filters,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_filters\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_findings(opts = {}) ⇒ Object

List security findings.

See Also:

• #list_security_findings_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4350

def list_security_findings(opts = {})
  data, _status_code, _headers = list_security_findings_with_http_info(opts)
  data
end

#list_security_findings_with_http_info(opts = {}) ⇒ Array<(ListSecurityFindingsResponse, Integer, Hash)>

List security findings.

Get a list of security findings that match a search query. See the schema for security findings.

Query Syntax

This endpoint uses the logs query syntax. Findings attributes (living in the attributes.attributes. namespace) are prefixed by @ when queried. Tags are queried without a prefix.

Example: @severity:(critical OR high) @status:open team:platform

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_query (String) —

  The search query following log search syntax.

• :page_cursor (String) —

  Get the next page of results with a cursor provided in the previous query.

• :page_limit (Integer) —

  The maximum number of findings in the response.

• :sort (SecurityFindingsSort) —

  Sorts by @detection_changed_at.

Returns:

• (Array<(ListSecurityFindingsResponse, Integer, Hash)>) —

  ListSecurityFindingsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4371

def list_security_findings_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_findings ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 150
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_security_findings, must be smaller than or equal to 150.'
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_security_findings, must be greater than or equal to 1.'
  end
  allowable_values = ['@detection_changed_at', '-@detection_changed_at']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/findings'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListSecurityFindingsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_findings,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_findings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_findings_with_pagination(opts = {}) {|SecurityFindingsData| ... } ⇒ Object

List security findings.

Provide a paginated version of #list_security_findings, returning all items.

To use it you need to use a block: list_security_findings_with_pagination { |item| p item }

Yields:

• (SecurityFindingsData) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4438

def list_security_findings_with_pagination(opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(opts, "page_limit", 10)
    @api_client.set_attribute_from_path(api_version, opts, "page_limit", Integer, page_size)
    while true do
        response = list_security_findings(opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length == 0
          break
        end
        @api_client.set_attribute_from_path(api_version, opts, "page_cursor", String, @api_client.get_attribute_from_path(response, "meta.page.after"))
    end
end

#list_security_monitoring_critical_assets(opts = {}) ⇒ Object

Get all critical assets.

See Also:

• #list_security_monitoring_critical_assets_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4455

def list_security_monitoring_critical_assets(opts = {})
  data, _status_code, _headers = list_security_monitoring_critical_assets_with_http_info(opts)
  data
end

#list_security_monitoring_critical_assets_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>

Get all critical assets.

Get the list of all critical assets.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>) —

  SecurityMonitoringCriticalAssetsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4466

def list_security_monitoring_critical_assets_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_critical_assets ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_critical_assets,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_critical_assets\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_histsignals(opts = {}) ⇒ Object

List hist signals.

See Also:

• #list_security_monitoring_histsignals_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4515

def list_security_monitoring_histsignals(opts = {})
  data, _status_code, _headers = list_security_monitoring_histsignals_with_http_info(opts)
  data
end

#list_security_monitoring_histsignals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

List hist signals.

List hist signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_query (String) —

  The search query for security signals.

• :filter_from (Time) —

  The minimum timestamp for requested security signals.

• :filter_to (Time) —

  The maximum timestamp for requested security signals.

• :sort (SecurityMonitoringSignalsSort) —

  The order of the security signals in results.

• :page_cursor (String) —

  A list of results using the cursor provided in the previous query.

• :page_limit (Integer) —

  The maximum number of security signals in the response.

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4532

def list_security_monitoring_histsignals_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_security_monitoring_histsignals".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_security_monitoring_histsignals")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_security_monitoring_histsignals"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_histsignals ...'
  end
  allowable_values = ['timestamp', '-timestamp']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_security_monitoring_histsignals, must be smaller than or equal to 1000.'
  end
  # resource path
  local_var_path = '/api/v2/siem-threat-hunting/histsignals'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?
  query_params[:'filter[from]'] = opts[:'filter_from'] if !opts[:'filter_from'].nil?
  query_params[:'filter[to]'] = opts[:'filter_to'] if !opts[:'filter_to'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_histsignals,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_histsignals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_rules(opts = {}) ⇒ Object

List rules.

See Also:

• #list_security_monitoring_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4600

def list_security_monitoring_rules(opts = {})
  data, _status_code, _headers = list_security_monitoring_rules_with_http_info(opts)
  data
end

#list_security_monitoring_rules_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringListRulesResponse, Integer, Hash)>

List rules.

List rules.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

• :query (String) —

  A search query to filter security rules. You can filter by attributes such as type, source, tags.

• :sort (SecurityMonitoringRuleSort) —

  Attribute used to sort rules. Prefix with - to sort in descending order.

Returns:

• (Array<(SecurityMonitoringListRulesResponse, Integer, Hash)>) —

  SecurityMonitoringListRulesResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4615

def list_security_monitoring_rules_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_rules ...'
  end
  allowable_values = ['name', 'creation_date', 'update_date', 'enabled', 'type', 'highest_severity', 'source', '-name', '-creation_date', '-update_date', '-enabled', '-type', '-highest_severity', '-source']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'query'] = opts[:'query'] if !opts[:'query'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringListRulesResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_signals(opts = {}) ⇒ Object

Get a quick list of security signals.

See Also:

• #list_security_monitoring_signals_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4672

def list_security_monitoring_signals(opts = {})
  data, _status_code, _headers = list_security_monitoring_signals_with_http_info(opts)
  data
end

#list_security_monitoring_signals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

Get a quick list of security signals.

The list endpoint returns security signals that match a search query. Both this endpoint and the POST endpoint can be used interchangeably when listing security signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_query (String) —

  The search query for security signals.

• :filter_from (Time) —

  The minimum timestamp for requested security signals.

• :filter_to (Time) —

  The maximum timestamp for requested security signals.

• :sort (SecurityMonitoringSignalsSort) —

  The order of the security signals in results.

• :page_cursor (String) —

  A list of results using the cursor provided in the previous query.

• :page_limit (Integer) —

  The maximum number of security signals in the response.

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4691

def list_security_monitoring_signals_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_signals ...'
  end
  allowable_values = ['timestamp', '-timestamp']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_security_monitoring_signals, must be smaller than or equal to 1000.'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?
  query_params[:'filter[from]'] = opts[:'filter_from'] if !opts[:'filter_from'].nil?
  query_params[:'filter[to]'] = opts[:'filter_to'] if !opts[:'filter_to'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_signals,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_signals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_signals_with_pagination(opts = {}) {|SecurityMonitoringSignal| ... } ⇒ Object

Get a quick list of security signals.

Provide a paginated version of #list_security_monitoring_signals, returning all items.

To use it you need to use a block: list_security_monitoring_signals_with_pagination { |item| p item }

Yields:

• (SecurityMonitoringSignal) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4757

def list_security_monitoring_signals_with_pagination(opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(opts, "page_limit", 10)
    @api_client.set_attribute_from_path(api_version, opts, "page_limit", Integer, page_size)
    while true do
        response = list_security_monitoring_signals(opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length == 0
          break
        end
        @api_client.set_attribute_from_path(api_version, opts, "page_cursor", String, @api_client.get_attribute_from_path(response, "meta.page.after"))
    end
end

#list_security_monitoring_suppressions(opts = {}) ⇒ Object

Get all suppression rules.

See Also:

• #list_security_monitoring_suppressions_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4774

def list_security_monitoring_suppressions(opts = {})
  data, _status_code, _headers = list_security_monitoring_suppressions_with_http_info(opts)
  data
end

#list_security_monitoring_suppressions_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringPaginatedSuppressionsResponse, Integer, Hash)>

Get all suppression rules.

Get the list of all suppression rules.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :query (String) —

  Query string.

• :sort (SecurityMonitoringSuppressionSort) —

  Attribute used to sort the list of suppression rules. Prefix with - to sort in descending order.

• :page_size (Integer) —

  Size for a given page. Use -1 to return all items.

• :page_number (Integer) —

  Specific page number to return.

Returns:

• (Array<(SecurityMonitoringPaginatedSuppressionsResponse, Integer, Hash)>) —

  SecurityMonitoringPaginatedSuppressionsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4789

def list_security_monitoring_suppressions_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_suppressions ...'
  end
  allowable_values = ['name', 'start_date', 'expiration_date', 'update_date', 'enabled', '-name', '-start_date', '-expiration_date', '-update_date', '-creation_date', '-enabled']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'query'] = opts[:'query'] if !opts[:'query'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringPaginatedSuppressionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_suppressions,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_suppressions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_threat_hunting_jobs(opts = {}) ⇒ Object

List threat hunting jobs.

See Also:

• #list_threat_hunting_jobs_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4846

def list_threat_hunting_jobs(opts = {})
  data, _status_code, _headers = list_threat_hunting_jobs_with_http_info(opts)
  data
end

#list_threat_hunting_jobs_with_http_info(opts = {}) ⇒ Array<(ListThreatHuntingJobsResponse, Integer, Hash)>

List threat hunting jobs.

List threat hunting jobs.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

• :sort (String) —

  The order of the jobs in results.

• :filter_query (String) —

  Query used to filter items from the fetched list.

Returns:

• (Array<(ListThreatHuntingJobsResponse, Integer, Hash)>) —

  ListThreatHuntingJobsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4861

def list_threat_hunting_jobs_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_threat_hunting_jobs".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_threat_hunting_jobs")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_threat_hunting_jobs"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_threat_hunting_jobs ...'
  end
  # resource path
  local_var_path = '/api/v2/siem-threat-hunting/jobs'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListThreatHuntingJobsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_threat_hunting_jobs,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_threat_hunting_jobs\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_vulnerabilities(opts = {}) ⇒ Object

List vulnerabilities.

See Also:

• #list_vulnerabilities_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4920

def list_vulnerabilities(opts = {})
  data, _status_code, _headers = list_vulnerabilities_with_http_info(opts)
  data
end

#list_vulnerabilities_with_http_info(opts = {}) ⇒ Array<(ListVulnerabilitiesResponse, Integer, Hash)>

Deprecated.

This API is deprecated.

List vulnerabilities.

Get a list of vulnerabilities.

Pagination

Pagination is enabled by default in both vulnerabilities and assets. The size of the page varies depending on the endpoint and cannot be modified. To automate the request of the next page, you can use the links section in the response.

This endpoint will return paginated responses. The pages are stored in the links section of the response:

{
  "data": [...],
  "meta": {...},
  "links": {
    "self": "https://.../api/v2/security/vulnerabilities",
    "first": "https://.../api/v2/security/vulnerabilities?page[number]=1&page[token]=abc",
    "last": "https://.../api/v2/security/vulnerabilities?page[number]=43&page[token]=abc",
    "next": "https://.../api/v2/security/vulnerabilities?page[number]=2&page[token]=abc"
  }
}

• links.previous is empty if the first page is requested.
• links.next is empty if the last page is requested.

Token

Vulnerabilities can be created, updated or deleted at any point in time.

Upon the first request, a token is created to ensure consistency across subsequent paginated requests.

A token is valid only for 24 hours.

First request

We consider a request to be the first request when there is no page[token] parameter.

The response of this first request contains the newly created token in the links section.

This token can then be used in the subsequent paginated requests.

Note: The first request may take longer to complete than subsequent requests.

Subsequent requests

Any request containing valid page[token] and page[number] parameters will be considered a subsequent request.

If the token is invalid, a 404 response will be returned.

If the page number is invalid, a 400 response will be returned.

The returned token is valid for all requests in the pagination sequence. To send paginated requests in parallel, reuse the same token and change only the page[number] parameter.

Filtering

The request can include some filter parameters to filter the data to be retrieved. The format of the filter parameters follows the JSON:API format: filter[$prop_name], where prop_name is the property name in the entity being filtered by.

All filters can include multiple values, where data will be filtered with an OR clause: filter[title]=Title1,Title2 will filter all vulnerabilities where title is equal to Title1 OR Title2.

String filters are case sensitive.

Boolean filters accept true or false as values.

Number filters must include an operator as a second filter input: filter[$prop_name][$operator]. For example, for the vulnerabilities endpoint: filter[cvss.base.score][lte]=8.

Available operators are: eq (==), lt (<), lte (<=), gt (>) and gte (>=).

Metadata

Following JSON:API format, object including non-standard meta-information.

This endpoint includes the meta member in the response. For more details on each of the properties included in this section, check the endpoints response tables.

{
  "data": [...],
  "meta": {
    "total": 1500,
    "count": 18732,
    "token": "some_token"
  },
  "links": {...}
}

Extensions

Requests may include extensions to modify the behavior of the requested endpoint. The filter parameters follow the JSON:API format format: ext:$extension_name, where extension_name is the name of the modifier that is being applied.

Extensions can only include one value: ext:modifier=value.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_token (String) —

  Its value must come from the links section of the response of the first request. Do not manually edit it.

• :page_number (Integer) —

  The page number to be retrieved. It should be equal or greater than 1

• :filter_type (VulnerabilityType) —

  Filter by vulnerability type.

• :filter_cvss_base_score_op (Float) —

  Filter by vulnerability base (i.e. from the original advisory) severity score.

• :filter_cvss_base_severity (VulnerabilitySeverity) —

  Filter by vulnerability base severity.

• :filter_cvss_base_vector (String) —

  Filter by vulnerability base CVSS vector.

• :filter_cvss_datadog_score_op (Float) —

  Filter by vulnerability Datadog severity score.

• :filter_cvss_datadog_severity (VulnerabilitySeverity) —

  Filter by vulnerability Datadog severity.

• :filter_cvss_datadog_vector (String) —

  Filter by vulnerability Datadog CVSS vector.

• :filter_status (VulnerabilityStatus) —

  Filter by the status of the vulnerability.

• :filter_tool (VulnerabilityTool) —

  Filter by the tool of the vulnerability.

• :filter_library_name (String) —

  Filter by library name.

• :filter_library_version (String) —

  Filter by library version.

• :filter_advisory_id (String) —

  Filter by advisory ID.

• :filter_risks_exploitation_probability (Boolean) —

  Filter by exploitation probability.

• :filter_risks_poc_exploit_available (Boolean) —

  Filter by POC exploit availability.

• :filter_risks_exploit_available (Boolean) —

  Filter by public exploit availability.

• :filter_risks_epss_score_op (Float) —

  Filter by vulnerability EPSS severity score.

• :filter_risks_epss_severity (VulnerabilitySeverity) —

  Filter by vulnerability EPSS severity.

• :filter_language (String) —

  Filter by language.

• :filter_ecosystem (VulnerabilityEcosystem) —

  Filter by ecosystem.

• :filter_code_location_location (String) —

  Filter by vulnerability location.

• :filter_code_location_file_path (String) —

  Filter by vulnerability file path.

• :filter_code_location_method (String) —

  Filter by method.

• :filter_fix_available (Boolean) —

  Filter by fix availability.

• :filter_repo_digests (String) —

  Filter by vulnerability repo_digest (when the vulnerability is related to Image asset).

• :filter_origin (String) —

  Filter by origin.

• :filter_running_kernel (Boolean) —

  Filter for whether the vulnerability affects a running kernel (for vulnerabilities related to a Host asset).

• :filter_asset_name (String) —

  Filter by asset name. This field supports the usage of wildcards (*).

• :filter_asset_type (AssetType) —

  Filter by asset type.

• :filter_asset_version_first (String) —

  Filter by the first version of the asset this vulnerability has been detected on.

• :filter_asset_version_last (String) —

  Filter by the last version of the asset this vulnerability has been detected on.

• :filter_asset_repository_url (String) —

  Filter by the repository url associated to the asset.

• :filter_asset_risks_in_production (Boolean) —

  Filter whether the asset is in production or not.

• :filter_asset_risks_under_attack (Boolean) —

  Filter whether the asset is under attack or not.

• :filter_asset_risks_is_publicly_accessible (Boolean) —

  Filter whether the asset is publicly accessible or not.

• :filter_asset_risks_has_privileged_access (Boolean) —

  Filter whether the asset is publicly accessible or not.

• :filter_asset_risks_has_access_to_sensitive_data (Boolean) —

  Filter whether the asset has access to sensitive data or not.

• :filter_asset_environments (String) —

  Filter by asset environments.

• :filter_asset_teams (String) —

  Filter by asset teams.

• :filter_asset_arch (String) —

  Filter by asset architecture.

• :filter_asset_operating_system_name (String) —

  Filter by asset operating system name.

• :filter_asset_operating_system_version (String) —

  Filter by asset operating system version.

Returns:

• (Array<(ListVulnerabilitiesResponse, Integer, Hash)>) —

  ListVulnerabilitiesResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5064

def list_vulnerabilities_with_http_info(opts = {})
  warn "[DEPRECATION] `ListVulnerabilities` is deprecated."
  unstable_enabled = @api_client.config.unstable_operations["v2.list_vulnerabilities".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_vulnerabilities")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_vulnerabilities"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_vulnerabilities ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_number'].nil? && opts[:'page_number'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_number"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be greater than or equal to 1.'
  end
  allowable_values = ['AdminConsoleActive', 'CodeInjection', 'CommandInjection', 'ComponentWithKnownVulnerability', 'DangerousWorkflows', 'DefaultAppDeployed', 'DefaultHtmlEscapeInvalid', 'DirectoryListingLeak', 'EmailHtmlInjection', 'EndOfLife', 'HardcodedPassword', 'HardcodedSecret', 'HeaderInjection', 'HstsHeaderMissing', 'InsecureAuthProtocol', 'InsecureCookie', 'InsecureJspLayout', 'LdapInjection', 'MaliciousPackage', 'MandatoryRemediation', 'NoHttpOnlyCookie', 'NoSameSiteCookie', 'NoSqlMongoDbInjection', 'PathTraversal', 'ReflectionInjection', 'RiskyLicense', 'SessionRewriting', 'SessionTimeout', 'SqlInjection', 'Ssrf', 'StackTraceLeak', 'TrustBoundaryViolation', 'Unmaintained', 'UntrustedDeserialization', 'UnvalidatedRedirect', 'VerbTampering', 'WeakCipher', 'WeakHash', 'WeakRandomness', 'XContentTypeHeaderMissing', 'XPathInjection', 'Xss']
  if @api_client.config.client_side_validation && opts[:'filter_type'] && !allowable_values.include?(opts[:'filter_type'])
    fail ArgumentError, "invalid value for \"filter_type\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'filter_cvss_base_score_op'].nil? && opts[:'filter_cvss_base_score_op'] > 10
    fail ArgumentError, 'invalid value for "opts[:"filter_cvss_base_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be smaller than or equal to 10.'
  end
  if @api_client.config.client_side_validation && !opts[:'filter_cvss_base_score_op'].nil? && opts[:'filter_cvss_base_score_op'] < 0
    fail ArgumentError, 'invalid value for "opts[:"filter_cvss_base_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be greater than or equal to 0.'
  end
  allowable_values = ['Unknown', 'None', 'Low', 'Medium', 'High', 'Critical']
  if @api_client.config.client_side_validation && opts[:'filter_cvss_base_severity'] && !allowable_values.include?(opts[:'filter_cvss_base_severity'])
    fail ArgumentError, "invalid value for \"filter_cvss_base_severity\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'filter_cvss_datadog_score_op'].nil? && opts[:'filter_cvss_datadog_score_op'] > 10
    fail ArgumentError, 'invalid value for "opts[:"filter_cvss_datadog_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be smaller than or equal to 10.'
  end
  if @api_client.config.client_side_validation && !opts[:'filter_cvss_datadog_score_op'].nil? && opts[:'filter_cvss_datadog_score_op'] < 0
    fail ArgumentError, 'invalid value for "opts[:"filter_cvss_datadog_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be greater than or equal to 0.'
  end
  allowable_values = ['Unknown', 'None', 'Low', 'Medium', 'High', 'Critical']
  if @api_client.config.client_side_validation && opts[:'filter_cvss_datadog_severity'] && !allowable_values.include?(opts[:'filter_cvss_datadog_severity'])
    fail ArgumentError, "invalid value for \"filter_cvss_datadog_severity\", must be one of #{allowable_values}"
  end
  allowable_values = ['Open', 'Muted', 'Remediated', 'InProgress', 'AutoClosed']
  if @api_client.config.client_side_validation && opts[:'filter_status'] && !allowable_values.include?(opts[:'filter_status'])
    fail ArgumentError, "invalid value for \"filter_status\", must be one of #{allowable_values}"
  end
  allowable_values = ['IAST', 'SCA', 'Infra', 'SAST']
  if @api_client.config.client_side_validation && opts[:'filter_tool'] && !allowable_values.include?(opts[:'filter_tool'])
    fail ArgumentError, "invalid value for \"filter_tool\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'filter_risks_epss_score_op'].nil? && opts[:'filter_risks_epss_score_op'] > 1
    fail ArgumentError, 'invalid value for "opts[:"filter_risks_epss_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be smaller than or equal to 1.'
  end
  if @api_client.config.client_side_validation && !opts[:'filter_risks_epss_score_op'].nil? && opts[:'filter_risks_epss_score_op'] < 0
    fail ArgumentError, 'invalid value for "opts[:"filter_risks_epss_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be greater than or equal to 0.'
  end
  allowable_values = ['Unknown', 'None', 'Low', 'Medium', 'High', 'Critical']
  if @api_client.config.client_side_validation && opts[:'filter_risks_epss_severity'] && !allowable_values.include?(opts[:'filter_risks_epss_severity'])
    fail ArgumentError, "invalid value for \"filter_risks_epss_severity\", must be one of #{allowable_values}"
  end
  allowable_values = ['PyPI', 'Maven', 'NuGet', 'Npm', 'RubyGems', 'Go', 'Packagist', 'Deb', 'Rpm', 'Apk', 'Windows', 'Generic', 'MacOs', 'Oci', 'BottleRocket', 'None']
  if @api_client.config.client_side_validation && opts[:'filter_ecosystem'] && !allowable_values.include?(opts[:'filter_ecosystem'])
    fail ArgumentError, "invalid value for \"filter_ecosystem\", must be one of #{allowable_values}"
  end
  allowable_values = ['Repository', 'Service', 'Host', 'HostImage', 'Image']
  if @api_client.config.client_side_validation && opts[:'filter_asset_type'] && !allowable_values.include?(opts[:'filter_asset_type'])
    fail ArgumentError, "invalid value for \"filter_asset_type\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[token]'] = opts[:'page_token'] if !opts[:'page_token'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'filter[type]'] = opts[:'filter_type'] if !opts[:'filter_type'].nil?
  query_params[:'filter[cvss.base.score][`$op`]'] = opts[:'filter_cvss_base_score_op'] if !opts[:'filter_cvss_base_score_op'].nil?
  query_params[:'filter[cvss.base.severity]'] = opts[:'filter_cvss_base_severity'] if !opts[:'filter_cvss_base_severity'].nil?
  query_params[:'filter[cvss.base.vector]'] = opts[:'filter_cvss_base_vector'] if !opts[:'filter_cvss_base_vector'].nil?
  query_params[:'filter[cvss.datadog.score][`$op`]'] = opts[:'filter_cvss_datadog_score_op'] if !opts[:'filter_cvss_datadog_score_op'].nil?
  query_params[:'filter[cvss.datadog.severity]'] = opts[:'filter_cvss_datadog_severity'] if !opts[:'filter_cvss_datadog_severity'].nil?
  query_params[:'filter[cvss.datadog.vector]'] = opts[:'filter_cvss_datadog_vector'] if !opts[:'filter_cvss_datadog_vector'].nil?
  query_params[:'filter[status]'] = opts[:'filter_status'] if !opts[:'filter_status'].nil?
  query_params[:'filter[tool]'] = opts[:'filter_tool'] if !opts[:'filter_tool'].nil?
  query_params[:'filter[library.name]'] = opts[:'filter_library_name'] if !opts[:'filter_library_name'].nil?
  query_params[:'filter[library.version]'] = opts[:'filter_library_version'] if !opts[:'filter_library_version'].nil?
  query_params[:'filter[advisory.id]'] = opts[:'filter_advisory_id'] if !opts[:'filter_advisory_id'].nil?
  query_params[:'filter[risks.exploitation_probability]'] = opts[:'filter_risks_exploitation_probability'] if !opts[:'filter_risks_exploitation_probability'].nil?
  query_params[:'filter[risks.poc_exploit_available]'] = opts[:'filter_risks_poc_exploit_available'] if !opts[:'filter_risks_poc_exploit_available'].nil?
  query_params[:'filter[risks.exploit_available]'] = opts[:'filter_risks_exploit_available'] if !opts[:'filter_risks_exploit_available'].nil?
  query_params[:'filter[risks.epss.score][`$op`]'] = opts[:'filter_risks_epss_score_op'] if !opts[:'filter_risks_epss_score_op'].nil?
  query_params[:'filter[risks.epss.severity]'] = opts[:'filter_risks_epss_severity'] if !opts[:'filter_risks_epss_severity'].nil?
  query_params[:'filter[language]'] = opts[:'filter_language'] if !opts[:'filter_language'].nil?
  query_params[:'filter[ecosystem]'] = opts[:'filter_ecosystem'] if !opts[:'filter_ecosystem'].nil?
  query_params[:'filter[code_location.location]'] = opts[:'filter_code_location_location'] if !opts[:'filter_code_location_location'].nil?
  query_params[:'filter[code_location.file_path]'] = opts[:'filter_code_location_file_path'] if !opts[:'filter_code_location_file_path'].nil?
  query_params[:'filter[code_location.method]'] = opts[:'filter_code_location_method'] if !opts[:'filter_code_location_method'].nil?
  query_params[:'filter[fix_available]'] = opts[:'filter_fix_available'] if !opts[:'filter_fix_available'].nil?
  query_params[:'filter[repo_digests]'] = opts[:'filter_repo_digests'] if !opts[:'filter_repo_digests'].nil?
  query_params[:'filter[origin]'] = opts[:'filter_origin'] if !opts[:'filter_origin'].nil?
  query_params[:'filter[running_kernel]'] = opts[:'filter_running_kernel'] if !opts[:'filter_running_kernel'].nil?
  query_params[:'filter[asset.name]'] = opts[:'filter_asset_name'] if !opts[:'filter_asset_name'].nil?
  query_params[:'filter[asset.type]'] = opts[:'filter_asset_type'] if !opts[:'filter_asset_type'].nil?
  query_params[:'filter[asset.version.first]'] = opts[:'filter_asset_version_first'] if !opts[:'filter_asset_version_first'].nil?
  query_params[:'filter[asset.version.last]'] = opts[:'filter_asset_version_last'] if !opts[:'filter_asset_version_last'].nil?
  query_params[:'filter[asset.repository_url]'] = opts[:'filter_asset_repository_url'] if !opts[:'filter_asset_repository_url'].nil?
  query_params[:'filter[asset.risks.in_production]'] = opts[:'filter_asset_risks_in_production'] if !opts[:'filter_asset_risks_in_production'].nil?
  query_params[:'filter[asset.risks.under_attack]'] = opts[:'filter_asset_risks_under_attack'] if !opts[:'filter_asset_risks_under_attack'].nil?
  query_params[:'filter[asset.risks.is_publicly_accessible]'] = opts[:'filter_asset_risks_is_publicly_accessible'] if !opts[:'filter_asset_risks_is_publicly_accessible'].nil?
  query_params[:'filter[asset.risks.has_privileged_access]'] = opts[:'filter_asset_risks_has_privileged_access'] if !opts[:'filter_asset_risks_has_privileged_access'].nil?
  query_params[:'filter[asset.risks.has_access_to_sensitive_data]'] = opts[:'filter_asset_risks_has_access_to_sensitive_data'] if !opts[:'filter_asset_risks_has_access_to_sensitive_data'].nil?
  query_params[:'filter[asset.environments]'] = opts[:'filter_asset_environments'] if !opts[:'filter_asset_environments'].nil?
  query_params[:'filter[asset.teams]'] = opts[:'filter_asset_teams'] if !opts[:'filter_asset_teams'].nil?
  query_params[:'filter[asset.arch]'] = opts[:'filter_asset_arch'] if !opts[:'filter_asset_arch'].nil?
  query_params[:'filter[asset.operating_system.name]'] = opts[:'filter_asset_operating_system_name'] if !opts[:'filter_asset_operating_system_name'].nil?
  query_params[:'filter[asset.operating_system.version]'] = opts[:'filter_asset_operating_system_version'] if !opts[:'filter_asset_operating_system_version'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListVulnerabilitiesResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :list_vulnerabilities,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_vulnerabilities\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_vulnerable_assets(opts = {}) ⇒ Object

List vulnerable assets.

See Also:

• #list_vulnerable_assets_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5216

def list_vulnerable_assets(opts = {})
  data, _status_code, _headers = list_vulnerable_assets_with_http_info(opts)
  data
end

#list_vulnerable_assets_with_http_info(opts = {}) ⇒ Array<(ListVulnerableAssetsResponse, Integer, Hash)>

List vulnerable assets.

Get a list of vulnerable assets.

Pagination

Please review the Pagination section for the "List Vulnerabilities" endpoint.

Filtering

Please review the Filtering section for the "List Vulnerabilities" endpoint.

Metadata

Please review the Metadata section for the "List Vulnerabilities" endpoint.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_token (String) —

  Its value must come from the links section of the response of the first request. Do not manually edit it.

• :page_number (Integer) —

  The page number to be retrieved. It should be equal or greater than 1

• :filter_name (String) —

  Filter by name. This field supports the usage of wildcards (*).

• :filter_type (AssetType) —

  Filter by type.

• :filter_version_first (String) —

  Filter by the first version of the asset since it has been vulnerable.

• :filter_version_last (String) —

  Filter by the last detected version of the asset.

• :filter_repository_url (String) —

  Filter by the repository url associated to the asset.

• :filter_risks_in_production (Boolean) —

  Filter whether the asset is in production or not.

• :filter_risks_under_attack (Boolean) —

  Filter whether the asset (Service) is under attack or not.

• :filter_risks_is_publicly_accessible (Boolean) —

  Filter whether the asset (Host) is publicly accessible or not.

• :filter_risks_has_privileged_access (Boolean) —

  Filter whether the asset (Host) has privileged access or not.

• :filter_risks_has_access_to_sensitive_data (Boolean) —

  Filter whether the asset (Host) has access to sensitive data or not.

• :filter_environments (String) —

  Filter by environment.

• :filter_teams (String) —

  Filter by teams.

• :filter_arch (String) —

  Filter by architecture.

• :filter_operating_system_name (String) —

  Filter by operating system name.

• :filter_operating_system_version (String) —

  Filter by operating system version.

Returns:

• (Array<(ListVulnerableAssetsResponse, Integer, Hash)>) —

  ListVulnerableAssetsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5256

def list_vulnerable_assets_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_vulnerable_assets".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_vulnerable_assets")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_vulnerable_assets"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_vulnerable_assets ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_number'].nil? && opts[:'page_number'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_number"]" when calling SecurityMonitoringAPI.list_vulnerable_assets, must be greater than or equal to 1.'
  end
  allowable_values = ['Repository', 'Service', 'Host', 'HostImage', 'Image']
  if @api_client.config.client_side_validation && opts[:'filter_type'] && !allowable_values.include?(opts[:'filter_type'])
    fail ArgumentError, "invalid value for \"filter_type\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerable-assets'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[token]'] = opts[:'page_token'] if !opts[:'page_token'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'filter[name]'] = opts[:'filter_name'] if !opts[:'filter_name'].nil?
  query_params[:'filter[type]'] = opts[:'filter_type'] if !opts[:'filter_type'].nil?
  query_params[:'filter[version.first]'] = opts[:'filter_version_first'] if !opts[:'filter_version_first'].nil?
  query_params[:'filter[version.last]'] = opts[:'filter_version_last'] if !opts[:'filter_version_last'].nil?
  query_params[:'filter[repository_url]'] = opts[:'filter_repository_url'] if !opts[:'filter_repository_url'].nil?
  query_params[:'filter[risks.in_production]'] = opts[:'filter_risks_in_production'] if !opts[:'filter_risks_in_production'].nil?
  query_params[:'filter[risks.under_attack]'] = opts[:'filter_risks_under_attack'] if !opts[:'filter_risks_under_attack'].nil?
  query_params[:'filter[risks.is_publicly_accessible]'] = opts[:'filter_risks_is_publicly_accessible'] if !opts[:'filter_risks_is_publicly_accessible'].nil?
  query_params[:'filter[risks.has_privileged_access]'] = opts[:'filter_risks_has_privileged_access'] if !opts[:'filter_risks_has_privileged_access'].nil?
  query_params[:'filter[risks.has_access_to_sensitive_data]'] = opts[:'filter_risks_has_access_to_sensitive_data'] if !opts[:'filter_risks_has_access_to_sensitive_data'].nil?
  query_params[:'filter[environments]'] = opts[:'filter_environments'] if !opts[:'filter_environments'].nil?
  query_params[:'filter[teams]'] = opts[:'filter_teams'] if !opts[:'filter_teams'].nil?
  query_params[:'filter[arch]'] = opts[:'filter_arch'] if !opts[:'filter_arch'].nil?
  query_params[:'filter[operating_system.name]'] = opts[:'filter_operating_system_name'] if !opts[:'filter_operating_system_name'].nil?
  query_params[:'filter[operating_system.version]'] = opts[:'filter_operating_system_version'] if !opts[:'filter_operating_system_version'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListVulnerableAssetsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :list_vulnerable_assets,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_vulnerable_assets\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#mute_findings(body, opts = {}) ⇒ Object

Mute or unmute a batch of findings.

See Also:

• #mute_findings_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5335

def mute_findings(body, opts = {})
  data, _status_code, _headers = mute_findings_with_http_info(body, opts)
  data
end

#mute_findings_with_http_info(body, opts = {}) ⇒ Array<(BulkMuteFindingsResponse, Integer, Hash)>

Mute or unmute a batch of findings.

Mute or unmute findings.

Parameters:

• body (BulkMuteFindingsRequest) —

  Attributes All findings are updated with the same attributes. The request body must include at least two attributes: muted and reason. The allowed reasons depend on whether the finding is being muted or unmuted: - To mute a finding: PENDING_FIX, FALSE_POSITIVE, ACCEPTED_RISK, OTHER. - To unmute a finding : NO_PENDING_FIX, HUMAN_ERROR, NO_LONGER_ACCEPTED_RISK, OTHER. ### Meta The request body must include a list of the finding IDs to be updated.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(BulkMuteFindingsResponse, Integer, Hash)>) —

  BulkMuteFindingsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5347

def mute_findings_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.mute_findings".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.mute_findings")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.mute_findings"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.mute_findings ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.mute_findings"
  end
  # resource path
  local_var_path = '/api/v2/posture_management/findings'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'BulkMuteFindingsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :mute_findings,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#mute_findings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#patch_signal_notification_rule(id, body, opts = {}) ⇒ Object

Patch a signal-based notification rule.

See Also:

• #patch_signal_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5408

def patch_signal_notification_rule(id, body, opts = {})
  data, _status_code, _headers = patch_signal_notification_rule_with_http_info(id, body, opts)
  data
end

#patch_signal_notification_rule_with_http_info(id, body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Patch a signal-based notification rule.

Partially update the notification rule. All fields are optional; if a field is not provided, it is not updated.

Parameters:

• id (String) —

  ID of the notification rule.

• body (PatchNotificationRuleParameters)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5421

def patch_signal_notification_rule_with_http_info(id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.patch_signal_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.patch_signal_notification_rule"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.patch_signal_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/signals/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :patch_signal_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#patch_signal_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#patch_vulnerability_notification_rule(id, body, opts = {}) ⇒ Object

Patch a vulnerability-based notification rule.

See Also:

• #patch_vulnerability_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5480

def patch_vulnerability_notification_rule(id, body, opts = {})
  data, _status_code, _headers = patch_vulnerability_notification_rule_with_http_info(id, body, opts)
  data
end

#patch_vulnerability_notification_rule_with_http_info(id, body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Patch a vulnerability-based notification rule.

Partially update the notification rule. All fields are optional; if a field is not provided, it is not updated.

Parameters:

• id (String) —

  ID of the notification rule.

• body (PatchNotificationRuleParameters)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5493

def patch_vulnerability_notification_rule_with_http_info(id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.patch_vulnerability_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.patch_vulnerability_notification_rule"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.patch_vulnerability_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :patch_vulnerability_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#patch_vulnerability_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#run_threat_hunting_job(body, opts = {}) ⇒ Object

Run a threat hunting job.

See Also:

• #run_threat_hunting_job_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5552

def run_threat_hunting_job(body, opts = {})
  data, _status_code, _headers = run_threat_hunting_job_with_http_info(body, opts)
  data
end

#run_threat_hunting_job_with_http_info(body, opts = {}) ⇒ Array<(JobCreateResponse, Integer, Hash)>

Run a threat hunting job.

Run a threat hunting job.

Parameters:

• body (RunThreatHuntingJobRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(JobCreateResponse, Integer, Hash)>) —

  JobCreateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5564

def run_threat_hunting_job_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.run_threat_hunting_job".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.run_threat_hunting_job")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.run_threat_hunting_job"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.run_threat_hunting_job ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.run_threat_hunting_job"
  end
  # resource path
  local_var_path = '/api/v2/siem-threat-hunting/jobs'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'JobCreateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :run_threat_hunting_job,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#run_threat_hunting_job\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#search_security_findings(body, opts = {}) ⇒ Object

Search security findings.

See Also:

• #search_security_findings_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5625

def search_security_findings(body, opts = {})
  data, _status_code, _headers = search_security_findings_with_http_info(body, opts)
  data
end

#search_security_findings_with_http_info(body, opts = {}) ⇒ Array<(ListSecurityFindingsResponse, Integer, Hash)>

Search security findings.

Get a list of security findings that match a search query. See the schema for security findings.

Query Syntax

The API uses the logs query syntax. Findings attributes (living in the attributes.attributes. namespace) are prefixed by @ when queried. Tags are queried without a prefix.

Example: @severity:(critical OR high) @status:open team:platform

Parameters:

• body (SecurityFindingsSearchRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(ListSecurityFindingsResponse, Integer, Hash)>) —

  ListSecurityFindingsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5643

def search_security_findings_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.search_security_findings ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.search_security_findings"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/search'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'ListSecurityFindingsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :search_security_findings,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#search_security_findings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#search_security_findings_with_pagination(body, opts = {}) {|SecurityFindingsData| ... } ⇒ Object

Search security findings.

Provide a paginated version of #search_security_findings, returning all items.

To use it you need to use a block: search_security_findings_with_pagination { |item| p item }

Yields:

• (SecurityFindingsData) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5702

def search_security_findings_with_pagination(body, opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(body, "data.attributes.page.limit", 10)
    @api_client.set_attribute_from_path(api_version, body, "data.attributes.page.limit", SecurityFindingsSearchRequestData, page_size)
    while true do
        response = search_security_findings(body, opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length == 0
          break
        end
        @api_client.set_attribute_from_path(api_version, body, "data.attributes.page.cursor", SecurityFindingsSearchRequestData, @api_client.get_attribute_from_path(response, "meta.page.after"))
    end
end

#search_security_monitoring_histsignals(opts = {}) ⇒ Object

Search hist signals.

See Also:

• #search_security_monitoring_histsignals_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5719

def search_security_monitoring_histsignals(opts = {})
  data, _status_code, _headers = search_security_monitoring_histsignals_with_http_info(opts)
  data
end

#search_security_monitoring_histsignals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

Search hist signals.

Search hist signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :body (SecurityMonitoringSignalListRequest)

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5731

def search_security_monitoring_histsignals_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.search_security_monitoring_histsignals".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.search_security_monitoring_histsignals")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.search_security_monitoring_histsignals"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.search_security_monitoring_histsignals ...'
  end
  # resource path
  local_var_path = '/api/v2/siem-threat-hunting/histsignals/search'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(opts[:'body'])

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :search_security_monitoring_histsignals,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#search_security_monitoring_histsignals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#search_security_monitoring_signals(opts = {}) ⇒ Object

Get a list of security signals.

See Also:

• #search_security_monitoring_signals_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5788

def search_security_monitoring_signals(opts = {})
  data, _status_code, _headers = search_security_monitoring_signals_with_http_info(opts)
  data
end

#search_security_monitoring_signals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

Get a list of security signals.

Returns security signals that match a search query. Both this endpoint and the GET endpoint can be used interchangeably for listing security signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :body (SecurityMonitoringSignalListRequest)

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5802

def search_security_monitoring_signals_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.search_security_monitoring_signals ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/search'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(opts[:'body'])

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :search_security_monitoring_signals,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#search_security_monitoring_signals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#search_security_monitoring_signals_with_pagination(opts = {}) {|SecurityMonitoringSignal| ... } ⇒ Object

Get a list of security signals.

Provide a paginated version of #search_security_monitoring_signals, returning all items.

To use it you need to use a block: search_security_monitoring_signals_with_pagination { |item| p item }

Yields:

• (SecurityMonitoringSignal) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5857

def search_security_monitoring_signals_with_pagination(opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(opts, "body.page.limit", 10)
    @api_client.set_attribute_from_path(api_version, opts, "body.page.limit", SecurityMonitoringSignalListRequest, page_size)
    while true do
        response = search_security_monitoring_signals(opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length == 0
          break
        end
        @api_client.set_attribute_from_path(api_version, opts, "body.page.cursor", SecurityMonitoringSignalListRequest, @api_client.get_attribute_from_path(response, "meta.page.after"))
    end
end

#test_existing_security_monitoring_rule(rule_id, body, opts = {}) ⇒ Object

Test an existing rule.

See Also:

• #test_existing_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5874

def test_existing_security_monitoring_rule(rule_id, body, opts = {})
  data, _status_code, _headers = test_existing_security_monitoring_rule_with_http_info(rule_id, body, opts)
  data
end

#test_existing_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) ⇒ Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>

Test an existing rule.

Test an existing rule.

Parameters:

• rule_id (String) —

  The ID of the rule.

• body (SecurityMonitoringRuleTestRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>) —

  SecurityMonitoringRuleTestResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5887

def test_existing_security_monitoring_rule_with_http_info(rule_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.test_existing_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.test_existing_security_monitoring_rule"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.test_existing_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}/test'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleTestResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :test_existing_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#test_existing_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#test_security_monitoring_rule(body, opts = {}) ⇒ Object

Test a rule.

See Also:

• #test_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5946

def test_security_monitoring_rule(body, opts = {})
  data, _status_code, _headers = test_security_monitoring_rule_with_http_info(body, opts)
  data
end

#test_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>

Test a rule.

Test a rule.

Parameters:

• body (SecurityMonitoringRuleTestRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>) —

  SecurityMonitoringRuleTestResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5958

def test_security_monitoring_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.test_security_monitoring_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.test_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/test'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleTestResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :test_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#test_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_custom_framework(handle, version, body, opts = {}) ⇒ Object

Update a custom framework.

See Also:

• #update_custom_framework_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6013

def update_custom_framework(handle, version, body, opts = {})
  data, _status_code, _headers = update_custom_framework_with_http_info(handle, version, body, opts)
  data
end

#update_custom_framework_with_http_info(handle, version, body, opts = {}) ⇒ Array<(UpdateCustomFrameworkResponse, Integer, Hash)>

Update a custom framework.

Update a custom framework.

Parameters:

• handle (String) —

  The framework handle

• version (String) —

  The framework version

• body (UpdateCustomFrameworkRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(UpdateCustomFrameworkResponse, Integer, Hash)>) —

  UpdateCustomFrameworkResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6027

def update_custom_framework_with_http_info(handle, version, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_custom_framework ...'
  end
  # verify the required parameter 'handle' is set
  if @api_client.config.client_side_validation && handle.nil?
    fail ArgumentError, "Missing the required parameter 'handle' when calling SecurityMonitoringAPI.update_custom_framework"
  end
  # verify the required parameter 'version' is set
  if @api_client.config.client_side_validation && version.nil?
    fail ArgumentError, "Missing the required parameter 'version' when calling SecurityMonitoringAPI.update_custom_framework"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_custom_framework"
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/custom_frameworks/{handle}/{version}'.sub('{handle}', CGI.escape(handle.to_s).gsub('%2F', '/')).sub('{version}', CGI.escape(version.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'UpdateCustomFrameworkResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_custom_framework,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Put, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_custom_framework\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_resource_evaluation_filters(body, opts = {}) ⇒ Object

Update resource filters.

See Also:

• #update_resource_evaluation_filters_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6090

def update_resource_evaluation_filters(body, opts = {})
  data, _status_code, _headers = update_resource_evaluation_filters_with_http_info(body, opts)
  data
end

#update_resource_evaluation_filters_with_http_info(body, opts = {}) ⇒ Array<(UpdateResourceEvaluationFiltersResponse, Integer, Hash)>

Update resource filters.

Update resource filters.

Parameters:

• body (UpdateResourceEvaluationFiltersRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(UpdateResourceEvaluationFiltersResponse, Integer, Hash)>) —

  UpdateResourceEvaluationFiltersResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6102

def update_resource_evaluation_filters_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_resource_evaluation_filters ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_resource_evaluation_filters"
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/resource_filters'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'UpdateResourceEvaluationFiltersResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_resource_evaluation_filters,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Put, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_resource_evaluation_filters\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_filter(security_filter_id, body, opts = {}) ⇒ Object

Update a security filter.

See Also:

• #update_security_filter_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6157

def update_security_filter(security_filter_id, body, opts = {})
  data, _status_code, _headers = update_security_filter_with_http_info(security_filter_id, body, opts)
  data
end

#update_security_filter_with_http_info(security_filter_id, body, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

Update a security filter.

Update a specific security filter. Returns the security filter object when the request is successful.

Parameters:

• security_filter_id (String) —

  The ID of the security filter.

• body (SecurityFilterUpdateRequest) —

  New definition of the security filter.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFilterResponse, Integer, Hash)>) —

  SecurityFilterResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6171

def update_security_filter_with_http_info(security_filter_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_filter ...'
  end
  # verify the required parameter 'security_filter_id' is set
  if @api_client.config.client_side_validation && security_filter_id.nil?
    fail ArgumentError, "Missing the required parameter 'security_filter_id' when calling SecurityMonitoringAPI.update_security_filter"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_filter"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}'.sub('{security_filter_id}', CGI.escape(security_filter_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFilterResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_security_filter,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_monitoring_critical_asset(critical_asset_id, body, opts = {}) ⇒ Object

Update a critical asset.

See Also:

• #update_security_monitoring_critical_asset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6230

def update_security_monitoring_critical_asset(critical_asset_id, body, opts = {})
  data, _status_code, _headers = update_security_monitoring_critical_asset_with_http_info(critical_asset_id, body, opts)
  data
end

#update_security_monitoring_critical_asset_with_http_info(critical_asset_id, body, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

Update a critical asset.

Update a specific critical asset.

Parameters:

• critical_asset_id (String) —

  The ID of the critical asset.

• body (SecurityMonitoringCriticalAssetUpdateRequest) —

  New definition of the critical asset. Supports partial updates.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>) —

  SecurityMonitoringCriticalAssetResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6243

def update_security_monitoring_critical_asset_with_http_info(critical_asset_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_monitoring_critical_asset ...'
  end
  # verify the required parameter 'critical_asset_id' is set
  if @api_client.config.client_side_validation && critical_asset_id.nil?
    fail ArgumentError, "Missing the required parameter 'critical_asset_id' when calling SecurityMonitoringAPI.update_security_monitoring_critical_asset"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_monitoring_critical_asset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id}'.sub('{critical_asset_id}', CGI.escape(critical_asset_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_security_monitoring_critical_asset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_monitoring_critical_asset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_monitoring_rule(rule_id, body, opts = {}) ⇒ Object

Update an existing rule.

See Also:

• #update_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6302

def update_security_monitoring_rule(rule_id, body, opts = {})
  data, _status_code, _headers = update_security_monitoring_rule_with_http_info(rule_id, body, opts)
  data
end

#update_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

Update an existing rule.

Update an existing rule. When updating cases, queries or options, the whole field must be included. For example, when modifying a query all queries must be included. Default rules can only be updated to be enabled, to change notifications, or to update the tags (default tags cannot be removed).

Parameters:

• rule_id (String) —

  The ID of the rule.

• body (SecurityMonitoringRuleUpdatePayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleResponse, Integer, Hash)>) —

  SecurityMonitoringRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6318

def update_security_monitoring_rule_with_http_info(rule_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.update_security_monitoring_rule"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Put, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_monitoring_suppression(suppression_id, body, opts = {}) ⇒ Object

Update a suppression rule.

See Also:

• #update_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6377

def update_security_monitoring_suppression(suppression_id, body, opts = {})
  data, _status_code, _headers = update_security_monitoring_suppression_with_http_info(suppression_id, body, opts)
  data
end

#update_security_monitoring_suppression_with_http_info(suppression_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

Update a suppression rule.

Update a specific suppression rule.

Parameters:

• suppression_id (String) —

  The ID of the suppression rule

• body (SecurityMonitoringSuppressionUpdateRequest) —

  New definition of the suppression rule. Supports partial updates.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6390

def update_security_monitoring_suppression_with_http_info(suppression_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_monitoring_suppression ...'
  end
  # verify the required parameter 'suppression_id' is set
  if @api_client.config.client_side_validation && suppression_id.nil?
    fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.update_security_monitoring_suppression"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#validate_security_monitoring_rule(body, opts = {}) ⇒ Object

Validate a detection rule.

See Also:

• #validate_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6449

def validate_security_monitoring_rule(body, opts = {})
  validate_security_monitoring_rule_with_http_info(body, opts)
  nil
end

#validate_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Validate a detection rule.

Validate a detection rule.

Parameters:

• body (SecurityMonitoringRuleValidatePayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6461

def validate_security_monitoring_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.validate_security_monitoring_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.validate_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/validation'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :validate_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#validate_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#validate_security_monitoring_suppression(body, opts = {}) ⇒ Object

Validate a suppression rule.

See Also:

• #validate_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6516

def validate_security_monitoring_suppression(body, opts = {})
  validate_security_monitoring_suppression_with_http_info(body, opts)
  nil
end

#validate_security_monitoring_suppression_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Validate a suppression rule.

Validate a suppression rule.

Parameters:

• body (SecurityMonitoringSuppressionCreateRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6528

def validate_security_monitoring_suppression_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.validate_security_monitoring_suppression ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.validate_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/validation'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :validate_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#validate_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end