Class: DatadogAPIClient::V2::SecurityMonitoringRuleOptions

Inherits:
Object
  • Object
show all
Includes:
BaseGenericModel
Defined in:
lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb

Overview

Options.

Instance Attribute Summary collapse

Method Summary

Methods included from BaseGenericModel

included

Instance Attribute Details

#additional_propertiesObject

Returns the value of attribute additional_properties.



61
62
63
 
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 61

def additional_properties
  @additional_properties
end

#compliance_rule_optionsObject

Options for cloud_configuration rules. Fields resourceType and regoRule are mandatory when managing custom cloud_configuration rules.



27
28
29
 
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 27

def compliance_rule_options
  @compliance_rule_options
end

#decrease_criticality_based_on_envObject

If true, signals in non-production environments have a lower severity than what is defined by the rule case, which can reduce signal noise. The severity is decreased by one level: CRITICAL in production becomes HIGH in non-production, HIGH becomes MEDIUM and so on. INFO remains INFO. The decrement is applied when the environment tag of the signal starts with staging, test or dev.



32
33
34
 
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 32

def decrease_criticality_based_on_env
  @decrease_criticality_based_on_env
end

#detection_methodObject

The detection method.



35
36
37
 
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 35

def detection_method
  @detection_method
end

#evaluation_windowObject

A time window is specified to match when at least one of the cases matches true. This is a sliding window and evaluates in real time. For third party detection method, this field is not used.



39
40
41
 
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 39

def evaluation_window
  @evaluation_window
end

#hardcoded_evaluator_typeObject

Hardcoded evaluator type.



42
43
44
 
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 42

def hardcoded_evaluator_type
  @hardcoded_evaluator_type
end

#impossible_travel_optionsObject

Options on impossible travel detection method.



45
46
47
 
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 45

def impossible_travel_options
  @impossible_travel_options
end

#keep_aliveObject

Once a signal is generated, the signal will remain “open” if a case is matched at least once within this keep alive window. For third party detection method, this field is not used.



49
50
51
 
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 49

def keep_alive
  @keep_alive
end

#max_signal_durationObject

A signal will “close” regardless of the query being matched once the time exceeds the maximum duration. This time is calculated from the first seen timestamp.



53
54
55
 
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 53

def max_signal_duration
  @max_signal_duration
end

#new_value_optionsObject

Options on new value detection method.



56
57
58
 
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 56

def new_value_options
  @new_value_options
end

#third_party_rule_optionsObject

Options on third party detection method.



59
60
61
 
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 59

def third_party_rule_options
  @third_party_rule_options
end