Optional
requestFactory: SecurityMonitoringApiRequestFactoryOptional
responseProcessor: SecurityMonitoringApiResponseProcessorPrivate
configurationPrivate
requestPrivate
responseThe request object
Optional
options: ConfigurationConvert an existing rule from JSON to Terraform for datadog provider resource datadog_security_monitoring_rule.
The request object
Optional
options: ConfigurationConvert a job result to a signal.
The request object
Optional
options: ConfigurationConvert a rule that doesn't (yet) exist from JSON to Terraform for datadog provider resource datadog_security_monitoring_rule.
The request object
Optional
options: ConfigurationCreate a security filter.
See the security filter guide for more examples.
The request object
Optional
options: ConfigurationCreate a detection rule.
The request object
Optional
options: ConfigurationCreate a new suppression rule.
The request object
Optional
options: ConfigurationDelete an existing job.
The request object
Optional
options: ConfigurationDelete a specific security filter.
The request object
Optional
options: ConfigurationDelete an existing rule. Default rules cannot be deleted.
The request object
Optional
options: ConfigurationDelete a specific suppression rule.
The request object
Optional
options: ConfigurationModify the triage assignee of a security signal.
The request object
Optional
options: ConfigurationChange the related incidents for a security signal.
The request object
Optional
options: ConfigurationChange the triage state of a security signal.
The request object
Optional
options: ConfigurationReturns a single finding with message and resource configuration.
The request object
Optional
options: ConfigurationGet a job's details.
The request object
Optional
options: ConfigurationGet the details of a specific security filter.
See the security filter guide for more examples.
The request object
Optional
options: ConfigurationGet a rule's details.
The request object
Optional
options: ConfigurationGet a signal's details.
The request object
Optional
options: ConfigurationGet the details of a specific suppression rule.
The request object
Optional
options: ConfigurationGet a list of findings. These include both misconfigurations and identity risks.
Note: To filter and return only identity risks, add the following query parameter: ?filter[tags]=dd_rule_type:ciem
Filters can be applied by appending query parameters to the URL.
?filter[attribute_key]=attribute_value
?filter[attribute_key]=attribute_value&filter[attribute_key]=attribute_value...
?filter[tags]=tag_key:tag_value&filter[tags]=tag_key_2:tag_value_2
Here, attribute_key
can be any of the filter keys described further below.
Query parameters of type integer
support comparison operators (>
, >=
, <
, <=
). This is particularly useful when filtering by evaluation_changed_at
or resource_discovery_timestamp
. For example: ?filter[evaluation_changed_at]=>20123123121
.
You can also use the negation operator on strings. For example, use filter[resource_type]=-aws*
to filter for any non-AWS resources.
The operator must come after the equal sign. For example, to filter with the >=
operator, add the operator after the equal sign: filter[evaluation_changed_at]=>=1678809373257
.
Query parameters must be only among the documented ones and with values of correct types. Duplicated query parameters (e.g. filter[status]=low&filter[status]=info
) are not allowed.
The response includes an array of finding objects, pagination metadata, and a count of items that match the query.
Each finding object contains the following:
GetFinding
request to retrieve the full finding details.evaluation_changed_at
and resource_discovery_date
time stamps.The request object
Optional
options: ConfigurationProvide a paginated version of listFindings returning a generator with all the items.
Optional
options: ConfigurationList historical jobs.
The request object
Optional
options: ConfigurationGet the list of configured security filters with their definitions.
Optional
options: ConfigurationList rules.
The request object
Optional
options: ConfigurationThe list endpoint returns security signals that match a search query. Both this endpoint and the POST endpoint can be used interchangeably when listing security signals.
The request object
Optional
options: ConfigurationProvide a paginated version of listSecurityMonitoringSignals returning a generator with all the items.
Optional
options: ConfigurationGet the list of all suppression rules.
Optional
options: ConfigurationMute or unmute findings.
The request object
Optional
options: ConfigurationRun a historical job.
The request object
Optional
options: ConfigurationReturns security signals that match a search query. Both this endpoint and the GET endpoint can be used interchangeably for listing security signals.
The request object
Optional
options: ConfigurationProvide a paginated version of searchSecurityMonitoringSignals returning a generator with all the items.
Optional
options: ConfigurationTest an existing rule.
The request object
Optional
options: ConfigurationTest a rule.
The request object
Optional
options: ConfigurationUpdate a specific security filter. Returns the security filter object when the request is successful.
The request object
Optional
options: ConfigurationUpdate an existing rule. When updating cases
, queries
or options
, the whole field
must be included. For example, when modifying a query all queries must be included.
Default rules can only be updated to be enabled, to change notifications, or to update
the tags (default tags cannot be removed).
The request object
Optional
options: ConfigurationUpdate a specific suppression rule.
The request object
Optional
options: ConfigurationValidate a detection rule.
The request object
Optional
options: ConfigurationGenerated using TypeDoc
Cancel a historical job.