Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security Monitoring - Make Default Tags available in the response #1966

Merged
merged 1 commit into from
May 13, 2024
Merged

Security Monitoring - Make Default Tags available in the response #1966

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions .apigentools-info
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,13 +4,13 @@
"spec_versions": {
"v1": {
"apigentools_version": "1.6.6",
"regenerated": "2024-05-09 17:36:00.980928",
"spec_repo_commit": "c5ba75e0"
"regenerated": "2024-05-10 16:39:45.913034",
"spec_repo_commit": "d6c22916"
},
"v2": {
"apigentools_version": "1.6.6",
"regenerated": "2024-05-09 17:36:00.997953",
"spec_repo_commit": "c5ba75e0"
"regenerated": "2024-05-10 16:39:45.942353",
"spec_repo_commit": "d6c22916"
}
}
}
8 changes: 8 additions & 0 deletions .generator/schemas/v2/openapi.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18237,6 +18237,14 @@ components:
description: User ID of the user who created the rule.
format: int64
type: integer
defaultTags:
description: Default Tags for default rules (included in tags)
example:
- security:attacks
items:
description: Default Tag.
type: string
type: array
deprecationDate:
description: When the rule will be deprecated, timestamp in milliseconds.
format: int64
Expand Down
3 changes: 3 additions & 0 deletions src/datadog_api_client/v2/model/security_monitoring_rule_response.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,9 @@ def __init__(self, **kwargs):
:param creation_author_id: User ID of the user who created the rule.
:type creation_author_id: int, optional

:param default_tags: Default Tags for default rules (included in tags)
:type default_tags: [str], optional

:param deprecation_date: When the rule will be deprecated, timestamp in milliseconds.
:type deprecation_date: int, optional

Expand Down
8 changes: 8 additions & 0 deletions src/datadog_api_client/v2/model/security_monitoring_standard_rule_response.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,7 @@ def openapi_types(_):
"compliance_signal_options": (CloudConfigurationRuleComplianceSignalOptions,),
"created_at": (int,),
"creation_author_id": (int,),
"default_tags": ([str],),
"deprecation_date": (int,),
"filters": ([SecurityMonitoringFilter],),
"has_extended_title": (bool,),
Expand All @@ -72,6 +73,7 @@ def openapi_types(_):
"compliance_signal_options": "complianceSignalOptions",
"created_at": "createdAt",
"creation_author_id": "creationAuthorId",
"default_tags": "defaultTags",
"deprecation_date": "deprecationDate",
"filters": "filters",
"has_extended_title": "hasExtendedTitle",
Expand All @@ -96,6 +98,7 @@ def __init__(
compliance_signal_options: Union[CloudConfigurationRuleComplianceSignalOptions, UnsetType] = unset,
created_at: Union[int, UnsetType] = unset,
creation_author_id: Union[int, UnsetType] = unset,
default_tags: Union[List[str], UnsetType] = unset,
deprecation_date: Union[int, UnsetType] = unset,
filters: Union[List[SecurityMonitoringFilter], UnsetType] = unset,
has_extended_title: Union[bool, UnsetType] = unset,
Expand Down Expand Up @@ -129,6 +132,9 @@ def __init__(
:param creation_author_id: User ID of the user who created the rule.
:type creation_author_id: int, optional

:param default_tags: Default Tags for default rules (included in tags)
:type default_tags: [str], optional

:param deprecation_date: When the rule will be deprecated, timestamp in milliseconds.
:type deprecation_date: int, optional

Expand Down Expand Up @@ -185,6 +191,8 @@ def __init__(
kwargs["created_at"] = created_at
if creation_author_id is not unset:
kwargs["creation_author_id"] = creation_author_id
if default_tags is not unset:
kwargs["default_tags"] = default_tags
if deprecation_date is not unset:
kwargs["deprecation_date"] = deprecation_date
if filters is not unset:
Expand Down
2 changes: 1 addition & 1 deletion ...assettes/test_scenarios/test_create_a_cloud_configuration_rule_returns_ok_response.frozen
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
2023-08-31T11:51:28.995Z
2024-05-10T16:34:27.362Z
6 changes: 3 additions & 3 deletions .../cassettes/test_scenarios/test_create_a_cloud_configuration_rule_returns_ok_response.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
interactions:
- request:
body: '{"cases":[{"notifications":["channel"],"status":"info"}],"complianceSignalOptions":{"userActivationStatus":true,"userGroupByFields":["@account_id"]},"filters":[{"action":"require","query":"resource_id:helo*"},{"action":"suppress","query":"control:helo*"}],"isEnabled":false,"message":"ddd","name":"Test-Create_a_cloud_configuration_rule_returns_OK_response-1693482688_cloud","options":{"complianceRuleOptions":{"complexRule":false,"regoRule":{"policy":"package
body: '{"cases":[{"notifications":["channel"],"status":"info"}],"complianceSignalOptions":{"userActivationStatus":true,"userGroupByFields":["@account_id"]},"filters":[{"action":"require","query":"resource_id:helo*"},{"action":"suppress","query":"control:helo*"}],"isEnabled":false,"message":"ddd","name":"Test-Create_a_cloud_configuration_rule_returns_OK_response-1715358867_cloud","options":{"complianceRuleOptions":{"complexRule":false,"regoRule":{"policy":"package
datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport
future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000
* 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n}
Expand All @@ -18,7 +18,7 @@ interactions:
uri: https://api.datadoghq.com/api/v2/security_monitoring/rules
response:
body:
string: '{"id":"m0o-cza-uq9","version":1,"name":"Test-Create_a_cloud_configuration_rule_returns_OK_response-1693482688_cloud","createdAt":1693482689435,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_disk","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_disk","regoRule":{"policy":"package
string: '{"id":"fy5-crt-9n1","version":1,"name":"Test-Create_a_cloud_configuration_rule_returns_OK_response-1715358867_cloud","createdAt":1715358867822,"creationAuthorId":1445416,"isDefault":false,"isPartner":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_disk","groupByFields":["resource_type","resource_id"],"hasOptionalGroupByFields":false,"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_disk","regoRule":{"policy":"package
datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport
future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day :=
((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n}
Expand All @@ -42,7 +42,7 @@ interactions:
accept:
- '*/*'
method: DELETE
uri: https://api.datadoghq.com/api/v2/security_monitoring/rules/m0o-cza-uq9
uri: https://api.datadoghq.com/api/v2/security_monitoring/rules/fy5-crt-9n1
response:
body:
string: ''
Expand Down
2 changes: 1 addition & 1 deletion ...cassettes/test_scenarios/test_create_a_detection_rule_returns_bad_request_response.frozen
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
2022-10-19T13:36:33.262Z
2024-05-10T16:34:28.308Z
4 changes: 2 additions & 2 deletions ...2/cassettes/test_scenarios/test_create_a_detection_rule_returns_bad_request_response.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
interactions:
- request:
body: '{"cases":[{"status":"info"}],"isEnabled":true,"message":"Test rule","name":"Test-Create_a_detection_rule_returns_Bad_Request_response-1666186593","options":{},"queries":[{"query":""}],"tags":[]}'
body: '{"cases":[{"status":"info"}],"isEnabled":true,"message":"Test rule","name":"Test-Create_a_detection_rule_returns_Bad_Request_response-1715358868","options":{},"queries":[{"query":""}],"tags":[]}'
headers:
accept:
- application/json
Expand All @@ -10,7 +10,7 @@ interactions:
uri: https://api.datadoghq.com/api/v2/security_monitoring/rules
response:
body:
string: '{"errors":["Internal error"]}
string: '{"errors":["Invalid rule configuration","Query filter cannot be empty"]}

'
headers:
Expand Down
2 changes: 1 addition & 1 deletion tests/v2/cassettes/test_scenarios/test_create_a_detection_rule_returns_ok_response.frozen
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
2022-10-19T13:36:33.666Z
2024-05-10T16:34:28.650Z
9 changes: 4 additions & 5 deletions tests/v2/cassettes/test_scenarios/test_create_a_detection_rule_returns_ok_response.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
interactions:
- request:
body: '{"cases":[{"condition":"a > 0","name":"","notifications":[],"status":"info"}],"filters":[],"isEnabled":true,"message":"Test
rule","name":"Test-Create_a_detection_rule_returns_OK_response-1666186593","options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"count","distinctFields":[],"groupByFields":[],"metric":"","query":"@test:true"}],"tags":[],"type":"log_detection"}'
rule","name":"Test-Create_a_detection_rule_returns_OK_response-1715358868","options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"count","distinctFields":[],"groupByFields":[],"metric":"","query":"@test:true"}],"tags":[],"type":"log_detection"}'
headers:
accept:
- application/json
Expand All @@ -11,9 +11,8 @@ interactions:
uri: https://api.datadoghq.com/api/v2/security_monitoring/rules
response:
body:
string: '{"creationAuthorId":1445416,"tags":[],"isEnabled":true,"hasExtendedTitle":false,"message":"Test
rule","options":{"detectionMethod":"threshold","evaluationWindow":900,"maxSignalDuration":86400,"keepAlive":3600},"version":1,"createdAt":1666186594041,"filters":[],"queries":[{"query":"@test:true","groupByFields":[],"aggregation":"count","name":"","distinctFields":[]}],"isDeleted":false,"cases":[{"status":"info","notifications":[],"name":"","condition":"a
> 0"}],"type":"log_detection","id":"2zr-mrk-aq9","isDefault":false,"name":"Test-Create_a_detection_rule_returns_OK_response-1666186593"}
string: '{"id":"oka-fqr-yqa","version":1,"name":"Test-Create_a_detection_rule_returns_OK_response-1715358868","createdAt":1715358869030,"creationAuthorId":1445416,"isDefault":false,"isPartner":false,"isEnabled":true,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"@test:true","groupByFields":[],"hasOptionalGroupByFields":false,"distinctFields":[],"aggregation":"count","name":""}],"options":{"keepAlive":3600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":900},"cases":[{"name":"","status":"info","notifications":[],"condition":"a
> 0"}],"message":"Test rule","tags":[],"hasExtendedTitle":false,"type":"log_detection","filters":[]}

'
headers:
Expand All @@ -28,7 +27,7 @@ interactions:
accept:
- '*/*'
method: DELETE
uri: https://api.datadoghq.com/api/v2/security_monitoring/rules/2zr-mrk-aq9
uri: https://api.datadoghq.com/api/v2/security_monitoring/rules/oka-fqr-yqa
response:
body:
string: ''
Expand Down
2 changes: 1 addition & 1 deletion ...test_create_a_detection_rule_with_detection_method_third_party_returns_ok_response.frozen
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
2024-01-03T15:07:54.290Z
2024-05-10T16:34:29.476Z
6 changes: 3 additions & 3 deletions ...s/test_create_a_detection_rule_with_detection_method_third_party_returns_ok_response.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
interactions:
- request:
body: '{"cases":[],"isEnabled":true,"message":"This is a third party rule","name":"Test-Create_a_detection_rule_with_detection_method_third_party_returns_OK_response-1704294474","options":{"detectionMethod":"third_party","keepAlive":0,"maxSignalDuration":0,"thirdPartyRuleOptions":{"defaultStatus":"info","rootQueries":[{"groupByFields":["instance-id"],"query":"source:guardduty
body: '{"cases":[],"isEnabled":true,"message":"This is a third party rule","name":"Test-Create_a_detection_rule_with_detection_method_third_party_returns_OK_response-1715358869","options":{"detectionMethod":"third_party","keepAlive":0,"maxSignalDuration":0,"thirdPartyRuleOptions":{"defaultStatus":"info","rootQueries":[{"groupByFields":["instance-id"],"query":"source:guardduty
@details.alertType:*EC2*"},{"groupByFields":[],"query":"source:guardduty"}]}},"queries":[],"thirdPartyCases":[{"name":"high","query":"status:error","status":"high"},{"name":"low","query":"status:info","status":"low"}],"type":"log_detection"}'
headers:
accept:
Expand All @@ -11,7 +11,7 @@ interactions:
uri: https://api.datadoghq.com/api/v2/security_monitoring/rules
response:
body:
string: '{"id":"ut1-s7a-0kn","version":1,"name":"Test-Create_a_detection_rule_with_detection_method_third_party_returns_OK_response-1704294474","createdAt":1704294474748,"creationAuthorId":1445416,"isDefault":false,"isPartner":false,"isEnabled":true,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"status:error","groupByFields":[],"hasOptionalGroupByFields":false,"distinctFields":[],"aggregation":"none","name":""},{"query":"status:info","groupByFields":[],"hasOptionalGroupByFields":false,"distinctFields":[],"aggregation":"none","name":""}],"options":{"keepAlive":0,"maxSignalDuration":0,"detectionMethod":"third_party","evaluationWindow":0,"thirdPartyRuleOptions":{"defaultStatus":"info","defaultNotifications":[],"rootQueries":[{"query":"source:guardduty
string: '{"id":"uys-ie9-xgd","version":1,"name":"Test-Create_a_detection_rule_with_detection_method_third_party_returns_OK_response-1715358869","createdAt":1715358869757,"creationAuthorId":1445416,"isDefault":false,"isPartner":false,"isEnabled":true,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"status:error","groupByFields":[],"hasOptionalGroupByFields":false,"distinctFields":[],"aggregation":"none","name":""},{"query":"status:info","groupByFields":[],"hasOptionalGroupByFields":false,"distinctFields":[],"aggregation":"none","name":""}],"options":{"keepAlive":0,"maxSignalDuration":0,"detectionMethod":"third_party","evaluationWindow":0,"thirdPartyRuleOptions":{"defaultStatus":"info","defaultNotifications":[],"rootQueries":[{"query":"source:guardduty
@details.alertType:*EC2*","groupByFields":["instance-id"]},{"query":"source:guardduty","groupByFields":[]}]}},"cases":[{"name":"high","status":"high","notifications":[]},{"name":"low","status":"low","notifications":[]}],"message":"This
is a third party rule","tags":[],"hasExtendedTitle":false,"type":"log_detection","filters":[],"thirdPartyCases":[{"name":"high","status":"high","notifications":[],"query":"status:error"},{"name":"low","status":"low","notifications":[],"query":"status:info"}]}

Expand All @@ -28,7 +28,7 @@ interactions:
accept:
- '*/*'
method: DELETE
uri: https://api.datadoghq.com/api/v2/security_monitoring/rules/ut1-s7a-0kn
uri: https://api.datadoghq.com/api/v2/security_monitoring/rules/uys-ie9-xgd
response:
body:
string: ''
Expand Down
2 changes: 1 addition & 1 deletion ...arios/test_create_a_detection_rule_with_type_impossible_travel_returns_ok_response.frozen
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
2022-10-19T13:36:34.442Z
2024-05-10T16:34:30.285Z
6 changes: 3 additions & 3 deletions ...enarios/test_create_a_detection_rule_with_type_impossible_travel_returns_ok_response.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
interactions:
- request:
body: '{"cases":[{"name":"","notifications":[],"status":"info"}],"filters":[],"hasExtendedTitle":true,"isEnabled":true,"message":"test","name":"Test-Create_a_detection_rule_with_type_impossible_travel_returns_OK_response-1666186594","options":{"detectionMethod":"impossible_travel","evaluationWindow":900,"impossibleTravelOptions":{"baselineUserLocations":false},"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"geo_data","distinctFields":[],"groupByFields":["@usr.id"],"metric":"@network.client.geoip","query":"*"}],"tags":[],"type":"log_detection"}'
body: '{"cases":[{"name":"","notifications":[],"status":"info"}],"filters":[],"hasExtendedTitle":true,"isEnabled":true,"message":"test","name":"Test-Create_a_detection_rule_with_type_impossible_travel_returns_OK_response-1715358870","options":{"detectionMethod":"impossible_travel","evaluationWindow":900,"impossibleTravelOptions":{"baselineUserLocations":false},"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"geo_data","distinctFields":[],"groupByFields":["@usr.id"],"metric":"@network.client.geoip","query":"*"}],"tags":[],"type":"log_detection"}'
headers:
accept:
- application/json
Expand All @@ -10,7 +10,7 @@ interactions:
uri: https://api.datadoghq.com/api/v2/security_monitoring/rules
response:
body:
string: '{"creationAuthorId":1445416,"tags":[],"isEnabled":true,"hasExtendedTitle":true,"message":"test","options":{"impossibleTravelOptions":{"baselineUserLocations":false},"detectionMethod":"impossible_travel","evaluationWindow":900,"maxSignalDuration":86400,"keepAlive":3600},"version":1,"createdAt":1666186594819,"filters":[],"queries":[{"distinctFields":[],"name":"","metric":"@network.client.geoip","aggregation":"geo_data","metrics":["@network.client.geoip"],"groupByFields":["@usr.id"],"query":"*"}],"isDeleted":false,"cases":[{"status":"info","notifications":[],"name":""}],"type":"log_detection","id":"hrr-a7c-wzl","isDefault":false,"name":"Test-Create_a_detection_rule_with_type_impossible_travel_returns_OK_response-1666186594"}
string: '{"id":"u5e-13b-jgh","version":1,"name":"Test-Create_a_detection_rule_with_type_impossible_travel_returns_OK_response-1715358870","createdAt":1715358870563,"creationAuthorId":1445416,"isDefault":false,"isPartner":false,"isEnabled":true,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"*","groupByFields":["@usr.id"],"hasOptionalGroupByFields":false,"distinctFields":[],"metric":"@network.client.geoip","metrics":["@network.client.geoip"],"aggregation":"geo_data","name":""}],"options":{"keepAlive":3600,"maxSignalDuration":86400,"detectionMethod":"impossible_travel","evaluationWindow":900,"impossibleTravelOptions":{"baselineUserLocations":false}},"cases":[{"name":"","status":"info","notifications":[]}],"message":"test","tags":[],"hasExtendedTitle":true,"type":"log_detection","filters":[]}

'
headers:
Expand All @@ -25,7 +25,7 @@ interactions:
accept:
- '*/*'
method: DELETE
uri: https://api.datadoghq.com/api/v2/security_monitoring/rules/hrr-a7c-wzl
uri: https://api.datadoghq.com/api/v2/security_monitoring/rules/u5e-13b-jgh
response:
body:
string: ''
Expand Down
2 changes: 1 addition & 1 deletion ...rios/test_create_a_detection_rule_with_type_signal_correlation_returns_ok_response.frozen
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
2022-10-19T13:36:35.608Z
2024-05-10T16:34:31.015Z
Loading
Loading