diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index a5ff8270d1..6d41301bd4 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -1509,6 +1509,13 @@ components: required: true schema: type: string + SampleLogGenerationContentPackID: + description: The identifier of the Cloud SIEM content pack to operate on (for example, `aws-cloudtrail`). + in: path + name: content_pack_id + required: true + schema: + type: string SchemaVersion: description: The schema version desired in the response. in: query @@ -1548,6 +1555,13 @@ components: required: true schema: type: string + SecurityMonitoringIntegrationConfigID: + description: The ID of the entity context sync configuration. + in: path + name: integration_config_id + required: true + schema: + type: string SecurityMonitoringRuleID: description: The ID of the rule. in: path @@ -27074,6 +27088,101 @@ components: type: string type: array type: object + EntityContextEntity: + description: A single entity returned by the entity context endpoint. + properties: + attributes: + $ref: "#/components/schemas/EntityContextEntityAttributes" + id: + description: The unique identifier of the entity. + example: user@example.com + type: string + type: + $ref: "#/components/schemas/SecurityMonitoringEntityContextEntityType" + required: + - id + - type + - attributes + type: object + EntityContextEntityAttributes: + description: The attributes of an entity context entry, grouping all the historical revisions of the entity. + properties: + revisions: + description: The historical revisions of the entity, ordered chronologically. + items: + $ref: "#/components/schemas/EntityContextRevision" + type: array + required: + - revisions + type: object + EntityContextPage: + description: Pagination metadata for the entity context response. + properties: + next_token: + description: An opaque token to pass as `page_token` in a subsequent request to retrieve the next page of results. Empty when there are no more results. + example: "" + type: string + required: + - next_token + type: object + EntityContextResponse: + description: Response from the entity context endpoint, containing the matching entities and pagination metadata. + properties: + data: + description: The list of entities matching the query. + items: + $ref: "#/components/schemas/EntityContextEntity" + type: array + meta: + $ref: "#/components/schemas/EntityContextResponseMeta" + required: + - data + - meta + type: object + EntityContextResponseMeta: + description: Metadata returned alongside the entity context response. + properties: + page: + $ref: "#/components/schemas/EntityContextPage" + total_count: + description: The total number of entities matching the query, irrespective of pagination. + example: 1 + format: int32 + maximum: 2147483647 + type: integer + required: + - page + - total_count + type: object + EntityContextRevision: + description: A single historical revision of an entity, including the time range during which the revision was observed. + properties: + attributes: + $ref: "#/components/schemas/EntityContextRevisionAttributes" + first_seen_at: + description: The first time the entity was observed at this revision. + example: "2026-04-01T00:00:00Z" + format: date-time + type: string + last_seen_at: + description: The last time the entity was observed at this revision. + example: "2026-05-01T00:00:00Z" + format: date-time + type: string + required: + - attributes + - first_seen_at + - last_seen_at + type: object + EntityContextRevisionAttributes: + additionalProperties: {} + description: The set of attributes recorded for the entity at this revision. The keys depend on the kind of entity. + example: + display_name: Test User + emails: + - user@example.com + principal_id: user@example.com + type: object EntityData: description: Entity data. properties: @@ -68358,6 +68467,272 @@ components: example: "report_id" type: string type: object + SampleLogGenerationBulkSubscriptionAttributes: + description: The attributes for creating sample log generation subscriptions for multiple content packs. + properties: + content_pack_ids: + description: The identifiers of the Cloud SIEM content packs to subscribe to. At most five content packs can be requested in a single call. + example: + - aws-cloudtrail + items: + description: A Cloud SIEM content pack identifier. + type: string + maxItems: 5 + type: array + duration: + $ref: "#/components/schemas/SampleLogGenerationDuration" + required: + - content_pack_ids + type: object + SampleLogGenerationBulkSubscriptionData: + description: The bulk subscription request body. + properties: + attributes: + $ref: "#/components/schemas/SampleLogGenerationBulkSubscriptionAttributes" + type: + $ref: "#/components/schemas/SampleLogGenerationBulkSubscriptionRequestType" + required: + - type + - attributes + type: object + SampleLogGenerationBulkSubscriptionItemMeta: + description: Per-item status returned for a bulk subscription request. + properties: + error: + description: A description of the error encountered for this content pack, if the subscription could not be created. + example: content pack does not exist + type: string + status: + description: The HTTP status code that resulted from creating the subscription for this content pack. + example: 200 + format: int32 + maximum: 599 + type: integer + required: + - status + type: object + SampleLogGenerationBulkSubscriptionRequest: + description: Request body to create sample log generation subscriptions for multiple content packs at once. + properties: + data: + $ref: "#/components/schemas/SampleLogGenerationBulkSubscriptionData" + required: + - data + type: object + SampleLogGenerationBulkSubscriptionRequestType: + default: bulk_subscription_requests + description: The type of the resource. The value should always be `bulk_subscription_requests`. + enum: + - bulk_subscription_requests + example: bulk_subscription_requests + type: string + x-enum-varnames: + - BULK_SUBSCRIPTION_REQUESTS + SampleLogGenerationBulkSubscriptionResponse: + description: Response containing the per-content-pack results of a bulk subscription request. + properties: + data: + description: The list of bulk subscription results, one per requested content pack. + items: + $ref: "#/components/schemas/SampleLogGenerationBulkSubscriptionResultItem" + type: array + required: + - data + type: object + SampleLogGenerationBulkSubscriptionResultItem: + description: A single result entry returned by the bulk subscription endpoint. + properties: + attributes: + $ref: "#/components/schemas/SampleLogGenerationSubscriptionAttributes" + id: + description: The unique identifier of the subscription, when one was created. + example: "123" + type: string + meta: + $ref: "#/components/schemas/SampleLogGenerationBulkSubscriptionItemMeta" + type: + $ref: "#/components/schemas/SampleLogGenerationSubscriptionResourceType" + required: + - id + - type + - attributes + - meta + type: object + SampleLogGenerationDuration: + default: 3d + description: How long the subscription should remain active before expiring. + enum: + - 1h + - 1d + - 3d + - 7d + example: 3d + type: string + x-enum-varnames: + - ONE_HOUR + - ONE_DAY + - THREE_DAYS + - SEVEN_DAYS + SampleLogGenerationSubscriptionAttributes: + description: The attributes describing a sample log generation subscription. + properties: + content_pack_id: + description: The identifier of the Cloud SIEM content pack the subscription targets. + example: aws-cloudtrail + type: string + created_at: + description: The time at which the subscription was created. + example: "2026-05-08T20:02:13.77481Z" + format: date-time + type: string + expires_at: + description: The time at which the subscription expires and stops generating logs. + example: "2026-05-11T20:02:13.77481Z" + format: date-time + type: string + is_active: + description: Whether the subscription is currently active and generating logs. + example: true + type: boolean + status: + $ref: "#/components/schemas/SampleLogGenerationSubscriptionStatus" + required: + - content_pack_id + - status + - is_active + - created_at + - expires_at + type: object + SampleLogGenerationSubscriptionCreateAttributes: + description: The attributes for creating a sample log generation subscription. + properties: + content_pack_id: + description: The identifier of the Cloud SIEM content pack to subscribe to. + example: aws-cloudtrail + type: string + duration: + $ref: "#/components/schemas/SampleLogGenerationDuration" + required: + - content_pack_id + type: object + SampleLogGenerationSubscriptionCreateData: + description: The subscription request body. + properties: + attributes: + $ref: "#/components/schemas/SampleLogGenerationSubscriptionCreateAttributes" + type: + $ref: "#/components/schemas/SampleLogGenerationSubscriptionRequestType" + required: + - type + - attributes + type: object + SampleLogGenerationSubscriptionCreateRequest: + description: Request body to create a sample log generation subscription for a single content pack. + properties: + data: + $ref: "#/components/schemas/SampleLogGenerationSubscriptionCreateData" + required: + - data + type: object + SampleLogGenerationSubscriptionData: + description: A sample log generation subscription. + properties: + attributes: + $ref: "#/components/schemas/SampleLogGenerationSubscriptionAttributes" + id: + description: The unique identifier of the subscription. + example: "789" + type: string + type: + $ref: "#/components/schemas/SampleLogGenerationSubscriptionResourceType" + required: + - id + - type + - attributes + type: object + SampleLogGenerationSubscriptionRequestType: + default: subscription_requests + description: The type of the resource. The value should always be `subscription_requests`. + enum: + - subscription_requests + example: subscription_requests + type: string + x-enum-varnames: + - SUBSCRIPTION_REQUESTS + SampleLogGenerationSubscriptionResourceType: + default: subscriptions + description: The type of the resource. The value should always be `subscriptions`. + enum: + - subscriptions + example: subscriptions + type: string + x-enum-varnames: + - SUBSCRIPTIONS + SampleLogGenerationSubscriptionResponse: + description: Response containing a single sample log generation subscription. + properties: + data: + $ref: "#/components/schemas/SampleLogGenerationSubscriptionData" + required: + - data + type: object + SampleLogGenerationSubscriptionStatus: + description: The status of the subscription. + enum: + - subscribed + - renewed + - unsubscribed + - no_active_subscription + - not_available + - active + - expired + example: subscribed + type: string + x-enum-varnames: + - SUBSCRIBED + - RENEWED + - UNSUBSCRIBED + - NO_ACTIVE_SUBSCRIPTION + - NOT_AVAILABLE + - ACTIVE + - EXPIRED + SampleLogGenerationSubscriptionsResponse: + description: Response containing a list of sample log generation subscriptions. + properties: + data: + description: The list of sample log generation subscriptions. + items: + $ref: "#/components/schemas/SampleLogGenerationSubscriptionData" + type: array + meta: + $ref: "#/components/schemas/SampleLogGenerationSubscriptionsResponseMeta" + required: + - data + - meta + type: object + SampleLogGenerationSubscriptionsResponseMeta: + description: Metadata returned alongside a list of sample log generation subscriptions. + properties: + total_subscriptions: + description: The total number of subscriptions matching the request, irrespective of pagination. + example: 1 + format: int32 + maximum: 2147483647 + type: integer + required: + - total_subscriptions + type: object + SampleLogGenerationSubscriptionsStatusFilter: + default: active + description: Filter that controls whether to return only active subscriptions or every subscription on record. + enum: + - active + - all + example: active + type: string + x-enum-varnames: + - ACTIVE + - ALL ScaRequest: description: The top-level request object for submitting a Software Composition Analysis (SCA) scan result. properties: @@ -70738,6 +71113,112 @@ components: required: - data type: object + SecurityFilterVersion: + description: A snapshot of all security filters at a specific configuration version. + properties: + attributes: + $ref: "#/components/schemas/SecurityFilterVersionAttributes" + id: + description: The identifier of the configuration version. + example: "1" + type: string + type: + $ref: "#/components/schemas/SecurityFilterVersionType" + required: + - id + - type + - attributes + type: object + SecurityFilterVersionAttributes: + description: The attributes describing a single security filter configuration version. + properties: + date: + description: The Unix timestamp in milliseconds at which this configuration version was applied. + example: 1758177253469 + format: int64 + type: integer + filters: + description: The set of security filters at this configuration version. + items: + $ref: "#/components/schemas/SecurityFilterVersionEntry" + type: array + version: + description: The configuration version number. + example: 1 + format: int32 + maximum: 2147483647 + type: integer + required: + - version + - date + - filters + type: object + SecurityFilterVersionEntry: + description: A single security filter as it existed at a given configuration version. + properties: + exclusion_filters: + description: The list of exclusion filters applied in this security filter. + items: + $ref: "#/components/schemas/SecurityFilterExclusionFilterResponse" + type: array + filtered_data_type: + $ref: "#/components/schemas/SecurityFilterFilteredDataType" + id: + description: The ID of the security filter. + example: "123" + type: string + is_builtin: + description: Whether the security filter is the built-in filter. + example: false + type: boolean + is_enabled: + description: Whether the security filter is enabled. + example: true + type: boolean + name: + description: The name of the security filter. + example: Test Security Filter + type: string + query: + description: The query of the security filter. + example: source:test + type: string + version: + description: The version of this security filter. + example: 1 + format: int32 + maximum: 2147483647 + type: integer + required: + - id + - name + - version + - query + - is_enabled + - exclusion_filters + - filtered_data_type + - is_builtin + type: object + SecurityFilterVersionType: + default: security_filters_configuration + description: The type of the resource. The value should always be `security_filters_configuration`. + enum: + - security_filters_configuration + example: security_filters_configuration + type: string + x-enum-varnames: + - SECURITY_FILTERS_CONFIGURATION + SecurityFilterVersionsResponse: + description: Response containing the version history of security filters. + properties: + data: + description: A list of historical security filter configurations, ordered from the most recent to the oldest. + items: + $ref: "#/components/schemas/SecurityFilterVersion" + type: array + required: + - data + type: object SecurityFiltersResponse: description: All the available security filters objects. properties: @@ -71274,6 +71755,13 @@ components: $ref: "#/components/schemas/SecurityMonitoringCriticalAsset" type: array type: object + SecurityMonitoringEntityContextEntityType: + default: entity + description: |- + The type of the entity. Reflects the underlying entity kind from the entity context store + (for example, `siem_entity_identity` for identities). Defaults to `entity` when the kind is unknown. + example: siem_entity_identity + type: string SecurityMonitoringFilter: description: The rule's suppression filter. properties: @@ -71292,6 +71780,240 @@ components: x-enum-varnames: - REQUIRE - SUPPRESS + SecurityMonitoringIntegrationConfigAttributes: + description: The attributes of an entity context sync configuration as returned by the API. + properties: + created_at: + description: The time at which the entity context sync configuration was created. + example: "2026-05-01T12:00:00Z" + format: date-time + type: string + domain: + description: The domain associated with the external entity source (for example, the customer's identity provider domain). + example: siem-test.com + type: string + enabled: + description: Whether the sync is enabled and actively ingesting entities into Cloud SIEM. + example: true + type: boolean + integration_type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationType" + modified_at: + description: The time at which the entity context sync configuration was last modified. + example: "2026-05-01T12:00:00Z" + format: date-time + type: string + name: + description: The display name of the entity context sync configuration. + example: My GWS Integration + type: string + settings: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSettings" + state: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigState" + required: + - enabled + - domain + - integration_type + type: object + SecurityMonitoringIntegrationConfigCreateAttributes: + description: The attributes of the entity context sync configuration to create. + properties: + domain: + description: The domain associated with the external entity source. + example: siem-test.com + type: string + integration_type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationType" + name: + description: The display name for the entity context sync configuration. + example: My GWS Integration + type: string + secrets: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSecrets" + settings: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSettings" + required: + - integration_type + - domain + - name + - secrets + type: object + SecurityMonitoringIntegrationConfigCreateData: + description: The entity context sync configuration to create. + properties: + attributes: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigCreateAttributes" + type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigResourceType" + required: + - type + - attributes + type: object + SecurityMonitoringIntegrationConfigCreateRequest: + description: Request body to create an entity context sync configuration. + properties: + data: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigCreateData" + required: + - data + type: object + SecurityMonitoringIntegrationConfigData: + description: An entity context sync configuration. + properties: + attributes: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigAttributes" + id: + description: The unique identifier of the integration configuration. + example: 11111111-2222-3333-4444-555555555555 + type: string + type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigResourceType" + required: + - id + - type + - attributes + type: object + SecurityMonitoringIntegrationConfigResourceType: + default: integration_config + description: The type of the resource. The value should always be `integration_config`. + enum: + - integration_config + example: integration_config + type: string + x-enum-varnames: + - INTEGRATION_CONFIG + SecurityMonitoringIntegrationConfigResponse: + description: Response containing a single entity context sync configuration. + properties: + data: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigData" + required: + - data + type: object + SecurityMonitoringIntegrationConfigSecrets: + additionalProperties: {} + description: The secrets used to authenticate against the external entity source. The accepted keys depend on the source type (for example, `admin_email` for Google Workspace). + example: + admin_email: test@example.com + type: object + SecurityMonitoringIntegrationConfigSettings: + additionalProperties: {} + description: Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type. + example: + setting1: value1 + type: object + SecurityMonitoringIntegrationConfigState: + description: The state of the credentials configured on the entity context sync. + enum: + - valid + - invalid + - initializing + example: valid + type: string + x-enum-varnames: + - VALID + - INVALID + - INITIALIZING + SecurityMonitoringIntegrationConfigUpdateAttributes: + description: Fields to update on the entity context sync configuration. All fields are optional. + properties: + domain: + description: The new domain associated with the external entity source. + example: siem-test.com + type: string + enabled: + description: Whether the entity context sync should be enabled. + example: true + type: boolean + integration_type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationType" + name: + description: The new display name for the entity context sync configuration. + example: My GWS Integration (renamed) + type: string + secrets: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSecrets" + settings: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSettings" + type: object + SecurityMonitoringIntegrationConfigUpdateData: + description: The entity context sync configuration fields to update. + properties: + attributes: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigUpdateAttributes" + type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigResourceType" + required: + - type + - attributes + type: object + SecurityMonitoringIntegrationConfigUpdateRequest: + description: Request body to update an entity context sync configuration. Supports partial updates. + properties: + data: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigUpdateData" + required: + - data + type: object + SecurityMonitoringIntegrationConfigsResponse: + description: Response containing a list of entity context sync configurations. + properties: + data: + description: The list of integration configurations. + items: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigData" + type: array + required: + - data + type: object + SecurityMonitoringIntegrationCredentialsValidateAttributes: + description: The credentials to validate against the external entity source. + properties: + domain: + description: The domain associated with the external entity source. + example: siem-test.com + type: string + integration_type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationType" + secrets: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSecrets" + required: + - integration_type + - domain + - secrets + type: object + SecurityMonitoringIntegrationCredentialsValidateData: + description: The credentials to validate. + properties: + attributes: + $ref: "#/components/schemas/SecurityMonitoringIntegrationCredentialsValidateAttributes" + type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigResourceType" + required: + - type + - attributes + type: object + SecurityMonitoringIntegrationCredentialsValidateRequest: + description: Request body to validate credentials against an external entity source before creating a sync configuration. + properties: + data: + $ref: "#/components/schemas/SecurityMonitoringIntegrationCredentialsValidateData" + required: + - data + type: object + SecurityMonitoringIntegrationType: + description: The type of external source that provides entities to Cloud SIEM. + enum: + - GOOGLE_WORKSPACE + - OKTA + - ENTRA_ID + example: GOOGLE_WORKSPACE + type: string + x-enum-varnames: + - GOOGLE_WORKSPACE + - OKTA + - ENTRA_ID SecurityMonitoringListRulesResponse: description: List of rules. properties: @@ -76713,6 +77435,60 @@ components: description: Included data for shift operations. oneOf: - $ref: "#/components/schemas/ScheduleUser" + SignalEntitiesAttributes: + description: Attributes containing the entities related to the signal. + properties: + identities: + description: The identity entities related to the signal. Each item is a free-form object describing an identity (for example, a user or principal). + example: + - display_name: Test User + principal_id: user@example.com + items: + $ref: "#/components/schemas/SignalEntityIdentity" + type: array + required: + - identities + type: object + SignalEntitiesData: + description: Entities related to a security signal. + properties: + attributes: + $ref: "#/components/schemas/SignalEntitiesAttributes" + id: + description: The signal ID the entities are associated with. + example: AAAAAWgN8Xwgr1vKDQAAAABBV2dOOFh3ZzZobm1mWXJFYTR0OA + type: string + type: + $ref: "#/components/schemas/SignalEntitiesType" + required: + - id + - type + - attributes + type: object + SignalEntitiesResponse: + description: Response containing entities related to a security signal. + properties: + data: + $ref: "#/components/schemas/SignalEntitiesData" + required: + - data + type: object + SignalEntitiesType: + default: entities + description: The type of the resource. The value should always be `entities`. + enum: + - entities + example: entities + type: string + x-enum-varnames: + - ENTITIES + SignalEntityIdentity: + additionalProperties: {} + description: An identity entity related to a signal. The set of attributes is dynamic and depends on the source providing the identity. + example: + display_name: Test User + principal_id: user@example.com + type: object SimpleMonitorUserTemplate: description: A simplified version of a monitor user template. properties: @@ -91091,6 +91867,10 @@ components: incident_settings_read: View Incident Settings. incident_settings_write: Configure Incident Settings. incident_write: Create, view, and manage incidents in Datadog. + integrations_read: View configured integrations and their settings. + logs_modify_indexes: Modify log indexes, filters, exclusion filters, and configurations. + logs_read_index_data: Read indexed log data. + manage_integrations: Install, uninstall, and configure integrations. metrics_read: View custom metrics. monitors_downtime: Set downtimes to suppress alerts from any monitor in an organization. Mute and unmute monitors. The ability to write monitors is not required to set downtimes. monitors_read: View monitors. @@ -91111,6 +91891,7 @@ components: security_monitoring_suppressions_write: Write Rule Suppressions. security_pipelines_read: View Security Pipelines. security_pipelines_write: Create, edit, and delete CSM Security Pipelines. + siem_entities_read: View Cloud SIEM entities. slos_corrections: Apply, edit, and delete SLO status corrections. A user with this permission can make status corrections, even if they do not have permission to edit those SLOs. slos_read: View SLOs and status corrections. slos_write: Create, edit, and delete SLOs. @@ -144465,6 +145246,355 @@ paths: summary: Update a critical asset tags: - Security Monitoring + /api/v2/security_monitoring/configuration/integration_config: + get: + description: |- + List the entity context sync configurations for Cloud SIEM. Each configuration connects Cloud SIEM + to an external source that provides entities (for example, users from an identity provider) for use + in signals and the entity explorer. + operationId: ListSecurityMonitoringIntegrationConfigs + parameters: + - description: Filter the entity context sync configurations by source type. + in: query + name: filter[integration_type] + required: false + schema: + $ref: "#/components/schemas/SecurityMonitoringIntegrationType" + responses: + "200": + content: + application/json: + examples: + default: + value: + data: + - attributes: + created_at: "2026-05-01T12:00:00Z" + domain: siem-test.com + enabled: true + integration_type: GOOGLE_WORKSPACE + modified_at: "2026-05-01T12:00:00Z" + name: My GWS Integration + settings: + setting1: value1 + state: valid + id: 11111111-2222-3333-4444-555555555555 + type: integration_config + schema: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigsResponse" + description: OK + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - integrations_read + summary: List entity context sync configurations + tags: ["Security Monitoring"] + x-permission: + operator: OR + permissions: + - integrations_read + x-unstable: |- + **Note**: This endpoint is in preview and is subject to change. + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). + post: + description: |- + Create a new entity context sync configuration so Cloud SIEM can ingest entities from an external + source. The credentials provided in `secrets` are validated against the source before the configuration + is stored and never returned in subsequent responses. + operationId: CreateSecurityMonitoringIntegrationConfig + requestBody: + content: + application/json: + examples: + default: + value: + data: + attributes: + domain: siem-test.com + integration_type: GOOGLE_WORKSPACE + name: My GWS Integration + secrets: + admin_email: test@example.com + settings: + setting1: value1 + type: integration_config + schema: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigCreateRequest" + description: The definition of the new integration configuration. + required: true + responses: + "200": + content: + application/json: + examples: + default: + value: + data: + attributes: + created_at: "2026-05-01T12:00:00Z" + domain: siem-test.com + enabled: true + integration_type: GOOGLE_WORKSPACE + modified_at: "2026-05-01T12:00:00Z" + name: My GWS Integration + settings: + setting1: value1 + id: 11111111-2222-3333-4444-555555555555 + type: integration_config + schema: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigResponse" + description: OK + "400": + $ref: "#/components/responses/BadRequestResponse" + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - manage_integrations + summary: Create an entity context sync configuration + tags: ["Security Monitoring"] + x-codegen-request-body-name: body + x-permission: + operator: OR + permissions: + - manage_integrations + x-unstable: |- + **Note**: This endpoint is in preview and is subject to change. + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). + /api/v2/security_monitoring/configuration/integration_config/validate: + post: + description: |- + Validate a set of credentials against the external entity source before creating a sync configuration. + Returns a 200 status code if the credentials are valid. + operationId: ValidateSecurityMonitoringIntegrationCredentials + requestBody: + content: + application/json: + examples: + default: + value: + data: + attributes: + domain: siem-test.com + integration_type: GOOGLE_WORKSPACE + secrets: + admin_email: test@example.com + type: integration_config + schema: + $ref: "#/components/schemas/SecurityMonitoringIntegrationCredentialsValidateRequest" + description: The credentials to validate. + required: true + responses: + "200": + description: OK + "400": + $ref: "#/components/responses/BadRequestResponse" + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - integrations_read + summary: Validate entity context sync credentials + tags: ["Security Monitoring"] + x-codegen-request-body-name: body + x-permission: + operator: OR + permissions: + - integrations_read + x-unstable: |- + **Note**: This endpoint is in preview and is subject to change. + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). + /api/v2/security_monitoring/configuration/integration_config/{integration_config_id}: + delete: + description: |- + Delete an entity context sync configuration. Cloud SIEM stops ingesting entities from this source, + and the credentials stored for the configuration are removed from the secrets store. + operationId: DeleteSecurityMonitoringIntegrationConfig + parameters: + - $ref: "#/components/parameters/SecurityMonitoringIntegrationConfigID" + responses: + "204": + description: OK + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "404": + $ref: "#/components/responses/NotFoundResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - manage_integrations + summary: Delete an entity context sync configuration + tags: ["Security Monitoring"] + x-permission: + operator: OR + permissions: + - manage_integrations + x-unstable: |- + **Note**: This endpoint is in preview and is subject to change. + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). + get: + description: Get the details of a specific entity context sync configuration. + operationId: GetSecurityMonitoringIntegrationConfig + parameters: + - $ref: "#/components/parameters/SecurityMonitoringIntegrationConfigID" + responses: + "200": + content: + application/json: + examples: + default: + value: + data: + attributes: + created_at: "2026-05-01T12:00:00Z" + domain: siem-test.com + enabled: true + integration_type: GOOGLE_WORKSPACE + modified_at: "2026-05-01T12:00:00Z" + name: My GWS Integration + settings: + setting1: value1 + state: valid + id: 11111111-2222-3333-4444-555555555555 + type: integration_config + schema: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigResponse" + description: OK + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "404": + $ref: "#/components/responses/NotFoundResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - integrations_read + summary: Get an entity context sync configuration + tags: ["Security Monitoring"] + x-permission: + operator: OR + permissions: + - integrations_read + x-unstable: |- + **Note**: This endpoint is in preview and is subject to change. + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). + patch: + description: Update an existing entity context sync configuration. Supports partial updates; only the fields provided in the request body are modified. + operationId: UpdateSecurityMonitoringIntegrationConfig + parameters: + - $ref: "#/components/parameters/SecurityMonitoringIntegrationConfigID" + requestBody: + content: + application/json: + examples: + default: + value: + data: + attributes: + enabled: false + name: My GWS Integration (renamed) + type: integration_config + schema: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigUpdateRequest" + description: The fields to update on the integration configuration. + required: true + responses: + "200": + content: + application/json: + examples: + default: + value: + data: + attributes: + created_at: "2026-05-01T12:00:00Z" + domain: siem-test.com + enabled: false + integration_type: GOOGLE_WORKSPACE + modified_at: "2026-05-08T12:00:00Z" + name: My GWS Integration (renamed) + settings: + setting1: value1 + state: valid + id: 11111111-2222-3333-4444-555555555555 + type: integration_config + schema: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigResponse" + description: OK + "400": + $ref: "#/components/responses/BadRequestResponse" + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "404": + $ref: "#/components/responses/NotFoundResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - manage_integrations + summary: Update an entity context sync configuration + tags: ["Security Monitoring"] + x-codegen-request-body-name: body + x-permission: + operator: OR + permissions: + - manage_integrations + x-unstable: |- + **Note**: This endpoint is in preview and is subject to change. + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). + /api/v2/security_monitoring/configuration/integration_config/{integration_config_id}/validate: + post: + description: |- + Validate the credentials currently stored on an existing entity context sync configuration. + Returns a 200 status code if the credentials are still valid against the external entity source. + operationId: ValidateSecurityMonitoringIntegrationConfig + parameters: + - $ref: "#/components/parameters/SecurityMonitoringIntegrationConfigID" + responses: + "200": + description: OK + "400": + $ref: "#/components/responses/BadRequestResponse" + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "404": + $ref: "#/components/responses/NotFoundResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - integrations_read + summary: Validate an entity context sync configuration + tags: ["Security Monitoring"] + x-permission: + operator: OR + permissions: + - integrations_read + x-unstable: |- + **Note**: This endpoint is in preview and is subject to change. + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). /api/v2/security_monitoring/configuration/security_filters: get: description: Get the list of configured security filters with their definitions. @@ -144577,6 +145707,53 @@ paths: operator: OR permissions: - security_monitoring_filters_write + /api/v2/security_monitoring/configuration/security_filters/versions: + get: + description: |- + Get the configured security filters at each historical version of the configuration. + Each entry in the response represents the set of all security filters at a given version, + ordered from the most recent version to the oldest. + operationId: ListSecurityFilterVersions + responses: + "200": + content: + application/json: + examples: + default: + value: + data: + - attributes: + date: 1758177253469 + filters: + - exclusion_filters: [] + filtered_data_type: logs + id: "123" + is_builtin: false + is_enabled: true + name: Test Security Filter + query: source:test + version: 1 + version: 1 + id: "1" + type: security_filters_configuration + schema: + $ref: "#/components/schemas/SecurityFilterVersionsResponse" + description: OK + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_filters_read + summary: Get the version history of security filters + tags: ["Security Monitoring"] + x-permission: + operator: OR + permissions: + - security_monitoring_filters_read /api/v2/security_monitoring/configuration/security_filters/{security_filter_id}: delete: description: Delete a specific security filter. @@ -145357,6 +146534,113 @@ paths: x-unstable: |- **Note**: This endpoint is in preview and is subject to change. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). + /api/v2/security_monitoring/entity_context: + get: + description: |- + Search the Cloud SIEM entity context store for entities that match a query, and return the historical + revisions of each entity in the requested time range. The endpoint can either return revisions across an + interval (`from` / `to`) or the snapshot of each entity at a single point in time (`as_of`); the two modes + are mutually exclusive. + operationId: GetEntityContext + parameters: + - description: A free-text query (for example, an email address or principal ID) used to filter the entities returned. + example: user@example.com + in: query + name: query + required: false + schema: + type: string + - description: |- + The start of the time range to query, as an RFC3339 timestamp or a relative time (for example, `now-7d`). + Defaults to `now-7d`. Ignored when `as_of` is set. + in: query + name: from + required: false + schema: + default: now-7d + example: now-7d + type: string + - description: |- + The end of the time range to query, as an RFC3339 timestamp or a relative time (for example, `now`). + Defaults to `now`. Ignored when `as_of` is set. + in: query + name: to + required: false + schema: + default: now + example: now + type: string + - description: |- + A point in time at which to query the entity revisions, as an RFC3339 timestamp, a Unix timestamp + (in seconds), or a relative time (for example, `now-1d`). When set, `from` and `to` are ignored. + Cannot be combined with custom `from` / `to` values. + example: now-1d + in: query + name: as_of + required: false + schema: + type: string + - description: The maximum number of entities to return. + in: query + name: limit + required: false + schema: + default: 250 + example: 100 + format: int64 + type: integer + - description: An opaque token used to fetch the next page of results, as returned in `meta.page.next_token` of a previous response. + in: query + name: page_token + required: false + schema: + type: string + responses: + "200": + content: + application/json: + examples: + default: + value: + data: + - attributes: + revisions: + - attributes: + display_name: Test User + emails: + - user@example.com + principal_id: user@example.com + first_seen_at: "2026-04-01T00:00:00Z" + last_seen_at: "2026-05-01T00:00:00Z" + id: user@example.com + type: siem_entity_identity + meta: + page: + next_token: "" + total_count: 1 + schema: + $ref: "#/components/schemas/EntityContextResponse" + description: OK + "400": + $ref: "#/components/responses/BadRequestResponse" + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - siem_entities_read + summary: Get entity context + tags: ["Security Monitoring"] + x-permission: + operator: OR + permissions: + - siem_entities_read + x-unstable: |- + **Note**: This endpoint is in preview and is subject to change. + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). /api/v2/security_monitoring/rules: get: description: List rules. @@ -146232,6 +147516,282 @@ paths: - security_monitoring_rules_read x-unstable: |- **Note**: This endpoint is in beta and may be subject to changes. + /api/v2/security_monitoring/sample_log_generation/subscriptions: + get: + description: |- + Get the sample log generation subscriptions for the organization. + Sample log generation injects representative example logs for a given Cloud SIEM content pack into the Logs platform, + which can be used to test detection rules without onboarding the underlying integration first. + + **Availability**: this endpoint is restricted to Cloud SIEM trial organizations on an eligible + pricing model. Other organizations receive a `403 Forbidden` (non-trial orgs) or a `400 Bad Request` + (feature disabled), and legacy pricing tiers receive a response with `status: not_available`. + operationId: ListSampleLogGenerationSubscriptions + parameters: + - description: |- + Filter the subscriptions by status. Use `active` to return only currently active + subscriptions, or `all` to return every subscription including expired ones. + Ignored when `start_timestamp` is provided. Defaults to `active`. + in: query + name: status + required: false + schema: + $ref: "#/components/schemas/SampleLogGenerationSubscriptionsStatusFilter" + - description: |- + The start of the time range, as an RFC3339 timestamp. When provided, the response includes + every subscription that was active at any point in `[start_timestamp, end_timestamp]`, + and the `status` filter is ignored. + example: "2026-05-01T00:00:00Z" + in: query + name: start_timestamp + required: false + schema: + format: date-time + type: string + - description: |- + The end of the time range, as an RFC3339 timestamp. Ignored unless `start_timestamp` is set. + Defaults to the current time when `start_timestamp` is provided. + example: "2026-05-08T00:00:00Z" + in: query + name: end_timestamp + required: false + schema: + format: date-time + type: string + responses: + "200": + content: + application/json: + examples: + default: + value: + data: + - attributes: + content_pack_id: aws-cloudtrail + created_at: "2026-05-08T20:02:13.77481Z" + expires_at: "2026-05-11T20:02:13.77481Z" + is_active: true + status: subscribed + id: "999" + type: subscriptions + meta: + total_subscriptions: 1 + schema: + $ref: "#/components/schemas/SampleLogGenerationSubscriptionsResponse" + description: OK + "400": + $ref: "#/components/responses/BadRequestResponse" + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_filters_read + - logs_read_index_data + summary: Get sample log generation subscriptions + tags: ["Security Monitoring"] + x-permission: + operator: OR + permissions: + - security_monitoring_filters_read + - logs_read_index_data + x-unstable: |- + **Note**: This endpoint is in preview and is subject to change. + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). + post: + description: |- + Subscribe to sample log generation for a Cloud SIEM content pack. Sample logs for the + requested content pack are injected into the Logs platform for the duration of the subscription, + so detection rules can be exercised without onboarding the underlying integration first. + + **Availability**: this endpoint is restricted to Cloud SIEM trial organizations on an + eligible pricing model. Non-trial orgs receive `403 Forbidden`, the feature flag may also reject + requests with `400 Bad Request`, and legacy pricing tiers receive a response with `status: not_available`. + operationId: CreateSampleLogGenerationSubscription + requestBody: + content: + application/json: + examples: + default: + value: + data: + attributes: + content_pack_id: aws-cloudtrail + duration: 3d + type: subscription_requests + schema: + $ref: "#/components/schemas/SampleLogGenerationSubscriptionCreateRequest" + description: The content pack to subscribe to and the desired duration of the subscription. + required: true + responses: + "200": + content: + application/json: + examples: + default: + value: + data: + attributes: + content_pack_id: aws-cloudtrail + created_at: "2026-05-08T20:02:13.77481Z" + expires_at: "2026-05-11T20:02:13.77481Z" + is_active: true + status: subscribed + id: "789" + type: subscriptions + schema: + $ref: "#/components/schemas/SampleLogGenerationSubscriptionResponse" + description: OK + "400": + $ref: "#/components/responses/BadRequestResponse" + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_filters_write + - logs_modify_indexes + summary: Subscribe to sample log generation + tags: ["Security Monitoring"] + x-codegen-request-body-name: body + x-permission: + operator: OR + permissions: + - security_monitoring_filters_write + - logs_modify_indexes + x-unstable: |- + **Note**: This endpoint is in preview and is subject to change. + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). + /api/v2/security_monitoring/sample_log_generation/subscriptions/bulk: + post: + description: |- + Subscribe to sample log generation for multiple Cloud SIEM content packs in a single call. + Each requested content pack is processed independently; the response includes a per-item + status so partial successes can be inspected. + + **Availability**: this endpoint is restricted to Cloud SIEM trial organizations on an + eligible pricing model. Non-trial orgs receive `403 Forbidden`, the feature flag may also reject + requests with `400 Bad Request`, and legacy pricing tiers receive per-item responses with `status: not_available`. + operationId: BulkCreateSampleLogGenerationSubscriptions + requestBody: + content: + application/json: + examples: + default: + value: + data: + attributes: + content_pack_ids: + - aws-cloudtrail + duration: 3d + type: bulk_subscription_requests + schema: + $ref: "#/components/schemas/SampleLogGenerationBulkSubscriptionRequest" + description: The content packs to subscribe to and the desired duration of the subscriptions. + required: true + responses: + "200": + content: + application/json: + examples: + default: + value: + data: + - attributes: + content_pack_id: aws-cloudtrail + created_at: "2026-05-08T20:02:13.655716Z" + expires_at: "2026-05-11T20:02:13.655716Z" + is_active: true + status: subscribed + id: "123" + meta: + status: 200 + type: subscriptions + schema: + $ref: "#/components/schemas/SampleLogGenerationBulkSubscriptionResponse" + description: OK + "400": + $ref: "#/components/responses/BadRequestResponse" + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_filters_write + - logs_modify_indexes + summary: Bulk subscribe to sample log generation + tags: ["Security Monitoring"] + x-codegen-request-body-name: body + x-permission: + operator: OR + permissions: + - security_monitoring_filters_write + - logs_modify_indexes + x-unstable: |- + **Note**: This endpoint is in preview and is subject to change. + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). + /api/v2/security_monitoring/sample_log_generation/subscriptions/{content_pack_id}: + delete: + description: |- + Unsubscribe from sample log generation for a Cloud SIEM content pack. + After unsubscribing, no more sample logs are generated for the requested content pack. + + **Availability**: this endpoint is restricted to Cloud SIEM trial organizations on an + eligible pricing model. Non-trial orgs receive `403 Forbidden`, the feature flag may also reject + requests with `400 Bad Request`, and legacy pricing tiers receive a response with `status: not_available`. + operationId: DeleteSampleLogGenerationSubscription + parameters: + - $ref: "#/components/parameters/SampleLogGenerationContentPackID" + responses: + "200": + content: + application/json: + examples: + default: + value: + data: + attributes: + content_pack_id: aws-cloudtrail + created_at: "2026-05-08T20:02:13.77481Z" + expires_at: "2026-05-08T20:30:00Z" + is_active: false + status: unsubscribed + id: "789" + type: subscriptions + schema: + $ref: "#/components/schemas/SampleLogGenerationSubscriptionResponse" + description: OK + "400": + $ref: "#/components/responses/BadRequestResponse" + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_filters_write + - logs_modify_indexes + summary: Unsubscribe from sample log generation + tags: ["Security Monitoring"] + x-permission: + operator: OR + permissions: + - security_monitoring_filters_write + - logs_modify_indexes + x-unstable: |- + **Note**: This endpoint is in preview and is subject to change. + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). /api/v2/security_monitoring/signals: get: description: |- @@ -146652,6 +148212,61 @@ paths: operator: OR permissions: - security_monitoring_signals_write + /api/v2/security_monitoring/signals/{signal_id}/entities: + get: + description: Get the list of entities related to a security signal, captured at the signal's timestamp. + operationId: GetSignalEntities + parameters: + - $ref: "#/components/parameters/SignalID" + - description: The maximum number of entities to return. + in: query + name: limit + required: false + schema: + default: 10 + example: 10 + format: int32 + maximum: 1000 + type: integer + responses: + "200": + content: + application/json: + examples: + default: + value: + data: + attributes: + identities: + - display_name: Test User + principal_id: user@example.com + id: AAAAAWgN8Xwgr1vKDQAAAABBV2dOOFh3ZzZobm1mWXJFYTR0OA + type: entities + schema: + $ref: "#/components/schemas/SignalEntitiesResponse" + description: OK + "400": + $ref: "#/components/responses/BadRequestResponse" + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "404": + $ref: "#/components/responses/NotFoundResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_signals_read + summary: Get entities related to a signal + tags: ["Security Monitoring"] + x-permission: + operator: OR + permissions: + - security_monitoring_signals_read + x-unstable: |- + **Note**: This endpoint is in preview and is subject to change. + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). /api/v2/security_monitoring/signals/{signal_id}/incidents: patch: description: |- diff --git a/docs/datadog_api_client.v2.model.rst b/docs/datadog_api_client.v2.model.rst index 09ac4c9e7e..5ce3843e8a 100644 --- a/docs/datadog_api_client.v2.model.rst +++ b/docs/datadog_api_client.v2.model.rst @@ -11092,6 +11092,55 @@ datadog\_api\_client.v2.model.entity\_attributes module :members: :show-inheritance: +datadog\_api\_client.v2.model.entity\_context\_entity module +------------------------------------------------------------ + +.. automodule:: datadog_api_client.v2.model.entity_context_entity + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.entity\_context\_entity\_attributes module +------------------------------------------------------------------------ + +.. automodule:: datadog_api_client.v2.model.entity_context_entity_attributes + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.entity\_context\_page module +---------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.entity_context_page + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.entity\_context\_response module +-------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.entity_context_response + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.entity\_context\_response\_meta module +-------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.entity_context_response_meta + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.entity\_context\_revision module +-------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.entity_context_revision + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.entity\_context\_revision\_attributes module +-------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.entity_context_revision_attributes + :members: + :show-inheritance: + datadog\_api\_client.v2.model.entity\_data module ------------------------------------------------- @@ -29838,6 +29887,146 @@ datadog\_api\_client.v2.model.saml\_assertion\_attributes\_type module :members: :show-inheritance: +datadog\_api\_client.v2.model.sample\_log\_generation\_bulk\_subscription\_attributes module +-------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.sample_log_generation_bulk_subscription_attributes + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.sample\_log\_generation\_bulk\_subscription\_data module +-------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.sample_log_generation_bulk_subscription_data + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.sample\_log\_generation\_bulk\_subscription\_item\_meta module +-------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.sample_log_generation_bulk_subscription_item_meta + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.sample\_log\_generation\_bulk\_subscription\_request module +----------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.sample_log_generation_bulk_subscription_request + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.sample\_log\_generation\_bulk\_subscription\_request\_type module +----------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.sample_log_generation_bulk_subscription_request_type + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.sample\_log\_generation\_bulk\_subscription\_response module +------------------------------------------------------------------------------------------ + +.. automodule:: datadog_api_client.v2.model.sample_log_generation_bulk_subscription_response + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.sample\_log\_generation\_bulk\_subscription\_result\_item module +---------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.sample_log_generation_bulk_subscription_result_item + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.sample\_log\_generation\_duration module +---------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.sample_log_generation_duration + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.sample\_log\_generation\_subscription\_attributes module +-------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.sample_log_generation_subscription_attributes + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.sample\_log\_generation\_subscription\_create\_attributes module +---------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.sample_log_generation_subscription_create_attributes + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.sample\_log\_generation\_subscription\_create\_data module +---------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.sample_log_generation_subscription_create_data + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.sample\_log\_generation\_subscription\_create\_request module +------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.sample_log_generation_subscription_create_request + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.sample\_log\_generation\_subscription\_data module +-------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.sample_log_generation_subscription_data + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.sample\_log\_generation\_subscription\_request\_type module +----------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.sample_log_generation_subscription_request_type + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.sample\_log\_generation\_subscription\_resource\_type module +------------------------------------------------------------------------------------------ + +.. automodule:: datadog_api_client.v2.model.sample_log_generation_subscription_resource_type + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.sample\_log\_generation\_subscription\_response module +------------------------------------------------------------------------------------ + +.. automodule:: datadog_api_client.v2.model.sample_log_generation_subscription_response + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.sample\_log\_generation\_subscription\_status module +---------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.sample_log_generation_subscription_status + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.sample\_log\_generation\_subscriptions\_response module +------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.sample_log_generation_subscriptions_response + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.sample\_log\_generation\_subscriptions\_response\_meta module +------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.sample_log_generation_subscriptions_response_meta + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.sample\_log\_generation\_subscriptions\_status\_filter module +------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.sample_log_generation_subscriptions_status_filter + :members: + :show-inheritance: + datadog\_api\_client.v2.model.sbom module ----------------------------------------- @@ -30958,6 +31147,34 @@ datadog\_api\_client.v2.model.security\_filter\_update\_request module :members: :show-inheritance: +datadog\_api\_client.v2.model.security\_filter\_version\_attributes module +-------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_filter_version_attributes + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_filter\_version\_entry module +--------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_filter_version_entry + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_filter\_version\_type module +-------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_filter_version_type + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_filter\_versions\_response module +------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_filter_versions_response + :members: + :show-inheritance: + datadog\_api\_client.v2.model.security\_filters\_response module ---------------------------------------------------------------- @@ -31210,6 +31427,132 @@ datadog\_api\_client.v2.model.security\_monitoring\_filter\_action module :members: :show-inheritance: +datadog\_api\_client.v2.model.security\_monitoring\_integration\_config\_attributes module +------------------------------------------------------------------------------------------ + +.. automodule:: datadog_api_client.v2.model.security_monitoring_integration_config_attributes + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_monitoring\_integration\_config\_create\_attributes module +-------------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_monitoring_integration_config_create_attributes + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_monitoring\_integration\_config\_create\_data module +-------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_monitoring_integration_config_create_data + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_monitoring\_integration\_config\_create\_request module +----------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_monitoring_integration_config_create_request + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_monitoring\_integration\_config\_data module +------------------------------------------------------------------------------------ + +.. automodule:: datadog_api_client.v2.model.security_monitoring_integration_config_data + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_monitoring\_integration\_config\_resource\_type module +---------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_monitoring_integration_config_resource_type + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_monitoring\_integration\_config\_response module +---------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_monitoring_integration_config_response + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_monitoring\_integration\_config\_secrets module +--------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_monitoring_integration_config_secrets + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_monitoring\_integration\_config\_settings module +---------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_monitoring_integration_config_settings + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_monitoring\_integration\_config\_state module +------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_monitoring_integration_config_state + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_monitoring\_integration\_config\_update\_attributes module +-------------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_monitoring_integration_config_update_attributes + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_monitoring\_integration\_config\_update\_data module +-------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_monitoring_integration_config_update_data + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_monitoring\_integration\_config\_update\_request module +----------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_monitoring_integration_config_update_request + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_monitoring\_integration\_configs\_response module +----------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_monitoring_integration_configs_response + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_monitoring\_integration\_credentials\_validate\_attributes module +--------------------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_monitoring_integration_credentials_validate_attributes + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_monitoring\_integration\_credentials\_validate\_data module +--------------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_monitoring_integration_credentials_validate_data + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_monitoring\_integration\_credentials\_validate\_request module +------------------------------------------------------------------------------------------------------ + +.. automodule:: datadog_api_client.v2.model.security_monitoring_integration_credentials_validate_request + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_monitoring\_integration\_type module +---------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_monitoring_integration_type + :members: + :show-inheritance: + datadog\_api\_client.v2.model.security\_monitoring\_list\_rules\_response module -------------------------------------------------------------------------------- @@ -33499,6 +33842,41 @@ datadog\_api\_client.v2.model.shift\_included module :members: :show-inheritance: +datadog\_api\_client.v2.model.signal\_entities\_attributes module +----------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.signal_entities_attributes + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.signal\_entities\_data module +----------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.signal_entities_data + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.signal\_entities\_response module +--------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.signal_entities_response + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.signal\_entities\_type module +----------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.signal_entities_type + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.signal\_entity\_identity module +------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.signal_entity_identity + :members: + :show-inheritance: + datadog\_api\_client.v2.model.simple\_monitor\_user\_template module -------------------------------------------------------------------- diff --git a/examples/v2/security-monitoring/BulkCreateSampleLogGenerationSubscriptions.py b/examples/v2/security-monitoring/BulkCreateSampleLogGenerationSubscriptions.py new file mode 100644 index 0000000000..6e08f66f7e --- /dev/null +++ b/examples/v2/security-monitoring/BulkCreateSampleLogGenerationSubscriptions.py @@ -0,0 +1,39 @@ +""" +Bulk subscribe to sample log generation returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi +from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_attributes import ( + SampleLogGenerationBulkSubscriptionAttributes, +) +from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_data import ( + SampleLogGenerationBulkSubscriptionData, +) +from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_request import ( + SampleLogGenerationBulkSubscriptionRequest, +) +from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_request_type import ( + SampleLogGenerationBulkSubscriptionRequestType, +) +from datadog_api_client.v2.model.sample_log_generation_duration import SampleLogGenerationDuration + +body = SampleLogGenerationBulkSubscriptionRequest( + data=SampleLogGenerationBulkSubscriptionData( + attributes=SampleLogGenerationBulkSubscriptionAttributes( + content_pack_ids=[ + "aws-cloudtrail", + ], + duration=SampleLogGenerationDuration.THREE_DAYS, + ), + type=SampleLogGenerationBulkSubscriptionRequestType.BULK_SUBSCRIPTION_REQUESTS, + ), +) + +configuration = Configuration() +configuration.unstable_operations["bulk_create_sample_log_generation_subscriptions"] = True +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.bulk_create_sample_log_generation_subscriptions(body=body) + + print(response) diff --git a/examples/v2/security-monitoring/CreateSampleLogGenerationSubscription.py b/examples/v2/security-monitoring/CreateSampleLogGenerationSubscription.py new file mode 100644 index 0000000000..b4edc8e611 --- /dev/null +++ b/examples/v2/security-monitoring/CreateSampleLogGenerationSubscription.py @@ -0,0 +1,37 @@ +""" +Subscribe to sample log generation returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi +from datadog_api_client.v2.model.sample_log_generation_duration import SampleLogGenerationDuration +from datadog_api_client.v2.model.sample_log_generation_subscription_create_attributes import ( + SampleLogGenerationSubscriptionCreateAttributes, +) +from datadog_api_client.v2.model.sample_log_generation_subscription_create_data import ( + SampleLogGenerationSubscriptionCreateData, +) +from datadog_api_client.v2.model.sample_log_generation_subscription_create_request import ( + SampleLogGenerationSubscriptionCreateRequest, +) +from datadog_api_client.v2.model.sample_log_generation_subscription_request_type import ( + SampleLogGenerationSubscriptionRequestType, +) + +body = SampleLogGenerationSubscriptionCreateRequest( + data=SampleLogGenerationSubscriptionCreateData( + attributes=SampleLogGenerationSubscriptionCreateAttributes( + content_pack_id="aws-cloudtrail", + duration=SampleLogGenerationDuration.THREE_DAYS, + ), + type=SampleLogGenerationSubscriptionRequestType.SUBSCRIPTION_REQUESTS, + ), +) + +configuration = Configuration() +configuration.unstable_operations["create_sample_log_generation_subscription"] = True +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.create_sample_log_generation_subscription(body=body) + + print(response) diff --git a/examples/v2/security-monitoring/CreateSecurityMonitoringIntegrationConfig.py b/examples/v2/security-monitoring/CreateSecurityMonitoringIntegrationConfig.py new file mode 100644 index 0000000000..fe56a9911b --- /dev/null +++ b/examples/v2/security-monitoring/CreateSecurityMonitoringIntegrationConfig.py @@ -0,0 +1,46 @@ +""" +Create an entity context sync configuration returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi +from datadog_api_client.v2.model.security_monitoring_integration_config_create_attributes import ( + SecurityMonitoringIntegrationConfigCreateAttributes, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_create_data import ( + SecurityMonitoringIntegrationConfigCreateData, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_create_request import ( + SecurityMonitoringIntegrationConfigCreateRequest, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_resource_type import ( + SecurityMonitoringIntegrationConfigResourceType, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_secrets import ( + SecurityMonitoringIntegrationConfigSecrets, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_settings import ( + SecurityMonitoringIntegrationConfigSettings, +) +from datadog_api_client.v2.model.security_monitoring_integration_type import SecurityMonitoringIntegrationType + +body = SecurityMonitoringIntegrationConfigCreateRequest( + data=SecurityMonitoringIntegrationConfigCreateData( + attributes=SecurityMonitoringIntegrationConfigCreateAttributes( + domain="siem-test.com", + integration_type=SecurityMonitoringIntegrationType.GOOGLE_WORKSPACE, + name="My GWS Integration", + secrets=SecurityMonitoringIntegrationConfigSecrets([("admin_email", "test@example.com")]), + settings=SecurityMonitoringIntegrationConfigSettings([("setting1", "value1")]), + ), + type=SecurityMonitoringIntegrationConfigResourceType.INTEGRATION_CONFIG, + ), +) + +configuration = Configuration() +configuration.unstable_operations["create_security_monitoring_integration_config"] = True +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.create_security_monitoring_integration_config(body=body) + + print(response) diff --git a/examples/v2/security-monitoring/DeleteSampleLogGenerationSubscription.py b/examples/v2/security-monitoring/DeleteSampleLogGenerationSubscription.py new file mode 100644 index 0000000000..421ec28aa3 --- /dev/null +++ b/examples/v2/security-monitoring/DeleteSampleLogGenerationSubscription.py @@ -0,0 +1,16 @@ +""" +Unsubscribe from sample log generation returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi + +configuration = Configuration() +configuration.unstable_operations["delete_sample_log_generation_subscription"] = True +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.delete_sample_log_generation_subscription( + content_pack_id="content_pack_id", + ) + + print(response) diff --git a/examples/v2/security-monitoring/DeleteSecurityMonitoringIntegrationConfig.py b/examples/v2/security-monitoring/DeleteSecurityMonitoringIntegrationConfig.py new file mode 100644 index 0000000000..6bb959c646 --- /dev/null +++ b/examples/v2/security-monitoring/DeleteSecurityMonitoringIntegrationConfig.py @@ -0,0 +1,14 @@ +""" +Delete an entity context sync configuration returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi + +configuration = Configuration() +configuration.unstable_operations["delete_security_monitoring_integration_config"] = True +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + api_instance.delete_security_monitoring_integration_config( + integration_config_id="integration_config_id", + ) diff --git a/examples/v2/security-monitoring/GetEntityContext.py b/examples/v2/security-monitoring/GetEntityContext.py new file mode 100644 index 0000000000..d17b3b0d3e --- /dev/null +++ b/examples/v2/security-monitoring/GetEntityContext.py @@ -0,0 +1,14 @@ +""" +Get entity context returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi + +configuration = Configuration() +configuration.unstable_operations["get_entity_context"] = True +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.get_entity_context() + + print(response) diff --git a/examples/v2/security-monitoring/GetSecurityMonitoringIntegrationConfig.py b/examples/v2/security-monitoring/GetSecurityMonitoringIntegrationConfig.py new file mode 100644 index 0000000000..1337a3f75a --- /dev/null +++ b/examples/v2/security-monitoring/GetSecurityMonitoringIntegrationConfig.py @@ -0,0 +1,16 @@ +""" +Get an entity context sync configuration returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi + +configuration = Configuration() +configuration.unstable_operations["get_security_monitoring_integration_config"] = True +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.get_security_monitoring_integration_config( + integration_config_id="integration_config_id", + ) + + print(response) diff --git a/examples/v2/security-monitoring/GetSignalEntities.py b/examples/v2/security-monitoring/GetSignalEntities.py new file mode 100644 index 0000000000..8d07420e33 --- /dev/null +++ b/examples/v2/security-monitoring/GetSignalEntities.py @@ -0,0 +1,16 @@ +""" +Get entities related to a signal returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi + +configuration = Configuration() +configuration.unstable_operations["get_signal_entities"] = True +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.get_signal_entities( + signal_id="signal_id", + ) + + print(response) diff --git a/examples/v2/security-monitoring/ListSampleLogGenerationSubscriptions.py b/examples/v2/security-monitoring/ListSampleLogGenerationSubscriptions.py new file mode 100644 index 0000000000..e2bb2f6f48 --- /dev/null +++ b/examples/v2/security-monitoring/ListSampleLogGenerationSubscriptions.py @@ -0,0 +1,14 @@ +""" +Get sample log generation subscriptions returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi + +configuration = Configuration() +configuration.unstable_operations["list_sample_log_generation_subscriptions"] = True +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.list_sample_log_generation_subscriptions() + + print(response) diff --git a/examples/v2/security-monitoring/ListSecurityFilterVersions.py b/examples/v2/security-monitoring/ListSecurityFilterVersions.py new file mode 100644 index 0000000000..82746cb01b --- /dev/null +++ b/examples/v2/security-monitoring/ListSecurityFilterVersions.py @@ -0,0 +1,13 @@ +""" +Get the version history of security filters returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.list_security_filter_versions() + + print(response) diff --git a/examples/v2/security-monitoring/ListSecurityMonitoringIntegrationConfigs.py b/examples/v2/security-monitoring/ListSecurityMonitoringIntegrationConfigs.py new file mode 100644 index 0000000000..899a0466b0 --- /dev/null +++ b/examples/v2/security-monitoring/ListSecurityMonitoringIntegrationConfigs.py @@ -0,0 +1,14 @@ +""" +List entity context sync configurations returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi + +configuration = Configuration() +configuration.unstable_operations["list_security_monitoring_integration_configs"] = True +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.list_security_monitoring_integration_configs() + + print(response) diff --git a/examples/v2/security-monitoring/UpdateSecurityMonitoringIntegrationConfig.py b/examples/v2/security-monitoring/UpdateSecurityMonitoringIntegrationConfig.py new file mode 100644 index 0000000000..df7638a4e5 --- /dev/null +++ b/examples/v2/security-monitoring/UpdateSecurityMonitoringIntegrationConfig.py @@ -0,0 +1,49 @@ +""" +Update an entity context sync configuration returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi +from datadog_api_client.v2.model.security_monitoring_integration_config_resource_type import ( + SecurityMonitoringIntegrationConfigResourceType, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_secrets import ( + SecurityMonitoringIntegrationConfigSecrets, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_settings import ( + SecurityMonitoringIntegrationConfigSettings, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_update_attributes import ( + SecurityMonitoringIntegrationConfigUpdateAttributes, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_update_data import ( + SecurityMonitoringIntegrationConfigUpdateData, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_update_request import ( + SecurityMonitoringIntegrationConfigUpdateRequest, +) +from datadog_api_client.v2.model.security_monitoring_integration_type import SecurityMonitoringIntegrationType + +body = SecurityMonitoringIntegrationConfigUpdateRequest( + data=SecurityMonitoringIntegrationConfigUpdateData( + attributes=SecurityMonitoringIntegrationConfigUpdateAttributes( + domain="siem-test.com", + enabled=True, + integration_type=SecurityMonitoringIntegrationType.GOOGLE_WORKSPACE, + name="My GWS Integration (renamed)", + secrets=SecurityMonitoringIntegrationConfigSecrets([("admin_email", "test@example.com")]), + settings=SecurityMonitoringIntegrationConfigSettings([("setting1", "value1")]), + ), + type=SecurityMonitoringIntegrationConfigResourceType.INTEGRATION_CONFIG, + ), +) + +configuration = Configuration() +configuration.unstable_operations["update_security_monitoring_integration_config"] = True +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.update_security_monitoring_integration_config( + integration_config_id="integration_config_id", body=body + ) + + print(response) diff --git a/examples/v2/security-monitoring/ValidateSecurityMonitoringIntegrationConfig.py b/examples/v2/security-monitoring/ValidateSecurityMonitoringIntegrationConfig.py new file mode 100644 index 0000000000..f70b6f1d9d --- /dev/null +++ b/examples/v2/security-monitoring/ValidateSecurityMonitoringIntegrationConfig.py @@ -0,0 +1,14 @@ +""" +Validate an entity context sync configuration returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi + +configuration = Configuration() +configuration.unstable_operations["validate_security_monitoring_integration_config"] = True +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + api_instance.validate_security_monitoring_integration_config( + integration_config_id="integration_config_id", + ) diff --git a/examples/v2/security-monitoring/ValidateSecurityMonitoringIntegrationCredentials.py b/examples/v2/security-monitoring/ValidateSecurityMonitoringIntegrationCredentials.py new file mode 100644 index 0000000000..1b5b48f65d --- /dev/null +++ b/examples/v2/security-monitoring/ValidateSecurityMonitoringIntegrationCredentials.py @@ -0,0 +1,39 @@ +""" +Validate entity context sync credentials returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi +from datadog_api_client.v2.model.security_monitoring_integration_config_resource_type import ( + SecurityMonitoringIntegrationConfigResourceType, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_secrets import ( + SecurityMonitoringIntegrationConfigSecrets, +) +from datadog_api_client.v2.model.security_monitoring_integration_credentials_validate_attributes import ( + SecurityMonitoringIntegrationCredentialsValidateAttributes, +) +from datadog_api_client.v2.model.security_monitoring_integration_credentials_validate_data import ( + SecurityMonitoringIntegrationCredentialsValidateData, +) +from datadog_api_client.v2.model.security_monitoring_integration_credentials_validate_request import ( + SecurityMonitoringIntegrationCredentialsValidateRequest, +) +from datadog_api_client.v2.model.security_monitoring_integration_type import SecurityMonitoringIntegrationType + +body = SecurityMonitoringIntegrationCredentialsValidateRequest( + data=SecurityMonitoringIntegrationCredentialsValidateData( + attributes=SecurityMonitoringIntegrationCredentialsValidateAttributes( + domain="siem-test.com", + integration_type=SecurityMonitoringIntegrationType.GOOGLE_WORKSPACE, + secrets=SecurityMonitoringIntegrationConfigSecrets([("admin_email", "test@example.com")]), + ), + type=SecurityMonitoringIntegrationConfigResourceType.INTEGRATION_CONFIG, + ), +) + +configuration = Configuration() +configuration.unstable_operations["validate_security_monitoring_integration_credentials"] = True +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + api_instance.validate_security_monitoring_integration_credentials(body=body) diff --git a/src/datadog_api_client/configuration.py b/src/datadog_api_client/configuration.py index 9aafd042c7..0103568f42 100644 --- a/src/datadog_api_client/configuration.py +++ b/src/datadog_api_client/configuration.py @@ -368,14 +368,20 @@ def __init__( "v2.get_aws_cloud_auth_persona_mapping": False, "v2.list_aws_cloud_auth_persona_mappings": False, "v2.activate_content_pack": False, + "v2.bulk_create_sample_log_generation_subscriptions": False, "v2.bulk_export_security_monitoring_terraform_resources": False, "v2.cancel_historical_job": False, "v2.convert_job_result_to_signal": False, "v2.convert_security_monitoring_terraform_resource": False, + "v2.create_sample_log_generation_subscription": False, + "v2.create_security_monitoring_integration_config": False, "v2.deactivate_content_pack": False, "v2.delete_historical_job": False, + "v2.delete_sample_log_generation_subscription": False, + "v2.delete_security_monitoring_integration_config": False, "v2.export_security_monitoring_terraform_resource": False, "v2.get_content_packs_states": False, + "v2.get_entity_context": False, "v2.get_finding": False, "v2.get_historical_job": False, "v2.get_indicator_of_compromise": False, @@ -383,18 +389,25 @@ def __init__( "v2.get_secrets_rules": False, "v2.get_security_monitoring_histsignal": False, "v2.get_security_monitoring_histsignals_by_job_id": False, + "v2.get_security_monitoring_integration_config": False, + "v2.get_signal_entities": False, "v2.list_findings": False, "v2.list_historical_jobs": False, "v2.list_indicators_of_compromise": False, "v2.list_multiple_rulesets": False, + "v2.list_sample_log_generation_subscriptions": False, "v2.list_scanned_assets_metadata": False, "v2.list_security_monitoring_histsignals": False, + "v2.list_security_monitoring_integration_configs": False, "v2.list_vulnerabilities": False, "v2.list_vulnerable_assets": False, "v2.mute_findings": False, "v2.mute_security_findings": False, "v2.run_historical_job": False, "v2.search_security_monitoring_histsignals": False, + "v2.update_security_monitoring_integration_config": False, + "v2.validate_security_monitoring_integration_config": False, + "v2.validate_security_monitoring_integration_credentials": False, "v2.get_code_coverage_branch_summary": False, "v2.get_code_coverage_commit_summary": False, "v2.get_rule_based_view": False, diff --git a/src/datadog_api_client/v2/api/security_monitoring_api.py b/src/datadog_api_client/v2/api/security_monitoring_api.py index 2edf1af702..787027fe1d 100644 --- a/src/datadog_api_client/v2/api/security_monitoring_api.py +++ b/src/datadog_api_client/v2/api/security_monitoring_api.py @@ -82,9 +82,26 @@ from datadog_api_client.v2.model.security_monitoring_critical_asset_update_request import ( SecurityMonitoringCriticalAssetUpdateRequest, ) +from datadog_api_client.v2.model.security_monitoring_integration_configs_response import ( + SecurityMonitoringIntegrationConfigsResponse, +) +from datadog_api_client.v2.model.security_monitoring_integration_type import SecurityMonitoringIntegrationType +from datadog_api_client.v2.model.security_monitoring_integration_config_response import ( + SecurityMonitoringIntegrationConfigResponse, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_create_request import ( + SecurityMonitoringIntegrationConfigCreateRequest, +) +from datadog_api_client.v2.model.security_monitoring_integration_credentials_validate_request import ( + SecurityMonitoringIntegrationCredentialsValidateRequest, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_update_request import ( + SecurityMonitoringIntegrationConfigUpdateRequest, +) from datadog_api_client.v2.model.security_filters_response import SecurityFiltersResponse from datadog_api_client.v2.model.security_filter_response import SecurityFilterResponse from datadog_api_client.v2.model.security_filter_create_request import SecurityFilterCreateRequest +from datadog_api_client.v2.model.security_filter_versions_response import SecurityFilterVersionsResponse from datadog_api_client.v2.model.security_filter_update_request import SecurityFilterUpdateRequest from datadog_api_client.v2.model.security_monitoring_paginated_suppressions_response import ( SecurityMonitoringPaginatedSuppressionsResponse, @@ -110,6 +127,7 @@ from datadog_api_client.v2.model.security_monitoring_content_pack_states_response import ( SecurityMonitoringContentPackStatesResponse, ) +from datadog_api_client.v2.model.entity_context_response import EntityContextResponse from datadog_api_client.v2.model.security_monitoring_list_rules_response import SecurityMonitoringListRulesResponse from datadog_api_client.v2.model.security_monitoring_rule_sort import SecurityMonitoringRuleSort from datadog_api_client.v2.model.security_monitoring_rule_response import SecurityMonitoringRuleResponse @@ -132,6 +150,24 @@ from datadog_api_client.v2.model.cloud_configuration_rule_payload import CloudConfigurationRulePayload from datadog_api_client.v2.model.security_monitoring_rule_update_payload import SecurityMonitoringRuleUpdatePayload from datadog_api_client.v2.model.get_rule_version_history_response import GetRuleVersionHistoryResponse +from datadog_api_client.v2.model.sample_log_generation_subscriptions_response import ( + SampleLogGenerationSubscriptionsResponse, +) +from datadog_api_client.v2.model.sample_log_generation_subscriptions_status_filter import ( + SampleLogGenerationSubscriptionsStatusFilter, +) +from datadog_api_client.v2.model.sample_log_generation_subscription_response import ( + SampleLogGenerationSubscriptionResponse, +) +from datadog_api_client.v2.model.sample_log_generation_subscription_create_request import ( + SampleLogGenerationSubscriptionCreateRequest, +) +from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_response import ( + SampleLogGenerationBulkSubscriptionResponse, +) +from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_request import ( + SampleLogGenerationBulkSubscriptionRequest, +) from datadog_api_client.v2.model.security_monitoring_signals_list_response import SecurityMonitoringSignalsListResponse from datadog_api_client.v2.model.security_monitoring_signals_sort import SecurityMonitoringSignalsSort from datadog_api_client.v2.model.security_monitoring_signal import SecurityMonitoringSignal @@ -155,6 +191,7 @@ from datadog_api_client.v2.model.security_monitoring_signal_assignee_update_request import ( SecurityMonitoringSignalAssigneeUpdateRequest, ) +from datadog_api_client.v2.model.signal_entities_response import SignalEntitiesResponse from datadog_api_client.v2.model.security_monitoring_signal_incidents_update_request import ( SecurityMonitoringSignalIncidentsUpdateRequest, ) @@ -266,6 +303,26 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._bulk_create_sample_log_generation_subscriptions_endpoint = _Endpoint( + settings={ + "response_type": (SampleLogGenerationBulkSubscriptionResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security_monitoring/sample_log_generation/subscriptions/bulk", + "operation_id": "bulk_create_sample_log_generation_subscriptions", + "http_method": "POST", + "version": "v2", + }, + params_map={ + "body": { + "required": True, + "openapi_types": (SampleLogGenerationBulkSubscriptionRequest,), + "location": "body", + }, + }, + headers_map={"accept": ["application/json"], "content_type": ["application/json"]}, + api_client=api_client, + ) + self._bulk_delete_security_monitoring_rules_endpoint = _Endpoint( settings={ "response_type": (SecurityMonitoringRuleBulkDeleteResponse,), @@ -564,6 +621,26 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._create_sample_log_generation_subscription_endpoint = _Endpoint( + settings={ + "response_type": (SampleLogGenerationSubscriptionResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security_monitoring/sample_log_generation/subscriptions", + "operation_id": "create_sample_log_generation_subscription", + "http_method": "POST", + "version": "v2", + }, + params_map={ + "body": { + "required": True, + "openapi_types": (SampleLogGenerationSubscriptionCreateRequest,), + "location": "body", + }, + }, + headers_map={"accept": ["application/json"], "content_type": ["application/json"]}, + api_client=api_client, + ) + self._create_security_filter_endpoint = _Endpoint( settings={ "response_type": (SecurityFilterResponse,), @@ -604,6 +681,26 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._create_security_monitoring_integration_config_endpoint = _Endpoint( + settings={ + "response_type": (SecurityMonitoringIntegrationConfigResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security_monitoring/configuration/integration_config", + "operation_id": "create_security_monitoring_integration_config", + "http_method": "POST", + "version": "v2", + }, + params_map={ + "body": { + "required": True, + "openapi_types": (SecurityMonitoringIntegrationConfigCreateRequest,), + "location": "body", + }, + }, + headers_map={"accept": ["application/json"], "content_type": ["application/json"]}, + api_client=api_client, + ) + self._create_security_monitoring_rule_endpoint = _Endpoint( settings={ "response_type": (SecurityMonitoringRuleResponse,), @@ -759,6 +856,29 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._delete_sample_log_generation_subscription_endpoint = _Endpoint( + settings={ + "response_type": (SampleLogGenerationSubscriptionResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security_monitoring/sample_log_generation/subscriptions/{content_pack_id}", + "operation_id": "delete_sample_log_generation_subscription", + "http_method": "DELETE", + "version": "v2", + }, + params_map={ + "content_pack_id": { + "required": True, + "openapi_types": (str,), + "attribute": "content_pack_id", + "location": "path", + }, + }, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + self._delete_security_filter_endpoint = _Endpoint( settings={ "response_type": None, @@ -805,6 +925,29 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._delete_security_monitoring_integration_config_endpoint = _Endpoint( + settings={ + "response_type": None, + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security_monitoring/configuration/integration_config/{integration_config_id}", + "operation_id": "delete_security_monitoring_integration_config", + "http_method": "DELETE", + "version": "v2", + }, + params_map={ + "integration_config_id": { + "required": True, + "openapi_types": (str,), + "attribute": "integration_config_id", + "location": "path", + }, + }, + headers_map={ + "accept": ["*/*"], + }, + api_client=api_client, + ) + self._delete_security_monitoring_rule_endpoint = _Endpoint( settings={ "response_type": None, @@ -1118,6 +1261,53 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._get_entity_context_endpoint = _Endpoint( + settings={ + "response_type": (EntityContextResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security_monitoring/entity_context", + "operation_id": "get_entity_context", + "http_method": "GET", + "version": "v2", + }, + params_map={ + "query": { + "openapi_types": (str,), + "attribute": "query", + "location": "query", + }, + "_from": { + "openapi_types": (str,), + "attribute": "from", + "location": "query", + }, + "to": { + "openapi_types": (str,), + "attribute": "to", + "location": "query", + }, + "as_of": { + "openapi_types": (str,), + "attribute": "as_of", + "location": "query", + }, + "limit": { + "openapi_types": (int,), + "attribute": "limit", + "location": "query", + }, + "page_token": { + "openapi_types": (str,), + "attribute": "page_token", + "location": "query", + }, + }, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + self._get_finding_endpoint = _Endpoint( settings={ "response_type": (GetFindingResponse,), @@ -1463,6 +1653,29 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._get_security_monitoring_integration_config_endpoint = _Endpoint( + settings={ + "response_type": (SecurityMonitoringIntegrationConfigResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security_monitoring/configuration/integration_config/{integration_config_id}", + "operation_id": "get_security_monitoring_integration_config", + "http_method": "GET", + "version": "v2", + }, + params_map={ + "integration_config_id": { + "required": True, + "openapi_types": (str,), + "attribute": "integration_config_id", + "location": "path", + }, + }, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + self._get_security_monitoring_rule_endpoint = _Endpoint( settings={ "response_type": (SecurityMonitoringRuleResponse,), @@ -1532,6 +1745,37 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._get_signal_entities_endpoint = _Endpoint( + settings={ + "response_type": (SignalEntitiesResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security_monitoring/signals/{signal_id}/entities", + "operation_id": "get_signal_entities", + "http_method": "GET", + "version": "v2", + }, + params_map={ + "signal_id": { + "required": True, + "openapi_types": (str,), + "attribute": "signal_id", + "location": "path", + }, + "limit": { + "validation": { + "inclusive_maximum": 1000, + }, + "openapi_types": (int,), + "attribute": "limit", + "location": "query", + }, + }, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + self._get_signal_notification_rule_endpoint = _Endpoint( settings={ "response_type": (NotificationRuleResponse,), @@ -1974,6 +2218,38 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._list_sample_log_generation_subscriptions_endpoint = _Endpoint( + settings={ + "response_type": (SampleLogGenerationSubscriptionsResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security_monitoring/sample_log_generation/subscriptions", + "operation_id": "list_sample_log_generation_subscriptions", + "http_method": "GET", + "version": "v2", + }, + params_map={ + "status": { + "openapi_types": (SampleLogGenerationSubscriptionsStatusFilter,), + "attribute": "status", + "location": "query", + }, + "start_timestamp": { + "openapi_types": (datetime,), + "attribute": "start_timestamp", + "location": "query", + }, + "end_timestamp": { + "openapi_types": (datetime,), + "attribute": "end_timestamp", + "location": "query", + }, + }, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + self._list_scanned_assets_metadata_endpoint = _Endpoint( settings={ "response_type": (ScannedAssetsMetadata,), @@ -2040,6 +2316,22 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._list_security_filter_versions_endpoint = _Endpoint( + settings={ + "response_type": (SecurityFilterVersionsResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security_monitoring/configuration/security_filters/versions", + "operation_id": "list_security_filter_versions", + "http_method": "GET", + "version": "v2", + }, + params_map={}, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + self._list_security_findings_endpoint = _Endpoint( settings={ "response_type": (ListSecurityFindingsResponse,), @@ -2147,6 +2439,28 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._list_security_monitoring_integration_configs_endpoint = _Endpoint( + settings={ + "response_type": (SecurityMonitoringIntegrationConfigsResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security_monitoring/configuration/integration_config", + "operation_id": "list_security_monitoring_integration_configs", + "http_method": "GET", + "version": "v2", + }, + params_map={ + "filter_integration_type": { + "openapi_types": (SecurityMonitoringIntegrationType,), + "attribute": "filter[integration_type]", + "location": "query", + }, + }, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + self._list_security_monitoring_rules_endpoint = _Endpoint( settings={ "response_type": (SecurityMonitoringListRulesResponse,), @@ -2943,6 +3257,32 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._update_security_monitoring_integration_config_endpoint = _Endpoint( + settings={ + "response_type": (SecurityMonitoringIntegrationConfigResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security_monitoring/configuration/integration_config/{integration_config_id}", + "operation_id": "update_security_monitoring_integration_config", + "http_method": "PATCH", + "version": "v2", + }, + params_map={ + "integration_config_id": { + "required": True, + "openapi_types": (str,), + "attribute": "integration_config_id", + "location": "path", + }, + "body": { + "required": True, + "openapi_types": (SecurityMonitoringIntegrationConfigUpdateRequest,), + "location": "body", + }, + }, + headers_map={"accept": ["application/json"], "content_type": ["application/json"]}, + api_client=api_client, + ) + self._update_security_monitoring_rule_endpoint = _Endpoint( settings={ "response_type": (SecurityMonitoringRuleResponse,), @@ -2995,6 +3335,49 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._validate_security_monitoring_integration_config_endpoint = _Endpoint( + settings={ + "response_type": None, + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security_monitoring/configuration/integration_config/{integration_config_id}/validate", + "operation_id": "validate_security_monitoring_integration_config", + "http_method": "POST", + "version": "v2", + }, + params_map={ + "integration_config_id": { + "required": True, + "openapi_types": (str,), + "attribute": "integration_config_id", + "location": "path", + }, + }, + headers_map={ + "accept": ["*/*"], + }, + api_client=api_client, + ) + + self._validate_security_monitoring_integration_credentials_endpoint = _Endpoint( + settings={ + "response_type": None, + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security_monitoring/configuration/integration_config/validate", + "operation_id": "validate_security_monitoring_integration_credentials", + "http_method": "POST", + "version": "v2", + }, + params_map={ + "body": { + "required": True, + "openapi_types": (SecurityMonitoringIntegrationCredentialsValidateRequest,), + "location": "body", + }, + }, + headers_map={"accept": ["*/*"], "content_type": ["application/json"]}, + api_client=api_client, + ) + self._validate_security_monitoring_rule_endpoint = _Endpoint( settings={ "response_type": None, @@ -3093,6 +3476,29 @@ def attach_jira_issue( return self._attach_jira_issue_endpoint.call_with_http_info(**kwargs) + def bulk_create_sample_log_generation_subscriptions( + self, + body: SampleLogGenerationBulkSubscriptionRequest, + ) -> SampleLogGenerationBulkSubscriptionResponse: + """Bulk subscribe to sample log generation. + + Subscribe to sample log generation for multiple Cloud SIEM content packs in a single call. + Each requested content pack is processed independently; the response includes a per-item + status so partial successes can be inspected. + + **Availability** : this endpoint is restricted to Cloud SIEM trial organizations on an + eligible pricing model. Non-trial orgs receive ``403 Forbidden`` , the feature flag may also reject + requests with ``400 Bad Request`` , and legacy pricing tiers receive per-item responses with ``status: not_available``. + + :param body: The content packs to subscribe to and the desired duration of the subscriptions. + :type body: SampleLogGenerationBulkSubscriptionRequest + :rtype: SampleLogGenerationBulkSubscriptionResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["body"] = body + + return self._bulk_create_sample_log_generation_subscriptions_endpoint.call_with_http_info(**kwargs) + def bulk_delete_security_monitoring_rules( self, body: SecurityMonitoringRuleBulkDeletePayload, @@ -3364,6 +3770,29 @@ def create_jira_issues( return self._create_jira_issues_endpoint.call_with_http_info(**kwargs) + def create_sample_log_generation_subscription( + self, + body: SampleLogGenerationSubscriptionCreateRequest, + ) -> SampleLogGenerationSubscriptionResponse: + """Subscribe to sample log generation. + + Subscribe to sample log generation for a Cloud SIEM content pack. Sample logs for the + requested content pack are injected into the Logs platform for the duration of the subscription, + so detection rules can be exercised without onboarding the underlying integration first. + + **Availability** : this endpoint is restricted to Cloud SIEM trial organizations on an + eligible pricing model. Non-trial orgs receive ``403 Forbidden`` , the feature flag may also reject + requests with ``400 Bad Request`` , and legacy pricing tiers receive a response with ``status: not_available``. + + :param body: The content pack to subscribe to and the desired duration of the subscription. + :type body: SampleLogGenerationSubscriptionCreateRequest + :rtype: SampleLogGenerationSubscriptionResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["body"] = body + + return self._create_sample_log_generation_subscription_endpoint.call_with_http_info(**kwargs) + def create_security_filter( self, body: SecurityFilterCreateRequest, @@ -3401,6 +3830,25 @@ def create_security_monitoring_critical_asset( return self._create_security_monitoring_critical_asset_endpoint.call_with_http_info(**kwargs) + def create_security_monitoring_integration_config( + self, + body: SecurityMonitoringIntegrationConfigCreateRequest, + ) -> SecurityMonitoringIntegrationConfigResponse: + """Create an entity context sync configuration. + + Create a new entity context sync configuration so Cloud SIEM can ingest entities from an external + source. The credentials provided in ``secrets`` are validated against the source before the configuration + is stored and never returned in subsequent responses. + + :param body: The definition of the new integration configuration. + :type body: SecurityMonitoringIntegrationConfigCreateRequest + :rtype: SecurityMonitoringIntegrationConfigResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["body"] = body + + return self._create_security_monitoring_integration_config_endpoint.call_with_http_info(**kwargs) + def create_security_monitoring_rule( self, body: Union[ @@ -3532,6 +3980,28 @@ def delete_historical_job( return self._delete_historical_job_endpoint.call_with_http_info(**kwargs) + def delete_sample_log_generation_subscription( + self, + content_pack_id: str, + ) -> SampleLogGenerationSubscriptionResponse: + """Unsubscribe from sample log generation. + + Unsubscribe from sample log generation for a Cloud SIEM content pack. + After unsubscribing, no more sample logs are generated for the requested content pack. + + **Availability** : this endpoint is restricted to Cloud SIEM trial organizations on an + eligible pricing model. Non-trial orgs receive ``403 Forbidden`` , the feature flag may also reject + requests with ``400 Bad Request`` , and legacy pricing tiers receive a response with ``status: not_available``. + + :param content_pack_id: The identifier of the Cloud SIEM content pack to operate on (for example, ``aws-cloudtrail`` ). + :type content_pack_id: str + :rtype: SampleLogGenerationSubscriptionResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["content_pack_id"] = content_pack_id + + return self._delete_sample_log_generation_subscription_endpoint.call_with_http_info(**kwargs) + def delete_security_filter( self, security_filter_id: str, @@ -3566,6 +4036,24 @@ def delete_security_monitoring_critical_asset( return self._delete_security_monitoring_critical_asset_endpoint.call_with_http_info(**kwargs) + def delete_security_monitoring_integration_config( + self, + integration_config_id: str, + ) -> None: + """Delete an entity context sync configuration. + + Delete an entity context sync configuration. Cloud SIEM stops ingesting entities from this source, + and the credentials stored for the configuration are removed from the secrets store. + + :param integration_config_id: The ID of the entity context sync configuration. + :type integration_config_id: str + :rtype: None + """ + kwargs: Dict[str, Any] = {} + kwargs["integration_config_id"] = integration_config_id + + return self._delete_security_monitoring_integration_config_endpoint.call_with_http_info(**kwargs) + def delete_security_monitoring_rule( self, rule_id: str, @@ -3815,6 +4303,62 @@ def get_custom_framework( return self._get_custom_framework_endpoint.call_with_http_info(**kwargs) + def get_entity_context( + self, + *, + query: Union[str, UnsetType] = unset, + _from: Union[str, UnsetType] = unset, + to: Union[str, UnsetType] = unset, + as_of: Union[str, UnsetType] = unset, + limit: Union[int, UnsetType] = unset, + page_token: Union[str, UnsetType] = unset, + ) -> EntityContextResponse: + """Get entity context. + + Search the Cloud SIEM entity context store for entities that match a query, and return the historical + revisions of each entity in the requested time range. The endpoint can either return revisions across an + interval ( ``from`` / ``to`` ) or the snapshot of each entity at a single point in time ( ``as_of`` ); the two modes + are mutually exclusive. + + :param query: A free-text query (for example, an email address or principal ID) used to filter the entities returned. + :type query: str, optional + :param _from: The start of the time range to query, as an RFC3339 timestamp or a relative time (for example, ``now-7d`` ). + Defaults to ``now-7d``. Ignored when ``as_of`` is set. + :type _from: str, optional + :param to: The end of the time range to query, as an RFC3339 timestamp or a relative time (for example, ``now`` ). + Defaults to ``now``. Ignored when ``as_of`` is set. + :type to: str, optional + :param as_of: A point in time at which to query the entity revisions, as an RFC3339 timestamp, a Unix timestamp + (in seconds), or a relative time (for example, ``now-1d`` ). When set, ``from`` and ``to`` are ignored. + Cannot be combined with custom ``from`` / ``to`` values. + :type as_of: str, optional + :param limit: The maximum number of entities to return. + :type limit: int, optional + :param page_token: An opaque token used to fetch the next page of results, as returned in ``meta.page.next_token`` of a previous response. + :type page_token: str, optional + :rtype: EntityContextResponse + """ + kwargs: Dict[str, Any] = {} + if query is not unset: + kwargs["query"] = query + + if _from is not unset: + kwargs["_from"] = _from + + if to is not unset: + kwargs["to"] = to + + if as_of is not unset: + kwargs["as_of"] = as_of + + if limit is not unset: + kwargs["limit"] = limit + + if page_token is not unset: + kwargs["page_token"] = page_token + + return self._get_entity_context_endpoint.call_with_http_info(**kwargs) + def get_finding( self, finding_id: str, @@ -4106,6 +4650,23 @@ def get_security_monitoring_histsignals_by_job_id( return self._get_security_monitoring_histsignals_by_job_id_endpoint.call_with_http_info(**kwargs) + def get_security_monitoring_integration_config( + self, + integration_config_id: str, + ) -> SecurityMonitoringIntegrationConfigResponse: + """Get an entity context sync configuration. + + Get the details of a specific entity context sync configuration. + + :param integration_config_id: The ID of the entity context sync configuration. + :type integration_config_id: str + :rtype: SecurityMonitoringIntegrationConfigResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["integration_config_id"] = integration_config_id + + return self._get_security_monitoring_integration_config_endpoint.call_with_http_info(**kwargs) + def get_security_monitoring_rule( self, rule_id: str, @@ -4157,6 +4718,30 @@ def get_security_monitoring_suppression( return self._get_security_monitoring_suppression_endpoint.call_with_http_info(**kwargs) + def get_signal_entities( + self, + signal_id: str, + *, + limit: Union[int, UnsetType] = unset, + ) -> SignalEntitiesResponse: + """Get entities related to a signal. + + Get the list of entities related to a security signal, captured at the signal's timestamp. + + :param signal_id: The ID of the signal. + :type signal_id: str + :param limit: The maximum number of entities to return. + :type limit: int, optional + :rtype: SignalEntitiesResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["signal_id"] = signal_id + + if limit is not unset: + kwargs["limit"] = limit + + return self._get_signal_entities_endpoint.call_with_http_info(**kwargs) + def get_signal_notification_rule( self, id: str, @@ -4732,6 +5317,48 @@ def list_multiple_rulesets( return self._list_multiple_rulesets_endpoint.call_with_http_info(**kwargs) + def list_sample_log_generation_subscriptions( + self, + *, + status: Union[SampleLogGenerationSubscriptionsStatusFilter, UnsetType] = unset, + start_timestamp: Union[datetime, UnsetType] = unset, + end_timestamp: Union[datetime, UnsetType] = unset, + ) -> SampleLogGenerationSubscriptionsResponse: + """Get sample log generation subscriptions. + + Get the sample log generation subscriptions for the organization. + Sample log generation injects representative example logs for a given Cloud SIEM content pack into the Logs platform, + which can be used to test detection rules without onboarding the underlying integration first. + + **Availability** : this endpoint is restricted to Cloud SIEM trial organizations on an eligible + pricing model. Other organizations receive a ``403 Forbidden`` (non-trial orgs) or a ``400 Bad Request`` + (feature disabled), and legacy pricing tiers receive a response with ``status: not_available``. + + :param status: Filter the subscriptions by status. Use ``active`` to return only currently active + subscriptions, or ``all`` to return every subscription including expired ones. + Ignored when ``start_timestamp`` is provided. Defaults to ``active``. + :type status: SampleLogGenerationSubscriptionsStatusFilter, optional + :param start_timestamp: The start of the time range, as an RFC3339 timestamp. When provided, the response includes + every subscription that was active at any point in ``[start_timestamp, end_timestamp]`` , + and the ``status`` filter is ignored. + :type start_timestamp: datetime, optional + :param end_timestamp: The end of the time range, as an RFC3339 timestamp. Ignored unless ``start_timestamp`` is set. + Defaults to the current time when ``start_timestamp`` is provided. + :type end_timestamp: datetime, optional + :rtype: SampleLogGenerationSubscriptionsResponse + """ + kwargs: Dict[str, Any] = {} + if status is not unset: + kwargs["status"] = status + + if start_timestamp is not unset: + kwargs["start_timestamp"] = start_timestamp + + if end_timestamp is not unset: + kwargs["end_timestamp"] = end_timestamp + + return self._list_sample_log_generation_subscriptions_endpoint.call_with_http_info(**kwargs) + def list_scanned_assets_metadata( self, *, @@ -4861,6 +5488,20 @@ def list_security_filters( kwargs: Dict[str, Any] = {} return self._list_security_filters_endpoint.call_with_http_info(**kwargs) + def list_security_filter_versions( + self, + ) -> SecurityFilterVersionsResponse: + """Get the version history of security filters. + + Get the configured security filters at each historical version of the configuration. + Each entry in the response represents the set of all security filters at a given version, + ordered from the most recent version to the oldest. + + :rtype: SecurityFilterVersionsResponse + """ + kwargs: Dict[str, Any] = {} + return self._list_security_filter_versions_endpoint.call_with_http_info(**kwargs) + def list_security_findings( self, *, @@ -5015,6 +5656,27 @@ def list_security_monitoring_histsignals( return self._list_security_monitoring_histsignals_endpoint.call_with_http_info(**kwargs) + def list_security_monitoring_integration_configs( + self, + *, + filter_integration_type: Union[SecurityMonitoringIntegrationType, UnsetType] = unset, + ) -> SecurityMonitoringIntegrationConfigsResponse: + """List entity context sync configurations. + + List the entity context sync configurations for Cloud SIEM. Each configuration connects Cloud SIEM + to an external source that provides entities (for example, users from an identity provider) for use + in signals and the entity explorer. + + :param filter_integration_type: Filter the entity context sync configurations by source type. + :type filter_integration_type: SecurityMonitoringIntegrationType, optional + :rtype: SecurityMonitoringIntegrationConfigsResponse + """ + kwargs: Dict[str, Any] = {} + if filter_integration_type is not unset: + kwargs["filter_integration_type"] = filter_integration_type + + return self._list_security_monitoring_integration_configs_endpoint.call_with_http_info(**kwargs) + def list_security_monitoring_rules( self, *, @@ -6038,6 +6700,28 @@ def update_security_monitoring_critical_asset( return self._update_security_monitoring_critical_asset_endpoint.call_with_http_info(**kwargs) + def update_security_monitoring_integration_config( + self, + integration_config_id: str, + body: SecurityMonitoringIntegrationConfigUpdateRequest, + ) -> SecurityMonitoringIntegrationConfigResponse: + """Update an entity context sync configuration. + + Update an existing entity context sync configuration. Supports partial updates; only the fields provided in the request body are modified. + + :param integration_config_id: The ID of the entity context sync configuration. + :type integration_config_id: str + :param body: The fields to update on the integration configuration. + :type body: SecurityMonitoringIntegrationConfigUpdateRequest + :rtype: SecurityMonitoringIntegrationConfigResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["integration_config_id"] = integration_config_id + + kwargs["body"] = body + + return self._update_security_monitoring_integration_config_endpoint.call_with_http_info(**kwargs) + def update_security_monitoring_rule( self, rule_id: str, @@ -6084,6 +6768,42 @@ def update_security_monitoring_suppression( return self._update_security_monitoring_suppression_endpoint.call_with_http_info(**kwargs) + def validate_security_monitoring_integration_config( + self, + integration_config_id: str, + ) -> None: + """Validate an entity context sync configuration. + + Validate the credentials currently stored on an existing entity context sync configuration. + Returns a 200 status code if the credentials are still valid against the external entity source. + + :param integration_config_id: The ID of the entity context sync configuration. + :type integration_config_id: str + :rtype: None + """ + kwargs: Dict[str, Any] = {} + kwargs["integration_config_id"] = integration_config_id + + return self._validate_security_monitoring_integration_config_endpoint.call_with_http_info(**kwargs) + + def validate_security_monitoring_integration_credentials( + self, + body: SecurityMonitoringIntegrationCredentialsValidateRequest, + ) -> None: + """Validate entity context sync credentials. + + Validate a set of credentials against the external entity source before creating a sync configuration. + Returns a 200 status code if the credentials are valid. + + :param body: The credentials to validate. + :type body: SecurityMonitoringIntegrationCredentialsValidateRequest + :rtype: None + """ + kwargs: Dict[str, Any] = {} + kwargs["body"] = body + + return self._validate_security_monitoring_integration_credentials_endpoint.call_with_http_info(**kwargs) + def validate_security_monitoring_rule( self, body: Union[ diff --git a/src/datadog_api_client/v2/model/entity_context_entity.py b/src/datadog_api_client/v2/model/entity_context_entity.py new file mode 100644 index 0000000000..58dc2aa422 --- /dev/null +++ b/src/datadog_api_client/v2/model/entity_context_entity.py @@ -0,0 +1,54 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.entity_context_entity_attributes import EntityContextEntityAttributes + + +class EntityContextEntity(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.entity_context_entity_attributes import EntityContextEntityAttributes + + return { + "attributes": (EntityContextEntityAttributes,), + "id": (str,), + "type": (str,), + } + + attribute_map = { + "attributes": "attributes", + "id": "id", + "type": "type", + } + + def __init__(self_, attributes: EntityContextEntityAttributes, id: str, **kwargs): + """ + A single entity returned by the entity context endpoint. + + :param attributes: The attributes of an entity context entry, grouping all the historical revisions of the entity. + :type attributes: EntityContextEntityAttributes + + :param id: The unique identifier of the entity. + :type id: str + + :param type: The type of the entity. Reflects the underlying entity kind from the entity context store + (for example, ``siem_entity_identity`` for identities). Defaults to ``entity`` when the kind is unknown. + :type type: str + """ + super().__init__(kwargs) + type = kwargs.get("type", "entity") + + self_.attributes = attributes + self_.id = id + self_.type = type diff --git a/src/datadog_api_client/v2/model/entity_context_entity_attributes.py b/src/datadog_api_client/v2/model/entity_context_entity_attributes.py new file mode 100644 index 0000000000..6624cb372b --- /dev/null +++ b/src/datadog_api_client/v2/model/entity_context_entity_attributes.py @@ -0,0 +1,40 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.entity_context_revision import EntityContextRevision + + +class EntityContextEntityAttributes(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.entity_context_revision import EntityContextRevision + + return { + "revisions": ([EntityContextRevision],), + } + + attribute_map = { + "revisions": "revisions", + } + + def __init__(self_, revisions: List[EntityContextRevision], **kwargs): + """ + The attributes of an entity context entry, grouping all the historical revisions of the entity. + + :param revisions: The historical revisions of the entity, ordered chronologically. + :type revisions: [EntityContextRevision] + """ + super().__init__(kwargs) + + self_.revisions = revisions diff --git a/src/datadog_api_client/v2/model/entity_context_page.py b/src/datadog_api_client/v2/model/entity_context_page.py new file mode 100644 index 0000000000..c9e6a5d2f3 --- /dev/null +++ b/src/datadog_api_client/v2/model/entity_context_page.py @@ -0,0 +1,33 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +class EntityContextPage(ModelNormal): + @cached_property + def openapi_types(_): + return { + "next_token": (str,), + } + + attribute_map = { + "next_token": "next_token", + } + + def __init__(self_, next_token: str, **kwargs): + """ + Pagination metadata for the entity context response. + + :param next_token: An opaque token to pass as ``page_token`` in a subsequent request to retrieve the next page of results. Empty when there are no more results. + :type next_token: str + """ + super().__init__(kwargs) + + self_.next_token = next_token diff --git a/src/datadog_api_client/v2/model/entity_context_response.py b/src/datadog_api_client/v2/model/entity_context_response.py new file mode 100644 index 0000000000..58c702073a --- /dev/null +++ b/src/datadog_api_client/v2/model/entity_context_response.py @@ -0,0 +1,48 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.entity_context_entity import EntityContextEntity + from datadog_api_client.v2.model.entity_context_response_meta import EntityContextResponseMeta + + +class EntityContextResponse(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.entity_context_entity import EntityContextEntity + from datadog_api_client.v2.model.entity_context_response_meta import EntityContextResponseMeta + + return { + "data": ([EntityContextEntity],), + "meta": (EntityContextResponseMeta,), + } + + attribute_map = { + "data": "data", + "meta": "meta", + } + + def __init__(self_, data: List[EntityContextEntity], meta: EntityContextResponseMeta, **kwargs): + """ + Response from the entity context endpoint, containing the matching entities and pagination metadata. + + :param data: The list of entities matching the query. + :type data: [EntityContextEntity] + + :param meta: Metadata returned alongside the entity context response. + :type meta: EntityContextResponseMeta + """ + super().__init__(kwargs) + + self_.data = data + self_.meta = meta diff --git a/src/datadog_api_client/v2/model/entity_context_response_meta.py b/src/datadog_api_client/v2/model/entity_context_response_meta.py new file mode 100644 index 0000000000..c2809c10c7 --- /dev/null +++ b/src/datadog_api_client/v2/model/entity_context_response_meta.py @@ -0,0 +1,52 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.entity_context_page import EntityContextPage + + +class EntityContextResponseMeta(ModelNormal): + validations = { + "total_count": { + "inclusive_maximum": 2147483647, + }, + } + + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.entity_context_page import EntityContextPage + + return { + "page": (EntityContextPage,), + "total_count": (int,), + } + + attribute_map = { + "page": "page", + "total_count": "total_count", + } + + def __init__(self_, page: EntityContextPage, total_count: int, **kwargs): + """ + Metadata returned alongside the entity context response. + + :param page: Pagination metadata for the entity context response. + :type page: EntityContextPage + + :param total_count: The total number of entities matching the query, irrespective of pagination. + :type total_count: int + """ + super().__init__(kwargs) + + self_.page = page + self_.total_count = total_count diff --git a/src/datadog_api_client/v2/model/entity_context_revision.py b/src/datadog_api_client/v2/model/entity_context_revision.py new file mode 100644 index 0000000000..cd9052612e --- /dev/null +++ b/src/datadog_api_client/v2/model/entity_context_revision.py @@ -0,0 +1,55 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + datetime, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.entity_context_revision_attributes import EntityContextRevisionAttributes + + +class EntityContextRevision(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.entity_context_revision_attributes import EntityContextRevisionAttributes + + return { + "attributes": (EntityContextRevisionAttributes,), + "first_seen_at": (datetime,), + "last_seen_at": (datetime,), + } + + attribute_map = { + "attributes": "attributes", + "first_seen_at": "first_seen_at", + "last_seen_at": "last_seen_at", + } + + def __init__( + self_, attributes: EntityContextRevisionAttributes, first_seen_at: datetime, last_seen_at: datetime, **kwargs + ): + """ + A single historical revision of an entity, including the time range during which the revision was observed. + + :param attributes: The set of attributes recorded for the entity at this revision. The keys depend on the kind of entity. + :type attributes: EntityContextRevisionAttributes + + :param first_seen_at: The first time the entity was observed at this revision. + :type first_seen_at: datetime + + :param last_seen_at: The last time the entity was observed at this revision. + :type last_seen_at: datetime + """ + super().__init__(kwargs) + + self_.attributes = attributes + self_.first_seen_at = first_seen_at + self_.last_seen_at = last_seen_at diff --git a/src/datadog_api_client/v2/model/entity_context_revision_attributes.py b/src/datadog_api_client/v2/model/entity_context_revision_attributes.py new file mode 100644 index 0000000000..4f135d26d5 --- /dev/null +++ b/src/datadog_api_client/v2/model/entity_context_revision_attributes.py @@ -0,0 +1,17 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelNormal, +) + + +class EntityContextRevisionAttributes(ModelNormal): + def __init__(self_, **kwargs): + """ + The set of attributes recorded for the entity at this revision. The keys depend on the kind of entity. + """ + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/sample_log_generation_bulk_subscription_attributes.py b/src/datadog_api_client/v2/model/sample_log_generation_bulk_subscription_attributes.py new file mode 100644 index 0000000000..3a9d28e00a --- /dev/null +++ b/src/datadog_api_client/v2/model/sample_log_generation_bulk_subscription_attributes.py @@ -0,0 +1,57 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.sample_log_generation_duration import SampleLogGenerationDuration + + +class SampleLogGenerationBulkSubscriptionAttributes(ModelNormal): + validations = { + "content_pack_ids": { + "max_items": 5, + }, + } + + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.sample_log_generation_duration import SampleLogGenerationDuration + + return { + "content_pack_ids": ([str],), + "duration": (SampleLogGenerationDuration,), + } + + attribute_map = { + "content_pack_ids": "content_pack_ids", + "duration": "duration", + } + + def __init__( + self_, content_pack_ids: List[str], duration: Union[SampleLogGenerationDuration, UnsetType] = unset, **kwargs + ): + """ + The attributes for creating sample log generation subscriptions for multiple content packs. + + :param content_pack_ids: The identifiers of the Cloud SIEM content packs to subscribe to. At most five content packs can be requested in a single call. + :type content_pack_ids: [str] + + :param duration: How long the subscription should remain active before expiring. + :type duration: SampleLogGenerationDuration, optional + """ + if duration is not unset: + kwargs["duration"] = duration + super().__init__(kwargs) + + self_.content_pack_ids = content_pack_ids diff --git a/src/datadog_api_client/v2/model/sample_log_generation_bulk_subscription_data.py b/src/datadog_api_client/v2/model/sample_log_generation_bulk_subscription_data.py new file mode 100644 index 0000000000..fdb163162c --- /dev/null +++ b/src/datadog_api_client/v2/model/sample_log_generation_bulk_subscription_data.py @@ -0,0 +1,61 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_attributes import ( + SampleLogGenerationBulkSubscriptionAttributes, + ) + from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_request_type import ( + SampleLogGenerationBulkSubscriptionRequestType, + ) + + +class SampleLogGenerationBulkSubscriptionData(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_attributes import ( + SampleLogGenerationBulkSubscriptionAttributes, + ) + from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_request_type import ( + SampleLogGenerationBulkSubscriptionRequestType, + ) + + return { + "attributes": (SampleLogGenerationBulkSubscriptionAttributes,), + "type": (SampleLogGenerationBulkSubscriptionRequestType,), + } + + attribute_map = { + "attributes": "attributes", + "type": "type", + } + + def __init__( + self_, + attributes: SampleLogGenerationBulkSubscriptionAttributes, + type: SampleLogGenerationBulkSubscriptionRequestType, + **kwargs, + ): + """ + The bulk subscription request body. + + :param attributes: The attributes for creating sample log generation subscriptions for multiple content packs. + :type attributes: SampleLogGenerationBulkSubscriptionAttributes + + :param type: The type of the resource. The value should always be ``bulk_subscription_requests``. + :type type: SampleLogGenerationBulkSubscriptionRequestType + """ + super().__init__(kwargs) + + self_.attributes = attributes + self_.type = type diff --git a/src/datadog_api_client/v2/model/sample_log_generation_bulk_subscription_item_meta.py b/src/datadog_api_client/v2/model/sample_log_generation_bulk_subscription_item_meta.py new file mode 100644 index 0000000000..c88dc63c97 --- /dev/null +++ b/src/datadog_api_client/v2/model/sample_log_generation_bulk_subscription_item_meta.py @@ -0,0 +1,49 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +class SampleLogGenerationBulkSubscriptionItemMeta(ModelNormal): + validations = { + "status": { + "inclusive_maximum": 599, + }, + } + + @cached_property + def openapi_types(_): + return { + "error": (str,), + "status": (int,), + } + + attribute_map = { + "error": "error", + "status": "status", + } + + def __init__(self_, status: int, error: Union[str, UnsetType] = unset, **kwargs): + """ + Per-item status returned for a bulk subscription request. + + :param error: A description of the error encountered for this content pack, if the subscription could not be created. + :type error: str, optional + + :param status: The HTTP status code that resulted from creating the subscription for this content pack. + :type status: int + """ + if error is not unset: + kwargs["error"] = error + super().__init__(kwargs) + + self_.status = status diff --git a/src/datadog_api_client/v2/model/sample_log_generation_bulk_subscription_request.py b/src/datadog_api_client/v2/model/sample_log_generation_bulk_subscription_request.py new file mode 100644 index 0000000000..3e4a3d01d8 --- /dev/null +++ b/src/datadog_api_client/v2/model/sample_log_generation_bulk_subscription_request.py @@ -0,0 +1,44 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_data import ( + SampleLogGenerationBulkSubscriptionData, + ) + + +class SampleLogGenerationBulkSubscriptionRequest(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_data import ( + SampleLogGenerationBulkSubscriptionData, + ) + + return { + "data": (SampleLogGenerationBulkSubscriptionData,), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: SampleLogGenerationBulkSubscriptionData, **kwargs): + """ + Request body to create sample log generation subscriptions for multiple content packs at once. + + :param data: The bulk subscription request body. + :type data: SampleLogGenerationBulkSubscriptionData + """ + super().__init__(kwargs) + + self_.data = data diff --git a/src/datadog_api_client/v2/model/sample_log_generation_bulk_subscription_request_type.py b/src/datadog_api_client/v2/model/sample_log_generation_bulk_subscription_request_type.py new file mode 100644 index 0000000000..a9d5d0686d --- /dev/null +++ b/src/datadog_api_client/v2/model/sample_log_generation_bulk_subscription_request_type.py @@ -0,0 +1,37 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class SampleLogGenerationBulkSubscriptionRequestType(ModelSimple): + """ + The type of the resource. The value should always be `bulk_subscription_requests`. + + :param value: If omitted defaults to "bulk_subscription_requests". Must be one of ["bulk_subscription_requests"]. + :type value: str + """ + + allowed_values = { + "bulk_subscription_requests", + } + BULK_SUBSCRIPTION_REQUESTS: ClassVar["SampleLogGenerationBulkSubscriptionRequestType"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +SampleLogGenerationBulkSubscriptionRequestType.BULK_SUBSCRIPTION_REQUESTS = ( + SampleLogGenerationBulkSubscriptionRequestType("bulk_subscription_requests") +) diff --git a/src/datadog_api_client/v2/model/sample_log_generation_bulk_subscription_response.py b/src/datadog_api_client/v2/model/sample_log_generation_bulk_subscription_response.py new file mode 100644 index 0000000000..68166f9c34 --- /dev/null +++ b/src/datadog_api_client/v2/model/sample_log_generation_bulk_subscription_response.py @@ -0,0 +1,44 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_result_item import ( + SampleLogGenerationBulkSubscriptionResultItem, + ) + + +class SampleLogGenerationBulkSubscriptionResponse(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_result_item import ( + SampleLogGenerationBulkSubscriptionResultItem, + ) + + return { + "data": ([SampleLogGenerationBulkSubscriptionResultItem],), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: List[SampleLogGenerationBulkSubscriptionResultItem], **kwargs): + """ + Response containing the per-content-pack results of a bulk subscription request. + + :param data: The list of bulk subscription results, one per requested content pack. + :type data: [SampleLogGenerationBulkSubscriptionResultItem] + """ + super().__init__(kwargs) + + self_.data = data diff --git a/src/datadog_api_client/v2/model/sample_log_generation_bulk_subscription_result_item.py b/src/datadog_api_client/v2/model/sample_log_generation_bulk_subscription_result_item.py new file mode 100644 index 0000000000..ad219659c3 --- /dev/null +++ b/src/datadog_api_client/v2/model/sample_log_generation_bulk_subscription_result_item.py @@ -0,0 +1,81 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.sample_log_generation_subscription_attributes import ( + SampleLogGenerationSubscriptionAttributes, + ) + from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_item_meta import ( + SampleLogGenerationBulkSubscriptionItemMeta, + ) + from datadog_api_client.v2.model.sample_log_generation_subscription_resource_type import ( + SampleLogGenerationSubscriptionResourceType, + ) + + +class SampleLogGenerationBulkSubscriptionResultItem(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.sample_log_generation_subscription_attributes import ( + SampleLogGenerationSubscriptionAttributes, + ) + from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_item_meta import ( + SampleLogGenerationBulkSubscriptionItemMeta, + ) + from datadog_api_client.v2.model.sample_log_generation_subscription_resource_type import ( + SampleLogGenerationSubscriptionResourceType, + ) + + return { + "attributes": (SampleLogGenerationSubscriptionAttributes,), + "id": (str,), + "meta": (SampleLogGenerationBulkSubscriptionItemMeta,), + "type": (SampleLogGenerationSubscriptionResourceType,), + } + + attribute_map = { + "attributes": "attributes", + "id": "id", + "meta": "meta", + "type": "type", + } + + def __init__( + self_, + attributes: SampleLogGenerationSubscriptionAttributes, + id: str, + meta: SampleLogGenerationBulkSubscriptionItemMeta, + type: SampleLogGenerationSubscriptionResourceType, + **kwargs, + ): + """ + A single result entry returned by the bulk subscription endpoint. + + :param attributes: The attributes describing a sample log generation subscription. + :type attributes: SampleLogGenerationSubscriptionAttributes + + :param id: The unique identifier of the subscription, when one was created. + :type id: str + + :param meta: Per-item status returned for a bulk subscription request. + :type meta: SampleLogGenerationBulkSubscriptionItemMeta + + :param type: The type of the resource. The value should always be ``subscriptions``. + :type type: SampleLogGenerationSubscriptionResourceType + """ + super().__init__(kwargs) + + self_.attributes = attributes + self_.id = id + self_.meta = meta + self_.type = type diff --git a/src/datadog_api_client/v2/model/sample_log_generation_duration.py b/src/datadog_api_client/v2/model/sample_log_generation_duration.py new file mode 100644 index 0000000000..aa2ef7760c --- /dev/null +++ b/src/datadog_api_client/v2/model/sample_log_generation_duration.py @@ -0,0 +1,44 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class SampleLogGenerationDuration(ModelSimple): + """ + How long the subscription should remain active before expiring. + + :param value: If omitted defaults to "3d". Must be one of ["1h", "1d", "3d", "7d"]. + :type value: str + """ + + allowed_values = { + "1h", + "1d", + "3d", + "7d", + } + ONE_HOUR: ClassVar["SampleLogGenerationDuration"] + ONE_DAY: ClassVar["SampleLogGenerationDuration"] + THREE_DAYS: ClassVar["SampleLogGenerationDuration"] + SEVEN_DAYS: ClassVar["SampleLogGenerationDuration"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +SampleLogGenerationDuration.ONE_HOUR = SampleLogGenerationDuration("1h") +SampleLogGenerationDuration.ONE_DAY = SampleLogGenerationDuration("1d") +SampleLogGenerationDuration.THREE_DAYS = SampleLogGenerationDuration("3d") +SampleLogGenerationDuration.SEVEN_DAYS = SampleLogGenerationDuration("7d") diff --git a/src/datadog_api_client/v2/model/sample_log_generation_subscription_attributes.py b/src/datadog_api_client/v2/model/sample_log_generation_subscription_attributes.py new file mode 100644 index 0000000000..394e36f17a --- /dev/null +++ b/src/datadog_api_client/v2/model/sample_log_generation_subscription_attributes.py @@ -0,0 +1,77 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + datetime, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.sample_log_generation_subscription_status import ( + SampleLogGenerationSubscriptionStatus, + ) + + +class SampleLogGenerationSubscriptionAttributes(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.sample_log_generation_subscription_status import ( + SampleLogGenerationSubscriptionStatus, + ) + + return { + "content_pack_id": (str,), + "created_at": (datetime,), + "expires_at": (datetime,), + "is_active": (bool,), + "status": (SampleLogGenerationSubscriptionStatus,), + } + + attribute_map = { + "content_pack_id": "content_pack_id", + "created_at": "created_at", + "expires_at": "expires_at", + "is_active": "is_active", + "status": "status", + } + + def __init__( + self_, + content_pack_id: str, + created_at: datetime, + expires_at: datetime, + is_active: bool, + status: SampleLogGenerationSubscriptionStatus, + **kwargs, + ): + """ + The attributes describing a sample log generation subscription. + + :param content_pack_id: The identifier of the Cloud SIEM content pack the subscription targets. + :type content_pack_id: str + + :param created_at: The time at which the subscription was created. + :type created_at: datetime + + :param expires_at: The time at which the subscription expires and stops generating logs. + :type expires_at: datetime + + :param is_active: Whether the subscription is currently active and generating logs. + :type is_active: bool + + :param status: The status of the subscription. + :type status: SampleLogGenerationSubscriptionStatus + """ + super().__init__(kwargs) + + self_.content_pack_id = content_pack_id + self_.created_at = created_at + self_.expires_at = expires_at + self_.is_active = is_active + self_.status = status diff --git a/src/datadog_api_client/v2/model/sample_log_generation_subscription_create_attributes.py b/src/datadog_api_client/v2/model/sample_log_generation_subscription_create_attributes.py new file mode 100644 index 0000000000..9c4ae5ac7a --- /dev/null +++ b/src/datadog_api_client/v2/model/sample_log_generation_subscription_create_attributes.py @@ -0,0 +1,51 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.sample_log_generation_duration import SampleLogGenerationDuration + + +class SampleLogGenerationSubscriptionCreateAttributes(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.sample_log_generation_duration import SampleLogGenerationDuration + + return { + "content_pack_id": (str,), + "duration": (SampleLogGenerationDuration,), + } + + attribute_map = { + "content_pack_id": "content_pack_id", + "duration": "duration", + } + + def __init__( + self_, content_pack_id: str, duration: Union[SampleLogGenerationDuration, UnsetType] = unset, **kwargs + ): + """ + The attributes for creating a sample log generation subscription. + + :param content_pack_id: The identifier of the Cloud SIEM content pack to subscribe to. + :type content_pack_id: str + + :param duration: How long the subscription should remain active before expiring. + :type duration: SampleLogGenerationDuration, optional + """ + if duration is not unset: + kwargs["duration"] = duration + super().__init__(kwargs) + + self_.content_pack_id = content_pack_id diff --git a/src/datadog_api_client/v2/model/sample_log_generation_subscription_create_data.py b/src/datadog_api_client/v2/model/sample_log_generation_subscription_create_data.py new file mode 100644 index 0000000000..d6e21f710d --- /dev/null +++ b/src/datadog_api_client/v2/model/sample_log_generation_subscription_create_data.py @@ -0,0 +1,61 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.sample_log_generation_subscription_create_attributes import ( + SampleLogGenerationSubscriptionCreateAttributes, + ) + from datadog_api_client.v2.model.sample_log_generation_subscription_request_type import ( + SampleLogGenerationSubscriptionRequestType, + ) + + +class SampleLogGenerationSubscriptionCreateData(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.sample_log_generation_subscription_create_attributes import ( + SampleLogGenerationSubscriptionCreateAttributes, + ) + from datadog_api_client.v2.model.sample_log_generation_subscription_request_type import ( + SampleLogGenerationSubscriptionRequestType, + ) + + return { + "attributes": (SampleLogGenerationSubscriptionCreateAttributes,), + "type": (SampleLogGenerationSubscriptionRequestType,), + } + + attribute_map = { + "attributes": "attributes", + "type": "type", + } + + def __init__( + self_, + attributes: SampleLogGenerationSubscriptionCreateAttributes, + type: SampleLogGenerationSubscriptionRequestType, + **kwargs, + ): + """ + The subscription request body. + + :param attributes: The attributes for creating a sample log generation subscription. + :type attributes: SampleLogGenerationSubscriptionCreateAttributes + + :param type: The type of the resource. The value should always be ``subscription_requests``. + :type type: SampleLogGenerationSubscriptionRequestType + """ + super().__init__(kwargs) + + self_.attributes = attributes + self_.type = type diff --git a/src/datadog_api_client/v2/model/sample_log_generation_subscription_create_request.py b/src/datadog_api_client/v2/model/sample_log_generation_subscription_create_request.py new file mode 100644 index 0000000000..38e7a3db99 --- /dev/null +++ b/src/datadog_api_client/v2/model/sample_log_generation_subscription_create_request.py @@ -0,0 +1,44 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.sample_log_generation_subscription_create_data import ( + SampleLogGenerationSubscriptionCreateData, + ) + + +class SampleLogGenerationSubscriptionCreateRequest(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.sample_log_generation_subscription_create_data import ( + SampleLogGenerationSubscriptionCreateData, + ) + + return { + "data": (SampleLogGenerationSubscriptionCreateData,), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: SampleLogGenerationSubscriptionCreateData, **kwargs): + """ + Request body to create a sample log generation subscription for a single content pack. + + :param data: The subscription request body. + :type data: SampleLogGenerationSubscriptionCreateData + """ + super().__init__(kwargs) + + self_.data = data diff --git a/src/datadog_api_client/v2/model/sample_log_generation_subscription_data.py b/src/datadog_api_client/v2/model/sample_log_generation_subscription_data.py new file mode 100644 index 0000000000..18b8ffc094 --- /dev/null +++ b/src/datadog_api_client/v2/model/sample_log_generation_subscription_data.py @@ -0,0 +1,68 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.sample_log_generation_subscription_attributes import ( + SampleLogGenerationSubscriptionAttributes, + ) + from datadog_api_client.v2.model.sample_log_generation_subscription_resource_type import ( + SampleLogGenerationSubscriptionResourceType, + ) + + +class SampleLogGenerationSubscriptionData(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.sample_log_generation_subscription_attributes import ( + SampleLogGenerationSubscriptionAttributes, + ) + from datadog_api_client.v2.model.sample_log_generation_subscription_resource_type import ( + SampleLogGenerationSubscriptionResourceType, + ) + + return { + "attributes": (SampleLogGenerationSubscriptionAttributes,), + "id": (str,), + "type": (SampleLogGenerationSubscriptionResourceType,), + } + + attribute_map = { + "attributes": "attributes", + "id": "id", + "type": "type", + } + + def __init__( + self_, + attributes: SampleLogGenerationSubscriptionAttributes, + id: str, + type: SampleLogGenerationSubscriptionResourceType, + **kwargs, + ): + """ + A sample log generation subscription. + + :param attributes: The attributes describing a sample log generation subscription. + :type attributes: SampleLogGenerationSubscriptionAttributes + + :param id: The unique identifier of the subscription. + :type id: str + + :param type: The type of the resource. The value should always be ``subscriptions``. + :type type: SampleLogGenerationSubscriptionResourceType + """ + super().__init__(kwargs) + + self_.attributes = attributes + self_.id = id + self_.type = type diff --git a/src/datadog_api_client/v2/model/sample_log_generation_subscription_request_type.py b/src/datadog_api_client/v2/model/sample_log_generation_subscription_request_type.py new file mode 100644 index 0000000000..0a3a8981f0 --- /dev/null +++ b/src/datadog_api_client/v2/model/sample_log_generation_subscription_request_type.py @@ -0,0 +1,37 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class SampleLogGenerationSubscriptionRequestType(ModelSimple): + """ + The type of the resource. The value should always be `subscription_requests`. + + :param value: If omitted defaults to "subscription_requests". Must be one of ["subscription_requests"]. + :type value: str + """ + + allowed_values = { + "subscription_requests", + } + SUBSCRIPTION_REQUESTS: ClassVar["SampleLogGenerationSubscriptionRequestType"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +SampleLogGenerationSubscriptionRequestType.SUBSCRIPTION_REQUESTS = SampleLogGenerationSubscriptionRequestType( + "subscription_requests" +) diff --git a/src/datadog_api_client/v2/model/sample_log_generation_subscription_resource_type.py b/src/datadog_api_client/v2/model/sample_log_generation_subscription_resource_type.py new file mode 100644 index 0000000000..44e6b708e6 --- /dev/null +++ b/src/datadog_api_client/v2/model/sample_log_generation_subscription_resource_type.py @@ -0,0 +1,35 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class SampleLogGenerationSubscriptionResourceType(ModelSimple): + """ + The type of the resource. The value should always be `subscriptions`. + + :param value: If omitted defaults to "subscriptions". Must be one of ["subscriptions"]. + :type value: str + """ + + allowed_values = { + "subscriptions", + } + SUBSCRIPTIONS: ClassVar["SampleLogGenerationSubscriptionResourceType"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +SampleLogGenerationSubscriptionResourceType.SUBSCRIPTIONS = SampleLogGenerationSubscriptionResourceType("subscriptions") diff --git a/src/datadog_api_client/v2/model/sample_log_generation_subscription_response.py b/src/datadog_api_client/v2/model/sample_log_generation_subscription_response.py new file mode 100644 index 0000000000..51ff68ee2b --- /dev/null +++ b/src/datadog_api_client/v2/model/sample_log_generation_subscription_response.py @@ -0,0 +1,42 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.sample_log_generation_subscription_data import SampleLogGenerationSubscriptionData + + +class SampleLogGenerationSubscriptionResponse(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.sample_log_generation_subscription_data import ( + SampleLogGenerationSubscriptionData, + ) + + return { + "data": (SampleLogGenerationSubscriptionData,), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: SampleLogGenerationSubscriptionData, **kwargs): + """ + Response containing a single sample log generation subscription. + + :param data: A sample log generation subscription. + :type data: SampleLogGenerationSubscriptionData + """ + super().__init__(kwargs) + + self_.data = data diff --git a/src/datadog_api_client/v2/model/sample_log_generation_subscription_status.py b/src/datadog_api_client/v2/model/sample_log_generation_subscription_status.py new file mode 100644 index 0000000000..3835dcc23f --- /dev/null +++ b/src/datadog_api_client/v2/model/sample_log_generation_subscription_status.py @@ -0,0 +1,55 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class SampleLogGenerationSubscriptionStatus(ModelSimple): + """ + The status of the subscription. + + :param value: Must be one of ["subscribed", "renewed", "unsubscribed", "no_active_subscription", "not_available", "active", "expired"]. + :type value: str + """ + + allowed_values = { + "subscribed", + "renewed", + "unsubscribed", + "no_active_subscription", + "not_available", + "active", + "expired", + } + SUBSCRIBED: ClassVar["SampleLogGenerationSubscriptionStatus"] + RENEWED: ClassVar["SampleLogGenerationSubscriptionStatus"] + UNSUBSCRIBED: ClassVar["SampleLogGenerationSubscriptionStatus"] + NO_ACTIVE_SUBSCRIPTION: ClassVar["SampleLogGenerationSubscriptionStatus"] + NOT_AVAILABLE: ClassVar["SampleLogGenerationSubscriptionStatus"] + ACTIVE: ClassVar["SampleLogGenerationSubscriptionStatus"] + EXPIRED: ClassVar["SampleLogGenerationSubscriptionStatus"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +SampleLogGenerationSubscriptionStatus.SUBSCRIBED = SampleLogGenerationSubscriptionStatus("subscribed") +SampleLogGenerationSubscriptionStatus.RENEWED = SampleLogGenerationSubscriptionStatus("renewed") +SampleLogGenerationSubscriptionStatus.UNSUBSCRIBED = SampleLogGenerationSubscriptionStatus("unsubscribed") +SampleLogGenerationSubscriptionStatus.NO_ACTIVE_SUBSCRIPTION = SampleLogGenerationSubscriptionStatus( + "no_active_subscription" +) +SampleLogGenerationSubscriptionStatus.NOT_AVAILABLE = SampleLogGenerationSubscriptionStatus("not_available") +SampleLogGenerationSubscriptionStatus.ACTIVE = SampleLogGenerationSubscriptionStatus("active") +SampleLogGenerationSubscriptionStatus.EXPIRED = SampleLogGenerationSubscriptionStatus("expired") diff --git a/src/datadog_api_client/v2/model/sample_log_generation_subscriptions_response.py b/src/datadog_api_client/v2/model/sample_log_generation_subscriptions_response.py new file mode 100644 index 0000000000..39c3dae022 --- /dev/null +++ b/src/datadog_api_client/v2/model/sample_log_generation_subscriptions_response.py @@ -0,0 +1,59 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.sample_log_generation_subscription_data import SampleLogGenerationSubscriptionData + from datadog_api_client.v2.model.sample_log_generation_subscriptions_response_meta import ( + SampleLogGenerationSubscriptionsResponseMeta, + ) + + +class SampleLogGenerationSubscriptionsResponse(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.sample_log_generation_subscription_data import ( + SampleLogGenerationSubscriptionData, + ) + from datadog_api_client.v2.model.sample_log_generation_subscriptions_response_meta import ( + SampleLogGenerationSubscriptionsResponseMeta, + ) + + return { + "data": ([SampleLogGenerationSubscriptionData],), + "meta": (SampleLogGenerationSubscriptionsResponseMeta,), + } + + attribute_map = { + "data": "data", + "meta": "meta", + } + + def __init__( + self_, + data: List[SampleLogGenerationSubscriptionData], + meta: SampleLogGenerationSubscriptionsResponseMeta, + **kwargs, + ): + """ + Response containing a list of sample log generation subscriptions. + + :param data: The list of sample log generation subscriptions. + :type data: [SampleLogGenerationSubscriptionData] + + :param meta: Metadata returned alongside a list of sample log generation subscriptions. + :type meta: SampleLogGenerationSubscriptionsResponseMeta + """ + super().__init__(kwargs) + + self_.data = data + self_.meta = meta diff --git a/src/datadog_api_client/v2/model/sample_log_generation_subscriptions_response_meta.py b/src/datadog_api_client/v2/model/sample_log_generation_subscriptions_response_meta.py new file mode 100644 index 0000000000..c90e328e04 --- /dev/null +++ b/src/datadog_api_client/v2/model/sample_log_generation_subscriptions_response_meta.py @@ -0,0 +1,39 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +class SampleLogGenerationSubscriptionsResponseMeta(ModelNormal): + validations = { + "total_subscriptions": { + "inclusive_maximum": 2147483647, + }, + } + + @cached_property + def openapi_types(_): + return { + "total_subscriptions": (int,), + } + + attribute_map = { + "total_subscriptions": "total_subscriptions", + } + + def __init__(self_, total_subscriptions: int, **kwargs): + """ + Metadata returned alongside a list of sample log generation subscriptions. + + :param total_subscriptions: The total number of subscriptions matching the request, irrespective of pagination. + :type total_subscriptions: int + """ + super().__init__(kwargs) + + self_.total_subscriptions = total_subscriptions diff --git a/src/datadog_api_client/v2/model/sample_log_generation_subscriptions_status_filter.py b/src/datadog_api_client/v2/model/sample_log_generation_subscriptions_status_filter.py new file mode 100644 index 0000000000..b2db66ea8f --- /dev/null +++ b/src/datadog_api_client/v2/model/sample_log_generation_subscriptions_status_filter.py @@ -0,0 +1,38 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class SampleLogGenerationSubscriptionsStatusFilter(ModelSimple): + """ + Filter that controls whether to return only active subscriptions or every subscription on record. + + :param value: If omitted defaults to "active". Must be one of ["active", "all"]. + :type value: str + """ + + allowed_values = { + "active", + "all", + } + ACTIVE: ClassVar["SampleLogGenerationSubscriptionsStatusFilter"] + ALL: ClassVar["SampleLogGenerationSubscriptionsStatusFilter"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +SampleLogGenerationSubscriptionsStatusFilter.ACTIVE = SampleLogGenerationSubscriptionsStatusFilter("active") +SampleLogGenerationSubscriptionsStatusFilter.ALL = SampleLogGenerationSubscriptionsStatusFilter("all") diff --git a/src/datadog_api_client/v2/model/security_filter_version.py b/src/datadog_api_client/v2/model/security_filter_version.py new file mode 100644 index 0000000000..ceb64ef617 --- /dev/null +++ b/src/datadog_api_client/v2/model/security_filter_version.py @@ -0,0 +1,56 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.security_filter_version_attributes import SecurityFilterVersionAttributes + from datadog_api_client.v2.model.security_filter_version_type import SecurityFilterVersionType + + +class SecurityFilterVersion(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.security_filter_version_attributes import SecurityFilterVersionAttributes + from datadog_api_client.v2.model.security_filter_version_type import SecurityFilterVersionType + + return { + "attributes": (SecurityFilterVersionAttributes,), + "id": (str,), + "type": (SecurityFilterVersionType,), + } + + attribute_map = { + "attributes": "attributes", + "id": "id", + "type": "type", + } + + def __init__( + self_, attributes: SecurityFilterVersionAttributes, id: str, type: SecurityFilterVersionType, **kwargs + ): + """ + A snapshot of all security filters at a specific configuration version. + + :param attributes: The attributes describing a single security filter configuration version. + :type attributes: SecurityFilterVersionAttributes + + :param id: The identifier of the configuration version. + :type id: str + + :param type: The type of the resource. The value should always be ``security_filters_configuration``. + :type type: SecurityFilterVersionType + """ + super().__init__(kwargs) + + self_.attributes = attributes + self_.id = id + self_.type = type diff --git a/src/datadog_api_client/v2/model/security_filter_version_attributes.py b/src/datadog_api_client/v2/model/security_filter_version_attributes.py new file mode 100644 index 0000000000..056979a8be --- /dev/null +++ b/src/datadog_api_client/v2/model/security_filter_version_attributes.py @@ -0,0 +1,58 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.security_filter_version_entry import SecurityFilterVersionEntry + + +class SecurityFilterVersionAttributes(ModelNormal): + validations = { + "version": { + "inclusive_maximum": 2147483647, + }, + } + + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.security_filter_version_entry import SecurityFilterVersionEntry + + return { + "date": (int,), + "filters": ([SecurityFilterVersionEntry],), + "version": (int,), + } + + attribute_map = { + "date": "date", + "filters": "filters", + "version": "version", + } + + def __init__(self_, date: int, filters: List[SecurityFilterVersionEntry], version: int, **kwargs): + """ + The attributes describing a single security filter configuration version. + + :param date: The Unix timestamp in milliseconds at which this configuration version was applied. + :type date: int + + :param filters: The set of security filters at this configuration version. + :type filters: [SecurityFilterVersionEntry] + + :param version: The configuration version number. + :type version: int + """ + super().__init__(kwargs) + + self_.date = date + self_.filters = filters + self_.version = version diff --git a/src/datadog_api_client/v2/model/security_filter_version_entry.py b/src/datadog_api_client/v2/model/security_filter_version_entry.py new file mode 100644 index 0000000000..c14165f5e0 --- /dev/null +++ b/src/datadog_api_client/v2/model/security_filter_version_entry.py @@ -0,0 +1,105 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.security_filter_exclusion_filter_response import ( + SecurityFilterExclusionFilterResponse, + ) + from datadog_api_client.v2.model.security_filter_filtered_data_type import SecurityFilterFilteredDataType + + +class SecurityFilterVersionEntry(ModelNormal): + validations = { + "version": { + "inclusive_maximum": 2147483647, + }, + } + + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.security_filter_exclusion_filter_response import ( + SecurityFilterExclusionFilterResponse, + ) + from datadog_api_client.v2.model.security_filter_filtered_data_type import SecurityFilterFilteredDataType + + return { + "exclusion_filters": ([SecurityFilterExclusionFilterResponse],), + "filtered_data_type": (SecurityFilterFilteredDataType,), + "id": (str,), + "is_builtin": (bool,), + "is_enabled": (bool,), + "name": (str,), + "query": (str,), + "version": (int,), + } + + attribute_map = { + "exclusion_filters": "exclusion_filters", + "filtered_data_type": "filtered_data_type", + "id": "id", + "is_builtin": "is_builtin", + "is_enabled": "is_enabled", + "name": "name", + "query": "query", + "version": "version", + } + + def __init__( + self_, + exclusion_filters: List[SecurityFilterExclusionFilterResponse], + filtered_data_type: SecurityFilterFilteredDataType, + id: str, + is_builtin: bool, + is_enabled: bool, + name: str, + query: str, + version: int, + **kwargs, + ): + """ + A single security filter as it existed at a given configuration version. + + :param exclusion_filters: The list of exclusion filters applied in this security filter. + :type exclusion_filters: [SecurityFilterExclusionFilterResponse] + + :param filtered_data_type: The filtered data type. + :type filtered_data_type: SecurityFilterFilteredDataType + + :param id: The ID of the security filter. + :type id: str + + :param is_builtin: Whether the security filter is the built-in filter. + :type is_builtin: bool + + :param is_enabled: Whether the security filter is enabled. + :type is_enabled: bool + + :param name: The name of the security filter. + :type name: str + + :param query: The query of the security filter. + :type query: str + + :param version: The version of this security filter. + :type version: int + """ + super().__init__(kwargs) + + self_.exclusion_filters = exclusion_filters + self_.filtered_data_type = filtered_data_type + self_.id = id + self_.is_builtin = is_builtin + self_.is_enabled = is_enabled + self_.name = name + self_.query = query + self_.version = version diff --git a/src/datadog_api_client/v2/model/security_filter_version_type.py b/src/datadog_api_client/v2/model/security_filter_version_type.py new file mode 100644 index 0000000000..8c7ece01d3 --- /dev/null +++ b/src/datadog_api_client/v2/model/security_filter_version_type.py @@ -0,0 +1,35 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class SecurityFilterVersionType(ModelSimple): + """ + The type of the resource. The value should always be `security_filters_configuration`. + + :param value: If omitted defaults to "security_filters_configuration". Must be one of ["security_filters_configuration"]. + :type value: str + """ + + allowed_values = { + "security_filters_configuration", + } + SECURITY_FILTERS_CONFIGURATION: ClassVar["SecurityFilterVersionType"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +SecurityFilterVersionType.SECURITY_FILTERS_CONFIGURATION = SecurityFilterVersionType("security_filters_configuration") diff --git a/src/datadog_api_client/v2/model/security_filter_versions_response.py b/src/datadog_api_client/v2/model/security_filter_versions_response.py new file mode 100644 index 0000000000..1b6487a55d --- /dev/null +++ b/src/datadog_api_client/v2/model/security_filter_versions_response.py @@ -0,0 +1,40 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.security_filter_version import SecurityFilterVersion + + +class SecurityFilterVersionsResponse(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.security_filter_version import SecurityFilterVersion + + return { + "data": ([SecurityFilterVersion],), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: List[SecurityFilterVersion], **kwargs): + """ + Response containing the version history of security filters. + + :param data: A list of historical security filter configurations, ordered from the most recent to the oldest. + :type data: [SecurityFilterVersion] + """ + super().__init__(kwargs) + + self_.data = data diff --git a/src/datadog_api_client/v2/model/security_monitoring_integration_config_attributes.py b/src/datadog_api_client/v2/model/security_monitoring_integration_config_attributes.py new file mode 100644 index 0000000000..44bc68a56c --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_integration_config_attributes.py @@ -0,0 +1,113 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + datetime, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.security_monitoring_integration_type import SecurityMonitoringIntegrationType + from datadog_api_client.v2.model.security_monitoring_integration_config_settings import ( + SecurityMonitoringIntegrationConfigSettings, + ) + from datadog_api_client.v2.model.security_monitoring_integration_config_state import ( + SecurityMonitoringIntegrationConfigState, + ) + + +class SecurityMonitoringIntegrationConfigAttributes(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.security_monitoring_integration_type import SecurityMonitoringIntegrationType + from datadog_api_client.v2.model.security_monitoring_integration_config_settings import ( + SecurityMonitoringIntegrationConfigSettings, + ) + from datadog_api_client.v2.model.security_monitoring_integration_config_state import ( + SecurityMonitoringIntegrationConfigState, + ) + + return { + "created_at": (datetime,), + "domain": (str,), + "enabled": (bool,), + "integration_type": (SecurityMonitoringIntegrationType,), + "modified_at": (datetime,), + "name": (str,), + "settings": (SecurityMonitoringIntegrationConfigSettings,), + "state": (SecurityMonitoringIntegrationConfigState,), + } + + attribute_map = { + "created_at": "created_at", + "domain": "domain", + "enabled": "enabled", + "integration_type": "integration_type", + "modified_at": "modified_at", + "name": "name", + "settings": "settings", + "state": "state", + } + + def __init__( + self_, + domain: str, + enabled: bool, + integration_type: SecurityMonitoringIntegrationType, + created_at: Union[datetime, UnsetType] = unset, + modified_at: Union[datetime, UnsetType] = unset, + name: Union[str, UnsetType] = unset, + settings: Union[SecurityMonitoringIntegrationConfigSettings, UnsetType] = unset, + state: Union[SecurityMonitoringIntegrationConfigState, UnsetType] = unset, + **kwargs, + ): + """ + The attributes of an entity context sync configuration as returned by the API. + + :param created_at: The time at which the entity context sync configuration was created. + :type created_at: datetime, optional + + :param domain: The domain associated with the external entity source (for example, the customer's identity provider domain). + :type domain: str + + :param enabled: Whether the sync is enabled and actively ingesting entities into Cloud SIEM. + :type enabled: bool + + :param integration_type: The type of external source that provides entities to Cloud SIEM. + :type integration_type: SecurityMonitoringIntegrationType + + :param modified_at: The time at which the entity context sync configuration was last modified. + :type modified_at: datetime, optional + + :param name: The display name of the entity context sync configuration. + :type name: str, optional + + :param settings: Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type. + :type settings: SecurityMonitoringIntegrationConfigSettings, optional + + :param state: The state of the credentials configured on the entity context sync. + :type state: SecurityMonitoringIntegrationConfigState, optional + """ + if created_at is not unset: + kwargs["created_at"] = created_at + if modified_at is not unset: + kwargs["modified_at"] = modified_at + if name is not unset: + kwargs["name"] = name + if settings is not unset: + kwargs["settings"] = settings + if state is not unset: + kwargs["state"] = state + super().__init__(kwargs) + + self_.domain = domain + self_.enabled = enabled + self_.integration_type = integration_type diff --git a/src/datadog_api_client/v2/model/security_monitoring_integration_config_create_attributes.py b/src/datadog_api_client/v2/model/security_monitoring_integration_config_create_attributes.py new file mode 100644 index 0000000000..9d476fe512 --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_integration_config_create_attributes.py @@ -0,0 +1,87 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.security_monitoring_integration_type import SecurityMonitoringIntegrationType + from datadog_api_client.v2.model.security_monitoring_integration_config_secrets import ( + SecurityMonitoringIntegrationConfigSecrets, + ) + from datadog_api_client.v2.model.security_monitoring_integration_config_settings import ( + SecurityMonitoringIntegrationConfigSettings, + ) + + +class SecurityMonitoringIntegrationConfigCreateAttributes(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.security_monitoring_integration_type import SecurityMonitoringIntegrationType + from datadog_api_client.v2.model.security_monitoring_integration_config_secrets import ( + SecurityMonitoringIntegrationConfigSecrets, + ) + from datadog_api_client.v2.model.security_monitoring_integration_config_settings import ( + SecurityMonitoringIntegrationConfigSettings, + ) + + return { + "domain": (str,), + "integration_type": (SecurityMonitoringIntegrationType,), + "name": (str,), + "secrets": (SecurityMonitoringIntegrationConfigSecrets,), + "settings": (SecurityMonitoringIntegrationConfigSettings,), + } + + attribute_map = { + "domain": "domain", + "integration_type": "integration_type", + "name": "name", + "secrets": "secrets", + "settings": "settings", + } + + def __init__( + self_, + domain: str, + integration_type: SecurityMonitoringIntegrationType, + name: str, + secrets: SecurityMonitoringIntegrationConfigSecrets, + settings: Union[SecurityMonitoringIntegrationConfigSettings, UnsetType] = unset, + **kwargs, + ): + """ + The attributes of the entity context sync configuration to create. + + :param domain: The domain associated with the external entity source. + :type domain: str + + :param integration_type: The type of external source that provides entities to Cloud SIEM. + :type integration_type: SecurityMonitoringIntegrationType + + :param name: The display name for the entity context sync configuration. + :type name: str + + :param secrets: The secrets used to authenticate against the external entity source. The accepted keys depend on the source type (for example, ``admin_email`` for Google Workspace). + :type secrets: SecurityMonitoringIntegrationConfigSecrets + + :param settings: Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type. + :type settings: SecurityMonitoringIntegrationConfigSettings, optional + """ + if settings is not unset: + kwargs["settings"] = settings + super().__init__(kwargs) + + self_.domain = domain + self_.integration_type = integration_type + self_.name = name + self_.secrets = secrets diff --git a/src/datadog_api_client/v2/model/security_monitoring_integration_config_create_data.py b/src/datadog_api_client/v2/model/security_monitoring_integration_config_create_data.py new file mode 100644 index 0000000000..9bc8223130 --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_integration_config_create_data.py @@ -0,0 +1,61 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.security_monitoring_integration_config_create_attributes import ( + SecurityMonitoringIntegrationConfigCreateAttributes, + ) + from datadog_api_client.v2.model.security_monitoring_integration_config_resource_type import ( + SecurityMonitoringIntegrationConfigResourceType, + ) + + +class SecurityMonitoringIntegrationConfigCreateData(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.security_monitoring_integration_config_create_attributes import ( + SecurityMonitoringIntegrationConfigCreateAttributes, + ) + from datadog_api_client.v2.model.security_monitoring_integration_config_resource_type import ( + SecurityMonitoringIntegrationConfigResourceType, + ) + + return { + "attributes": (SecurityMonitoringIntegrationConfigCreateAttributes,), + "type": (SecurityMonitoringIntegrationConfigResourceType,), + } + + attribute_map = { + "attributes": "attributes", + "type": "type", + } + + def __init__( + self_, + attributes: SecurityMonitoringIntegrationConfigCreateAttributes, + type: SecurityMonitoringIntegrationConfigResourceType, + **kwargs, + ): + """ + The entity context sync configuration to create. + + :param attributes: The attributes of the entity context sync configuration to create. + :type attributes: SecurityMonitoringIntegrationConfigCreateAttributes + + :param type: The type of the resource. The value should always be ``integration_config``. + :type type: SecurityMonitoringIntegrationConfigResourceType + """ + super().__init__(kwargs) + + self_.attributes = attributes + self_.type = type diff --git a/src/datadog_api_client/v2/model/security_monitoring_integration_config_create_request.py b/src/datadog_api_client/v2/model/security_monitoring_integration_config_create_request.py new file mode 100644 index 0000000000..020895d696 --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_integration_config_create_request.py @@ -0,0 +1,44 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.security_monitoring_integration_config_create_data import ( + SecurityMonitoringIntegrationConfigCreateData, + ) + + +class SecurityMonitoringIntegrationConfigCreateRequest(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.security_monitoring_integration_config_create_data import ( + SecurityMonitoringIntegrationConfigCreateData, + ) + + return { + "data": (SecurityMonitoringIntegrationConfigCreateData,), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: SecurityMonitoringIntegrationConfigCreateData, **kwargs): + """ + Request body to create an entity context sync configuration. + + :param data: The entity context sync configuration to create. + :type data: SecurityMonitoringIntegrationConfigCreateData + """ + super().__init__(kwargs) + + self_.data = data diff --git a/src/datadog_api_client/v2/model/security_monitoring_integration_config_data.py b/src/datadog_api_client/v2/model/security_monitoring_integration_config_data.py new file mode 100644 index 0000000000..ea7d024e51 --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_integration_config_data.py @@ -0,0 +1,68 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.security_monitoring_integration_config_attributes import ( + SecurityMonitoringIntegrationConfigAttributes, + ) + from datadog_api_client.v2.model.security_monitoring_integration_config_resource_type import ( + SecurityMonitoringIntegrationConfigResourceType, + ) + + +class SecurityMonitoringIntegrationConfigData(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.security_monitoring_integration_config_attributes import ( + SecurityMonitoringIntegrationConfigAttributes, + ) + from datadog_api_client.v2.model.security_monitoring_integration_config_resource_type import ( + SecurityMonitoringIntegrationConfigResourceType, + ) + + return { + "attributes": (SecurityMonitoringIntegrationConfigAttributes,), + "id": (str,), + "type": (SecurityMonitoringIntegrationConfigResourceType,), + } + + attribute_map = { + "attributes": "attributes", + "id": "id", + "type": "type", + } + + def __init__( + self_, + attributes: SecurityMonitoringIntegrationConfigAttributes, + id: str, + type: SecurityMonitoringIntegrationConfigResourceType, + **kwargs, + ): + """ + An entity context sync configuration. + + :param attributes: The attributes of an entity context sync configuration as returned by the API. + :type attributes: SecurityMonitoringIntegrationConfigAttributes + + :param id: The unique identifier of the integration configuration. + :type id: str + + :param type: The type of the resource. The value should always be ``integration_config``. + :type type: SecurityMonitoringIntegrationConfigResourceType + """ + super().__init__(kwargs) + + self_.attributes = attributes + self_.id = id + self_.type = type diff --git a/src/datadog_api_client/v2/model/security_monitoring_integration_config_resource_type.py b/src/datadog_api_client/v2/model/security_monitoring_integration_config_resource_type.py new file mode 100644 index 0000000000..5493bb0c92 --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_integration_config_resource_type.py @@ -0,0 +1,37 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class SecurityMonitoringIntegrationConfigResourceType(ModelSimple): + """ + The type of the resource. The value should always be `integration_config`. + + :param value: If omitted defaults to "integration_config". Must be one of ["integration_config"]. + :type value: str + """ + + allowed_values = { + "integration_config", + } + INTEGRATION_CONFIG: ClassVar["SecurityMonitoringIntegrationConfigResourceType"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +SecurityMonitoringIntegrationConfigResourceType.INTEGRATION_CONFIG = SecurityMonitoringIntegrationConfigResourceType( + "integration_config" +) diff --git a/src/datadog_api_client/v2/model/security_monitoring_integration_config_response.py b/src/datadog_api_client/v2/model/security_monitoring_integration_config_response.py new file mode 100644 index 0000000000..56a102c078 --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_integration_config_response.py @@ -0,0 +1,44 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.security_monitoring_integration_config_data import ( + SecurityMonitoringIntegrationConfigData, + ) + + +class SecurityMonitoringIntegrationConfigResponse(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.security_monitoring_integration_config_data import ( + SecurityMonitoringIntegrationConfigData, + ) + + return { + "data": (SecurityMonitoringIntegrationConfigData,), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: SecurityMonitoringIntegrationConfigData, **kwargs): + """ + Response containing a single entity context sync configuration. + + :param data: An entity context sync configuration. + :type data: SecurityMonitoringIntegrationConfigData + """ + super().__init__(kwargs) + + self_.data = data diff --git a/src/datadog_api_client/v2/model/security_monitoring_integration_config_secrets.py b/src/datadog_api_client/v2/model/security_monitoring_integration_config_secrets.py new file mode 100644 index 0000000000..11fcc09cf2 --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_integration_config_secrets.py @@ -0,0 +1,17 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelNormal, +) + + +class SecurityMonitoringIntegrationConfigSecrets(ModelNormal): + def __init__(self_, **kwargs): + """ + The secrets used to authenticate against the external entity source. The accepted keys depend on the source type (for example, ``admin_email`` for Google Workspace). + """ + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/security_monitoring_integration_config_settings.py b/src/datadog_api_client/v2/model/security_monitoring_integration_config_settings.py new file mode 100644 index 0000000000..032993ac2a --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_integration_config_settings.py @@ -0,0 +1,17 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelNormal, +) + + +class SecurityMonitoringIntegrationConfigSettings(ModelNormal): + def __init__(self_, **kwargs): + """ + Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type. + """ + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/security_monitoring_integration_config_state.py b/src/datadog_api_client/v2/model/security_monitoring_integration_config_state.py new file mode 100644 index 0000000000..26c0d475ab --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_integration_config_state.py @@ -0,0 +1,41 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class SecurityMonitoringIntegrationConfigState(ModelSimple): + """ + The state of the credentials configured on the entity context sync. + + :param value: Must be one of ["valid", "invalid", "initializing"]. + :type value: str + """ + + allowed_values = { + "valid", + "invalid", + "initializing", + } + VALID: ClassVar["SecurityMonitoringIntegrationConfigState"] + INVALID: ClassVar["SecurityMonitoringIntegrationConfigState"] + INITIALIZING: ClassVar["SecurityMonitoringIntegrationConfigState"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +SecurityMonitoringIntegrationConfigState.VALID = SecurityMonitoringIntegrationConfigState("valid") +SecurityMonitoringIntegrationConfigState.INVALID = SecurityMonitoringIntegrationConfigState("invalid") +SecurityMonitoringIntegrationConfigState.INITIALIZING = SecurityMonitoringIntegrationConfigState("initializing") diff --git a/src/datadog_api_client/v2/model/security_monitoring_integration_config_update_attributes.py b/src/datadog_api_client/v2/model/security_monitoring_integration_config_update_attributes.py new file mode 100644 index 0000000000..f07e1a37ad --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_integration_config_update_attributes.py @@ -0,0 +1,98 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.security_monitoring_integration_type import SecurityMonitoringIntegrationType + from datadog_api_client.v2.model.security_monitoring_integration_config_secrets import ( + SecurityMonitoringIntegrationConfigSecrets, + ) + from datadog_api_client.v2.model.security_monitoring_integration_config_settings import ( + SecurityMonitoringIntegrationConfigSettings, + ) + + +class SecurityMonitoringIntegrationConfigUpdateAttributes(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.security_monitoring_integration_type import SecurityMonitoringIntegrationType + from datadog_api_client.v2.model.security_monitoring_integration_config_secrets import ( + SecurityMonitoringIntegrationConfigSecrets, + ) + from datadog_api_client.v2.model.security_monitoring_integration_config_settings import ( + SecurityMonitoringIntegrationConfigSettings, + ) + + return { + "domain": (str,), + "enabled": (bool,), + "integration_type": (SecurityMonitoringIntegrationType,), + "name": (str,), + "secrets": (SecurityMonitoringIntegrationConfigSecrets,), + "settings": (SecurityMonitoringIntegrationConfigSettings,), + } + + attribute_map = { + "domain": "domain", + "enabled": "enabled", + "integration_type": "integration_type", + "name": "name", + "secrets": "secrets", + "settings": "settings", + } + + def __init__( + self_, + domain: Union[str, UnsetType] = unset, + enabled: Union[bool, UnsetType] = unset, + integration_type: Union[SecurityMonitoringIntegrationType, UnsetType] = unset, + name: Union[str, UnsetType] = unset, + secrets: Union[SecurityMonitoringIntegrationConfigSecrets, UnsetType] = unset, + settings: Union[SecurityMonitoringIntegrationConfigSettings, UnsetType] = unset, + **kwargs, + ): + """ + Fields to update on the entity context sync configuration. All fields are optional. + + :param domain: The new domain associated with the external entity source. + :type domain: str, optional + + :param enabled: Whether the entity context sync should be enabled. + :type enabled: bool, optional + + :param integration_type: The type of external source that provides entities to Cloud SIEM. + :type integration_type: SecurityMonitoringIntegrationType, optional + + :param name: The new display name for the entity context sync configuration. + :type name: str, optional + + :param secrets: The secrets used to authenticate against the external entity source. The accepted keys depend on the source type (for example, ``admin_email`` for Google Workspace). + :type secrets: SecurityMonitoringIntegrationConfigSecrets, optional + + :param settings: Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type. + :type settings: SecurityMonitoringIntegrationConfigSettings, optional + """ + if domain is not unset: + kwargs["domain"] = domain + if enabled is not unset: + kwargs["enabled"] = enabled + if integration_type is not unset: + kwargs["integration_type"] = integration_type + if name is not unset: + kwargs["name"] = name + if secrets is not unset: + kwargs["secrets"] = secrets + if settings is not unset: + kwargs["settings"] = settings + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/security_monitoring_integration_config_update_data.py b/src/datadog_api_client/v2/model/security_monitoring_integration_config_update_data.py new file mode 100644 index 0000000000..471c472baf --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_integration_config_update_data.py @@ -0,0 +1,61 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.security_monitoring_integration_config_update_attributes import ( + SecurityMonitoringIntegrationConfigUpdateAttributes, + ) + from datadog_api_client.v2.model.security_monitoring_integration_config_resource_type import ( + SecurityMonitoringIntegrationConfigResourceType, + ) + + +class SecurityMonitoringIntegrationConfigUpdateData(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.security_monitoring_integration_config_update_attributes import ( + SecurityMonitoringIntegrationConfigUpdateAttributes, + ) + from datadog_api_client.v2.model.security_monitoring_integration_config_resource_type import ( + SecurityMonitoringIntegrationConfigResourceType, + ) + + return { + "attributes": (SecurityMonitoringIntegrationConfigUpdateAttributes,), + "type": (SecurityMonitoringIntegrationConfigResourceType,), + } + + attribute_map = { + "attributes": "attributes", + "type": "type", + } + + def __init__( + self_, + attributes: SecurityMonitoringIntegrationConfigUpdateAttributes, + type: SecurityMonitoringIntegrationConfigResourceType, + **kwargs, + ): + """ + The entity context sync configuration fields to update. + + :param attributes: Fields to update on the entity context sync configuration. All fields are optional. + :type attributes: SecurityMonitoringIntegrationConfigUpdateAttributes + + :param type: The type of the resource. The value should always be ``integration_config``. + :type type: SecurityMonitoringIntegrationConfigResourceType + """ + super().__init__(kwargs) + + self_.attributes = attributes + self_.type = type diff --git a/src/datadog_api_client/v2/model/security_monitoring_integration_config_update_request.py b/src/datadog_api_client/v2/model/security_monitoring_integration_config_update_request.py new file mode 100644 index 0000000000..6cea6447b0 --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_integration_config_update_request.py @@ -0,0 +1,44 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.security_monitoring_integration_config_update_data import ( + SecurityMonitoringIntegrationConfigUpdateData, + ) + + +class SecurityMonitoringIntegrationConfigUpdateRequest(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.security_monitoring_integration_config_update_data import ( + SecurityMonitoringIntegrationConfigUpdateData, + ) + + return { + "data": (SecurityMonitoringIntegrationConfigUpdateData,), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: SecurityMonitoringIntegrationConfigUpdateData, **kwargs): + """ + Request body to update an entity context sync configuration. Supports partial updates. + + :param data: The entity context sync configuration fields to update. + :type data: SecurityMonitoringIntegrationConfigUpdateData + """ + super().__init__(kwargs) + + self_.data = data diff --git a/src/datadog_api_client/v2/model/security_monitoring_integration_configs_response.py b/src/datadog_api_client/v2/model/security_monitoring_integration_configs_response.py new file mode 100644 index 0000000000..95baaf3199 --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_integration_configs_response.py @@ -0,0 +1,44 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.security_monitoring_integration_config_data import ( + SecurityMonitoringIntegrationConfigData, + ) + + +class SecurityMonitoringIntegrationConfigsResponse(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.security_monitoring_integration_config_data import ( + SecurityMonitoringIntegrationConfigData, + ) + + return { + "data": ([SecurityMonitoringIntegrationConfigData],), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: List[SecurityMonitoringIntegrationConfigData], **kwargs): + """ + Response containing a list of entity context sync configurations. + + :param data: The list of integration configurations. + :type data: [SecurityMonitoringIntegrationConfigData] + """ + super().__init__(kwargs) + + self_.data = data diff --git a/src/datadog_api_client/v2/model/security_monitoring_integration_credentials_validate_attributes.py b/src/datadog_api_client/v2/model/security_monitoring_integration_credentials_validate_attributes.py new file mode 100644 index 0000000000..10702347a5 --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_integration_credentials_validate_attributes.py @@ -0,0 +1,64 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.security_monitoring_integration_type import SecurityMonitoringIntegrationType + from datadog_api_client.v2.model.security_monitoring_integration_config_secrets import ( + SecurityMonitoringIntegrationConfigSecrets, + ) + + +class SecurityMonitoringIntegrationCredentialsValidateAttributes(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.security_monitoring_integration_type import SecurityMonitoringIntegrationType + from datadog_api_client.v2.model.security_monitoring_integration_config_secrets import ( + SecurityMonitoringIntegrationConfigSecrets, + ) + + return { + "domain": (str,), + "integration_type": (SecurityMonitoringIntegrationType,), + "secrets": (SecurityMonitoringIntegrationConfigSecrets,), + } + + attribute_map = { + "domain": "domain", + "integration_type": "integration_type", + "secrets": "secrets", + } + + def __init__( + self_, + domain: str, + integration_type: SecurityMonitoringIntegrationType, + secrets: SecurityMonitoringIntegrationConfigSecrets, + **kwargs, + ): + """ + The credentials to validate against the external entity source. + + :param domain: The domain associated with the external entity source. + :type domain: str + + :param integration_type: The type of external source that provides entities to Cloud SIEM. + :type integration_type: SecurityMonitoringIntegrationType + + :param secrets: The secrets used to authenticate against the external entity source. The accepted keys depend on the source type (for example, ``admin_email`` for Google Workspace). + :type secrets: SecurityMonitoringIntegrationConfigSecrets + """ + super().__init__(kwargs) + + self_.domain = domain + self_.integration_type = integration_type + self_.secrets = secrets diff --git a/src/datadog_api_client/v2/model/security_monitoring_integration_credentials_validate_data.py b/src/datadog_api_client/v2/model/security_monitoring_integration_credentials_validate_data.py new file mode 100644 index 0000000000..52ed1fcf25 --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_integration_credentials_validate_data.py @@ -0,0 +1,61 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.security_monitoring_integration_credentials_validate_attributes import ( + SecurityMonitoringIntegrationCredentialsValidateAttributes, + ) + from datadog_api_client.v2.model.security_monitoring_integration_config_resource_type import ( + SecurityMonitoringIntegrationConfigResourceType, + ) + + +class SecurityMonitoringIntegrationCredentialsValidateData(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.security_monitoring_integration_credentials_validate_attributes import ( + SecurityMonitoringIntegrationCredentialsValidateAttributes, + ) + from datadog_api_client.v2.model.security_monitoring_integration_config_resource_type import ( + SecurityMonitoringIntegrationConfigResourceType, + ) + + return { + "attributes": (SecurityMonitoringIntegrationCredentialsValidateAttributes,), + "type": (SecurityMonitoringIntegrationConfigResourceType,), + } + + attribute_map = { + "attributes": "attributes", + "type": "type", + } + + def __init__( + self_, + attributes: SecurityMonitoringIntegrationCredentialsValidateAttributes, + type: SecurityMonitoringIntegrationConfigResourceType, + **kwargs, + ): + """ + The credentials to validate. + + :param attributes: The credentials to validate against the external entity source. + :type attributes: SecurityMonitoringIntegrationCredentialsValidateAttributes + + :param type: The type of the resource. The value should always be ``integration_config``. + :type type: SecurityMonitoringIntegrationConfigResourceType + """ + super().__init__(kwargs) + + self_.attributes = attributes + self_.type = type diff --git a/src/datadog_api_client/v2/model/security_monitoring_integration_credentials_validate_request.py b/src/datadog_api_client/v2/model/security_monitoring_integration_credentials_validate_request.py new file mode 100644 index 0000000000..452363caa9 --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_integration_credentials_validate_request.py @@ -0,0 +1,44 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.security_monitoring_integration_credentials_validate_data import ( + SecurityMonitoringIntegrationCredentialsValidateData, + ) + + +class SecurityMonitoringIntegrationCredentialsValidateRequest(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.security_monitoring_integration_credentials_validate_data import ( + SecurityMonitoringIntegrationCredentialsValidateData, + ) + + return { + "data": (SecurityMonitoringIntegrationCredentialsValidateData,), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: SecurityMonitoringIntegrationCredentialsValidateData, **kwargs): + """ + Request body to validate credentials against an external entity source before creating a sync configuration. + + :param data: The credentials to validate. + :type data: SecurityMonitoringIntegrationCredentialsValidateData + """ + super().__init__(kwargs) + + self_.data = data diff --git a/src/datadog_api_client/v2/model/security_monitoring_integration_type.py b/src/datadog_api_client/v2/model/security_monitoring_integration_type.py new file mode 100644 index 0000000000..78918d12fc --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_integration_type.py @@ -0,0 +1,41 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class SecurityMonitoringIntegrationType(ModelSimple): + """ + The type of external source that provides entities to Cloud SIEM. + + :param value: Must be one of ["GOOGLE_WORKSPACE", "OKTA", "ENTRA_ID"]. + :type value: str + """ + + allowed_values = { + "GOOGLE_WORKSPACE", + "OKTA", + "ENTRA_ID", + } + GOOGLE_WORKSPACE: ClassVar["SecurityMonitoringIntegrationType"] + OKTA: ClassVar["SecurityMonitoringIntegrationType"] + ENTRA_ID: ClassVar["SecurityMonitoringIntegrationType"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +SecurityMonitoringIntegrationType.GOOGLE_WORKSPACE = SecurityMonitoringIntegrationType("GOOGLE_WORKSPACE") +SecurityMonitoringIntegrationType.OKTA = SecurityMonitoringIntegrationType("OKTA") +SecurityMonitoringIntegrationType.ENTRA_ID = SecurityMonitoringIntegrationType("ENTRA_ID") diff --git a/src/datadog_api_client/v2/model/signal_entities_attributes.py b/src/datadog_api_client/v2/model/signal_entities_attributes.py new file mode 100644 index 0000000000..fbb94cb7e7 --- /dev/null +++ b/src/datadog_api_client/v2/model/signal_entities_attributes.py @@ -0,0 +1,40 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.signal_entity_identity import SignalEntityIdentity + + +class SignalEntitiesAttributes(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.signal_entity_identity import SignalEntityIdentity + + return { + "identities": ([SignalEntityIdentity],), + } + + attribute_map = { + "identities": "identities", + } + + def __init__(self_, identities: List[SignalEntityIdentity], **kwargs): + """ + Attributes containing the entities related to the signal. + + :param identities: The identity entities related to the signal. Each item is a free-form object describing an identity (for example, a user or principal). + :type identities: [SignalEntityIdentity] + """ + super().__init__(kwargs) + + self_.identities = identities diff --git a/src/datadog_api_client/v2/model/signal_entities_data.py b/src/datadog_api_client/v2/model/signal_entities_data.py new file mode 100644 index 0000000000..ffdbb313ac --- /dev/null +++ b/src/datadog_api_client/v2/model/signal_entities_data.py @@ -0,0 +1,54 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.signal_entities_attributes import SignalEntitiesAttributes + from datadog_api_client.v2.model.signal_entities_type import SignalEntitiesType + + +class SignalEntitiesData(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.signal_entities_attributes import SignalEntitiesAttributes + from datadog_api_client.v2.model.signal_entities_type import SignalEntitiesType + + return { + "attributes": (SignalEntitiesAttributes,), + "id": (str,), + "type": (SignalEntitiesType,), + } + + attribute_map = { + "attributes": "attributes", + "id": "id", + "type": "type", + } + + def __init__(self_, attributes: SignalEntitiesAttributes, id: str, type: SignalEntitiesType, **kwargs): + """ + Entities related to a security signal. + + :param attributes: Attributes containing the entities related to the signal. + :type attributes: SignalEntitiesAttributes + + :param id: The signal ID the entities are associated with. + :type id: str + + :param type: The type of the resource. The value should always be ``entities``. + :type type: SignalEntitiesType + """ + super().__init__(kwargs) + + self_.attributes = attributes + self_.id = id + self_.type = type diff --git a/src/datadog_api_client/v2/model/signal_entities_response.py b/src/datadog_api_client/v2/model/signal_entities_response.py new file mode 100644 index 0000000000..94e3dfc8bf --- /dev/null +++ b/src/datadog_api_client/v2/model/signal_entities_response.py @@ -0,0 +1,40 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.signal_entities_data import SignalEntitiesData + + +class SignalEntitiesResponse(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.signal_entities_data import SignalEntitiesData + + return { + "data": (SignalEntitiesData,), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: SignalEntitiesData, **kwargs): + """ + Response containing entities related to a security signal. + + :param data: Entities related to a security signal. + :type data: SignalEntitiesData + """ + super().__init__(kwargs) + + self_.data = data diff --git a/src/datadog_api_client/v2/model/signal_entities_type.py b/src/datadog_api_client/v2/model/signal_entities_type.py new file mode 100644 index 0000000000..4ec88d07b1 --- /dev/null +++ b/src/datadog_api_client/v2/model/signal_entities_type.py @@ -0,0 +1,35 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class SignalEntitiesType(ModelSimple): + """ + The type of the resource. The value should always be `entities`. + + :param value: If omitted defaults to "entities". Must be one of ["entities"]. + :type value: str + """ + + allowed_values = { + "entities", + } + ENTITIES: ClassVar["SignalEntitiesType"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +SignalEntitiesType.ENTITIES = SignalEntitiesType("entities") diff --git a/src/datadog_api_client/v2/model/signal_entity_identity.py b/src/datadog_api_client/v2/model/signal_entity_identity.py new file mode 100644 index 0000000000..6c16ff4bae --- /dev/null +++ b/src/datadog_api_client/v2/model/signal_entity_identity.py @@ -0,0 +1,17 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelNormal, +) + + +class SignalEntityIdentity(ModelNormal): + def __init__(self_, **kwargs): + """ + An identity entity related to a signal. The set of attributes is dynamic and depends on the source providing the identity. + """ + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/models/__init__.py b/src/datadog_api_client/v2/models/__init__.py index 4f93c7501d..887e6eef35 100644 --- a/src/datadog_api_client/v2/models/__init__.py +++ b/src/datadog_api_client/v2/models/__init__.py @@ -2123,6 +2123,13 @@ from datadog_api_client.v2.model.downtime_update_request_data import DowntimeUpdateRequestData from datadog_api_client.v2.model.epss import EPSS from datadog_api_client.v2.model.entity_attributes import EntityAttributes +from datadog_api_client.v2.model.entity_context_entity import EntityContextEntity +from datadog_api_client.v2.model.entity_context_entity_attributes import EntityContextEntityAttributes +from datadog_api_client.v2.model.entity_context_page import EntityContextPage +from datadog_api_client.v2.model.entity_context_response import EntityContextResponse +from datadog_api_client.v2.model.entity_context_response_meta import EntityContextResponseMeta +from datadog_api_client.v2.model.entity_context_revision import EntityContextRevision +from datadog_api_client.v2.model.entity_context_revision_attributes import EntityContextRevisionAttributes from datadog_api_client.v2.model.entity_data import EntityData from datadog_api_client.v2.model.entity_meta import EntityMeta from datadog_api_client.v2.model.entity_relationships import EntityRelationships @@ -5953,6 +5960,60 @@ from datadog_api_client.v2.model.slo_report_status_get_response import SLOReportStatusGetResponse from datadog_api_client.v2.model.slo_report_status_get_response_attributes import SLOReportStatusGetResponseAttributes from datadog_api_client.v2.model.slo_report_status_get_response_data import SLOReportStatusGetResponseData +from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_attributes import ( + SampleLogGenerationBulkSubscriptionAttributes, +) +from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_data import ( + SampleLogGenerationBulkSubscriptionData, +) +from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_item_meta import ( + SampleLogGenerationBulkSubscriptionItemMeta, +) +from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_request import ( + SampleLogGenerationBulkSubscriptionRequest, +) +from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_request_type import ( + SampleLogGenerationBulkSubscriptionRequestType, +) +from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_response import ( + SampleLogGenerationBulkSubscriptionResponse, +) +from datadog_api_client.v2.model.sample_log_generation_bulk_subscription_result_item import ( + SampleLogGenerationBulkSubscriptionResultItem, +) +from datadog_api_client.v2.model.sample_log_generation_duration import SampleLogGenerationDuration +from datadog_api_client.v2.model.sample_log_generation_subscription_attributes import ( + SampleLogGenerationSubscriptionAttributes, +) +from datadog_api_client.v2.model.sample_log_generation_subscription_create_attributes import ( + SampleLogGenerationSubscriptionCreateAttributes, +) +from datadog_api_client.v2.model.sample_log_generation_subscription_create_data import ( + SampleLogGenerationSubscriptionCreateData, +) +from datadog_api_client.v2.model.sample_log_generation_subscription_create_request import ( + SampleLogGenerationSubscriptionCreateRequest, +) +from datadog_api_client.v2.model.sample_log_generation_subscription_data import SampleLogGenerationSubscriptionData +from datadog_api_client.v2.model.sample_log_generation_subscription_request_type import ( + SampleLogGenerationSubscriptionRequestType, +) +from datadog_api_client.v2.model.sample_log_generation_subscription_resource_type import ( + SampleLogGenerationSubscriptionResourceType, +) +from datadog_api_client.v2.model.sample_log_generation_subscription_response import ( + SampleLogGenerationSubscriptionResponse, +) +from datadog_api_client.v2.model.sample_log_generation_subscription_status import SampleLogGenerationSubscriptionStatus +from datadog_api_client.v2.model.sample_log_generation_subscriptions_response import ( + SampleLogGenerationSubscriptionsResponse, +) +from datadog_api_client.v2.model.sample_log_generation_subscriptions_response_meta import ( + SampleLogGenerationSubscriptionsResponseMeta, +) +from datadog_api_client.v2.model.sample_log_generation_subscriptions_status_filter import ( + SampleLogGenerationSubscriptionsStatusFilter, +) from datadog_api_client.v2.model.sca_request import ScaRequest from datadog_api_client.v2.model.sca_request_data import ScaRequestData from datadog_api_client.v2.model.sca_request_data_attributes import ScaRequestDataAttributes @@ -6140,6 +6201,11 @@ from datadog_api_client.v2.model.security_filter_update_attributes import SecurityFilterUpdateAttributes from datadog_api_client.v2.model.security_filter_update_data import SecurityFilterUpdateData from datadog_api_client.v2.model.security_filter_update_request import SecurityFilterUpdateRequest +from datadog_api_client.v2.model.security_filter_version import SecurityFilterVersion +from datadog_api_client.v2.model.security_filter_version_attributes import SecurityFilterVersionAttributes +from datadog_api_client.v2.model.security_filter_version_entry import SecurityFilterVersionEntry +from datadog_api_client.v2.model.security_filter_version_type import SecurityFilterVersionType +from datadog_api_client.v2.model.security_filter_versions_response import SecurityFilterVersionsResponse from datadog_api_client.v2.model.security_filters_response import SecurityFiltersResponse from datadog_api_client.v2.model.security_findings_attributes import SecurityFindingsAttributes from datadog_api_client.v2.model.security_findings_data import SecurityFindingsData @@ -6214,6 +6280,58 @@ ) from datadog_api_client.v2.model.security_monitoring_filter import SecurityMonitoringFilter from datadog_api_client.v2.model.security_monitoring_filter_action import SecurityMonitoringFilterAction +from datadog_api_client.v2.model.security_monitoring_integration_config_attributes import ( + SecurityMonitoringIntegrationConfigAttributes, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_create_attributes import ( + SecurityMonitoringIntegrationConfigCreateAttributes, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_create_data import ( + SecurityMonitoringIntegrationConfigCreateData, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_create_request import ( + SecurityMonitoringIntegrationConfigCreateRequest, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_data import ( + SecurityMonitoringIntegrationConfigData, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_resource_type import ( + SecurityMonitoringIntegrationConfigResourceType, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_response import ( + SecurityMonitoringIntegrationConfigResponse, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_secrets import ( + SecurityMonitoringIntegrationConfigSecrets, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_settings import ( + SecurityMonitoringIntegrationConfigSettings, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_state import ( + SecurityMonitoringIntegrationConfigState, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_update_attributes import ( + SecurityMonitoringIntegrationConfigUpdateAttributes, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_update_data import ( + SecurityMonitoringIntegrationConfigUpdateData, +) +from datadog_api_client.v2.model.security_monitoring_integration_config_update_request import ( + SecurityMonitoringIntegrationConfigUpdateRequest, +) +from datadog_api_client.v2.model.security_monitoring_integration_configs_response import ( + SecurityMonitoringIntegrationConfigsResponse, +) +from datadog_api_client.v2.model.security_monitoring_integration_credentials_validate_attributes import ( + SecurityMonitoringIntegrationCredentialsValidateAttributes, +) +from datadog_api_client.v2.model.security_monitoring_integration_credentials_validate_data import ( + SecurityMonitoringIntegrationCredentialsValidateData, +) +from datadog_api_client.v2.model.security_monitoring_integration_credentials_validate_request import ( + SecurityMonitoringIntegrationCredentialsValidateRequest, +) +from datadog_api_client.v2.model.security_monitoring_integration_type import SecurityMonitoringIntegrationType from datadog_api_client.v2.model.security_monitoring_list_rules_response import SecurityMonitoringListRulesResponse from datadog_api_client.v2.model.security_monitoring_paginated_suppressions_response import ( SecurityMonitoringPaginatedSuppressionsResponse, @@ -6767,6 +6885,11 @@ from datadog_api_client.v2.model.shift_data_relationships_user_data_type import ShiftDataRelationshipsUserDataType from datadog_api_client.v2.model.shift_data_type import ShiftDataType from datadog_api_client.v2.model.shift_included import ShiftIncluded +from datadog_api_client.v2.model.signal_entities_attributes import SignalEntitiesAttributes +from datadog_api_client.v2.model.signal_entities_data import SignalEntitiesData +from datadog_api_client.v2.model.signal_entities_response import SignalEntitiesResponse +from datadog_api_client.v2.model.signal_entities_type import SignalEntitiesType +from datadog_api_client.v2.model.signal_entity_identity import SignalEntityIdentity from datadog_api_client.v2.model.simple_monitor_user_template import SimpleMonitorUserTemplate from datadog_api_client.v2.model.single_aggregated_connection_response_array import ( SingleAggregatedConnectionResponseArray, @@ -9613,6 +9736,13 @@ "DowntimeUpdateRequestData", "EPSS", "EntityAttributes", + "EntityContextEntity", + "EntityContextEntityAttributes", + "EntityContextPage", + "EntityContextResponse", + "EntityContextResponseMeta", + "EntityContextRevision", + "EntityContextRevisionAttributes", "EntityData", "EntityMeta", "EntityRelationships", @@ -12315,6 +12445,26 @@ "SLOReportStatusGetResponse", "SLOReportStatusGetResponseAttributes", "SLOReportStatusGetResponseData", + "SampleLogGenerationBulkSubscriptionAttributes", + "SampleLogGenerationBulkSubscriptionData", + "SampleLogGenerationBulkSubscriptionItemMeta", + "SampleLogGenerationBulkSubscriptionRequest", + "SampleLogGenerationBulkSubscriptionRequestType", + "SampleLogGenerationBulkSubscriptionResponse", + "SampleLogGenerationBulkSubscriptionResultItem", + "SampleLogGenerationDuration", + "SampleLogGenerationSubscriptionAttributes", + "SampleLogGenerationSubscriptionCreateAttributes", + "SampleLogGenerationSubscriptionCreateData", + "SampleLogGenerationSubscriptionCreateRequest", + "SampleLogGenerationSubscriptionData", + "SampleLogGenerationSubscriptionRequestType", + "SampleLogGenerationSubscriptionResourceType", + "SampleLogGenerationSubscriptionResponse", + "SampleLogGenerationSubscriptionStatus", + "SampleLogGenerationSubscriptionsResponse", + "SampleLogGenerationSubscriptionsResponseMeta", + "SampleLogGenerationSubscriptionsStatusFilter", "ScaRequest", "ScaRequestData", "ScaRequestDataAttributes", @@ -12460,6 +12610,11 @@ "SecurityFilterUpdateAttributes", "SecurityFilterUpdateData", "SecurityFilterUpdateRequest", + "SecurityFilterVersion", + "SecurityFilterVersionAttributes", + "SecurityFilterVersionEntry", + "SecurityFilterVersionType", + "SecurityFilterVersionsResponse", "SecurityFiltersResponse", "SecurityFindingsAttributes", "SecurityFindingsData", @@ -12496,6 +12651,24 @@ "SecurityMonitoringCriticalAssetsResponse", "SecurityMonitoringFilter", "SecurityMonitoringFilterAction", + "SecurityMonitoringIntegrationConfigAttributes", + "SecurityMonitoringIntegrationConfigCreateAttributes", + "SecurityMonitoringIntegrationConfigCreateData", + "SecurityMonitoringIntegrationConfigCreateRequest", + "SecurityMonitoringIntegrationConfigData", + "SecurityMonitoringIntegrationConfigResourceType", + "SecurityMonitoringIntegrationConfigResponse", + "SecurityMonitoringIntegrationConfigSecrets", + "SecurityMonitoringIntegrationConfigSettings", + "SecurityMonitoringIntegrationConfigState", + "SecurityMonitoringIntegrationConfigUpdateAttributes", + "SecurityMonitoringIntegrationConfigUpdateData", + "SecurityMonitoringIntegrationConfigUpdateRequest", + "SecurityMonitoringIntegrationConfigsResponse", + "SecurityMonitoringIntegrationCredentialsValidateAttributes", + "SecurityMonitoringIntegrationCredentialsValidateData", + "SecurityMonitoringIntegrationCredentialsValidateRequest", + "SecurityMonitoringIntegrationType", "SecurityMonitoringListRulesResponse", "SecurityMonitoringPaginatedSuppressionsResponse", "SecurityMonitoringReferenceTable", @@ -12827,6 +13000,11 @@ "ShiftDataRelationshipsUserDataType", "ShiftDataType", "ShiftIncluded", + "SignalEntitiesAttributes", + "SignalEntitiesData", + "SignalEntitiesResponse", + "SignalEntitiesType", + "SignalEntityIdentity", "SimpleMonitorUserTemplate", "SingleAggregatedConnectionResponseArray", "SingleAggregatedConnectionResponseData", diff --git a/tests/v2/features/security_monitoring.feature b/tests/v2/features/security_monitoring.feature index ff9964a900..485a947631 100644 --- a/tests/v2/features/security_monitoring.feature +++ b/tests/v2/features/security_monitoring.feature @@ -142,6 +142,22 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Bulk subscribe to sample log generation returns "Bad Request" response + Given operation "BulkCreateSampleLogGenerationSubscriptions" enabled + And new "BulkCreateSampleLogGenerationSubscriptions" request + And body with value {"data": {"attributes": {"content_pack_ids": ["aws-cloudtrail"], "duration": "3d"}, "type": "bulk_subscription_requests"}} + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Bulk subscribe to sample log generation returns "OK" response + Given operation "BulkCreateSampleLogGenerationSubscriptions" enabled + And new "BulkCreateSampleLogGenerationSubscriptions" request + And body with value {"data": {"attributes": {"content_pack_ids": ["aws-cloudtrail"], "duration": "3d"}, "type": "bulk_subscription_requests"}} + When the request is sent + Then the response status is 200 OK + @skip @team:DataDog/k9-cloud-siem Scenario: Bulk update security signals returns "Bad Request" response Given new "BulkEditSecurityMonitoringSignals" request @@ -721,6 +737,22 @@ Feature: Security Monitoring And the response "data.attributes.rule_query" is equal to "type:log_detection source:cloudtrail" And the response "data.attributes.data_exclusion_query" is equal to "account_id:12345" + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Create an entity context sync configuration returns "Bad Request" response + Given operation "CreateSecurityMonitoringIntegrationConfig" enabled + And new "CreateSecurityMonitoringIntegrationConfig" request + And body with value {"data": {"attributes": {"domain": "siem-test.com", "integration_type": "GOOGLE_WORKSPACE", "name": "My GWS Integration", "secrets": {"admin_email": "test@example.com"}, "settings": {"setting1": "value1"}}, "type": "integration_config"}} + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Create an entity context sync configuration returns "OK" response + Given operation "CreateSecurityMonitoringIntegrationConfig" enabled + And new "CreateSecurityMonitoringIntegrationConfig" request + And body with value {"data": {"attributes": {"domain": "siem-test.com", "integration_type": "GOOGLE_WORKSPACE", "name": "My GWS Integration", "secrets": {"admin_email": "test@example.com"}, "settings": {"setting1": "value1"}}, "type": "integration_config"}} + When the request is sent + Then the response status is 200 OK + @team:DataDog/k9-investigation Scenario: Create case for security finding returns "Created" response Given new "CreateCases" request @@ -911,6 +943,22 @@ Feature: Security Monitoring When the request is sent Then the response status is 204 Rule successfully deleted. + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Delete an entity context sync configuration returns "Not Found" response + Given operation "DeleteSecurityMonitoringIntegrationConfig" enabled + And new "DeleteSecurityMonitoringIntegrationConfig" request + And request contains "integration_config_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 404 Not Found + + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Delete an entity context sync configuration returns "OK" response + Given operation "DeleteSecurityMonitoringIntegrationConfig" enabled + And new "DeleteSecurityMonitoringIntegrationConfig" request + And request contains "integration_config_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 204 OK + @team:DataDog/k9-cloud-siem Scenario: Delete an existing job returns "Bad Request" response Given operation "DeleteHistoricalJob" enabled @@ -1398,6 +1446,22 @@ Feature: Security Monitoring Then the response status is 200 OK And the response "data[0].attributes.name" is equal to "suppression2 {{ unique_hash }}" + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Get an entity context sync configuration returns "Not Found" response + Given operation "GetSecurityMonitoringIntegrationConfig" enabled + And new "GetSecurityMonitoringIntegrationConfig" request + And request contains "integration_config_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 404 Not Found + + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Get an entity context sync configuration returns "OK" response + Given operation "GetSecurityMonitoringIntegrationConfig" enabled + And new "GetSecurityMonitoringIntegrationConfig" request + And request contains "integration_config_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 200 OK + @generated @skip @team:DataDog/k9-cloud-siem Scenario: Get an indicator of compromise returns "Bad Request" response Given operation "GetIndicatorOfCompromise" enabled @@ -1495,6 +1559,44 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 Notification rule details. + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Get entities related to a signal returns "Bad Request" response + Given operation "GetSignalEntities" enabled + And new "GetSignalEntities" request + And request contains "signal_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Get entities related to a signal returns "Not Found" response + Given operation "GetSignalEntities" enabled + And new "GetSignalEntities" request + And request contains "signal_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 404 Not Found + + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Get entities related to a signal returns "OK" response + Given operation "GetSignalEntities" enabled + And new "GetSignalEntities" request + And request contains "signal_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 200 OK + + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Get entity context returns "Bad Request" response + Given operation "GetEntityContext" enabled + And new "GetEntityContext" request + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Get entity context returns "OK" response + Given operation "GetEntityContext" enabled + And new "GetEntityContext" request + When the request is sent + Then the response status is 200 OK + @generated @skip @team:DataDog/k9-cloud-siem Scenario: Get investigation queries for a signal returns "Not Found" response Given new "GetInvestigationLogQueriesMatchingSignal" request @@ -1527,6 +1629,20 @@ Feature: Security Monitoring And the response "data.attributes.count" is equal to 1 And the response "data.attributes.data[1].rule.name" has the same value as "security_rule.name" + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Get sample log generation subscriptions returns "Bad Request" response + Given operation "ListSampleLogGenerationSubscriptions" enabled + And new "ListSampleLogGenerationSubscriptions" request + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Get sample log generation subscriptions returns "OK" response + Given operation "ListSampleLogGenerationSubscriptions" enabled + And new "ListSampleLogGenerationSubscriptions" request + When the request is sent + Then the response status is 200 OK + @generated @skip @team:DataDog/k9-cloud-siem Scenario: Get suggested actions for a signal returns "Not Found" response Given new "GetSuggestedActionsMatchingSignal" request @@ -1593,6 +1709,12 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 The list of notification rules. + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Get the version history of security filters returns "OK" response + Given new "ListSecurityFilterVersions" request + When the request is sent + Then the response status is 200 OK + @generated @skip @team:DataDog/k9-cloud-vm Scenario: List assets SBOMs returns "Bad request: The server cannot process the request due to invalid syntax in the request." response Given new "ListAssetsSBOMs" request @@ -1621,6 +1743,13 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: List entity context sync configurations returns "OK" response + Given operation "ListSecurityMonitoringIntegrationConfigs" enabled + And new "ListSecurityMonitoringIntegrationConfigs" request + When the request is sent + Then the response status is 200 OK + @generated @skip @team:DataDog/cloud-security-posture-management Scenario: List findings returns "Bad Request: The server cannot process the request due to invalid syntax in the request." response Given operation "ListFindings" enabled @@ -2109,6 +2238,22 @@ Feature: Security Monitoring And the response "meta.page" has field "after" And the response "links" has field "next" + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Subscribe to sample log generation returns "Bad Request" response + Given operation "CreateSampleLogGenerationSubscription" enabled + And new "CreateSampleLogGenerationSubscription" request + And body with value {"data": {"attributes": {"content_pack_id": "aws-cloudtrail", "duration": "3d"}, "type": "subscription_requests"}} + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Subscribe to sample log generation returns "OK" response + Given operation "CreateSampleLogGenerationSubscription" enabled + And new "CreateSampleLogGenerationSubscription" request + And body with value {"data": {"attributes": {"content_pack_id": "aws-cloudtrail", "duration": "3d"}, "type": "subscription_requests"}} + When the request is sent + Then the response status is 200 OK + @skip @team:DataDog/k9-cloud-siem Scenario: Test a rule returns "Bad Request" response Given new "TestSecurityMonitoringRule" request @@ -2179,6 +2324,22 @@ Feature: Security Monitoring When the request is sent Then the response status is 422 Unprocessable Entity + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Unsubscribe from sample log generation returns "Bad Request" response + Given operation "DeleteSampleLogGenerationSubscription" enabled + And new "DeleteSampleLogGenerationSubscription" request + And request contains "content_pack_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Unsubscribe from sample log generation returns "OK" response + Given operation "DeleteSampleLogGenerationSubscription" enabled + And new "DeleteSampleLogGenerationSubscription" request + And request contains "content_pack_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 200 OK + @skip-validation @team:DataDog/k9-cloud-siem Scenario: Update a cloud configuration rule's details returns "OK" response Given new "UpdateSecurityMonitoringRule" request @@ -2318,6 +2479,33 @@ Feature: Security Monitoring And the response "data.attributes.suppression_query" is equal to "env:staging status:low" And the response "data.attributes.version" is equal to 2 + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Update an entity context sync configuration returns "Bad Request" response + Given operation "UpdateSecurityMonitoringIntegrationConfig" enabled + And new "UpdateSecurityMonitoringIntegrationConfig" request + And request contains "integration_config_id" parameter from "REPLACE.ME" + And body with value {"data": {"attributes": {"domain": "siem-test.com", "enabled": true, "integration_type": "GOOGLE_WORKSPACE", "name": "My GWS Integration (renamed)", "secrets": {"admin_email": "test@example.com"}, "settings": {"setting1": "value1"}}, "type": "integration_config"}} + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Update an entity context sync configuration returns "Not Found" response + Given operation "UpdateSecurityMonitoringIntegrationConfig" enabled + And new "UpdateSecurityMonitoringIntegrationConfig" request + And request contains "integration_config_id" parameter from "REPLACE.ME" + And body with value {"data": {"attributes": {"domain": "siem-test.com", "enabled": true, "integration_type": "GOOGLE_WORKSPACE", "name": "My GWS Integration (renamed)", "secrets": {"admin_email": "test@example.com"}, "settings": {"setting1": "value1"}}, "type": "integration_config"}} + When the request is sent + Then the response status is 404 Not Found + + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Update an entity context sync configuration returns "OK" response + Given operation "UpdateSecurityMonitoringIntegrationConfig" enabled + And new "UpdateSecurityMonitoringIntegrationConfig" request + And request contains "integration_config_id" parameter from "REPLACE.ME" + And body with value {"data": {"attributes": {"domain": "siem-test.com", "enabled": true, "integration_type": "GOOGLE_WORKSPACE", "name": "My GWS Integration (renamed)", "secrets": {"admin_email": "test@example.com"}, "settings": {"setting1": "value1"}}, "type": "integration_config"}} + When the request is sent + Then the response status is 200 OK + @skip-validation @team:DataDog/k9-cloud-siem Scenario: Update an existing rule returns "Bad Request" response Given new "UpdateSecurityMonitoringRule" request @@ -2425,3 +2613,43 @@ Feature: Security Monitoring And body with value {"data": {"attributes": {"data_exclusion_query": "source:cloudtrail account_id:12345", "description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail"}, "type": "suppressions"}} When the request is sent Then the response status is 204 OK + + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Validate an entity context sync configuration returns "Bad Request" response + Given operation "ValidateSecurityMonitoringIntegrationConfig" enabled + And new "ValidateSecurityMonitoringIntegrationConfig" request + And request contains "integration_config_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Validate an entity context sync configuration returns "Not Found" response + Given operation "ValidateSecurityMonitoringIntegrationConfig" enabled + And new "ValidateSecurityMonitoringIntegrationConfig" request + And request contains "integration_config_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 404 Not Found + + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Validate an entity context sync configuration returns "OK" response + Given operation "ValidateSecurityMonitoringIntegrationConfig" enabled + And new "ValidateSecurityMonitoringIntegrationConfig" request + And request contains "integration_config_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 200 OK + + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Validate entity context sync credentials returns "Bad Request" response + Given operation "ValidateSecurityMonitoringIntegrationCredentials" enabled + And new "ValidateSecurityMonitoringIntegrationCredentials" request + And body with value {"data": {"attributes": {"domain": "siem-test.com", "integration_type": "GOOGLE_WORKSPACE", "secrets": {"admin_email": "test@example.com"}}, "type": "integration_config"}} + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Validate entity context sync credentials returns "OK" response + Given operation "ValidateSecurityMonitoringIntegrationCredentials" enabled + And new "ValidateSecurityMonitoringIntegrationCredentials" request + And body with value {"data": {"attributes": {"domain": "siem-test.com", "integration_type": "GOOGLE_WORKSPACE", "secrets": {"admin_email": "test@example.com"}}, "type": "integration_config"}} + When the request is sent + Then the response status is 200 OK diff --git a/tests/v2/features/undo.json b/tests/v2/features/undo.json index e676facc99..7a8309d2ce 100644 --- a/tests/v2/features/undo.json +++ b/tests/v2/features/undo.json @@ -6231,6 +6231,55 @@ "type": "idempotent" } }, + "ListSecurityMonitoringIntegrationConfigs": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "CreateSecurityMonitoringIntegrationConfig": { + "tag": "Security Monitoring", + "undo": { + "operationId": "DeleteSecurityMonitoringIntegrationConfig", + "parameters": [ + { + "name": "integration_config_id", + "source": "data.id" + } + ], + "type": "unsafe" + } + }, + "ValidateSecurityMonitoringIntegrationCredentials": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "DeleteSecurityMonitoringIntegrationConfig": { + "tag": "Security Monitoring", + "undo": { + "type": "idempotent" + } + }, + "GetSecurityMonitoringIntegrationConfig": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "UpdateSecurityMonitoringIntegrationConfig": { + "tag": "Security Monitoring", + "undo": { + "type": "idempotent" + } + }, + "ValidateSecurityMonitoringIntegrationConfig": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, "ListSecurityFilters": { "tag": "Security Monitoring", "undo": { @@ -6250,6 +6299,12 @@ "type": "unsafe" } }, + "ListSecurityFilterVersions": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, "DeleteSecurityFilter": { "tag": "Security Monitoring", "undo": { @@ -6347,6 +6402,12 @@ "type": "idempotent" } }, + "GetEntityContext": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, "ListSecurityMonitoringRules": { "tag": "Security Monitoring", "undo": { @@ -6432,6 +6493,37 @@ "type": "safe" } }, + "ListSampleLogGenerationSubscriptions": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "CreateSampleLogGenerationSubscription": { + "tag": "Security Monitoring", + "undo": { + "operationId": "DeleteSampleLogGenerationSubscription", + "parameters": [ + { + "name": "content_pack_id", + "source": "data.attributes.content_pack_id" + } + ], + "type": "unsafe" + } + }, + "BulkCreateSampleLogGenerationSubscriptions": { + "tag": "Security Monitoring", + "undo": { + "type": "idempotent" + } + }, + "DeleteSampleLogGenerationSubscription": { + "tag": "Security Monitoring", + "undo": { + "type": "idempotent" + } + }, "ListSecurityMonitoringSignals": { "tag": "Security Monitoring", "undo": { @@ -6474,6 +6566,12 @@ "type": "idempotent" } }, + "GetSignalEntities": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, "EditSecurityMonitoringSignalIncidents": { "tag": "Security Monitoring", "undo": {