Class: DatadogAPIClient::V2::SecurityMonitoringAPI

Inherits:

Object

• Object
• DatadogAPIClient::V2::SecurityMonitoringAPI

Defined in:

lib/datadog_api_client/v2/api/security_monitoring_api.rb

Instance Attribute Summary

• #api_client ⇒ Object

  Returns the value of attribute api_client.

Instance Method Summary

• #attach_case(case_id, body, opts = {}) ⇒ Object

  Attach security findings to a case.

• #attach_case_with_http_info(case_id, body, opts = {}) ⇒ Array<(FindingCaseResponse, Integer, Hash)>

  Attach security findings to a case.

• #attach_jira_issue(body, opts = {}) ⇒ Object

  Attach security findings to a Jira issue.

• #attach_jira_issue_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponse, Integer, Hash)>

  Attach security findings to a Jira issue.

• #cancel_threat_hunting_job(job_id, opts = {}) ⇒ Object

  Cancel a threat hunting job.

• #cancel_threat_hunting_job_with_http_info(job_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Cancel a threat hunting job.

• #convert_existing_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

  Convert an existing rule from JSON to Terraform.

• #convert_existing_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>

  Convert an existing rule from JSON to Terraform.

• #convert_job_result_to_signal(body, opts = {}) ⇒ Object

  Convert a job result to a signal.

• #convert_job_result_to_signal_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Convert a job result to a signal.

• #convert_security_monitoring_rule_from_json_to_terraform(body, opts = {}) ⇒ Object

  Convert a rule from JSON to Terraform.

• #convert_security_monitoring_rule_from_json_to_terraform_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>

  Convert a rule from JSON to Terraform.

• #create_cases(body, opts = {}) ⇒ Object

  Create cases for security findings.

• #create_cases_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponseArray, Integer, Hash)>

  Create cases for security findings.

• #create_custom_framework(body, opts = {}) ⇒ Object

  Create a custom framework.

• #create_custom_framework_with_http_info(body, opts = {}) ⇒ Array<(CreateCustomFrameworkResponse, Integer, Hash)>

  Create a custom framework.

• #create_jira_issues(body, opts = {}) ⇒ Object

  Create Jira issues for security findings.

• #create_jira_issues_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponseArray, Integer, Hash)>

  Create Jira issues for security findings.

• #create_security_filter(body, opts = {}) ⇒ Object

  Create a security filter.

• #create_security_filter_with_http_info(body, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

  Create a security filter.

• #create_security_monitoring_critical_asset(body, opts = {}) ⇒ Object

  Create a critical asset.

• #create_security_monitoring_critical_asset_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

  Create a critical asset.

• #create_security_monitoring_rule(body, opts = {}) ⇒ Object

  Create a detection rule.

• #create_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

  Create a detection rule.

• #create_security_monitoring_suppression(body, opts = {}) ⇒ Object

  Create a suppression rule.

• #create_security_monitoring_suppression_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

  Create a suppression rule.

• #create_signal_notification_rule(body, opts = {}) ⇒ Object

  Create a new signal-based notification rule.

• #create_signal_notification_rule_with_http_info(body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Create a new signal-based notification rule.

• #create_vulnerability_notification_rule(body, opts = {}) ⇒ Object

  Create a new vulnerability-based notification rule.

• #create_vulnerability_notification_rule_with_http_info(body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Create a new vulnerability-based notification rule.

• #delete_custom_framework(handle, version, opts = {}) ⇒ Object

  Delete a custom framework.

• #delete_custom_framework_with_http_info(handle, version, opts = {}) ⇒ Array<(DeleteCustomFrameworkResponse, Integer, Hash)>

  Delete a custom framework.

• #delete_security_filter(security_filter_id, opts = {}) ⇒ Object

  Delete a security filter.

• #delete_security_filter_with_http_info(security_filter_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a security filter.

• #delete_security_monitoring_critical_asset(critical_asset_id, opts = {}) ⇒ Object

  Delete a critical asset.

• #delete_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a critical asset.

• #delete_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

  Delete an existing rule.

• #delete_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete an existing rule.

• #delete_security_monitoring_suppression(suppression_id, opts = {}) ⇒ Object

  Delete a suppression rule.

• #delete_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a suppression rule.

• #delete_signal_notification_rule(id, opts = {}) ⇒ Object

  Delete a signal-based notification rule.

• #delete_signal_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a signal-based notification rule.

• #delete_threat_hunting_job(job_id, opts = {}) ⇒ Object

  Delete an existing job.

• #delete_threat_hunting_job_with_http_info(job_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete an existing job.

• #delete_vulnerability_notification_rule(id, opts = {}) ⇒ Object

  Delete a vulnerability-based notification rule.

• #delete_vulnerability_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a vulnerability-based notification rule.

• #detach_case(body, opts = {}) ⇒ Object

  Detach security findings from their case.

• #detach_case_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Detach security findings from their case.

• #edit_security_monitoring_signal_assignee(signal_id, body, opts = {}) ⇒ Object

  Modify the triage assignee of a security signal.

• #edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

  Modify the triage assignee of a security signal.

• #edit_security_monitoring_signal_incidents(signal_id, body, opts = {}) ⇒ Object

  Change the related incidents of a security signal.

• #edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

  Change the related incidents of a security signal.

• #edit_security_monitoring_signal_state(signal_id, body, opts = {}) ⇒ Object

  Change the triage state of a security signal.

• #edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

  Change the triage state of a security signal.

• #get_critical_assets_affecting_rule(rule_id, opts = {}) ⇒ Object

  Get critical assets affecting a specific rule.

• #get_critical_assets_affecting_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>

  Get critical assets affecting a specific rule.

• #get_custom_framework(handle, version, opts = {}) ⇒ Object

  Get a custom framework.

• #get_custom_framework_with_http_info(handle, version, opts = {}) ⇒ Array<(GetCustomFrameworkResponse, Integer, Hash)>

  Get a custom framework.

• #get_finding(finding_id, opts = {}) ⇒ Object

  Get a finding.

• #get_finding_with_http_info(finding_id, opts = {}) ⇒ Array<(GetFindingResponse, Integer, Hash)>

  Get a finding.

• #get_resource_evaluation_filters(opts = {}) ⇒ Object

  List resource filters.

• #get_resource_evaluation_filters_with_http_info(opts = {}) ⇒ Array<(GetResourceEvaluationFiltersResponse, Integer, Hash)>

  List resource filters.

• #get_rule_version_history(rule_id, opts = {}) ⇒ Object

  Get a rule’s version history.

• #get_rule_version_history_with_http_info(rule_id, opts = {}) ⇒ Array<(GetRuleVersionHistoryResponse, Integer, Hash)>

  Get a rule’s version history.

• #get_sbom(asset_type, filter_asset_name, opts = {}) ⇒ Object

  Get SBOM.

• #get_sbom_with_http_info(asset_type, filter_asset_name, opts = {}) ⇒ Array<(GetSBOMResponse, Integer, Hash)>

  Get SBOM.

• #get_secrets_rules(opts = {}) ⇒ Object

  Returns a list of Secrets rules.

• #get_secrets_rules_with_http_info(opts = {}) ⇒ Array<(SecretRuleArray, Integer, Hash)>

  Returns a list of Secrets rules.

• #get_security_filter(security_filter_id, opts = {}) ⇒ Object

  Get a security filter.

• #get_security_filter_with_http_info(security_filter_id, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

  Get a security filter.

• #get_security_monitoring_critical_asset(critical_asset_id, opts = {}) ⇒ Object

  Get a critical asset.

• #get_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

  Get a critical asset.

• #get_security_monitoring_histsignal(histsignal_id, opts = {}) ⇒ Object

  Get a hist signal’s details.

• #get_security_monitoring_histsignal_with_http_info(histsignal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalResponse, Integer, Hash)>

  Get a hist signal’s details.

• #get_security_monitoring_histsignals_by_job_id(job_id, opts = {}) ⇒ Object

  Get a job’s hist signals.

• #get_security_monitoring_histsignals_by_job_id_with_http_info(job_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  Get a job’s hist signals.

• #get_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

  Get a rule’s details.

• #get_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

  Get a rule’s details.

• #get_security_monitoring_signal(signal_id, opts = {}) ⇒ Object

  Get a signal’s details.

• #get_security_monitoring_signal_with_http_info(signal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalResponse, Integer, Hash)>

  Get a signal’s details.

• #get_security_monitoring_suppression(suppression_id, opts = {}) ⇒ Object

  Get a suppression rule.

• #get_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

  Get a suppression rule.

• #get_signal_notification_rule(id, opts = {}) ⇒ Object

  Get details of a signal-based notification rule.

• #get_signal_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Get details of a signal-based notification rule.

• #get_signal_notification_rules(opts = {}) ⇒ Object

  Get the list of signal-based notification rules.

• #get_signal_notification_rules_with_http_info(opts = {}) ⇒ Array<(Object, Integer, Hash)>

  Get the list of signal-based notification rules.

• #get_suppression_version_history(suppression_id, opts = {}) ⇒ Object

  Get a suppression’s version history.

• #get_suppression_version_history_with_http_info(suppression_id, opts = {}) ⇒ Array<(GetSuppressionVersionHistoryResponse, Integer, Hash)>

  Get a suppression’s version history.

• #get_suppressions_affecting_future_rule(body, opts = {}) ⇒ Object

  Get suppressions affecting future rule.

• #get_suppressions_affecting_future_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>

  Get suppressions affecting future rule.

• #get_suppressions_affecting_rule(rule_id, opts = {}) ⇒ Object

  Get suppressions affecting a specific rule.

• #get_suppressions_affecting_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>

  Get suppressions affecting a specific rule.

• #get_threat_hunting_job(job_id, opts = {}) ⇒ Object

  Get a job’s details.

• #get_threat_hunting_job_with_http_info(job_id, opts = {}) ⇒ Array<(ThreatHuntingJobResponse, Integer, Hash)>

  Get a job’s details.

• #get_vulnerability_notification_rule(id, opts = {}) ⇒ Object

  Get details of a vulnerability notification rule.

• #get_vulnerability_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Get details of a vulnerability notification rule.

• #get_vulnerability_notification_rules(opts = {}) ⇒ Object

  Get the list of vulnerability notification rules.

• #get_vulnerability_notification_rules_with_http_info(opts = {}) ⇒ Array<(Object, Integer, Hash)>

  Get the list of vulnerability notification rules.

• #initialize(api_client = DatadogAPIClient::APIClient.default) ⇒ SecurityMonitoringAPI constructor

  A new instance of SecurityMonitoringAPI.

• #list_assets_sbo_ms(opts = {}) ⇒ Object

  List assets SBOMs.

• #list_assets_sbo_ms_with_http_info(opts = {}) ⇒ Array<(ListAssetsSBOMsResponse, Integer, Hash)>

  List assets SBOMs.

• #list_findings(opts = {}) ⇒ Object

  List findings.

• #list_findings_with_http_info(opts = {}) ⇒ Array<(ListFindingsResponse, Integer, Hash)>

  List findings.

• #list_findings_with_pagination(opts = {}) {|Finding| ... } ⇒ Object

  List findings.

• #list_multiple_rulesets(body, opts = {}) ⇒ Object

  Ruleset get multiple.

• #list_multiple_rulesets_with_http_info(body, opts = {}) ⇒ Array<(GetMultipleRulesetsResponse, Integer, Hash)>

  Ruleset get multiple.

• #list_scanned_assets_metadata(opts = {}) ⇒ Object

  List scanned assets metadata.

• #list_scanned_assets_metadata_with_http_info(opts = {}) ⇒ Array<(ScannedAssetsMetadata, Integer, Hash)>

  List scanned assets metadata.

• #list_security_filters(opts = {}) ⇒ Object

  Get all security filters.

• #list_security_filters_with_http_info(opts = {}) ⇒ Array<(SecurityFiltersResponse, Integer, Hash)>

  Get all security filters.

• #list_security_findings(opts = {}) ⇒ Object

  List security findings.

• #list_security_findings_with_http_info(opts = {}) ⇒ Array<(ListSecurityFindingsResponse, Integer, Hash)>

  List security findings.

• #list_security_findings_with_pagination(opts = {}) {|SecurityFindingsData| ... } ⇒ Object

  List security findings.

• #list_security_monitoring_critical_assets(opts = {}) ⇒ Object

  Get all critical assets.

• #list_security_monitoring_critical_assets_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>

  Get all critical assets.

• #list_security_monitoring_histsignals(opts = {}) ⇒ Object

  List hist signals.

• #list_security_monitoring_histsignals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  List hist signals.

• #list_security_monitoring_rules(opts = {}) ⇒ Object

  List rules.

• #list_security_monitoring_rules_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringListRulesResponse, Integer, Hash)>

  List rules.

• #list_security_monitoring_signals(opts = {}) ⇒ Object

  Get a quick list of security signals.

• #list_security_monitoring_signals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  Get a quick list of security signals.

• #list_security_monitoring_signals_with_pagination(opts = {}) {|SecurityMonitoringSignal| ... } ⇒ Object

  Get a quick list of security signals.

• #list_security_monitoring_suppressions(opts = {}) ⇒ Object

  Get all suppression rules.

• #list_security_monitoring_suppressions_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>

  Get all suppression rules.

• #list_threat_hunting_jobs(opts = {}) ⇒ Object

  List threat hunting jobs.

• #list_threat_hunting_jobs_with_http_info(opts = {}) ⇒ Array<(ListThreatHuntingJobsResponse, Integer, Hash)>

  List threat hunting jobs.

• #list_vulnerabilities(opts = {}) ⇒ Object

  List vulnerabilities.

• #list_vulnerabilities_with_http_info(opts = {}) ⇒ Array<(ListVulnerabilitiesResponse, Integer, Hash)>

  List vulnerabilities.

• #list_vulnerable_assets(opts = {}) ⇒ Object

  List vulnerable assets.

• #list_vulnerable_assets_with_http_info(opts = {}) ⇒ Array<(ListVulnerableAssetsResponse, Integer, Hash)>

  List vulnerable assets.

• #mute_findings(body, opts = {}) ⇒ Object

  Mute or unmute a batch of findings.

• #mute_findings_with_http_info(body, opts = {}) ⇒ Array<(BulkMuteFindingsResponse, Integer, Hash)>

  Mute or unmute a batch of findings.

• #patch_signal_notification_rule(id, body, opts = {}) ⇒ Object

  Patch a signal-based notification rule.

• #patch_signal_notification_rule_with_http_info(id, body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Patch a signal-based notification rule.

• #patch_vulnerability_notification_rule(id, body, opts = {}) ⇒ Object

  Patch a vulnerability-based notification rule.

• #patch_vulnerability_notification_rule_with_http_info(id, body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Patch a vulnerability-based notification rule.

• #run_threat_hunting_job(body, opts = {}) ⇒ Object

  Run a threat hunting job.

• #run_threat_hunting_job_with_http_info(body, opts = {}) ⇒ Array<(JobCreateResponse, Integer, Hash)>

  Run a threat hunting job.

• #search_security_findings(body, opts = {}) ⇒ Object

  Search security findings.

• #search_security_findings_with_http_info(body, opts = {}) ⇒ Array<(ListSecurityFindingsResponse, Integer, Hash)>

  Search security findings.

• #search_security_findings_with_pagination(body, opts = {}) {|SecurityFindingsData| ... } ⇒ Object

  Search security findings.

• #search_security_monitoring_histsignals(opts = {}) ⇒ Object

  Search hist signals.

• #search_security_monitoring_histsignals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  Search hist signals.

• #search_security_monitoring_signals(opts = {}) ⇒ Object

  Get a list of security signals.

• #search_security_monitoring_signals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  Get a list of security signals.

• #search_security_monitoring_signals_with_pagination(opts = {}) {|SecurityMonitoringSignal| ... } ⇒ Object

  Get a list of security signals.

• #test_existing_security_monitoring_rule(rule_id, body, opts = {}) ⇒ Object

  Test an existing rule.

• #test_existing_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) ⇒ Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>

  Test an existing rule.

• #test_security_monitoring_rule(body, opts = {}) ⇒ Object

  Test a rule.

• #test_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>

  Test a rule.

• #update_custom_framework(handle, version, body, opts = {}) ⇒ Object

  Update a custom framework.

• #update_custom_framework_with_http_info(handle, version, body, opts = {}) ⇒ Array<(UpdateCustomFrameworkResponse, Integer, Hash)>

  Update a custom framework.

• #update_resource_evaluation_filters(body, opts = {}) ⇒ Object

  Update resource filters.

• #update_resource_evaluation_filters_with_http_info(body, opts = {}) ⇒ Array<(UpdateResourceEvaluationFiltersResponse, Integer, Hash)>

  Update resource filters.

• #update_security_filter(security_filter_id, body, opts = {}) ⇒ Object

  Update a security filter.

• #update_security_filter_with_http_info(security_filter_id, body, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

  Update a security filter.

• #update_security_monitoring_critical_asset(critical_asset_id, body, opts = {}) ⇒ Object

  Update a critical asset.

• #update_security_monitoring_critical_asset_with_http_info(critical_asset_id, body, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

  Update a critical asset.

• #update_security_monitoring_rule(rule_id, body, opts = {}) ⇒ Object

  Update an existing rule.

• #update_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

  Update an existing rule.

• #update_security_monitoring_suppression(suppression_id, body, opts = {}) ⇒ Object

  Update a suppression rule.

• #update_security_monitoring_suppression_with_http_info(suppression_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

  Update a suppression rule.

• #validate_security_monitoring_rule(body, opts = {}) ⇒ Object

  Validate a detection rule.

• #validate_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Validate a detection rule.

• #validate_security_monitoring_suppression(body, opts = {}) ⇒ Object

  Validate a suppression rule.

• #validate_security_monitoring_suppression_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Validate a suppression rule.

Constructor Details

#initialize(api_client = DatadogAPIClient::APIClient.default) ⇒ SecurityMonitoringAPI

Returns a new instance of SecurityMonitoringAPI.

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 22

def initialize(api_client = DatadogAPIClient::APIClient.default)
  @api_client = api_client
end

Instance Attribute Details

#api_client ⇒ Object

Returns the value of attribute api_client.

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 20

def api_client
  @api_client
end

Instance Method Details

#attach_case(case_id, body, opts = {}) ⇒ Object

Attach security findings to a case.

See Also:

• #attach_case_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 29

def attach_case(case_id, body, opts = {})
  data, _status_code, _headers = attach_case_with_http_info(case_id, body, opts)
  data
end

#attach_case_with_http_info(case_id, body, opts = {}) ⇒ Array<(FindingCaseResponse, Integer, Hash)>

Attach security findings to a case.

Attach security findings to a case. You can attach up to 50 security findings per case. Security findings that are already attached to another case will be detached from their previous case and attached to the specified case.

Parameters:

• case_id (String) —

  Unique identifier of the case to attach security findings to

• body (AttachCaseRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(FindingCaseResponse, Integer, Hash)>) —

  FindingCaseResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 43

def attach_case_with_http_info(case_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.attach_case ...'
  end
  # verify the required parameter 'case_id' is set
  if @api_client.config.client_side_validation && case_id.nil?
    fail ArgumentError, "Missing the required parameter 'case_id' when calling SecurityMonitoringAPI.attach_case"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.attach_case"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/cases/{case_id}'.sub('{case_id}', CGI.escape(case_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'FindingCaseResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :attach_case,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#attach_case\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#attach_jira_issue(body, opts = {}) ⇒ Object

Attach security findings to a Jira issue.

See Also:

• #attach_jira_issue_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 102

def attach_jira_issue(body, opts = {})
  data, _status_code, _headers = attach_jira_issue_with_http_info(body, opts)
  data
end

#attach_jira_issue_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponse, Integer, Hash)>

Attach security findings to a Jira issue.

Attach security findings to a Jira issue by providing the Jira issue URL. You can attach up to 50 security findings per Jira issue. If the Jira issue is not linked to any case, this operation will create a case for the security findings and link the Jira issue to the newly created case. To configure the Jira integration, see [Bidirectional ticket syncing with Jira](docs.datadoghq.com/security/ticketing_integrations/#bidirectional-ticket-syncing-with-jira). Security findings that are already attached to another Jira issue will be detached from their previous Jira issue and attached to the specified Jira issue.

Parameters:

• body (AttachJiraIssueRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(FindingCaseResponse, Integer, Hash)>) —

  FindingCaseResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 115

def attach_jira_issue_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.attach_jira_issue".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.attach_jira_issue")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.attach_jira_issue"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.attach_jira_issue ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.attach_jira_issue"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/jira_issues'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'FindingCaseResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :attach_jira_issue,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#attach_jira_issue\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#cancel_threat_hunting_job(job_id, opts = {}) ⇒ Object

Cancel a threat hunting job.

See Also:

• #cancel_threat_hunting_job_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 176

def cancel_threat_hunting_job(job_id, opts = {})
  cancel_threat_hunting_job_with_http_info(job_id, opts)
  nil
end

#cancel_threat_hunting_job_with_http_info(job_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Cancel a threat hunting job.

Cancel a threat hunting job.

Parameters:

• job_id (String) —

  The ID of the job.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 188

def cancel_threat_hunting_job_with_http_info(job_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.cancel_threat_hunting_job".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.cancel_threat_hunting_job")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.cancel_threat_hunting_job"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.cancel_threat_hunting_job ...'
  end
  # verify the required parameter 'job_id' is set
  if @api_client.config.client_side_validation && job_id.nil?
    fail ArgumentError, "Missing the required parameter 'job_id' when calling SecurityMonitoringAPI.cancel_threat_hunting_job"
  end
  # resource path
  local_var_path = '/api/v2/siem-threat-hunting/jobs/{job_id}/cancel'.sub('{job_id}', CGI.escape(job_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :cancel_threat_hunting_job,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#cancel_threat_hunting_job\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#convert_existing_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

Convert an existing rule from JSON to Terraform.

See Also:

• #convert_existing_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 247

def convert_existing_security_monitoring_rule(rule_id, opts = {})
  data, _status_code, _headers = convert_existing_security_monitoring_rule_with_http_info(rule_id, opts)
  data
end

#convert_existing_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>

Convert an existing rule from JSON to Terraform.

Convert an existing rule from JSON to Terraform for Datadog provider resource datadog_security_monitoring_rule. You can do so for the following rule types:

• App and API Protection

• Cloud SIEM (log detection and signal correlation)

• Workload Protection

You can convert Cloud Security configuration rules using Terraform’s [Datadog Cloud Configuration Rule resource](registry.terraform.io/providers/DataDog/datadog/latest/docs/resources/cloud_configuration_rule).

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>) —

  SecurityMonitoringRuleConvertResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 265

def convert_existing_security_monitoring_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.convert_existing_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.convert_existing_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}/convert'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleConvertResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :convert_existing_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#convert_existing_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#convert_job_result_to_signal(body, opts = {}) ⇒ Object

Convert a job result to a signal.

See Also:

• #convert_job_result_to_signal_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 318

def convert_job_result_to_signal(body, opts = {})
  convert_job_result_to_signal_with_http_info(body, opts)
  nil
end

#convert_job_result_to_signal_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Convert a job result to a signal.

Convert a job result to a signal.

Parameters:

• body (ConvertJobResultsToSignalsRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 330

def convert_job_result_to_signal_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.convert_job_result_to_signal".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.convert_job_result_to_signal")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.convert_job_result_to_signal"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.convert_job_result_to_signal ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.convert_job_result_to_signal"
  end
  # resource path
  local_var_path = '/api/v2/siem-threat-hunting/jobs/signal_convert'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :convert_job_result_to_signal,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#convert_job_result_to_signal\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#convert_security_monitoring_rule_from_json_to_terraform(body, opts = {}) ⇒ Object

Convert a rule from JSON to Terraform.

See Also:

• #convert_security_monitoring_rule_from_json_to_terraform_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 391

def convert_security_monitoring_rule_from_json_to_terraform(body, opts = {})
  data, _status_code, _headers = convert_security_monitoring_rule_from_json_to_terraform_with_http_info(body, opts)
  data
end

#convert_security_monitoring_rule_from_json_to_terraform_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>

Convert a rule from JSON to Terraform.

Convert a rule that doesn’t (yet) exist from JSON to Terraform for Datadog provider resource datadog_security_monitoring_rule. You can do so for the following rule types:

• App and API Protection

• Cloud SIEM (log detection and signal correlation)

• Workload Protection

You can convert Cloud Security configuration rules using Terraform’s [Datadog Cloud Configuration Rule resource](registry.terraform.io/providers/DataDog/datadog/latest/docs/resources/cloud_configuration_rule).

Parameters:

• body (SecurityMonitoringRuleConvertPayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>) —

  SecurityMonitoringRuleConvertResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 409

def convert_security_monitoring_rule_from_json_to_terraform_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.convert_security_monitoring_rule_from_json_to_terraform ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.convert_security_monitoring_rule_from_json_to_terraform"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/convert'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleConvertResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :convert_security_monitoring_rule_from_json_to_terraform,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#convert_security_monitoring_rule_from_json_to_terraform\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_cases(body, opts = {}) ⇒ Object

Create cases for security findings.

See Also:

• #create_cases_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 464

def create_cases(body, opts = {})
  data, _status_code, _headers = create_cases_with_http_info(body, opts)
  data
end

#create_cases_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponseArray, Integer, Hash)>

Create cases for security findings.

Create cases for security findings. You can create up to 50 cases per request and associate up to 50 security findings per case. Security findings that are already attached to another case will be detached from their previous case and attached to the newly created case.

Parameters:

• body (CreateCaseRequestArray)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(FindingCaseResponseArray, Integer, Hash)>) —

  FindingCaseResponseArray data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 477

def create_cases_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_cases ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_cases"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/cases'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'FindingCaseResponseArray'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_cases,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_cases\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_custom_framework(body, opts = {}) ⇒ Object

Create a custom framework.

See Also:

• #create_custom_framework_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 532

def create_custom_framework(body, opts = {})
  data, _status_code, _headers = create_custom_framework_with_http_info(body, opts)
  data
end

#create_custom_framework_with_http_info(body, opts = {}) ⇒ Array<(CreateCustomFrameworkResponse, Integer, Hash)>

Create a custom framework.

Create a custom framework.

Parameters:

• body (CreateCustomFrameworkRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(CreateCustomFrameworkResponse, Integer, Hash)>) —

  CreateCustomFrameworkResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 544

def create_custom_framework_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_custom_framework ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_custom_framework"
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/custom_frameworks'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'CreateCustomFrameworkResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_custom_framework,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_custom_framework\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_jira_issues(body, opts = {}) ⇒ Object

Create Jira issues for security findings.

See Also:

• #create_jira_issues_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 599

def create_jira_issues(body, opts = {})
  data, _status_code, _headers = create_jira_issues_with_http_info(body, opts)
  data
end

#create_jira_issues_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponseArray, Integer, Hash)>

Create Jira issues for security findings.

Create Jira issues for security findings. This operation creates a case in Datadog and a Jira issue linked to that case for bidirectional sync between Datadog and Jira. To configure the Jira integration, see [Bidirectional ticket syncing with Jira](docs.datadoghq.com/security/ticketing_integrations/#bidirectional-ticket-syncing-with-jira). You can create up to 50 Jira issues per request and associate up to 50 security findings per Jira issue. Security findings that are already attached to another Jira issue will be detached from their previous Jira issue and attached to the newly created Jira issue.

Parameters:

• body (CreateJiraIssueRequestArray)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(FindingCaseResponseArray, Integer, Hash)>) —

  FindingCaseResponseArray data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 612

def create_jira_issues_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.create_jira_issues".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.create_jira_issues")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.create_jira_issues"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_jira_issues ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_jira_issues"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/jira_issues'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'FindingCaseResponseArray'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_jira_issues,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_jira_issues\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_filter(body, opts = {}) ⇒ Object

Create a security filter.

See Also:

• #create_security_filter_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 673

def create_security_filter(body, opts = {})
  data, _status_code, _headers = create_security_filter_with_http_info(body, opts)
  data
end

#create_security_filter_with_http_info(body, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

Create a security filter.

Create a security filter.

See the [security filter guide](docs.datadoghq.com/security_platform/guide/how-to-setup-security-filters-using-security-monitoring-api/) for more examples.

Parameters:

• body (SecurityFilterCreateRequest) —

  The definition of the new security filter.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFilterResponse, Integer, Hash)>) —

  SecurityFilterResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 688

def create_security_filter_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_filter ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_filter"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFilterResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_security_filter,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_monitoring_critical_asset(body, opts = {}) ⇒ Object

Create a critical asset.

See Also:

• #create_security_monitoring_critical_asset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 743

def create_security_monitoring_critical_asset(body, opts = {})
  data, _status_code, _headers = create_security_monitoring_critical_asset_with_http_info(body, opts)
  data
end

#create_security_monitoring_critical_asset_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

Create a critical asset.

Create a new critical asset.

Parameters:

• body (SecurityMonitoringCriticalAssetCreateRequest) —

  The definition of the new critical asset.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>) —

  SecurityMonitoringCriticalAssetResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 755

def create_security_monitoring_critical_asset_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_monitoring_critical_asset ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_monitoring_critical_asset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_security_monitoring_critical_asset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_monitoring_critical_asset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_monitoring_rule(body, opts = {}) ⇒ Object

Create a detection rule.

See Also:

• #create_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 810

def create_security_monitoring_rule(body, opts = {})
  data, _status_code, _headers = create_security_monitoring_rule_with_http_info(body, opts)
  data
end

#create_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

Create a detection rule.

Create a detection rule.

Parameters:

• body (SecurityMonitoringRuleCreatePayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleResponse, Integer, Hash)>) —

  SecurityMonitoringRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 822

def create_security_monitoring_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_monitoring_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_monitoring_suppression(body, opts = {}) ⇒ Object

Create a suppression rule.

See Also:

• #create_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 877

def create_security_monitoring_suppression(body, opts = {})
  data, _status_code, _headers = create_security_monitoring_suppression_with_http_info(body, opts)
  data
end

#create_security_monitoring_suppression_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

Create a suppression rule.

Create a new suppression rule.

Parameters:

• body (SecurityMonitoringSuppressionCreateRequest) —

  The definition of the new suppression rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 889

def create_security_monitoring_suppression_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_monitoring_suppression ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_signal_notification_rule(body, opts = {}) ⇒ Object

Create a new signal-based notification rule.

See Also:

• #create_signal_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 944

def create_signal_notification_rule(body, opts = {})
  data, _status_code, _headers = create_signal_notification_rule_with_http_info(body, opts)
  data
end

#create_signal_notification_rule_with_http_info(body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Create a new signal-based notification rule.

Create a new notification rule for security signals and return the created rule.

Parameters:

• body (CreateNotificationRuleParameters) —

  The body of the create notification rule request is composed of the rule type and the rule attributes: the rule name, the selectors, the notification targets, and the rule enabled status.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 956

def create_signal_notification_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_signal_notification_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_signal_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/signals/notification_rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :create_signal_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_signal_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_vulnerability_notification_rule(body, opts = {}) ⇒ Object

Create a new vulnerability-based notification rule.

See Also:

• #create_vulnerability_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1011

def create_vulnerability_notification_rule(body, opts = {})
  data, _status_code, _headers = create_vulnerability_notification_rule_with_http_info(body, opts)
  data
end

#create_vulnerability_notification_rule_with_http_info(body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Create a new vulnerability-based notification rule.

Create a new notification rule for security vulnerabilities and return the created rule.

Parameters:

• body (CreateNotificationRuleParameters) —

  The body of the create notification rule request is composed of the rule type and the rule attributes: the rule name, the selectors, the notification targets, and the rule enabled status.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1023

def create_vulnerability_notification_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_vulnerability_notification_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_vulnerability_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities/notification_rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :create_vulnerability_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_vulnerability_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_custom_framework(handle, version, opts = {}) ⇒ Object

Delete a custom framework.

See Also:

• #delete_custom_framework_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1078

def delete_custom_framework(handle, version, opts = {})
  data, _status_code, _headers = delete_custom_framework_with_http_info(handle, version, opts)
  data
end

#delete_custom_framework_with_http_info(handle, version, opts = {}) ⇒ Array<(DeleteCustomFrameworkResponse, Integer, Hash)>

Delete a custom framework.

Delete a custom framework.

Parameters:

• handle (String) —

  The framework handle

• version (String) —

  The framework version

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(DeleteCustomFrameworkResponse, Integer, Hash)>) —

  DeleteCustomFrameworkResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1091

def delete_custom_framework_with_http_info(handle, version, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_custom_framework ...'
  end
  # verify the required parameter 'handle' is set
  if @api_client.config.client_side_validation && handle.nil?
    fail ArgumentError, "Missing the required parameter 'handle' when calling SecurityMonitoringAPI.delete_custom_framework"
  end
  # verify the required parameter 'version' is set
  if @api_client.config.client_side_validation && version.nil?
    fail ArgumentError, "Missing the required parameter 'version' when calling SecurityMonitoringAPI.delete_custom_framework"
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/custom_frameworks/{handle}/{version}'.sub('{handle}', CGI.escape(handle.to_s).gsub('%2F', '/')).sub('{version}', CGI.escape(version.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'DeleteCustomFrameworkResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_custom_framework,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_custom_framework\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_filter(security_filter_id, opts = {}) ⇒ Object

Delete a security filter.

See Also:

• #delete_security_filter_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1148

def delete_security_filter(security_filter_id, opts = {})
  delete_security_filter_with_http_info(security_filter_id, opts)
  nil
end

#delete_security_filter_with_http_info(security_filter_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a security filter.

Delete a specific security filter.

Parameters:

• security_filter_id (String) —

  The ID of the security filter.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1160

def delete_security_filter_with_http_info(security_filter_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_filter ...'
  end
  # verify the required parameter 'security_filter_id' is set
  if @api_client.config.client_side_validation && security_filter_id.nil?
    fail ArgumentError, "Missing the required parameter 'security_filter_id' when calling SecurityMonitoringAPI.delete_security_filter"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}'.sub('{security_filter_id}', CGI.escape(security_filter_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_security_filter,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_monitoring_critical_asset(critical_asset_id, opts = {}) ⇒ Object

Delete a critical asset.

See Also:

• #delete_security_monitoring_critical_asset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1213

def delete_security_monitoring_critical_asset(critical_asset_id, opts = {})
  delete_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts)
  nil
end

#delete_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a critical asset.

Delete a specific critical asset.

Parameters:

• critical_asset_id (String) —

  The ID of the critical asset.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1225

def delete_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_monitoring_critical_asset ...'
  end
  # verify the required parameter 'critical_asset_id' is set
  if @api_client.config.client_side_validation && critical_asset_id.nil?
    fail ArgumentError, "Missing the required parameter 'critical_asset_id' when calling SecurityMonitoringAPI.delete_security_monitoring_critical_asset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id}'.sub('{critical_asset_id}', CGI.escape(critical_asset_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_security_monitoring_critical_asset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_monitoring_critical_asset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

Delete an existing rule.

See Also:

• #delete_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1278

def delete_security_monitoring_rule(rule_id, opts = {})
  delete_security_monitoring_rule_with_http_info(rule_id, opts)
  nil
end

#delete_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete an existing rule.

Delete an existing rule. Default rules cannot be deleted.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1290

def delete_security_monitoring_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.delete_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_monitoring_suppression(suppression_id, opts = {}) ⇒ Object

Delete a suppression rule.

See Also:

• #delete_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1343

def delete_security_monitoring_suppression(suppression_id, opts = {})
  delete_security_monitoring_suppression_with_http_info(suppression_id, opts)
  nil
end

#delete_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a suppression rule.

Delete a specific suppression rule.

Parameters:

• suppression_id (String) —

  The ID of the suppression rule

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1355

def delete_security_monitoring_suppression_with_http_info(suppression_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_monitoring_suppression ...'
  end
  # verify the required parameter 'suppression_id' is set
  if @api_client.config.client_side_validation && suppression_id.nil?
    fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.delete_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_signal_notification_rule(id, opts = {}) ⇒ Object

Delete a signal-based notification rule.

See Also:

• #delete_signal_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1408

def delete_signal_notification_rule(id, opts = {})
  delete_signal_notification_rule_with_http_info(id, opts)
  nil
end

#delete_signal_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a signal-based notification rule.

Delete a notification rule for security signals.

Parameters:

• id (String) —

  ID of the notification rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1420

def delete_signal_notification_rule_with_http_info(id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_signal_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.delete_signal_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/signals/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :delete_signal_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_signal_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_threat_hunting_job(job_id, opts = {}) ⇒ Object

Delete an existing job.

See Also:

• #delete_threat_hunting_job_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1473

def delete_threat_hunting_job(job_id, opts = {})
  delete_threat_hunting_job_with_http_info(job_id, opts)
  nil
end

#delete_threat_hunting_job_with_http_info(job_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete an existing job.

Delete an existing job.

Parameters:

• job_id (String) —

  The ID of the job.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1485

def delete_threat_hunting_job_with_http_info(job_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.delete_threat_hunting_job".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.delete_threat_hunting_job")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.delete_threat_hunting_job"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_threat_hunting_job ...'
  end
  # verify the required parameter 'job_id' is set
  if @api_client.config.client_side_validation && job_id.nil?
    fail ArgumentError, "Missing the required parameter 'job_id' when calling SecurityMonitoringAPI.delete_threat_hunting_job"
  end
  # resource path
  local_var_path = '/api/v2/siem-threat-hunting/jobs/{job_id}'.sub('{job_id}', CGI.escape(job_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_threat_hunting_job,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_threat_hunting_job\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_vulnerability_notification_rule(id, opts = {}) ⇒ Object

Delete a vulnerability-based notification rule.

See Also:

• #delete_vulnerability_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1544

def delete_vulnerability_notification_rule(id, opts = {})
  delete_vulnerability_notification_rule_with_http_info(id, opts)
  nil
end

#delete_vulnerability_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a vulnerability-based notification rule.

Delete a notification rule for security vulnerabilities.

Parameters:

• id (String) —

  ID of the notification rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1556

def delete_vulnerability_notification_rule_with_http_info(id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_vulnerability_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.delete_vulnerability_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :delete_vulnerability_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_vulnerability_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#detach_case(body, opts = {}) ⇒ Object

Detach security findings from their case.

See Also:

• #detach_case_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1609

def detach_case(body, opts = {})
  detach_case_with_http_info(body, opts)
  nil
end

#detach_case_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Detach security findings from their case.

Detach security findings from their case. This operation dissociates security findings from their associated cases without deleting the cases themselves. You can detach security findings from multiple different cases in a single request, with a limit of 50 security findings per request. Security findings that are not currently attached to any case will be ignored.

Parameters:

• body (DetachCaseRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1622

def detach_case_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.detach_case ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.detach_case"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/cases'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :detach_case,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#detach_case\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#edit_security_monitoring_signal_assignee(signal_id, body, opts = {}) ⇒ Object

Modify the triage assignee of a security signal.

See Also:

• #edit_security_monitoring_signal_assignee_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1677

def edit_security_monitoring_signal_assignee(signal_id, body, opts = {})
  data, _status_code, _headers = edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts)
  data
end

#edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

Modify the triage assignee of a security signal.

Modify the triage assignee of a security signal.

Parameters:

• signal_id (String) —

  The ID of the signal.

• body (SecurityMonitoringSignalAssigneeUpdateRequest) —

  Attributes describing the signal update.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1690

def edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.edit_security_monitoring_signal_assignee ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_assignee"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_assignee"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/assignee'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :edit_security_monitoring_signal_assignee,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#edit_security_monitoring_signal_assignee\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#edit_security_monitoring_signal_incidents(signal_id, body, opts = {}) ⇒ Object

Change the related incidents of a security signal.

See Also:

• #edit_security_monitoring_signal_incidents_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1749

def edit_security_monitoring_signal_incidents(signal_id, body, opts = {})
  data, _status_code, _headers = edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts)
  data
end

#edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

Change the related incidents of a security signal.

Change the related incidents for a security signal.

Parameters:

• signal_id (String) —

  The ID of the signal.

• body (SecurityMonitoringSignalIncidentsUpdateRequest) —

  Attributes describing the signal update.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1762

def edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.edit_security_monitoring_signal_incidents ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_incidents"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_incidents"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/incidents'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :edit_security_monitoring_signal_incidents,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#edit_security_monitoring_signal_incidents\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#edit_security_monitoring_signal_state(signal_id, body, opts = {}) ⇒ Object

Change the triage state of a security signal.

See Also:

• #edit_security_monitoring_signal_state_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1821

def edit_security_monitoring_signal_state(signal_id, body, opts = {})
  data, _status_code, _headers = edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts)
  data
end

#edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

Change the triage state of a security signal.

Change the triage state of a security signal.

Parameters:

• signal_id (String) —

  The ID of the signal.

• body (SecurityMonitoringSignalStateUpdateRequest) —

  Attributes describing the signal update.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1834

def edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.edit_security_monitoring_signal_state ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_state"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_state"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/state'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :edit_security_monitoring_signal_state,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#edit_security_monitoring_signal_state\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_critical_assets_affecting_rule(rule_id, opts = {}) ⇒ Object

Get critical assets affecting a specific rule.

See Also:

• #get_critical_assets_affecting_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1893

def get_critical_assets_affecting_rule(rule_id, opts = {})
  data, _status_code, _headers = get_critical_assets_affecting_rule_with_http_info(rule_id, opts)
  data
end

#get_critical_assets_affecting_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>

Get critical assets affecting a specific rule.

Get the list of critical assets that affect a specific existing rule by the rule’s ID.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>) —

  SecurityMonitoringCriticalAssetsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1905

def get_critical_assets_affecting_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_critical_assets_affecting_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.get_critical_assets_affecting_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_critical_assets_affecting_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_critical_assets_affecting_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_custom_framework(handle, version, opts = {}) ⇒ Object

Get a custom framework.

See Also:

• #get_custom_framework_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1958

def get_custom_framework(handle, version, opts = {})
  data, _status_code, _headers = get_custom_framework_with_http_info(handle, version, opts)
  data
end

#get_custom_framework_with_http_info(handle, version, opts = {}) ⇒ Array<(GetCustomFrameworkResponse, Integer, Hash)>

Get a custom framework.

Get a custom framework.

Parameters:

• handle (String) —

  The framework handle

• version (String) —

  The framework version

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(GetCustomFrameworkResponse, Integer, Hash)>) —

  GetCustomFrameworkResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1971

def get_custom_framework_with_http_info(handle, version, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_custom_framework ...'
  end
  # verify the required parameter 'handle' is set
  if @api_client.config.client_side_validation && handle.nil?
    fail ArgumentError, "Missing the required parameter 'handle' when calling SecurityMonitoringAPI.get_custom_framework"
  end
  # verify the required parameter 'version' is set
  if @api_client.config.client_side_validation && version.nil?
    fail ArgumentError, "Missing the required parameter 'version' when calling SecurityMonitoringAPI.get_custom_framework"
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/custom_frameworks/{handle}/{version}'.sub('{handle}', CGI.escape(handle.to_s).gsub('%2F', '/')).sub('{version}', CGI.escape(version.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetCustomFrameworkResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_custom_framework,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_custom_framework\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_finding(finding_id, opts = {}) ⇒ Object

Get a finding.

See Also:

• #get_finding_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2028

def get_finding(finding_id, opts = {})
  data, _status_code, _headers = get_finding_with_http_info(finding_id, opts)
  data
end

#get_finding_with_http_info(finding_id, opts = {}) ⇒ Array<(GetFindingResponse, Integer, Hash)>

Get a finding.

Returns a single finding with message and resource configuration.

Parameters:

• finding_id (String) —

  The ID of the finding.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :snapshot_timestamp (Integer) —

  Return the finding for a given snapshot of time (Unix ms).

Returns:

• (Array<(GetFindingResponse, Integer, Hash)>) —

  GetFindingResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2041

def get_finding_with_http_info(finding_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_finding".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_finding")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_finding"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_finding ...'
  end
  # verify the required parameter 'finding_id' is set
  if @api_client.config.client_side_validation && finding_id.nil?
    fail ArgumentError, "Missing the required parameter 'finding_id' when calling SecurityMonitoringAPI.get_finding"
  end
  if @api_client.config.client_side_validation && !opts[:'snapshot_timestamp'].nil? && opts[:'snapshot_timestamp'] < 1
    fail ArgumentError, 'invalid value for "opts[:"snapshot_timestamp"]" when calling SecurityMonitoringAPI.get_finding, must be greater than or equal to 1.'
  end
  # resource path
  local_var_path = '/api/v2/posture_management/findings/{finding_id}'.sub('{finding_id}', CGI.escape(finding_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'snapshot_timestamp'] = opts[:'snapshot_timestamp'] if !opts[:'snapshot_timestamp'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetFindingResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_finding,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_finding\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_resource_evaluation_filters(opts = {}) ⇒ Object

List resource filters.

See Also:

• #get_resource_evaluation_filters_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2104

def get_resource_evaluation_filters(opts = {})
  data, _status_code, _headers = get_resource_evaluation_filters_with_http_info(opts)
  data
end

#get_resource_evaluation_filters_with_http_info(opts = {}) ⇒ Array<(GetResourceEvaluationFiltersResponse, Integer, Hash)>

List resource filters.

List resource filters.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :cloud_provider (String) —

  Filter resource filters by cloud provider (e.g. aws, gcp, azure).

• :account_id (String) —

  Filter resource filters by cloud provider account ID. This parameter is only valid when provider is specified.

• :skip_cache (Boolean) —

  Skip cache for resource filters.

Returns:

• (Array<(GetResourceEvaluationFiltersResponse, Integer, Hash)>) —

  GetResourceEvaluationFiltersResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2118

def get_resource_evaluation_filters_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_resource_evaluation_filters ...'
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/resource_filters'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'cloud_provider'] = opts[:'cloud_provider'] if !opts[:'cloud_provider'].nil?
  query_params[:'account_id'] = opts[:'account_id'] if !opts[:'account_id'].nil?
  query_params[:'skip_cache'] = opts[:'skip_cache'] if !opts[:'skip_cache'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetResourceEvaluationFiltersResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_resource_evaluation_filters,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_resource_evaluation_filters\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_rule_version_history(rule_id, opts = {}) ⇒ Object

Get a rule’s version history.

See Also:

• #get_rule_version_history_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2170

def get_rule_version_history(rule_id, opts = {})
  data, _status_code, _headers = get_rule_version_history_with_http_info(rule_id, opts)
  data
end

#get_rule_version_history_with_http_info(rule_id, opts = {}) ⇒ Array<(GetRuleVersionHistoryResponse, Integer, Hash)>

Get a rule’s version history.

Get a rule’s version history.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

Returns:

• (Array<(GetRuleVersionHistoryResponse, Integer, Hash)>) —

  GetRuleVersionHistoryResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2184

def get_rule_version_history_with_http_info(rule_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_rule_version_history".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_rule_version_history")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_rule_version_history"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_rule_version_history ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.get_rule_version_history"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}/version_history'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetRuleVersionHistoryResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_rule_version_history,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_rule_version_history\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_sbom(asset_type, filter_asset_name, opts = {}) ⇒ Object

Get SBOM.

See Also:

• #get_sbom_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2245

def get_sbom(asset_type, filter_asset_name, opts = {})
  data, _status_code, _headers = get_sbom_with_http_info(asset_type, filter_asset_name, opts)
  data
end

#get_sbom_with_http_info(asset_type, filter_asset_name, opts = {}) ⇒ Array<(GetSBOMResponse, Integer, Hash)>

Get SBOM.

Get a single SBOM related to an asset by its type and name.

Parameters:

• asset_type (AssetType) —

  The type of the asset for the SBOM request.

• filter_asset_name (String) —

  The name of the asset for the SBOM request.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_repo_digest (String) —

  The container image repo_digest for the SBOM request. When the requested asset type is ‘Image’, this filter is mandatory.

• :ext_format (SBOMFormat) —

  The standard of the SBOM.

Returns:

• (Array<(GetSBOMResponse, Integer, Hash)>) —

  GetSBOMResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2260

def get_sbom_with_http_info(asset_type, filter_asset_name, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_sbom".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_sbom")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_sbom"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_sbom ...'
  end
  # verify the required parameter 'asset_type' is set
  if @api_client.config.client_side_validation && asset_type.nil?
    fail ArgumentError, "Missing the required parameter 'asset_type' when calling SecurityMonitoringAPI.get_sbom"
  end
  # verify enum value
  allowable_values = ['Repository', 'Service', 'Host', 'HostImage', 'Image']
  if @api_client.config.client_side_validation && !allowable_values.include?(asset_type)
    fail ArgumentError, "invalid value for \"asset_type\", must be one of #{allowable_values}"
  end
  # verify the required parameter 'filter_asset_name' is set
  if @api_client.config.client_side_validation && filter_asset_name.nil?
    fail ArgumentError, "Missing the required parameter 'filter_asset_name' when calling SecurityMonitoringAPI.get_sbom"
  end
  allowable_values = ['CycloneDX', 'SPDX']
  if @api_client.config.client_side_validation && opts[:'ext_format'] && !allowable_values.include?(opts[:'ext_format'])
    fail ArgumentError, "invalid value for \"ext_format\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/sboms/{asset_type}'.sub('{asset_type}', CGI.escape(asset_type.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[asset_name]'] = filter_asset_name
  query_params[:'filter[repo_digest]'] = opts[:'filter_repo_digest'] if !opts[:'filter_repo_digest'].nil?
  query_params[:'ext:format'] = opts[:'ext_format'] if !opts[:'ext_format'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetSBOMResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_sbom,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_sbom\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_secrets_rules(opts = {}) ⇒ Object

Returns a list of Secrets rules.

See Also:

• #get_secrets_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2335

def get_secrets_rules(opts = {})
  data, _status_code, _headers = get_secrets_rules_with_http_info(opts)
  data
end

#get_secrets_rules_with_http_info(opts = {}) ⇒ Array<(SecretRuleArray, Integer, Hash)>

Returns a list of Secrets rules.

Returns a list of Secrets rules with ID, Pattern, Description, Priority, and SDS ID.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecretRuleArray, Integer, Hash)>) —

  SecretRuleArray data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2346

def get_secrets_rules_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_secrets_rules".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_secrets_rules")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_secrets_rules"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_secrets_rules ...'
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/secrets/rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecretRuleArray'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_secrets_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_secrets_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_filter(security_filter_id, opts = {}) ⇒ Object

Get a security filter.

See Also:

• #get_security_filter_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2401

def get_security_filter(security_filter_id, opts = {})
  data, _status_code, _headers = get_security_filter_with_http_info(security_filter_id, opts)
  data
end

#get_security_filter_with_http_info(security_filter_id, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

Get a security filter.

Get the details of a specific security filter.

See the [security filter guide](docs.datadoghq.com/security_platform/guide/how-to-setup-security-filters-using-security-monitoring-api/) for more examples.

Parameters:

• security_filter_id (String) —

  The ID of the security filter.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFilterResponse, Integer, Hash)>) —

  SecurityFilterResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2416

def get_security_filter_with_http_info(security_filter_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_filter ...'
  end
  # verify the required parameter 'security_filter_id' is set
  if @api_client.config.client_side_validation && security_filter_id.nil?
    fail ArgumentError, "Missing the required parameter 'security_filter_id' when calling SecurityMonitoringAPI.get_security_filter"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}'.sub('{security_filter_id}', CGI.escape(security_filter_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFilterResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_filter,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_critical_asset(critical_asset_id, opts = {}) ⇒ Object

Get a critical asset.

See Also:

• #get_security_monitoring_critical_asset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2469

def get_security_monitoring_critical_asset(critical_asset_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts)
  data
end

#get_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

Get a critical asset.

Get the details of a specific critical asset.

Parameters:

• critical_asset_id (String) —

  The ID of the critical asset.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>) —

  SecurityMonitoringCriticalAssetResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2481

def get_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_critical_asset ...'
  end
  # verify the required parameter 'critical_asset_id' is set
  if @api_client.config.client_side_validation && critical_asset_id.nil?
    fail ArgumentError, "Missing the required parameter 'critical_asset_id' when calling SecurityMonitoringAPI.get_security_monitoring_critical_asset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id}'.sub('{critical_asset_id}', CGI.escape(critical_asset_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_critical_asset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_critical_asset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_histsignal(histsignal_id, opts = {}) ⇒ Object

Get a hist signal’s details.

See Also:

• #get_security_monitoring_histsignal_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2534

def get_security_monitoring_histsignal(histsignal_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_histsignal_with_http_info(histsignal_id, opts)
  data
end

#get_security_monitoring_histsignal_with_http_info(histsignal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalResponse, Integer, Hash)>

Get a hist signal’s details.

Get a hist signal’s details.

Parameters:

• histsignal_id (String) —

  The ID of the threat hunting signal.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalResponse, Integer, Hash)>) —

  SecurityMonitoringSignalResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2546

def get_security_monitoring_histsignal_with_http_info(histsignal_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_security_monitoring_histsignal".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_security_monitoring_histsignal")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_security_monitoring_histsignal"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_histsignal ...'
  end
  # verify the required parameter 'histsignal_id' is set
  if @api_client.config.client_side_validation && histsignal_id.nil?
    fail ArgumentError, "Missing the required parameter 'histsignal_id' when calling SecurityMonitoringAPI.get_security_monitoring_histsignal"
  end
  # resource path
  local_var_path = '/api/v2/siem-threat-hunting/histsignals/{histsignal_id}'.sub('{histsignal_id}', CGI.escape(histsignal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_histsignal,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_histsignal\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_histsignals_by_job_id(job_id, opts = {}) ⇒ Object

Get a job’s hist signals.

See Also:

• #get_security_monitoring_histsignals_by_job_id_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2605

def get_security_monitoring_histsignals_by_job_id(job_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_histsignals_by_job_id_with_http_info(job_id, opts)
  data
end

#get_security_monitoring_histsignals_by_job_id_with_http_info(job_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

Get a job’s hist signals.

Get a job’s hist signals.

Parameters:

• job_id (String) —

  The ID of the job.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_query (String) —

  The search query for security signals.

• :filter_from (Time) —

  The minimum timestamp for requested security signals.

• :filter_to (Time) —

  The maximum timestamp for requested security signals.

• :sort (SecurityMonitoringSignalsSort) —

  The order of the security signals in results.

• :page_cursor (String) —

  A list of results using the cursor provided in the previous query.

• :page_limit (Integer) —

  The maximum number of security signals in the response.

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2623

def get_security_monitoring_histsignals_by_job_id_with_http_info(job_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_security_monitoring_histsignals_by_job_id".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_security_monitoring_histsignals_by_job_id")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_security_monitoring_histsignals_by_job_id"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_histsignals_by_job_id ...'
  end
  # verify the required parameter 'job_id' is set
  if @api_client.config.client_side_validation && job_id.nil?
    fail ArgumentError, "Missing the required parameter 'job_id' when calling SecurityMonitoringAPI.get_security_monitoring_histsignals_by_job_id"
  end
  allowable_values = ['timestamp', '-timestamp']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.get_security_monitoring_histsignals_by_job_id, must be smaller than or equal to 1000.'
  end
  # resource path
  local_var_path = '/api/v2/siem-threat-hunting/jobs/{job_id}/histsignals'.sub('{job_id}', CGI.escape(job_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?
  query_params[:'filter[from]'] = opts[:'filter_from'] if !opts[:'filter_from'].nil?
  query_params[:'filter[to]'] = opts[:'filter_to'] if !opts[:'filter_to'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_histsignals_by_job_id,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_histsignals_by_job_id\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

Get a rule’s details.

See Also:

• #get_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2695

def get_security_monitoring_rule(rule_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_rule_with_http_info(rule_id, opts)
  data
end

#get_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

Get a rule’s details.

Get a rule’s details.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleResponse, Integer, Hash)>) —

  SecurityMonitoringRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2707

def get_security_monitoring_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.get_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_signal(signal_id, opts = {}) ⇒ Object

Get a signal’s details.

See Also:

• #get_security_monitoring_signal_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2760

def get_security_monitoring_signal(signal_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_signal_with_http_info(signal_id, opts)
  data
end

#get_security_monitoring_signal_with_http_info(signal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalResponse, Integer, Hash)>

Get a signal’s details.

Get a signal’s details.

Parameters:

• signal_id (String) —

  The ID of the signal.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalResponse, Integer, Hash)>) —

  SecurityMonitoringSignalResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2772

def get_security_monitoring_signal_with_http_info(signal_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_signal ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.get_security_monitoring_signal"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_signal,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_signal\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_suppression(suppression_id, opts = {}) ⇒ Object

Get a suppression rule.

See Also:

• #get_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2825

def get_security_monitoring_suppression(suppression_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_suppression_with_http_info(suppression_id, opts)
  data
end

#get_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

Get a suppression rule.

Get the details of a specific suppression rule.

Parameters:

• suppression_id (String) —

  The ID of the suppression rule

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2837

def get_security_monitoring_suppression_with_http_info(suppression_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_suppression ...'
  end
  # verify the required parameter 'suppression_id' is set
  if @api_client.config.client_side_validation && suppression_id.nil?
    fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.get_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_signal_notification_rule(id, opts = {}) ⇒ Object

Get details of a signal-based notification rule.

See Also:

• #get_signal_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2890

def get_signal_notification_rule(id, opts = {})
  data, _status_code, _headers = get_signal_notification_rule_with_http_info(id, opts)
  data
end

#get_signal_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Get details of a signal-based notification rule.

Get the details of a notification rule for security signals.

Parameters:

• id (String) —

  ID of the notification rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2902

def get_signal_notification_rule_with_http_info(id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_signal_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.get_signal_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/signals/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_signal_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_signal_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_signal_notification_rules(opts = {}) ⇒ Object

Get the list of signal-based notification rules.

See Also:

• #get_signal_notification_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2955

def get_signal_notification_rules(opts = {})
  data, _status_code, _headers = get_signal_notification_rules_with_http_info(opts)
  data
end

#get_signal_notification_rules_with_http_info(opts = {}) ⇒ Array<(Object, Integer, Hash)>

Get the list of signal-based notification rules.

Returns the list of notification rules for security signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(Object, Integer, Hash)>) —

  Object data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2966

def get_signal_notification_rules_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_signal_notification_rules ...'
  end
  # resource path
  local_var_path = '/api/v2/security/signals/notification_rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'Object'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_signal_notification_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_signal_notification_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_suppression_version_history(suppression_id, opts = {}) ⇒ Object

Get a suppression’s version history.

See Also:

• #get_suppression_version_history_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3147

def get_suppression_version_history(suppression_id, opts = {})
  data, _status_code, _headers = get_suppression_version_history_with_http_info(suppression_id, opts)
  data
end

#get_suppression_version_history_with_http_info(suppression_id, opts = {}) ⇒ Array<(GetSuppressionVersionHistoryResponse, Integer, Hash)>

Get a suppression’s version history.

Get a suppression’s version history.

Parameters:

• suppression_id (String) —

  The ID of the suppression rule

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

Returns:

• (Array<(GetSuppressionVersionHistoryResponse, Integer, Hash)>) —

  GetSuppressionVersionHistoryResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3161

def get_suppression_version_history_with_http_info(suppression_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_suppression_version_history ...'
  end
  # verify the required parameter 'suppression_id' is set
  if @api_client.config.client_side_validation && suppression_id.nil?
    fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.get_suppression_version_history"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}/version_history'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetSuppressionVersionHistoryResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_suppression_version_history,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_suppression_version_history\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_suppressions_affecting_future_rule(body, opts = {}) ⇒ Object

Get suppressions affecting future rule.

See Also:

• #get_suppressions_affecting_future_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3015

def get_suppressions_affecting_future_rule(body, opts = {})
  data, _status_code, _headers = get_suppressions_affecting_future_rule_with_http_info(body, opts)
  data
end

#get_suppressions_affecting_future_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>

Get suppressions affecting future rule.

Get the list of suppressions that would affect a rule.

Parameters:

• body (SecurityMonitoringRuleCreatePayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3027

def get_suppressions_affecting_future_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_suppressions_affecting_future_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.get_suppressions_affecting_future_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_suppressions_affecting_future_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_suppressions_affecting_future_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_suppressions_affecting_rule(rule_id, opts = {}) ⇒ Object

Get suppressions affecting a specific rule.

See Also:

• #get_suppressions_affecting_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3082

def get_suppressions_affecting_rule(rule_id, opts = {})
  data, _status_code, _headers = get_suppressions_affecting_rule_with_http_info(rule_id, opts)
  data
end

#get_suppressions_affecting_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>

Get suppressions affecting a specific rule.

Get the list of suppressions that affect a specific existing rule by its ID.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3094

def get_suppressions_affecting_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_suppressions_affecting_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.get_suppressions_affecting_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_suppressions_affecting_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_suppressions_affecting_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_threat_hunting_job(job_id, opts = {}) ⇒ Object

Get a job’s details.

See Also:

• #get_threat_hunting_job_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3216

def get_threat_hunting_job(job_id, opts = {})
  data, _status_code, _headers = get_threat_hunting_job_with_http_info(job_id, opts)
  data
end

#get_threat_hunting_job_with_http_info(job_id, opts = {}) ⇒ Array<(ThreatHuntingJobResponse, Integer, Hash)>

Get a job’s details.

Get a job’s details.

Parameters:

• job_id (String) —

  The ID of the job.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(ThreatHuntingJobResponse, Integer, Hash)>) —

  ThreatHuntingJobResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3228

def get_threat_hunting_job_with_http_info(job_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_threat_hunting_job".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_threat_hunting_job")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_threat_hunting_job"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_threat_hunting_job ...'
  end
  # verify the required parameter 'job_id' is set
  if @api_client.config.client_side_validation && job_id.nil?
    fail ArgumentError, "Missing the required parameter 'job_id' when calling SecurityMonitoringAPI.get_threat_hunting_job"
  end
  # resource path
  local_var_path = '/api/v2/siem-threat-hunting/jobs/{job_id}'.sub('{job_id}', CGI.escape(job_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ThreatHuntingJobResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_threat_hunting_job,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_threat_hunting_job\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_vulnerability_notification_rule(id, opts = {}) ⇒ Object

Get details of a vulnerability notification rule.

See Also:

• #get_vulnerability_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3287

def get_vulnerability_notification_rule(id, opts = {})
  data, _status_code, _headers = get_vulnerability_notification_rule_with_http_info(id, opts)
  data
end

#get_vulnerability_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Get details of a vulnerability notification rule.

Get the details of a notification rule for security vulnerabilities.

Parameters:

• id (String) —

  ID of the notification rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3299

def get_vulnerability_notification_rule_with_http_info(id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_vulnerability_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.get_vulnerability_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_vulnerability_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_vulnerability_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_vulnerability_notification_rules(opts = {}) ⇒ Object

Get the list of vulnerability notification rules.

See Also:

• #get_vulnerability_notification_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3352

def get_vulnerability_notification_rules(opts = {})
  data, _status_code, _headers = get_vulnerability_notification_rules_with_http_info(opts)
  data
end

#get_vulnerability_notification_rules_with_http_info(opts = {}) ⇒ Array<(Object, Integer, Hash)>

Get the list of vulnerability notification rules.

Returns the list of notification rules for security vulnerabilities.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(Object, Integer, Hash)>) —

  Object data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3363

def get_vulnerability_notification_rules_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_vulnerability_notification_rules ...'
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities/notification_rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'Object'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_vulnerability_notification_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_vulnerability_notification_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_assets_sbo_ms(opts = {}) ⇒ Object

List assets SBOMs.

See Also:

• #list_assets_sbo_ms_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3412

def list_assets_sbo_ms(opts = {})
  data, _status_code, _headers = list_assets_sbo_ms_with_http_info(opts)
  data
end

#list_assets_sbo_ms_with_http_info(opts = {}) ⇒ Array<(ListAssetsSBOMsResponse, Integer, Hash)>

List assets SBOMs.

Get a list of assets SBOMs for an organization.

### Pagination

Please review the [Pagination section](#pagination) for the “List Vulnerabilities” endpoint.

### Filtering

Please review the [Filtering section](#filtering) for the “List Vulnerabilities” endpoint.

### Metadata

Please review the [Metadata section](#metadata) for the “List Vulnerabilities” endpoint.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_token (String) —

  Its value must come from the links section of the response of the first request. Do not manually edit it.

• :page_number (Integer) —

  The page number to be retrieved. It should be equal to or greater than 1.

• :filter_asset_type (AssetType) —

  The type of the assets for the SBOM request.

• :filter_asset_name (String) —

  The name of the asset for the SBOM request.

• :filter_package_name (String) —

  The name of the component that is a dependency of an asset.

• :filter_package_version (String) —

  The version of the component that is a dependency of an asset.

• :filter_license_name (String) —

  The software license name of the component that is a dependency of an asset.

• :filter_license_type (SBOMComponentLicenseType) —

  The software license type of the component that is a dependency of an asset.

Returns:

• (Array<(ListAssetsSBOMsResponse, Integer, Hash)>) —

  ListAssetsSBOMsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3443

def list_assets_sbo_ms_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_assets_sbo_ms".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_assets_sbo_ms")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_assets_sbo_ms"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_assets_sbo_ms ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_number'].nil? && opts[:'page_number'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_number"]" when calling SecurityMonitoringAPI.list_assets_sbo_ms, must be greater than or equal to 1.'
  end
  allowable_values = ['Repository', 'Service', 'Host', 'HostImage', 'Image']
  if @api_client.config.client_side_validation && opts[:'filter_asset_type'] && !allowable_values.include?(opts[:'filter_asset_type'])
    fail ArgumentError, "invalid value for \"filter_asset_type\", must be one of #{allowable_values}"
  end
  allowable_values = ['network_strong_copyleft', 'non_standard_copyleft', 'other_non_free', 'other_non_standard', 'permissive', 'public_domain', 'strong_copyleft', 'weak_copyleft']
  if @api_client.config.client_side_validation && opts[:'filter_license_type'] && !allowable_values.include?(opts[:'filter_license_type'])
    fail ArgumentError, "invalid value for \"filter_license_type\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/sboms'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[token]'] = opts[:'page_token'] if !opts[:'page_token'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'filter[asset_type]'] = opts[:'filter_asset_type'] if !opts[:'filter_asset_type'].nil?
  query_params[:'filter[asset_name]'] = opts[:'filter_asset_name'] if !opts[:'filter_asset_name'].nil?
  query_params[:'filter[package_name]'] = opts[:'filter_package_name'] if !opts[:'filter_package_name'].nil?
  query_params[:'filter[package_version]'] = opts[:'filter_package_version'] if !opts[:'filter_package_version'].nil?
  query_params[:'filter[license_name]'] = opts[:'filter_license_name'] if !opts[:'filter_license_name'].nil?
  query_params[:'filter[license_type]'] = opts[:'filter_license_type'] if !opts[:'filter_license_type'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListAssetsSBOMsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :list_assets_sbo_ms,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_assets_sbo_ms\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_findings(opts = {}) ⇒ Object

List findings.

See Also:

• #list_findings_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3517

def list_findings(opts = {})
  data, _status_code, _headers = list_findings_with_http_info(opts)
  data
end

#list_findings_with_http_info(opts = {}) ⇒ Array<(ListFindingsResponse, Integer, Hash)>

List findings.

Get a list of findings. These include both misconfigurations and identity risks.

Note: To filter and return only identity risks, add the following query parameter: ‘?filter=dd_rule_type:ciem`

### Filtering

Filters can be applied by appending query parameters to the URL.

- Using a single filter: `?filter[attribute_key]=attribute_value`
- Chaining filters: `?filter[attribute_key]=attribute_value&filter[attribute_key]=attribute_value...`
- Filtering on tags: `?filter[tags]=tag_key:tag_value&filter[tags]=tag_key_2:tag_value_2`

Here, attribute_key can be any of the filter keys described further below.

Query parameters of type integer support comparison operators (‘>`, `>=`, `<`, `<=`). This is particularly useful when filtering by evaluation_changed_at or resource_discovery_timestamp. For example: `?filter=>20123123121`.

You can also use the negation operator on strings. For example, use ‘filter=-aws*` to filter for any non-AWS resources.

The operator must come after the equal sign. For example, to filter with the ‘>=` operator, add the operator after the equal sign: `filter=>=1678809373257`.

Query parameters must be only among the documented ones and with values of correct types. Duplicated query parameters (e.g. ‘filter=low&filter=info`) are not allowed.

### Additional extension fields

Additional extension fields are available for some findings.

The data is available when you include the query parameter ‘?detailed_findings=true` in the request.

The following fields are available for findings:

• external_id: The resource external ID related to the finding.

• description: The description and remediation steps for the finding.

• datadog_link: The Datadog relative link for the finding.

• ip_addresses: The list of private IP addresses for the resource related to the finding.

### Response

The response includes an array of finding objects, pagination metadata, and a count of items that match the query.

Each finding object contains the following:

• The finding ID that can be used in a GetFinding request to retrieve the full finding details.

• Core attributes, including status, evaluation, high-level resource details, muted state, and rule details.

• evaluation_changed_at and resource_discovery_date time stamps.

• An array of associated tags.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_limit (Integer) —

  Limit the number of findings returned. Must be <= 1000.

• :snapshot_timestamp (Integer) —

  Return findings for a given snapshot of time (Unix ms).

• :page_cursor (String) —

  Return the next page of findings pointed to by the cursor.

• :filter_tags (String) —

  Return findings that have these associated tags (repeatable).

• :filter_evaluation_changed_at (String) —

  Return findings that have changed from pass to fail or vice versa on a specified date (Unix ms) or date range (using comparison operators).

• :filter_muted (Boolean) —

  Set to true to return findings that are muted. Set to false to return unmuted findings.

• :filter_rule_id (String) —

  Return findings for the specified rule ID.

• :filter_rule_name (String) —

  Return findings for the specified rule.

• :filter_resource_type (String) —

  Return only findings for the specified resource type.

• :filter_resource_id (String) —

  Return only findings for the specified resource id.

• :filter_discovery_timestamp (String) —

  Return findings that were found on a specified date (Unix ms) or date range (using comparison operators).

• :filter_evaluation (FindingEvaluation) —

  Return only pass or fail findings.

• :filter_status (FindingStatus) —

  Return only findings with the specified status.

• :filter_vulnerability_type (Array<FindingVulnerabilityType>) —

  Return findings that match the selected vulnerability types (repeatable).

• :detailed_findings (Boolean) —

  Return additional fields for some findings.

Returns:

• (Array<(ListFindingsResponse, Integer, Hash)>) —

  ListFindingsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3586

def list_findings_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_findings".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_findings")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_findings"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_findings ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_findings, must be smaller than or equal to 1000.'
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_findings, must be greater than or equal to 1.'
  end
  if @api_client.config.client_side_validation && !opts[:'snapshot_timestamp'].nil? && opts[:'snapshot_timestamp'] < 1
    fail ArgumentError, 'invalid value for "opts[:"snapshot_timestamp"]" when calling SecurityMonitoringAPI.list_findings, must be greater than or equal to 1.'
  end
  allowable_values = ['pass', 'fail']
  if @api_client.config.client_side_validation && opts[:'filter_evaluation'] && !allowable_values.include?(opts[:'filter_evaluation'])
    fail ArgumentError, "invalid value for \"filter_evaluation\", must be one of #{allowable_values}"
  end
  allowable_values = ['critical', 'high', 'medium', 'low', 'info']
  if @api_client.config.client_side_validation && opts[:'filter_status'] && !allowable_values.include?(opts[:'filter_status'])
    fail ArgumentError, "invalid value for \"filter_status\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/posture_management/findings'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?
  query_params[:'snapshot_timestamp'] = opts[:'snapshot_timestamp'] if !opts[:'snapshot_timestamp'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'filter[tags]'] = opts[:'filter_tags'] if !opts[:'filter_tags'].nil?
  query_params[:'filter[evaluation_changed_at]'] = opts[:'filter_evaluation_changed_at'] if !opts[:'filter_evaluation_changed_at'].nil?
  query_params[:'filter[muted]'] = opts[:'filter_muted'] if !opts[:'filter_muted'].nil?
  query_params[:'filter[rule_id]'] = opts[:'filter_rule_id'] if !opts[:'filter_rule_id'].nil?
  query_params[:'filter[rule_name]'] = opts[:'filter_rule_name'] if !opts[:'filter_rule_name'].nil?
  query_params[:'filter[resource_type]'] = opts[:'filter_resource_type'] if !opts[:'filter_resource_type'].nil?
  query_params[:'filter[@resource_id]'] = opts[:'filter_resource_id'] if !opts[:'filter_resource_id'].nil?
  query_params[:'filter[discovery_timestamp]'] = opts[:'filter_discovery_timestamp'] if !opts[:'filter_discovery_timestamp'].nil?
  query_params[:'filter[evaluation]'] = opts[:'filter_evaluation'] if !opts[:'filter_evaluation'].nil?
  query_params[:'filter[status]'] = opts[:'filter_status'] if !opts[:'filter_status'].nil?
  query_params[:'filter[vulnerability_type]'] = @api_client.build_collection_param(opts[:'filter_vulnerability_type'], :multi) if !opts[:'filter_vulnerability_type'].nil?
  query_params[:'detailed_findings'] = opts[:'detailed_findings'] if !opts[:'detailed_findings'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListFindingsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_findings,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )
  new_options[:query_string_normalizer] = HTTParty::Request::NON_RAILS_QUERY_STRING_NORMALIZER

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_findings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_findings_with_pagination(opts = {}) {|Finding| ... } ⇒ Object

List findings.

Provide a paginated version of #list_findings, returning all items.

To use it you need to use a block: list_findings_with_pagination { |item| p item }

Yields:

• (Finding) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3678

def list_findings_with_pagination(opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(opts, "page_limit", 100)
    @api_client.set_attribute_from_path(api_version, opts, "page_limit", Integer, page_size)
    while true do
        response = list_findings(opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length < page_size
          break
        end
        @api_client.set_attribute_from_path(api_version, opts, "page_cursor", String, @api_client.get_attribute_from_path(response, "meta.page.cursor"))
    end
end

#list_multiple_rulesets(body, opts = {}) ⇒ Object

Ruleset get multiple.

See Also:

• #list_multiple_rulesets_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3695

def list_multiple_rulesets(body, opts = {})
  data, _status_code, _headers = list_multiple_rulesets_with_http_info(body, opts)
  data
end

#list_multiple_rulesets_with_http_info(body, opts = {}) ⇒ Array<(GetMultipleRulesetsResponse, Integer, Hash)>

Ruleset get multiple.

Get rules for multiple rulesets in batch.

Parameters:

• body (GetMultipleRulesetsRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(GetMultipleRulesetsResponse, Integer, Hash)>) —

  GetMultipleRulesetsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3707

def list_multiple_rulesets_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_multiple_rulesets".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_multiple_rulesets")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_multiple_rulesets"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_multiple_rulesets ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.list_multiple_rulesets"
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/rulesets'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'GetMultipleRulesetsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_multiple_rulesets,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_multiple_rulesets\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_scanned_assets_metadata(opts = {}) ⇒ Object

List scanned assets metadata.

See Also:

• #list_scanned_assets_metadata_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3768

def list_scanned_assets_metadata(opts = {})
  data, _status_code, _headers = list_scanned_assets_metadata_with_http_info(opts)
  data
end

#list_scanned_assets_metadata_with_http_info(opts = {}) ⇒ Array<(ScannedAssetsMetadata, Integer, Hash)>

List scanned assets metadata.

Get a list of security scanned assets metadata for an organization.

### Pagination

For the “List Vulnerabilities” endpoint, see the [Pagination section](#pagination).

### Filtering

For the “List Vulnerabilities” endpoint, see the [Filtering section](#filtering).

### Metadata

For the "List Vulnerabilities" endpoint, see the [Metadata section](#metadata).

### Related endpoints

This endpoint returns additional metadata for cloud resources that is not available from the standard resource endpoints. To access a richer dataset, call this endpoint together with the relevant resource endpoint(s) and merge (join) their results using the resource identifier.

Hosts

To enrich host data, join the response from the [Hosts](docs.datadoghq.com/api/latest/hosts/) endpoint with the response from the scanned-assets-metadata endpoint on the following key fields:

| ENDPOINT | JOIN KEY | TYPE | | — | — | — | | [/api/v1/hosts](docs.datadoghq.com/api/latest/hosts/) | host_list.host_name | string | | /api/v2/security/scanned-assets-metadata | data.attributes.asset.name | string |

**Host Images**

To enrich host image data, join the response from the [Hosts](docs.datadoghq.com/api/latest/hosts/) endpoint with the response from the scanned-assets-metadata endpoint on the following key fields:

| ENDPOINT | JOIN KEY | TYPE | | — | — | — | | [/api/v1/hosts](docs.datadoghq.com/api/latest/hosts/) | host_list.tags_by_source[“Amazon Web Services“] | string | | /api/v2/security/scanned-assets-metadata | data.attributes.asset.name | string |

**Container Images**

To enrich container image data, join the response from the [Container Images](docs.datadoghq.com/api/latest/container-images/) endpoint with the response from the scanned-assets-metadata endpoint on the following key fields:

| ENDPOINT | JOIN KEY | TYPE | | — | — | — | | [/api/v2/container_images](docs.datadoghq.com/api/latest/container-images/) | data.attributes.name@data.attributes.repo_digest | string | | /api/v2/security/scanned-assets-metadata | data.attributes.asset.name | string |

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_token (String) —

  Its value must come from the links section of the response of the first request. Do not manually edit it.

• :page_number (Integer) —

  The page number to be retrieved. It should be equal to or greater than 1.

• :filter_asset_type (CloudAssetType) —

  The type of the scanned asset.

• :filter_asset_name (String) —

  The name of the scanned asset.

• :filter_last_success_origin (String) —

  The origin of last success scan.

• :filter_last_success_env (String) —

  The environment of last success scan.

Returns:

• (Array<(ScannedAssetsMetadata, Integer, Hash)>) —

  ScannedAssetsMetadata data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3828

def list_scanned_assets_metadata_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_scanned_assets_metadata".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_scanned_assets_metadata")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_scanned_assets_metadata"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_scanned_assets_metadata ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_number'].nil? && opts[:'page_number'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_number"]" when calling SecurityMonitoringAPI.list_scanned_assets_metadata, must be greater than or equal to 1.'
  end
  allowable_values = ['Host', 'HostImage', 'Image']
  if @api_client.config.client_side_validation && opts[:'filter_asset_type'] && !allowable_values.include?(opts[:'filter_asset_type'])
    fail ArgumentError, "invalid value for \"filter_asset_type\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/scanned-assets-metadata'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[token]'] = opts[:'page_token'] if !opts[:'page_token'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'filter[asset.type]'] = opts[:'filter_asset_type'] if !opts[:'filter_asset_type'].nil?
  query_params[:'filter[asset.name]'] = opts[:'filter_asset_name'] if !opts[:'filter_asset_name'].nil?
  query_params[:'filter[last_success.origin]'] = opts[:'filter_last_success_origin'] if !opts[:'filter_last_success_origin'].nil?
  query_params[:'filter[last_success.env]'] = opts[:'filter_last_success_env'] if !opts[:'filter_last_success_env'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ScannedAssetsMetadata'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :list_scanned_assets_metadata,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_scanned_assets_metadata\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_filters(opts = {}) ⇒ Object

Get all security filters.

See Also:

• #list_security_filters_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3896

def list_security_filters(opts = {})
  data, _status_code, _headers = list_security_filters_with_http_info(opts)
  data
end

#list_security_filters_with_http_info(opts = {}) ⇒ Array<(SecurityFiltersResponse, Integer, Hash)>

Get all security filters.

Get the list of configured security filters with their definitions.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFiltersResponse, Integer, Hash)>) —

  SecurityFiltersResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3907

def list_security_filters_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_filters ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFiltersResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_filters,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_filters\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_findings(opts = {}) ⇒ Object

List security findings.

See Also:

• #list_security_findings_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3956

def list_security_findings(opts = {})
  data, _status_code, _headers = list_security_findings_with_http_info(opts)
  data
end

#list_security_findings_with_http_info(opts = {}) ⇒ Array<(ListSecurityFindingsResponse, Integer, Hash)>

List security findings.

Get a list of security findings that match a search query. [See the schema for security findings](docs.datadoghq.com/security/guide/findings-schema/).

### Query Syntax

This endpoint uses the logs query syntax. Findings attributes (living in the attributes.attributes. namespace) are prefixed by @ when queried. Tags are queried without a prefix.

Example: ‘@severity:(critical OR high) @status:open team:platform`

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_query (String) —

  The search query following log search syntax.

• :page_cursor (String) —

  Get the next page of results with a cursor provided in the previous query.

• :page_limit (Integer) —

  The maximum number of findings in the response.

• :sort (SecurityFindingsSort) —

  Sorts by @detection_changed_at.

Returns:

• (Array<(ListSecurityFindingsResponse, Integer, Hash)>) —

  ListSecurityFindingsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3977

def list_security_findings_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_findings ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 150
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_security_findings, must be smaller than or equal to 150.'
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_security_findings, must be greater than or equal to 1.'
  end
  allowable_values = ['@detection_changed_at', '-@detection_changed_at']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/findings'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListSecurityFindingsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_findings,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_findings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_findings_with_pagination(opts = {}) {|SecurityFindingsData| ... } ⇒ Object

List security findings.

Provide a paginated version of #list_security_findings, returning all items.

To use it you need to use a block: list_security_findings_with_pagination { |item| p item }

Yields:

• (SecurityFindingsData) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4044

def list_security_findings_with_pagination(opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(opts, "page_limit", 10)
    @api_client.set_attribute_from_path(api_version, opts, "page_limit", Integer, page_size)
    while true do
        response = list_security_findings(opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length < page_size
          break
        end
        @api_client.set_attribute_from_path(api_version, opts, "page_cursor", String, @api_client.get_attribute_from_path(response, "meta.page.after"))
    end
end

#list_security_monitoring_critical_assets(opts = {}) ⇒ Object

Get all critical assets.

See Also:

• #list_security_monitoring_critical_assets_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4061

def list_security_monitoring_critical_assets(opts = {})
  data, _status_code, _headers = list_security_monitoring_critical_assets_with_http_info(opts)
  data
end

#list_security_monitoring_critical_assets_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>

Get all critical assets.

Get the list of all critical assets.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :query (String) —

  Query string.

Returns:

• (Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>) —

  SecurityMonitoringCriticalAssetsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4073

def list_security_monitoring_critical_assets_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_critical_assets ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'query'] = opts[:'query'] if !opts[:'query'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_critical_assets,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_critical_assets\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_histsignals(opts = {}) ⇒ Object

List hist signals.

See Also:

• #list_security_monitoring_histsignals_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4123

def list_security_monitoring_histsignals(opts = {})
  data, _status_code, _headers = list_security_monitoring_histsignals_with_http_info(opts)
  data
end

#list_security_monitoring_histsignals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

List hist signals.

List hist signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_query (String) —

  The search query for security signals.

• :filter_from (Time) —

  The minimum timestamp for requested security signals.

• :filter_to (Time) —

  The maximum timestamp for requested security signals.

• :sort (SecurityMonitoringSignalsSort) —

  The order of the security signals in results.

• :page_cursor (String) —

  A list of results using the cursor provided in the previous query.

• :page_limit (Integer) —

  The maximum number of security signals in the response.

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4140

def list_security_monitoring_histsignals_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_security_monitoring_histsignals".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_security_monitoring_histsignals")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_security_monitoring_histsignals"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_histsignals ...'
  end
  allowable_values = ['timestamp', '-timestamp']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_security_monitoring_histsignals, must be smaller than or equal to 1000.'
  end
  # resource path
  local_var_path = '/api/v2/siem-threat-hunting/histsignals'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?
  query_params[:'filter[from]'] = opts[:'filter_from'] if !opts[:'filter_from'].nil?
  query_params[:'filter[to]'] = opts[:'filter_to'] if !opts[:'filter_to'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_histsignals,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_histsignals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_rules(opts = {}) ⇒ Object

List rules.

See Also:

• #list_security_monitoring_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4208

def list_security_monitoring_rules(opts = {})
  data, _status_code, _headers = list_security_monitoring_rules_with_http_info(opts)
  data
end

#list_security_monitoring_rules_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringListRulesResponse, Integer, Hash)>

List rules.

List rules.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

• :query (String) —

  A search query to filter security rules. You can filter by attributes such as type, source, tags.

Returns:

• (Array<(SecurityMonitoringListRulesResponse, Integer, Hash)>) —

  SecurityMonitoringListRulesResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4222

def list_security_monitoring_rules_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_rules ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'query'] = opts[:'query'] if !opts[:'query'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringListRulesResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_signals(opts = {}) ⇒ Object

Get a quick list of security signals.

See Also:

• #list_security_monitoring_signals_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4274

def list_security_monitoring_signals(opts = {})
  data, _status_code, _headers = list_security_monitoring_signals_with_http_info(opts)
  data
end

#list_security_monitoring_signals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

Get a quick list of security signals.

The list endpoint returns security signals that match a search query. Both this endpoint and the POST endpoint can be used interchangeably when listing security signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_query (String) —

  The search query for security signals.

• :filter_from (Time) —

  The minimum timestamp for requested security signals.

• :filter_to (Time) —

  The maximum timestamp for requested security signals.

• :sort (SecurityMonitoringSignalsSort) —

  The order of the security signals in results.

• :page_cursor (String) —

  A list of results using the cursor provided in the previous query.

• :page_limit (Integer) —

  The maximum number of security signals in the response.

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4293

def list_security_monitoring_signals_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_signals ...'
  end
  allowable_values = ['timestamp', '-timestamp']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_security_monitoring_signals, must be smaller than or equal to 1000.'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?
  query_params[:'filter[from]'] = opts[:'filter_from'] if !opts[:'filter_from'].nil?
  query_params[:'filter[to]'] = opts[:'filter_to'] if !opts[:'filter_to'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_signals,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_signals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_signals_with_pagination(opts = {}) {|SecurityMonitoringSignal| ... } ⇒ Object

Get a quick list of security signals.

Provide a paginated version of #list_security_monitoring_signals, returning all items.

To use it you need to use a block: list_security_monitoring_signals_with_pagination { |item| p item }

Yields:

• (SecurityMonitoringSignal) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4359

def list_security_monitoring_signals_with_pagination(opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(opts, "page_limit", 10)
    @api_client.set_attribute_from_path(api_version, opts, "page_limit", Integer, page_size)
    while true do
        response = list_security_monitoring_signals(opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length < page_size
          break
        end
        @api_client.set_attribute_from_path(api_version, opts, "page_cursor", String, @api_client.get_attribute_from_path(response, "meta.page.after"))
    end
end

#list_security_monitoring_suppressions(opts = {}) ⇒ Object

Get all suppression rules.

See Also:

• #list_security_monitoring_suppressions_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4376

def list_security_monitoring_suppressions(opts = {})
  data, _status_code, _headers = list_security_monitoring_suppressions_with_http_info(opts)
  data
end

#list_security_monitoring_suppressions_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>

Get all suppression rules.

Get the list of all suppression rules.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :query (String) —

  Query string.

Returns:

• (Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4388

def list_security_monitoring_suppressions_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_suppressions ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'query'] = opts[:'query'] if !opts[:'query'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_suppressions,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_suppressions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_threat_hunting_jobs(opts = {}) ⇒ Object

List threat hunting jobs.

See Also:

• #list_threat_hunting_jobs_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4438

def list_threat_hunting_jobs(opts = {})
  data, _status_code, _headers = list_threat_hunting_jobs_with_http_info(opts)
  data
end

#list_threat_hunting_jobs_with_http_info(opts = {}) ⇒ Array<(ListThreatHuntingJobsResponse, Integer, Hash)>

List threat hunting jobs.

List threat hunting jobs.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

• :sort (String) —

  The order of the jobs in results.

• :filter_query (String) —

  Query used to filter items from the fetched list.

Returns:

• (Array<(ListThreatHuntingJobsResponse, Integer, Hash)>) —

  ListThreatHuntingJobsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4453

def list_threat_hunting_jobs_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_threat_hunting_jobs".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_threat_hunting_jobs")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_threat_hunting_jobs"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_threat_hunting_jobs ...'
  end
  # resource path
  local_var_path = '/api/v2/siem-threat-hunting/jobs'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListThreatHuntingJobsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_threat_hunting_jobs,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_threat_hunting_jobs\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_vulnerabilities(opts = {}) ⇒ Object

List vulnerabilities.

See Also:

• #list_vulnerabilities_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4512

def list_vulnerabilities(opts = {})
  data, _status_code, _headers = list_vulnerabilities_with_http_info(opts)
  data
end

#list_vulnerabilities_with_http_info(opts = {}) ⇒ Array<(ListVulnerabilitiesResponse, Integer, Hash)>

List vulnerabilities.

Get a list of vulnerabilities.

### Pagination

Pagination is enabled by default in both vulnerabilities and assets. The size of the page varies depending on the endpoint and cannot be modified. To automate the request of the next page, you can use the links section in the response.

This endpoint will return paginated responses. The pages are stored in the links section of the response:

“‘JSON

"data": [...],
"meta": {...,
"links": {
  "self": "https://.../api/v2/security/vulnerabilities",
  "first": "https://.../api/v2/security/vulnerabilities?page[number]=1&page[token]=abc",
  "last": "https://.../api/v2/security/vulnerabilities?page[number]=43&page[token]=abc",
  "next": "https://.../api/v2/security/vulnerabilities?page[number]=2&page[token]=abc"
}

} “‘

• links.previous is empty if the first page is requested.

• links.next is empty if the last page is requested.

#### Token

Vulnerabilities can be created, updated or deleted at any point in time.

Upon the first request, a token is created to ensure consistency across subsequent paginated requests.

A token is valid only for 24 hours.

#### First request

We consider a request to be the first request when there is no page[token] parameter.

The response of this first request contains the newly created token in the links section.

This token can then be used in the subsequent paginated requests.

*Note: The first request may take longer to complete than subsequent requests.*

#### Subsequent requests

Any request containing valid page[token] and page[number] parameters will be considered a subsequent request.

If the token is invalid, a 404 response will be returned.

If the page number is invalid, a 400 response will be returned.

The returned token is valid for all requests in the pagination sequence. To send paginated requests in parallel, reuse the same token and change only the page[number] parameter.

### Filtering

The request can include some filter parameters to filter the data to be retrieved. The format of the filter parameters follows the [JSON:API format](jsonapi.org/format/#fetching-filtering): ‘filter`, where prop_name is the property name in the entity being filtered by.

All filters can include multiple values, where data will be filtered with an OR clause: ‘filter=Title1,Title2` will filter all vulnerabilities where title is equal to Title1 OR Title2.

String filters are case sensitive.

Boolean filters accept true or false as values.

Number filters must include an operator as a second filter input: ‘filter[$operator]`. For example, for the vulnerabilities endpoint: `filter[lte]=8`.

Available operators are: eq (==), lt (<), lte (<=), gt (>) and gte (>=).

### Metadata

Following [JSON:API format](jsonapi.org/format/#document-meta), object including non-standard meta-information.

This endpoint includes the meta member in the response. For more details on each of the properties included in this section, check the endpoints response tables.

“‘JSON {

"data": [...],
"meta": {
  "total": 1500,
  "count": 18732,
  "token": "some_token"
},
"links": ...

} “‘ ### Extensions

Requests may include extensions to modify the behavior of the requested endpoint. The filter parameters follow the [JSON:API format](jsonapi.org/extensions/#extensions) format: ‘ext:$extension_name`, where extension_name is the name of the modifier that is being applied.

Extensions can only include one value: ‘ext:modifier=value`.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_token (String) —

  Its value must come from the links section of the response of the first request. Do not manually edit it.

• :page_number (Integer) —

  The page number to be retrieved. It should be equal or greater than 1

• :filter_type (VulnerabilityType) —

  Filter by vulnerability type.

• :filter_cvss_base_score_op (Float) —

  Filter by vulnerability base (i.e. from the original advisory) severity score.

• :filter_cvss_base_severity (VulnerabilitySeverity) —

  Filter by vulnerability base severity.

• :filter_cvss_base_vector (String) —

  Filter by vulnerability base CVSS vector.

• :filter_cvss_datadog_score_op (Float) —

  Filter by vulnerability Datadog severity score.

• :filter_cvss_datadog_severity (VulnerabilitySeverity) —

  Filter by vulnerability Datadog severity.

• :filter_cvss_datadog_vector (String) —

  Filter by vulnerability Datadog CVSS vector.

• :filter_status (VulnerabilityStatus) —

  Filter by the status of the vulnerability.

• :filter_tool (VulnerabilityTool) —

  Filter by the tool of the vulnerability.

• :filter_library_name (String) —

  Filter by library name.

• :filter_library_version (String) —

  Filter by library version.

• :filter_advisory_id (String) —

  Filter by advisory ID.

• :filter_risks_exploitation_probability (Boolean) —

  Filter by exploitation probability.

• :filter_risks_poc_exploit_available (Boolean) —

  Filter by POC exploit availability.

• :filter_risks_exploit_available (Boolean) —

  Filter by public exploit availability.

• :filter_risks_epss_score_op (Float) —

  Filter by vulnerability [EPSS](www.first.org/epss/) severity score.

• :filter_risks_epss_severity (VulnerabilitySeverity) —

  Filter by vulnerability [EPSS](www.first.org/epss/) severity.

• :filter_language (String) —

  Filter by language.

• :filter_ecosystem (VulnerabilityEcosystem) —

  Filter by ecosystem.

• :filter_code_location_location (String) —

  Filter by vulnerability location.

• :filter_code_location_file_path (String) —

  Filter by vulnerability file path.

• :filter_code_location_method (String) —

  Filter by method.

• :filter_fix_available (Boolean) —

  Filter by fix availability.

• :filter_repo_digests (String) —

  Filter by vulnerability repo_digest (when the vulnerability is related to Image asset).

• :filter_origin (String) —

  Filter by origin.

• :filter_running_kernel (Boolean) —

  Filter for whether the vulnerability affects a running kernel (for vulnerabilities related to a Host asset).

• :filter_asset_name (String) —

  Filter by asset name. This field supports the usage of wildcards (*).

• :filter_asset_type (AssetType) —

  Filter by asset type.

• :filter_asset_version_first (String) —

  Filter by the first version of the asset this vulnerability has been detected on.

• :filter_asset_version_last (String) —

  Filter by the last version of the asset this vulnerability has been detected on.

• :filter_asset_repository_url (String) —

  Filter by the repository url associated to the asset.

• :filter_asset_risks_in_production (Boolean) —

  Filter whether the asset is in production or not.

• :filter_asset_risks_under_attack (Boolean) —

  Filter whether the asset is under attack or not.

• :filter_asset_risks_is_publicly_accessible (Boolean) —

  Filter whether the asset is publicly accessible or not.

• :filter_asset_risks_has_privileged_access (Boolean) —

  Filter whether the asset is publicly accessible or not.

• :filter_asset_risks_has_access_to_sensitive_data (Boolean) —

  Filter whether the asset has access to sensitive data or not.

• :filter_asset_environments (String) —

  Filter by asset environments.

• :filter_asset_teams (String) —

  Filter by asset teams.

• :filter_asset_arch (String) —

  Filter by asset architecture.

• :filter_asset_operating_system_name (String) —

  Filter by asset operating system name.

• :filter_asset_operating_system_version (String) —

  Filter by asset operating system version.

Returns:

• (Array<(ListVulnerabilitiesResponse, Integer, Hash)>) —

  ListVulnerabilitiesResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4654

def list_vulnerabilities_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_vulnerabilities".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_vulnerabilities")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_vulnerabilities"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_vulnerabilities ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_number'].nil? && opts[:'page_number'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_number"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be greater than or equal to 1.'
  end
  allowable_values = ['AdminConsoleActive', 'CodeInjection', 'CommandInjection', 'ComponentWithKnownVulnerability', 'DangerousWorkflows', 'DefaultAppDeployed', 'DefaultHtmlEscapeInvalid', 'DirectoryListingLeak', 'EmailHtmlInjection', 'EndOfLife', 'HardcodedPassword', 'HardcodedSecret', 'HeaderInjection', 'HstsHeaderMissing', 'InsecureAuthProtocol', 'InsecureCookie', 'InsecureJspLayout', 'LdapInjection', 'MaliciousPackage', 'MandatoryRemediation', 'NoHttpOnlyCookie', 'NoSameSiteCookie', 'NoSqlMongoDbInjection', 'PathTraversal', 'ReflectionInjection', 'RiskyLicense', 'SessionRewriting', 'SessionTimeout', 'SqlInjection', 'Ssrf', 'StackTraceLeak', 'TrustBoundaryViolation', 'Unmaintained', 'UntrustedDeserialization', 'UnvalidatedRedirect', 'VerbTampering', 'WeakCipher', 'WeakHash', 'WeakRandomness', 'XContentTypeHeaderMissing', 'XPathInjection', 'Xss']
  if @api_client.config.client_side_validation && opts[:'filter_type'] && !allowable_values.include?(opts[:'filter_type'])
    fail ArgumentError, "invalid value for \"filter_type\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'filter_cvss_base_score_op'].nil? && opts[:'filter_cvss_base_score_op'] > 10
    fail ArgumentError, 'invalid value for "opts[:"filter_cvss_base_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be smaller than or equal to 10.'
  end
  if @api_client.config.client_side_validation && !opts[:'filter_cvss_base_score_op'].nil? && opts[:'filter_cvss_base_score_op'] < 0
    fail ArgumentError, 'invalid value for "opts[:"filter_cvss_base_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be greater than or equal to 0.'
  end
  allowable_values = ['Unknown', 'None', 'Low', 'Medium', 'High', 'Critical']
  if @api_client.config.client_side_validation && opts[:'filter_cvss_base_severity'] && !allowable_values.include?(opts[:'filter_cvss_base_severity'])
    fail ArgumentError, "invalid value for \"filter_cvss_base_severity\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'filter_cvss_datadog_score_op'].nil? && opts[:'filter_cvss_datadog_score_op'] > 10
    fail ArgumentError, 'invalid value for "opts[:"filter_cvss_datadog_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be smaller than or equal to 10.'
  end
  if @api_client.config.client_side_validation && !opts[:'filter_cvss_datadog_score_op'].nil? && opts[:'filter_cvss_datadog_score_op'] < 0
    fail ArgumentError, 'invalid value for "opts[:"filter_cvss_datadog_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be greater than or equal to 0.'
  end
  allowable_values = ['Unknown', 'None', 'Low', 'Medium', 'High', 'Critical']
  if @api_client.config.client_side_validation && opts[:'filter_cvss_datadog_severity'] && !allowable_values.include?(opts[:'filter_cvss_datadog_severity'])
    fail ArgumentError, "invalid value for \"filter_cvss_datadog_severity\", must be one of #{allowable_values}"
  end
  allowable_values = ['Open', 'Muted', 'Remediated', 'InProgress', 'AutoClosed']
  if @api_client.config.client_side_validation && opts[:'filter_status'] && !allowable_values.include?(opts[:'filter_status'])
    fail ArgumentError, "invalid value for \"filter_status\", must be one of #{allowable_values}"
  end
  allowable_values = ['IAST', 'SCA', 'Infra', 'SAST']
  if @api_client.config.client_side_validation && opts[:'filter_tool'] && !allowable_values.include?(opts[:'filter_tool'])
    fail ArgumentError, "invalid value for \"filter_tool\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'filter_risks_epss_score_op'].nil? && opts[:'filter_risks_epss_score_op'] > 1
    fail ArgumentError, 'invalid value for "opts[:"filter_risks_epss_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be smaller than or equal to 1.'
  end
  if @api_client.config.client_side_validation && !opts[:'filter_risks_epss_score_op'].nil? && opts[:'filter_risks_epss_score_op'] < 0
    fail ArgumentError, 'invalid value for "opts[:"filter_risks_epss_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be greater than or equal to 0.'
  end
  allowable_values = ['Unknown', 'None', 'Low', 'Medium', 'High', 'Critical']
  if @api_client.config.client_side_validation && opts[:'filter_risks_epss_severity'] && !allowable_values.include?(opts[:'filter_risks_epss_severity'])
    fail ArgumentError, "invalid value for \"filter_risks_epss_severity\", must be one of #{allowable_values}"
  end
  allowable_values = ['PyPI', 'Maven', 'NuGet', 'Npm', 'RubyGems', 'Go', 'Packagist', 'Deb', 'Rpm', 'Apk', 'Windows', 'Generic', 'MacOs', 'Oci', 'BottleRocket', 'None']
  if @api_client.config.client_side_validation && opts[:'filter_ecosystem'] && !allowable_values.include?(opts[:'filter_ecosystem'])
    fail ArgumentError, "invalid value for \"filter_ecosystem\", must be one of #{allowable_values}"
  end
  allowable_values = ['Repository', 'Service', 'Host', 'HostImage', 'Image']
  if @api_client.config.client_side_validation && opts[:'filter_asset_type'] && !allowable_values.include?(opts[:'filter_asset_type'])
    fail ArgumentError, "invalid value for \"filter_asset_type\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[token]'] = opts[:'page_token'] if !opts[:'page_token'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'filter[type]'] = opts[:'filter_type'] if !opts[:'filter_type'].nil?
  query_params[:'filter[cvss.base.score][`$op`]'] = opts[:'filter_cvss_base_score_op'] if !opts[:'filter_cvss_base_score_op'].nil?
  query_params[:'filter[cvss.base.severity]'] = opts[:'filter_cvss_base_severity'] if !opts[:'filter_cvss_base_severity'].nil?
  query_params[:'filter[cvss.base.vector]'] = opts[:'filter_cvss_base_vector'] if !opts[:'filter_cvss_base_vector'].nil?
  query_params[:'filter[cvss.datadog.score][`$op`]'] = opts[:'filter_cvss_datadog_score_op'] if !opts[:'filter_cvss_datadog_score_op'].nil?
  query_params[:'filter[cvss.datadog.severity]'] = opts[:'filter_cvss_datadog_severity'] if !opts[:'filter_cvss_datadog_severity'].nil?
  query_params[:'filter[cvss.datadog.vector]'] = opts[:'filter_cvss_datadog_vector'] if !opts[:'filter_cvss_datadog_vector'].nil?
  query_params[:'filter[status]'] = opts[:'filter_status'] if !opts[:'filter_status'].nil?
  query_params[:'filter[tool]'] = opts[:'filter_tool'] if !opts[:'filter_tool'].nil?
  query_params[:'filter[library.name]'] = opts[:'filter_library_name'] if !opts[:'filter_library_name'].nil?
  query_params[:'filter[library.version]'] = opts[:'filter_library_version'] if !opts[:'filter_library_version'].nil?
  query_params[:'filter[advisory.id]'] = opts[:'filter_advisory_id'] if !opts[:'filter_advisory_id'].nil?
  query_params[:'filter[risks.exploitation_probability]'] = opts[:'filter_risks_exploitation_probability'] if !opts[:'filter_risks_exploitation_probability'].nil?
  query_params[:'filter[risks.poc_exploit_available]'] = opts[:'filter_risks_poc_exploit_available'] if !opts[:'filter_risks_poc_exploit_available'].nil?
  query_params[:'filter[risks.exploit_available]'] = opts[:'filter_risks_exploit_available'] if !opts[:'filter_risks_exploit_available'].nil?
  query_params[:'filter[risks.epss.score][`$op`]'] = opts[:'filter_risks_epss_score_op'] if !opts[:'filter_risks_epss_score_op'].nil?
  query_params[:'filter[risks.epss.severity]'] = opts[:'filter_risks_epss_severity'] if !opts[:'filter_risks_epss_severity'].nil?
  query_params[:'filter[language]'] = opts[:'filter_language'] if !opts[:'filter_language'].nil?
  query_params[:'filter[ecosystem]'] = opts[:'filter_ecosystem'] if !opts[:'filter_ecosystem'].nil?
  query_params[:'filter[code_location.location]'] = opts[:'filter_code_location_location'] if !opts[:'filter_code_location_location'].nil?
  query_params[:'filter[code_location.file_path]'] = opts[:'filter_code_location_file_path'] if !opts[:'filter_code_location_file_path'].nil?
  query_params[:'filter[code_location.method]'] = opts[:'filter_code_location_method'] if !opts[:'filter_code_location_method'].nil?
  query_params[:'filter[fix_available]'] = opts[:'filter_fix_available'] if !opts[:'filter_fix_available'].nil?
  query_params[:'filter[repo_digests]'] = opts[:'filter_repo_digests'] if !opts[:'filter_repo_digests'].nil?
  query_params[:'filter[origin]'] = opts[:'filter_origin'] if !opts[:'filter_origin'].nil?
  query_params[:'filter[running_kernel]'] = opts[:'filter_running_kernel'] if !opts[:'filter_running_kernel'].nil?
  query_params[:'filter[asset.name]'] = opts[:'filter_asset_name'] if !opts[:'filter_asset_name'].nil?
  query_params[:'filter[asset.type]'] = opts[:'filter_asset_type'] if !opts[:'filter_asset_type'].nil?
  query_params[:'filter[asset.version.first]'] = opts[:'filter_asset_version_first'] if !opts[:'filter_asset_version_first'].nil?
  query_params[:'filter[asset.version.last]'] = opts[:'filter_asset_version_last'] if !opts[:'filter_asset_version_last'].nil?
  query_params[:'filter[asset.repository_url]'] = opts[:'filter_asset_repository_url'] if !opts[:'filter_asset_repository_url'].nil?
  query_params[:'filter[asset.risks.in_production]'] = opts[:'filter_asset_risks_in_production'] if !opts[:'filter_asset_risks_in_production'].nil?
  query_params[:'filter[asset.risks.under_attack]'] = opts[:'filter_asset_risks_under_attack'] if !opts[:'filter_asset_risks_under_attack'].nil?
  query_params[:'filter[asset.risks.is_publicly_accessible]'] = opts[:'filter_asset_risks_is_publicly_accessible'] if !opts[:'filter_asset_risks_is_publicly_accessible'].nil?
  query_params[:'filter[asset.risks.has_privileged_access]'] = opts[:'filter_asset_risks_has_privileged_access'] if !opts[:'filter_asset_risks_has_privileged_access'].nil?
  query_params[:'filter[asset.risks.has_access_to_sensitive_data]'] = opts[:'filter_asset_risks_has_access_to_sensitive_data'] if !opts[:'filter_asset_risks_has_access_to_sensitive_data'].nil?
  query_params[:'filter[asset.environments]'] = opts[:'filter_asset_environments'] if !opts[:'filter_asset_environments'].nil?
  query_params[:'filter[asset.teams]'] = opts[:'filter_asset_teams'] if !opts[:'filter_asset_teams'].nil?
  query_params[:'filter[asset.arch]'] = opts[:'filter_asset_arch'] if !opts[:'filter_asset_arch'].nil?
  query_params[:'filter[asset.operating_system.name]'] = opts[:'filter_asset_operating_system_name'] if !opts[:'filter_asset_operating_system_name'].nil?
  query_params[:'filter[asset.operating_system.version]'] = opts[:'filter_asset_operating_system_version'] if !opts[:'filter_asset_operating_system_version'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListVulnerabilitiesResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :list_vulnerabilities,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_vulnerabilities\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_vulnerable_assets(opts = {}) ⇒ Object

List vulnerable assets.

See Also:

• #list_vulnerable_assets_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4805

def list_vulnerable_assets(opts = {})
  data, _status_code, _headers = list_vulnerable_assets_with_http_info(opts)
  data
end

#list_vulnerable_assets_with_http_info(opts = {}) ⇒ Array<(ListVulnerableAssetsResponse, Integer, Hash)>

List vulnerable assets.

Get a list of vulnerable assets.

### Pagination

Please review the [Pagination section for the “List Vulnerabilities”](#pagination) endpoint.

### Filtering

Please review the [Filtering section for the “List Vulnerabilities”](#filtering) endpoint.

### Metadata

Please review the [Metadata section for the “List Vulnerabilities”](#metadata) endpoint.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_token (String) —

  Its value must come from the links section of the response of the first request. Do not manually edit it.

• :page_number (Integer) —

  The page number to be retrieved. It should be equal or greater than 1

• :filter_name (String) —

  Filter by name. This field supports the usage of wildcards (*).

• :filter_type (AssetType) —

  Filter by type.

• :filter_version_first (String) —

  Filter by the first version of the asset since it has been vulnerable.

• :filter_version_last (String) —

  Filter by the last detected version of the asset.

• :filter_repository_url (String) —

  Filter by the repository url associated to the asset.

• :filter_risks_in_production (Boolean) —

  Filter whether the asset is in production or not.

• :filter_risks_under_attack (Boolean) —

  Filter whether the asset (Service) is under attack or not.

• :filter_risks_is_publicly_accessible (Boolean) —

  Filter whether the asset (Host) is publicly accessible or not.

• :filter_risks_has_privileged_access (Boolean) —

  Filter whether the asset (Host) has privileged access or not.

• :filter_risks_has_access_to_sensitive_data (Boolean) —

  Filter whether the asset (Host) has access to sensitive data or not.

• :filter_environments (String) —

  Filter by environment.

• :filter_teams (String) —

  Filter by teams.

• :filter_arch (String) —

  Filter by architecture.

• :filter_operating_system_name (String) —

  Filter by operating system name.

• :filter_operating_system_version (String) —

  Filter by operating system version.

Returns:

• (Array<(ListVulnerableAssetsResponse, Integer, Hash)>) —

  ListVulnerableAssetsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4845

def list_vulnerable_assets_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_vulnerable_assets".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_vulnerable_assets")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_vulnerable_assets"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_vulnerable_assets ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_number'].nil? && opts[:'page_number'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_number"]" when calling SecurityMonitoringAPI.list_vulnerable_assets, must be greater than or equal to 1.'
  end
  allowable_values = ['Repository', 'Service', 'Host', 'HostImage', 'Image']
  if @api_client.config.client_side_validation && opts[:'filter_type'] && !allowable_values.include?(opts[:'filter_type'])
    fail ArgumentError, "invalid value for \"filter_type\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerable-assets'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[token]'] = opts[:'page_token'] if !opts[:'page_token'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'filter[name]'] = opts[:'filter_name'] if !opts[:'filter_name'].nil?
  query_params[:'filter[type]'] = opts[:'filter_type'] if !opts[:'filter_type'].nil?
  query_params[:'filter[version.first]'] = opts[:'filter_version_first'] if !opts[:'filter_version_first'].nil?
  query_params[:'filter[version.last]'] = opts[:'filter_version_last'] if !opts[:'filter_version_last'].nil?
  query_params[:'filter[repository_url]'] = opts[:'filter_repository_url'] if !opts[:'filter_repository_url'].nil?
  query_params[:'filter[risks.in_production]'] = opts[:'filter_risks_in_production'] if !opts[:'filter_risks_in_production'].nil?
  query_params[:'filter[risks.under_attack]'] = opts[:'filter_risks_under_attack'] if !opts[:'filter_risks_under_attack'].nil?
  query_params[:'filter[risks.is_publicly_accessible]'] = opts[:'filter_risks_is_publicly_accessible'] if !opts[:'filter_risks_is_publicly_accessible'].nil?
  query_params[:'filter[risks.has_privileged_access]'] = opts[:'filter_risks_has_privileged_access'] if !opts[:'filter_risks_has_privileged_access'].nil?
  query_params[:'filter[risks.has_access_to_sensitive_data]'] = opts[:'filter_risks_has_access_to_sensitive_data'] if !opts[:'filter_risks_has_access_to_sensitive_data'].nil?
  query_params[:'filter[environments]'] = opts[:'filter_environments'] if !opts[:'filter_environments'].nil?
  query_params[:'filter[teams]'] = opts[:'filter_teams'] if !opts[:'filter_teams'].nil?
  query_params[:'filter[arch]'] = opts[:'filter_arch'] if !opts[:'filter_arch'].nil?
  query_params[:'filter[operating_system.name]'] = opts[:'filter_operating_system_name'] if !opts[:'filter_operating_system_name'].nil?
  query_params[:'filter[operating_system.version]'] = opts[:'filter_operating_system_version'] if !opts[:'filter_operating_system_version'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListVulnerableAssetsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :list_vulnerable_assets,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_vulnerable_assets\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#mute_findings(body, opts = {}) ⇒ Object

Mute or unmute a batch of findings.

See Also:

• #mute_findings_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4924

def mute_findings(body, opts = {})
  data, _status_code, _headers = mute_findings_with_http_info(body, opts)
  data
end

#mute_findings_with_http_info(body, opts = {}) ⇒ Array<(BulkMuteFindingsResponse, Integer, Hash)>

Mute or unmute a batch of findings.

Mute or unmute findings.

Parameters:

• body (BulkMuteFindingsRequest) —

  ### Attributes All findings are updated with the same attributes. The request body must include at least two attributes: muted and reason. The allowed reasons depend on whether the finding is being muted or unmuted: - To mute a finding: PENDING_FIX, FALSE_POSITIVE, ACCEPTED_RISK, OTHER. - To unmute a finding : NO_PENDING_FIX, HUMAN_ERROR, NO_LONGER_ACCEPTED_RISK, OTHER. ### Meta The request body must include a list of the finding IDs to be updated.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(BulkMuteFindingsResponse, Integer, Hash)>) —

  BulkMuteFindingsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4936

def mute_findings_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.mute_findings".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.mute_findings")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.mute_findings"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.mute_findings ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.mute_findings"
  end
  # resource path
  local_var_path = '/api/v2/posture_management/findings'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'BulkMuteFindingsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :mute_findings,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#mute_findings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#patch_signal_notification_rule(id, body, opts = {}) ⇒ Object

Patch a signal-based notification rule.

See Also:

• #patch_signal_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4997

def patch_signal_notification_rule(id, body, opts = {})
  data, _status_code, _headers = patch_signal_notification_rule_with_http_info(id, body, opts)
  data
end

#patch_signal_notification_rule_with_http_info(id, body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Patch a signal-based notification rule.

Partially update the notification rule. All fields are optional; if a field is not provided, it is not updated.

Parameters:

• id (String) —

  ID of the notification rule.

• body (PatchNotificationRuleParameters)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5010

def patch_signal_notification_rule_with_http_info(id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.patch_signal_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.patch_signal_notification_rule"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.patch_signal_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/signals/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :patch_signal_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#patch_signal_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#patch_vulnerability_notification_rule(id, body, opts = {}) ⇒ Object

Patch a vulnerability-based notification rule.

See Also:

• #patch_vulnerability_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5069

def patch_vulnerability_notification_rule(id, body, opts = {})
  data, _status_code, _headers = patch_vulnerability_notification_rule_with_http_info(id, body, opts)
  data
end

#patch_vulnerability_notification_rule_with_http_info(id, body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Patch a vulnerability-based notification rule.

Partially update the notification rule. All fields are optional; if a field is not provided, it is not updated.

Parameters:

• id (String) —

  ID of the notification rule.

• body (PatchNotificationRuleParameters)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5082

def patch_vulnerability_notification_rule_with_http_info(id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.patch_vulnerability_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.patch_vulnerability_notification_rule"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.patch_vulnerability_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :patch_vulnerability_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#patch_vulnerability_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#run_threat_hunting_job(body, opts = {}) ⇒ Object

Run a threat hunting job.

See Also:

• #run_threat_hunting_job_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5141

def run_threat_hunting_job(body, opts = {})
  data, _status_code, _headers = run_threat_hunting_job_with_http_info(body, opts)
  data
end

#run_threat_hunting_job_with_http_info(body, opts = {}) ⇒ Array<(JobCreateResponse, Integer, Hash)>

Run a threat hunting job.

Run a threat hunting job.

Parameters:

• body (RunThreatHuntingJobRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(JobCreateResponse, Integer, Hash)>) —

  JobCreateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5153

def run_threat_hunting_job_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.run_threat_hunting_job".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.run_threat_hunting_job")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.run_threat_hunting_job"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.run_threat_hunting_job ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.run_threat_hunting_job"
  end
  # resource path
  local_var_path = '/api/v2/siem-threat-hunting/jobs'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'JobCreateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :run_threat_hunting_job,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#run_threat_hunting_job\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#search_security_findings(body, opts = {}) ⇒ Object

Search security findings.

See Also:

• #search_security_findings_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5214

def search_security_findings(body, opts = {})
  data, _status_code, _headers = search_security_findings_with_http_info(body, opts)
  data
end

#search_security_findings_with_http_info(body, opts = {}) ⇒ Array<(ListSecurityFindingsResponse, Integer, Hash)>

Search security findings.

Get a list of security findings that match a search query. [See the schema for security findings](docs.datadoghq.com/security/guide/findings-schema/).

### Query Syntax

The API uses the logs query syntax. Findings attributes (living in the attributes.attributes. namespace) are prefixed by @ when queried. Tags are queried without a prefix.

Example: ‘@severity:(critical OR high) @status:open team:platform`

Parameters:

• body (SecurityFindingsSearchRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(ListSecurityFindingsResponse, Integer, Hash)>) —

  ListSecurityFindingsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5232

def search_security_findings_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.search_security_findings ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.search_security_findings"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/search'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'ListSecurityFindingsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :search_security_findings,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#search_security_findings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#search_security_findings_with_pagination(body, opts = {}) {|SecurityFindingsData| ... } ⇒ Object

Search security findings.

Provide a paginated version of #search_security_findings, returning all items.

To use it you need to use a block: search_security_findings_with_pagination { |item| p item }

Yields:

• (SecurityFindingsData) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5291

def search_security_findings_with_pagination(body, opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(body, "data.attributes.page.limit", 10)
    @api_client.set_attribute_from_path(api_version, body, "data.attributes.page.limit", SecurityFindingsSearchRequestData, page_size)
    while true do
        response = search_security_findings(body, opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length < page_size
          break
        end
        @api_client.set_attribute_from_path(api_version, body, "data.attributes.page.cursor", SecurityFindingsSearchRequestData, @api_client.get_attribute_from_path(response, "meta.page.after"))
    end
end

#search_security_monitoring_histsignals(opts = {}) ⇒ Object

Search hist signals.

See Also:

• #search_security_monitoring_histsignals_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5308

def search_security_monitoring_histsignals(opts = {})
  data, _status_code, _headers = search_security_monitoring_histsignals_with_http_info(opts)
  data
end

#search_security_monitoring_histsignals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

Search hist signals.

Search hist signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :body (SecurityMonitoringSignalListRequest)

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5320

def search_security_monitoring_histsignals_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.search_security_monitoring_histsignals".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.search_security_monitoring_histsignals")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.search_security_monitoring_histsignals"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.search_security_monitoring_histsignals ...'
  end
  # resource path
  local_var_path = '/api/v2/siem-threat-hunting/histsignals/search'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(opts[:'body'])

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :search_security_monitoring_histsignals,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#search_security_monitoring_histsignals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#search_security_monitoring_signals(opts = {}) ⇒ Object

Get a list of security signals.

See Also:

• #search_security_monitoring_signals_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5377

def search_security_monitoring_signals(opts = {})
  data, _status_code, _headers = search_security_monitoring_signals_with_http_info(opts)
  data
end

#search_security_monitoring_signals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

Get a list of security signals.

Returns security signals that match a search query. Both this endpoint and the GET endpoint can be used interchangeably for listing security signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :body (SecurityMonitoringSignalListRequest)

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5391

def search_security_monitoring_signals_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.search_security_monitoring_signals ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/search'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(opts[:'body'])

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :search_security_monitoring_signals,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#search_security_monitoring_signals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#search_security_monitoring_signals_with_pagination(opts = {}) {|SecurityMonitoringSignal| ... } ⇒ Object

Get a list of security signals.

Provide a paginated version of #search_security_monitoring_signals, returning all items.

To use it you need to use a block: search_security_monitoring_signals_with_pagination { |item| p item }

Yields:

• (SecurityMonitoringSignal) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5446

def search_security_monitoring_signals_with_pagination(opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(opts, "body.page.limit", 10)
    @api_client.set_attribute_from_path(api_version, opts, "body.page.limit", SecurityMonitoringSignalListRequest, page_size)
    while true do
        response = search_security_monitoring_signals(opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length < page_size
          break
        end
        @api_client.set_attribute_from_path(api_version, opts, "body.page.cursor", SecurityMonitoringSignalListRequest, @api_client.get_attribute_from_path(response, "meta.page.after"))
    end
end

#test_existing_security_monitoring_rule(rule_id, body, opts = {}) ⇒ Object

Test an existing rule.

See Also:

• #test_existing_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5463

def test_existing_security_monitoring_rule(rule_id, body, opts = {})
  data, _status_code, _headers = test_existing_security_monitoring_rule_with_http_info(rule_id, body, opts)
  data
end

#test_existing_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) ⇒ Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>

Test an existing rule.

Test an existing rule.

Parameters:

• rule_id (String) —

  The ID of the rule.

• body (SecurityMonitoringRuleTestRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>) —

  SecurityMonitoringRuleTestResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5476

def test_existing_security_monitoring_rule_with_http_info(rule_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.test_existing_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.test_existing_security_monitoring_rule"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.test_existing_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}/test'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleTestResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :test_existing_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#test_existing_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#test_security_monitoring_rule(body, opts = {}) ⇒ Object

Test a rule.

See Also:

• #test_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5535

def test_security_monitoring_rule(body, opts = {})
  data, _status_code, _headers = test_security_monitoring_rule_with_http_info(body, opts)
  data
end

#test_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>

Test a rule.

Test a rule.

Parameters:

• body (SecurityMonitoringRuleTestRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>) —

  SecurityMonitoringRuleTestResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5547

def test_security_monitoring_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.test_security_monitoring_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.test_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/test'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleTestResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :test_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#test_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_custom_framework(handle, version, body, opts = {}) ⇒ Object

Update a custom framework.

See Also:

• #update_custom_framework_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5602

def update_custom_framework(handle, version, body, opts = {})
  data, _status_code, _headers = update_custom_framework_with_http_info(handle, version, body, opts)
  data
end

#update_custom_framework_with_http_info(handle, version, body, opts = {}) ⇒ Array<(UpdateCustomFrameworkResponse, Integer, Hash)>

Update a custom framework.

Update a custom framework.

Parameters:

• handle (String) —

  The framework handle

• version (String) —

  The framework version

• body (UpdateCustomFrameworkRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(UpdateCustomFrameworkResponse, Integer, Hash)>) —

  UpdateCustomFrameworkResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5616

def update_custom_framework_with_http_info(handle, version, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_custom_framework ...'
  end
  # verify the required parameter 'handle' is set
  if @api_client.config.client_side_validation && handle.nil?
    fail ArgumentError, "Missing the required parameter 'handle' when calling SecurityMonitoringAPI.update_custom_framework"
  end
  # verify the required parameter 'version' is set
  if @api_client.config.client_side_validation && version.nil?
    fail ArgumentError, "Missing the required parameter 'version' when calling SecurityMonitoringAPI.update_custom_framework"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_custom_framework"
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/custom_frameworks/{handle}/{version}'.sub('{handle}', CGI.escape(handle.to_s).gsub('%2F', '/')).sub('{version}', CGI.escape(version.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'UpdateCustomFrameworkResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_custom_framework,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Put, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_custom_framework\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_resource_evaluation_filters(body, opts = {}) ⇒ Object

Update resource filters.

See Also:

• #update_resource_evaluation_filters_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5679

def update_resource_evaluation_filters(body, opts = {})
  data, _status_code, _headers = update_resource_evaluation_filters_with_http_info(body, opts)
  data
end

#update_resource_evaluation_filters_with_http_info(body, opts = {}) ⇒ Array<(UpdateResourceEvaluationFiltersResponse, Integer, Hash)>

Update resource filters.

Update resource filters.

Parameters:

• body (UpdateResourceEvaluationFiltersRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(UpdateResourceEvaluationFiltersResponse, Integer, Hash)>) —

  UpdateResourceEvaluationFiltersResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5691

def update_resource_evaluation_filters_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_resource_evaluation_filters ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_resource_evaluation_filters"
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/resource_filters'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'UpdateResourceEvaluationFiltersResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_resource_evaluation_filters,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Put, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_resource_evaluation_filters\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_filter(security_filter_id, body, opts = {}) ⇒ Object

Update a security filter.

See Also:

• #update_security_filter_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5746

def update_security_filter(security_filter_id, body, opts = {})
  data, _status_code, _headers = update_security_filter_with_http_info(security_filter_id, body, opts)
  data
end

#update_security_filter_with_http_info(security_filter_id, body, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

Update a security filter.

Update a specific security filter. Returns the security filter object when the request is successful.

Parameters:

• security_filter_id (String) —

  The ID of the security filter.

• body (SecurityFilterUpdateRequest) —

  New definition of the security filter.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFilterResponse, Integer, Hash)>) —

  SecurityFilterResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5760

def update_security_filter_with_http_info(security_filter_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_filter ...'
  end
  # verify the required parameter 'security_filter_id' is set
  if @api_client.config.client_side_validation && security_filter_id.nil?
    fail ArgumentError, "Missing the required parameter 'security_filter_id' when calling SecurityMonitoringAPI.update_security_filter"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_filter"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}'.sub('{security_filter_id}', CGI.escape(security_filter_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFilterResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_security_filter,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_monitoring_critical_asset(critical_asset_id, body, opts = {}) ⇒ Object

Update a critical asset.

See Also:

• #update_security_monitoring_critical_asset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5819

def update_security_monitoring_critical_asset(critical_asset_id, body, opts = {})
  data, _status_code, _headers = update_security_monitoring_critical_asset_with_http_info(critical_asset_id, body, opts)
  data
end

#update_security_monitoring_critical_asset_with_http_info(critical_asset_id, body, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

Update a critical asset.

Update a specific critical asset.

Parameters:

• critical_asset_id (String) —

  The ID of the critical asset.

• body (SecurityMonitoringCriticalAssetUpdateRequest) —

  New definition of the critical asset. Supports partial updates.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>) —

  SecurityMonitoringCriticalAssetResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5832

def update_security_monitoring_critical_asset_with_http_info(critical_asset_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_monitoring_critical_asset ...'
  end
  # verify the required parameter 'critical_asset_id' is set
  if @api_client.config.client_side_validation && critical_asset_id.nil?
    fail ArgumentError, "Missing the required parameter 'critical_asset_id' when calling SecurityMonitoringAPI.update_security_monitoring_critical_asset"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_monitoring_critical_asset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id}'.sub('{critical_asset_id}', CGI.escape(critical_asset_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_security_monitoring_critical_asset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_monitoring_critical_asset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_monitoring_rule(rule_id, body, opts = {}) ⇒ Object

Update an existing rule.

See Also:

• #update_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5891

def update_security_monitoring_rule(rule_id, body, opts = {})
  data, _status_code, _headers = update_security_monitoring_rule_with_http_info(rule_id, body, opts)
  data
end

#update_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

Update an existing rule.

Update an existing rule. When updating cases, queries or options, the whole field must be included. For example, when modifying a query all queries must be included. Default rules can only be updated to be enabled, to change notifications, or to update the tags (default tags cannot be removed).

Parameters:

• rule_id (String) —

  The ID of the rule.

• body (SecurityMonitoringRuleUpdatePayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleResponse, Integer, Hash)>) —

  SecurityMonitoringRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5907

def update_security_monitoring_rule_with_http_info(rule_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.update_security_monitoring_rule"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Put, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_monitoring_suppression(suppression_id, body, opts = {}) ⇒ Object

Update a suppression rule.

See Also:

• #update_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5966

def update_security_monitoring_suppression(suppression_id, body, opts = {})
  data, _status_code, _headers = update_security_monitoring_suppression_with_http_info(suppression_id, body, opts)
  data
end

#update_security_monitoring_suppression_with_http_info(suppression_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

Update a suppression rule.

Update a specific suppression rule.

Parameters:

• suppression_id (String) —

  The ID of the suppression rule

• body (SecurityMonitoringSuppressionUpdateRequest) —

  New definition of the suppression rule. Supports partial updates.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5979

def update_security_monitoring_suppression_with_http_info(suppression_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_monitoring_suppression ...'
  end
  # verify the required parameter 'suppression_id' is set
  if @api_client.config.client_side_validation && suppression_id.nil?
    fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.update_security_monitoring_suppression"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#validate_security_monitoring_rule(body, opts = {}) ⇒ Object

Validate a detection rule.

See Also:

• #validate_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6038

def validate_security_monitoring_rule(body, opts = {})
  validate_security_monitoring_rule_with_http_info(body, opts)
  nil
end

#validate_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Validate a detection rule.

Validate a detection rule.

Parameters:

• body (SecurityMonitoringRuleValidatePayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6050

def validate_security_monitoring_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.validate_security_monitoring_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.validate_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/validation'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :validate_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#validate_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#validate_security_monitoring_suppression(body, opts = {}) ⇒ Object

Validate a suppression rule.

See Also:

• #validate_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6105

def validate_security_monitoring_suppression(body, opts = {})
  validate_security_monitoring_suppression_with_http_info(body, opts)
  nil
end

#validate_security_monitoring_suppression_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Validate a suppression rule.

Validate a suppression rule.

Parameters:

• body (SecurityMonitoringSuppressionCreateRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6117

def validate_security_monitoring_suppression_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.validate_security_monitoring_suppression ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.validate_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/validation'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :validate_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#validate_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end