Back to Collection Items
; This example assumes the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.
$oHttp = ObjCreate("Chilkat_9_5_0.Http")
Local $bSuccess
$oHttp.SetRequestHeader "Accept","application/json"
$oSbResponseBody = ObjCreate("Chilkat_9_5_0.StringBuilder")
$bSuccess = $oHttp.QuickGetSb("https://api.app.ddog-gov.com/api/v2/security_monitoring/rules/:rule_id",$oSbResponseBody)
If ($bSuccess = False) Then
ConsoleWrite($oHttp.LastErrorText & @CRLF)
Exit
EndIf
$oJResp = ObjCreate("Chilkat_9_5_0.JsonObject")
$oJResp.LoadSb($oSbResponseBody)
$oJResp.EmitCompact = False
ConsoleWrite("Response Body:" & @CRLF)
ConsoleWrite($oJResp.Emit() & @CRLF)
Local $iRespStatusCode = $oHttp.LastStatus
ConsoleWrite("Response Status Code = " & $iRespStatusCode & @CRLF)
If ($iRespStatusCode >= 400) Then
ConsoleWrite("Response Header:" & @CRLF)
ConsoleWrite($oHttp.LastHeader & @CRLF)
ConsoleWrite("Failed." & @CRLF)
Exit
EndIf
; Sample JSON response:
; (Sample code for parsing the JSON response is shown below)
; {
; "cases": [
; {
; "condition": "<string>",
; "name": "<string>",
; "notifications": [
; "<string>",
; "<string>"
; ],
; "status": "medium"
; },
; {
; "condition": "<string>",
; "name": "<string>",
; "notifications": [
; "<string>",
; "<string>"
; ],
; "status": "critical"
; }
; ],
; "complianceSignalOptions": {
; "defaultActivationStatus": "<boolean>",
; "defaultGroupByFields": [
; "<string>",
; "<string>"
; ],
; "userActivationStatus": "<boolean>",
; "userGroupByFields": [
; "<string>",
; "<string>"
; ]
; },
; "createdAt": "<long>",
; "creationAuthorId": "<long>",
; "deprecationDate": "<long>",
; "filters": [
; {
; "action": "suppress",
; "query": "<string>"
; },
; {
; "action": "require",
; "query": "<string>"
; }
; ],
; "hasExtendedTitle": "<boolean>",
; "id": "<string>",
; "isDefault": "<boolean>",
; "isDeleted": "<boolean>",
; "isEnabled": "<boolean>",
; "message": "<string>",
; "name": "<string>",
; "options": {
; "complianceRuleOptions": {
; "complexRule": "<boolean>",
; "regoRule": {
; "policy": "<string>",
; "resourceTypes": [
; "<string>",
; "<string>"
; ]
; },
; "resourceType": "<string>"
; },
; "decreaseCriticalityBasedOnEnv": "<boolean>",
; "detectionMethod": "third_party",
; "evaluationWindow": 300,
; "hardcodedEvaluatorType": "log4shell",
; "impossibleTravelOptions": {
; "baselineUserLocations": "<boolean>"
; },
; "keepAlive": 300,
; "maxSignalDuration": 900,
; "newValueOptions": {
; "forgetAfter": 28,
; "learningDuration": 0,
; "learningMethod": "duration",
; "learningThreshold": 0
; }
; },
; "queries": [
; {
; "aggregation": "max",
; "distinctFields": [
; "<string>",
; "<string>"
; ],
; "groupByFields": [
; "<string>",
; "<string>"
; ],
; "metric": "<string>",
; "metrics": [
; "<string>",
; "<string>"
; ],
; "name": "<string>",
; "query": "<string>"
; },
; {
; "aggregation": "max",
; "distinctFields": [
; "<string>",
; "<string>"
; ],
; "groupByFields": [
; "<string>",
; "<string>"
; ],
; "metric": "<string>",
; "metrics": [
; "<string>",
; "<string>"
; ],
; "name": "<string>",
; "query": "<string>"
; }
; ],
; "tags": [
; "<string>",
; "<string>"
; ],
; "type": "application_security",
; "updateAuthorId": "<long>",
; "version": "<long>"
; }
; Sample code for parsing the JSON response...
; Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code
Local $sCondition
Local $status
Local $iJ
Local $iCount_j
Local $strVal
Local $sAction
Local $sQuery
Local $sAggregation
Local $sMetric
Local $sDefaultActivationStatus = $oJResp.StringOf("complianceSignalOptions.defaultActivationStatus")
Local $sUserActivationStatus = $oJResp.StringOf("complianceSignalOptions.userActivationStatus")
Local $sCreatedAt = $oJResp.StringOf("createdAt")
Local $sCreationAuthorId = $oJResp.StringOf("creationAuthorId")
Local $sDeprecationDate = $oJResp.StringOf("deprecationDate")
Local $sHasExtendedTitle = $oJResp.StringOf("hasExtendedTitle")
Local $sId = $oJResp.StringOf("id")
Local $sIsDefault = $oJResp.StringOf("isDefault")
Local $sIsDeleted = $oJResp.StringOf("isDeleted")
Local $sIsEnabled = $oJResp.StringOf("isEnabled")
Local $sMessage = $oJResp.StringOf("message")
Local $sName = $oJResp.StringOf("name")
Local $sComplexRule = $oJResp.StringOf("options.complianceRuleOptions.complexRule")
Local $sPolicy = $oJResp.StringOf("options.complianceRuleOptions.regoRule.policy")
Local $sResourceType = $oJResp.StringOf("options.complianceRuleOptions.resourceType")
Local $sDecreaseCriticalityBasedOnEnv = $oJResp.StringOf("options.decreaseCriticalityBasedOnEnv")
Local $sDetectionMethod = $oJResp.StringOf("options.detectionMethod")
Local $iEvaluationWindow = $oJResp.IntOf("options.evaluationWindow")
Local $sHardcodedEvaluatorType = $oJResp.StringOf("options.hardcodedEvaluatorType")
Local $sBaselineUserLocations = $oJResp.StringOf("options.impossibleTravelOptions.baselineUserLocations")
Local $iKeepAlive = $oJResp.IntOf("options.keepAlive")
Local $iMaxSignalDuration = $oJResp.IntOf("options.maxSignalDuration")
Local $iForgetAfter = $oJResp.IntOf("options.newValueOptions.forgetAfter")
Local $iLearningDuration = $oJResp.IntOf("options.newValueOptions.learningDuration")
Local $sLearningMethod = $oJResp.StringOf("options.newValueOptions.learningMethod")
Local $iLearningThreshold = $oJResp.IntOf("options.newValueOptions.learningThreshold")
Local $sV_type = $oJResp.StringOf("type")
Local $sUpdateAuthorId = $oJResp.StringOf("updateAuthorId")
Local $sVersion = $oJResp.StringOf("version")
Local $i = 0
Local $iCount_i = $oJResp.SizeOfArray("cases")
While $i < $iCount_i
$oJResp.I = $i
$sCondition = $oJResp.StringOf("cases[i].condition")
$sName = $oJResp.StringOf("cases[i].name")
$status = $oJResp.StringOf("cases[i].status")
$iJ = 0
$iCount_j = $oJResp.SizeOfArray("cases[i].notifications")
While $iJ < $iCount_j
$oJResp.J = $iJ
$strVal = $oJResp.StringOf("cases[i].notifications[j]")
$iJ = $iJ + 1
Wend
$i = $i + 1
Wend
$i = 0
$iCount_i = $oJResp.SizeOfArray("complianceSignalOptions.defaultGroupByFields")
While $i < $iCount_i
$oJResp.I = $i
$strVal = $oJResp.StringOf("complianceSignalOptions.defaultGroupByFields[i]")
$i = $i + 1
Wend
$i = 0
$iCount_i = $oJResp.SizeOfArray("complianceSignalOptions.userGroupByFields")
While $i < $iCount_i
$oJResp.I = $i
$strVal = $oJResp.StringOf("complianceSignalOptions.userGroupByFields[i]")
$i = $i + 1
Wend
$i = 0
$iCount_i = $oJResp.SizeOfArray("filters")
While $i < $iCount_i
$oJResp.I = $i
$sAction = $oJResp.StringOf("filters[i].action")
$sQuery = $oJResp.StringOf("filters[i].query")
$i = $i + 1
Wend
$i = 0
$iCount_i = $oJResp.SizeOfArray("options.complianceRuleOptions.regoRule.resourceTypes")
While $i < $iCount_i
$oJResp.I = $i
$strVal = $oJResp.StringOf("options.complianceRuleOptions.regoRule.resourceTypes[i]")
$i = $i + 1
Wend
$i = 0
$iCount_i = $oJResp.SizeOfArray("queries")
While $i < $iCount_i
$oJResp.I = $i
$sAggregation = $oJResp.StringOf("queries[i].aggregation")
$sMetric = $oJResp.StringOf("queries[i].metric")
$sName = $oJResp.StringOf("queries[i].name")
$sQuery = $oJResp.StringOf("queries[i].query")
$iJ = 0
$iCount_j = $oJResp.SizeOfArray("queries[i].distinctFields")
While $iJ < $iCount_j
$oJResp.J = $iJ
$strVal = $oJResp.StringOf("queries[i].distinctFields[j]")
$iJ = $iJ + 1
Wend
$iJ = 0
$iCount_j = $oJResp.SizeOfArray("queries[i].groupByFields")
While $iJ < $iCount_j
$oJResp.J = $iJ
$strVal = $oJResp.StringOf("queries[i].groupByFields[j]")
$iJ = $iJ + 1
Wend
$iJ = 0
$iCount_j = $oJResp.SizeOfArray("queries[i].metrics")
While $iJ < $iCount_j
$oJResp.J = $iJ
$strVal = $oJResp.StringOf("queries[i].metrics[j]")
$iJ = $iJ + 1
Wend
$i = $i + 1
Wend
$i = 0
$iCount_i = $oJResp.SizeOfArray("tags")
While $i < $iCount_i
$oJResp.I = $i
$strVal = $oJResp.StringOf("tags[i]")
$i = $i + 1
Wend
Curl Command
curl -X GET
-H "Accept: application/json"
https://api.app.ddog-gov.com/api/v2/security_monitoring/rules/:rule_id
Postman Collection Item JSON
{
"name": "Get a rule's details",
"request": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules",
":rule_id"
],
"variable": [
{
"key": "rule_id",
"value": "<string>"
}
]
},
"description": "Get a rule's details."
},
"response": [
{
"name": "OK",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules",
":rule_id"
],
"variable": [
{
"key": "rule_id"
}
]
}
},
"status": "OK",
"code": 200,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"cases\": [\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"medium\"\n },\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"critical\"\n }\n ],\n \"complianceSignalOptions\": {\n \"defaultActivationStatus\": \"<boolean>\",\n \"defaultGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"userActivationStatus\": \"<boolean>\",\n \"userGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"createdAt\": \"<long>\",\n \"creationAuthorId\": \"<long>\",\n \"deprecationDate\": \"<long>\",\n \"filters\": [\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n },\n {\n \"action\": \"require\",\n \"query\": \"<string>\"\n }\n ],\n \"hasExtendedTitle\": \"<boolean>\",\n \"id\": \"<string>\",\n \"isDefault\": \"<boolean>\",\n \"isDeleted\": \"<boolean>\",\n \"isEnabled\": \"<boolean>\",\n \"message\": \"<string>\",\n \"name\": \"<string>\",\n \"options\": {\n \"complianceRuleOptions\": {\n \"complexRule\": \"<boolean>\",\n \"regoRule\": {\n \"policy\": \"<string>\",\n \"resourceTypes\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"resourceType\": \"<string>\"\n },\n \"decreaseCriticalityBasedOnEnv\": \"<boolean>\",\n \"detectionMethod\": \"third_party\",\n \"evaluationWindow\": 300,\n \"hardcodedEvaluatorType\": \"log4shell\",\n \"impossibleTravelOptions\": {\n \"baselineUserLocations\": \"<boolean>\"\n },\n \"keepAlive\": 300,\n \"maxSignalDuration\": 900,\n \"newValueOptions\": {\n \"forgetAfter\": 28,\n \"learningDuration\": 0,\n \"learningMethod\": \"duration\",\n \"learningThreshold\": 0\n }\n },\n \"queries\": [\n {\n \"aggregation\": \"max\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"aggregation\": \"max\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"tags\": [\n \"<string>\",\n \"<string>\"\n ],\n \"type\": \"application_security\",\n \"updateAuthorId\": \"<long>\",\n \"version\": \"<long>\"\n}"
},
{
"name": "Not Found",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules",
":rule_id"
],
"variable": [
{
"key": "rule_id"
}
]
}
},
"status": "Not Found",
"code": 404,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Too many requests",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules",
":rule_id"
],
"variable": [
{
"key": "rule_id"
}
]
}
},
"status": "Too Many Requests",
"code": 429,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
}
]
}