Back to Collection Items
' This example assumes the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.
Dim http As New ChilkatHttp
Dim success As Long
Dim queryParams As New ChilkatJsonObject
success = queryParams.UpdateInt("page[size]",10)
success = queryParams.UpdateInt("page[number]",0)
http.SetRequestHeader "Accept","application/json"
Dim resp As ChilkatHttpResponse
Set resp = http.QuickRequestParams("GET","https://api.app.ddog-gov.com/api/v2/security_monitoring/rules",queryParams)
If (http.LastMethodSuccess = 0) Then
Debug.Print http.LastErrorText
Exit Sub
End If
Dim sbResponseBody As New ChilkatStringBuilder
success = resp.GetBodySb(sbResponseBody)
Dim jResp As New ChilkatJsonObject
success = jResp.LoadSb(sbResponseBody)
jResp.EmitCompact = 0
Debug.Print "Response Body:"
Debug.Print jResp.Emit()
Dim respStatusCode As Long
respStatusCode = resp.StatusCode
Debug.Print "Response Status Code = " & respStatusCode
If (respStatusCode >= 400) Then
Debug.Print "Response Header:"
Debug.Print resp.Header
Debug.Print "Failed."
Exit Sub
End If
' Sample JSON response:
' (Sample code for parsing the JSON response is shown below)
' {
' "data": [
' {
' "cases": [
' {
' "condition": "<string>",
' "name": "<string>",
' "notifications": [
' "<string>",
' "<string>"
' ],
' "status": "medium"
' },
' {
' "condition": "<string>",
' "name": "<string>",
' "notifications": [
' "<string>",
' "<string>"
' ],
' "status": "info"
' }
' ],
' "complianceSignalOptions": {
' "defaultActivationStatus": "<boolean>",
' "defaultGroupByFields": [
' "<string>",
' "<string>"
' ],
' "userActivationStatus": "<boolean>",
' "userGroupByFields": [
' "<string>",
' "<string>"
' ]
' },
' "createdAt": "<long>",
' "creationAuthorId": "<long>",
' "deprecationDate": "<long>",
' "filters": [
' {
' "action": "suppress",
' "query": "<string>"
' },
' {
' "action": "require",
' "query": "<string>"
' }
' ],
' "hasExtendedTitle": "<boolean>",
' "id": "<string>",
' "isDefault": "<boolean>",
' "isDeleted": "<boolean>",
' "isEnabled": "<boolean>",
' "message": "<string>",
' "name": "<string>",
' "options": {
' "complianceRuleOptions": {
' "complexRule": "<boolean>",
' "regoRule": {
' "policy": "<string>",
' "resourceTypes": [
' "<string>",
' "<string>"
' ]
' },
' "resourceType": "<string>",
' "sunt__": {}
' },
' "decreaseCriticalityBasedOnEnv": "<boolean>",
' "detectionMethod": "threshold",
' "evaluationWindow": 7200,
' "hardcodedEvaluatorType": "log4shell",
' "impossibleTravelOptions": {
' "baselineUserLocations": "<boolean>"
' },
' "keepAlive": 60,
' "maxSignalDuration": 60,
' "newValueOptions": {
' "forgetAfter": 14,
' "learningDuration": 0,
' "learningMethod": "duration",
' "learningThreshold": 0
' }
' },
' "queries": [
' {
' "aggregation": "geo_data",
' "distinctFields": [
' "<string>",
' "<string>"
' ],
' "groupByFields": [
' "<string>",
' "<string>"
' ],
' "metric": "<string>",
' "metrics": [
' "<string>",
' "<string>"
' ],
' "name": "<string>",
' "query": "<string>"
' },
' {
' "aggregation": "new_value",
' "distinctFields": [
' "<string>",
' "<string>"
' ],
' "groupByFields": [
' "<string>",
' "<string>"
' ],
' "metric": "<string>",
' "metrics": [
' "<string>",
' "<string>"
' ],
' "name": "<string>",
' "query": "<string>"
' }
' ],
' "tags": [
' "<string>",
' "<string>"
' ],
' "type": "log_detection",
' "updateAuthorId": "<long>",
' "version": "<long>"
' },
' {
' "cases": [
' {
' "condition": "<string>",
' "name": "<string>",
' "notifications": [
' "<string>",
' "<string>"
' ],
' "status": "medium"
' },
' {
' "condition": "<string>",
' "name": "<string>",
' "notifications": [
' "<string>",
' "<string>"
' ],
' "status": "critical"
' }
' ],
' "complianceSignalOptions": {
' "defaultActivationStatus": "<boolean>",
' "defaultGroupByFields": [
' "<string>",
' "<string>"
' ],
' "userActivationStatus": "<boolean>",
' "userGroupByFields": [
' "<string>",
' "<string>"
' ]
' },
' "createdAt": "<long>",
' "creationAuthorId": "<long>",
' "deprecationDate": "<long>",
' "filters": [
' {
' "action": "suppress",
' "query": "<string>"
' },
' {
' "action": "suppress",
' "query": "<string>"
' }
' ],
' "hasExtendedTitle": "<boolean>",
' "id": "<string>",
' "isDefault": "<boolean>",
' "isDeleted": "<boolean>",
' "isEnabled": "<boolean>",
' "message": "<string>",
' "name": "<string>",
' "options": {
' "complianceRuleOptions": {
' "complexRule": "<boolean>",
' "regoRule": {
' "policy": "<string>",
' "resourceTypes": [
' "<string>",
' "<string>"
' ]
' },
' "resourceType": "<string>",
' "mollit_4": {},
' "culpa_2": {}
' },
' "decreaseCriticalityBasedOnEnv": "<boolean>",
' "detectionMethod": "hardcoded",
' "evaluationWindow": 300,
' "hardcodedEvaluatorType": "log4shell",
' "impossibleTravelOptions": {
' "baselineUserLocations": "<boolean>"
' },
' "keepAlive": 21600,
' "maxSignalDuration": 10800,
' "newValueOptions": {
' "forgetAfter": 2,
' "learningDuration": 0,
' "learningMethod": "duration",
' "learningThreshold": 0
' }
' },
' "queries": [
' {
' "aggregation": "new_value",
' "distinctFields": [
' "<string>",
' "<string>"
' ],
' "groupByFields": [
' "<string>",
' "<string>"
' ],
' "metric": "<string>",
' "metrics": [
' "<string>",
' "<string>"
' ],
' "name": "<string>",
' "query": "<string>"
' },
' {
' "aggregation": "geo_data",
' "distinctFields": [
' "<string>",
' "<string>"
' ],
' "groupByFields": [
' "<string>",
' "<string>"
' ],
' "metric": "<string>",
' "metrics": [
' "<string>",
' "<string>"
' ],
' "name": "<string>",
' "query": "<string>"
' }
' ],
' "tags": [
' "<string>",
' "<string>"
' ],
' "type": "infrastructure_configuration",
' "updateAuthorId": "<long>",
' "version": "<long>"
' }
' ],
' "meta": {
' "page": {
' "total_count": "<long>",
' "total_filtered_count": "<long>"
' }
' }
' }
' Sample code for parsing the JSON response...
' Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code
Dim DefaultActivationStatus As String
Dim UserActivationStatus As String
Dim createdAt As String
Dim creationAuthorId As String
Dim deprecationDate As String
Dim hasExtendedTitle As String
Dim id As String
Dim isDefault As String
Dim isDeleted As String
Dim isEnabled As String
Dim message As String
Dim name As String
Dim ComplexRule As String
Dim Policy As String
Dim ResourceType As String
Dim DecreaseCriticalityBasedOnEnv As String
Dim DetectionMethod As String
Dim EvaluationWindow As Long
Dim HardcodedEvaluatorType As String
Dim BaselineUserLocations As String
Dim KeepAlive As Long
Dim MaxSignalDuration As Long
Dim ForgetAfter As Long
Dim LearningDuration As Long
Dim LearningMethod As String
Dim LearningThreshold As Long
Dim v_type As String
Dim updateAuthorId As String
Dim version As String
Dim j As Long
Dim count_j As Long
Dim condition As String
Dim status As String
Dim k As Long
Dim count_k As Long
Dim strVal As String
Dim action As String
Dim query As String
Dim aggregation As String
Dim metric As String
Dim Total_count As String
Total_count = jResp.StringOf("meta.page.total_count")
Dim Total_filtered_count As String
Total_filtered_count = jResp.StringOf("meta.page.total_filtered_count")
Dim i As Long
i = 0
Dim count_i As Long
count_i = jResp.SizeOfArray("data")
Do While i < count_i
jResp.I = i
DefaultActivationStatus = jResp.StringOf("data[i].complianceSignalOptions.defaultActivationStatus")
UserActivationStatus = jResp.StringOf("data[i].complianceSignalOptions.userActivationStatus")
createdAt = jResp.StringOf("data[i].createdAt")
creationAuthorId = jResp.StringOf("data[i].creationAuthorId")
deprecationDate = jResp.StringOf("data[i].deprecationDate")
hasExtendedTitle = jResp.StringOf("data[i].hasExtendedTitle")
id = jResp.StringOf("data[i].id")
isDefault = jResp.StringOf("data[i].isDefault")
isDeleted = jResp.StringOf("data[i].isDeleted")
isEnabled = jResp.StringOf("data[i].isEnabled")
message = jResp.StringOf("data[i].message")
name = jResp.StringOf("data[i].name")
ComplexRule = jResp.StringOf("data[i].options.complianceRuleOptions.complexRule")
Policy = jResp.StringOf("data[i].options.complianceRuleOptions.regoRule.policy")
ResourceType = jResp.StringOf("data[i].options.complianceRuleOptions.resourceType")
DecreaseCriticalityBasedOnEnv = jResp.StringOf("data[i].options.decreaseCriticalityBasedOnEnv")
DetectionMethod = jResp.StringOf("data[i].options.detectionMethod")
EvaluationWindow = jResp.IntOf("data[i].options.evaluationWindow")
HardcodedEvaluatorType = jResp.StringOf("data[i].options.hardcodedEvaluatorType")
BaselineUserLocations = jResp.StringOf("data[i].options.impossibleTravelOptions.baselineUserLocations")
KeepAlive = jResp.IntOf("data[i].options.keepAlive")
MaxSignalDuration = jResp.IntOf("data[i].options.maxSignalDuration")
ForgetAfter = jResp.IntOf("data[i].options.newValueOptions.forgetAfter")
LearningDuration = jResp.IntOf("data[i].options.newValueOptions.learningDuration")
LearningMethod = jResp.StringOf("data[i].options.newValueOptions.learningMethod")
LearningThreshold = jResp.IntOf("data[i].options.newValueOptions.learningThreshold")
v_type = jResp.StringOf("data[i].type")
updateAuthorId = jResp.StringOf("data[i].updateAuthorId")
version = jResp.StringOf("data[i].version")
j = 0
count_j = jResp.SizeOfArray("data[i].cases")
Do While j < count_j
jResp.J = j
condition = jResp.StringOf("data[i].cases[j].condition")
name = jResp.StringOf("data[i].cases[j].name")
status = jResp.StringOf("data[i].cases[j].status")
k = 0
count_k = jResp.SizeOfArray("data[i].cases[j].notifications")
Do While k < count_k
jResp.K = k
strVal = jResp.StringOf("data[i].cases[j].notifications[k]")
k = k + 1
Loop
j = j + 1
Loop
j = 0
count_j = jResp.SizeOfArray("data[i].complianceSignalOptions.defaultGroupByFields")
Do While j < count_j
jResp.J = j
strVal = jResp.StringOf("data[i].complianceSignalOptions.defaultGroupByFields[j]")
j = j + 1
Loop
j = 0
count_j = jResp.SizeOfArray("data[i].complianceSignalOptions.userGroupByFields")
Do While j < count_j
jResp.J = j
strVal = jResp.StringOf("data[i].complianceSignalOptions.userGroupByFields[j]")
j = j + 1
Loop
j = 0
count_j = jResp.SizeOfArray("data[i].filters")
Do While j < count_j
jResp.J = j
action = jResp.StringOf("data[i].filters[j].action")
query = jResp.StringOf("data[i].filters[j].query")
j = j + 1
Loop
j = 0
count_j = jResp.SizeOfArray("data[i].options.complianceRuleOptions.regoRule.resourceTypes")
Do While j < count_j
jResp.J = j
strVal = jResp.StringOf("data[i].options.complianceRuleOptions.regoRule.resourceTypes[j]")
j = j + 1
Loop
j = 0
count_j = jResp.SizeOfArray("data[i].queries")
Do While j < count_j
jResp.J = j
aggregation = jResp.StringOf("data[i].queries[j].aggregation")
metric = jResp.StringOf("data[i].queries[j].metric")
name = jResp.StringOf("data[i].queries[j].name")
query = jResp.StringOf("data[i].queries[j].query")
k = 0
count_k = jResp.SizeOfArray("data[i].queries[j].distinctFields")
Do While k < count_k
jResp.K = k
strVal = jResp.StringOf("data[i].queries[j].distinctFields[k]")
k = k + 1
Loop
k = 0
count_k = jResp.SizeOfArray("data[i].queries[j].groupByFields")
Do While k < count_k
jResp.K = k
strVal = jResp.StringOf("data[i].queries[j].groupByFields[k]")
k = k + 1
Loop
k = 0
count_k = jResp.SizeOfArray("data[i].queries[j].metrics")
Do While k < count_k
jResp.K = k
strVal = jResp.StringOf("data[i].queries[j].metrics[k]")
k = k + 1
Loop
j = j + 1
Loop
j = 0
count_j = jResp.SizeOfArray("data[i].tags")
Do While j < count_j
jResp.J = j
strVal = jResp.StringOf("data[i].tags[j]")
j = j + 1
Loop
i = i + 1
Loop
Curl Command
curl -G -d "page[size]=10"
-d "page[number]=0"
-H "Accept: application/json"
https://api.app.ddog-gov.com/api/v2/security_monitoring/rules
Postman Collection Item JSON
{
"name": "List rules",
"request": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules?page[size]=10&page[number]=0",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules"
],
"query": [
{
"key": "page[size]",
"value": "10",
"description": "Size for a given page. The maximum allowed value is 100."
},
{
"key": "page[number]",
"value": "0",
"description": "Specific page number to return."
}
]
},
"description": "List rules."
},
"response": [
{
"name": "OK",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules?page[size]=10&page[number]=0",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules"
],
"query": [
{
"key": "page[size]",
"value": "10",
"description": "Size for a given page. The maximum allowed value is 100."
},
{
"key": "page[number]",
"value": "0",
"description": "Specific page number to return."
}
]
}
},
"status": "OK",
"code": 200,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"data\": [\n {\n \"cases\": [\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"medium\"\n },\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"info\"\n }\n ],\n \"complianceSignalOptions\": {\n \"defaultActivationStatus\": \"<boolean>\",\n \"defaultGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"userActivationStatus\": \"<boolean>\",\n \"userGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"createdAt\": \"<long>\",\n \"creationAuthorId\": \"<long>\",\n \"deprecationDate\": \"<long>\",\n \"filters\": [\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n },\n {\n \"action\": \"require\",\n \"query\": \"<string>\"\n }\n ],\n \"hasExtendedTitle\": \"<boolean>\",\n \"id\": \"<string>\",\n \"isDefault\": \"<boolean>\",\n \"isDeleted\": \"<boolean>\",\n \"isEnabled\": \"<boolean>\",\n \"message\": \"<string>\",\n \"name\": \"<string>\",\n \"options\": {\n \"complianceRuleOptions\": {\n \"complexRule\": \"<boolean>\",\n \"regoRule\": {\n \"policy\": \"<string>\",\n \"resourceTypes\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"resourceType\": \"<string>\",\n \"sunt__\": {}\n },\n \"decreaseCriticalityBasedOnEnv\": \"<boolean>\",\n \"detectionMethod\": \"threshold\",\n \"evaluationWindow\": 7200,\n \"hardcodedEvaluatorType\": \"log4shell\",\n \"impossibleTravelOptions\": {\n \"baselineUserLocations\": \"<boolean>\"\n },\n \"keepAlive\": 60,\n \"maxSignalDuration\": 60,\n \"newValueOptions\": {\n \"forgetAfter\": 14,\n \"learningDuration\": 0,\n \"learningMethod\": \"duration\",\n \"learningThreshold\": 0\n }\n },\n \"queries\": [\n {\n \"aggregation\": \"geo_data\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"aggregation\": \"new_value\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"tags\": [\n \"<string>\",\n \"<string>\"\n ],\n \"type\": \"log_detection\",\n \"updateAuthorId\": \"<long>\",\n \"version\": \"<long>\"\n },\n {\n \"cases\": [\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"medium\"\n },\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"critical\"\n }\n ],\n \"complianceSignalOptions\": {\n \"defaultActivationStatus\": \"<boolean>\",\n \"defaultGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"userActivationStatus\": \"<boolean>\",\n \"userGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"createdAt\": \"<long>\",\n \"creationAuthorId\": \"<long>\",\n \"deprecationDate\": \"<long>\",\n \"filters\": [\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n },\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n }\n ],\n \"hasExtendedTitle\": \"<boolean>\",\n \"id\": \"<string>\",\n \"isDefault\": \"<boolean>\",\n \"isDeleted\": \"<boolean>\",\n \"isEnabled\": \"<boolean>\",\n \"message\": \"<string>\",\n \"name\": \"<string>\",\n \"options\": {\n \"complianceRuleOptions\": {\n \"complexRule\": \"<boolean>\",\n \"regoRule\": {\n \"policy\": \"<string>\",\n \"resourceTypes\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"resourceType\": \"<string>\",\n \"mollit_4\": {},\n \"culpa_2\": {}\n },\n \"decreaseCriticalityBasedOnEnv\": \"<boolean>\",\n \"detectionMethod\": \"hardcoded\",\n \"evaluationWindow\": 300,\n \"hardcodedEvaluatorType\": \"log4shell\",\n \"impossibleTravelOptions\": {\n \"baselineUserLocations\": \"<boolean>\"\n },\n \"keepAlive\": 21600,\n \"maxSignalDuration\": 10800,\n \"newValueOptions\": {\n \"forgetAfter\": 2,\n \"learningDuration\": 0,\n \"learningMethod\": \"duration\",\n \"learningThreshold\": 0\n }\n },\n \"queries\": [\n {\n \"aggregation\": \"new_value\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"aggregation\": \"geo_data\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"tags\": [\n \"<string>\",\n \"<string>\"\n ],\n \"type\": \"infrastructure_configuration\",\n \"updateAuthorId\": \"<long>\",\n \"version\": \"<long>\"\n }\n ],\n \"meta\": {\n \"page\": {\n \"total_count\": \"<long>\",\n \"total_filtered_count\": \"<long>\"\n }\n }\n}"
},
{
"name": "Bad Request",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules?page[size]=10&page[number]=0",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules"
],
"query": [
{
"key": "page[size]",
"value": "10",
"description": "Size for a given page. The maximum allowed value is 100."
},
{
"key": "page[number]",
"value": "0",
"description": "Specific page number to return."
}
]
}
},
"status": "Bad Request",
"code": 400,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Too many requests",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules?page[size]=10&page[number]=0",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules"
],
"query": [
{
"key": "page[size]",
"value": "10",
"description": "Size for a given page. The maximum allowed value is 100."
},
{
"key": "page[number]",
"value": "0",
"description": "Specific page number to return."
}
]
}
},
"status": "Too Many Requests",
"code": 429,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
}
]
}
