Back to Collection Items
; This example assumes the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.
$oHttp = ObjCreate("Chilkat.Http")
Local $bSuccess
; Use this online tool to generate code from sample JSON: Generate Code to Create JSON
; The following JSON is sent in the request body.
; {
; "data": {
; "type": "security_filters",
; "attributes": {
; "name": "<string>",
; "query": "<string>",
; "exclusion_filters": [
; {
; "name": "<string>",
; "query": "<string>"
; },
; {
; "name": "<string>",
; "query": "<string>"
; }
; ],
; "filtered_data_type": "logs",
; "is_enabled": "<boolean>"
; }
; }
; }
$oJson = ObjCreate("Chilkat.JsonObject")
$oJson.UpdateString("data.type","security_filters")
$oJson.UpdateString("data.attributes.name","<string>")
$oJson.UpdateString("data.attributes.query","<string>")
$oJson.UpdateString("data.attributes.exclusion_filters[0].name","<string>")
$oJson.UpdateString("data.attributes.exclusion_filters[0].query","<string>")
$oJson.UpdateString("data.attributes.exclusion_filters[1].name","<string>")
$oJson.UpdateString("data.attributes.exclusion_filters[1].query","<string>")
$oJson.UpdateString("data.attributes.filtered_data_type","logs")
$oJson.UpdateString("data.attributes.is_enabled","<boolean>")
$oHttp.SetRequestHeader "Content-Type","application/json"
$oHttp.SetRequestHeader "Accept","application/json"
Local $oResp = $oHttp.PostJson3("https://api.app.ddog-gov.com/api/v2/security_monitoring/configuration/security_filters","application/json",$oJson)
If ($oHttp.LastMethodSuccess = False) Then
ConsoleWrite($oHttp.LastErrorText & @CRLF)
Exit
EndIf
$oSbResponseBody = ObjCreate("Chilkat.StringBuilder")
$oResp.GetBodySb($oSbResponseBody)
$oJResp = ObjCreate("Chilkat.JsonObject")
$oJResp.LoadSb($oSbResponseBody)
$oJResp.EmitCompact = False
ConsoleWrite("Response Body:" & @CRLF)
ConsoleWrite($oJResp.Emit() & @CRLF)
Local $iRespStatusCode = $oResp.StatusCode
ConsoleWrite("Response Status Code = " & $iRespStatusCode & @CRLF)
If ($iRespStatusCode >= 400) Then
ConsoleWrite("Response Header:" & @CRLF)
ConsoleWrite($oResp.Header & @CRLF)
ConsoleWrite("Failed." & @CRLF)
Exit
EndIf
; Sample JSON response:
; (Sample code for parsing the JSON response is shown below)
; {
; "data": {
; "attributes": {
; "exclusion_filters": [
; {
; "name": "<string>",
; "query": "<string>"
; },
; {
; "name": "<string>",
; "query": "<string>"
; }
; ],
; "filtered_data_type": "logs",
; "is_builtin": "<boolean>",
; "is_enabled": "<boolean>",
; "name": "<string>",
; "query": "<string>",
; "version": "<integer>"
; },
; "id": "<string>",
; "type": "security_filters"
; },
; "meta": {
; "warning": "<string>"
; }
; }
; Sample code for parsing the JSON response...
; Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code
Local $sName
Local $sQuery
Local $sFiltered_data_type = $oJResp.StringOf("data.attributes.filtered_data_type")
Local $sIs_builtin = $oJResp.StringOf("data.attributes.is_builtin")
Local $sIs_enabled = $oJResp.StringOf("data.attributes.is_enabled")
Local $sName = $oJResp.StringOf("data.attributes.name")
Local $sQuery = $oJResp.StringOf("data.attributes.query")
Local $sVersion = $oJResp.StringOf("data.attributes.version")
Local $sId = $oJResp.StringOf("data.id")
Local $sV_Type = $oJResp.StringOf("data.type")
Local $sWarning = $oJResp.StringOf("meta.warning")
Local $i = 0
Local $iCount_i = $oJResp.SizeOfArray("data.attributes.exclusion_filters")
While $i < $iCount_i
$oJResp.I = $i
$sName = $oJResp.StringOf("data.attributes.exclusion_filters[i].name")
$sQuery = $oJResp.StringOf("data.attributes.exclusion_filters[i].query")
$i = $i + 1
Wend
Curl Command
curl -X POST
-H "Content-Type: application/json"
-H "Accept: application/json"
-d '{
"data": {
"type": "security_filters",
"attributes": {
"name": "<string>",
"query": "<string>",
"exclusion_filters": [
{
"name": "<string>",
"query": "<string>"
},
{
"name": "<string>",
"query": "<string>"
}
],
"filtered_data_type": "logs",
"is_enabled": "<boolean>"
}
}
}'
https://api.app.ddog-gov.com/api/v2/security_monitoring/configuration/security_filters
Postman Collection Item JSON
{
"name": "Create a security filter",
"request": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"data\": {\n \"type\": \"security_filters\",\n \"attributes\": {\n \"name\": \"<string>\",\n \"query\": \"<string>\",\n \"exclusion_filters\": [\n {\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"filtered_data_type\": \"logs\",\n \"is_enabled\": \"<boolean>\"\n }\n }\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/configuration/security_filters",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"configuration",
"security_filters"
]
},
"description": "Create a security filter.\n\nSee the [security filter guide](https://docs.datadoghq.com/security_platform/guide/how-to-setup-security-filters-using-security-monitoring-api/)\nfor more examples."
},
"response": [
{
"name": "OK",
"originalRequest": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"data\": {\n \"type\": \"security_filters\",\n \"attributes\": {\n \"name\": \"<string>\",\n \"query\": \"<string>\",\n \"exclusion_filters\": [\n {\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"filtered_data_type\": \"logs\",\n \"is_enabled\": \"<boolean>\"\n }\n }\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/configuration/security_filters",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"configuration",
"security_filters"
]
}
},
"status": "OK",
"code": 200,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"data\": {\n \"attributes\": {\n \"exclusion_filters\": [\n {\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"filtered_data_type\": \"logs\",\n \"is_builtin\": \"<boolean>\",\n \"is_enabled\": \"<boolean>\",\n \"name\": \"<string>\",\n \"query\": \"<string>\",\n \"version\": \"<integer>\"\n },\n \"id\": \"<string>\",\n \"type\": \"security_filters\"\n },\n \"meta\": {\n \"warning\": \"<string>\"\n }\n}"
},
{
"name": "Bad Request",
"originalRequest": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"data\": {\n \"type\": \"security_filters\",\n \"attributes\": {\n \"name\": \"<string>\",\n \"query\": \"<string>\",\n \"exclusion_filters\": [\n {\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"filtered_data_type\": \"logs\",\n \"is_enabled\": \"<boolean>\"\n }\n }\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/configuration/security_filters",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"configuration",
"security_filters"
]
}
},
"status": "Bad Request",
"code": 400,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Not Authorized",
"originalRequest": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"data\": {\n \"type\": \"security_filters\",\n \"attributes\": {\n \"name\": \"<string>\",\n \"query\": \"<string>\",\n \"exclusion_filters\": [\n {\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"filtered_data_type\": \"logs\",\n \"is_enabled\": \"<boolean>\"\n }\n }\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/configuration/security_filters",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"configuration",
"security_filters"
]
}
},
"status": "Forbidden",
"code": 403,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Conflict",
"originalRequest": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"data\": {\n \"type\": \"security_filters\",\n \"attributes\": {\n \"name\": \"<string>\",\n \"query\": \"<string>\",\n \"exclusion_filters\": [\n {\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"filtered_data_type\": \"logs\",\n \"is_enabled\": \"<boolean>\"\n }\n }\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/configuration/security_filters",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"configuration",
"security_filters"
]
}
},
"status": "Conflict",
"code": 409,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Too many requests",
"originalRequest": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"data\": {\n \"type\": \"security_filters\",\n \"attributes\": {\n \"name\": \"<string>\",\n \"query\": \"<string>\",\n \"exclusion_filters\": [\n {\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"filtered_data_type\": \"logs\",\n \"is_enabled\": \"<boolean>\"\n }\n }\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/configuration/security_filters",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"configuration",
"security_filters"
]
}
},
"status": "Too Many Requests",
"code": 429,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
}
]
}
