Back to Collection Items
var
http: TChilkatHttp;
success: Integer;
sbResponseBody: TChilkatStringBuilder;
jResp: TChilkatJsonObject;
respStatusCode: Integer;
condition: WideString;
status: WideString;
j: Integer;
count_j: Integer;
strVal: WideString;
action: WideString;
query: WideString;
aggregation: WideString;
metric: WideString;
DefaultActivationStatus: WideString;
UserActivationStatus: WideString;
createdAt: WideString;
creationAuthorId: WideString;
deprecationDate: WideString;
hasExtendedTitle: WideString;
id: WideString;
isDefault: WideString;
isDeleted: WideString;
isEnabled: WideString;
message: WideString;
name: WideString;
ComplexRule: WideString;
Policy: WideString;
ResourceType: WideString;
DecreaseCriticalityBasedOnEnv: WideString;
DetectionMethod: WideString;
EvaluationWindow: Integer;
HardcodedEvaluatorType: WideString;
BaselineUserLocations: WideString;
KeepAlive: Integer;
MaxSignalDuration: Integer;
ForgetAfter: Integer;
LearningDuration: Integer;
LearningMethod: WideString;
LearningThreshold: Integer;
v_type: WideString;
updateAuthorId: WideString;
version: WideString;
i: Integer;
count_i: Integer;
begin
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
http := TChilkatHttp.Create(Self);
http.SetRequestHeader('Accept','application/json');
sbResponseBody := TChilkatStringBuilder.Create(Self);
success := http.QuickGetSb('https://api.app.ddog-gov.com/api/v2/security_monitoring/rules/:rule_id',sbResponseBody.ControlInterface);
if (success = 0) then
begin
Memo1.Lines.Add(http.LastErrorText);
Exit;
end;
jResp := TChilkatJsonObject.Create(Self);
jResp.LoadSb(sbResponseBody.ControlInterface);
jResp.EmitCompact := 0;
Memo1.Lines.Add('Response Body:');
Memo1.Lines.Add(jResp.Emit());
respStatusCode := http.LastStatus;
Memo1.Lines.Add('Response Status Code = ' + IntToStr(respStatusCode));
if (respStatusCode >= 400) then
begin
Memo1.Lines.Add('Response Header:');
Memo1.Lines.Add(http.LastHeader);
Memo1.Lines.Add('Failed.');
Exit;
end;
// Sample JSON response:
// (Sample code for parsing the JSON response is shown below)
// {
// "cases": [
// {
// "condition": "<string>",
// "name": "<string>",
// "notifications": [
// "<string>",
// "<string>"
// ],
// "status": "medium"
// },
// {
// "condition": "<string>",
// "name": "<string>",
// "notifications": [
// "<string>",
// "<string>"
// ],
// "status": "critical"
// }
// ],
// "complianceSignalOptions": {
// "defaultActivationStatus": "<boolean>",
// "defaultGroupByFields": [
// "<string>",
// "<string>"
// ],
// "userActivationStatus": "<boolean>",
// "userGroupByFields": [
// "<string>",
// "<string>"
// ]
// },
// "createdAt": "<long>",
// "creationAuthorId": "<long>",
// "deprecationDate": "<long>",
// "filters": [
// {
// "action": "suppress",
// "query": "<string>"
// },
// {
// "action": "require",
// "query": "<string>"
// }
// ],
// "hasExtendedTitle": "<boolean>",
// "id": "<string>",
// "isDefault": "<boolean>",
// "isDeleted": "<boolean>",
// "isEnabled": "<boolean>",
// "message": "<string>",
// "name": "<string>",
// "options": {
// "complianceRuleOptions": {
// "complexRule": "<boolean>",
// "regoRule": {
// "policy": "<string>",
// "resourceTypes": [
// "<string>",
// "<string>"
// ]
// },
// "resourceType": "<string>"
// },
// "decreaseCriticalityBasedOnEnv": "<boolean>",
// "detectionMethod": "third_party",
// "evaluationWindow": 300,
// "hardcodedEvaluatorType": "log4shell",
// "impossibleTravelOptions": {
// "baselineUserLocations": "<boolean>"
// },
// "keepAlive": 300,
// "maxSignalDuration": 900,
// "newValueOptions": {
// "forgetAfter": 28,
// "learningDuration": 0,
// "learningMethod": "duration",
// "learningThreshold": 0
// }
// },
// "queries": [
// {
// "aggregation": "max",
// "distinctFields": [
// "<string>",
// "<string>"
// ],
// "groupByFields": [
// "<string>",
// "<string>"
// ],
// "metric": "<string>",
// "metrics": [
// "<string>",
// "<string>"
// ],
// "name": "<string>",
// "query": "<string>"
// },
// {
// "aggregation": "max",
// "distinctFields": [
// "<string>",
// "<string>"
// ],
// "groupByFields": [
// "<string>",
// "<string>"
// ],
// "metric": "<string>",
// "metrics": [
// "<string>",
// "<string>"
// ],
// "name": "<string>",
// "query": "<string>"
// }
// ],
// "tags": [
// "<string>",
// "<string>"
// ],
// "type": "application_security",
// "updateAuthorId": "<long>",
// "version": "<long>"
// }
// Sample code for parsing the JSON response...
// Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code
DefaultActivationStatus := jResp.StringOf('complianceSignalOptions.defaultActivationStatus');
UserActivationStatus := jResp.StringOf('complianceSignalOptions.userActivationStatus');
createdAt := jResp.StringOf('createdAt');
creationAuthorId := jResp.StringOf('creationAuthorId');
deprecationDate := jResp.StringOf('deprecationDate');
hasExtendedTitle := jResp.StringOf('hasExtendedTitle');
id := jResp.StringOf('id');
isDefault := jResp.StringOf('isDefault');
isDeleted := jResp.StringOf('isDeleted');
isEnabled := jResp.StringOf('isEnabled');
message := jResp.StringOf('message');
name := jResp.StringOf('name');
ComplexRule := jResp.StringOf('options.complianceRuleOptions.complexRule');
Policy := jResp.StringOf('options.complianceRuleOptions.regoRule.policy');
ResourceType := jResp.StringOf('options.complianceRuleOptions.resourceType');
DecreaseCriticalityBasedOnEnv := jResp.StringOf('options.decreaseCriticalityBasedOnEnv');
DetectionMethod := jResp.StringOf('options.detectionMethod');
EvaluationWindow := jResp.IntOf('options.evaluationWindow');
HardcodedEvaluatorType := jResp.StringOf('options.hardcodedEvaluatorType');
BaselineUserLocations := jResp.StringOf('options.impossibleTravelOptions.baselineUserLocations');
KeepAlive := jResp.IntOf('options.keepAlive');
MaxSignalDuration := jResp.IntOf('options.maxSignalDuration');
ForgetAfter := jResp.IntOf('options.newValueOptions.forgetAfter');
LearningDuration := jResp.IntOf('options.newValueOptions.learningDuration');
LearningMethod := jResp.StringOf('options.newValueOptions.learningMethod');
LearningThreshold := jResp.IntOf('options.newValueOptions.learningThreshold');
v_type := jResp.StringOf('type');
updateAuthorId := jResp.StringOf('updateAuthorId');
version := jResp.StringOf('version');
i := 0;
count_i := jResp.SizeOfArray('cases');
while i < count_i do
begin
jResp.I := i;
condition := jResp.StringOf('cases[i].condition');
name := jResp.StringOf('cases[i].name');
status := jResp.StringOf('cases[i].status');
j := 0;
count_j := jResp.SizeOfArray('cases[i].notifications');
while j < count_j do
begin
jResp.J := j;
strVal := jResp.StringOf('cases[i].notifications[j]');
j := j + 1;
end;
i := i + 1;
end;
i := 0;
count_i := jResp.SizeOfArray('complianceSignalOptions.defaultGroupByFields');
while i < count_i do
begin
jResp.I := i;
strVal := jResp.StringOf('complianceSignalOptions.defaultGroupByFields[i]');
i := i + 1;
end;
i := 0;
count_i := jResp.SizeOfArray('complianceSignalOptions.userGroupByFields');
while i < count_i do
begin
jResp.I := i;
strVal := jResp.StringOf('complianceSignalOptions.userGroupByFields[i]');
i := i + 1;
end;
i := 0;
count_i := jResp.SizeOfArray('filters');
while i < count_i do
begin
jResp.I := i;
action := jResp.StringOf('filters[i].action');
query := jResp.StringOf('filters[i].query');
i := i + 1;
end;
i := 0;
count_i := jResp.SizeOfArray('options.complianceRuleOptions.regoRule.resourceTypes');
while i < count_i do
begin
jResp.I := i;
strVal := jResp.StringOf('options.complianceRuleOptions.regoRule.resourceTypes[i]');
i := i + 1;
end;
i := 0;
count_i := jResp.SizeOfArray('queries');
while i < count_i do
begin
jResp.I := i;
aggregation := jResp.StringOf('queries[i].aggregation');
metric := jResp.StringOf('queries[i].metric');
name := jResp.StringOf('queries[i].name');
query := jResp.StringOf('queries[i].query');
j := 0;
count_j := jResp.SizeOfArray('queries[i].distinctFields');
while j < count_j do
begin
jResp.J := j;
strVal := jResp.StringOf('queries[i].distinctFields[j]');
j := j + 1;
end;
j := 0;
count_j := jResp.SizeOfArray('queries[i].groupByFields');
while j < count_j do
begin
jResp.J := j;
strVal := jResp.StringOf('queries[i].groupByFields[j]');
j := j + 1;
end;
j := 0;
count_j := jResp.SizeOfArray('queries[i].metrics');
while j < count_j do
begin
jResp.J := j;
strVal := jResp.StringOf('queries[i].metrics[j]');
j := j + 1;
end;
i := i + 1;
end;
i := 0;
count_i := jResp.SizeOfArray('tags');
while i < count_i do
begin
jResp.I := i;
strVal := jResp.StringOf('tags[i]');
i := i + 1;
end;
Curl Command
curl -X GET
-H "Accept: application/json"
https://api.app.ddog-gov.com/api/v2/security_monitoring/rules/:rule_id
Postman Collection Item JSON
{
"name": "Get a rule's details",
"request": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules",
":rule_id"
],
"variable": [
{
"key": "rule_id",
"value": "<string>"
}
]
},
"description": "Get a rule's details."
},
"response": [
{
"name": "OK",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules",
":rule_id"
],
"variable": [
{
"key": "rule_id"
}
]
}
},
"status": "OK",
"code": 200,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"cases\": [\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"medium\"\n },\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"critical\"\n }\n ],\n \"complianceSignalOptions\": {\n \"defaultActivationStatus\": \"<boolean>\",\n \"defaultGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"userActivationStatus\": \"<boolean>\",\n \"userGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"createdAt\": \"<long>\",\n \"creationAuthorId\": \"<long>\",\n \"deprecationDate\": \"<long>\",\n \"filters\": [\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n },\n {\n \"action\": \"require\",\n \"query\": \"<string>\"\n }\n ],\n \"hasExtendedTitle\": \"<boolean>\",\n \"id\": \"<string>\",\n \"isDefault\": \"<boolean>\",\n \"isDeleted\": \"<boolean>\",\n \"isEnabled\": \"<boolean>\",\n \"message\": \"<string>\",\n \"name\": \"<string>\",\n \"options\": {\n \"complianceRuleOptions\": {\n \"complexRule\": \"<boolean>\",\n \"regoRule\": {\n \"policy\": \"<string>\",\n \"resourceTypes\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"resourceType\": \"<string>\"\n },\n \"decreaseCriticalityBasedOnEnv\": \"<boolean>\",\n \"detectionMethod\": \"third_party\",\n \"evaluationWindow\": 300,\n \"hardcodedEvaluatorType\": \"log4shell\",\n \"impossibleTravelOptions\": {\n \"baselineUserLocations\": \"<boolean>\"\n },\n \"keepAlive\": 300,\n \"maxSignalDuration\": 900,\n \"newValueOptions\": {\n \"forgetAfter\": 28,\n \"learningDuration\": 0,\n \"learningMethod\": \"duration\",\n \"learningThreshold\": 0\n }\n },\n \"queries\": [\n {\n \"aggregation\": \"max\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"aggregation\": \"max\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"tags\": [\n \"<string>\",\n \"<string>\"\n ],\n \"type\": \"application_security\",\n \"updateAuthorId\": \"<long>\",\n \"version\": \"<long>\"\n}"
},
{
"name": "Not Found",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules",
":rule_id"
],
"variable": [
{
"key": "rule_id"
}
]
}
},
"status": "Not Found",
"code": 404,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Too many requests",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules",
":rule_id"
],
"variable": [
{
"key": "rule_id"
}
]
}
},
"status": "Too Many Requests",
"code": 429,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
}
]
}