Chilkat Online Tools

.NET Core C# / Datadog API Collection / Get a rule's details

Back to Collection Items

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

Chilkat.Http http = new Chilkat.Http();
bool success;

http.SetRequestHeader("Accept","application/json");

Chilkat.StringBuilder sbResponseBody = new Chilkat.StringBuilder();
success = http.QuickGetSb("https://api.app.ddog-gov.com/api/v2/security_monitoring/rules/:rule_id",sbResponseBody);
if (success == false) {
    Debug.WriteLine(http.LastErrorText);
    return;
}

Chilkat.JsonObject jResp = new Chilkat.JsonObject();
jResp.LoadSb(sbResponseBody);
jResp.EmitCompact = false;

Debug.WriteLine("Response Body:");
Debug.WriteLine(jResp.Emit());

int respStatusCode = http.LastStatus;
Debug.WriteLine("Response Status Code = " + Convert.ToString(respStatusCode));
if (respStatusCode >= 400) {
    Debug.WriteLine("Response Header:");
    Debug.WriteLine(http.LastHeader);
    Debug.WriteLine("Failed.");
    return;
}

// Sample JSON response:
// (Sample code for parsing the JSON response is shown below)

// {
//   "cases": [
//     {
//       "condition": "<string>",
//       "name": "<string>",
//       "notifications": [
//         "<string>",
//         "<string>"
//       ],
//       "status": "medium"
//     },
//     {
//       "condition": "<string>",
//       "name": "<string>",
//       "notifications": [
//         "<string>",
//         "<string>"
//       ],
//       "status": "critical"
//     }
//   ],
//   "complianceSignalOptions": {
//     "defaultActivationStatus": "<boolean>",
//     "defaultGroupByFields": [
//       "<string>",
//       "<string>"
//     ],
//     "userActivationStatus": "<boolean>",
//     "userGroupByFields": [
//       "<string>",
//       "<string>"
//     ]
//   },
//   "createdAt": "<long>",
//   "creationAuthorId": "<long>",
//   "deprecationDate": "<long>",
//   "filters": [
//     {
//       "action": "suppress",
//       "query": "<string>"
//     },
//     {
//       "action": "require",
//       "query": "<string>"
//     }
//   ],
//   "hasExtendedTitle": "<boolean>",
//   "id": "<string>",
//   "isDefault": "<boolean>",
//   "isDeleted": "<boolean>",
//   "isEnabled": "<boolean>",
//   "message": "<string>",
//   "name": "<string>",
//   "options": {
//     "complianceRuleOptions": {
//       "complexRule": "<boolean>",
//       "regoRule": {
//         "policy": "<string>",
//         "resourceTypes": [
//           "<string>",
//           "<string>"
//         ]
//       },
//       "resourceType": "<string>"
//     },
//     "decreaseCriticalityBasedOnEnv": "<boolean>",
//     "detectionMethod": "third_party",
//     "evaluationWindow": 300,
//     "hardcodedEvaluatorType": "log4shell",
//     "impossibleTravelOptions": {
//       "baselineUserLocations": "<boolean>"
//     },
//     "keepAlive": 300,
//     "maxSignalDuration": 900,
//     "newValueOptions": {
//       "forgetAfter": 28,
//       "learningDuration": 0,
//       "learningMethod": "duration",
//       "learningThreshold": 0
//     }
//   },
//   "queries": [
//     {
//       "aggregation": "max",
//       "distinctFields": [
//         "<string>",
//         "<string>"
//       ],
//       "groupByFields": [
//         "<string>",
//         "<string>"
//       ],
//       "metric": "<string>",
//       "metrics": [
//         "<string>",
//         "<string>"
//       ],
//       "name": "<string>",
//       "query": "<string>"
//     },
//     {
//       "aggregation": "max",
//       "distinctFields": [
//         "<string>",
//         "<string>"
//       ],
//       "groupByFields": [
//         "<string>",
//         "<string>"
//       ],
//       "metric": "<string>",
//       "metrics": [
//         "<string>",
//         "<string>"
//       ],
//       "name": "<string>",
//       "query": "<string>"
//     }
//   ],
//   "tags": [
//     "<string>",
//     "<string>"
//   ],
//   "type": "application_security",
//   "updateAuthorId": "<long>",
//   "version": "<long>"
// }

// Sample code for parsing the JSON response...
// Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code

string condition;
string status;
int j;
int count_j;
string strVal;
string action;
string query;
string aggregation;
string metric;

string DefaultActivationStatus = jResp.StringOf("complianceSignalOptions.defaultActivationStatus");
string UserActivationStatus = jResp.StringOf("complianceSignalOptions.userActivationStatus");
string createdAt = jResp.StringOf("createdAt");
string creationAuthorId = jResp.StringOf("creationAuthorId");
string deprecationDate = jResp.StringOf("deprecationDate");
string hasExtendedTitle = jResp.StringOf("hasExtendedTitle");
string id = jResp.StringOf("id");
string isDefault = jResp.StringOf("isDefault");
string isDeleted = jResp.StringOf("isDeleted");
string isEnabled = jResp.StringOf("isEnabled");
string message = jResp.StringOf("message");
string name = jResp.StringOf("name");
string ComplexRule = jResp.StringOf("options.complianceRuleOptions.complexRule");
string Policy = jResp.StringOf("options.complianceRuleOptions.regoRule.policy");
string ResourceType = jResp.StringOf("options.complianceRuleOptions.resourceType");
string DecreaseCriticalityBasedOnEnv = jResp.StringOf("options.decreaseCriticalityBasedOnEnv");
string DetectionMethod = jResp.StringOf("options.detectionMethod");
int EvaluationWindow = jResp.IntOf("options.evaluationWindow");
string HardcodedEvaluatorType = jResp.StringOf("options.hardcodedEvaluatorType");
string BaselineUserLocations = jResp.StringOf("options.impossibleTravelOptions.baselineUserLocations");
int KeepAlive = jResp.IntOf("options.keepAlive");
int MaxSignalDuration = jResp.IntOf("options.maxSignalDuration");
int ForgetAfter = jResp.IntOf("options.newValueOptions.forgetAfter");
int LearningDuration = jResp.IntOf("options.newValueOptions.learningDuration");
string LearningMethod = jResp.StringOf("options.newValueOptions.learningMethod");
int LearningThreshold = jResp.IntOf("options.newValueOptions.learningThreshold");
string v_type = jResp.StringOf("type");
string updateAuthorId = jResp.StringOf("updateAuthorId");
string version = jResp.StringOf("version");
int i = 0;
int count_i = jResp.SizeOfArray("cases");
while (i < count_i) {
    jResp.I = i;
    condition = jResp.StringOf("cases[i].condition");
    name = jResp.StringOf("cases[i].name");
    status = jResp.StringOf("cases[i].status");
    j = 0;
    count_j = jResp.SizeOfArray("cases[i].notifications");
    while (j < count_j) {
        jResp.J = j;
        strVal = jResp.StringOf("cases[i].notifications[j]");
        j = j + 1;
    }

    i = i + 1;
}

i = 0;
count_i = jResp.SizeOfArray("complianceSignalOptions.defaultGroupByFields");
while (i < count_i) {
    jResp.I = i;
    strVal = jResp.StringOf("complianceSignalOptions.defaultGroupByFields[i]");
    i = i + 1;
}

i = 0;
count_i = jResp.SizeOfArray("complianceSignalOptions.userGroupByFields");
while (i < count_i) {
    jResp.I = i;
    strVal = jResp.StringOf("complianceSignalOptions.userGroupByFields[i]");
    i = i + 1;
}

i = 0;
count_i = jResp.SizeOfArray("filters");
while (i < count_i) {
    jResp.I = i;
    action = jResp.StringOf("filters[i].action");
    query = jResp.StringOf("filters[i].query");
    i = i + 1;
}

i = 0;
count_i = jResp.SizeOfArray("options.complianceRuleOptions.regoRule.resourceTypes");
while (i < count_i) {
    jResp.I = i;
    strVal = jResp.StringOf("options.complianceRuleOptions.regoRule.resourceTypes[i]");
    i = i + 1;
}

i = 0;
count_i = jResp.SizeOfArray("queries");
while (i < count_i) {
    jResp.I = i;
    aggregation = jResp.StringOf("queries[i].aggregation");
    metric = jResp.StringOf("queries[i].metric");
    name = jResp.StringOf("queries[i].name");
    query = jResp.StringOf("queries[i].query");
    j = 0;
    count_j = jResp.SizeOfArray("queries[i].distinctFields");
    while (j < count_j) {
        jResp.J = j;
        strVal = jResp.StringOf("queries[i].distinctFields[j]");
        j = j + 1;
    }

    j = 0;
    count_j = jResp.SizeOfArray("queries[i].groupByFields");
    while (j < count_j) {
        jResp.J = j;
        strVal = jResp.StringOf("queries[i].groupByFields[j]");
        j = j + 1;
    }

    j = 0;
    count_j = jResp.SizeOfArray("queries[i].metrics");
    while (j < count_j) {
        jResp.J = j;
        strVal = jResp.StringOf("queries[i].metrics[j]");
        j = j + 1;
    }

    i = i + 1;
}

i = 0;
count_i = jResp.SizeOfArray("tags");
while (i < count_i) {
    jResp.I = i;
    strVal = jResp.StringOf("tags[i]");
    i = i + 1;
}

Curl Command

curl -X GET
	-H "Accept: application/json"
https://api.app.ddog-gov.com/api/v2/security_monitoring/rules/:rule_id

Postman Collection Item JSON

{
  "name": "Get a rule's details",
  "request": {
    "method": "GET",
    "header": [
      {
        "key": "Accept",
        "value": "application/json"
      }
    ],
    "url": {
      "raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
      "host": [
        "{{baseUrl}}"
      ],
      "path": [
        "api",
        "v2",
        "security_monitoring",
        "rules",
        ":rule_id"
      ],
      "variable": [
        {
          "key": "rule_id",
          "value": "<string>"
        }
      ]
    },
    "description": "Get a rule's details."
  },
  "response": [
    {
      "name": "OK",
      "originalRequest": {
        "method": "GET",
        "header": [
          {
            "key": "Accept",
            "value": "application/json"
          },
          {
            "description": "Added as a part of security scheme: apikey",
            "key": "DD-API-KEY",
            "value": "<API Key>"
          }
        ],
        "url": {
          "raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
          "host": [
            "{{baseUrl}}"
          ],
          "path": [
            "api",
            "v2",
            "security_monitoring",
            "rules",
            ":rule_id"
          ],
          "variable": [
            {
              "key": "rule_id"
            }
          ]
        }
      },
      "status": "OK",
      "code": 200,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "Content-Type",
          "value": "application/json"
        }
      ],
      "cookie": [
      ],
      "body": "{\n  \"cases\": [\n    {\n      \"condition\": \"<string>\",\n      \"name\": \"<string>\",\n      \"notifications\": [\n        \"<string>\",\n        \"<string>\"\n      ],\n      \"status\": \"medium\"\n    },\n    {\n      \"condition\": \"<string>\",\n      \"name\": \"<string>\",\n      \"notifications\": [\n        \"<string>\",\n        \"<string>\"\n      ],\n      \"status\": \"critical\"\n    }\n  ],\n  \"complianceSignalOptions\": {\n    \"defaultActivationStatus\": \"<boolean>\",\n    \"defaultGroupByFields\": [\n      \"<string>\",\n      \"<string>\"\n    ],\n    \"userActivationStatus\": \"<boolean>\",\n    \"userGroupByFields\": [\n      \"<string>\",\n      \"<string>\"\n    ]\n  },\n  \"createdAt\": \"<long>\",\n  \"creationAuthorId\": \"<long>\",\n  \"deprecationDate\": \"<long>\",\n  \"filters\": [\n    {\n      \"action\": \"suppress\",\n      \"query\": \"<string>\"\n    },\n    {\n      \"action\": \"require\",\n      \"query\": \"<string>\"\n    }\n  ],\n  \"hasExtendedTitle\": \"<boolean>\",\n  \"id\": \"<string>\",\n  \"isDefault\": \"<boolean>\",\n  \"isDeleted\": \"<boolean>\",\n  \"isEnabled\": \"<boolean>\",\n  \"message\": \"<string>\",\n  \"name\": \"<string>\",\n  \"options\": {\n    \"complianceRuleOptions\": {\n      \"complexRule\": \"<boolean>\",\n      \"regoRule\": {\n        \"policy\": \"<string>\",\n        \"resourceTypes\": [\n          \"<string>\",\n          \"<string>\"\n        ]\n      },\n      \"resourceType\": \"<string>\"\n    },\n    \"decreaseCriticalityBasedOnEnv\": \"<boolean>\",\n    \"detectionMethod\": \"third_party\",\n    \"evaluationWindow\": 300,\n    \"hardcodedEvaluatorType\": \"log4shell\",\n    \"impossibleTravelOptions\": {\n      \"baselineUserLocations\": \"<boolean>\"\n    },\n    \"keepAlive\": 300,\n    \"maxSignalDuration\": 900,\n    \"newValueOptions\": {\n      \"forgetAfter\": 28,\n      \"learningDuration\": 0,\n      \"learningMethod\": \"duration\",\n      \"learningThreshold\": 0\n    }\n  },\n  \"queries\": [\n    {\n      \"aggregation\": \"max\",\n      \"distinctFields\": [\n        \"<string>\",\n        \"<string>\"\n      ],\n      \"groupByFields\": [\n        \"<string>\",\n        \"<string>\"\n      ],\n      \"metric\": \"<string>\",\n      \"metrics\": [\n        \"<string>\",\n        \"<string>\"\n      ],\n      \"name\": \"<string>\",\n      \"query\": \"<string>\"\n    },\n    {\n      \"aggregation\": \"max\",\n      \"distinctFields\": [\n        \"<string>\",\n        \"<string>\"\n      ],\n      \"groupByFields\": [\n        \"<string>\",\n        \"<string>\"\n      ],\n      \"metric\": \"<string>\",\n      \"metrics\": [\n        \"<string>\",\n        \"<string>\"\n      ],\n      \"name\": \"<string>\",\n      \"query\": \"<string>\"\n    }\n  ],\n  \"tags\": [\n    \"<string>\",\n    \"<string>\"\n  ],\n  \"type\": \"application_security\",\n  \"updateAuthorId\": \"<long>\",\n  \"version\": \"<long>\"\n}"
    },
    {
      "name": "Not Found",
      "originalRequest": {
        "method": "GET",
        "header": [
          {
            "key": "Accept",
            "value": "application/json"
          },
          {
            "description": "Added as a part of security scheme: apikey",
            "key": "DD-API-KEY",
            "value": "<API Key>"
          }
        ],
        "url": {
          "raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
          "host": [
            "{{baseUrl}}"
          ],
          "path": [
            "api",
            "v2",
            "security_monitoring",
            "rules",
            ":rule_id"
          ],
          "variable": [
            {
              "key": "rule_id"
            }
          ]
        }
      },
      "status": "Not Found",
      "code": 404,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "Content-Type",
          "value": "application/json"
        }
      ],
      "cookie": [
      ],
      "body": "{\n  \"errors\": [\n    \"<string>\",\n    \"<string>\"\n  ]\n}"
    },
    {
      "name": "Too many requests",
      "originalRequest": {
        "method": "GET",
        "header": [
          {
            "key": "Accept",
            "value": "application/json"
          },
          {
            "description": "Added as a part of security scheme: apikey",
            "key": "DD-API-KEY",
            "value": "<API Key>"
          }
        ],
        "url": {
          "raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
          "host": [
            "{{baseUrl}}"
          ],
          "path": [
            "api",
            "v2",
            "security_monitoring",
            "rules",
            ":rule_id"
          ],
          "variable": [
            {
              "key": "rule_id"
            }
          ]
        }
      },
      "status": "Too Many Requests",
      "code": 429,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "Content-Type",
          "value": "application/json"
        }
      ],
      "cookie": [
      ],
      "body": "{\n  \"errors\": [\n    \"<string>\",\n    \"<string>\"\n  ]\n}"
    }
  ]
}