Back to Collection Items
LOCAL loHttp
LOCAL lnSuccess
LOCAL loSbResponseBody
LOCAL loJResp
LOCAL lnRespStatusCode
LOCAL lcCondition
LOCAL lcStatus
LOCAL j
LOCAL lnCount_j
LOCAL lcStrVal
LOCAL lcAction
LOCAL lcQuery
LOCAL lcAggregation
LOCAL lcMetric
LOCAL lcDefaultActivationStatus
LOCAL lcUserActivationStatus
LOCAL lcCreatedAt
LOCAL lcCreationAuthorId
LOCAL lcDeprecationDate
LOCAL lcHasExtendedTitle
LOCAL lcId
LOCAL lcIsDefault
LOCAL lcIsDeleted
LOCAL lcIsEnabled
LOCAL lcMessage
LOCAL lcName
LOCAL lcComplexRule
LOCAL lcPolicy
LOCAL lcResourceType
LOCAL lcDecreaseCriticalityBasedOnEnv
LOCAL lcDetectionMethod
LOCAL lnEvaluationWindow
LOCAL lcHardcodedEvaluatorType
LOCAL lcBaselineUserLocations
LOCAL lnKeepAlive
LOCAL lnMaxSignalDuration
LOCAL lnForgetAfter
LOCAL lnLearningDuration
LOCAL lcLearningMethod
LOCAL lnLearningThreshold
LOCAL lcV_type
LOCAL lcUpdateAuthorId
LOCAL lcVersion
LOCAL i
LOCAL lnCount_i
* This example assumes the Chilkat API to have been previously unlocked.
* See Global Unlock Sample for sample code.
* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Http')
loHttp = CreateObject('Chilkat.Http')
loHttp.SetRequestHeader("Accept","application/json")
* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.StringBuilder')
loSbResponseBody = CreateObject('Chilkat.StringBuilder')
lnSuccess = loHttp.QuickGetSb("https://api.app.ddog-gov.com/api/v2/security_monitoring/rules/:rule_id",loSbResponseBody)
IF (lnSuccess = 0) THEN
? loHttp.LastErrorText
RELEASE loHttp
RELEASE loSbResponseBody
CANCEL
ENDIF
* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.JsonObject')
loJResp = CreateObject('Chilkat.JsonObject')
loJResp.LoadSb(loSbResponseBody)
loJResp.EmitCompact = 0
? "Response Body:"
? loJResp.Emit()
lnRespStatusCode = loHttp.LastStatus
? "Response Status Code = " + STR(lnRespStatusCode)
IF (lnRespStatusCode >= 400) THEN
? "Response Header:"
? loHttp.LastHeader
? "Failed."
RELEASE loHttp
RELEASE loSbResponseBody
RELEASE loJResp
CANCEL
ENDIF
* Sample JSON response:
* (Sample code for parsing the JSON response is shown below)
* {
* "cases": [
* {
* "condition": "<string>",
* "name": "<string>",
* "notifications": [
* "<string>",
* "<string>"
* ],
* "status": "medium"
* },
* {
* "condition": "<string>",
* "name": "<string>",
* "notifications": [
* "<string>",
* "<string>"
* ],
* "status": "critical"
* }
* ],
* "complianceSignalOptions": {
* "defaultActivationStatus": "<boolean>",
* "defaultGroupByFields": [
* "<string>",
* "<string>"
* ],
* "userActivationStatus": "<boolean>",
* "userGroupByFields": [
* "<string>",
* "<string>"
* ]
* },
* "createdAt": "<long>",
* "creationAuthorId": "<long>",
* "deprecationDate": "<long>",
* "filters": [
* {
* "action": "suppress",
* "query": "<string>"
* },
* {
* "action": "require",
* "query": "<string>"
* }
* ],
* "hasExtendedTitle": "<boolean>",
* "id": "<string>",
* "isDefault": "<boolean>",
* "isDeleted": "<boolean>",
* "isEnabled": "<boolean>",
* "message": "<string>",
* "name": "<string>",
* "options": {
* "complianceRuleOptions": {
* "complexRule": "<boolean>",
* "regoRule": {
* "policy": "<string>",
* "resourceTypes": [
* "<string>",
* "<string>"
* ]
* },
* "resourceType": "<string>"
* },
* "decreaseCriticalityBasedOnEnv": "<boolean>",
* "detectionMethod": "third_party",
* "evaluationWindow": 300,
* "hardcodedEvaluatorType": "log4shell",
* "impossibleTravelOptions": {
* "baselineUserLocations": "<boolean>"
* },
* "keepAlive": 300,
* "maxSignalDuration": 900,
* "newValueOptions": {
* "forgetAfter": 28,
* "learningDuration": 0,
* "learningMethod": "duration",
* "learningThreshold": 0
* }
* },
* "queries": [
* {
* "aggregation": "max",
* "distinctFields": [
* "<string>",
* "<string>"
* ],
* "groupByFields": [
* "<string>",
* "<string>"
* ],
* "metric": "<string>",
* "metrics": [
* "<string>",
* "<string>"
* ],
* "name": "<string>",
* "query": "<string>"
* },
* {
* "aggregation": "max",
* "distinctFields": [
* "<string>",
* "<string>"
* ],
* "groupByFields": [
* "<string>",
* "<string>"
* ],
* "metric": "<string>",
* "metrics": [
* "<string>",
* "<string>"
* ],
* "name": "<string>",
* "query": "<string>"
* }
* ],
* "tags": [
* "<string>",
* "<string>"
* ],
* "type": "application_security",
* "updateAuthorId": "<long>",
* "version": "<long>"
* }
* Sample code for parsing the JSON response...
* Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code
lcDefaultActivationStatus = loJResp.StringOf("complianceSignalOptions.defaultActivationStatus")
lcUserActivationStatus = loJResp.StringOf("complianceSignalOptions.userActivationStatus")
lcCreatedAt = loJResp.StringOf("createdAt")
lcCreationAuthorId = loJResp.StringOf("creationAuthorId")
lcDeprecationDate = loJResp.StringOf("deprecationDate")
lcHasExtendedTitle = loJResp.StringOf("hasExtendedTitle")
lcId = loJResp.StringOf("id")
lcIsDefault = loJResp.StringOf("isDefault")
lcIsDeleted = loJResp.StringOf("isDeleted")
lcIsEnabled = loJResp.StringOf("isEnabled")
lcMessage = loJResp.StringOf("message")
lcName = loJResp.StringOf("name")
lcComplexRule = loJResp.StringOf("options.complianceRuleOptions.complexRule")
lcPolicy = loJResp.StringOf("options.complianceRuleOptions.regoRule.policy")
lcResourceType = loJResp.StringOf("options.complianceRuleOptions.resourceType")
lcDecreaseCriticalityBasedOnEnv = loJResp.StringOf("options.decreaseCriticalityBasedOnEnv")
lcDetectionMethod = loJResp.StringOf("options.detectionMethod")
lnEvaluationWindow = loJResp.IntOf("options.evaluationWindow")
lcHardcodedEvaluatorType = loJResp.StringOf("options.hardcodedEvaluatorType")
lcBaselineUserLocations = loJResp.StringOf("options.impossibleTravelOptions.baselineUserLocations")
lnKeepAlive = loJResp.IntOf("options.keepAlive")
lnMaxSignalDuration = loJResp.IntOf("options.maxSignalDuration")
lnForgetAfter = loJResp.IntOf("options.newValueOptions.forgetAfter")
lnLearningDuration = loJResp.IntOf("options.newValueOptions.learningDuration")
lcLearningMethod = loJResp.StringOf("options.newValueOptions.learningMethod")
lnLearningThreshold = loJResp.IntOf("options.newValueOptions.learningThreshold")
lcV_type = loJResp.StringOf("type")
lcUpdateAuthorId = loJResp.StringOf("updateAuthorId")
lcVersion = loJResp.StringOf("version")
i = 0
lnCount_i = loJResp.SizeOfArray("cases")
DO WHILE i < lnCount_i
loJResp.I = i
lcCondition = loJResp.StringOf("cases[i].condition")
lcName = loJResp.StringOf("cases[i].name")
lcStatus = loJResp.StringOf("cases[i].status")
j = 0
lnCount_j = loJResp.SizeOfArray("cases[i].notifications")
DO WHILE j < lnCount_j
loJResp.J = j
lcStrVal = loJResp.StringOf("cases[i].notifications[j]")
j = j + 1
ENDDO
i = i + 1
ENDDO
i = 0
lnCount_i = loJResp.SizeOfArray("complianceSignalOptions.defaultGroupByFields")
DO WHILE i < lnCount_i
loJResp.I = i
lcStrVal = loJResp.StringOf("complianceSignalOptions.defaultGroupByFields[i]")
i = i + 1
ENDDO
i = 0
lnCount_i = loJResp.SizeOfArray("complianceSignalOptions.userGroupByFields")
DO WHILE i < lnCount_i
loJResp.I = i
lcStrVal = loJResp.StringOf("complianceSignalOptions.userGroupByFields[i]")
i = i + 1
ENDDO
i = 0
lnCount_i = loJResp.SizeOfArray("filters")
DO WHILE i < lnCount_i
loJResp.I = i
lcAction = loJResp.StringOf("filters[i].action")
lcQuery = loJResp.StringOf("filters[i].query")
i = i + 1
ENDDO
i = 0
lnCount_i = loJResp.SizeOfArray("options.complianceRuleOptions.regoRule.resourceTypes")
DO WHILE i < lnCount_i
loJResp.I = i
lcStrVal = loJResp.StringOf("options.complianceRuleOptions.regoRule.resourceTypes[i]")
i = i + 1
ENDDO
i = 0
lnCount_i = loJResp.SizeOfArray("queries")
DO WHILE i < lnCount_i
loJResp.I = i
lcAggregation = loJResp.StringOf("queries[i].aggregation")
lcMetric = loJResp.StringOf("queries[i].metric")
lcName = loJResp.StringOf("queries[i].name")
lcQuery = loJResp.StringOf("queries[i].query")
j = 0
lnCount_j = loJResp.SizeOfArray("queries[i].distinctFields")
DO WHILE j < lnCount_j
loJResp.J = j
lcStrVal = loJResp.StringOf("queries[i].distinctFields[j]")
j = j + 1
ENDDO
j = 0
lnCount_j = loJResp.SizeOfArray("queries[i].groupByFields")
DO WHILE j < lnCount_j
loJResp.J = j
lcStrVal = loJResp.StringOf("queries[i].groupByFields[j]")
j = j + 1
ENDDO
j = 0
lnCount_j = loJResp.SizeOfArray("queries[i].metrics")
DO WHILE j < lnCount_j
loJResp.J = j
lcStrVal = loJResp.StringOf("queries[i].metrics[j]")
j = j + 1
ENDDO
i = i + 1
ENDDO
i = 0
lnCount_i = loJResp.SizeOfArray("tags")
DO WHILE i < lnCount_i
loJResp.I = i
lcStrVal = loJResp.StringOf("tags[i]")
i = i + 1
ENDDO
RELEASE loHttp
RELEASE loSbResponseBody
RELEASE loJResp
Curl Command
curl -X GET
-H "Accept: application/json"
https://api.app.ddog-gov.com/api/v2/security_monitoring/rules/:rule_id
Postman Collection Item JSON
{
"name": "Get a rule's details",
"request": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules",
":rule_id"
],
"variable": [
{
"key": "rule_id",
"value": "<string>"
}
]
},
"description": "Get a rule's details."
},
"response": [
{
"name": "OK",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules",
":rule_id"
],
"variable": [
{
"key": "rule_id"
}
]
}
},
"status": "OK",
"code": 200,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"cases\": [\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"medium\"\n },\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"critical\"\n }\n ],\n \"complianceSignalOptions\": {\n \"defaultActivationStatus\": \"<boolean>\",\n \"defaultGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"userActivationStatus\": \"<boolean>\",\n \"userGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"createdAt\": \"<long>\",\n \"creationAuthorId\": \"<long>\",\n \"deprecationDate\": \"<long>\",\n \"filters\": [\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n },\n {\n \"action\": \"require\",\n \"query\": \"<string>\"\n }\n ],\n \"hasExtendedTitle\": \"<boolean>\",\n \"id\": \"<string>\",\n \"isDefault\": \"<boolean>\",\n \"isDeleted\": \"<boolean>\",\n \"isEnabled\": \"<boolean>\",\n \"message\": \"<string>\",\n \"name\": \"<string>\",\n \"options\": {\n \"complianceRuleOptions\": {\n \"complexRule\": \"<boolean>\",\n \"regoRule\": {\n \"policy\": \"<string>\",\n \"resourceTypes\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"resourceType\": \"<string>\"\n },\n \"decreaseCriticalityBasedOnEnv\": \"<boolean>\",\n \"detectionMethod\": \"third_party\",\n \"evaluationWindow\": 300,\n \"hardcodedEvaluatorType\": \"log4shell\",\n \"impossibleTravelOptions\": {\n \"baselineUserLocations\": \"<boolean>\"\n },\n \"keepAlive\": 300,\n \"maxSignalDuration\": 900,\n \"newValueOptions\": {\n \"forgetAfter\": 28,\n \"learningDuration\": 0,\n \"learningMethod\": \"duration\",\n \"learningThreshold\": 0\n }\n },\n \"queries\": [\n {\n \"aggregation\": \"max\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"aggregation\": \"max\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"tags\": [\n \"<string>\",\n \"<string>\"\n ],\n \"type\": \"application_security\",\n \"updateAuthorId\": \"<long>\",\n \"version\": \"<long>\"\n}"
},
{
"name": "Not Found",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules",
":rule_id"
],
"variable": [
{
"key": "rule_id"
}
]
}
},
"status": "Not Found",
"code": 404,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Too many requests",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules",
":rule_id"
],
"variable": [
{
"key": "rule_id"
}
]
}
},
"status": "Too Many Requests",
"code": 429,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
}
]
}
