Chilkat Online Tools

lianja / Datadog API Collection / Create a security filter

Back to Collection Items

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

loHttp = createobject("CkHttp")

// Use this online tool to generate code from sample JSON: Generate Code to Create JSON

// The following JSON is sent in the request body.

// {
//   "data": {
//     "type": "security_filters",
//     "attributes": {
//       "name": "<string>",
//       "query": "<string>",
//       "exclusion_filters": [
//         {
//           "name": "<string>",
//           "query": "<string>"
//         },
//         {
//           "name": "<string>",
//           "query": "<string>"
//         }
//       ],
//       "filtered_data_type": "logs",
//       "is_enabled": "<boolean>"
//     }
//   }
// }

loJson = createobject("CkJsonObject")
loJson.UpdateString("data.type","security_filters")
loJson.UpdateString("data.attributes.name","<string>")
loJson.UpdateString("data.attributes.query","<string>")
loJson.UpdateString("data.attributes.exclusion_filters[0].name","<string>")
loJson.UpdateString("data.attributes.exclusion_filters[0].query","<string>")
loJson.UpdateString("data.attributes.exclusion_filters[1].name","<string>")
loJson.UpdateString("data.attributes.exclusion_filters[1].query","<string>")
loJson.UpdateString("data.attributes.filtered_data_type","logs")
loJson.UpdateString("data.attributes.is_enabled","<boolean>")

loHttp.SetRequestHeader("Content-Type","application/json")
loHttp.SetRequestHeader("Accept","application/json")

loResp = loHttp.PostJson3("https://api.app.ddog-gov.com/api/v2/security_monitoring/configuration/security_filters","application/json",loJson)
if (loHttp.LastMethodSuccess = .F.) then
    ? loHttp.LastErrorText
    release loHttp
    release loJson
    return
endif

loSbResponseBody = createobject("CkStringBuilder")
loResp.GetBodySb(loSbResponseBody)

loJResp = createobject("CkJsonObject")
loJResp.LoadSb(loSbResponseBody)
loJResp.EmitCompact = .F.

? "Response Body:"
? loJResp.Emit()

lnRespStatusCode = loResp.StatusCode
? "Response Status Code = " + str(lnRespStatusCode)
if (lnRespStatusCode >= 400) then
    ? "Response Header:"
    ? loResp.Header
    ? "Failed."
    release loResp
    release loHttp
    release loJson
    release loSbResponseBody
    release loJResp
    return
endif

release loResp

// Sample JSON response:
// (Sample code for parsing the JSON response is shown below)

// {
//   "data": {
//     "attributes": {
//       "exclusion_filters": [
//         {
//           "name": "<string>",
//           "query": "<string>"
//         },
//         {
//           "name": "<string>",
//           "query": "<string>"
//         }
//       ],
//       "filtered_data_type": "logs",
//       "is_builtin": "<boolean>",
//       "is_enabled": "<boolean>",
//       "name": "<string>",
//       "query": "<string>",
//       "version": "<integer>"
//     },
//     "id": "<string>",
//     "type": "security_filters"
//   },
//   "meta": {
//     "warning": "<string>"
//   }
// }

// Sample code for parsing the JSON response...
// Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code

lcFiltered_data_type = loJResp.StringOf("data.attributes.filtered_data_type")
lcIs_builtin = loJResp.StringOf("data.attributes.is_builtin")
lcIs_enabled = loJResp.StringOf("data.attributes.is_enabled")
lcName = loJResp.StringOf("data.attributes.name")
lcQuery = loJResp.StringOf("data.attributes.query")
lcVersion = loJResp.StringOf("data.attributes.version")
lcId = loJResp.StringOf("data.id")
lcV_Type = loJResp.StringOf("data.type")
lcWarning = loJResp.StringOf("meta.warning")
i = 0
lnCount_i = loJResp.SizeOfArray("data.attributes.exclusion_filters")
do while i < lnCount_i
    loJResp.I = i
    lcName = loJResp.StringOf("data.attributes.exclusion_filters[i].name")
    lcQuery = loJResp.StringOf("data.attributes.exclusion_filters[i].query")
    i = i + 1
enddo


release loHttp
release loJson
release loSbResponseBody
release loJResp

Curl Command

curl -X POST
	-H "Content-Type: application/json"
	-H "Accept: application/json"
	-d '{
  "data": {
    "type": "security_filters",
    "attributes": {
      "name": "<string>",
      "query": "<string>",
      "exclusion_filters": [
        {
          "name": "<string>",
          "query": "<string>"
        },
        {
          "name": "<string>",
          "query": "<string>"
        }
      ],
      "filtered_data_type": "logs",
      "is_enabled": "<boolean>"
    }
  }
}'
https://api.app.ddog-gov.com/api/v2/security_monitoring/configuration/security_filters

Postman Collection Item JSON

{
  "name": "Create a security filter",
  "request": {
    "method": "POST",
    "header": [
      {
        "key": "Content-Type",
        "value": "application/json"
      },
      {
        "key": "Accept",
        "value": "application/json"
      }
    ],
    "body": {
      "mode": "raw",
      "raw": "{\n  \"data\": {\n    \"type\": \"security_filters\",\n    \"attributes\": {\n      \"name\": \"<string>\",\n      \"query\": \"<string>\",\n      \"exclusion_filters\": [\n        {\n          \"name\": \"<string>\",\n          \"query\": \"<string>\"\n        },\n        {\n          \"name\": \"<string>\",\n          \"query\": \"<string>\"\n        }\n      ],\n      \"filtered_data_type\": \"logs\",\n      \"is_enabled\": \"<boolean>\"\n    }\n  }\n}",
      "options": {
        "raw": {
          "headerFamily": "json",
          "language": "json"
        }
      }
    },
    "url": {
      "raw": "{{baseUrl}}/api/v2/security_monitoring/configuration/security_filters",
      "host": [
        "{{baseUrl}}"
      ],
      "path": [
        "api",
        "v2",
        "security_monitoring",
        "configuration",
        "security_filters"
      ]
    },
    "description": "Create a security filter.\n\nSee the [security filter guide](https://docs.datadoghq.com/security_platform/guide/how-to-setup-security-filters-using-security-monitoring-api/)\nfor more examples."
  },
  "response": [
    {
      "name": "OK",
      "originalRequest": {
        "method": "POST",
        "header": [
          {
            "key": "Content-Type",
            "value": "application/json"
          },
          {
            "key": "Accept",
            "value": "application/json"
          },
          {
            "description": "Added as a part of security scheme: apikey",
            "key": "DD-API-KEY",
            "value": "<API Key>"
          }
        ],
        "body": {
          "mode": "raw",
          "raw": "{\n  \"data\": {\n    \"type\": \"security_filters\",\n    \"attributes\": {\n      \"name\": \"<string>\",\n      \"query\": \"<string>\",\n      \"exclusion_filters\": [\n        {\n          \"name\": \"<string>\",\n          \"query\": \"<string>\"\n        },\n        {\n          \"name\": \"<string>\",\n          \"query\": \"<string>\"\n        }\n      ],\n      \"filtered_data_type\": \"logs\",\n      \"is_enabled\": \"<boolean>\"\n    }\n  }\n}",
          "options": {
            "raw": {
              "headerFamily": "json",
              "language": "json"
            }
          }
        },
        "url": {
          "raw": "{{baseUrl}}/api/v2/security_monitoring/configuration/security_filters",
          "host": [
            "{{baseUrl}}"
          ],
          "path": [
            "api",
            "v2",
            "security_monitoring",
            "configuration",
            "security_filters"
          ]
        }
      },
      "status": "OK",
      "code": 200,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "Content-Type",
          "value": "application/json"
        }
      ],
      "cookie": [
      ],
      "body": "{\n  \"data\": {\n    \"attributes\": {\n      \"exclusion_filters\": [\n        {\n          \"name\": \"<string>\",\n          \"query\": \"<string>\"\n        },\n        {\n          \"name\": \"<string>\",\n          \"query\": \"<string>\"\n        }\n      ],\n      \"filtered_data_type\": \"logs\",\n      \"is_builtin\": \"<boolean>\",\n      \"is_enabled\": \"<boolean>\",\n      \"name\": \"<string>\",\n      \"query\": \"<string>\",\n      \"version\": \"<integer>\"\n    },\n    \"id\": \"<string>\",\n    \"type\": \"security_filters\"\n  },\n  \"meta\": {\n    \"warning\": \"<string>\"\n  }\n}"
    },
    {
      "name": "Bad Request",
      "originalRequest": {
        "method": "POST",
        "header": [
          {
            "key": "Content-Type",
            "value": "application/json"
          },
          {
            "key": "Accept",
            "value": "application/json"
          },
          {
            "description": "Added as a part of security scheme: apikey",
            "key": "DD-API-KEY",
            "value": "<API Key>"
          }
        ],
        "body": {
          "mode": "raw",
          "raw": "{\n  \"data\": {\n    \"type\": \"security_filters\",\n    \"attributes\": {\n      \"name\": \"<string>\",\n      \"query\": \"<string>\",\n      \"exclusion_filters\": [\n        {\n          \"name\": \"<string>\",\n          \"query\": \"<string>\"\n        },\n        {\n          \"name\": \"<string>\",\n          \"query\": \"<string>\"\n        }\n      ],\n      \"filtered_data_type\": \"logs\",\n      \"is_enabled\": \"<boolean>\"\n    }\n  }\n}",
          "options": {
            "raw": {
              "headerFamily": "json",
              "language": "json"
            }
          }
        },
        "url": {
          "raw": "{{baseUrl}}/api/v2/security_monitoring/configuration/security_filters",
          "host": [
            "{{baseUrl}}"
          ],
          "path": [
            "api",
            "v2",
            "security_monitoring",
            "configuration",
            "security_filters"
          ]
        }
      },
      "status": "Bad Request",
      "code": 400,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "Content-Type",
          "value": "application/json"
        }
      ],
      "cookie": [
      ],
      "body": "{\n  \"errors\": [\n    \"<string>\",\n    \"<string>\"\n  ]\n}"
    },
    {
      "name": "Not Authorized",
      "originalRequest": {
        "method": "POST",
        "header": [
          {
            "key": "Content-Type",
            "value": "application/json"
          },
          {
            "key": "Accept",
            "value": "application/json"
          },
          {
            "description": "Added as a part of security scheme: apikey",
            "key": "DD-API-KEY",
            "value": "<API Key>"
          }
        ],
        "body": {
          "mode": "raw",
          "raw": "{\n  \"data\": {\n    \"type\": \"security_filters\",\n    \"attributes\": {\n      \"name\": \"<string>\",\n      \"query\": \"<string>\",\n      \"exclusion_filters\": [\n        {\n          \"name\": \"<string>\",\n          \"query\": \"<string>\"\n        },\n        {\n          \"name\": \"<string>\",\n          \"query\": \"<string>\"\n        }\n      ],\n      \"filtered_data_type\": \"logs\",\n      \"is_enabled\": \"<boolean>\"\n    }\n  }\n}",
          "options": {
            "raw": {
              "headerFamily": "json",
              "language": "json"
            }
          }
        },
        "url": {
          "raw": "{{baseUrl}}/api/v2/security_monitoring/configuration/security_filters",
          "host": [
            "{{baseUrl}}"
          ],
          "path": [
            "api",
            "v2",
            "security_monitoring",
            "configuration",
            "security_filters"
          ]
        }
      },
      "status": "Forbidden",
      "code": 403,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "Content-Type",
          "value": "application/json"
        }
      ],
      "cookie": [
      ],
      "body": "{\n  \"errors\": [\n    \"<string>\",\n    \"<string>\"\n  ]\n}"
    },
    {
      "name": "Conflict",
      "originalRequest": {
        "method": "POST",
        "header": [
          {
            "key": "Content-Type",
            "value": "application/json"
          },
          {
            "key": "Accept",
            "value": "application/json"
          },
          {
            "description": "Added as a part of security scheme: apikey",
            "key": "DD-API-KEY",
            "value": "<API Key>"
          }
        ],
        "body": {
          "mode": "raw",
          "raw": "{\n  \"data\": {\n    \"type\": \"security_filters\",\n    \"attributes\": {\n      \"name\": \"<string>\",\n      \"query\": \"<string>\",\n      \"exclusion_filters\": [\n        {\n          \"name\": \"<string>\",\n          \"query\": \"<string>\"\n        },\n        {\n          \"name\": \"<string>\",\n          \"query\": \"<string>\"\n        }\n      ],\n      \"filtered_data_type\": \"logs\",\n      \"is_enabled\": \"<boolean>\"\n    }\n  }\n}",
          "options": {
            "raw": {
              "headerFamily": "json",
              "language": "json"
            }
          }
        },
        "url": {
          "raw": "{{baseUrl}}/api/v2/security_monitoring/configuration/security_filters",
          "host": [
            "{{baseUrl}}"
          ],
          "path": [
            "api",
            "v2",
            "security_monitoring",
            "configuration",
            "security_filters"
          ]
        }
      },
      "status": "Conflict",
      "code": 409,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "Content-Type",
          "value": "application/json"
        }
      ],
      "cookie": [
      ],
      "body": "{\n  \"errors\": [\n    \"<string>\",\n    \"<string>\"\n  ]\n}"
    },
    {
      "name": "Too many requests",
      "originalRequest": {
        "method": "POST",
        "header": [
          {
            "key": "Content-Type",
            "value": "application/json"
          },
          {
            "key": "Accept",
            "value": "application/json"
          },
          {
            "description": "Added as a part of security scheme: apikey",
            "key": "DD-API-KEY",
            "value": "<API Key>"
          }
        ],
        "body": {
          "mode": "raw",
          "raw": "{\n  \"data\": {\n    \"type\": \"security_filters\",\n    \"attributes\": {\n      \"name\": \"<string>\",\n      \"query\": \"<string>\",\n      \"exclusion_filters\": [\n        {\n          \"name\": \"<string>\",\n          \"query\": \"<string>\"\n        },\n        {\n          \"name\": \"<string>\",\n          \"query\": \"<string>\"\n        }\n      ],\n      \"filtered_data_type\": \"logs\",\n      \"is_enabled\": \"<boolean>\"\n    }\n  }\n}",
          "options": {
            "raw": {
              "headerFamily": "json",
              "language": "json"
            }
          }
        },
        "url": {
          "raw": "{{baseUrl}}/api/v2/security_monitoring/configuration/security_filters",
          "host": [
            "{{baseUrl}}"
          ],
          "path": [
            "api",
            "v2",
            "security_monitoring",
            "configuration",
            "security_filters"
          ]
        }
      },
      "status": "Too Many Requests",
      "code": 429,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "Content-Type",
          "value": "application/json"
        }
      ],
      "cookie": [
      ],
      "body": "{\n  \"errors\": [\n    \"<string>\",\n    \"<string>\"\n  ]\n}"
    }
  ]
}