Back to Collection Items
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
DECLARE @hr int
DECLARE @iTmp0 int
-- Important: Do not use nvarchar(max). See the warning about using nvarchar(max).
DECLARE @sTmp0 nvarchar(4000)
-- This example assumes the Chilkat API to have been previously unlocked.
-- See Global Unlock Sample for sample code.
DECLARE @http int
EXEC @hr = sp_OACreate 'Chilkat_9_5_0.Http', @http OUT
IF @hr <> 0
BEGIN
PRINT 'Failed to create ActiveX component'
RETURN
END
DECLARE @success int
DECLARE @queryParams int
EXEC @hr = sp_OACreate 'Chilkat_9_5_0.JsonObject', @queryParams OUT
EXEC sp_OAMethod @queryParams, 'UpdateInt', @success OUT, 'page[size]', 10
EXEC sp_OAMethod @queryParams, 'UpdateInt', @success OUT, 'page[number]', 0
EXEC sp_OAMethod @http, 'SetRequestHeader', NULL, 'Accept', 'application/json'
DECLARE @resp int
EXEC sp_OAMethod @http, 'QuickRequestParams', @resp OUT, 'GET', 'https://api.app.ddog-gov.com/api/v2/security_monitoring/rules', @queryParams
EXEC sp_OAGetProperty @http, 'LastMethodSuccess', @iTmp0 OUT
IF @iTmp0 = 0
BEGIN
EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @http
EXEC @hr = sp_OADestroy @queryParams
RETURN
END
DECLARE @sbResponseBody int
EXEC @hr = sp_OACreate 'Chilkat_9_5_0.StringBuilder', @sbResponseBody OUT
EXEC sp_OAMethod @resp, 'GetBodySb', @success OUT, @sbResponseBody
DECLARE @jResp int
EXEC @hr = sp_OACreate 'Chilkat_9_5_0.JsonObject', @jResp OUT
EXEC sp_OAMethod @jResp, 'LoadSb', @success OUT, @sbResponseBody
EXEC sp_OASetProperty @jResp, 'EmitCompact', 0
PRINT 'Response Body:'
EXEC sp_OAMethod @jResp, 'Emit', @sTmp0 OUT
PRINT @sTmp0
DECLARE @respStatusCode int
EXEC sp_OAGetProperty @resp, 'StatusCode', @respStatusCode OUT
PRINT 'Response Status Code = ' + @respStatusCode
IF @respStatusCode >= 400
BEGIN
PRINT 'Response Header:'
EXEC sp_OAGetProperty @resp, 'Header', @sTmp0 OUT
PRINT @sTmp0
PRINT 'Failed.'
EXEC @hr = sp_OADestroy @resp
EXEC @hr = sp_OADestroy @http
EXEC @hr = sp_OADestroy @queryParams
EXEC @hr = sp_OADestroy @sbResponseBody
EXEC @hr = sp_OADestroy @jResp
RETURN
END
EXEC @hr = sp_OADestroy @resp
-- Sample JSON response:
-- (Sample code for parsing the JSON response is shown below)
-- {
-- "data": [
-- {
-- "cases": [
-- {
-- "condition": "<string>",
-- "name": "<string>",
-- "notifications": [
-- "<string>",
-- "<string>"
-- ],
-- "status": "medium"
-- },
-- {
-- "condition": "<string>",
-- "name": "<string>",
-- "notifications": [
-- "<string>",
-- "<string>"
-- ],
-- "status": "info"
-- }
-- ],
-- "complianceSignalOptions": {
-- "defaultActivationStatus": "<boolean>",
-- "defaultGroupByFields": [
-- "<string>",
-- "<string>"
-- ],
-- "userActivationStatus": "<boolean>",
-- "userGroupByFields": [
-- "<string>",
-- "<string>"
-- ]
-- },
-- "createdAt": "<long>",
-- "creationAuthorId": "<long>",
-- "deprecationDate": "<long>",
-- "filters": [
-- {
-- "action": "suppress",
-- "query": "<string>"
-- },
-- {
-- "action": "require",
-- "query": "<string>"
-- }
-- ],
-- "hasExtendedTitle": "<boolean>",
-- "id": "<string>",
-- "isDefault": "<boolean>",
-- "isDeleted": "<boolean>",
-- "isEnabled": "<boolean>",
-- "message": "<string>",
-- "name": "<string>",
-- "options": {
-- "complianceRuleOptions": {
-- "complexRule": "<boolean>",
-- "regoRule": {
-- "policy": "<string>",
-- "resourceTypes": [
-- "<string>",
-- "<string>"
-- ]
-- },
-- "resourceType": "<string>",
-- "sunt__": {}
-- },
-- "decreaseCriticalityBasedOnEnv": "<boolean>",
-- "detectionMethod": "threshold",
-- "evaluationWindow": 7200,
-- "hardcodedEvaluatorType": "log4shell",
-- "impossibleTravelOptions": {
-- "baselineUserLocations": "<boolean>"
-- },
-- "keepAlive": 60,
-- "maxSignalDuration": 60,
-- "newValueOptions": {
-- "forgetAfter": 14,
-- "learningDuration": 0,
-- "learningMethod": "duration",
-- "learningThreshold": 0
-- }
-- },
-- "queries": [
-- {
-- "aggregation": "geo_data",
-- "distinctFields": [
-- "<string>",
-- "<string>"
-- ],
-- "groupByFields": [
-- "<string>",
-- "<string>"
-- ],
-- "metric": "<string>",
-- "metrics": [
-- "<string>",
-- "<string>"
-- ],
-- "name": "<string>",
-- "query": "<string>"
-- },
-- {
-- "aggregation": "new_value",
-- "distinctFields": [
-- "<string>",
-- "<string>"
-- ],
-- "groupByFields": [
-- "<string>",
-- "<string>"
-- ],
-- "metric": "<string>",
-- "metrics": [
-- "<string>",
-- "<string>"
-- ],
-- "name": "<string>",
-- "query": "<string>"
-- }
-- ],
-- "tags": [
-- "<string>",
-- "<string>"
-- ],
-- "type": "log_detection",
-- "updateAuthorId": "<long>",
-- "version": "<long>"
-- },
-- {
-- "cases": [
-- {
-- "condition": "<string>",
-- "name": "<string>",
-- "notifications": [
-- "<string>",
-- "<string>"
-- ],
-- "status": "medium"
-- },
-- {
-- "condition": "<string>",
-- "name": "<string>",
-- "notifications": [
-- "<string>",
-- "<string>"
-- ],
-- "status": "critical"
-- }
-- ],
-- "complianceSignalOptions": {
-- "defaultActivationStatus": "<boolean>",
-- "defaultGroupByFields": [
-- "<string>",
-- "<string>"
-- ],
-- "userActivationStatus": "<boolean>",
-- "userGroupByFields": [
-- "<string>",
-- "<string>"
-- ]
-- },
-- "createdAt": "<long>",
-- "creationAuthorId": "<long>",
-- "deprecationDate": "<long>",
-- "filters": [
-- {
-- "action": "suppress",
-- "query": "<string>"
-- },
-- {
-- "action": "suppress",
-- "query": "<string>"
-- }
-- ],
-- "hasExtendedTitle": "<boolean>",
-- "id": "<string>",
-- "isDefault": "<boolean>",
-- "isDeleted": "<boolean>",
-- "isEnabled": "<boolean>",
-- "message": "<string>",
-- "name": "<string>",
-- "options": {
-- "complianceRuleOptions": {
-- "complexRule": "<boolean>",
-- "regoRule": {
-- "policy": "<string>",
-- "resourceTypes": [
-- "<string>",
-- "<string>"
-- ]
-- },
-- "resourceType": "<string>",
-- "mollit_4": {},
-- "culpa_2": {}
-- },
-- "decreaseCriticalityBasedOnEnv": "<boolean>",
-- "detectionMethod": "hardcoded",
-- "evaluationWindow": 300,
-- "hardcodedEvaluatorType": "log4shell",
-- "impossibleTravelOptions": {
-- "baselineUserLocations": "<boolean>"
-- },
-- "keepAlive": 21600,
-- "maxSignalDuration": 10800,
-- "newValueOptions": {
-- "forgetAfter": 2,
-- "learningDuration": 0,
-- "learningMethod": "duration",
-- "learningThreshold": 0
-- }
-- },
-- "queries": [
-- {
-- "aggregation": "new_value",
-- "distinctFields": [
-- "<string>",
-- "<string>"
-- ],
-- "groupByFields": [
-- "<string>",
-- "<string>"
-- ],
-- "metric": "<string>",
-- "metrics": [
-- "<string>",
-- "<string>"
-- ],
-- "name": "<string>",
-- "query": "<string>"
-- },
-- {
-- "aggregation": "geo_data",
-- "distinctFields": [
-- "<string>",
-- "<string>"
-- ],
-- "groupByFields": [
-- "<string>",
-- "<string>"
-- ],
-- "metric": "<string>",
-- "metrics": [
-- "<string>",
-- "<string>"
-- ],
-- "name": "<string>",
-- "query": "<string>"
-- }
-- ],
-- "tags": [
-- "<string>",
-- "<string>"
-- ],
-- "type": "infrastructure_configuration",
-- "updateAuthorId": "<long>",
-- "version": "<long>"
-- }
-- ],
-- "meta": {
-- "page": {
-- "total_count": "<long>",
-- "total_filtered_count": "<long>"
-- }
-- }
-- }
-- Sample code for parsing the JSON response...
-- Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code
DECLARE @DefaultActivationStatus nvarchar(4000)
DECLARE @UserActivationStatus nvarchar(4000)
DECLARE @createdAt nvarchar(4000)
DECLARE @creationAuthorId nvarchar(4000)
DECLARE @deprecationDate nvarchar(4000)
DECLARE @hasExtendedTitle nvarchar(4000)
DECLARE @id nvarchar(4000)
DECLARE @isDefault nvarchar(4000)
DECLARE @isDeleted nvarchar(4000)
DECLARE @isEnabled nvarchar(4000)
DECLARE @message nvarchar(4000)
DECLARE @name nvarchar(4000)
DECLARE @ComplexRule nvarchar(4000)
DECLARE @Policy nvarchar(4000)
DECLARE @ResourceType nvarchar(4000)
DECLARE @DecreaseCriticalityBasedOnEnv nvarchar(4000)
DECLARE @DetectionMethod nvarchar(4000)
DECLARE @EvaluationWindow int
DECLARE @HardcodedEvaluatorType nvarchar(4000)
DECLARE @BaselineUserLocations nvarchar(4000)
DECLARE @KeepAlive int
DECLARE @MaxSignalDuration int
DECLARE @ForgetAfter int
DECLARE @LearningDuration int
DECLARE @LearningMethod nvarchar(4000)
DECLARE @LearningThreshold int
DECLARE @v_type nvarchar(4000)
DECLARE @updateAuthorId nvarchar(4000)
DECLARE @version nvarchar(4000)
DECLARE @j int
DECLARE @count_j int
DECLARE @condition nvarchar(4000)
DECLARE @status nvarchar(4000)
DECLARE @k int
DECLARE @count_k int
DECLARE @strVal nvarchar(4000)
DECLARE @action nvarchar(4000)
DECLARE @query nvarchar(4000)
DECLARE @aggregation nvarchar(4000)
DECLARE @metric nvarchar(4000)
DECLARE @Total_count nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @Total_count OUT, 'meta.page.total_count'
DECLARE @Total_filtered_count nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @Total_filtered_count OUT, 'meta.page.total_filtered_count'
DECLARE @i int
SELECT @i = 0
DECLARE @count_i int
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_i OUT, 'data'
WHILE @i < @count_i
BEGIN
EXEC sp_OASetProperty @jResp, 'I', @i
EXEC sp_OAMethod @jResp, 'StringOf', @DefaultActivationStatus OUT, 'data[i].complianceSignalOptions.defaultActivationStatus'
EXEC sp_OAMethod @jResp, 'StringOf', @UserActivationStatus OUT, 'data[i].complianceSignalOptions.userActivationStatus'
EXEC sp_OAMethod @jResp, 'StringOf', @createdAt OUT, 'data[i].createdAt'
EXEC sp_OAMethod @jResp, 'StringOf', @creationAuthorId OUT, 'data[i].creationAuthorId'
EXEC sp_OAMethod @jResp, 'StringOf', @deprecationDate OUT, 'data[i].deprecationDate'
EXEC sp_OAMethod @jResp, 'StringOf', @hasExtendedTitle OUT, 'data[i].hasExtendedTitle'
EXEC sp_OAMethod @jResp, 'StringOf', @id OUT, 'data[i].id'
EXEC sp_OAMethod @jResp, 'StringOf', @isDefault OUT, 'data[i].isDefault'
EXEC sp_OAMethod @jResp, 'StringOf', @isDeleted OUT, 'data[i].isDeleted'
EXEC sp_OAMethod @jResp, 'StringOf', @isEnabled OUT, 'data[i].isEnabled'
EXEC sp_OAMethod @jResp, 'StringOf', @message OUT, 'data[i].message'
EXEC sp_OAMethod @jResp, 'StringOf', @name OUT, 'data[i].name'
EXEC sp_OAMethod @jResp, 'StringOf', @ComplexRule OUT, 'data[i].options.complianceRuleOptions.complexRule'
EXEC sp_OAMethod @jResp, 'StringOf', @Policy OUT, 'data[i].options.complianceRuleOptions.regoRule.policy'
EXEC sp_OAMethod @jResp, 'StringOf', @ResourceType OUT, 'data[i].options.complianceRuleOptions.resourceType'
EXEC sp_OAMethod @jResp, 'StringOf', @DecreaseCriticalityBasedOnEnv OUT, 'data[i].options.decreaseCriticalityBasedOnEnv'
EXEC sp_OAMethod @jResp, 'StringOf', @DetectionMethod OUT, 'data[i].options.detectionMethod'
EXEC sp_OAMethod @jResp, 'IntOf', @EvaluationWindow OUT, 'data[i].options.evaluationWindow'
EXEC sp_OAMethod @jResp, 'StringOf', @HardcodedEvaluatorType OUT, 'data[i].options.hardcodedEvaluatorType'
EXEC sp_OAMethod @jResp, 'StringOf', @BaselineUserLocations OUT, 'data[i].options.impossibleTravelOptions.baselineUserLocations'
EXEC sp_OAMethod @jResp, 'IntOf', @KeepAlive OUT, 'data[i].options.keepAlive'
EXEC sp_OAMethod @jResp, 'IntOf', @MaxSignalDuration OUT, 'data[i].options.maxSignalDuration'
EXEC sp_OAMethod @jResp, 'IntOf', @ForgetAfter OUT, 'data[i].options.newValueOptions.forgetAfter'
EXEC sp_OAMethod @jResp, 'IntOf', @LearningDuration OUT, 'data[i].options.newValueOptions.learningDuration'
EXEC sp_OAMethod @jResp, 'StringOf', @LearningMethod OUT, 'data[i].options.newValueOptions.learningMethod'
EXEC sp_OAMethod @jResp, 'IntOf', @LearningThreshold OUT, 'data[i].options.newValueOptions.learningThreshold'
EXEC sp_OAMethod @jResp, 'StringOf', @v_type OUT, 'data[i].type'
EXEC sp_OAMethod @jResp, 'StringOf', @updateAuthorId OUT, 'data[i].updateAuthorId'
EXEC sp_OAMethod @jResp, 'StringOf', @version OUT, 'data[i].version'
SELECT @j = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_j OUT, 'data[i].cases'
WHILE @j < @count_j
BEGIN
EXEC sp_OASetProperty @jResp, 'J', @j
EXEC sp_OAMethod @jResp, 'StringOf', @condition OUT, 'data[i].cases[j].condition'
EXEC sp_OAMethod @jResp, 'StringOf', @name OUT, 'data[i].cases[j].name'
EXEC sp_OAMethod @jResp, 'StringOf', @status OUT, 'data[i].cases[j].status'
SELECT @k = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_k OUT, 'data[i].cases[j].notifications'
WHILE @k < @count_k
BEGIN
EXEC sp_OASetProperty @jResp, 'K', @k
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'data[i].cases[j].notifications[k]'
SELECT @k = @k + 1
END
SELECT @j = @j + 1
END
SELECT @j = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_j OUT, 'data[i].complianceSignalOptions.defaultGroupByFields'
WHILE @j < @count_j
BEGIN
EXEC sp_OASetProperty @jResp, 'J', @j
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'data[i].complianceSignalOptions.defaultGroupByFields[j]'
SELECT @j = @j + 1
END
SELECT @j = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_j OUT, 'data[i].complianceSignalOptions.userGroupByFields'
WHILE @j < @count_j
BEGIN
EXEC sp_OASetProperty @jResp, 'J', @j
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'data[i].complianceSignalOptions.userGroupByFields[j]'
SELECT @j = @j + 1
END
SELECT @j = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_j OUT, 'data[i].filters'
WHILE @j < @count_j
BEGIN
EXEC sp_OASetProperty @jResp, 'J', @j
EXEC sp_OAMethod @jResp, 'StringOf', @action OUT, 'data[i].filters[j].action'
EXEC sp_OAMethod @jResp, 'StringOf', @query OUT, 'data[i].filters[j].query'
SELECT @j = @j + 1
END
SELECT @j = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_j OUT, 'data[i].options.complianceRuleOptions.regoRule.resourceTypes'
WHILE @j < @count_j
BEGIN
EXEC sp_OASetProperty @jResp, 'J', @j
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'data[i].options.complianceRuleOptions.regoRule.resourceTypes[j]'
SELECT @j = @j + 1
END
SELECT @j = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_j OUT, 'data[i].queries'
WHILE @j < @count_j
BEGIN
EXEC sp_OASetProperty @jResp, 'J', @j
EXEC sp_OAMethod @jResp, 'StringOf', @aggregation OUT, 'data[i].queries[j].aggregation'
EXEC sp_OAMethod @jResp, 'StringOf', @metric OUT, 'data[i].queries[j].metric'
EXEC sp_OAMethod @jResp, 'StringOf', @name OUT, 'data[i].queries[j].name'
EXEC sp_OAMethod @jResp, 'StringOf', @query OUT, 'data[i].queries[j].query'
SELECT @k = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_k OUT, 'data[i].queries[j].distinctFields'
WHILE @k < @count_k
BEGIN
EXEC sp_OASetProperty @jResp, 'K', @k
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'data[i].queries[j].distinctFields[k]'
SELECT @k = @k + 1
END
SELECT @k = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_k OUT, 'data[i].queries[j].groupByFields'
WHILE @k < @count_k
BEGIN
EXEC sp_OASetProperty @jResp, 'K', @k
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'data[i].queries[j].groupByFields[k]'
SELECT @k = @k + 1
END
SELECT @k = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_k OUT, 'data[i].queries[j].metrics'
WHILE @k < @count_k
BEGIN
EXEC sp_OASetProperty @jResp, 'K', @k
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'data[i].queries[j].metrics[k]'
SELECT @k = @k + 1
END
SELECT @j = @j + 1
END
SELECT @j = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_j OUT, 'data[i].tags'
WHILE @j < @count_j
BEGIN
EXEC sp_OASetProperty @jResp, 'J', @j
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'data[i].tags[j]'
SELECT @j = @j + 1
END
SELECT @i = @i + 1
END
EXEC @hr = sp_OADestroy @http
EXEC @hr = sp_OADestroy @queryParams
EXEC @hr = sp_OADestroy @sbResponseBody
EXEC @hr = sp_OADestroy @jResp
END
GO
Curl Command
curl -G -d "page[size]=10"
-d "page[number]=0"
-H "Accept: application/json"
https://api.app.ddog-gov.com/api/v2/security_monitoring/rules
Postman Collection Item JSON
{
"name": "List rules",
"request": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules?page[size]=10&page[number]=0",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules"
],
"query": [
{
"key": "page[size]",
"value": "10",
"description": "Size for a given page. The maximum allowed value is 100."
},
{
"key": "page[number]",
"value": "0",
"description": "Specific page number to return."
}
]
},
"description": "List rules."
},
"response": [
{
"name": "OK",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules?page[size]=10&page[number]=0",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules"
],
"query": [
{
"key": "page[size]",
"value": "10",
"description": "Size for a given page. The maximum allowed value is 100."
},
{
"key": "page[number]",
"value": "0",
"description": "Specific page number to return."
}
]
}
},
"status": "OK",
"code": 200,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"data\": [\n {\n \"cases\": [\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"medium\"\n },\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"info\"\n }\n ],\n \"complianceSignalOptions\": {\n \"defaultActivationStatus\": \"<boolean>\",\n \"defaultGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"userActivationStatus\": \"<boolean>\",\n \"userGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"createdAt\": \"<long>\",\n \"creationAuthorId\": \"<long>\",\n \"deprecationDate\": \"<long>\",\n \"filters\": [\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n },\n {\n \"action\": \"require\",\n \"query\": \"<string>\"\n }\n ],\n \"hasExtendedTitle\": \"<boolean>\",\n \"id\": \"<string>\",\n \"isDefault\": \"<boolean>\",\n \"isDeleted\": \"<boolean>\",\n \"isEnabled\": \"<boolean>\",\n \"message\": \"<string>\",\n \"name\": \"<string>\",\n \"options\": {\n \"complianceRuleOptions\": {\n \"complexRule\": \"<boolean>\",\n \"regoRule\": {\n \"policy\": \"<string>\",\n \"resourceTypes\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"resourceType\": \"<string>\",\n \"sunt__\": {}\n },\n \"decreaseCriticalityBasedOnEnv\": \"<boolean>\",\n \"detectionMethod\": \"threshold\",\n \"evaluationWindow\": 7200,\n \"hardcodedEvaluatorType\": \"log4shell\",\n \"impossibleTravelOptions\": {\n \"baselineUserLocations\": \"<boolean>\"\n },\n \"keepAlive\": 60,\n \"maxSignalDuration\": 60,\n \"newValueOptions\": {\n \"forgetAfter\": 14,\n \"learningDuration\": 0,\n \"learningMethod\": \"duration\",\n \"learningThreshold\": 0\n }\n },\n \"queries\": [\n {\n \"aggregation\": \"geo_data\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"aggregation\": \"new_value\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"tags\": [\n \"<string>\",\n \"<string>\"\n ],\n \"type\": \"log_detection\",\n \"updateAuthorId\": \"<long>\",\n \"version\": \"<long>\"\n },\n {\n \"cases\": [\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"medium\"\n },\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"critical\"\n }\n ],\n \"complianceSignalOptions\": {\n \"defaultActivationStatus\": \"<boolean>\",\n \"defaultGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"userActivationStatus\": \"<boolean>\",\n \"userGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"createdAt\": \"<long>\",\n \"creationAuthorId\": \"<long>\",\n \"deprecationDate\": \"<long>\",\n \"filters\": [\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n },\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n }\n ],\n \"hasExtendedTitle\": \"<boolean>\",\n \"id\": \"<string>\",\n \"isDefault\": \"<boolean>\",\n \"isDeleted\": \"<boolean>\",\n \"isEnabled\": \"<boolean>\",\n \"message\": \"<string>\",\n \"name\": \"<string>\",\n \"options\": {\n \"complianceRuleOptions\": {\n \"complexRule\": \"<boolean>\",\n \"regoRule\": {\n \"policy\": \"<string>\",\n \"resourceTypes\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"resourceType\": \"<string>\",\n \"mollit_4\": {},\n \"culpa_2\": {}\n },\n \"decreaseCriticalityBasedOnEnv\": \"<boolean>\",\n \"detectionMethod\": \"hardcoded\",\n \"evaluationWindow\": 300,\n \"hardcodedEvaluatorType\": \"log4shell\",\n \"impossibleTravelOptions\": {\n \"baselineUserLocations\": \"<boolean>\"\n },\n \"keepAlive\": 21600,\n \"maxSignalDuration\": 10800,\n \"newValueOptions\": {\n \"forgetAfter\": 2,\n \"learningDuration\": 0,\n \"learningMethod\": \"duration\",\n \"learningThreshold\": 0\n }\n },\n \"queries\": [\n {\n \"aggregation\": \"new_value\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"aggregation\": \"geo_data\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"tags\": [\n \"<string>\",\n \"<string>\"\n ],\n \"type\": \"infrastructure_configuration\",\n \"updateAuthorId\": \"<long>\",\n \"version\": \"<long>\"\n }\n ],\n \"meta\": {\n \"page\": {\n \"total_count\": \"<long>\",\n \"total_filtered_count\": \"<long>\"\n }\n }\n}"
},
{
"name": "Bad Request",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules?page[size]=10&page[number]=0",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules"
],
"query": [
{
"key": "page[size]",
"value": "10",
"description": "Size for a given page. The maximum allowed value is 100."
},
{
"key": "page[number]",
"value": "0",
"description": "Specific page number to return."
}
]
}
},
"status": "Bad Request",
"code": 400,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Too many requests",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules?page[size]=10&page[number]=0",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules"
],
"query": [
{
"key": "page[size]",
"value": "10",
"description": "Size for a given page. The maximum allowed value is 100."
},
{
"key": "page[number]",
"value": "0",
"description": "Specific page number to return."
}
]
}
},
"status": "Too Many Requests",
"code": 429,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
}
]
}
