Back to Collection Items
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
DECLARE @hr int
DECLARE @iTmp0 int
-- Important: Do not use nvarchar(max). See the warning about using nvarchar(max).
DECLARE @sTmp0 nvarchar(4000)
-- This example assumes the Chilkat API to have been previously unlocked.
-- See Global Unlock Sample for sample code.
DECLARE @http int
EXEC @hr = sp_OACreate 'Chilkat_9_5_0.Http', @http OUT
IF @hr <> 0
BEGIN
PRINT 'Failed to create ActiveX component'
RETURN
END
DECLARE @success int
-- Use this online tool to generate code from sample JSON: Generate Code to Create JSON
-- The following JSON is sent in the request body.
-- {
-- "cases": [
-- {
-- "condition": "<string>",
-- "name": "<string>",
-- "notifications": [
-- "<string>",
-- "<string>"
-- ],
-- "status": "critical"
-- },
-- {
-- "condition": "<string>",
-- "name": "<string>",
-- "notifications": [
-- "<string>",
-- "<string>"
-- ],
-- "status": "critical"
-- }
-- ],
-- "complianceSignalOptions": {
-- "defaultActivationStatus": "<boolean>",
-- "defaultGroupByFields": [
-- "<string>",
-- "<string>"
-- ],
-- "userActivationStatus": "<boolean>",
-- "userGroupByFields": [
-- "<string>",
-- "<string>"
-- ]
-- },
-- "filters": [
-- {
-- "action": "suppress",
-- "query": "<string>"
-- },
-- {
-- "action": "suppress",
-- "query": "<string>"
-- }
-- ],
-- "hasExtendedTitle": "<boolean>",
-- "isEnabled": "<boolean>",
-- "message": "<string>",
-- "name": "<string>",
-- "options": {
-- "complianceRuleOptions": {
-- "complexRule": "<boolean>",
-- "regoRule": {
-- "policy": "<string>",
-- "resourceTypes": [
-- "<string>",
-- "<string>"
-- ]
-- },
-- "resourceType": "<string>",
-- "nisic3": {}
-- },
-- "decreaseCriticalityBasedOnEnv": "<boolean>",
-- "detectionMethod": "third_party",
-- "evaluationWindow": 3600,
-- "hardcodedEvaluatorType": "log4shell",
-- "impossibleTravelOptions": {
-- "baselineUserLocations": "<boolean>"
-- },
-- "keepAlive": 10800,
-- "maxSignalDuration": 21600,
-- "newValueOptions": {
-- "forgetAfter": 28,
-- "learningDuration": 0,
-- "learningMethod": "duration",
-- "learningThreshold": 0
-- }
-- },
-- "queries": [
-- {
-- "aggregation": "max",
-- "distinctFields": [
-- "<string>",
-- "<string>"
-- ],
-- "groupByFields": [
-- "<string>",
-- "<string>"
-- ],
-- "metric": "<string>",
-- "metrics": [
-- "<string>",
-- "<string>"
-- ],
-- "name": "<string>",
-- "query": "<string>"
-- },
-- {
-- "aggregation": "geo_data",
-- "distinctFields": [
-- "<string>",
-- "<string>"
-- ],
-- "groupByFields": [
-- "<string>",
-- "<string>"
-- ],
-- "metric": "<string>",
-- "metrics": [
-- "<string>",
-- "<string>"
-- ],
-- "name": "<string>",
-- "query": "<string>"
-- }
-- ],
-- "tags": [
-- "<string>",
-- "<string>"
-- ],
-- "version": "<integer>"
-- }
DECLARE @json int
EXEC @hr = sp_OACreate 'Chilkat_9_5_0.JsonObject', @json OUT
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'cases[0].condition', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'cases[0].name', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'cases[0].notifications[0]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'cases[0].notifications[1]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'cases[0].status', 'critical'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'cases[1].condition', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'cases[1].name', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'cases[1].notifications[0]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'cases[1].notifications[1]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'cases[1].status', 'critical'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'complianceSignalOptions.defaultActivationStatus', '<boolean>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'complianceSignalOptions.defaultGroupByFields[0]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'complianceSignalOptions.defaultGroupByFields[1]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'complianceSignalOptions.userActivationStatus', '<boolean>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'complianceSignalOptions.userGroupByFields[0]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'complianceSignalOptions.userGroupByFields[1]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'filters[0].action', 'suppress'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'filters[0].query', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'filters[1].action', 'suppress'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'filters[1].query', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'hasExtendedTitle', '<boolean>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'isEnabled', '<boolean>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'message', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'name', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'options.complianceRuleOptions.complexRule', '<boolean>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'options.complianceRuleOptions.regoRule.policy', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'options.complianceRuleOptions.regoRule.resourceTypes[0]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'options.complianceRuleOptions.regoRule.resourceTypes[1]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'options.complianceRuleOptions.resourceType', '<string>'
EXEC sp_OAMethod @json, 'UpdateNewObject', @success OUT, 'options.complianceRuleOptions.nisic3'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'options.decreaseCriticalityBasedOnEnv', '<boolean>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'options.detectionMethod', 'third_party'
EXEC sp_OAMethod @json, 'UpdateInt', @success OUT, 'options.evaluationWindow', 3600
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'options.hardcodedEvaluatorType', 'log4shell'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'options.impossibleTravelOptions.baselineUserLocations', '<boolean>'
EXEC sp_OAMethod @json, 'UpdateInt', @success OUT, 'options.keepAlive', 10800
EXEC sp_OAMethod @json, 'UpdateInt', @success OUT, 'options.maxSignalDuration', 21600
EXEC sp_OAMethod @json, 'UpdateInt', @success OUT, 'options.newValueOptions.forgetAfter', 28
EXEC sp_OAMethod @json, 'UpdateInt', @success OUT, 'options.newValueOptions.learningDuration', 0
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'options.newValueOptions.learningMethod', 'duration'
EXEC sp_OAMethod @json, 'UpdateInt', @success OUT, 'options.newValueOptions.learningThreshold', 0
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'queries[0].aggregation', 'max'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'queries[0].distinctFields[0]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'queries[0].distinctFields[1]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'queries[0].groupByFields[0]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'queries[0].groupByFields[1]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'queries[0].metric', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'queries[0].metrics[0]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'queries[0].metrics[1]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'queries[0].name', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'queries[0].query', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'queries[1].aggregation', 'geo_data'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'queries[1].distinctFields[0]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'queries[1].distinctFields[1]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'queries[1].groupByFields[0]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'queries[1].groupByFields[1]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'queries[1].metric', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'queries[1].metrics[0]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'queries[1].metrics[1]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'queries[1].name', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'queries[1].query', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'tags[0]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'tags[1]', '<string>'
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'version', '<integer>'
EXEC sp_OAMethod @http, 'SetRequestHeader', NULL, 'Content-Type', 'application/json'
EXEC sp_OAMethod @http, 'SetRequestHeader', NULL, 'Accept', 'application/json'
DECLARE @sbRequestBody int
EXEC @hr = sp_OACreate 'Chilkat_9_5_0.StringBuilder', @sbRequestBody OUT
EXEC sp_OAMethod @json, 'EmitSb', @success OUT, @sbRequestBody
DECLARE @resp int
EXEC sp_OAMethod @http, 'PTextSb', @resp OUT, 'PUT', 'https://api.app.ddog-gov.com/api/v2/security_monitoring/rules/:rule_id', @sbRequestBody, 'utf-8', 'application/json', 0, 0
EXEC sp_OAGetProperty @http, 'LastMethodSuccess', @iTmp0 OUT
IF @iTmp0 = 0
BEGIN
EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @http
EXEC @hr = sp_OADestroy @json
EXEC @hr = sp_OADestroy @sbRequestBody
RETURN
END
DECLARE @sbResponseBody int
EXEC @hr = sp_OACreate 'Chilkat_9_5_0.StringBuilder', @sbResponseBody OUT
EXEC sp_OAMethod @resp, 'GetBodySb', @success OUT, @sbResponseBody
DECLARE @jResp int
EXEC @hr = sp_OACreate 'Chilkat_9_5_0.JsonObject', @jResp OUT
EXEC sp_OAMethod @jResp, 'LoadSb', @success OUT, @sbResponseBody
EXEC sp_OASetProperty @jResp, 'EmitCompact', 0
PRINT 'Response Body:'
EXEC sp_OAMethod @jResp, 'Emit', @sTmp0 OUT
PRINT @sTmp0
DECLARE @respStatusCode int
EXEC sp_OAGetProperty @resp, 'StatusCode', @respStatusCode OUT
PRINT 'Response Status Code = ' + @respStatusCode
IF @respStatusCode >= 400
BEGIN
PRINT 'Response Header:'
EXEC sp_OAGetProperty @resp, 'Header', @sTmp0 OUT
PRINT @sTmp0
PRINT 'Failed.'
EXEC @hr = sp_OADestroy @resp
EXEC @hr = sp_OADestroy @http
EXEC @hr = sp_OADestroy @json
EXEC @hr = sp_OADestroy @sbRequestBody
EXEC @hr = sp_OADestroy @sbResponseBody
EXEC @hr = sp_OADestroy @jResp
RETURN
END
EXEC @hr = sp_OADestroy @resp
-- Sample JSON response:
-- (Sample code for parsing the JSON response is shown below)
-- {
-- "cases": [
-- {
-- "condition": "<string>",
-- "name": "<string>",
-- "notifications": [
-- "<string>",
-- "<string>"
-- ],
-- "status": "medium"
-- },
-- {
-- "condition": "<string>",
-- "name": "<string>",
-- "notifications": [
-- "<string>",
-- "<string>"
-- ],
-- "status": "critical"
-- }
-- ],
-- "complianceSignalOptions": {
-- "defaultActivationStatus": "<boolean>",
-- "defaultGroupByFields": [
-- "<string>",
-- "<string>"
-- ],
-- "userActivationStatus": "<boolean>",
-- "userGroupByFields": [
-- "<string>",
-- "<string>"
-- ]
-- },
-- "createdAt": "<long>",
-- "creationAuthorId": "<long>",
-- "deprecationDate": "<long>",
-- "filters": [
-- {
-- "action": "suppress",
-- "query": "<string>"
-- },
-- {
-- "action": "require",
-- "query": "<string>"
-- }
-- ],
-- "hasExtendedTitle": "<boolean>",
-- "id": "<string>",
-- "isDefault": "<boolean>",
-- "isDeleted": "<boolean>",
-- "isEnabled": "<boolean>",
-- "message": "<string>",
-- "name": "<string>",
-- "options": {
-- "complianceRuleOptions": {
-- "complexRule": "<boolean>",
-- "regoRule": {
-- "policy": "<string>",
-- "resourceTypes": [
-- "<string>",
-- "<string>"
-- ]
-- },
-- "resourceType": "<string>"
-- },
-- "decreaseCriticalityBasedOnEnv": "<boolean>",
-- "detectionMethod": "third_party",
-- "evaluationWindow": 300,
-- "hardcodedEvaluatorType": "log4shell",
-- "impossibleTravelOptions": {
-- "baselineUserLocations": "<boolean>"
-- },
-- "keepAlive": 300,
-- "maxSignalDuration": 900,
-- "newValueOptions": {
-- "forgetAfter": 28,
-- "learningDuration": 0,
-- "learningMethod": "duration",
-- "learningThreshold": 0
-- }
-- },
-- "queries": [
-- {
-- "aggregation": "max",
-- "distinctFields": [
-- "<string>",
-- "<string>"
-- ],
-- "groupByFields": [
-- "<string>",
-- "<string>"
-- ],
-- "metric": "<string>",
-- "metrics": [
-- "<string>",
-- "<string>"
-- ],
-- "name": "<string>",
-- "query": "<string>"
-- },
-- {
-- "aggregation": "max",
-- "distinctFields": [
-- "<string>",
-- "<string>"
-- ],
-- "groupByFields": [
-- "<string>",
-- "<string>"
-- ],
-- "metric": "<string>",
-- "metrics": [
-- "<string>",
-- "<string>"
-- ],
-- "name": "<string>",
-- "query": "<string>"
-- }
-- ],
-- "tags": [
-- "<string>",
-- "<string>"
-- ],
-- "type": "application_security",
-- "updateAuthorId": "<long>",
-- "version": "<long>"
-- }
-- Sample code for parsing the JSON response...
-- Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code
DECLARE @condition nvarchar(4000)
DECLARE @status nvarchar(4000)
DECLARE @j int
DECLARE @count_j int
DECLARE @strVal nvarchar(4000)
DECLARE @action nvarchar(4000)
DECLARE @query nvarchar(4000)
DECLARE @aggregation nvarchar(4000)
DECLARE @metric nvarchar(4000)
DECLARE @DefaultActivationStatus nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @DefaultActivationStatus OUT, 'complianceSignalOptions.defaultActivationStatus'
DECLARE @UserActivationStatus nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @UserActivationStatus OUT, 'complianceSignalOptions.userActivationStatus'
DECLARE @createdAt nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @createdAt OUT, 'createdAt'
DECLARE @creationAuthorId nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @creationAuthorId OUT, 'creationAuthorId'
DECLARE @deprecationDate nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @deprecationDate OUT, 'deprecationDate'
DECLARE @hasExtendedTitle nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @hasExtendedTitle OUT, 'hasExtendedTitle'
DECLARE @id nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @id OUT, 'id'
DECLARE @isDefault nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @isDefault OUT, 'isDefault'
DECLARE @isDeleted nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @isDeleted OUT, 'isDeleted'
DECLARE @isEnabled nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @isEnabled OUT, 'isEnabled'
DECLARE @message nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @message OUT, 'message'
DECLARE @name nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @name OUT, 'name'
DECLARE @ComplexRule nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @ComplexRule OUT, 'options.complianceRuleOptions.complexRule'
DECLARE @Policy nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @Policy OUT, 'options.complianceRuleOptions.regoRule.policy'
DECLARE @ResourceType nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @ResourceType OUT, 'options.complianceRuleOptions.resourceType'
DECLARE @DecreaseCriticalityBasedOnEnv nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @DecreaseCriticalityBasedOnEnv OUT, 'options.decreaseCriticalityBasedOnEnv'
DECLARE @DetectionMethod nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @DetectionMethod OUT, 'options.detectionMethod'
DECLARE @EvaluationWindow int
EXEC sp_OAMethod @jResp, 'IntOf', @EvaluationWindow OUT, 'options.evaluationWindow'
DECLARE @HardcodedEvaluatorType nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @HardcodedEvaluatorType OUT, 'options.hardcodedEvaluatorType'
DECLARE @BaselineUserLocations nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @BaselineUserLocations OUT, 'options.impossibleTravelOptions.baselineUserLocations'
DECLARE @KeepAlive int
EXEC sp_OAMethod @jResp, 'IntOf', @KeepAlive OUT, 'options.keepAlive'
DECLARE @MaxSignalDuration int
EXEC sp_OAMethod @jResp, 'IntOf', @MaxSignalDuration OUT, 'options.maxSignalDuration'
DECLARE @ForgetAfter int
EXEC sp_OAMethod @jResp, 'IntOf', @ForgetAfter OUT, 'options.newValueOptions.forgetAfter'
DECLARE @LearningDuration int
EXEC sp_OAMethod @jResp, 'IntOf', @LearningDuration OUT, 'options.newValueOptions.learningDuration'
DECLARE @LearningMethod nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @LearningMethod OUT, 'options.newValueOptions.learningMethod'
DECLARE @LearningThreshold int
EXEC sp_OAMethod @jResp, 'IntOf', @LearningThreshold OUT, 'options.newValueOptions.learningThreshold'
DECLARE @v_type nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @v_type OUT, 'type'
DECLARE @updateAuthorId nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @updateAuthorId OUT, 'updateAuthorId'
DECLARE @version nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @version OUT, 'version'
DECLARE @i int
SELECT @i = 0
DECLARE @count_i int
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_i OUT, 'cases'
WHILE @i < @count_i
BEGIN
EXEC sp_OASetProperty @jResp, 'I', @i
EXEC sp_OAMethod @jResp, 'StringOf', @condition OUT, 'cases[i].condition'
EXEC sp_OAMethod @jResp, 'StringOf', @name OUT, 'cases[i].name'
EXEC sp_OAMethod @jResp, 'StringOf', @status OUT, 'cases[i].status'
SELECT @j = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_j OUT, 'cases[i].notifications'
WHILE @j < @count_j
BEGIN
EXEC sp_OASetProperty @jResp, 'J', @j
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'cases[i].notifications[j]'
SELECT @j = @j + 1
END
SELECT @i = @i + 1
END
SELECT @i = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_i OUT, 'complianceSignalOptions.defaultGroupByFields'
WHILE @i < @count_i
BEGIN
EXEC sp_OASetProperty @jResp, 'I', @i
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'complianceSignalOptions.defaultGroupByFields[i]'
SELECT @i = @i + 1
END
SELECT @i = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_i OUT, 'complianceSignalOptions.userGroupByFields'
WHILE @i < @count_i
BEGIN
EXEC sp_OASetProperty @jResp, 'I', @i
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'complianceSignalOptions.userGroupByFields[i]'
SELECT @i = @i + 1
END
SELECT @i = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_i OUT, 'filters'
WHILE @i < @count_i
BEGIN
EXEC sp_OASetProperty @jResp, 'I', @i
EXEC sp_OAMethod @jResp, 'StringOf', @action OUT, 'filters[i].action'
EXEC sp_OAMethod @jResp, 'StringOf', @query OUT, 'filters[i].query'
SELECT @i = @i + 1
END
SELECT @i = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_i OUT, 'options.complianceRuleOptions.regoRule.resourceTypes'
WHILE @i < @count_i
BEGIN
EXEC sp_OASetProperty @jResp, 'I', @i
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'options.complianceRuleOptions.regoRule.resourceTypes[i]'
SELECT @i = @i + 1
END
SELECT @i = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_i OUT, 'queries'
WHILE @i < @count_i
BEGIN
EXEC sp_OASetProperty @jResp, 'I', @i
EXEC sp_OAMethod @jResp, 'StringOf', @aggregation OUT, 'queries[i].aggregation'
EXEC sp_OAMethod @jResp, 'StringOf', @metric OUT, 'queries[i].metric'
EXEC sp_OAMethod @jResp, 'StringOf', @name OUT, 'queries[i].name'
EXEC sp_OAMethod @jResp, 'StringOf', @query OUT, 'queries[i].query'
SELECT @j = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_j OUT, 'queries[i].distinctFields'
WHILE @j < @count_j
BEGIN
EXEC sp_OASetProperty @jResp, 'J', @j
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'queries[i].distinctFields[j]'
SELECT @j = @j + 1
END
SELECT @j = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_j OUT, 'queries[i].groupByFields'
WHILE @j < @count_j
BEGIN
EXEC sp_OASetProperty @jResp, 'J', @j
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'queries[i].groupByFields[j]'
SELECT @j = @j + 1
END
SELECT @j = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_j OUT, 'queries[i].metrics'
WHILE @j < @count_j
BEGIN
EXEC sp_OASetProperty @jResp, 'J', @j
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'queries[i].metrics[j]'
SELECT @j = @j + 1
END
SELECT @i = @i + 1
END
SELECT @i = 0
EXEC sp_OAMethod @jResp, 'SizeOfArray', @count_i OUT, 'tags'
WHILE @i < @count_i
BEGIN
EXEC sp_OASetProperty @jResp, 'I', @i
EXEC sp_OAMethod @jResp, 'StringOf', @strVal OUT, 'tags[i]'
SELECT @i = @i + 1
END
EXEC @hr = sp_OADestroy @http
EXEC @hr = sp_OADestroy @json
EXEC @hr = sp_OADestroy @sbRequestBody
EXEC @hr = sp_OADestroy @sbResponseBody
EXEC @hr = sp_OADestroy @jResp
END
GO
Curl Command
curl -X PUT
-H "Content-Type: application/json"
-H "Accept: application/json"
-d '{
"cases": [
{
"condition": "<string>",
"name": "<string>",
"notifications": [
"<string>",
"<string>"
],
"status": "critical"
},
{
"condition": "<string>",
"name": "<string>",
"notifications": [
"<string>",
"<string>"
],
"status": "critical"
}
],
"complianceSignalOptions": {
"defaultActivationStatus": "<boolean>",
"defaultGroupByFields": [
"<string>",
"<string>"
],
"userActivationStatus": "<boolean>",
"userGroupByFields": [
"<string>",
"<string>"
]
},
"filters": [
{
"action": "suppress",
"query": "<string>"
},
{
"action": "suppress",
"query": "<string>"
}
],
"hasExtendedTitle": "<boolean>",
"isEnabled": "<boolean>",
"message": "<string>",
"name": "<string>",
"options": {
"complianceRuleOptions": {
"complexRule": "<boolean>",
"regoRule": {
"policy": "<string>",
"resourceTypes": [
"<string>",
"<string>"
]
},
"resourceType": "<string>",
"nisic3": {}
},
"decreaseCriticalityBasedOnEnv": "<boolean>",
"detectionMethod": "third_party",
"evaluationWindow": 3600,
"hardcodedEvaluatorType": "log4shell",
"impossibleTravelOptions": {
"baselineUserLocations": "<boolean>"
},
"keepAlive": 10800,
"maxSignalDuration": 21600,
"newValueOptions": {
"forgetAfter": 28,
"learningDuration": 0,
"learningMethod": "duration",
"learningThreshold": 0
}
},
"queries": [
{
"aggregation": "max",
"distinctFields": [
"<string>",
"<string>"
],
"groupByFields": [
"<string>",
"<string>"
],
"metric": "<string>",
"metrics": [
"<string>",
"<string>"
],
"name": "<string>",
"query": "<string>"
},
{
"aggregation": "geo_data",
"distinctFields": [
"<string>",
"<string>"
],
"groupByFields": [
"<string>",
"<string>"
],
"metric": "<string>",
"metrics": [
"<string>",
"<string>"
],
"name": "<string>",
"query": "<string>"
}
],
"tags": [
"<string>",
"<string>"
],
"version": "<integer>"
}'
https://api.app.ddog-gov.com/api/v2/security_monitoring/rules/:rule_id
Postman Collection Item JSON
{
"name": "Update an existing rule",
"request": {
"method": "PUT",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"cases\": [\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"critical\"\n },\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"critical\"\n }\n ],\n \"complianceSignalOptions\": {\n \"defaultActivationStatus\": \"<boolean>\",\n \"defaultGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"userActivationStatus\": \"<boolean>\",\n \"userGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"filters\": [\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n },\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n }\n ],\n \"hasExtendedTitle\": \"<boolean>\",\n \"isEnabled\": \"<boolean>\",\n \"message\": \"<string>\",\n \"name\": \"<string>\",\n \"options\": {\n \"complianceRuleOptions\": {\n \"complexRule\": \"<boolean>\",\n \"regoRule\": {\n \"policy\": \"<string>\",\n \"resourceTypes\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"resourceType\": \"<string>\",\n \"nisic3\": {}\n },\n \"decreaseCriticalityBasedOnEnv\": \"<boolean>\",\n \"detectionMethod\": \"third_party\",\n \"evaluationWindow\": 3600,\n \"hardcodedEvaluatorType\": \"log4shell\",\n \"impossibleTravelOptions\": {\n \"baselineUserLocations\": \"<boolean>\"\n },\n \"keepAlive\": 10800,\n \"maxSignalDuration\": 21600,\n \"newValueOptions\": {\n \"forgetAfter\": 28,\n \"learningDuration\": 0,\n \"learningMethod\": \"duration\",\n \"learningThreshold\": 0\n }\n },\n \"queries\": [\n {\n \"aggregation\": \"max\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"aggregation\": \"geo_data\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"tags\": [\n \"<string>\",\n \"<string>\"\n ],\n \"version\": \"<integer>\"\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules",
":rule_id"
],
"variable": [
{
"key": "rule_id",
"value": "<string>"
}
]
},
"description": "Update an existing rule. When updating `cases`, `queries` or `options`, the whole field\nmust be included. For example, when modifying a query all queries must be included.\nDefault rules can only be updated to be enabled and to change notifications."
},
"response": [
{
"name": "OK",
"originalRequest": {
"method": "PUT",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"cases\": [\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"critical\"\n },\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"critical\"\n }\n ],\n \"complianceSignalOptions\": {\n \"defaultActivationStatus\": \"<boolean>\",\n \"defaultGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"userActivationStatus\": \"<boolean>\",\n \"userGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"filters\": [\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n },\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n }\n ],\n \"hasExtendedTitle\": \"<boolean>\",\n \"isEnabled\": \"<boolean>\",\n \"message\": \"<string>\",\n \"name\": \"<string>\",\n \"options\": {\n \"complianceRuleOptions\": {\n \"complexRule\": \"<boolean>\",\n \"regoRule\": {\n \"policy\": \"<string>\",\n \"resourceTypes\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"resourceType\": \"<string>\",\n \"nisic3\": {}\n },\n \"decreaseCriticalityBasedOnEnv\": \"<boolean>\",\n \"detectionMethod\": \"third_party\",\n \"evaluationWindow\": 3600,\n \"hardcodedEvaluatorType\": \"log4shell\",\n \"impossibleTravelOptions\": {\n \"baselineUserLocations\": \"<boolean>\"\n },\n \"keepAlive\": 10800,\n \"maxSignalDuration\": 21600,\n \"newValueOptions\": {\n \"forgetAfter\": 28,\n \"learningDuration\": 0,\n \"learningMethod\": \"duration\",\n \"learningThreshold\": 0\n }\n },\n \"queries\": [\n {\n \"aggregation\": \"max\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"aggregation\": \"geo_data\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"tags\": [\n \"<string>\",\n \"<string>\"\n ],\n \"version\": \"<integer>\"\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules",
":rule_id"
],
"variable": [
{
"key": "rule_id"
}
]
}
},
"status": "OK",
"code": 200,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"cases\": [\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"medium\"\n },\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"critical\"\n }\n ],\n \"complianceSignalOptions\": {\n \"defaultActivationStatus\": \"<boolean>\",\n \"defaultGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"userActivationStatus\": \"<boolean>\",\n \"userGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"createdAt\": \"<long>\",\n \"creationAuthorId\": \"<long>\",\n \"deprecationDate\": \"<long>\",\n \"filters\": [\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n },\n {\n \"action\": \"require\",\n \"query\": \"<string>\"\n }\n ],\n \"hasExtendedTitle\": \"<boolean>\",\n \"id\": \"<string>\",\n \"isDefault\": \"<boolean>\",\n \"isDeleted\": \"<boolean>\",\n \"isEnabled\": \"<boolean>\",\n \"message\": \"<string>\",\n \"name\": \"<string>\",\n \"options\": {\n \"complianceRuleOptions\": {\n \"complexRule\": \"<boolean>\",\n \"regoRule\": {\n \"policy\": \"<string>\",\n \"resourceTypes\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"resourceType\": \"<string>\"\n },\n \"decreaseCriticalityBasedOnEnv\": \"<boolean>\",\n \"detectionMethod\": \"third_party\",\n \"evaluationWindow\": 300,\n \"hardcodedEvaluatorType\": \"log4shell\",\n \"impossibleTravelOptions\": {\n \"baselineUserLocations\": \"<boolean>\"\n },\n \"keepAlive\": 300,\n \"maxSignalDuration\": 900,\n \"newValueOptions\": {\n \"forgetAfter\": 28,\n \"learningDuration\": 0,\n \"learningMethod\": \"duration\",\n \"learningThreshold\": 0\n }\n },\n \"queries\": [\n {\n \"aggregation\": \"max\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"aggregation\": \"max\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"tags\": [\n \"<string>\",\n \"<string>\"\n ],\n \"type\": \"application_security\",\n \"updateAuthorId\": \"<long>\",\n \"version\": \"<long>\"\n}"
},
{
"name": "Bad Request",
"originalRequest": {
"method": "PUT",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"cases\": [\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"critical\"\n },\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"critical\"\n }\n ],\n \"complianceSignalOptions\": {\n \"defaultActivationStatus\": \"<boolean>\",\n \"defaultGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"userActivationStatus\": \"<boolean>\",\n \"userGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"filters\": [\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n },\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n }\n ],\n \"hasExtendedTitle\": \"<boolean>\",\n \"isEnabled\": \"<boolean>\",\n \"message\": \"<string>\",\n \"name\": \"<string>\",\n \"options\": {\n \"complianceRuleOptions\": {\n \"complexRule\": \"<boolean>\",\n \"regoRule\": {\n \"policy\": \"<string>\",\n \"resourceTypes\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"resourceType\": \"<string>\",\n \"nisic3\": {}\n },\n \"decreaseCriticalityBasedOnEnv\": \"<boolean>\",\n \"detectionMethod\": \"third_party\",\n \"evaluationWindow\": 3600,\n \"hardcodedEvaluatorType\": \"log4shell\",\n \"impossibleTravelOptions\": {\n \"baselineUserLocations\": \"<boolean>\"\n },\n \"keepAlive\": 10800,\n \"maxSignalDuration\": 21600,\n \"newValueOptions\": {\n \"forgetAfter\": 28,\n \"learningDuration\": 0,\n \"learningMethod\": \"duration\",\n \"learningThreshold\": 0\n }\n },\n \"queries\": [\n {\n \"aggregation\": \"max\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"aggregation\": \"geo_data\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"tags\": [\n \"<string>\",\n \"<string>\"\n ],\n \"version\": \"<integer>\"\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules",
":rule_id"
],
"variable": [
{
"key": "rule_id"
}
]
}
},
"status": "Bad Request",
"code": 400,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Concurrent Modification",
"originalRequest": {
"method": "PUT",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"cases\": [\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"critical\"\n },\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"critical\"\n }\n ],\n \"complianceSignalOptions\": {\n \"defaultActivationStatus\": \"<boolean>\",\n \"defaultGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"userActivationStatus\": \"<boolean>\",\n \"userGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"filters\": [\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n },\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n }\n ],\n \"hasExtendedTitle\": \"<boolean>\",\n \"isEnabled\": \"<boolean>\",\n \"message\": \"<string>\",\n \"name\": \"<string>\",\n \"options\": {\n \"complianceRuleOptions\": {\n \"complexRule\": \"<boolean>\",\n \"regoRule\": {\n \"policy\": \"<string>\",\n \"resourceTypes\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"resourceType\": \"<string>\",\n \"nisic3\": {}\n },\n \"decreaseCriticalityBasedOnEnv\": \"<boolean>\",\n \"detectionMethod\": \"third_party\",\n \"evaluationWindow\": 3600,\n \"hardcodedEvaluatorType\": \"log4shell\",\n \"impossibleTravelOptions\": {\n \"baselineUserLocations\": \"<boolean>\"\n },\n \"keepAlive\": 10800,\n \"maxSignalDuration\": 21600,\n \"newValueOptions\": {\n \"forgetAfter\": 28,\n \"learningDuration\": 0,\n \"learningMethod\": \"duration\",\n \"learningThreshold\": 0\n }\n },\n \"queries\": [\n {\n \"aggregation\": \"max\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"aggregation\": \"geo_data\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"tags\": [\n \"<string>\",\n \"<string>\"\n ],\n \"version\": \"<integer>\"\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules",
":rule_id"
],
"variable": [
{
"key": "rule_id"
}
]
}
},
"status": "Unauthorized",
"code": 401,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Not Authorized",
"originalRequest": {
"method": "PUT",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"cases\": [\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"critical\"\n },\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"critical\"\n }\n ],\n \"complianceSignalOptions\": {\n \"defaultActivationStatus\": \"<boolean>\",\n \"defaultGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"userActivationStatus\": \"<boolean>\",\n \"userGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"filters\": [\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n },\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n }\n ],\n \"hasExtendedTitle\": \"<boolean>\",\n \"isEnabled\": \"<boolean>\",\n \"message\": \"<string>\",\n \"name\": \"<string>\",\n \"options\": {\n \"complianceRuleOptions\": {\n \"complexRule\": \"<boolean>\",\n \"regoRule\": {\n \"policy\": \"<string>\",\n \"resourceTypes\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"resourceType\": \"<string>\",\n \"nisic3\": {}\n },\n \"decreaseCriticalityBasedOnEnv\": \"<boolean>\",\n \"detectionMethod\": \"third_party\",\n \"evaluationWindow\": 3600,\n \"hardcodedEvaluatorType\": \"log4shell\",\n \"impossibleTravelOptions\": {\n \"baselineUserLocations\": \"<boolean>\"\n },\n \"keepAlive\": 10800,\n \"maxSignalDuration\": 21600,\n \"newValueOptions\": {\n \"forgetAfter\": 28,\n \"learningDuration\": 0,\n \"learningMethod\": \"duration\",\n \"learningThreshold\": 0\n }\n },\n \"queries\": [\n {\n \"aggregation\": \"max\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"aggregation\": \"geo_data\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"tags\": [\n \"<string>\",\n \"<string>\"\n ],\n \"version\": \"<integer>\"\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules",
":rule_id"
],
"variable": [
{
"key": "rule_id"
}
]
}
},
"status": "Forbidden",
"code": 403,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Not Found",
"originalRequest": {
"method": "PUT",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"cases\": [\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"critical\"\n },\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"critical\"\n }\n ],\n \"complianceSignalOptions\": {\n \"defaultActivationStatus\": \"<boolean>\",\n \"defaultGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"userActivationStatus\": \"<boolean>\",\n \"userGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"filters\": [\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n },\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n }\n ],\n \"hasExtendedTitle\": \"<boolean>\",\n \"isEnabled\": \"<boolean>\",\n \"message\": \"<string>\",\n \"name\": \"<string>\",\n \"options\": {\n \"complianceRuleOptions\": {\n \"complexRule\": \"<boolean>\",\n \"regoRule\": {\n \"policy\": \"<string>\",\n \"resourceTypes\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"resourceType\": \"<string>\",\n \"nisic3\": {}\n },\n \"decreaseCriticalityBasedOnEnv\": \"<boolean>\",\n \"detectionMethod\": \"third_party\",\n \"evaluationWindow\": 3600,\n \"hardcodedEvaluatorType\": \"log4shell\",\n \"impossibleTravelOptions\": {\n \"baselineUserLocations\": \"<boolean>\"\n },\n \"keepAlive\": 10800,\n \"maxSignalDuration\": 21600,\n \"newValueOptions\": {\n \"forgetAfter\": 28,\n \"learningDuration\": 0,\n \"learningMethod\": \"duration\",\n \"learningThreshold\": 0\n }\n },\n \"queries\": [\n {\n \"aggregation\": \"max\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"aggregation\": \"geo_data\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"tags\": [\n \"<string>\",\n \"<string>\"\n ],\n \"version\": \"<integer>\"\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules",
":rule_id"
],
"variable": [
{
"key": "rule_id"
}
]
}
},
"status": "Not Found",
"code": 404,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Too many requests",
"originalRequest": {
"method": "PUT",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"cases\": [\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"critical\"\n },\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"critical\"\n }\n ],\n \"complianceSignalOptions\": {\n \"defaultActivationStatus\": \"<boolean>\",\n \"defaultGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"userActivationStatus\": \"<boolean>\",\n \"userGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"filters\": [\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n },\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n }\n ],\n \"hasExtendedTitle\": \"<boolean>\",\n \"isEnabled\": \"<boolean>\",\n \"message\": \"<string>\",\n \"name\": \"<string>\",\n \"options\": {\n \"complianceRuleOptions\": {\n \"complexRule\": \"<boolean>\",\n \"regoRule\": {\n \"policy\": \"<string>\",\n \"resourceTypes\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"resourceType\": \"<string>\",\n \"nisic3\": {}\n },\n \"decreaseCriticalityBasedOnEnv\": \"<boolean>\",\n \"detectionMethod\": \"third_party\",\n \"evaluationWindow\": 3600,\n \"hardcodedEvaluatorType\": \"log4shell\",\n \"impossibleTravelOptions\": {\n \"baselineUserLocations\": \"<boolean>\"\n },\n \"keepAlive\": 10800,\n \"maxSignalDuration\": 21600,\n \"newValueOptions\": {\n \"forgetAfter\": 28,\n \"learningDuration\": 0,\n \"learningMethod\": \"duration\",\n \"learningThreshold\": 0\n }\n },\n \"queries\": [\n {\n \"aggregation\": \"max\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"aggregation\": \"geo_data\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"tags\": [\n \"<string>\",\n \"<string>\"\n ],\n \"version\": \"<integer>\"\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules/:rule_id",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules",
":rule_id"
],
"variable": [
{
"key": "rule_id"
}
]
}
},
"status": "Too Many Requests",
"code": 429,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
}
]
}
