Back to Collection Items
' This example assumes the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.
Dim http As New Chilkat.Http
Dim success As Boolean
Dim queryParams As New Chilkat.JsonObject
queryParams.UpdateInt("page[size]",10)
queryParams.UpdateInt("page[number]",0)
http.SetRequestHeader("Accept","application/json")
Dim resp As Chilkat.HttpResponse = http.QuickRequestParams("GET","https://api.app.ddog-gov.com/api/v2/security_monitoring/rules",queryParams)
If (http.LastMethodSuccess = False) Then
Debug.WriteLine(http.LastErrorText)
Exit Sub
End If
Dim sbResponseBody As New Chilkat.StringBuilder
resp.GetBodySb(sbResponseBody)
Dim jResp As New Chilkat.JsonObject
jResp.LoadSb(sbResponseBody)
jResp.EmitCompact = False
Debug.WriteLine("Response Body:")
Debug.WriteLine(jResp.Emit())
Dim respStatusCode As Integer = resp.StatusCode
Debug.WriteLine("Response Status Code = " & respStatusCode)
If (respStatusCode >= 400) Then
Debug.WriteLine("Response Header:")
Debug.WriteLine(resp.Header)
Debug.WriteLine("Failed.")
Exit Sub
End If
' Sample JSON response:
' (Sample code for parsing the JSON response is shown below)
' {
' "data": [
' {
' "cases": [
' {
' "condition": "<string>",
' "name": "<string>",
' "notifications": [
' "<string>",
' "<string>"
' ],
' "status": "medium"
' },
' {
' "condition": "<string>",
' "name": "<string>",
' "notifications": [
' "<string>",
' "<string>"
' ],
' "status": "info"
' }
' ],
' "complianceSignalOptions": {
' "defaultActivationStatus": "<boolean>",
' "defaultGroupByFields": [
' "<string>",
' "<string>"
' ],
' "userActivationStatus": "<boolean>",
' "userGroupByFields": [
' "<string>",
' "<string>"
' ]
' },
' "createdAt": "<long>",
' "creationAuthorId": "<long>",
' "deprecationDate": "<long>",
' "filters": [
' {
' "action": "suppress",
' "query": "<string>"
' },
' {
' "action": "require",
' "query": "<string>"
' }
' ],
' "hasExtendedTitle": "<boolean>",
' "id": "<string>",
' "isDefault": "<boolean>",
' "isDeleted": "<boolean>",
' "isEnabled": "<boolean>",
' "message": "<string>",
' "name": "<string>",
' "options": {
' "complianceRuleOptions": {
' "complexRule": "<boolean>",
' "regoRule": {
' "policy": "<string>",
' "resourceTypes": [
' "<string>",
' "<string>"
' ]
' },
' "resourceType": "<string>",
' "sunt__": {}
' },
' "decreaseCriticalityBasedOnEnv": "<boolean>",
' "detectionMethod": "threshold",
' "evaluationWindow": 7200,
' "hardcodedEvaluatorType": "log4shell",
' "impossibleTravelOptions": {
' "baselineUserLocations": "<boolean>"
' },
' "keepAlive": 60,
' "maxSignalDuration": 60,
' "newValueOptions": {
' "forgetAfter": 14,
' "learningDuration": 0,
' "learningMethod": "duration",
' "learningThreshold": 0
' }
' },
' "queries": [
' {
' "aggregation": "geo_data",
' "distinctFields": [
' "<string>",
' "<string>"
' ],
' "groupByFields": [
' "<string>",
' "<string>"
' ],
' "metric": "<string>",
' "metrics": [
' "<string>",
' "<string>"
' ],
' "name": "<string>",
' "query": "<string>"
' },
' {
' "aggregation": "new_value",
' "distinctFields": [
' "<string>",
' "<string>"
' ],
' "groupByFields": [
' "<string>",
' "<string>"
' ],
' "metric": "<string>",
' "metrics": [
' "<string>",
' "<string>"
' ],
' "name": "<string>",
' "query": "<string>"
' }
' ],
' "tags": [
' "<string>",
' "<string>"
' ],
' "type": "log_detection",
' "updateAuthorId": "<long>",
' "version": "<long>"
' },
' {
' "cases": [
' {
' "condition": "<string>",
' "name": "<string>",
' "notifications": [
' "<string>",
' "<string>"
' ],
' "status": "medium"
' },
' {
' "condition": "<string>",
' "name": "<string>",
' "notifications": [
' "<string>",
' "<string>"
' ],
' "status": "critical"
' }
' ],
' "complianceSignalOptions": {
' "defaultActivationStatus": "<boolean>",
' "defaultGroupByFields": [
' "<string>",
' "<string>"
' ],
' "userActivationStatus": "<boolean>",
' "userGroupByFields": [
' "<string>",
' "<string>"
' ]
' },
' "createdAt": "<long>",
' "creationAuthorId": "<long>",
' "deprecationDate": "<long>",
' "filters": [
' {
' "action": "suppress",
' "query": "<string>"
' },
' {
' "action": "suppress",
' "query": "<string>"
' }
' ],
' "hasExtendedTitle": "<boolean>",
' "id": "<string>",
' "isDefault": "<boolean>",
' "isDeleted": "<boolean>",
' "isEnabled": "<boolean>",
' "message": "<string>",
' "name": "<string>",
' "options": {
' "complianceRuleOptions": {
' "complexRule": "<boolean>",
' "regoRule": {
' "policy": "<string>",
' "resourceTypes": [
' "<string>",
' "<string>"
' ]
' },
' "resourceType": "<string>",
' "mollit_4": {},
' "culpa_2": {}
' },
' "decreaseCriticalityBasedOnEnv": "<boolean>",
' "detectionMethod": "hardcoded",
' "evaluationWindow": 300,
' "hardcodedEvaluatorType": "log4shell",
' "impossibleTravelOptions": {
' "baselineUserLocations": "<boolean>"
' },
' "keepAlive": 21600,
' "maxSignalDuration": 10800,
' "newValueOptions": {
' "forgetAfter": 2,
' "learningDuration": 0,
' "learningMethod": "duration",
' "learningThreshold": 0
' }
' },
' "queries": [
' {
' "aggregation": "new_value",
' "distinctFields": [
' "<string>",
' "<string>"
' ],
' "groupByFields": [
' "<string>",
' "<string>"
' ],
' "metric": "<string>",
' "metrics": [
' "<string>",
' "<string>"
' ],
' "name": "<string>",
' "query": "<string>"
' },
' {
' "aggregation": "geo_data",
' "distinctFields": [
' "<string>",
' "<string>"
' ],
' "groupByFields": [
' "<string>",
' "<string>"
' ],
' "metric": "<string>",
' "metrics": [
' "<string>",
' "<string>"
' ],
' "name": "<string>",
' "query": "<string>"
' }
' ],
' "tags": [
' "<string>",
' "<string>"
' ],
' "type": "infrastructure_configuration",
' "updateAuthorId": "<long>",
' "version": "<long>"
' }
' ],
' "meta": {
' "page": {
' "total_count": "<long>",
' "total_filtered_count": "<long>"
' }
' }
' }
' Sample code for parsing the JSON response...
' Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code
Dim DefaultActivationStatus As String
Dim UserActivationStatus As String
Dim createdAt As String
Dim creationAuthorId As String
Dim deprecationDate As String
Dim hasExtendedTitle As String
Dim id As String
Dim isDefault As String
Dim isDeleted As String
Dim isEnabled As String
Dim message As String
Dim name As String
Dim ComplexRule As String
Dim Policy As String
Dim ResourceType As String
Dim DecreaseCriticalityBasedOnEnv As String
Dim DetectionMethod As String
Dim EvaluationWindow As Integer
Dim HardcodedEvaluatorType As String
Dim BaselineUserLocations As String
Dim KeepAlive As Integer
Dim MaxSignalDuration As Integer
Dim ForgetAfter As Integer
Dim LearningDuration As Integer
Dim LearningMethod As String
Dim LearningThreshold As Integer
Dim v_type As String
Dim updateAuthorId As String
Dim version As String
Dim j As Integer
Dim count_j As Integer
Dim condition As String
Dim status As String
Dim k As Integer
Dim count_k As Integer
Dim strVal As String
Dim action As String
Dim query As String
Dim aggregation As String
Dim metric As String
Dim Total_count As String = jResp.StringOf("meta.page.total_count")
Dim Total_filtered_count As String = jResp.StringOf("meta.page.total_filtered_count")
Dim i As Integer = 0
Dim count_i As Integer = jResp.SizeOfArray("data")
While i < count_i
jResp.I = i
DefaultActivationStatus = jResp.StringOf("data[i].complianceSignalOptions.defaultActivationStatus")
UserActivationStatus = jResp.StringOf("data[i].complianceSignalOptions.userActivationStatus")
createdAt = jResp.StringOf("data[i].createdAt")
creationAuthorId = jResp.StringOf("data[i].creationAuthorId")
deprecationDate = jResp.StringOf("data[i].deprecationDate")
hasExtendedTitle = jResp.StringOf("data[i].hasExtendedTitle")
id = jResp.StringOf("data[i].id")
isDefault = jResp.StringOf("data[i].isDefault")
isDeleted = jResp.StringOf("data[i].isDeleted")
isEnabled = jResp.StringOf("data[i].isEnabled")
message = jResp.StringOf("data[i].message")
name = jResp.StringOf("data[i].name")
ComplexRule = jResp.StringOf("data[i].options.complianceRuleOptions.complexRule")
Policy = jResp.StringOf("data[i].options.complianceRuleOptions.regoRule.policy")
ResourceType = jResp.StringOf("data[i].options.complianceRuleOptions.resourceType")
DecreaseCriticalityBasedOnEnv = jResp.StringOf("data[i].options.decreaseCriticalityBasedOnEnv")
DetectionMethod = jResp.StringOf("data[i].options.detectionMethod")
EvaluationWindow = jResp.IntOf("data[i].options.evaluationWindow")
HardcodedEvaluatorType = jResp.StringOf("data[i].options.hardcodedEvaluatorType")
BaselineUserLocations = jResp.StringOf("data[i].options.impossibleTravelOptions.baselineUserLocations")
KeepAlive = jResp.IntOf("data[i].options.keepAlive")
MaxSignalDuration = jResp.IntOf("data[i].options.maxSignalDuration")
ForgetAfter = jResp.IntOf("data[i].options.newValueOptions.forgetAfter")
LearningDuration = jResp.IntOf("data[i].options.newValueOptions.learningDuration")
LearningMethod = jResp.StringOf("data[i].options.newValueOptions.learningMethod")
LearningThreshold = jResp.IntOf("data[i].options.newValueOptions.learningThreshold")
v_type = jResp.StringOf("data[i].type")
updateAuthorId = jResp.StringOf("data[i].updateAuthorId")
version = jResp.StringOf("data[i].version")
j = 0
count_j = jResp.SizeOfArray("data[i].cases")
While j < count_j
jResp.J = j
condition = jResp.StringOf("data[i].cases[j].condition")
name = jResp.StringOf("data[i].cases[j].name")
status = jResp.StringOf("data[i].cases[j].status")
k = 0
count_k = jResp.SizeOfArray("data[i].cases[j].notifications")
While k < count_k
jResp.K = k
strVal = jResp.StringOf("data[i].cases[j].notifications[k]")
k = k + 1
End While
j = j + 1
End While
j = 0
count_j = jResp.SizeOfArray("data[i].complianceSignalOptions.defaultGroupByFields")
While j < count_j
jResp.J = j
strVal = jResp.StringOf("data[i].complianceSignalOptions.defaultGroupByFields[j]")
j = j + 1
End While
j = 0
count_j = jResp.SizeOfArray("data[i].complianceSignalOptions.userGroupByFields")
While j < count_j
jResp.J = j
strVal = jResp.StringOf("data[i].complianceSignalOptions.userGroupByFields[j]")
j = j + 1
End While
j = 0
count_j = jResp.SizeOfArray("data[i].filters")
While j < count_j
jResp.J = j
action = jResp.StringOf("data[i].filters[j].action")
query = jResp.StringOf("data[i].filters[j].query")
j = j + 1
End While
j = 0
count_j = jResp.SizeOfArray("data[i].options.complianceRuleOptions.regoRule.resourceTypes")
While j < count_j
jResp.J = j
strVal = jResp.StringOf("data[i].options.complianceRuleOptions.regoRule.resourceTypes[j]")
j = j + 1
End While
j = 0
count_j = jResp.SizeOfArray("data[i].queries")
While j < count_j
jResp.J = j
aggregation = jResp.StringOf("data[i].queries[j].aggregation")
metric = jResp.StringOf("data[i].queries[j].metric")
name = jResp.StringOf("data[i].queries[j].name")
query = jResp.StringOf("data[i].queries[j].query")
k = 0
count_k = jResp.SizeOfArray("data[i].queries[j].distinctFields")
While k < count_k
jResp.K = k
strVal = jResp.StringOf("data[i].queries[j].distinctFields[k]")
k = k + 1
End While
k = 0
count_k = jResp.SizeOfArray("data[i].queries[j].groupByFields")
While k < count_k
jResp.K = k
strVal = jResp.StringOf("data[i].queries[j].groupByFields[k]")
k = k + 1
End While
k = 0
count_k = jResp.SizeOfArray("data[i].queries[j].metrics")
While k < count_k
jResp.K = k
strVal = jResp.StringOf("data[i].queries[j].metrics[k]")
k = k + 1
End While
j = j + 1
End While
j = 0
count_j = jResp.SizeOfArray("data[i].tags")
While j < count_j
jResp.J = j
strVal = jResp.StringOf("data[i].tags[j]")
j = j + 1
End While
i = i + 1
End While
Curl Command
curl -G -d "page[size]=10"
-d "page[number]=0"
-H "Accept: application/json"
https://api.app.ddog-gov.com/api/v2/security_monitoring/rules
Postman Collection Item JSON
{
"name": "List rules",
"request": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules?page[size]=10&page[number]=0",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules"
],
"query": [
{
"key": "page[size]",
"value": "10",
"description": "Size for a given page. The maximum allowed value is 100."
},
{
"key": "page[number]",
"value": "0",
"description": "Specific page number to return."
}
]
},
"description": "List rules."
},
"response": [
{
"name": "OK",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules?page[size]=10&page[number]=0",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules"
],
"query": [
{
"key": "page[size]",
"value": "10",
"description": "Size for a given page. The maximum allowed value is 100."
},
{
"key": "page[number]",
"value": "0",
"description": "Specific page number to return."
}
]
}
},
"status": "OK",
"code": 200,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"data\": [\n {\n \"cases\": [\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"medium\"\n },\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"info\"\n }\n ],\n \"complianceSignalOptions\": {\n \"defaultActivationStatus\": \"<boolean>\",\n \"defaultGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"userActivationStatus\": \"<boolean>\",\n \"userGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"createdAt\": \"<long>\",\n \"creationAuthorId\": \"<long>\",\n \"deprecationDate\": \"<long>\",\n \"filters\": [\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n },\n {\n \"action\": \"require\",\n \"query\": \"<string>\"\n }\n ],\n \"hasExtendedTitle\": \"<boolean>\",\n \"id\": \"<string>\",\n \"isDefault\": \"<boolean>\",\n \"isDeleted\": \"<boolean>\",\n \"isEnabled\": \"<boolean>\",\n \"message\": \"<string>\",\n \"name\": \"<string>\",\n \"options\": {\n \"complianceRuleOptions\": {\n \"complexRule\": \"<boolean>\",\n \"regoRule\": {\n \"policy\": \"<string>\",\n \"resourceTypes\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"resourceType\": \"<string>\",\n \"sunt__\": {}\n },\n \"decreaseCriticalityBasedOnEnv\": \"<boolean>\",\n \"detectionMethod\": \"threshold\",\n \"evaluationWindow\": 7200,\n \"hardcodedEvaluatorType\": \"log4shell\",\n \"impossibleTravelOptions\": {\n \"baselineUserLocations\": \"<boolean>\"\n },\n \"keepAlive\": 60,\n \"maxSignalDuration\": 60,\n \"newValueOptions\": {\n \"forgetAfter\": 14,\n \"learningDuration\": 0,\n \"learningMethod\": \"duration\",\n \"learningThreshold\": 0\n }\n },\n \"queries\": [\n {\n \"aggregation\": \"geo_data\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"aggregation\": \"new_value\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"tags\": [\n \"<string>\",\n \"<string>\"\n ],\n \"type\": \"log_detection\",\n \"updateAuthorId\": \"<long>\",\n \"version\": \"<long>\"\n },\n {\n \"cases\": [\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"medium\"\n },\n {\n \"condition\": \"<string>\",\n \"name\": \"<string>\",\n \"notifications\": [\n \"<string>\",\n \"<string>\"\n ],\n \"status\": \"critical\"\n }\n ],\n \"complianceSignalOptions\": {\n \"defaultActivationStatus\": \"<boolean>\",\n \"defaultGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"userActivationStatus\": \"<boolean>\",\n \"userGroupByFields\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"createdAt\": \"<long>\",\n \"creationAuthorId\": \"<long>\",\n \"deprecationDate\": \"<long>\",\n \"filters\": [\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n },\n {\n \"action\": \"suppress\",\n \"query\": \"<string>\"\n }\n ],\n \"hasExtendedTitle\": \"<boolean>\",\n \"id\": \"<string>\",\n \"isDefault\": \"<boolean>\",\n \"isDeleted\": \"<boolean>\",\n \"isEnabled\": \"<boolean>\",\n \"message\": \"<string>\",\n \"name\": \"<string>\",\n \"options\": {\n \"complianceRuleOptions\": {\n \"complexRule\": \"<boolean>\",\n \"regoRule\": {\n \"policy\": \"<string>\",\n \"resourceTypes\": [\n \"<string>\",\n \"<string>\"\n ]\n },\n \"resourceType\": \"<string>\",\n \"mollit_4\": {},\n \"culpa_2\": {}\n },\n \"decreaseCriticalityBasedOnEnv\": \"<boolean>\",\n \"detectionMethod\": \"hardcoded\",\n \"evaluationWindow\": 300,\n \"hardcodedEvaluatorType\": \"log4shell\",\n \"impossibleTravelOptions\": {\n \"baselineUserLocations\": \"<boolean>\"\n },\n \"keepAlive\": 21600,\n \"maxSignalDuration\": 10800,\n \"newValueOptions\": {\n \"forgetAfter\": 2,\n \"learningDuration\": 0,\n \"learningMethod\": \"duration\",\n \"learningThreshold\": 0\n }\n },\n \"queries\": [\n {\n \"aggregation\": \"new_value\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n },\n {\n \"aggregation\": \"geo_data\",\n \"distinctFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"groupByFields\": [\n \"<string>\",\n \"<string>\"\n ],\n \"metric\": \"<string>\",\n \"metrics\": [\n \"<string>\",\n \"<string>\"\n ],\n \"name\": \"<string>\",\n \"query\": \"<string>\"\n }\n ],\n \"tags\": [\n \"<string>\",\n \"<string>\"\n ],\n \"type\": \"infrastructure_configuration\",\n \"updateAuthorId\": \"<long>\",\n \"version\": \"<long>\"\n }\n ],\n \"meta\": {\n \"page\": {\n \"total_count\": \"<long>\",\n \"total_filtered_count\": \"<long>\"\n }\n }\n}"
},
{
"name": "Bad Request",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules?page[size]=10&page[number]=0",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules"
],
"query": [
{
"key": "page[size]",
"value": "10",
"description": "Size for a given page. The maximum allowed value is 100."
},
{
"key": "page[number]",
"value": "0",
"description": "Specific page number to return."
}
]
}
},
"status": "Bad Request",
"code": 400,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Too many requests",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/rules?page[size]=10&page[number]=0",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"rules"
],
"query": [
{
"key": "page[size]",
"value": "10",
"description": "Size for a given page. The maximum allowed value is 100."
},
{
"key": "page[number]",
"value": "0",
"description": "Specific page number to return."
}
]
}
},
"status": "Too Many Requests",
"code": 429,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
}
]
}
