Class: DatadogAPIClient::V2::SecurityMonitoringAPI

Inherits:

Object

• Object
• DatadogAPIClient::V2::SecurityMonitoringAPI

Defined in:

lib/datadog_api_client/v2/api/security_monitoring_api.rb

Instance Attribute Summary

• #api_client ⇒ Object

  Returns the value of attribute api_client.

Instance Method Summary

• #activate_content_pack(content_pack_id, opts = {}) ⇒ Object

  Activate content pack.

• #activate_content_pack_with_http_info(content_pack_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Activate content pack.

• #attach_case(case_id, body, opts = {}) ⇒ Object

  Attach security findings to a case.

• #attach_case_with_http_info(case_id, body, opts = {}) ⇒ Array<(FindingCaseResponse, Integer, Hash)>

  Attach security findings to a case.

• #attach_jira_issue(body, opts = {}) ⇒ Object

  Attach security findings to a Jira issue.

• #attach_jira_issue_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponse, Integer, Hash)>

  Attach security findings to a Jira issue.

• #attach_service_now_ticket(body, opts = {}) ⇒ Object

  Attach security findings to a ServiceNow ticket.

• #attach_service_now_ticket_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponse, Integer, Hash)>

  Attach security findings to a ServiceNow ticket.

• #batch_get_security_monitoring_dataset_dependencies(body, opts = {}) ⇒ Object

  Get dataset dependencies.

• #batch_get_security_monitoring_dataset_dependencies_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringDatasetDependenciesResponse, Integer, Hash)>

  Get dataset dependencies.

• #bulk_convert_existing_security_monitoring_rules(body, opts = {}) ⇒ Object

  Bulk convert rules to Terraform.

• #bulk_convert_existing_security_monitoring_rules_with_http_info(body, opts = {}) ⇒ Array<(File, Integer, Hash)>

  Bulk convert rules to Terraform.

• #bulk_create_sample_log_generation_subscriptions(body, opts = {}) ⇒ Object

  Bulk subscribe to sample log generation.

• #bulk_create_sample_log_generation_subscriptions_with_http_info(body, opts = {}) ⇒ Array<(SampleLogGenerationBulkSubscriptionResponse, Integer, Hash)>

  Bulk subscribe to sample log generation.

• #bulk_delete_security_monitoring_rules(body, opts = {}) ⇒ Object

  Bulk delete security monitoring rules.

• #bulk_delete_security_monitoring_rules_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleBulkDeleteResponse, Integer, Hash)>

  Bulk delete security monitoring rules.

• #bulk_edit_security_monitoring_signals(body, opts = {}) ⇒ Object

  Bulk update security signals.

• #bulk_edit_security_monitoring_signals_assignee(body, opts = {}) ⇒ Object

  Bulk update triage assignee of security signals.

• #bulk_edit_security_monitoring_signals_assignee_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>

  Bulk update triage assignee of security signals.

• #bulk_edit_security_monitoring_signals_state(body, opts = {}) ⇒ Object

  Bulk update triage state of security signals.

• #bulk_edit_security_monitoring_signals_state_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>

  Bulk update triage state of security signals.

• #bulk_edit_security_monitoring_signals_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>

  Bulk update security signals.

• #bulk_export_security_monitoring_rules(body, opts = {}) ⇒ Object

  Bulk export security monitoring rules.

• #bulk_export_security_monitoring_rules_with_http_info(body, opts = {}) ⇒ Array<(File, Integer, Hash)>

  Bulk export security monitoring rules.

• #bulk_export_security_monitoring_terraform_resources(resource_type, body, opts = {}) ⇒ Object

  Export security monitoring resources to Terraform.

• #bulk_export_security_monitoring_terraform_resources_with_http_info(resource_type, body, opts = {}) ⇒ Array<(File, Integer, Hash)>

  Export security monitoring resources to Terraform.

• #cancel_historical_job(job_id, opts = {}) ⇒ Object

  Cancel a historical job.

• #cancel_historical_job_with_http_info(job_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Cancel a historical job.

• #convert_existing_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

  Convert an existing rule from JSON to Terraform.

• #convert_existing_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>

  Convert an existing rule from JSON to Terraform.

• #convert_job_result_to_signal(body, opts = {}) ⇒ Object

  Convert a job result to a signal.

• #convert_job_result_to_signal_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Convert a job result to a signal.

• #convert_security_monitoring_rule_from_json_to_terraform(body, opts = {}) ⇒ Object

  Convert a rule from JSON to Terraform.

• #convert_security_monitoring_rule_from_json_to_terraform_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>

  Convert a rule from JSON to Terraform.

• #convert_security_monitoring_terraform_resource(resource_type, body, opts = {}) ⇒ Object

  Convert security monitoring resource to Terraform.

• #convert_security_monitoring_terraform_resource_with_http_info(resource_type, body, opts = {}) ⇒ Array<(SecurityMonitoringTerraformExportResponse, Integer, Hash)>

  Convert security monitoring resource to Terraform.

• #create_cases(body, opts = {}) ⇒ Object

  Create cases for security findings.

• #create_cases_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponseArray, Integer, Hash)>

  Create cases for security findings.

• #create_custom_framework(body, opts = {}) ⇒ Object

  Create a custom framework.

• #create_custom_framework_with_http_info(body, opts = {}) ⇒ Array<(CreateCustomFrameworkResponse, Integer, Hash)>

  Create a custom framework.

• #create_io_c_triage_state(body, opts = {}) ⇒ Object

  Create or update an indicator triage state.

• #create_io_c_triage_state_with_http_info(body, opts = {}) ⇒ Array<(IoCTriageWriteResponse, Integer, Hash)>

  Create or update an indicator triage state.

• #create_jira_issues(body, opts = {}) ⇒ Object

  Create Jira issues for security findings.

• #create_jira_issues_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponseArray, Integer, Hash)>

  Create Jira issues for security findings.

• #create_sample_log_generation_subscription(body, opts = {}) ⇒ Object

  Subscribe to sample log generation.

• #create_sample_log_generation_subscription_with_http_info(body, opts = {}) ⇒ Array<(SampleLogGenerationSubscriptionResponse, Integer, Hash)>

  Subscribe to sample log generation.

• #create_security_filter(body, opts = {}) ⇒ Object

  Create a security filter.

• #create_security_filter_with_http_info(body, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

  Create a security filter.

• #create_security_monitoring_critical_asset(body, opts = {}) ⇒ Object

  Create a critical asset.

• #create_security_monitoring_critical_asset_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

  Create a critical asset.

• #create_security_monitoring_dataset(body, opts = {}) ⇒ Object

  Create a dataset.

• #create_security_monitoring_dataset_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringDatasetCreateResponse, Integer, Hash)>

  Create a dataset.

• #create_security_monitoring_integration_config(body, opts = {}) ⇒ Object

  Create an entity context sync configuration.

• #create_security_monitoring_integration_config_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringIntegrationConfigResponse, Integer, Hash)>

  Create an entity context sync configuration.

• #create_security_monitoring_rule(body, opts = {}) ⇒ Object

  Create a detection rule.

• #create_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

  Create a detection rule.

• #create_security_monitoring_suppression(body, opts = {}) ⇒ Object

  Create a suppression rule.

• #create_security_monitoring_suppression_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

  Create a suppression rule.

• #create_service_now_tickets(body, opts = {}) ⇒ Object

  Create ServiceNow tickets for security findings.

• #create_service_now_tickets_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponseArray, Integer, Hash)>

  Create ServiceNow tickets for security findings.

• #create_signal_notification_rule(body, opts = {}) ⇒ Object

  Create a new signal-based notification rule.

• #create_signal_notification_rule_with_http_info(body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Create a new signal-based notification rule.

• #create_static_analysis_ast(body, opts = {}) ⇒ Object

  Get AST for source code.

• #create_static_analysis_ast_with_http_info(body, opts = {}) ⇒ Array<(GetAstResponse, Integer, Hash)>

  Get AST for source code.

• #create_static_analysis_server_analysis(body, opts = {}) ⇒ Object

  Analyze code.

• #create_static_analysis_server_analysis_with_http_info(body, opts = {}) ⇒ Array<(AnalysisResponse, Integer, Hash)>

  Analyze code.

• #create_vulnerability_notification_rule(body, opts = {}) ⇒ Object

  Create a new vulnerability-based notification rule.

• #create_vulnerability_notification_rule_with_http_info(body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Create a new vulnerability-based notification rule.

• #deactivate_content_pack(content_pack_id, opts = {}) ⇒ Object

  Deactivate content pack.

• #deactivate_content_pack_with_http_info(content_pack_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Deactivate content pack.

• #delete_custom_framework(handle, version, opts = {}) ⇒ Object

  Delete a custom framework.

• #delete_custom_framework_with_http_info(handle, version, opts = {}) ⇒ Array<(DeleteCustomFrameworkResponse, Integer, Hash)>

  Delete a custom framework.

• #delete_historical_job(job_id, opts = {}) ⇒ Object

  Delete an existing job.

• #delete_historical_job_with_http_info(job_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete an existing job.

• #delete_sample_log_generation_subscription(content_pack_id, opts = {}) ⇒ Object

  Unsubscribe from sample log generation.

• #delete_sample_log_generation_subscription_with_http_info(content_pack_id, opts = {}) ⇒ Array<(SampleLogGenerationSubscriptionResponse, Integer, Hash)>

  Unsubscribe from sample log generation.

• #delete_security_filter(security_filter_id, opts = {}) ⇒ Object

  Delete a security filter.

• #delete_security_filter_with_http_info(security_filter_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a security filter.

• #delete_security_monitoring_critical_asset(critical_asset_id, opts = {}) ⇒ Object

  Delete a critical asset.

• #delete_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a critical asset.

• #delete_security_monitoring_dataset(dataset_id, opts = {}) ⇒ Object

  Delete a dataset.

• #delete_security_monitoring_dataset_with_http_info(dataset_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a dataset.

• #delete_security_monitoring_integration_config(integration_config_id, opts = {}) ⇒ Object

  Delete an entity context sync configuration.

• #delete_security_monitoring_integration_config_with_http_info(integration_config_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete an entity context sync configuration.

• #delete_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

  Delete an existing rule.

• #delete_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete an existing rule.

• #delete_security_monitoring_suppression(suppression_id, opts = {}) ⇒ Object

  Delete a suppression rule.

• #delete_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a suppression rule.

• #delete_signal_notification_rule(id, opts = {}) ⇒ Object

  Delete a signal-based notification rule.

• #delete_signal_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a signal-based notification rule.

• #delete_vulnerability_notification_rule(id, opts = {}) ⇒ Object

  Delete a vulnerability-based notification rule.

• #delete_vulnerability_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Delete a vulnerability-based notification rule.

• #detach_case(body, opts = {}) ⇒ Object

  Detach security findings from their case.

• #detach_case_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Detach security findings from their case.

• #edit_security_monitoring_signal(signal_id, body, opts = {}) ⇒ Object

  Update security signal triage state or assignee.

• #edit_security_monitoring_signal_assignee(signal_id, body, opts = {}) ⇒ Object

  Modify the triage assignee of a security signal.

• #edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

  Modify the triage assignee of a security signal.

• #edit_security_monitoring_signal_incidents(signal_id, body, opts = {}) ⇒ Object

  Change the related incidents of a security signal.

• #edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

  Change the related incidents of a security signal.

• #edit_security_monitoring_signal_state(signal_id, body, opts = {}) ⇒ Object

  Change the triage state of a security signal.

• #edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

  Change the triage state of a security signal.

• #edit_security_monitoring_signal_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

  Update security signal triage state or assignee.

• #export_security_monitoring_terraform_resource(resource_type, resource_id, opts = {}) ⇒ Object

  Export security monitoring resource to Terraform.

• #export_security_monitoring_terraform_resource_with_http_info(resource_type, resource_id, opts = {}) ⇒ Array<(SecurityMonitoringTerraformExportResponse, Integer, Hash)>

  Export security monitoring resource to Terraform.

• #get_content_packs_states(opts = {}) ⇒ Object

  Get content pack states.

• #get_content_packs_states_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringContentPackStatesResponse, Integer, Hash)>

  Get content pack states.

• #get_critical_assets_affecting_rule(rule_id, opts = {}) ⇒ Object

  Get critical assets affecting a specific rule.

• #get_critical_assets_affecting_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>

  Get critical assets affecting a specific rule.

• #get_custom_framework(handle, version, opts = {}) ⇒ Object

  Get a custom framework.

• #get_custom_framework_with_http_info(handle, version, opts = {}) ⇒ Array<(GetCustomFrameworkResponse, Integer, Hash)>

  Get a custom framework.

• #get_entity_context(opts = {}) ⇒ Object

  Get entity context.

• #get_entity_context_with_http_info(opts = {}) ⇒ Array<(EntityContextResponse, Integer, Hash)>

  Get entity context.

• #get_finding(finding_id, opts = {}) ⇒ Object

  Get a finding.

• #get_finding_with_http_info(finding_id, opts = {}) ⇒ Array<(GetFindingResponse, Integer, Hash)>

  Get a finding.

• #get_historical_job(job_id, opts = {}) ⇒ Object

  Get a job’s details.

• #get_historical_job_with_http_info(job_id, opts = {}) ⇒ Array<(HistoricalJobResponse, Integer, Hash)>

  Get a job’s details.

• #get_indicator_of_compromise(indicator, opts = {}) ⇒ Object

  Get an indicator of compromise.

• #get_indicator_of_compromise_with_http_info(indicator, opts = {}) ⇒ Array<(GetIoCIndicatorResponse, Integer, Hash)>

  Get an indicator of compromise.

• #get_investigation_log_queries_matching_signal(signal_id, opts = {}) ⇒ Object

  Get investigation queries for a signal.

• #get_investigation_log_queries_matching_signal_with_http_info(signal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalSuggestedActionsResponse, Integer, Hash)>

  Get investigation queries for a signal.

• #get_resource_evaluation_filters(opts = {}) ⇒ Object

  List resource filters.

• #get_resource_evaluation_filters_with_http_info(opts = {}) ⇒ Array<(GetResourceEvaluationFiltersResponse, Integer, Hash)>

  List resource filters.

• #get_rule_version_history(rule_id, opts = {}) ⇒ Object

  Get a rule’s version history.

• #get_rule_version_history_with_http_info(rule_id, opts = {}) ⇒ Array<(GetRuleVersionHistoryResponse, Integer, Hash)>

  Get a rule’s version history.

• #get_sbom(asset_type, filter_asset_name, opts = {}) ⇒ Object

  Get SBOM.

• #get_sbom_with_http_info(asset_type, filter_asset_name, opts = {}) ⇒ Array<(GetSBOMResponse, Integer, Hash)>

  Get SBOM.

• #get_secrets_rules(opts = {}) ⇒ Object

  Returns a list of Secrets rules.

• #get_secrets_rules_with_http_info(opts = {}) ⇒ Array<(SecretRuleArray, Integer, Hash)>

  Returns a list of Secrets rules.

• #get_security_filter(security_filter_id, opts = {}) ⇒ Object

  Get a security filter.

• #get_security_filter_with_http_info(security_filter_id, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

  Get a security filter.

• #get_security_monitoring_critical_asset(critical_asset_id, opts = {}) ⇒ Object

  Get a critical asset.

• #get_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

  Get a critical asset.

• #get_security_monitoring_dataset(dataset_id, opts = {}) ⇒ Object

  Get a dataset.

• #get_security_monitoring_dataset_by_version(dataset_id, version, opts = {}) ⇒ Object

  Get a dataset at a specific version.

• #get_security_monitoring_dataset_by_version_with_http_info(dataset_id, version, opts = {}) ⇒ Array<(SecurityMonitoringDatasetResponse, Integer, Hash)>

  Get a dataset at a specific version.

• #get_security_monitoring_dataset_version_history(dataset_id, opts = {}) ⇒ Object

  Get the version history of a dataset.

• #get_security_monitoring_dataset_version_history_with_http_info(dataset_id, opts = {}) ⇒ Array<(SecurityMonitoringDatasetVersionHistoryResponse, Integer, Hash)>

  Get the version history of a dataset.

• #get_security_monitoring_dataset_with_http_info(dataset_id, opts = {}) ⇒ Array<(SecurityMonitoringDatasetResponse, Integer, Hash)>

  Get a dataset.

• #get_security_monitoring_histsignal(histsignal_id, opts = {}) ⇒ Object

  Get a hist signal’s details.

• #get_security_monitoring_histsignal_with_http_info(histsignal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalResponse, Integer, Hash)>

  Get a hist signal’s details.

• #get_security_monitoring_histsignals_by_job_id(job_id, opts = {}) ⇒ Object

  Get a job’s hist signals.

• #get_security_monitoring_histsignals_by_job_id_with_http_info(job_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  Get a job’s hist signals.

• #get_security_monitoring_integration_config(integration_config_id, opts = {}) ⇒ Object

  Get an entity context sync configuration.

• #get_security_monitoring_integration_config_with_http_info(integration_config_id, opts = {}) ⇒ Array<(SecurityMonitoringIntegrationConfigResponse, Integer, Hash)>

  Get an entity context sync configuration.

• #get_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

  Get a rule’s details.

• #get_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

  Get a rule’s details.

• #get_security_monitoring_signal(signal_id, opts = {}) ⇒ Object

  Get a signal’s details.

• #get_security_monitoring_signal_with_http_info(signal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalResponse, Integer, Hash)>

  Get a signal’s details.

• #get_security_monitoring_suppression(suppression_id, opts = {}) ⇒ Object

  Get a suppression rule.

• #get_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

  Get a suppression rule.

• #get_signal_entities(signal_id, opts = {}) ⇒ Object

  Get entities related to a signal.

• #get_signal_entities_with_http_info(signal_id, opts = {}) ⇒ Array<(SignalEntitiesResponse, Integer, Hash)>

  Get entities related to a signal.

• #get_signal_notification_rule(id, opts = {}) ⇒ Object

  Get details of a signal-based notification rule.

• #get_signal_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Get details of a signal-based notification rule.

• #get_signal_notification_rules(opts = {}) ⇒ Object

  Get the list of signal-based notification rules.

• #get_signal_notification_rules_with_http_info(opts = {}) ⇒ Array<(NotificationRulesListResponse, Integer, Hash)>

  Get the list of signal-based notification rules.

• #get_single_entity_context(id, opts = {}) ⇒ Object

  Get a single entity context.

• #get_single_entity_context_with_http_info(id, opts = {}) ⇒ Array<(SingleEntityContextResponse, Integer, Hash)>

  Get a single entity context.

• #get_static_analysis_default_rulesets(language, opts = {}) ⇒ Object

  Get default rulesets for a language.

• #get_static_analysis_default_rulesets_with_http_info(language, opts = {}) ⇒ Array<(DefaultRulesetsPerLanguageResponse, Integer, Hash)>

  Get default rulesets for a language.

• #get_static_analysis_node_types(language, opts = {}) ⇒ Object

  Get node types for a language.

• #get_static_analysis_node_types_with_http_info(language, opts = {}) ⇒ Array<(NodeTypesResponse, Integer, Hash)>

  Get node types for a language.

• #get_static_analysis_ruleset(ruleset_name, opts = {}) ⇒ Object

  Get a SAST ruleset.

• #get_static_analysis_ruleset_with_http_info(ruleset_name, opts = {}) ⇒ Array<(SastRulesetResponse, Integer, Hash)>

  Get a SAST ruleset.

• #get_static_analysis_tree_sitter_wasm(file, opts = {}) ⇒ Object

  Get tree-sitter WASM file.

• #get_static_analysis_tree_sitter_wasm_with_http_info(file, opts = {}) ⇒ Array<(File, Integer, Hash)>

  Get tree-sitter WASM file.

• #get_suggested_actions_matching_signal(signal_id, opts = {}) ⇒ Object

  Get suggested actions for a signal.

• #get_suggested_actions_matching_signal_with_http_info(signal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalSuggestedActionsResponse, Integer, Hash)>

  Get suggested actions for a signal.

• #get_suppression_version_history(suppression_id, opts = {}) ⇒ Object

  Get a suppression’s version history.

• #get_suppression_version_history_with_http_info(suppression_id, opts = {}) ⇒ Array<(GetSuppressionVersionHistoryResponse, Integer, Hash)>

  Get a suppression’s version history.

• #get_suppressions_affecting_future_rule(body, opts = {}) ⇒ Object

  Get suppressions affecting future rule.

• #get_suppressions_affecting_future_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>

  Get suppressions affecting future rule.

• #get_suppressions_affecting_rule(rule_id, opts = {}) ⇒ Object

  Get suppressions affecting a specific rule.

• #get_suppressions_affecting_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>

  Get suppressions affecting a specific rule.

• #get_vulnerability_notification_rule(id, opts = {}) ⇒ Object

  Get details of a vulnerability notification rule.

• #get_vulnerability_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Get details of a vulnerability notification rule.

• #get_vulnerability_notification_rules(opts = {}) ⇒ Object

  Get the list of vulnerability notification rules.

• #get_vulnerability_notification_rules_with_http_info(opts = {}) ⇒ Array<(NotificationRulesListResponse, Integer, Hash)>

  Get the list of vulnerability notification rules.

• #initialize(api_client = DatadogAPIClient::APIClient.default) ⇒ SecurityMonitoringAPI constructor

  A new instance of SecurityMonitoringAPI.

• #list_assets_sbo_ms(opts = {}) ⇒ Object

  List assets SBOMs.

• #list_assets_sbo_ms_with_http_info(opts = {}) ⇒ Array<(ListAssetsSBOMsResponse, Integer, Hash)>

  List assets SBOMs.

• #list_findings(opts = {}) ⇒ Object

  List findings.

• #list_findings_with_http_info(opts = {}) ⇒ Array<(ListFindingsResponse, Integer, Hash)>

  List findings.

• #list_findings_with_pagination(opts = {}) {|Finding| ... } ⇒ Object

  List findings.

• #list_historical_jobs(opts = {}) ⇒ Object

  List historical jobs.

• #list_historical_jobs_with_http_info(opts = {}) ⇒ Array<(ListHistoricalJobsResponse, Integer, Hash)>

  List historical jobs.

• #list_indicators_of_compromise(opts = {}) ⇒ Object

  List indicators of compromise.

• #list_indicators_of_compromise_with_http_info(opts = {}) ⇒ Array<(IoCExplorerListResponse, Integer, Hash)>

  List indicators of compromise.

• #list_multiple_rulesets(body, opts = {}) ⇒ Object

  Ruleset get multiple.

• #list_multiple_rulesets_with_http_info(body, opts = {}) ⇒ Array<(GetMultipleRulesetsResponse, Integer, Hash)>

  Ruleset get multiple.

• #list_sample_log_generation_subscriptions(opts = {}) ⇒ Object

  Get sample log generation subscriptions.

• #list_sample_log_generation_subscriptions_with_http_info(opts = {}) ⇒ Array<(SampleLogGenerationSubscriptionsResponse, Integer, Hash)>

  Get sample log generation subscriptions.

• #list_scanned_assets_metadata(opts = {}) ⇒ Object

  List scanned assets metadata.

• #list_scanned_assets_metadata_with_http_info(opts = {}) ⇒ Array<(ScannedAssetsMetadata, Integer, Hash)>

  List scanned assets metadata.

• #list_security_filter_versions(opts = {}) ⇒ Object

  Get the version history of security filters.

• #list_security_filter_versions_with_http_info(opts = {}) ⇒ Array<(SecurityFilterVersionsResponse, Integer, Hash)>

  Get the version history of security filters.

• #list_security_filters(opts = {}) ⇒ Object

  Get all security filters.

• #list_security_filters_with_http_info(opts = {}) ⇒ Array<(SecurityFiltersResponse, Integer, Hash)>

  Get all security filters.

• #list_security_findings(opts = {}) ⇒ Object

  List security findings.

• #list_security_findings_with_http_info(opts = {}) ⇒ Array<(ListSecurityFindingsResponse, Integer, Hash)>

  List security findings.

• #list_security_findings_with_pagination(opts = {}) {|SecurityFindingsData| ... } ⇒ Object

  List security findings.

• #list_security_monitoring_critical_assets(opts = {}) ⇒ Object

  Get all critical assets.

• #list_security_monitoring_critical_assets_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>

  Get all critical assets.

• #list_security_monitoring_datasets(opts = {}) ⇒ Object

  List datasets.

• #list_security_monitoring_datasets_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringDatasetsListResponse, Integer, Hash)>

  List datasets.

• #list_security_monitoring_histsignals(opts = {}) ⇒ Object

  List hist signals.

• #list_security_monitoring_histsignals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  List hist signals.

• #list_security_monitoring_integration_configs(opts = {}) ⇒ Object

  List entity context sync configurations.

• #list_security_monitoring_integration_configs_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringIntegrationConfigsResponse, Integer, Hash)>

  List entity context sync configurations.

• #list_security_monitoring_rules(opts = {}) ⇒ Object

  List rules.

• #list_security_monitoring_rules_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringListRulesResponse, Integer, Hash)>

  List rules.

• #list_security_monitoring_signals(opts = {}) ⇒ Object

  Get a quick list of security signals.

• #list_security_monitoring_signals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  Get a quick list of security signals.

• #list_security_monitoring_signals_with_pagination(opts = {}) {|SecurityMonitoringSignal| ... } ⇒ Object

  Get a quick list of security signals.

• #list_security_monitoring_suppressions(opts = {}) ⇒ Object

  Get all suppression rules.

• #list_security_monitoring_suppressions_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringPaginatedSuppressionsResponse, Integer, Hash)>

  Get all suppression rules.

• #list_static_analysis_codegen_rulesets(opts = {}) ⇒ Object

  List codegen rulesets.

• #list_static_analysis_codegen_rulesets_with_http_info(opts = {}) ⇒ Array<(SastRulesetsResponse, Integer, Hash)>

  List codegen rulesets.

• #list_vulnerabilities(opts = {}) ⇒ Object

  List vulnerabilities.

• #list_vulnerabilities_with_http_info(opts = {}) ⇒ Array<(ListVulnerabilitiesResponse, Integer, Hash)> deprecated Deprecated.

  This API is deprecated.

• #list_vulnerable_assets(opts = {}) ⇒ Object

  List vulnerable assets.

• #list_vulnerable_assets_with_http_info(opts = {}) ⇒ Array<(ListVulnerableAssetsResponse, Integer, Hash)>

  List vulnerable assets.

• #mute_security_findings(body, opts = {}) ⇒ Object

  Mute or unmute security findings.

• #mute_security_findings_with_http_info(body, opts = {}) ⇒ Array<(MuteFindingsResponse, Integer, Hash)>

  Mute or unmute security findings.

• #patch_signal_notification_rule(id, body, opts = {}) ⇒ Object

  Patch a signal-based notification rule.

• #patch_signal_notification_rule_with_http_info(id, body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Patch a signal-based notification rule.

• #patch_vulnerability_notification_rule(id, body, opts = {}) ⇒ Object

  Patch a vulnerability-based notification rule.

• #patch_vulnerability_notification_rule_with_http_info(id, body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

  Patch a vulnerability-based notification rule.

• #restore_security_monitoring_rule(rule_id, version, opts = {}) ⇒ Object

  Restore a rule to a historical version.

• #restore_security_monitoring_rule_with_http_info(rule_id, version, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

  Restore a rule to a historical version.

• #run_historical_job(body, opts = {}) ⇒ Object

  Run a historical job.

• #run_historical_job_with_http_info(body, opts = {}) ⇒ Array<(JobCreateResponse, Integer, Hash)>

  Run a historical job.

• #search_security_findings(body, opts = {}) ⇒ Object

  Search security findings.

• #search_security_findings_with_http_info(body, opts = {}) ⇒ Array<(ListSecurityFindingsResponse, Integer, Hash)>

  Search security findings.

• #search_security_findings_with_pagination(body, opts = {}) {|SecurityFindingsData| ... } ⇒ Object

  Search security findings.

• #search_security_monitoring_histsignals(opts = {}) ⇒ Object

  Search hist signals.

• #search_security_monitoring_histsignals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  Search hist signals.

• #search_security_monitoring_signals(opts = {}) ⇒ Object

  Get a list of security signals.

• #search_security_monitoring_signals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

  Get a list of security signals.

• #search_security_monitoring_signals_with_pagination(opts = {}) {|SecurityMonitoringSignal| ... } ⇒ Object

  Get a list of security signals.

• #send_security_monitoring_notification_preview(body, opts = {}) ⇒ Object

  Test a notification rule.

• #send_security_monitoring_notification_preview_with_http_info(body, opts = {}) ⇒ Array<(NotificationRulePreviewResponse, Integer, Hash)>

  Test a notification rule.

• #test_existing_security_monitoring_rule(rule_id, body, opts = {}) ⇒ Object

  Test an existing rule.

• #test_existing_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) ⇒ Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>

  Test an existing rule.

• #test_security_monitoring_rule(body, opts = {}) ⇒ Object

  Test a rule.

• #test_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>

  Test a rule.

• #update_custom_framework(handle, version, body, opts = {}) ⇒ Object

  Update a custom framework.

• #update_custom_framework_with_http_info(handle, version, body, opts = {}) ⇒ Array<(UpdateCustomFrameworkResponse, Integer, Hash)>

  Update a custom framework.

• #update_findings_assignee(body, opts = {}) ⇒ Object

  Assign or unassign security findings.

• #update_findings_assignee_with_http_info(body, opts = {}) ⇒ Array<(AssigneeResponse, Integer, Hash)>

  Assign or unassign security findings.

• #update_resource_evaluation_filters(body, opts = {}) ⇒ Object

  Update resource filters.

• #update_resource_evaluation_filters_with_http_info(body, opts = {}) ⇒ Array<(UpdateResourceEvaluationFiltersResponse, Integer, Hash)>

  Update resource filters.

• #update_security_filter(security_filter_id, body, opts = {}) ⇒ Object

  Update a security filter.

• #update_security_filter_with_http_info(security_filter_id, body, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

  Update a security filter.

• #update_security_monitoring_critical_asset(critical_asset_id, body, opts = {}) ⇒ Object

  Update a critical asset.

• #update_security_monitoring_critical_asset_with_http_info(critical_asset_id, body, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

  Update a critical asset.

• #update_security_monitoring_dataset(dataset_id, body, opts = {}) ⇒ Object

  Update a dataset.

• #update_security_monitoring_dataset_with_http_info(dataset_id, body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Update a dataset.

• #update_security_monitoring_integration_config(integration_config_id, body, opts = {}) ⇒ Object

  Update an entity context sync configuration.

• #update_security_monitoring_integration_config_with_http_info(integration_config_id, body, opts = {}) ⇒ Array<(SecurityMonitoringIntegrationConfigResponse, Integer, Hash)>

  Update an entity context sync configuration.

• #update_security_monitoring_rule(rule_id, body, opts = {}) ⇒ Object

  Update an existing rule.

• #update_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

  Update an existing rule.

• #update_security_monitoring_suppression(suppression_id, body, opts = {}) ⇒ Object

  Update a suppression rule.

• #update_security_monitoring_suppression_with_http_info(suppression_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

  Update a suppression rule.

• #validate_security_monitoring_integration_config(integration_config_id, opts = {}) ⇒ Object

  Validate an entity context sync configuration.

• #validate_security_monitoring_integration_config_with_http_info(integration_config_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Validate an entity context sync configuration.

• #validate_security_monitoring_integration_credentials(body, opts = {}) ⇒ Object

  Validate entity context sync credentials.

• #validate_security_monitoring_integration_credentials_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Validate entity context sync credentials.

• #validate_security_monitoring_rule(body, opts = {}) ⇒ Object

  Validate a detection rule.

• #validate_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Validate a detection rule.

• #validate_security_monitoring_suppression(body, opts = {}) ⇒ Object

  Validate a suppression rule.

• #validate_security_monitoring_suppression_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

  Validate a suppression rule.

Constructor Details

#initialize(api_client = DatadogAPIClient::APIClient.default) ⇒ SecurityMonitoringAPI

Returns a new instance of SecurityMonitoringAPI.

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 22

def initialize(api_client = DatadogAPIClient::APIClient.default)
  @api_client = api_client
end

Instance Attribute Details

#api_client ⇒ Object

Returns the value of attribute api_client.

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 20

def api_client
  @api_client
end

Instance Method Details

#activate_content_pack(content_pack_id, opts = {}) ⇒ Object

Activate content pack.

See Also:

• #activate_content_pack_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 29

def activate_content_pack(content_pack_id, opts = {})
  activate_content_pack_with_http_info(content_pack_id, opts)
  nil
end

#activate_content_pack_with_http_info(content_pack_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Activate content pack.

Activate a Cloud SIEM content pack. This operation configures the necessary log filters or security filters depending on the pricing model and updates the content pack activation state.

Parameters:

• content_pack_id (String) —

  The ID of the content pack to activate (for example, ‘aws-cloudtrail`).

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 43

def activate_content_pack_with_http_info(content_pack_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.activate_content_pack".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.activate_content_pack")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.activate_content_pack"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.activate_content_pack ...'
  end
  # verify the required parameter 'content_pack_id' is set
  if @api_client.config.client_side_validation && content_pack_id.nil?
    fail ArgumentError, "Missing the required parameter 'content_pack_id' when calling SecurityMonitoringAPI.activate_content_pack"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/content_packs/{content_pack_id}/activate'.sub('{content_pack_id}', CGI.escape(content_pack_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :activate_content_pack,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Put, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#activate_content_pack\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#attach_case(case_id, body, opts = {}) ⇒ Object

Attach security findings to a case.

See Also:

• #attach_case_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 102

def attach_case(case_id, body, opts = {})
  data, _status_code, _headers = attach_case_with_http_info(case_id, body, opts)
  data
end

#attach_case_with_http_info(case_id, body, opts = {}) ⇒ Array<(FindingCaseResponse, Integer, Hash)>

Attach security findings to a case.

Attach security findings to a case. You can attach up to 50 security findings per case. Security findings that are already attached to another case will be detached from their previous case and attached to the specified case.

Parameters:

• case_id (String) —

  Unique identifier of the case to attach security findings to

• body (AttachCaseRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(FindingCaseResponse, Integer, Hash)>) —

  FindingCaseResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 116

def attach_case_with_http_info(case_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.attach_case ...'
  end
  # verify the required parameter 'case_id' is set
  if @api_client.config.client_side_validation && case_id.nil?
    fail ArgumentError, "Missing the required parameter 'case_id' when calling SecurityMonitoringAPI.attach_case"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.attach_case"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/cases/{case_id}'.sub('{case_id}', CGI.escape(case_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'FindingCaseResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :attach_case,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#attach_case\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#attach_jira_issue(body, opts = {}) ⇒ Object

Attach security findings to a Jira issue.

See Also:

• #attach_jira_issue_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 175

def attach_jira_issue(body, opts = {})
  data, _status_code, _headers = attach_jira_issue_with_http_info(body, opts)
  data
end

#attach_jira_issue_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponse, Integer, Hash)>

Attach security findings to a Jira issue.

Attach security findings to a Jira issue by providing the Jira issue URL. You can attach up to 50 security findings per Jira issue. If the Jira issue is not linked to any case, this operation will create a case for the security findings and link the Jira issue to the newly created case. To configure the Jira integration, see [Bidirectional ticket syncing with Jira](docs.datadoghq.com/security/ticketing_integrations/#bidirectional-ticket-syncing-with-jira). Security findings that are already attached to another Jira issue will be detached from their previous Jira issue and attached to the specified Jira issue.

Parameters:

• body (AttachJiraIssueRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(FindingCaseResponse, Integer, Hash)>) —

  FindingCaseResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 188

def attach_jira_issue_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.attach_jira_issue ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.attach_jira_issue"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/jira_issues'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'FindingCaseResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :attach_jira_issue,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#attach_jira_issue\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#attach_service_now_ticket(body, opts = {}) ⇒ Object

Attach security findings to a ServiceNow ticket.

See Also:

• #attach_service_now_ticket_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 243

def attach_service_now_ticket(body, opts = {})
  data, _status_code, _headers = attach_service_now_ticket_with_http_info(body, opts)
  data
end

#attach_service_now_ticket_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponse, Integer, Hash)>

Attach security findings to a ServiceNow ticket.

Attach security findings to a ServiceNow ticket by providing the ServiceNow ticket URL. You can attach up to 50 security findings per ServiceNow ticket. If the ServiceNow ticket is not linked to any case, this operation will create a case for the security findings and link the ServiceNow ticket to the newly created case. Security findings that are already attached to another ServiceNow ticket will be detached from their previous ServiceNow ticket and attached to the specified ServiceNow ticket.

Parameters:

• body (AttachServiceNowTicketRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(FindingCaseResponse, Integer, Hash)>) —

  FindingCaseResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 256

def attach_service_now_ticket_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.attach_service_now_ticket".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.attach_service_now_ticket")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.attach_service_now_ticket"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.attach_service_now_ticket ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.attach_service_now_ticket"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/servicenow_tickets'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'FindingCaseResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :attach_service_now_ticket,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#attach_service_now_ticket\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#batch_get_security_monitoring_dataset_dependencies(body, opts = {}) ⇒ Object

Get dataset dependencies.

See Also:

• #batch_get_security_monitoring_dataset_dependencies_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 317

def batch_get_security_monitoring_dataset_dependencies(body, opts = {})
  data, _status_code, _headers = batch_get_security_monitoring_dataset_dependencies_with_http_info(body, opts)
  data
end

#batch_get_security_monitoring_dataset_dependencies_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringDatasetDependenciesResponse, Integer, Hash)>

Get dataset dependencies.

Return, for each of the requested datasets, the list of detection rules that depend on it. Useful for understanding the impact of updating or deleting a dataset.

Parameters:

• body (SecurityMonitoringDatasetDependenciesRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringDatasetDependenciesResponse, Integer, Hash)>) —

  SecurityMonitoringDatasetDependenciesResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 330

def batch_get_security_monitoring_dataset_dependencies_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.batch_get_security_monitoring_dataset_dependencies".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.batch_get_security_monitoring_dataset_dependencies")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.batch_get_security_monitoring_dataset_dependencies"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.batch_get_security_monitoring_dataset_dependencies ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.batch_get_security_monitoring_dataset_dependencies"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/datasets/dependencies'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringDatasetDependenciesResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :batch_get_security_monitoring_dataset_dependencies,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#batch_get_security_monitoring_dataset_dependencies\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#bulk_convert_existing_security_monitoring_rules(body, opts = {}) ⇒ Object

Bulk convert rules to Terraform.

See Also:

• #bulk_convert_existing_security_monitoring_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 391

def bulk_convert_existing_security_monitoring_rules(body, opts = {})
  data, _status_code, _headers = bulk_convert_existing_security_monitoring_rules_with_http_info(body, opts)
  data
end

#bulk_convert_existing_security_monitoring_rules_with_http_info(body, opts = {}) ⇒ Array<(File, Integer, Hash)>

Bulk convert rules to Terraform.

Convert a list of existing security monitoring rules to Terraform for the Datadog provider resource ‘datadog_security_monitoring_rule`. Returns a ZIP archive containing one Terraform file per rule. You can convert rules for the following types:

• App and API Protection

• Cloud SIEM (log detection and signal correlation)

• Workload Protection

Parameters:

• body (SecurityMonitoringRuleConvertBulkPayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(File, Integer, Hash)>) —

  File data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 408

def bulk_convert_existing_security_monitoring_rules_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.bulk_convert_existing_security_monitoring_rules ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.bulk_convert_existing_security_monitoring_rules"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/convert/bulk'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/zip', 'application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'File'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :bulk_convert_existing_security_monitoring_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#bulk_convert_existing_security_monitoring_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#bulk_create_sample_log_generation_subscriptions(body, opts = {}) ⇒ Object

Bulk subscribe to sample log generation.

See Also:

• #bulk_create_sample_log_generation_subscriptions_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 463

def bulk_create_sample_log_generation_subscriptions(body, opts = {})
  data, _status_code, _headers = bulk_create_sample_log_generation_subscriptions_with_http_info(body, opts)
  data
end

#bulk_create_sample_log_generation_subscriptions_with_http_info(body, opts = {}) ⇒ Array<(SampleLogGenerationBulkSubscriptionResponse, Integer, Hash)>

Bulk subscribe to sample log generation.

Subscribe to sample log generation for multiple Cloud SIEM content packs in a single call. Each requested content pack is processed independently; the response includes a per-item status so partial successes can be inspected.

Availability: this endpoint is restricted to Cloud SIEM trial organizations on an eligible pricing model. Non-trial orgs receive ‘403 Forbidden`, the feature flag may also reject requests with `400 Bad Request`, and legacy pricing tiers receive per-item responses with `status: not_available`.

Parameters:

• body (SampleLogGenerationBulkSubscriptionRequest) —

  The content packs to subscribe to and the desired duration of the subscriptions.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SampleLogGenerationBulkSubscriptionResponse, Integer, Hash)>) —

  SampleLogGenerationBulkSubscriptionResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 481

def bulk_create_sample_log_generation_subscriptions_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.bulk_create_sample_log_generation_subscriptions".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.bulk_create_sample_log_generation_subscriptions")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.bulk_create_sample_log_generation_subscriptions"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.bulk_create_sample_log_generation_subscriptions ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.bulk_create_sample_log_generation_subscriptions"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/sample_log_generation/subscriptions/bulk'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SampleLogGenerationBulkSubscriptionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :bulk_create_sample_log_generation_subscriptions,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#bulk_create_sample_log_generation_subscriptions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#bulk_delete_security_monitoring_rules(body, opts = {}) ⇒ Object

Bulk delete security monitoring rules.

See Also:

• #bulk_delete_security_monitoring_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 542

def bulk_delete_security_monitoring_rules(body, opts = {})
  data, _status_code, _headers = bulk_delete_security_monitoring_rules_with_http_info(body, opts)
  data
end

#bulk_delete_security_monitoring_rules_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleBulkDeleteResponse, Integer, Hash)>

Bulk delete security monitoring rules.

Delete multiple security monitoring rules in a single request. Default rules cannot be deleted.

Parameters:

• body (SecurityMonitoringRuleBulkDeletePayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleBulkDeleteResponse, Integer, Hash)>) —

  SecurityMonitoringRuleBulkDeleteResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 554

def bulk_delete_security_monitoring_rules_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.bulk_delete_security_monitoring_rules ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.bulk_delete_security_monitoring_rules"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/bulk_delete'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleBulkDeleteResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :bulk_delete_security_monitoring_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#bulk_delete_security_monitoring_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#bulk_edit_security_monitoring_signals(body, opts = {}) ⇒ Object

Bulk update security signals.

See Also:

• #bulk_edit_security_monitoring_signals_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 609

def bulk_edit_security_monitoring_signals(body, opts = {})
  data, _status_code, _headers = bulk_edit_security_monitoring_signals_with_http_info(body, opts)
  data
end

#bulk_edit_security_monitoring_signals_assignee(body, opts = {}) ⇒ Object

Bulk update triage assignee of security signals.

See Also:

• #bulk_edit_security_monitoring_signals_assignee_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 677

def bulk_edit_security_monitoring_signals_assignee(body, opts = {})
  data, _status_code, _headers = bulk_edit_security_monitoring_signals_assignee_with_http_info(body, opts)
  data
end

#bulk_edit_security_monitoring_signals_assignee_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>

Bulk update triage assignee of security signals.

Change the triage assignees of multiple security signals at once. The maximum number of signals that can be updated in a single request is 199.

Parameters:

• body (SecurityMonitoringSignalsBulkAssigneeUpdateRequest) —

  Attributes describing the signal assignee updates.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsBulkTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 690

def bulk_edit_security_monitoring_signals_assignee_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.bulk_edit_security_monitoring_signals_assignee ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.bulk_edit_security_monitoring_signals_assignee"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/bulk/assignee'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsBulkTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :bulk_edit_security_monitoring_signals_assignee,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#bulk_edit_security_monitoring_signals_assignee\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#bulk_edit_security_monitoring_signals_state(body, opts = {}) ⇒ Object

Bulk update triage state of security signals.

See Also:

• #bulk_edit_security_monitoring_signals_state_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 745

def bulk_edit_security_monitoring_signals_state(body, opts = {})
  data, _status_code, _headers = bulk_edit_security_monitoring_signals_state_with_http_info(body, opts)
  data
end

#bulk_edit_security_monitoring_signals_state_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>

Bulk update triage state of security signals.

Change the triage states of multiple security signals at once. The maximum number of signals that can be updated in a single request is 199.

Parameters:

• body (SecurityMonitoringSignalsBulkStateUpdateRequest) —

  Attributes describing the signal state updates.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsBulkTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 758

def bulk_edit_security_monitoring_signals_state_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.bulk_edit_security_monitoring_signals_state ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.bulk_edit_security_monitoring_signals_state"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/bulk/state'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsBulkTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :bulk_edit_security_monitoring_signals_state,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#bulk_edit_security_monitoring_signals_state\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#bulk_edit_security_monitoring_signals_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>

Bulk update security signals.

Update the triage state or assignee of multiple security signals at once. The maximum number of signals that can be updated in a single request is 199.

Parameters:

• body (SecurityMonitoringSignalsBulkUpdateRequest) —

  Attributes describing the signal updates.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalsBulkTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsBulkTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 622

def bulk_edit_security_monitoring_signals_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.bulk_edit_security_monitoring_signals ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.bulk_edit_security_monitoring_signals"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/bulk/update'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsBulkTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :bulk_edit_security_monitoring_signals,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#bulk_edit_security_monitoring_signals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#bulk_export_security_monitoring_rules(body, opts = {}) ⇒ Object

Bulk export security monitoring rules.

See Also:

• #bulk_export_security_monitoring_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 813

def bulk_export_security_monitoring_rules(body, opts = {})
  data, _status_code, _headers = bulk_export_security_monitoring_rules_with_http_info(body, opts)
  data
end

#bulk_export_security_monitoring_rules_with_http_info(body, opts = {}) ⇒ Array<(File, Integer, Hash)>

Bulk export security monitoring rules.

Export a list of security monitoring rules as a ZIP file containing JSON rule definitions. The endpoint accepts a list of rule IDs and returns a ZIP archive where each rule is saved as a separate JSON file named after the rule.

Parameters:

• body (SecurityMonitoringRuleBulkExportPayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(File, Integer, Hash)>) —

  File data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 827

def bulk_export_security_monitoring_rules_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.bulk_export_security_monitoring_rules ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.bulk_export_security_monitoring_rules"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/bulk_export'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/zip', 'application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'File'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :bulk_export_security_monitoring_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#bulk_export_security_monitoring_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#bulk_export_security_monitoring_terraform_resources(resource_type, body, opts = {}) ⇒ Object

Export security monitoring resources to Terraform.

See Also:

• #bulk_export_security_monitoring_terraform_resources_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 882

def bulk_export_security_monitoring_terraform_resources(resource_type, body, opts = {})
  data, _status_code, _headers = bulk_export_security_monitoring_terraform_resources_with_http_info(resource_type, body, opts)
  data
end

#bulk_export_security_monitoring_terraform_resources_with_http_info(resource_type, body, opts = {}) ⇒ Array<(File, Integer, Hash)>

Export security monitoring resources to Terraform.

Export multiple security monitoring resources to Terraform, packaged as a zip archive. The ‘resource_type` path parameter specifies the type of resources to export and must be one of `suppressions` or `critical_assets`. A maximum of 1000 resources can be exported in a single request.

Parameters:

• resource_type (SecurityMonitoringTerraformResourceType) —

  The type of security monitoring resource to export.

• body (SecurityMonitoringTerraformBulkExportRequest) —

  The resource IDs to export.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(File, Integer, Hash)>) —

  File data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 898

def bulk_export_security_monitoring_terraform_resources_with_http_info(resource_type, body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.bulk_export_security_monitoring_terraform_resources".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.bulk_export_security_monitoring_terraform_resources")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.bulk_export_security_monitoring_terraform_resources"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.bulk_export_security_monitoring_terraform_resources ...'
  end
  # verify the required parameter 'resource_type' is set
  if @api_client.config.client_side_validation && resource_type.nil?
    fail ArgumentError, "Missing the required parameter 'resource_type' when calling SecurityMonitoringAPI.bulk_export_security_monitoring_terraform_resources"
  end
  # verify enum value
  allowable_values = ['suppressions', 'critical_assets']
  if @api_client.config.client_side_validation && !allowable_values.include?(resource_type)
    fail ArgumentError, "invalid value for \"resource_type\", must be one of #{allowable_values}"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.bulk_export_security_monitoring_terraform_resources"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/terraform/{resource_type}/bulk'.sub('{resource_type}', CGI.escape(resource_type.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/zip', 'application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'File'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :bulk_export_security_monitoring_terraform_resources,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#bulk_export_security_monitoring_terraform_resources\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#cancel_historical_job(job_id, opts = {}) ⇒ Object

Cancel a historical job.

See Also:

• #cancel_historical_job_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 968

def cancel_historical_job(job_id, opts = {})
  cancel_historical_job_with_http_info(job_id, opts)
  nil
end

#cancel_historical_job_with_http_info(job_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Cancel a historical job.

Cancel a historical job.

Parameters:

• job_id (String) —

  The ID of the job.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 980

def cancel_historical_job_with_http_info(job_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.cancel_historical_job".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.cancel_historical_job")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.cancel_historical_job"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.cancel_historical_job ...'
  end
  # verify the required parameter 'job_id' is set
  if @api_client.config.client_side_validation && job_id.nil?
    fail ArgumentError, "Missing the required parameter 'job_id' when calling SecurityMonitoringAPI.cancel_historical_job"
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/jobs/{job_id}/cancel'.sub('{job_id}', CGI.escape(job_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :cancel_historical_job,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#cancel_historical_job\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#convert_existing_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

Convert an existing rule from JSON to Terraform.

See Also:

• #convert_existing_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1039

def convert_existing_security_monitoring_rule(rule_id, opts = {})
  data, _status_code, _headers = convert_existing_security_monitoring_rule_with_http_info(rule_id, opts)
  data
end

#convert_existing_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>

Convert an existing rule from JSON to Terraform.

Convert an existing rule from JSON to Terraform for Datadog provider resource ‘datadog_security_monitoring_rule`. You can do so for the following rule types:

• App and API Protection

• Cloud SIEM (log detection and signal correlation)

• Workload Protection

You can convert Cloud Security configuration rules using Terraform’s [Datadog Cloud Configuration Rule resource](registry.terraform.io/providers/DataDog/datadog/latest/docs/resources/cloud_configuration_rule).

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>) —

  SecurityMonitoringRuleConvertResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1057

def convert_existing_security_monitoring_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.convert_existing_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.convert_existing_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}/convert'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleConvertResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :convert_existing_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#convert_existing_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#convert_job_result_to_signal(body, opts = {}) ⇒ Object

Convert a job result to a signal.

See Also:

• #convert_job_result_to_signal_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1110

def convert_job_result_to_signal(body, opts = {})
  convert_job_result_to_signal_with_http_info(body, opts)
  nil
end

#convert_job_result_to_signal_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Convert a job result to a signal.

Convert a job result to a signal.

Parameters:

• body (ConvertJobResultsToSignalsRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1122

def convert_job_result_to_signal_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.convert_job_result_to_signal".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.convert_job_result_to_signal")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.convert_job_result_to_signal"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.convert_job_result_to_signal ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.convert_job_result_to_signal"
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/jobs/signal_convert'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :convert_job_result_to_signal,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#convert_job_result_to_signal\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#convert_security_monitoring_rule_from_json_to_terraform(body, opts = {}) ⇒ Object

Convert a rule from JSON to Terraform.

See Also:

• #convert_security_monitoring_rule_from_json_to_terraform_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1183

def convert_security_monitoring_rule_from_json_to_terraform(body, opts = {})
  data, _status_code, _headers = convert_security_monitoring_rule_from_json_to_terraform_with_http_info(body, opts)
  data
end

#convert_security_monitoring_rule_from_json_to_terraform_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>

Convert a rule from JSON to Terraform.

Convert a rule that doesn’t (yet) exist from JSON to Terraform for Datadog provider resource ‘datadog_security_monitoring_rule`. You can do so for the following rule types:

• App and API Protection

• Cloud SIEM (log detection and signal correlation)

• Workload Protection

You can convert Cloud Security configuration rules using Terraform’s [Datadog Cloud Configuration Rule resource](registry.terraform.io/providers/DataDog/datadog/latest/docs/resources/cloud_configuration_rule).

Parameters:

• body (SecurityMonitoringRuleConvertPayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleConvertResponse, Integer, Hash)>) —

  SecurityMonitoringRuleConvertResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1201

def convert_security_monitoring_rule_from_json_to_terraform_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.convert_security_monitoring_rule_from_json_to_terraform ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.convert_security_monitoring_rule_from_json_to_terraform"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/convert'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleConvertResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :convert_security_monitoring_rule_from_json_to_terraform,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#convert_security_monitoring_rule_from_json_to_terraform\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#convert_security_monitoring_terraform_resource(resource_type, body, opts = {}) ⇒ Object

Convert security monitoring resource to Terraform.

See Also:

• #convert_security_monitoring_terraform_resource_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1256

def convert_security_monitoring_terraform_resource(resource_type, body, opts = {})
  data, _status_code, _headers = convert_security_monitoring_terraform_resource_with_http_info(resource_type, body, opts)
  data
end

#convert_security_monitoring_terraform_resource_with_http_info(resource_type, body, opts = {}) ⇒ Array<(SecurityMonitoringTerraformExportResponse, Integer, Hash)>

Convert security monitoring resource to Terraform.

Convert a security monitoring resource that doesn’t (yet) exist from JSON to Terraform. The ‘resource_type` path parameter specifies the type of resource to convert and must be one of `suppressions` or `critical_assets`.

Parameters:

• resource_type (SecurityMonitoringTerraformResourceType) —

  The type of security monitoring resource to export.

• body (SecurityMonitoringTerraformConvertRequest) —

  The resource JSON to convert.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringTerraformExportResponse, Integer, Hash)>) —

  SecurityMonitoringTerraformExportResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1271

def convert_security_monitoring_terraform_resource_with_http_info(resource_type, body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.convert_security_monitoring_terraform_resource".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.convert_security_monitoring_terraform_resource")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.convert_security_monitoring_terraform_resource"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.convert_security_monitoring_terraform_resource ...'
  end
  # verify the required parameter 'resource_type' is set
  if @api_client.config.client_side_validation && resource_type.nil?
    fail ArgumentError, "Missing the required parameter 'resource_type' when calling SecurityMonitoringAPI.convert_security_monitoring_terraform_resource"
  end
  # verify enum value
  allowable_values = ['suppressions', 'critical_assets']
  if @api_client.config.client_side_validation && !allowable_values.include?(resource_type)
    fail ArgumentError, "invalid value for \"resource_type\", must be one of #{allowable_values}"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.convert_security_monitoring_terraform_resource"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/terraform/{resource_type}/convert'.sub('{resource_type}', CGI.escape(resource_type.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringTerraformExportResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :convert_security_monitoring_terraform_resource,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#convert_security_monitoring_terraform_resource\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_cases(body, opts = {}) ⇒ Object

Create cases for security findings.

See Also:

• #create_cases_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1341

def create_cases(body, opts = {})
  data, _status_code, _headers = create_cases_with_http_info(body, opts)
  data
end

#create_cases_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponseArray, Integer, Hash)>

Create cases for security findings.

Create cases for security findings. You can create up to 50 cases per request and associate up to 50 security findings per case. Security findings that are already attached to another case will be detached from their previous case and attached to the newly created case.

Parameters:

• body (CreateCaseRequestArray)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(FindingCaseResponseArray, Integer, Hash)>) —

  FindingCaseResponseArray data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1354

def create_cases_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_cases ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_cases"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/cases'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'FindingCaseResponseArray'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_cases,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_cases\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_custom_framework(body, opts = {}) ⇒ Object

Create a custom framework.

See Also:

• #create_custom_framework_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1409

def create_custom_framework(body, opts = {})
  data, _status_code, _headers = create_custom_framework_with_http_info(body, opts)
  data
end

#create_custom_framework_with_http_info(body, opts = {}) ⇒ Array<(CreateCustomFrameworkResponse, Integer, Hash)>

Create a custom framework.

Create a custom framework.

Parameters:

• body (CreateCustomFrameworkRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(CreateCustomFrameworkResponse, Integer, Hash)>) —

  CreateCustomFrameworkResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1421

def create_custom_framework_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_custom_framework ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_custom_framework"
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/custom_frameworks'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'CreateCustomFrameworkResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_custom_framework,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_custom_framework\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_io_c_triage_state(body, opts = {}) ⇒ Object

Create or update an indicator triage state.

See Also:

• #create_io_c_triage_state_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1476

def create_io_c_triage_state(body, opts = {})
  data, _status_code, _headers = create_io_c_triage_state_with_http_info(body, opts)
  data
end

#create_io_c_triage_state_with_http_info(body, opts = {}) ⇒ Array<(IoCTriageWriteResponse, Integer, Hash)>

Create or update an indicator triage state.

Set the triage state of an indicator of compromise (IoC). This creates or updates the triage state for the indicator in your organization.

Parameters:

• body (IoCTriageWriteRequest) —

  The triage state to set for the indicator.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(IoCTriageWriteResponse, Integer, Hash)>) —

  IoCTriageWriteResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1489

def create_io_c_triage_state_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.create_io_c_triage_state".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.create_io_c_triage_state")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.create_io_c_triage_state"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_io_c_triage_state ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_io_c_triage_state"
  end
  # resource path
  local_var_path = '/api/v2/security/siem/ioc-explorer/triage'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'IoCTriageWriteResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_io_c_triage_state,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_io_c_triage_state\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_jira_issues(body, opts = {}) ⇒ Object

Create Jira issues for security findings.

See Also:

• #create_jira_issues_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1550

def create_jira_issues(body, opts = {})
  data, _status_code, _headers = create_jira_issues_with_http_info(body, opts)
  data
end

#create_jira_issues_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponseArray, Integer, Hash)>

Create Jira issues for security findings.

Create Jira issues for security findings. This operation creates a case in Datadog and a Jira issue linked to that case for bidirectional sync between Datadog and Jira. To configure the Jira integration, see [Bidirectional ticket syncing with Jira](docs.datadoghq.com/security/ticketing_integrations/#bidirectional-ticket-syncing-with-jira). You can create up to 50 Jira issues per request and associate up to 50 security findings per Jira issue. Security findings that are already attached to another Jira issue will be detached from their previous Jira issue and attached to the newly created Jira issue.

Parameters:

• body (CreateJiraIssueRequestArray)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(FindingCaseResponseArray, Integer, Hash)>) —

  FindingCaseResponseArray data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1563

def create_jira_issues_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_jira_issues ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_jira_issues"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/jira_issues'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'FindingCaseResponseArray'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_jira_issues,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_jira_issues\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_sample_log_generation_subscription(body, opts = {}) ⇒ Object

Subscribe to sample log generation.

See Also:

• #create_sample_log_generation_subscription_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1618

def create_sample_log_generation_subscription(body, opts = {})
  data, _status_code, _headers = create_sample_log_generation_subscription_with_http_info(body, opts)
  data
end

#create_sample_log_generation_subscription_with_http_info(body, opts = {}) ⇒ Array<(SampleLogGenerationSubscriptionResponse, Integer, Hash)>

Subscribe to sample log generation.

Subscribe to sample log generation for a Cloud SIEM content pack. Sample logs for the requested content pack are injected into the Logs platform for the duration of the subscription, so detection rules can be exercised without onboarding the underlying integration first.

Availability: this endpoint is restricted to Cloud SIEM trial organizations on an eligible pricing model. Non-trial orgs receive ‘403 Forbidden`, the feature flag may also reject requests with `400 Bad Request`, and legacy pricing tiers receive a response with `status: not_available`.

Parameters:

• body (SampleLogGenerationSubscriptionCreateRequest) —

  The content pack to subscribe to and the desired duration of the subscription.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SampleLogGenerationSubscriptionResponse, Integer, Hash)>) —

  SampleLogGenerationSubscriptionResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1636

def create_sample_log_generation_subscription_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.create_sample_log_generation_subscription".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.create_sample_log_generation_subscription")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.create_sample_log_generation_subscription"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_sample_log_generation_subscription ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_sample_log_generation_subscription"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/sample_log_generation/subscriptions'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SampleLogGenerationSubscriptionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_sample_log_generation_subscription,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_sample_log_generation_subscription\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_filter(body, opts = {}) ⇒ Object

Create a security filter.

See Also:

• #create_security_filter_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1697

def create_security_filter(body, opts = {})
  data, _status_code, _headers = create_security_filter_with_http_info(body, opts)
  data
end

#create_security_filter_with_http_info(body, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

Create a security filter.

Create a security filter.

See the [security filter guide](docs.datadoghq.com/security_platform/guide/how-to-setup-security-filters-using-security-monitoring-api/) for more examples.

Parameters:

• body (SecurityFilterCreateRequest) —

  The definition of the new security filter.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFilterResponse, Integer, Hash)>) —

  SecurityFilterResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1712

def create_security_filter_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_filter ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_filter"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFilterResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_security_filter,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_monitoring_critical_asset(body, opts = {}) ⇒ Object

Create a critical asset.

See Also:

• #create_security_monitoring_critical_asset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1767

def create_security_monitoring_critical_asset(body, opts = {})
  data, _status_code, _headers = create_security_monitoring_critical_asset_with_http_info(body, opts)
  data
end

#create_security_monitoring_critical_asset_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

Create a critical asset.

Create a new critical asset.

Parameters:

• body (SecurityMonitoringCriticalAssetCreateRequest) —

  The definition of the new critical asset.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>) —

  SecurityMonitoringCriticalAssetResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1779

def create_security_monitoring_critical_asset_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_monitoring_critical_asset ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_monitoring_critical_asset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_security_monitoring_critical_asset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_monitoring_critical_asset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_monitoring_dataset(body, opts = {}) ⇒ Object

Create a dataset.

See Also:

• #create_security_monitoring_dataset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1834

def create_security_monitoring_dataset(body, opts = {})
  data, _status_code, _headers = create_security_monitoring_dataset_with_http_info(body, opts)
  data
end

#create_security_monitoring_dataset_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringDatasetCreateResponse, Integer, Hash)>

Create a dataset.

Create a new Cloud SIEM dataset. A dataset bundles a data source, a set of indexes, and a search query that can be referenced from detection rules.

Parameters:

• body (SecurityMonitoringDatasetCreateRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringDatasetCreateResponse, Integer, Hash)>) —

  SecurityMonitoringDatasetCreateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1847

def create_security_monitoring_dataset_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.create_security_monitoring_dataset".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.create_security_monitoring_dataset")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.create_security_monitoring_dataset"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_monitoring_dataset ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_monitoring_dataset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/datasets'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringDatasetCreateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_security_monitoring_dataset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_monitoring_dataset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_monitoring_integration_config(body, opts = {}) ⇒ Object

Create an entity context sync configuration.

See Also:

• #create_security_monitoring_integration_config_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1908

def create_security_monitoring_integration_config(body, opts = {})
  data, _status_code, _headers = create_security_monitoring_integration_config_with_http_info(body, opts)
  data
end

#create_security_monitoring_integration_config_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringIntegrationConfigResponse, Integer, Hash)>

Create an entity context sync configuration.

Create a new entity context sync configuration so Cloud SIEM can ingest entities from an external source. The credentials provided in ‘secrets` are validated against the source before the configuration is stored and never returned in subsequent responses.

Parameters:

• body (SecurityMonitoringIntegrationConfigCreateRequest) —

  The definition of the new integration configuration.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringIntegrationConfigResponse, Integer, Hash)>) —

  SecurityMonitoringIntegrationConfigResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1922

def create_security_monitoring_integration_config_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.create_security_monitoring_integration_config".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.create_security_monitoring_integration_config")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.create_security_monitoring_integration_config"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_monitoring_integration_config ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_monitoring_integration_config"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/integration_config'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringIntegrationConfigResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_security_monitoring_integration_config,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_monitoring_integration_config\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_monitoring_rule(body, opts = {}) ⇒ Object

Create a detection rule.

See Also:

• #create_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1983

def create_security_monitoring_rule(body, opts = {})
  data, _status_code, _headers = create_security_monitoring_rule_with_http_info(body, opts)
  data
end

#create_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

Create a detection rule.

Create a detection rule.

Parameters:

• body (SecurityMonitoringRuleCreatePayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleResponse, Integer, Hash)>) —

  SecurityMonitoringRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 1995

def create_security_monitoring_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_monitoring_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_security_monitoring_suppression(body, opts = {}) ⇒ Object

Create a suppression rule.

See Also:

• #create_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2050

def create_security_monitoring_suppression(body, opts = {})
  data, _status_code, _headers = create_security_monitoring_suppression_with_http_info(body, opts)
  data
end

#create_security_monitoring_suppression_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

Create a suppression rule.

Create a new suppression rule.

Parameters:

• body (SecurityMonitoringSuppressionCreateRequest) —

  The definition of the new suppression rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2062

def create_security_monitoring_suppression_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_monitoring_suppression ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_service_now_tickets(body, opts = {}) ⇒ Object

Create ServiceNow tickets for security findings.

See Also:

• #create_service_now_tickets_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2117

def create_service_now_tickets(body, opts = {})
  data, _status_code, _headers = create_service_now_tickets_with_http_info(body, opts)
  data
end

#create_service_now_tickets_with_http_info(body, opts = {}) ⇒ Array<(FindingCaseResponseArray, Integer, Hash)>

Create ServiceNow tickets for security findings.

Create ServiceNow tickets for security findings. This operation creates a case in Datadog and a ServiceNow ticket linked to that case for bidirectional sync between Datadog and ServiceNow. You can create up to 50 ServiceNow tickets per request and associate up to 50 security findings per ServiceNow ticket. Security findings that are already attached to another ServiceNow ticket will be detached from their previous ServiceNow ticket and attached to the newly created ServiceNow ticket.

Parameters:

• body (CreateServiceNowTicketRequestArray)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(FindingCaseResponseArray, Integer, Hash)>) —

  FindingCaseResponseArray data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2130

def create_service_now_tickets_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.create_service_now_tickets".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.create_service_now_tickets")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.create_service_now_tickets"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_service_now_tickets ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_service_now_tickets"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/servicenow_tickets'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'FindingCaseResponseArray'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_service_now_tickets,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_service_now_tickets\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_signal_notification_rule(body, opts = {}) ⇒ Object

Create a new signal-based notification rule.

See Also:

• #create_signal_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2191

def create_signal_notification_rule(body, opts = {})
  data, _status_code, _headers = create_signal_notification_rule_with_http_info(body, opts)
  data
end

#create_signal_notification_rule_with_http_info(body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Create a new signal-based notification rule.

Create a new notification rule for security signals and return the created rule.

Parameters:

• body (CreateNotificationRuleParameters) —

  The body of the create notification rule request is composed of the rule type and the rule attributes: the rule name, the selectors, the notification targets, and the rule enabled status.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2203

def create_signal_notification_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_signal_notification_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_signal_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/signals/notification_rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :create_signal_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_signal_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_static_analysis_ast(body, opts = {}) ⇒ Object

Get AST for source code.

See Also:

• #create_static_analysis_ast_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2258

def create_static_analysis_ast(body, opts = {})
  data, _status_code, _headers = create_static_analysis_ast_with_http_info(body, opts)
  data
end

#create_static_analysis_ast_with_http_info(body, opts = {}) ⇒ Array<(GetAstResponse, Integer, Hash)>

Get AST for source code.

Parse source code into an abstract syntax tree (AST) for the specified language.

Parameters:

• body (GetAstRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(GetAstResponse, Integer, Hash)>) —

  GetAstResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2270

def create_static_analysis_ast_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.create_static_analysis_ast".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.create_static_analysis_ast")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.create_static_analysis_ast"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_static_analysis_ast ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_static_analysis_ast"
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/static-analysis-server/get-ast'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'GetAstResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_static_analysis_ast,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_static_analysis_ast\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_static_analysis_server_analysis(body, opts = {}) ⇒ Object

Analyze code.

See Also:

• #create_static_analysis_server_analysis_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2331

def create_static_analysis_server_analysis(body, opts = {})
  data, _status_code, _headers = create_static_analysis_server_analysis_with_http_info(body, opts)
  data
end

#create_static_analysis_server_analysis_with_http_info(body, opts = {}) ⇒ Array<(AnalysisResponse, Integer, Hash)>

Analyze code.

Run static analysis rules against a source code file and return violations found.

Parameters:

• body (AnalysisRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(AnalysisResponse, Integer, Hash)>) —

  AnalysisResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2343

def create_static_analysis_server_analysis_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.create_static_analysis_server_analysis".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.create_static_analysis_server_analysis")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.create_static_analysis_server_analysis"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_static_analysis_server_analysis ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_static_analysis_server_analysis"
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/static-analysis-server/analyze'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'AnalysisResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :create_static_analysis_server_analysis,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_static_analysis_server_analysis\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#create_vulnerability_notification_rule(body, opts = {}) ⇒ Object

Create a new vulnerability-based notification rule.

See Also:

• #create_vulnerability_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2404

def create_vulnerability_notification_rule(body, opts = {})
  data, _status_code, _headers = create_vulnerability_notification_rule_with_http_info(body, opts)
  data
end

#create_vulnerability_notification_rule_with_http_info(body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Create a new vulnerability-based notification rule.

Create a new notification rule for security vulnerabilities and return the created rule.

Parameters:

• body (CreateNotificationRuleParameters) —

  The body of the create notification rule request is composed of the rule type and the rule attributes: the rule name, the selectors, the notification targets, and the rule enabled status.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2416

def create_vulnerability_notification_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_vulnerability_notification_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_vulnerability_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities/notification_rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :create_vulnerability_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_vulnerability_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#deactivate_content_pack(content_pack_id, opts = {}) ⇒ Object

Deactivate content pack.

See Also:

• #deactivate_content_pack_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2471

def deactivate_content_pack(content_pack_id, opts = {})
  deactivate_content_pack_with_http_info(content_pack_id, opts)
  nil
end

#deactivate_content_pack_with_http_info(content_pack_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Deactivate content pack.

Deactivate a Cloud SIEM content pack. This operation removes the content pack’s configuration from log filters or security filters and updates the content pack activation state.

Parameters:

• content_pack_id (String) —

  The ID of the content pack to deactivate (for example, ‘aws-cloudtrail`).

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2484

def deactivate_content_pack_with_http_info(content_pack_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.deactivate_content_pack".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.deactivate_content_pack")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.deactivate_content_pack"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.deactivate_content_pack ...'
  end
  # verify the required parameter 'content_pack_id' is set
  if @api_client.config.client_side_validation && content_pack_id.nil?
    fail ArgumentError, "Missing the required parameter 'content_pack_id' when calling SecurityMonitoringAPI.deactivate_content_pack"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/content_packs/{content_pack_id}/deactivate'.sub('{content_pack_id}', CGI.escape(content_pack_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :deactivate_content_pack,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Put, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#deactivate_content_pack\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_custom_framework(handle, version, opts = {}) ⇒ Object

Delete a custom framework.

See Also:

• #delete_custom_framework_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2543

def delete_custom_framework(handle, version, opts = {})
  data, _status_code, _headers = delete_custom_framework_with_http_info(handle, version, opts)
  data
end

#delete_custom_framework_with_http_info(handle, version, opts = {}) ⇒ Array<(DeleteCustomFrameworkResponse, Integer, Hash)>

Delete a custom framework.

Delete a custom framework.

Parameters:

• handle (String) —

  The framework handle

• version (String) —

  The framework version

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(DeleteCustomFrameworkResponse, Integer, Hash)>) —

  DeleteCustomFrameworkResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2556

def delete_custom_framework_with_http_info(handle, version, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_custom_framework ...'
  end
  # verify the required parameter 'handle' is set
  if @api_client.config.client_side_validation && handle.nil?
    fail ArgumentError, "Missing the required parameter 'handle' when calling SecurityMonitoringAPI.delete_custom_framework"
  end
  # verify the required parameter 'version' is set
  if @api_client.config.client_side_validation && version.nil?
    fail ArgumentError, "Missing the required parameter 'version' when calling SecurityMonitoringAPI.delete_custom_framework"
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/custom_frameworks/{handle}/{version}'.sub('{handle}', CGI.escape(handle.to_s).gsub('%2F', '/')).sub('{version}', CGI.escape(version.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'DeleteCustomFrameworkResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_custom_framework,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_custom_framework\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_historical_job(job_id, opts = {}) ⇒ Object

Delete an existing job.

See Also:

• #delete_historical_job_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2613

def delete_historical_job(job_id, opts = {})
  delete_historical_job_with_http_info(job_id, opts)
  nil
end

#delete_historical_job_with_http_info(job_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete an existing job.

Delete an existing job.

Parameters:

• job_id (String) —

  The ID of the job.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2625

def delete_historical_job_with_http_info(job_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.delete_historical_job".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.delete_historical_job")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.delete_historical_job"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_historical_job ...'
  end
  # verify the required parameter 'job_id' is set
  if @api_client.config.client_side_validation && job_id.nil?
    fail ArgumentError, "Missing the required parameter 'job_id' when calling SecurityMonitoringAPI.delete_historical_job"
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/jobs/{job_id}'.sub('{job_id}', CGI.escape(job_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_historical_job,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_historical_job\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_sample_log_generation_subscription(content_pack_id, opts = {}) ⇒ Object

Unsubscribe from sample log generation.

See Also:

• #delete_sample_log_generation_subscription_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2684

def delete_sample_log_generation_subscription(content_pack_id, opts = {})
  data, _status_code, _headers = delete_sample_log_generation_subscription_with_http_info(content_pack_id, opts)
  data
end

#delete_sample_log_generation_subscription_with_http_info(content_pack_id, opts = {}) ⇒ Array<(SampleLogGenerationSubscriptionResponse, Integer, Hash)>

Unsubscribe from sample log generation.

Unsubscribe from sample log generation for a Cloud SIEM content pack. After unsubscribing, no more sample logs are generated for the requested content pack.

Availability: this endpoint is restricted to Cloud SIEM trial organizations on an eligible pricing model. Non-trial orgs receive ‘403 Forbidden`, the feature flag may also reject requests with `400 Bad Request`, and legacy pricing tiers receive a response with `status: not_available`.

Parameters:

• content_pack_id (String) —

  The identifier of the Cloud SIEM content pack to operate on (for example, ‘aws-cloudtrail`).

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SampleLogGenerationSubscriptionResponse, Integer, Hash)>) —

  SampleLogGenerationSubscriptionResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2701

def delete_sample_log_generation_subscription_with_http_info(content_pack_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.delete_sample_log_generation_subscription".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.delete_sample_log_generation_subscription")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.delete_sample_log_generation_subscription"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_sample_log_generation_subscription ...'
  end
  # verify the required parameter 'content_pack_id' is set
  if @api_client.config.client_side_validation && content_pack_id.nil?
    fail ArgumentError, "Missing the required parameter 'content_pack_id' when calling SecurityMonitoringAPI.delete_sample_log_generation_subscription"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/sample_log_generation/subscriptions/{content_pack_id}'.sub('{content_pack_id}', CGI.escape(content_pack_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SampleLogGenerationSubscriptionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_sample_log_generation_subscription,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_sample_log_generation_subscription\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_filter(security_filter_id, opts = {}) ⇒ Object

Delete a security filter.

See Also:

• #delete_security_filter_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2760

def delete_security_filter(security_filter_id, opts = {})
  delete_security_filter_with_http_info(security_filter_id, opts)
  nil
end

#delete_security_filter_with_http_info(security_filter_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a security filter.

Delete a specific security filter.

Parameters:

• security_filter_id (String) —

  The ID of the security filter.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2772

def delete_security_filter_with_http_info(security_filter_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_filter ...'
  end
  # verify the required parameter 'security_filter_id' is set
  if @api_client.config.client_side_validation && security_filter_id.nil?
    fail ArgumentError, "Missing the required parameter 'security_filter_id' when calling SecurityMonitoringAPI.delete_security_filter"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}'.sub('{security_filter_id}', CGI.escape(security_filter_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_security_filter,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_monitoring_critical_asset(critical_asset_id, opts = {}) ⇒ Object

Delete a critical asset.

See Also:

• #delete_security_monitoring_critical_asset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2825

def delete_security_monitoring_critical_asset(critical_asset_id, opts = {})
  delete_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts)
  nil
end

#delete_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a critical asset.

Delete a specific critical asset.

Parameters:

• critical_asset_id (String) —

  The ID of the critical asset.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2837

def delete_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_monitoring_critical_asset ...'
  end
  # verify the required parameter 'critical_asset_id' is set
  if @api_client.config.client_side_validation && critical_asset_id.nil?
    fail ArgumentError, "Missing the required parameter 'critical_asset_id' when calling SecurityMonitoringAPI.delete_security_monitoring_critical_asset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id}'.sub('{critical_asset_id}', CGI.escape(critical_asset_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_security_monitoring_critical_asset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_monitoring_critical_asset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_monitoring_dataset(dataset_id, opts = {}) ⇒ Object

Delete a dataset.

See Also:

• #delete_security_monitoring_dataset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2890

def delete_security_monitoring_dataset(dataset_id, opts = {})
  delete_security_monitoring_dataset_with_http_info(dataset_id, opts)
  nil
end

#delete_security_monitoring_dataset_with_http_info(dataset_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a dataset.

Delete a Cloud SIEM dataset. Out-of-the-box datasets cannot be deleted and deleting a dataset that is referenced by a detection rule is rejected.

Parameters:

• dataset_id (String) —

  The UUID of the dataset.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2903

def delete_security_monitoring_dataset_with_http_info(dataset_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.delete_security_monitoring_dataset".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.delete_security_monitoring_dataset")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.delete_security_monitoring_dataset"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_monitoring_dataset ...'
  end
  # verify the required parameter 'dataset_id' is set
  if @api_client.config.client_side_validation && dataset_id.nil?
    fail ArgumentError, "Missing the required parameter 'dataset_id' when calling SecurityMonitoringAPI.delete_security_monitoring_dataset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/datasets/{dataset_id}'.sub('{dataset_id}', CGI.escape(dataset_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_security_monitoring_dataset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_monitoring_dataset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_monitoring_integration_config(integration_config_id, opts = {}) ⇒ Object

Delete an entity context sync configuration.

See Also:

• #delete_security_monitoring_integration_config_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2962

def delete_security_monitoring_integration_config(integration_config_id, opts = {})
  delete_security_monitoring_integration_config_with_http_info(integration_config_id, opts)
  nil
end

#delete_security_monitoring_integration_config_with_http_info(integration_config_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete an entity context sync configuration.

Delete an entity context sync configuration. Cloud SIEM stops ingesting entities from this source, and the credentials stored for the configuration are removed from the secrets store.

Parameters:

• integration_config_id (String) —

  The ID of the entity context sync configuration.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 2975

def delete_security_monitoring_integration_config_with_http_info(integration_config_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.delete_security_monitoring_integration_config".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.delete_security_monitoring_integration_config")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.delete_security_monitoring_integration_config"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_monitoring_integration_config ...'
  end
  # verify the required parameter 'integration_config_id' is set
  if @api_client.config.client_side_validation && integration_config_id.nil?
    fail ArgumentError, "Missing the required parameter 'integration_config_id' when calling SecurityMonitoringAPI.delete_security_monitoring_integration_config"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/integration_config/{integration_config_id}'.sub('{integration_config_id}', CGI.escape(integration_config_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_security_monitoring_integration_config,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_monitoring_integration_config\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

Delete an existing rule.

See Also:

• #delete_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3034

def delete_security_monitoring_rule(rule_id, opts = {})
  delete_security_monitoring_rule_with_http_info(rule_id, opts)
  nil
end

#delete_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete an existing rule.

Delete an existing rule. Default rules cannot be deleted.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3046

def delete_security_monitoring_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.delete_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_security_monitoring_suppression(suppression_id, opts = {}) ⇒ Object

Delete a suppression rule.

See Also:

• #delete_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3099

def delete_security_monitoring_suppression(suppression_id, opts = {})
  delete_security_monitoring_suppression_with_http_info(suppression_id, opts)
  nil
end

#delete_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a suppression rule.

Delete a specific suppression rule.

Parameters:

• suppression_id (String) —

  The ID of the suppression rule

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3111

def delete_security_monitoring_suppression_with_http_info(suppression_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_monitoring_suppression ...'
  end
  # verify the required parameter 'suppression_id' is set
  if @api_client.config.client_side_validation && suppression_id.nil?
    fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.delete_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :delete_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_signal_notification_rule(id, opts = {}) ⇒ Object

Delete a signal-based notification rule.

See Also:

• #delete_signal_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3164

def delete_signal_notification_rule(id, opts = {})
  delete_signal_notification_rule_with_http_info(id, opts)
  nil
end

#delete_signal_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a signal-based notification rule.

Delete a notification rule for security signals.

Parameters:

• id (String) —

  ID of the notification rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3176

def delete_signal_notification_rule_with_http_info(id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_signal_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.delete_signal_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/signals/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :delete_signal_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_signal_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_vulnerability_notification_rule(id, opts = {}) ⇒ Object

Delete a vulnerability-based notification rule.

See Also:

• #delete_vulnerability_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3229

def delete_vulnerability_notification_rule(id, opts = {})
  delete_vulnerability_notification_rule_with_http_info(id, opts)
  nil
end

#delete_vulnerability_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete a vulnerability-based notification rule.

Delete a notification rule for security vulnerabilities.

Parameters:

• id (String) —

  ID of the notification rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3241

def delete_vulnerability_notification_rule_with_http_info(id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_vulnerability_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.delete_vulnerability_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :delete_vulnerability_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_vulnerability_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#detach_case(body, opts = {}) ⇒ Object

Detach security findings from their case.

See Also:

• #detach_case_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3294

def detach_case(body, opts = {})
  detach_case_with_http_info(body, opts)
  nil
end

#detach_case_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Detach security findings from their case.

Detach security findings from their case. This operation dissociates security findings from their associated cases without deleting the cases themselves. You can detach security findings from multiple different cases in a single request, with a limit of 50 security findings per request. Security findings that are not currently attached to any case will be ignored.

Parameters:

• body (DetachCaseRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3307

def detach_case_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.detach_case ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.detach_case"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/cases'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :detach_case,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#detach_case\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#edit_security_monitoring_signal(signal_id, body, opts = {}) ⇒ Object

Update security signal triage state or assignee.

See Also:

• #edit_security_monitoring_signal_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3362

def edit_security_monitoring_signal(signal_id, body, opts = {})
  data, _status_code, _headers = edit_security_monitoring_signal_with_http_info(signal_id, body, opts)
  data
end

#edit_security_monitoring_signal_assignee(signal_id, body, opts = {}) ⇒ Object

Modify the triage assignee of a security signal.

See Also:

• #edit_security_monitoring_signal_assignee_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3434

def edit_security_monitoring_signal_assignee(signal_id, body, opts = {})
  data, _status_code, _headers = edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts)
  data
end

#edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

Modify the triage assignee of a security signal.

Modify the triage assignee of a security signal.

Parameters:

• signal_id (String) —

  The ID of the signal.

• body (SecurityMonitoringSignalAssigneeUpdateRequest) —

  Attributes describing the signal update.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3447

def edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.edit_security_monitoring_signal_assignee ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_assignee"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_assignee"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/assignee'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :edit_security_monitoring_signal_assignee,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#edit_security_monitoring_signal_assignee\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#edit_security_monitoring_signal_incidents(signal_id, body, opts = {}) ⇒ Object

Change the related incidents of a security signal.

See Also:

• #edit_security_monitoring_signal_incidents_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3506

def edit_security_monitoring_signal_incidents(signal_id, body, opts = {})
  data, _status_code, _headers = edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts)
  data
end

#edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

Change the related incidents of a security signal.

Change the related incidents for a security signal.

Parameters:

• signal_id (String) —

  The ID of the signal.

• body (SecurityMonitoringSignalIncidentsUpdateRequest) —

  Attributes describing the signal update.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3519

def edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.edit_security_monitoring_signal_incidents ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_incidents"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_incidents"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/incidents'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :edit_security_monitoring_signal_incidents,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#edit_security_monitoring_signal_incidents\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#edit_security_monitoring_signal_state(signal_id, body, opts = {}) ⇒ Object

Change the triage state of a security signal.

See Also:

• #edit_security_monitoring_signal_state_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3578

def edit_security_monitoring_signal_state(signal_id, body, opts = {})
  data, _status_code, _headers = edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts)
  data
end

#edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

Change the triage state of a security signal.

Change the triage state of a security signal.

Parameters:

• signal_id (String) —

  The ID of the signal.

• body (SecurityMonitoringSignalStateUpdateRequest) —

  Attributes describing the signal update.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3591

def edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.edit_security_monitoring_signal_state ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_state"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_state"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/state'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :edit_security_monitoring_signal_state,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#edit_security_monitoring_signal_state\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#edit_security_monitoring_signal_with_http_info(signal_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>

Update security signal triage state or assignee.

Update the triage state or assignee of a security signal.

Parameters:

• signal_id (String) —

  The ID of the signal.

• body (SecurityMonitoringSignalUpdateRequest) —

  Attributes describing the signal triage state or assignee update.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>) —

  SecurityMonitoringSignalTriageUpdateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3375

def edit_security_monitoring_signal_with_http_info(signal_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.edit_security_monitoring_signal ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.edit_security_monitoring_signal"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.edit_security_monitoring_signal"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/update'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalTriageUpdateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :edit_security_monitoring_signal,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#edit_security_monitoring_signal\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#export_security_monitoring_terraform_resource(resource_type, resource_id, opts = {}) ⇒ Object

Export security monitoring resource to Terraform.

See Also:

• #export_security_monitoring_terraform_resource_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3650

def export_security_monitoring_terraform_resource(resource_type, resource_id, opts = {})
  data, _status_code, _headers = export_security_monitoring_terraform_resource_with_http_info(resource_type, resource_id, opts)
  data
end

#export_security_monitoring_terraform_resource_with_http_info(resource_type, resource_id, opts = {}) ⇒ Array<(SecurityMonitoringTerraformExportResponse, Integer, Hash)>

Export security monitoring resource to Terraform.

Export a security monitoring resource to a Terraform configuration. The ‘resource_type` path parameter specifies the type of resource to export and must be one of `suppressions` or `critical_assets`.

Parameters:

• resource_type (SecurityMonitoringTerraformResourceType) —

  The type of security monitoring resource to export.

• resource_id (String) —

  The ID of the security monitoring resource to export.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringTerraformExportResponse, Integer, Hash)>) —

  SecurityMonitoringTerraformExportResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3665

def export_security_monitoring_terraform_resource_with_http_info(resource_type, resource_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.export_security_monitoring_terraform_resource".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.export_security_monitoring_terraform_resource")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.export_security_monitoring_terraform_resource"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.export_security_monitoring_terraform_resource ...'
  end
  # verify the required parameter 'resource_type' is set
  if @api_client.config.client_side_validation && resource_type.nil?
    fail ArgumentError, "Missing the required parameter 'resource_type' when calling SecurityMonitoringAPI.export_security_monitoring_terraform_resource"
  end
  # verify enum value
  allowable_values = ['suppressions', 'critical_assets']
  if @api_client.config.client_side_validation && !allowable_values.include?(resource_type)
    fail ArgumentError, "invalid value for \"resource_type\", must be one of #{allowable_values}"
  end
  # verify the required parameter 'resource_id' is set
  if @api_client.config.client_side_validation && resource_id.nil?
    fail ArgumentError, "Missing the required parameter 'resource_id' when calling SecurityMonitoringAPI.export_security_monitoring_terraform_resource"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/terraform/{resource_type}/{resource_id}'.sub('{resource_type}', CGI.escape(resource_type.to_s).gsub('%2F', '/')).sub('{resource_id}', CGI.escape(resource_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringTerraformExportResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :export_security_monitoring_terraform_resource,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#export_security_monitoring_terraform_resource\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_content_packs_states(opts = {}) ⇒ Object

Get content pack states.

See Also:

• #get_content_packs_states_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3733

def get_content_packs_states(opts = {})
  data, _status_code, _headers = get_content_packs_states_with_http_info(opts)
  data
end

#get_content_packs_states_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringContentPackStatesResponse, Integer, Hash)>

Get content pack states.

Get the activation state, integration status, and log collection status for all Cloud SIEM content packs.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringContentPackStatesResponse, Integer, Hash)>) —

  SecurityMonitoringContentPackStatesResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3745

def get_content_packs_states_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_content_packs_states".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_content_packs_states")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_content_packs_states"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_content_packs_states ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/content_packs/states'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringContentPackStatesResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_content_packs_states,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_content_packs_states\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_critical_assets_affecting_rule(rule_id, opts = {}) ⇒ Object

Get critical assets affecting a specific rule.

See Also:

• #get_critical_assets_affecting_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3800

def get_critical_assets_affecting_rule(rule_id, opts = {})
  data, _status_code, _headers = get_critical_assets_affecting_rule_with_http_info(rule_id, opts)
  data
end

#get_critical_assets_affecting_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>

Get critical assets affecting a specific rule.

Get the list of critical assets that affect a specific existing rule by the rule’s ID.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>) —

  SecurityMonitoringCriticalAssetsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3812

def get_critical_assets_affecting_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_critical_assets_affecting_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.get_critical_assets_affecting_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_critical_assets_affecting_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_critical_assets_affecting_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_custom_framework(handle, version, opts = {}) ⇒ Object

Get a custom framework.

See Also:

• #get_custom_framework_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3865

def get_custom_framework(handle, version, opts = {})
  data, _status_code, _headers = get_custom_framework_with_http_info(handle, version, opts)
  data
end

#get_custom_framework_with_http_info(handle, version, opts = {}) ⇒ Array<(GetCustomFrameworkResponse, Integer, Hash)>

Get a custom framework.

Get a custom framework.

Parameters:

• handle (String) —

  The framework handle

• version (String) —

  The framework version

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(GetCustomFrameworkResponse, Integer, Hash)>) —

  GetCustomFrameworkResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3878

def get_custom_framework_with_http_info(handle, version, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_custom_framework ...'
  end
  # verify the required parameter 'handle' is set
  if @api_client.config.client_side_validation && handle.nil?
    fail ArgumentError, "Missing the required parameter 'handle' when calling SecurityMonitoringAPI.get_custom_framework"
  end
  # verify the required parameter 'version' is set
  if @api_client.config.client_side_validation && version.nil?
    fail ArgumentError, "Missing the required parameter 'version' when calling SecurityMonitoringAPI.get_custom_framework"
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/custom_frameworks/{handle}/{version}'.sub('{handle}', CGI.escape(handle.to_s).gsub('%2F', '/')).sub('{version}', CGI.escape(version.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetCustomFrameworkResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_custom_framework,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_custom_framework\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_entity_context(opts = {}) ⇒ Object

Get entity context.

See Also:

• #get_entity_context_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3935

def get_entity_context(opts = {})
  data, _status_code, _headers = get_entity_context_with_http_info(opts)
  data
end

#get_entity_context_with_http_info(opts = {}) ⇒ Array<(EntityContextResponse, Integer, Hash)>

Get entity context.

Search the Cloud SIEM entity context store for entities that match a query, and return the historical revisions of each entity in the requested time range. The endpoint can either return revisions across an interval (‘from` / `to`) or the snapshot of each entity at a single point in time (`as_of`); the two modes are mutually exclusive.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :query (String) —

  A free-text query (for example, an email address or principal ID) used to filter the entities returned.

• :from (String) —

  The start of the time range to query, as an RFC3339 timestamp or a relative time (for example, ‘now-7d`). Defaults to `now-7d`. Ignored when `as_of` is set.

• :to (String) —

  The end of the time range to query, as an RFC3339 timestamp or a relative time (for example, ‘now`). Defaults to `now`. Ignored when `as_of` is set.

• :as_of (String) —

  A point in time at which to query the entity revisions, as an RFC3339 timestamp, a Unix timestamp (in seconds), or a relative time (for example, ‘now-1d`). When set, `from` and `to` are ignored. Cannot be combined with custom `from` / `to` values.

• :limit (Integer) —

  The maximum number of entities to return.

• :page_token (String) —

  An opaque token used to fetch the next page of results, as returned in ‘meta.page.next_token` of a previous response.

Returns:

• (Array<(EntityContextResponse, Integer, Hash)>) —

  EntityContextResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 3955

def get_entity_context_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_entity_context".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_entity_context")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_entity_context"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_entity_context ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/entity_context'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'query'] = opts[:'query'] if !opts[:'query'].nil?
  query_params[:'from'] = opts[:'from'] if !opts[:'from'].nil?
  query_params[:'to'] = opts[:'to'] if !opts[:'to'].nil?
  query_params[:'as_of'] = opts[:'as_of'] if !opts[:'as_of'].nil?
  query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
  query_params[:'page_token'] = opts[:'page_token'] if !opts[:'page_token'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'EntityContextResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_entity_context,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_entity_context\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_finding(finding_id, opts = {}) ⇒ Object

Get a finding.

See Also:

• #get_finding_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4016

def get_finding(finding_id, opts = {})
  data, _status_code, _headers = get_finding_with_http_info(finding_id, opts)
  data
end

#get_finding_with_http_info(finding_id, opts = {}) ⇒ Array<(GetFindingResponse, Integer, Hash)>

Get a finding.

Returns a single finding with message and resource configuration.

Parameters:

• finding_id (String) —

  The ID of the finding.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :snapshot_timestamp (Integer) —

  Return the finding for a given snapshot of time (Unix ms).

Returns:

• (Array<(GetFindingResponse, Integer, Hash)>) —

  GetFindingResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4029

def get_finding_with_http_info(finding_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_finding".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_finding")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_finding"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_finding ...'
  end
  # verify the required parameter 'finding_id' is set
  if @api_client.config.client_side_validation && finding_id.nil?
    fail ArgumentError, "Missing the required parameter 'finding_id' when calling SecurityMonitoringAPI.get_finding"
  end
  if @api_client.config.client_side_validation && !opts[:'snapshot_timestamp'].nil? && opts[:'snapshot_timestamp'] < 1
    fail ArgumentError, 'invalid value for "opts[:"snapshot_timestamp"]" when calling SecurityMonitoringAPI.get_finding, must be greater than or equal to 1.'
  end
  # resource path
  local_var_path = '/api/v2/posture_management/findings/{finding_id}'.sub('{finding_id}', CGI.escape(finding_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'snapshot_timestamp'] = opts[:'snapshot_timestamp'] if !opts[:'snapshot_timestamp'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetFindingResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_finding,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_finding\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_historical_job(job_id, opts = {}) ⇒ Object

Get a job’s details.

See Also:

• #get_historical_job_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4092

def get_historical_job(job_id, opts = {})
  data, _status_code, _headers = get_historical_job_with_http_info(job_id, opts)
  data
end

#get_historical_job_with_http_info(job_id, opts = {}) ⇒ Array<(HistoricalJobResponse, Integer, Hash)>

Get a job’s details.

Get a job’s details.

Parameters:

• job_id (String) —

  The ID of the job.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(HistoricalJobResponse, Integer, Hash)>) —

  HistoricalJobResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4104

def get_historical_job_with_http_info(job_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_historical_job".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_historical_job")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_historical_job"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_historical_job ...'
  end
  # verify the required parameter 'job_id' is set
  if @api_client.config.client_side_validation && job_id.nil?
    fail ArgumentError, "Missing the required parameter 'job_id' when calling SecurityMonitoringAPI.get_historical_job"
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/jobs/{job_id}'.sub('{job_id}', CGI.escape(job_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'HistoricalJobResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_historical_job,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_historical_job\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_indicator_of_compromise(indicator, opts = {}) ⇒ Object

Get an indicator of compromise.

See Also:

• #get_indicator_of_compromise_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4163

def get_indicator_of_compromise(indicator, opts = {})
  data, _status_code, _headers = get_indicator_of_compromise_with_http_info(indicator, opts)
  data
end

#get_indicator_of_compromise_with_http_info(indicator, opts = {}) ⇒ Array<(GetIoCIndicatorResponse, Integer, Hash)>

Get an indicator of compromise.

Get detailed information about a specific indicator of compromise (IoC).

Parameters:

• indicator (String) —

  The indicator value to look up (for example, an IP address or domain).

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :ocsf (Boolean) —

  When true, return only OCSF field-based matches. When false, return regex/message-based matches.

• :include_triage_history (Boolean) —

  Include full triage history for the indicator.

• :triage_history_limit (Integer) —

  Maximum number of triage history events returned. Only applied when ‘include_triage_history` is true.

• :triage_history_offset (Integer) —

  Pagination offset into the triage history. Only applied when ‘include_triage_history` is true.

Returns:

• (Array<(GetIoCIndicatorResponse, Integer, Hash)>) —

  GetIoCIndicatorResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4179

def get_indicator_of_compromise_with_http_info(indicator, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_indicator_of_compromise".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_indicator_of_compromise")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_indicator_of_compromise"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_indicator_of_compromise ...'
  end
  # verify the required parameter 'indicator' is set
  if @api_client.config.client_side_validation && indicator.nil?
    fail ArgumentError, "Missing the required parameter 'indicator' when calling SecurityMonitoringAPI.get_indicator_of_compromise"
  end
  if @api_client.config.client_side_validation && !opts[:'triage_history_limit'].nil? && opts[:'triage_history_limit'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"triage_history_limit"]" when calling SecurityMonitoringAPI.get_indicator_of_compromise, must be smaller than or equal to 1000.'
  end
  if @api_client.config.client_side_validation && !opts[:'triage_history_limit'].nil? && opts[:'triage_history_limit'] < 1
    fail ArgumentError, 'invalid value for "opts[:"triage_history_limit"]" when calling SecurityMonitoringAPI.get_indicator_of_compromise, must be greater than or equal to 1.'
  end
  if @api_client.config.client_side_validation && !opts[:'triage_history_offset'].nil? && opts[:'triage_history_offset'] > 2147483647
    fail ArgumentError, 'invalid value for "opts[:"triage_history_offset"]" when calling SecurityMonitoringAPI.get_indicator_of_compromise, must be smaller than or equal to 2147483647.'
  end
  # resource path
  local_var_path = '/api/v2/security/siem/ioc-explorer/indicator'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'indicator'] = indicator
  query_params[:'ocsf'] = opts[:'ocsf'] if !opts[:'ocsf'].nil?
  query_params[:'include_triage_history'] = opts[:'include_triage_history'] if !opts[:'include_triage_history'].nil?
  query_params[:'triage_history_limit'] = opts[:'triage_history_limit'] if !opts[:'triage_history_limit'].nil?
  query_params[:'triage_history_offset'] = opts[:'triage_history_offset'] if !opts[:'triage_history_offset'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetIoCIndicatorResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_indicator_of_compromise,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_indicator_of_compromise\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_investigation_log_queries_matching_signal(signal_id, opts = {}) ⇒ Object

Get investigation queries for a signal.

See Also:

• #get_investigation_log_queries_matching_signal_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4252

def get_investigation_log_queries_matching_signal(signal_id, opts = {})
  data, _status_code, _headers = get_investigation_log_queries_matching_signal_with_http_info(signal_id, opts)
  data
end

#get_investigation_log_queries_matching_signal_with_http_info(signal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalSuggestedActionsResponse, Integer, Hash)>

Get investigation queries for a signal.

Get the list of investigation log queries available for a given security signal.

Parameters:

• signal_id (String) —

  The ID of the signal.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalSuggestedActionsResponse, Integer, Hash)>) —

  SecurityMonitoringSignalSuggestedActionsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4264

def get_investigation_log_queries_matching_signal_with_http_info(signal_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_investigation_log_queries_matching_signal ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.get_investigation_log_queries_matching_signal"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/investigation_queries'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalSuggestedActionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_investigation_log_queries_matching_signal,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_investigation_log_queries_matching_signal\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_resource_evaluation_filters(opts = {}) ⇒ Object

List resource filters.

See Also:

• #get_resource_evaluation_filters_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4317

def get_resource_evaluation_filters(opts = {})
  data, _status_code, _headers = get_resource_evaluation_filters_with_http_info(opts)
  data
end

#get_resource_evaluation_filters_with_http_info(opts = {}) ⇒ Array<(GetResourceEvaluationFiltersResponse, Integer, Hash)>

List resource filters.

List resource filters.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :cloud_provider (String) —

  Filter resource filters by cloud provider (e.g. aws, gcp, azure).

• :account_id (String) —

  Filter resource filters by cloud provider account ID. This parameter is only valid when provider is specified.

• :skip_cache (Boolean) —

  Skip cache for resource filters.

Returns:

• (Array<(GetResourceEvaluationFiltersResponse, Integer, Hash)>) —

  GetResourceEvaluationFiltersResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4331

def get_resource_evaluation_filters_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_resource_evaluation_filters ...'
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/resource_filters'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'cloud_provider'] = opts[:'cloud_provider'] if !opts[:'cloud_provider'].nil?
  query_params[:'account_id'] = opts[:'account_id'] if !opts[:'account_id'].nil?
  query_params[:'skip_cache'] = opts[:'skip_cache'] if !opts[:'skip_cache'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetResourceEvaluationFiltersResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_resource_evaluation_filters,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_resource_evaluation_filters\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_rule_version_history(rule_id, opts = {}) ⇒ Object

Get a rule’s version history.

See Also:

• #get_rule_version_history_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4383

def get_rule_version_history(rule_id, opts = {})
  data, _status_code, _headers = get_rule_version_history_with_http_info(rule_id, opts)
  data
end

#get_rule_version_history_with_http_info(rule_id, opts = {}) ⇒ Array<(GetRuleVersionHistoryResponse, Integer, Hash)>

Get a rule’s version history.

Get a rule’s version history.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

Returns:

• (Array<(GetRuleVersionHistoryResponse, Integer, Hash)>) —

  GetRuleVersionHistoryResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4397

def get_rule_version_history_with_http_info(rule_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_rule_version_history".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_rule_version_history")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_rule_version_history"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_rule_version_history ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.get_rule_version_history"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}/version_history'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetRuleVersionHistoryResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_rule_version_history,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_rule_version_history\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_sbom(asset_type, filter_asset_name, opts = {}) ⇒ Object

Get SBOM.

See Also:

• #get_sbom_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4458

def get_sbom(asset_type, filter_asset_name, opts = {})
  data, _status_code, _headers = get_sbom_with_http_info(asset_type, filter_asset_name, opts)
  data
end

#get_sbom_with_http_info(asset_type, filter_asset_name, opts = {}) ⇒ Array<(GetSBOMResponse, Integer, Hash)>

Get SBOM.

Get a single SBOM related to an asset by its type and name.

Parameters:

• asset_type (AssetType) —

  The type of the asset for the SBOM request.

• filter_asset_name (String) —

  The name of the asset for the SBOM request.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_repo_digest (String) —

  The container image ‘repo_digest` for the SBOM request. When the requested asset type is ’Image’, this filter is mandatory.

• :ext_format (SBOMFormat) —

  The standard of the SBOM.

Returns:

• (Array<(GetSBOMResponse, Integer, Hash)>) —

  GetSBOMResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4473

def get_sbom_with_http_info(asset_type, filter_asset_name, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_sbom ...'
  end
  # verify the required parameter 'asset_type' is set
  if @api_client.config.client_side_validation && asset_type.nil?
    fail ArgumentError, "Missing the required parameter 'asset_type' when calling SecurityMonitoringAPI.get_sbom"
  end
  # verify enum value
  allowable_values = ['Repository', 'Service', 'Host', 'HostImage', 'Image']
  if @api_client.config.client_side_validation && !allowable_values.include?(asset_type)
    fail ArgumentError, "invalid value for \"asset_type\", must be one of #{allowable_values}"
  end
  # verify the required parameter 'filter_asset_name' is set
  if @api_client.config.client_side_validation && filter_asset_name.nil?
    fail ArgumentError, "Missing the required parameter 'filter_asset_name' when calling SecurityMonitoringAPI.get_sbom"
  end
  allowable_values = ['CycloneDX', 'SPDX']
  if @api_client.config.client_side_validation && opts[:'ext_format'] && !allowable_values.include?(opts[:'ext_format'])
    fail ArgumentError, "invalid value for \"ext_format\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/sboms/{asset_type}'.sub('{asset_type}', CGI.escape(asset_type.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[asset_name]'] = filter_asset_name
  query_params[:'filter[repo_digest]'] = opts[:'filter_repo_digest'] if !opts[:'filter_repo_digest'].nil?
  query_params[:'ext:format'] = opts[:'ext_format'] if !opts[:'ext_format'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetSBOMResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_sbom,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_sbom\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_secrets_rules(opts = {}) ⇒ Object

Returns a list of Secrets rules.

See Also:

• #get_secrets_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4542

def get_secrets_rules(opts = {})
  data, _status_code, _headers = get_secrets_rules_with_http_info(opts)
  data
end

#get_secrets_rules_with_http_info(opts = {}) ⇒ Array<(SecretRuleArray, Integer, Hash)>

Returns a list of Secrets rules.

Returns a list of Secrets rules with ID, Pattern, Description, Priority, and SDS ID.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecretRuleArray, Integer, Hash)>) —

  SecretRuleArray data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4553

def get_secrets_rules_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_secrets_rules".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_secrets_rules")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_secrets_rules"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_secrets_rules ...'
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/secrets/rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecretRuleArray'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_secrets_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_secrets_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_filter(security_filter_id, opts = {}) ⇒ Object

Get a security filter.

See Also:

• #get_security_filter_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4608

def get_security_filter(security_filter_id, opts = {})
  data, _status_code, _headers = get_security_filter_with_http_info(security_filter_id, opts)
  data
end

#get_security_filter_with_http_info(security_filter_id, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

Get a security filter.

Get the details of a specific security filter.

See the [security filter guide](docs.datadoghq.com/security_platform/guide/how-to-setup-security-filters-using-security-monitoring-api/) for more examples.

Parameters:

• security_filter_id (String) —

  The ID of the security filter.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFilterResponse, Integer, Hash)>) —

  SecurityFilterResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4623

def get_security_filter_with_http_info(security_filter_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_filter ...'
  end
  # verify the required parameter 'security_filter_id' is set
  if @api_client.config.client_side_validation && security_filter_id.nil?
    fail ArgumentError, "Missing the required parameter 'security_filter_id' when calling SecurityMonitoringAPI.get_security_filter"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}'.sub('{security_filter_id}', CGI.escape(security_filter_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFilterResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_filter,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_critical_asset(critical_asset_id, opts = {}) ⇒ Object

Get a critical asset.

See Also:

• #get_security_monitoring_critical_asset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4676

def get_security_monitoring_critical_asset(critical_asset_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts)
  data
end

#get_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

Get a critical asset.

Get the details of a specific critical asset.

Parameters:

• critical_asset_id (String) —

  The ID of the critical asset.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>) —

  SecurityMonitoringCriticalAssetResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4688

def get_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_critical_asset ...'
  end
  # verify the required parameter 'critical_asset_id' is set
  if @api_client.config.client_side_validation && critical_asset_id.nil?
    fail ArgumentError, "Missing the required parameter 'critical_asset_id' when calling SecurityMonitoringAPI.get_security_monitoring_critical_asset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id}'.sub('{critical_asset_id}', CGI.escape(critical_asset_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_critical_asset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_critical_asset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_dataset(dataset_id, opts = {}) ⇒ Object

Get a dataset.

See Also:

• #get_security_monitoring_dataset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4741

def get_security_monitoring_dataset(dataset_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_dataset_with_http_info(dataset_id, opts)
  data
end

#get_security_monitoring_dataset_by_version(dataset_id, version, opts = {}) ⇒ Object

Get a dataset at a specific version.

See Also:

• #get_security_monitoring_dataset_by_version_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4812

def get_security_monitoring_dataset_by_version(dataset_id, version, opts = {})
  data, _status_code, _headers = get_security_monitoring_dataset_by_version_with_http_info(dataset_id, version, opts)
  data
end

#get_security_monitoring_dataset_by_version_with_http_info(dataset_id, version, opts = {}) ⇒ Array<(SecurityMonitoringDatasetResponse, Integer, Hash)>

Get a dataset at a specific version.

Retrieve a specific historical version of a Cloud SIEM dataset.

Parameters:

• dataset_id (String) —

  The UUID of the dataset.

• version (Integer) —

  The version number of the dataset to retrieve.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringDatasetResponse, Integer, Hash)>) —

  SecurityMonitoringDatasetResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4825

def get_security_monitoring_dataset_by_version_with_http_info(dataset_id, version, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_security_monitoring_dataset_by_version".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_security_monitoring_dataset_by_version")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_security_monitoring_dataset_by_version"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_dataset_by_version ...'
  end
  # verify the required parameter 'dataset_id' is set
  if @api_client.config.client_side_validation && dataset_id.nil?
    fail ArgumentError, "Missing the required parameter 'dataset_id' when calling SecurityMonitoringAPI.get_security_monitoring_dataset_by_version"
  end
  # verify the required parameter 'version' is set
  if @api_client.config.client_side_validation && version.nil?
    fail ArgumentError, "Missing the required parameter 'version' when calling SecurityMonitoringAPI.get_security_monitoring_dataset_by_version"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/datasets/{dataset_id}/version/{version}'.sub('{dataset_id}', CGI.escape(dataset_id.to_s).gsub('%2F', '/')).sub('{version}', CGI.escape(version.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringDatasetResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_dataset_by_version,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_dataset_by_version\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_dataset_version_history(dataset_id, opts = {}) ⇒ Object

Get the version history of a dataset.

See Also:

• #get_security_monitoring_dataset_version_history_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4888

def get_security_monitoring_dataset_version_history(dataset_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_dataset_version_history_with_http_info(dataset_id, opts)
  data
end

#get_security_monitoring_dataset_version_history_with_http_info(dataset_id, opts = {}) ⇒ Array<(SecurityMonitoringDatasetVersionHistoryResponse, Integer, Hash)>

Get the version history of a dataset.

Retrieve the version history of a Cloud SIEM dataset, including the changes made at each version.

Parameters:

• dataset_id (String) —

  The UUID of the dataset.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

Returns:

• (Array<(SecurityMonitoringDatasetVersionHistoryResponse, Integer, Hash)>) —

  SecurityMonitoringDatasetVersionHistoryResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4902

def get_security_monitoring_dataset_version_history_with_http_info(dataset_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_security_monitoring_dataset_version_history".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_security_monitoring_dataset_version_history")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_security_monitoring_dataset_version_history"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_dataset_version_history ...'
  end
  # verify the required parameter 'dataset_id' is set
  if @api_client.config.client_side_validation && dataset_id.nil?
    fail ArgumentError, "Missing the required parameter 'dataset_id' when calling SecurityMonitoringAPI.get_security_monitoring_dataset_version_history"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/datasets/{dataset_id}/version_history'.sub('{dataset_id}', CGI.escape(dataset_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringDatasetVersionHistoryResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_dataset_version_history,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_dataset_version_history\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_dataset_with_http_info(dataset_id, opts = {}) ⇒ Array<(SecurityMonitoringDatasetResponse, Integer, Hash)>

Get a dataset.

Get the current version of a Cloud SIEM dataset by ID.

Parameters:

• dataset_id (String) —

  The UUID of the dataset.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringDatasetResponse, Integer, Hash)>) —

  SecurityMonitoringDatasetResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4753

def get_security_monitoring_dataset_with_http_info(dataset_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_security_monitoring_dataset".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_security_monitoring_dataset")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_security_monitoring_dataset"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_dataset ...'
  end
  # verify the required parameter 'dataset_id' is set
  if @api_client.config.client_side_validation && dataset_id.nil?
    fail ArgumentError, "Missing the required parameter 'dataset_id' when calling SecurityMonitoringAPI.get_security_monitoring_dataset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/datasets/{dataset_id}'.sub('{dataset_id}', CGI.escape(dataset_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringDatasetResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_dataset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_dataset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_histsignal(histsignal_id, opts = {}) ⇒ Object

Get a hist signal’s details.

See Also:

• #get_security_monitoring_histsignal_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4963

def get_security_monitoring_histsignal(histsignal_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_histsignal_with_http_info(histsignal_id, opts)
  data
end

#get_security_monitoring_histsignal_with_http_info(histsignal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalResponse, Integer, Hash)>

Get a hist signal’s details.

Get a hist signal’s details.

Parameters:

• histsignal_id (String) —

  The ID of the historical signal.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalResponse, Integer, Hash)>) —

  SecurityMonitoringSignalResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 4975

def get_security_monitoring_histsignal_with_http_info(histsignal_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_security_monitoring_histsignal".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_security_monitoring_histsignal")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_security_monitoring_histsignal"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_histsignal ...'
  end
  # verify the required parameter 'histsignal_id' is set
  if @api_client.config.client_side_validation && histsignal_id.nil?
    fail ArgumentError, "Missing the required parameter 'histsignal_id' when calling SecurityMonitoringAPI.get_security_monitoring_histsignal"
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/histsignals/{histsignal_id}'.sub('{histsignal_id}', CGI.escape(histsignal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_histsignal,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_histsignal\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_histsignals_by_job_id(job_id, opts = {}) ⇒ Object

Get a job’s hist signals.

See Also:

• #get_security_monitoring_histsignals_by_job_id_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5034

def get_security_monitoring_histsignals_by_job_id(job_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_histsignals_by_job_id_with_http_info(job_id, opts)
  data
end

#get_security_monitoring_histsignals_by_job_id_with_http_info(job_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

Get a job’s hist signals.

Get a job’s hist signals.

Parameters:

• job_id (String) —

  The ID of the job.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_query (String) —

  The search query for security signals.

• :filter_from (Time) —

  The minimum timestamp for requested security signals.

• :filter_to (Time) —

  The maximum timestamp for requested security signals.

• :sort (SecurityMonitoringSignalsSort) —

  The order of the security signals in results.

• :page_cursor (String) —

  A list of results using the cursor provided in the previous query.

• :page_limit (Integer) —

  The maximum number of security signals in the response.

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5052

def get_security_monitoring_histsignals_by_job_id_with_http_info(job_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_security_monitoring_histsignals_by_job_id".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_security_monitoring_histsignals_by_job_id")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_security_monitoring_histsignals_by_job_id"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_histsignals_by_job_id ...'
  end
  # verify the required parameter 'job_id' is set
  if @api_client.config.client_side_validation && job_id.nil?
    fail ArgumentError, "Missing the required parameter 'job_id' when calling SecurityMonitoringAPI.get_security_monitoring_histsignals_by_job_id"
  end
  allowable_values = ['timestamp', '-timestamp']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.get_security_monitoring_histsignals_by_job_id, must be smaller than or equal to 1000.'
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/jobs/{job_id}/histsignals'.sub('{job_id}', CGI.escape(job_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?
  query_params[:'filter[from]'] = opts[:'filter_from'] if !opts[:'filter_from'].nil?
  query_params[:'filter[to]'] = opts[:'filter_to'] if !opts[:'filter_to'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_histsignals_by_job_id,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_histsignals_by_job_id\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_integration_config(integration_config_id, opts = {}) ⇒ Object

Get an entity context sync configuration.

See Also:

• #get_security_monitoring_integration_config_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5124

def get_security_monitoring_integration_config(integration_config_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_integration_config_with_http_info(integration_config_id, opts)
  data
end

#get_security_monitoring_integration_config_with_http_info(integration_config_id, opts = {}) ⇒ Array<(SecurityMonitoringIntegrationConfigResponse, Integer, Hash)>

Get an entity context sync configuration.

Get the details of a specific entity context sync configuration.

Parameters:

• integration_config_id (String) —

  The ID of the entity context sync configuration.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringIntegrationConfigResponse, Integer, Hash)>) —

  SecurityMonitoringIntegrationConfigResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5136

def get_security_monitoring_integration_config_with_http_info(integration_config_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_security_monitoring_integration_config".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_security_monitoring_integration_config")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_security_monitoring_integration_config"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_integration_config ...'
  end
  # verify the required parameter 'integration_config_id' is set
  if @api_client.config.client_side_validation && integration_config_id.nil?
    fail ArgumentError, "Missing the required parameter 'integration_config_id' when calling SecurityMonitoringAPI.get_security_monitoring_integration_config"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/integration_config/{integration_config_id}'.sub('{integration_config_id}', CGI.escape(integration_config_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringIntegrationConfigResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_integration_config,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_integration_config\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_rule(rule_id, opts = {}) ⇒ Object

Get a rule’s details.

See Also:

• #get_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5195

def get_security_monitoring_rule(rule_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_rule_with_http_info(rule_id, opts)
  data
end

#get_security_monitoring_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

Get a rule’s details.

Get a rule’s details.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleResponse, Integer, Hash)>) —

  SecurityMonitoringRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5207

def get_security_monitoring_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.get_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_signal(signal_id, opts = {}) ⇒ Object

Get a signal’s details.

See Also:

• #get_security_monitoring_signal_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5260

def get_security_monitoring_signal(signal_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_signal_with_http_info(signal_id, opts)
  data
end

#get_security_monitoring_signal_with_http_info(signal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalResponse, Integer, Hash)>

Get a signal’s details.

Get a signal’s details.

Parameters:

• signal_id (String) —

  The ID of the signal.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalResponse, Integer, Hash)>) —

  SecurityMonitoringSignalResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5272

def get_security_monitoring_signal_with_http_info(signal_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_signal ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.get_security_monitoring_signal"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_signal,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_signal\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_security_monitoring_suppression(suppression_id, opts = {}) ⇒ Object

Get a suppression rule.

See Also:

• #get_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5325

def get_security_monitoring_suppression(suppression_id, opts = {})
  data, _status_code, _headers = get_security_monitoring_suppression_with_http_info(suppression_id, opts)
  data
end

#get_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

Get a suppression rule.

Get the details of a specific suppression rule.

Parameters:

• suppression_id (String) —

  The ID of the suppression rule

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5337

def get_security_monitoring_suppression_with_http_info(suppression_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_suppression ...'
  end
  # verify the required parameter 'suppression_id' is set
  if @api_client.config.client_side_validation && suppression_id.nil?
    fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.get_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_signal_entities(signal_id, opts = {}) ⇒ Object

Get entities related to a signal.

See Also:

• #get_signal_entities_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5390

def get_signal_entities(signal_id, opts = {})
  data, _status_code, _headers = get_signal_entities_with_http_info(signal_id, opts)
  data
end

#get_signal_entities_with_http_info(signal_id, opts = {}) ⇒ Array<(SignalEntitiesResponse, Integer, Hash)>

Get entities related to a signal.

Get the list of entities related to a security signal, captured at the signal’s timestamp.

Parameters:

• signal_id (String) —

  The ID of the signal.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :limit (Integer) —

  The maximum number of entities to return.

Returns:

• (Array<(SignalEntitiesResponse, Integer, Hash)>) —

  SignalEntitiesResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5403

def get_signal_entities_with_http_info(signal_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_signal_entities".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_signal_entities")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_signal_entities"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_signal_entities ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.get_signal_entities"
  end
  if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SecurityMonitoringAPI.get_signal_entities, must be smaller than or equal to 1000.'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/entities'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SignalEntitiesResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_signal_entities,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_signal_entities\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_signal_notification_rule(id, opts = {}) ⇒ Object

Get details of a signal-based notification rule.

See Also:

• #get_signal_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5466

def get_signal_notification_rule(id, opts = {})
  data, _status_code, _headers = get_signal_notification_rule_with_http_info(id, opts)
  data
end

#get_signal_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Get details of a signal-based notification rule.

Get the details of a notification rule for security signals.

Parameters:

• id (String) —

  ID of the notification rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5478

def get_signal_notification_rule_with_http_info(id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_signal_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.get_signal_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/signals/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_signal_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_signal_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_signal_notification_rules(opts = {}) ⇒ Object

Get the list of signal-based notification rules.

See Also:

• #get_signal_notification_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5531

def get_signal_notification_rules(opts = {})
  data, _status_code, _headers = get_signal_notification_rules_with_http_info(opts)
  data
end

#get_signal_notification_rules_with_http_info(opts = {}) ⇒ Array<(NotificationRulesListResponse, Integer, Hash)>

Get the list of signal-based notification rules.

Returns the list of notification rules for security signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRulesListResponse, Integer, Hash)>) —

  NotificationRulesListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5542

def get_signal_notification_rules_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_signal_notification_rules ...'
  end
  # resource path
  local_var_path = '/api/v2/security/signals/notification_rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRulesListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_signal_notification_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_signal_notification_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_single_entity_context(id, opts = {}) ⇒ Object

Get a single entity context.

See Also:

• #get_single_entity_context_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5591

def get_single_entity_context(id, opts = {})
  data, _status_code, _headers = get_single_entity_context_with_http_info(id, opts)
  data
end

#get_single_entity_context_with_http_info(id, opts = {}) ⇒ Array<(SingleEntityContextResponse, Integer, Hash)>

Get a single entity context.

Get a single entity from the Cloud SIEM entity context store by its identifier, returning the historical revisions of the entity in the requested time range. The endpoint can either return revisions across an interval (‘from` / `to`) or the snapshot of the entity at a single point in time (`as_of`); the two modes are mutually exclusive.

Parameters:

• id (String) —

  The unique identifier of the entity to retrieve.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :from (String) —

  The start of the time range to query, as an RFC3339 timestamp or a relative time (for example, ‘now-7d`). Defaults to `now-7d`. Ignored when `as_of` is set.

• :to (String) —

  The end of the time range to query, as an RFC3339 timestamp or a relative time (for example, ‘now`). Defaults to `now`. Ignored when `as_of` is set.

• :as_of (String) —

  A point in time at which to query the entity revisions, as an RFC3339 timestamp, a Unix timestamp (in seconds), or a relative time (for example, ‘now-1d`). When set, `from` and `to` are ignored. Cannot be combined with custom `from` / `to` values.

Returns:

• (Array<(SingleEntityContextResponse, Integer, Hash)>) —

  SingleEntityContextResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5609

def get_single_entity_context_with_http_info(id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_single_entity_context".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_single_entity_context")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_single_entity_context"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_single_entity_context ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.get_single_entity_context"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/entity_context/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'from'] = opts[:'from'] if !opts[:'from'].nil?
  query_params[:'to'] = opts[:'to'] if !opts[:'to'].nil?
  query_params[:'as_of'] = opts[:'as_of'] if !opts[:'as_of'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SingleEntityContextResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_single_entity_context,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_single_entity_context\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_static_analysis_default_rulesets(language, opts = {}) ⇒ Object

Get default rulesets for a language.

See Also:

• #get_static_analysis_default_rulesets_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5671

def get_static_analysis_default_rulesets(language, opts = {})
  data, _status_code, _headers = get_static_analysis_default_rulesets_with_http_info(language, opts)
  data
end

#get_static_analysis_default_rulesets_with_http_info(language, opts = {}) ⇒ Array<(DefaultRulesetsPerLanguageResponse, Integer, Hash)>

Get default rulesets for a language.

Get the default SAST ruleset names for a given programming language.

Parameters:

• language (String) —

  The programming language for which to retrieve the default rulesets.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(DefaultRulesetsPerLanguageResponse, Integer, Hash)>) —

  DefaultRulesetsPerLanguageResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5683

def get_static_analysis_default_rulesets_with_http_info(language, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_static_analysis_default_rulesets".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_static_analysis_default_rulesets")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_static_analysis_default_rulesets"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_static_analysis_default_rulesets ...'
  end
  # verify the required parameter 'language' is set
  if @api_client.config.client_side_validation && language.nil?
    fail ArgumentError, "Missing the required parameter 'language' when calling SecurityMonitoringAPI.get_static_analysis_default_rulesets"
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/default-rulesets/{language}'.sub('{language}', CGI.escape(language.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'DefaultRulesetsPerLanguageResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_static_analysis_default_rulesets,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_static_analysis_default_rulesets\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_static_analysis_node_types(language, opts = {}) ⇒ Object

Get node types for a language.

See Also:

• #get_static_analysis_node_types_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5742

def get_static_analysis_node_types(language, opts = {})
  data, _status_code, _headers = get_static_analysis_node_types_with_http_info(language, opts)
  data
end

#get_static_analysis_node_types_with_http_info(language, opts = {}) ⇒ Array<(NodeTypesResponse, Integer, Hash)>

Get node types for a language.

Retrieve tree-sitter node type definitions for a given programming language.

Parameters:

• language (String) —

  The programming language for which to retrieve node type definitions.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NodeTypesResponse, Integer, Hash)>) —

  NodeTypesResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5754

def get_static_analysis_node_types_with_http_info(language, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_static_analysis_node_types".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_static_analysis_node_types")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_static_analysis_node_types"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_static_analysis_node_types ...'
  end
  # verify the required parameter 'language' is set
  if @api_client.config.client_side_validation && language.nil?
    fail ArgumentError, "Missing the required parameter 'language' when calling SecurityMonitoringAPI.get_static_analysis_node_types"
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/static-analysis-server/node-types/{language}'.sub('{language}', CGI.escape(language.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'NodeTypesResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_static_analysis_node_types,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_static_analysis_node_types\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_static_analysis_ruleset(ruleset_name, opts = {}) ⇒ Object

Get a SAST ruleset.

See Also:

• #get_static_analysis_ruleset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5813

def get_static_analysis_ruleset(ruleset_name, opts = {})
  data, _status_code, _headers = get_static_analysis_ruleset_with_http_info(ruleset_name, opts)
  data
end

#get_static_analysis_ruleset_with_http_info(ruleset_name, opts = {}) ⇒ Array<(SastRulesetResponse, Integer, Hash)>

Get a SAST ruleset.

Get a SAST ruleset by name, including all its rules.

Parameters:

• ruleset_name (String) —

  The name of the ruleset to retrieve.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :include_tests (Boolean) —

  When true, test cases for each rule are included in the response.

• :include_testing_rules (Boolean) —

  When true, rules that are in testing mode are included in the response.

Returns:

• (Array<(SastRulesetResponse, Integer, Hash)>) —

  SastRulesetResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5827

def get_static_analysis_ruleset_with_http_info(ruleset_name, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_static_analysis_ruleset".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_static_analysis_ruleset")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_static_analysis_ruleset"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_static_analysis_ruleset ...'
  end
  # verify the required parameter 'ruleset_name' is set
  if @api_client.config.client_side_validation && ruleset_name.nil?
    fail ArgumentError, "Missing the required parameter 'ruleset_name' when calling SecurityMonitoringAPI.get_static_analysis_ruleset"
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/rulesets/{ruleset_name}'.sub('{ruleset_name}', CGI.escape(ruleset_name.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'include_tests'] = opts[:'include_tests'] if !opts[:'include_tests'].nil?
  query_params[:'include_testing_rules'] = opts[:'include_testing_rules'] if !opts[:'include_testing_rules'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SastRulesetResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_static_analysis_ruleset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_static_analysis_ruleset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_static_analysis_tree_sitter_wasm(file, opts = {}) ⇒ Object

Get tree-sitter WASM file.

See Also:

• #get_static_analysis_tree_sitter_wasm_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5888

def get_static_analysis_tree_sitter_wasm(file, opts = {})
  data, _status_code, _headers = get_static_analysis_tree_sitter_wasm_with_http_info(file, opts)
  data
end

#get_static_analysis_tree_sitter_wasm_with_http_info(file, opts = {}) ⇒ Array<(File, Integer, Hash)>

Get tree-sitter WASM file.

Download the WebAssembly binary for a tree-sitter grammar by file name.

Parameters:

• file (String) —

  The name of the WASM file to download.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(File, Integer, Hash)>) —

  File data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5900

def get_static_analysis_tree_sitter_wasm_with_http_info(file, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.get_static_analysis_tree_sitter_wasm".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.get_static_analysis_tree_sitter_wasm")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.get_static_analysis_tree_sitter_wasm"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_static_analysis_tree_sitter_wasm ...'
  end
  # verify the required parameter 'file' is set
  if @api_client.config.client_side_validation && file.nil?
    fail ArgumentError, "Missing the required parameter 'file' when calling SecurityMonitoringAPI.get_static_analysis_tree_sitter_wasm"
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/static-analysis-server/tree-sitter-wasm/{file}'.sub('{file}', CGI.escape(file.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/octet-stream', 'application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'File'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_static_analysis_tree_sitter_wasm,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_static_analysis_tree_sitter_wasm\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_suggested_actions_matching_signal(signal_id, opts = {}) ⇒ Object

Get suggested actions for a signal.

See Also:

• #get_suggested_actions_matching_signal_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5959

def get_suggested_actions_matching_signal(signal_id, opts = {})
  data, _status_code, _headers = get_suggested_actions_matching_signal_with_http_info(signal_id, opts)
  data
end

#get_suggested_actions_matching_signal_with_http_info(signal_id, opts = {}) ⇒ Array<(SecurityMonitoringSignalSuggestedActionsResponse, Integer, Hash)>

Get suggested actions for a signal.

Get the list of suggested actions for a given security signal.

Parameters:

• signal_id (String) —

  The ID of the signal.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSignalSuggestedActionsResponse, Integer, Hash)>) —

  SecurityMonitoringSignalSuggestedActionsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 5971

def get_suggested_actions_matching_signal_with_http_info(signal_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_suggested_actions_matching_signal ...'
  end
  # verify the required parameter 'signal_id' is set
  if @api_client.config.client_side_validation && signal_id.nil?
    fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.get_suggested_actions_matching_signal"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/suggested_actions'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalSuggestedActionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_suggested_actions_matching_signal,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_suggested_actions_matching_signal\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_suppression_version_history(suppression_id, opts = {}) ⇒ Object

Get a suppression’s version history.

See Also:

• #get_suppression_version_history_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6156

def get_suppression_version_history(suppression_id, opts = {})
  data, _status_code, _headers = get_suppression_version_history_with_http_info(suppression_id, opts)
  data
end

#get_suppression_version_history_with_http_info(suppression_id, opts = {}) ⇒ Array<(GetSuppressionVersionHistoryResponse, Integer, Hash)>

Get a suppression’s version history.

Get a suppression’s version history.

Parameters:

• suppression_id (String) —

  The ID of the suppression rule

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

Returns:

• (Array<(GetSuppressionVersionHistoryResponse, Integer, Hash)>) —

  GetSuppressionVersionHistoryResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6170

def get_suppression_version_history_with_http_info(suppression_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_suppression_version_history ...'
  end
  # verify the required parameter 'suppression_id' is set
  if @api_client.config.client_side_validation && suppression_id.nil?
    fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.get_suppression_version_history"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}/version_history'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'GetSuppressionVersionHistoryResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_suppression_version_history,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_suppression_version_history\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_suppressions_affecting_future_rule(body, opts = {}) ⇒ Object

Get suppressions affecting future rule.

See Also:

• #get_suppressions_affecting_future_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6024

def get_suppressions_affecting_future_rule(body, opts = {})
  data, _status_code, _headers = get_suppressions_affecting_future_rule_with_http_info(body, opts)
  data
end

#get_suppressions_affecting_future_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>

Get suppressions affecting future rule.

Get the list of suppressions that would affect a rule.

Parameters:

• body (SecurityMonitoringRuleCreatePayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6036

def get_suppressions_affecting_future_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_suppressions_affecting_future_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.get_suppressions_affecting_future_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_suppressions_affecting_future_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_suppressions_affecting_future_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_suppressions_affecting_rule(rule_id, opts = {}) ⇒ Object

Get suppressions affecting a specific rule.

See Also:

• #get_suppressions_affecting_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6091

def get_suppressions_affecting_rule(rule_id, opts = {})
  data, _status_code, _headers = get_suppressions_affecting_rule_with_http_info(rule_id, opts)
  data
end

#get_suppressions_affecting_rule_with_http_info(rule_id, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>

Get suppressions affecting a specific rule.

Get the list of suppressions that affect a specific existing rule by its ID.

Parameters:

• rule_id (String) —

  The ID of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6103

def get_suppressions_affecting_rule_with_http_info(rule_id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_suppressions_affecting_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.get_suppressions_affecting_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :get_suppressions_affecting_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_suppressions_affecting_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_vulnerability_notification_rule(id, opts = {}) ⇒ Object

Get details of a vulnerability notification rule.

See Also:

• #get_vulnerability_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6225

def get_vulnerability_notification_rule(id, opts = {})
  data, _status_code, _headers = get_vulnerability_notification_rule_with_http_info(id, opts)
  data
end

#get_vulnerability_notification_rule_with_http_info(id, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Get details of a vulnerability notification rule.

Get the details of a notification rule for security vulnerabilities.

Parameters:

• id (String) —

  ID of the notification rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6237

def get_vulnerability_notification_rule_with_http_info(id, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_vulnerability_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.get_vulnerability_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_vulnerability_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_vulnerability_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_vulnerability_notification_rules(opts = {}) ⇒ Object

Get the list of vulnerability notification rules.

See Also:

• #get_vulnerability_notification_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6290

def get_vulnerability_notification_rules(opts = {})
  data, _status_code, _headers = get_vulnerability_notification_rules_with_http_info(opts)
  data
end

#get_vulnerability_notification_rules_with_http_info(opts = {}) ⇒ Array<(NotificationRulesListResponse, Integer, Hash)>

Get the list of vulnerability notification rules.

Returns the list of notification rules for security vulnerabilities.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRulesListResponse, Integer, Hash)>) —

  NotificationRulesListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6301

def get_vulnerability_notification_rules_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_vulnerability_notification_rules ...'
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities/notification_rules'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRulesListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :get_vulnerability_notification_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_vulnerability_notification_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_assets_sbo_ms(opts = {}) ⇒ Object

List assets SBOMs.

See Also:

• #list_assets_sbo_ms_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6350

def list_assets_sbo_ms(opts = {})
  data, _status_code, _headers = list_assets_sbo_ms_with_http_info(opts)
  data
end

#list_assets_sbo_ms_with_http_info(opts = {}) ⇒ Array<(ListAssetsSBOMsResponse, Integer, Hash)>

List assets SBOMs.

Get a list of assets SBOMs for an organization.

### Pagination

Please review the [Pagination section](#pagination) for the “List Vulnerabilities” endpoint.

### Filtering

Please review the [Filtering section](#filtering) for the “List Vulnerabilities” endpoint.

### Metadata

Please review the [Metadata section](#metadata) for the “List Vulnerabilities” endpoint.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_token (String) —

  Its value must come from the ‘links` section of the response of the first request. Do not manually edit it.

• :page_number (Integer) —

  The page number to be retrieved. It should be equal to or greater than 1.

• :filter_asset_type (AssetType) —

  The type of the assets for the SBOM request.

• :filter_asset_name (String) —

  The name of the asset for the SBOM request.

• :filter_package_name (String) —

  The name of the component that is a dependency of an asset.

• :filter_package_version (String) —

  The version of the component that is a dependency of an asset.

• :filter_license_name (String) —

  The software license name of the component that is a dependency of an asset.

• :filter_license_type (SBOMComponentLicenseType) —

  The software license type of the component that is a dependency of an asset.

Returns:

• (Array<(ListAssetsSBOMsResponse, Integer, Hash)>) —

  ListAssetsSBOMsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6381

def list_assets_sbo_ms_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_assets_sbo_ms ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_number'].nil? && opts[:'page_number'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_number"]" when calling SecurityMonitoringAPI.list_assets_sbo_ms, must be greater than or equal to 1.'
  end
  allowable_values = ['Repository', 'Service', 'Host', 'HostImage', 'Image']
  if @api_client.config.client_side_validation && opts[:'filter_asset_type'] && !allowable_values.include?(opts[:'filter_asset_type'])
    fail ArgumentError, "invalid value for \"filter_asset_type\", must be one of #{allowable_values}"
  end
  allowable_values = ['network_strong_copyleft', 'non_standard_copyleft', 'other_non_free', 'other_non_standard', 'permissive', 'public_domain', 'strong_copyleft', 'weak_copyleft']
  if @api_client.config.client_side_validation && opts[:'filter_license_type'] && !allowable_values.include?(opts[:'filter_license_type'])
    fail ArgumentError, "invalid value for \"filter_license_type\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/sboms'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[token]'] = opts[:'page_token'] if !opts[:'page_token'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'filter[asset_type]'] = opts[:'filter_asset_type'] if !opts[:'filter_asset_type'].nil?
  query_params[:'filter[asset_name]'] = opts[:'filter_asset_name'] if !opts[:'filter_asset_name'].nil?
  query_params[:'filter[package_name]'] = opts[:'filter_package_name'] if !opts[:'filter_package_name'].nil?
  query_params[:'filter[package_version]'] = opts[:'filter_package_version'] if !opts[:'filter_package_version'].nil?
  query_params[:'filter[license_name]'] = opts[:'filter_license_name'] if !opts[:'filter_license_name'].nil?
  query_params[:'filter[license_type]'] = opts[:'filter_license_type'] if !opts[:'filter_license_type'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListAssetsSBOMsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :list_assets_sbo_ms,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_assets_sbo_ms\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_findings(opts = {}) ⇒ Object

List findings.

See Also:

• #list_findings_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6449

def list_findings(opts = {})
  data, _status_code, _headers = list_findings_with_http_info(opts)
  data
end

#list_findings_with_http_info(opts = {}) ⇒ Array<(ListFindingsResponse, Integer, Hash)>

List findings.

Get a list of findings. These include both misconfigurations and identity risks.

Note: To filter and return only identity risks, add the following query parameter: ‘?filter=dd_rule_type:ciem`

### Filtering

Filters can be applied by appending query parameters to the URL.

- Using a single filter: `?filter[attribute_key]=attribute_value`
- Chaining filters: `?filter[attribute_key]=attribute_value&filter[attribute_key]=attribute_value...`
- Filtering on tags: `?filter[tags]=tag_key:tag_value&filter[tags]=tag_key_2:tag_value_2`

Here, ‘attribute_key` can be any of the filter keys described further below.

Query parameters of type ‘integer` support comparison operators (`>`, `>=`, `<`, `<=`). This is particularly useful when filtering by `evaluation_changed_at` or `resource_discovery_timestamp`. For example: `?filter=>20123123121`.

You can also use the negation operator on strings. For example, use ‘filter=-aws*` to filter for any non-AWS resources.

The operator must come after the equal sign. For example, to filter with the ‘>=` operator, add the operator after the equal sign: `filter=>=1678809373257`.

Query parameters must be only among the documented ones and with values of correct types. Duplicated query parameters (e.g. ‘filter=low&filter=info`) are not allowed.

### Additional extension fields

Additional extension fields are available for some findings.

The data is available when you include the query parameter ‘?detailed_findings=true` in the request.

The following fields are available for findings:

• ‘external_id`: The resource external ID related to the finding.

• ‘description`: The description and remediation steps for the finding.

• ‘datadog_link`: The Datadog relative link for the finding.

• ‘ip_addresses`: The list of private IP addresses for the resource related to the finding.

### Response

The response includes an array of finding objects, pagination metadata, and a count of items that match the query.

Each finding object contains the following:

• The finding ID that can be used in a ‘GetFinding` request to retrieve the full finding details.

• Core attributes, including status, evaluation, high-level resource details, muted state, and rule details.

• ‘evaluation_changed_at` and `resource_discovery_date` time stamps.

• An array of associated tags.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_limit (Integer) —

  Limit the number of findings returned. Must be <= 1000.

• :snapshot_timestamp (Integer) —

  Return findings for a given snapshot of time (Unix ms).

• :page_cursor (String) —

  Return the next page of findings pointed to by the cursor.

• :filter_tags (String) —

  Return findings that have these associated tags (repeatable).

• :filter_evaluation_changed_at (String) —

  Return findings that have changed from pass to fail or vice versa on a specified date (Unix ms) or date range (using comparison operators).

• :filter_muted (Boolean) —

  Set to ‘true` to return findings that are muted. Set to `false` to return unmuted findings.

• :filter_rule_id (String) —

  Return findings for the specified rule ID.

• :filter_rule_name (String) —

  Return findings for the specified rule.

• :filter_resource_type (String) —

  Return only findings for the specified resource type.

• :filter_resource_id (String) —

  Return only findings for the specified resource id.

• :filter_discovery_timestamp (String) —

  Return findings that were found on a specified date (Unix ms) or date range (using comparison operators).

• :filter_evaluation (FindingEvaluation) —

  Return only ‘pass` or `fail` findings.

• :filter_status (FindingStatus) —

  Return only findings with the specified status.

• :filter_vulnerability_type (Array<FindingVulnerabilityType>) —

  Return findings that match the selected vulnerability types (repeatable).

• :detailed_findings (Boolean) —

  Return additional fields for some findings.

Returns:

• (Array<(ListFindingsResponse, Integer, Hash)>) —

  ListFindingsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6518

def list_findings_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_findings".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_findings")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_findings"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_findings ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_findings, must be smaller than or equal to 1000.'
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_findings, must be greater than or equal to 1.'
  end
  if @api_client.config.client_side_validation && !opts[:'snapshot_timestamp'].nil? && opts[:'snapshot_timestamp'] < 1
    fail ArgumentError, 'invalid value for "opts[:"snapshot_timestamp"]" when calling SecurityMonitoringAPI.list_findings, must be greater than or equal to 1.'
  end
  allowable_values = ['pass', 'fail']
  if @api_client.config.client_side_validation && opts[:'filter_evaluation'] && !allowable_values.include?(opts[:'filter_evaluation'])
    fail ArgumentError, "invalid value for \"filter_evaluation\", must be one of #{allowable_values}"
  end
  allowable_values = ['critical', 'high', 'medium', 'low', 'info']
  if @api_client.config.client_side_validation && opts[:'filter_status'] && !allowable_values.include?(opts[:'filter_status'])
    fail ArgumentError, "invalid value for \"filter_status\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/posture_management/findings'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?
  query_params[:'snapshot_timestamp'] = opts[:'snapshot_timestamp'] if !opts[:'snapshot_timestamp'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'filter[tags]'] = opts[:'filter_tags'] if !opts[:'filter_tags'].nil?
  query_params[:'filter[evaluation_changed_at]'] = opts[:'filter_evaluation_changed_at'] if !opts[:'filter_evaluation_changed_at'].nil?
  query_params[:'filter[muted]'] = opts[:'filter_muted'] if !opts[:'filter_muted'].nil?
  query_params[:'filter[rule_id]'] = opts[:'filter_rule_id'] if !opts[:'filter_rule_id'].nil?
  query_params[:'filter[rule_name]'] = opts[:'filter_rule_name'] if !opts[:'filter_rule_name'].nil?
  query_params[:'filter[resource_type]'] = opts[:'filter_resource_type'] if !opts[:'filter_resource_type'].nil?
  query_params[:'filter[@resource_id]'] = opts[:'filter_resource_id'] if !opts[:'filter_resource_id'].nil?
  query_params[:'filter[discovery_timestamp]'] = opts[:'filter_discovery_timestamp'] if !opts[:'filter_discovery_timestamp'].nil?
  query_params[:'filter[evaluation]'] = opts[:'filter_evaluation'] if !opts[:'filter_evaluation'].nil?
  query_params[:'filter[status]'] = opts[:'filter_status'] if !opts[:'filter_status'].nil?
  query_params[:'filter[vulnerability_type]'] = @api_client.build_collection_param(opts[:'filter_vulnerability_type'], :multi) if !opts[:'filter_vulnerability_type'].nil?
  query_params[:'detailed_findings'] = opts[:'detailed_findings'] if !opts[:'detailed_findings'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListFindingsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_findings,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )
  new_options[:query_string_normalizer] = HTTParty::Request::NON_RAILS_QUERY_STRING_NORMALIZER

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_findings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_findings_with_pagination(opts = {}) {|Finding| ... } ⇒ Object

List findings.

Provide a paginated version of #list_findings, returning all items.

To use it you need to use a block: list_findings_with_pagination { |item| p item }

Yields:

• (Finding) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6610

def list_findings_with_pagination(opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(opts, "page_limit", 100)
    @api_client.set_attribute_from_path(api_version, opts, "page_limit", Integer, page_size)
    while true do
        response = list_findings(opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length == 0
          break
        end
        @api_client.set_attribute_from_path(api_version, opts, "page_cursor", String, @api_client.get_attribute_from_path(response, "meta.page.cursor"))
    end
end

#list_historical_jobs(opts = {}) ⇒ Object

List historical jobs.

See Also:

• #list_historical_jobs_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6627

def list_historical_jobs(opts = {})
  data, _status_code, _headers = list_historical_jobs_with_http_info(opts)
  data
end

#list_historical_jobs_with_http_info(opts = {}) ⇒ Array<(ListHistoricalJobsResponse, Integer, Hash)>

List historical jobs.

List historical jobs.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

• :sort (String) —

  The order of the jobs in results.

• :filter_query (String) —

  Query used to filter items from the fetched list.

Returns:

• (Array<(ListHistoricalJobsResponse, Integer, Hash)>) —

  ListHistoricalJobsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6642

def list_historical_jobs_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_historical_jobs".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_historical_jobs")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_historical_jobs"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_historical_jobs ...'
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/jobs'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListHistoricalJobsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_historical_jobs,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_historical_jobs\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_indicators_of_compromise(opts = {}) ⇒ Object

List indicators of compromise.

See Also:

• #list_indicators_of_compromise_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6701

def list_indicators_of_compromise(opts = {})
  data, _status_code, _headers = list_indicators_of_compromise_with_http_info(opts)
  data
end

#list_indicators_of_compromise_with_http_info(opts = {}) ⇒ Array<(IoCExplorerListResponse, Integer, Hash)>

List indicators of compromise.

Get a list of indicators of compromise (IoCs) matching the specified filters.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :limit (Integer) —

  Number of results per page.

• :offset (Integer) —

  Pagination offset.

• :query (String) —

  Search/filter query (supports field:value syntax).

• :sort_column (String) —

  Sort column: score, first_seen_ts_epoch, last_seen_ts_epoch, indicator, indicator_type, signal_count, log_count, category, as_type.

• :sort_order (String) —

  Sort order: asc or desc.

• :ocsf (Boolean) —

  When true, return only OCSF field-based matches. When false, return regex/message-based matches.

• :worked_by (String) —

  Filter indicators whose triage state was updated by a specific user UUID.

• :triage_state (IoCTriageState) —

  Filter by triage state.

Returns:

• (Array<(IoCExplorerListResponse, Integer, Hash)>) —

  IoCExplorerListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6720

def list_indicators_of_compromise_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_indicators_of_compromise".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_indicators_of_compromise")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_indicators_of_compromise"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_indicators_of_compromise ...'
  end
  if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 2147483647
    fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SecurityMonitoringAPI.list_indicators_of_compromise, must be smaller than or equal to 2147483647.'
  end
  if @api_client.config.client_side_validation && !opts[:'offset'].nil? && opts[:'offset'] > 2147483647
    fail ArgumentError, 'invalid value for "opts[:"offset"]" when calling SecurityMonitoringAPI.list_indicators_of_compromise, must be smaller than or equal to 2147483647.'
  end
  allowable_values = ['not_reviewed', 'reviewed']
  if @api_client.config.client_side_validation && opts[:'triage_state'] && !allowable_values.include?(opts[:'triage_state'])
    fail ArgumentError, "invalid value for \"triage_state\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/siem/ioc-explorer'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
  query_params[:'offset'] = opts[:'offset'] if !opts[:'offset'].nil?
  query_params[:'query'] = opts[:'query'] if !opts[:'query'].nil?
  query_params[:'sort[column]'] = opts[:'sort_column'] if !opts[:'sort_column'].nil?
  query_params[:'sort[order]'] = opts[:'sort_order'] if !opts[:'sort_order'].nil?
  query_params[:'ocsf'] = opts[:'ocsf'] if !opts[:'ocsf'].nil?
  query_params[:'worked_by'] = opts[:'worked_by'] if !opts[:'worked_by'].nil?
  query_params[:'triage_state'] = opts[:'triage_state'] if !opts[:'triage_state'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'IoCExplorerListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_indicators_of_compromise,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_indicators_of_compromise\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_multiple_rulesets(body, opts = {}) ⇒ Object

Ruleset get multiple.

See Also:

• #list_multiple_rulesets_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6793

def list_multiple_rulesets(body, opts = {})
  data, _status_code, _headers = list_multiple_rulesets_with_http_info(body, opts)
  data
end

#list_multiple_rulesets_with_http_info(body, opts = {}) ⇒ Array<(GetMultipleRulesetsResponse, Integer, Hash)>

Ruleset get multiple.

Get rules for multiple rulesets in batch.

Parameters:

• body (GetMultipleRulesetsRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(GetMultipleRulesetsResponse, Integer, Hash)>) —

  GetMultipleRulesetsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6805

def list_multiple_rulesets_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_multiple_rulesets".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_multiple_rulesets")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_multiple_rulesets"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_multiple_rulesets ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.list_multiple_rulesets"
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/rulesets'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'GetMultipleRulesetsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_multiple_rulesets,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_multiple_rulesets\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_sample_log_generation_subscriptions(opts = {}) ⇒ Object

Get sample log generation subscriptions.

See Also:

• #list_sample_log_generation_subscriptions_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6866

def list_sample_log_generation_subscriptions(opts = {})
  data, _status_code, _headers = list_sample_log_generation_subscriptions_with_http_info(opts)
  data
end

#list_sample_log_generation_subscriptions_with_http_info(opts = {}) ⇒ Array<(SampleLogGenerationSubscriptionsResponse, Integer, Hash)>

Get sample log generation subscriptions.

Get the sample log generation subscriptions for the organization. Sample log generation injects representative example logs for a given Cloud SIEM content pack into the Logs platform, which can be used to test detection rules without onboarding the underlying integration first.

Availability: this endpoint is restricted to Cloud SIEM trial organizations on an eligible pricing model. Other organizations receive a ‘403 Forbidden` (non-trial orgs) or a `400 Bad Request` (feature disabled), and legacy pricing tiers receive a response with `status: not_available`.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :status (SampleLogGenerationSubscriptionsStatusFilter) —

  Filter the subscriptions by status. Use ‘active` to return only currently active subscriptions, or `all` to return every subscription including expired ones. Ignored when `start_timestamp` is provided. Defaults to `active`.

• :start_timestamp (Time) —

  The start of the time range, as an RFC3339 timestamp. When provided, the response includes every subscription that was active at any point in ‘[start_timestamp, end_timestamp]`, and the `status` filter is ignored.

• :end_timestamp (Time) —

  The end of the time range, as an RFC3339 timestamp. Ignored unless ‘start_timestamp` is set. Defaults to the current time when `start_timestamp` is provided.

Returns:

• (Array<(SampleLogGenerationSubscriptionsResponse, Integer, Hash)>) —

  SampleLogGenerationSubscriptionsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6886

def list_sample_log_generation_subscriptions_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_sample_log_generation_subscriptions".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_sample_log_generation_subscriptions")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_sample_log_generation_subscriptions"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_sample_log_generation_subscriptions ...'
  end
  allowable_values = ['active', 'all']
  if @api_client.config.client_side_validation && opts[:'status'] && !allowable_values.include?(opts[:'status'])
    fail ArgumentError, "invalid value for \"status\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/sample_log_generation/subscriptions'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'status'] = opts[:'status'] if !opts[:'status'].nil?
  query_params[:'start_timestamp'] = opts[:'start_timestamp'] if !opts[:'start_timestamp'].nil?
  query_params[:'end_timestamp'] = opts[:'end_timestamp'] if !opts[:'end_timestamp'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SampleLogGenerationSubscriptionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_sample_log_generation_subscriptions,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_sample_log_generation_subscriptions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_scanned_assets_metadata(opts = {}) ⇒ Object

List scanned assets metadata.

See Also:

• #list_scanned_assets_metadata_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 6948

def list_scanned_assets_metadata(opts = {})
  data, _status_code, _headers = list_scanned_assets_metadata_with_http_info(opts)
  data
end

#list_scanned_assets_metadata_with_http_info(opts = {}) ⇒ Array<(ScannedAssetsMetadata, Integer, Hash)>

List scanned assets metadata.

Get a list of security scanned assets metadata for an organization.

### Pagination

For the “List Vulnerabilities” endpoint, see the [Pagination section](#pagination).

### Filtering

For the “List Vulnerabilities” endpoint, see the [Filtering section](#filtering).

### Metadata

For the "List Vulnerabilities" endpoint, see the [Metadata section](#metadata).

### Related endpoints

This endpoint returns additional metadata for cloud resources that is not available from the standard resource endpoints. To access a richer dataset, call this endpoint together with the relevant resource endpoint(s) and merge (join) their results using the resource identifier.

Hosts

To enrich host data, join the response from the [Hosts](docs.datadoghq.com/api/latest/hosts/) endpoint with the response from the scanned-assets-metadata endpoint on the following key fields:

| ENDPOINT | JOIN KEY | TYPE | | — | — | — | | [/api/v1/hosts](docs.datadoghq.com/api/latest/hosts/) | host_list.host_name | string | | /api/v2/security/scanned-assets-metadata | data.attributes.asset.name | string |

**Host Images**

To enrich host image data, join the response from the [Hosts](docs.datadoghq.com/api/latest/hosts/) endpoint with the response from the scanned-assets-metadata endpoint on the following key fields:

| ENDPOINT | JOIN KEY | TYPE | | — | — | — | | [/api/v1/hosts](docs.datadoghq.com/api/latest/hosts/) | host_list.tags_by_source[“Amazon Web Services”] | string | | /api/v2/security/scanned-assets-metadata | data.attributes.asset.name | string |

**Container Images**

To enrich container image data, join the response from the [Container Images](docs.datadoghq.com/api/latest/container-images/) endpoint with the response from the scanned-assets-metadata endpoint on the following key fields:

| ENDPOINT | JOIN KEY | TYPE | | — | — | — | | [/api/v2/container_images](docs.datadoghq.com/api/latest/container-images/) | ‘data.attributes.name`@`data.attributes.repo_digest` | string | | /api/v2/security/scanned-assets-metadata | data.attributes.asset.name | string |

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_token (String) —

  Its value must come from the ‘links` section of the response of the first request. Do not manually edit it.

• :page_number (Integer) —

  The page number to be retrieved. It should be equal to or greater than 1.

• :filter_asset_type (CloudAssetType) —

  The type of the scanned asset.

• :filter_asset_name (String) —

  The name of the scanned asset.

• :filter_last_success_origin (String) —

  The origin of last success scan.

• :filter_last_success_env (String) —

  The environment of last success scan.

Returns:

• (Array<(ScannedAssetsMetadata, Integer, Hash)>) —

  ScannedAssetsMetadata data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7008

def list_scanned_assets_metadata_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_scanned_assets_metadata".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_scanned_assets_metadata")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_scanned_assets_metadata"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_scanned_assets_metadata ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_number'].nil? && opts[:'page_number'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_number"]" when calling SecurityMonitoringAPI.list_scanned_assets_metadata, must be greater than or equal to 1.'
  end
  allowable_values = ['Host', 'HostImage', 'Image']
  if @api_client.config.client_side_validation && opts[:'filter_asset_type'] && !allowable_values.include?(opts[:'filter_asset_type'])
    fail ArgumentError, "invalid value for \"filter_asset_type\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/scanned-assets-metadata'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[token]'] = opts[:'page_token'] if !opts[:'page_token'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'filter[asset.type]'] = opts[:'filter_asset_type'] if !opts[:'filter_asset_type'].nil?
  query_params[:'filter[asset.name]'] = opts[:'filter_asset_name'] if !opts[:'filter_asset_name'].nil?
  query_params[:'filter[last_success.origin]'] = opts[:'filter_last_success_origin'] if !opts[:'filter_last_success_origin'].nil?
  query_params[:'filter[last_success.env]'] = opts[:'filter_last_success_env'] if !opts[:'filter_last_success_env'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ScannedAssetsMetadata'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :list_scanned_assets_metadata,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_scanned_assets_metadata\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_filter_versions(opts = {}) ⇒ Object

Get the version history of security filters.

See Also:

• #list_security_filter_versions_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7136

def list_security_filter_versions(opts = {})
  data, _status_code, _headers = list_security_filter_versions_with_http_info(opts)
  data
end

#list_security_filter_versions_with_http_info(opts = {}) ⇒ Array<(SecurityFilterVersionsResponse, Integer, Hash)>

Get the version history of security filters.

Get the configured security filters at each historical version of the configuration. Each entry in the response represents the set of all security filters at a given version, ordered from the most recent version to the oldest.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFilterVersionsResponse, Integer, Hash)>) —

  SecurityFilterVersionsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7149

def list_security_filter_versions_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_filter_versions ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters/versions'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFilterVersionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_filter_versions,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_filter_versions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_filters(opts = {}) ⇒ Object

Get all security filters.

See Also:

• #list_security_filters_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7076

def list_security_filters(opts = {})
  data, _status_code, _headers = list_security_filters_with_http_info(opts)
  data
end

#list_security_filters_with_http_info(opts = {}) ⇒ Array<(SecurityFiltersResponse, Integer, Hash)>

Get all security filters.

Get the list of configured security filters with their definitions.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFiltersResponse, Integer, Hash)>) —

  SecurityFiltersResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7087

def list_security_filters_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_filters ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFiltersResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_filters,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_filters\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_findings(opts = {}) ⇒ Object

List security findings.

See Also:

• #list_security_findings_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7198

def list_security_findings(opts = {})
  data, _status_code, _headers = list_security_findings_with_http_info(opts)
  data
end

#list_security_findings_with_http_info(opts = {}) ⇒ Array<(ListSecurityFindingsResponse, Integer, Hash)>

List security findings.

Get a list of security findings that match a search query. [See the schema for security findings](docs.datadoghq.com/security/guide/findings-schema/).

### Query Syntax

This endpoint uses the logs query syntax. Findings attributes (living in the attributes.attributes. namespace) are prefixed by @ when queried. Tags are queried without a prefix.

Example: ‘@severity:(critical OR high) @status:open team:platform`

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_query (String) —

  The search query following log search syntax.

• :page_cursor (String) —

  Get the next page of results with a cursor provided in the previous query.

• :page_limit (Integer) —

  The maximum number of findings in the response.

• :sort (SecurityFindingsSort) —

  Sorts by @detection_changed_at.

Returns:

• (Array<(ListSecurityFindingsResponse, Integer, Hash)>) —

  ListSecurityFindingsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7219

def list_security_findings_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_findings ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 150
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_security_findings, must be smaller than or equal to 150.'
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_security_findings, must be greater than or equal to 1.'
  end
  allowable_values = ['@detection_changed_at', '-@detection_changed_at']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/findings'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListSecurityFindingsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_findings,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_findings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_findings_with_pagination(opts = {}) {|SecurityFindingsData| ... } ⇒ Object

List security findings.

Provide a paginated version of #list_security_findings, returning all items.

To use it you need to use a block: list_security_findings_with_pagination { |item| p item }

Yields:

• (SecurityFindingsData) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7286

def list_security_findings_with_pagination(opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(opts, "page_limit", 10)
    @api_client.set_attribute_from_path(api_version, opts, "page_limit", Integer, page_size)
    while true do
        response = list_security_findings(opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length == 0
          break
        end
        @api_client.set_attribute_from_path(api_version, opts, "page_cursor", String, @api_client.get_attribute_from_path(response, "meta.page.after"))
    end
end

#list_security_monitoring_critical_assets(opts = {}) ⇒ Object

Get all critical assets.

See Also:

• #list_security_monitoring_critical_assets_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7303

def list_security_monitoring_critical_assets(opts = {})
  data, _status_code, _headers = list_security_monitoring_critical_assets_with_http_info(opts)
  data
end

#list_security_monitoring_critical_assets_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>

Get all critical assets.

Get the list of all critical assets.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>) —

  SecurityMonitoringCriticalAssetsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7314

def list_security_monitoring_critical_assets_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_critical_assets ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_critical_assets,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_critical_assets\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_datasets(opts = {}) ⇒ Object

List datasets.

See Also:

• #list_security_monitoring_datasets_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7363

def list_security_monitoring_datasets(opts = {})
  data, _status_code, _headers = list_security_monitoring_datasets_with_http_info(opts)
  data
end

#list_security_monitoring_datasets_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringDatasetsListResponse, Integer, Hash)>

List datasets.

List all Cloud SIEM datasets available to the organization, including both customer-defined datasets and Datadog out-of-the-box datasets.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

• :sort (String) —

  Attribute used to sort datasets. Prefix with ‘-` to sort in descending order.

• :filter_query (String) —

  A search query to filter datasets by name or description.

Returns:

• (Array<(SecurityMonitoringDatasetsListResponse, Integer, Hash)>) —

  SecurityMonitoringDatasetsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7379

def list_security_monitoring_datasets_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_security_monitoring_datasets".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_security_monitoring_datasets")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_security_monitoring_datasets"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_datasets ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/datasets'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringDatasetsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_datasets,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_datasets\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_histsignals(opts = {}) ⇒ Object

List hist signals.

See Also:

• #list_security_monitoring_histsignals_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7438

def list_security_monitoring_histsignals(opts = {})
  data, _status_code, _headers = list_security_monitoring_histsignals_with_http_info(opts)
  data
end

#list_security_monitoring_histsignals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

List hist signals.

List hist signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_query (String) —

  The search query for security signals.

• :filter_from (Time) —

  The minimum timestamp for requested security signals.

• :filter_to (Time) —

  The maximum timestamp for requested security signals.

• :sort (SecurityMonitoringSignalsSort) —

  The order of the security signals in results.

• :page_cursor (String) —

  A list of results using the cursor provided in the previous query.

• :page_limit (Integer) —

  The maximum number of security signals in the response.

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7455

def list_security_monitoring_histsignals_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_security_monitoring_histsignals".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_security_monitoring_histsignals")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_security_monitoring_histsignals"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_histsignals ...'
  end
  allowable_values = ['timestamp', '-timestamp']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_security_monitoring_histsignals, must be smaller than or equal to 1000.'
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/histsignals'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?
  query_params[:'filter[from]'] = opts[:'filter_from'] if !opts[:'filter_from'].nil?
  query_params[:'filter[to]'] = opts[:'filter_to'] if !opts[:'filter_to'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_histsignals,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_histsignals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_integration_configs(opts = {}) ⇒ Object

List entity context sync configurations.

See Also:

• #list_security_monitoring_integration_configs_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7523

def list_security_monitoring_integration_configs(opts = {})
  data, _status_code, _headers = list_security_monitoring_integration_configs_with_http_info(opts)
  data
end

#list_security_monitoring_integration_configs_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringIntegrationConfigsResponse, Integer, Hash)>

List entity context sync configurations.

List the entity context sync configurations for Cloud SIEM. Each configuration connects Cloud SIEM to an external source that provides entities (for example, users from an identity provider) for use in signals and the entity explorer.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_integration_type (SecurityMonitoringIntegrationType) —

  Filter the entity context sync configurations by source type.

Returns:

• (Array<(SecurityMonitoringIntegrationConfigsResponse, Integer, Hash)>) —

  SecurityMonitoringIntegrationConfigsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7537

def list_security_monitoring_integration_configs_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_security_monitoring_integration_configs".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_security_monitoring_integration_configs")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_security_monitoring_integration_configs"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_integration_configs ...'
  end
  allowable_values = ['GOOGLE_WORKSPACE', 'OKTA', 'ENTRA_ID']
  if @api_client.config.client_side_validation && opts[:'filter_integration_type'] && !allowable_values.include?(opts[:'filter_integration_type'])
    fail ArgumentError, "invalid value for \"filter_integration_type\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/integration_config'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[integration_type]'] = opts[:'filter_integration_type'] if !opts[:'filter_integration_type'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringIntegrationConfigsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_integration_configs,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_integration_configs\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_rules(opts = {}) ⇒ Object

List rules.

See Also:

• #list_security_monitoring_rules_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7597

def list_security_monitoring_rules(opts = {})
  data, _status_code, _headers = list_security_monitoring_rules_with_http_info(opts)
  data
end

#list_security_monitoring_rules_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringListRulesResponse, Integer, Hash)>

List rules.

List rules.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_size (Integer) —

  Size for a given page. The maximum allowed value is 100.

• :page_number (Integer) —

  Specific page number to return.

• :query (String) —

  A search query to filter security rules. You can filter by attributes such as ‘type`, `source`, `tags`.

• :sort (SecurityMonitoringRuleSort) —

  Attribute used to sort rules. Prefix with ‘-` to sort in descending order.

Returns:

• (Array<(SecurityMonitoringListRulesResponse, Integer, Hash)>) —

  SecurityMonitoringListRulesResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7612

def list_security_monitoring_rules_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_rules ...'
  end
  allowable_values = ['name', 'creation_date', 'update_date', 'enabled', 'type', 'highest_severity', 'source', '-name', '-creation_date', '-update_date', '-enabled', '-type', '-highest_severity', '-source']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'query'] = opts[:'query'] if !opts[:'query'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringListRulesResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_rules,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_signals(opts = {}) ⇒ Object

Get a quick list of security signals.

See Also:

• #list_security_monitoring_signals_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7669

def list_security_monitoring_signals(opts = {})
  data, _status_code, _headers = list_security_monitoring_signals_with_http_info(opts)
  data
end

#list_security_monitoring_signals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

Get a quick list of security signals.

The list endpoint returns security signals that match a search query. Both this endpoint and the POST endpoint can be used interchangeably when listing security signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter_query (String) —

  The search query for security signals.

• :filter_from (Time) —

  The minimum timestamp for requested security signals.

• :filter_to (Time) —

  The maximum timestamp for requested security signals.

• :sort (SecurityMonitoringSignalsSort) —

  The order of the security signals in results.

• :page_cursor (String) —

  A list of results using the cursor provided in the previous query.

• :page_limit (Integer) —

  The maximum number of security signals in the response.

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7688

def list_security_monitoring_signals_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_signals ...'
  end
  allowable_values = ['timestamp', '-timestamp']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 1000
    fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_security_monitoring_signals, must be smaller than or equal to 1000.'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil?
  query_params[:'filter[from]'] = opts[:'filter_from'] if !opts[:'filter_from'].nil?
  query_params[:'filter[to]'] = opts[:'filter_to'] if !opts[:'filter_to'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil?
  query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_signals,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_signals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_security_monitoring_signals_with_pagination(opts = {}) {|SecurityMonitoringSignal| ... } ⇒ Object

Get a quick list of security signals.

Provide a paginated version of #list_security_monitoring_signals, returning all items.

To use it you need to use a block: list_security_monitoring_signals_with_pagination { |item| p item }

Yields:

• (SecurityMonitoringSignal) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7754

def list_security_monitoring_signals_with_pagination(opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(opts, "page_limit", 10)
    @api_client.set_attribute_from_path(api_version, opts, "page_limit", Integer, page_size)
    while true do
        response = list_security_monitoring_signals(opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length == 0
          break
        end
        @api_client.set_attribute_from_path(api_version, opts, "page_cursor", String, @api_client.get_attribute_from_path(response, "meta.page.after"))
    end
end

#list_security_monitoring_suppressions(opts = {}) ⇒ Object

Get all suppression rules.

See Also:

• #list_security_monitoring_suppressions_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7771

def list_security_monitoring_suppressions(opts = {})
  data, _status_code, _headers = list_security_monitoring_suppressions_with_http_info(opts)
  data
end

#list_security_monitoring_suppressions_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringPaginatedSuppressionsResponse, Integer, Hash)>

Get all suppression rules.

Get the list of all suppression rules.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :query (String) —

  Query string.

• :sort (SecurityMonitoringSuppressionSort) —

  Attribute used to sort the list of suppression rules. Prefix with ‘-` to sort in descending order.

• :page_size (Integer) —

  Size for a given page. Use ‘-1` to return all items.

• :page_number (Integer) —

  Specific page number to return.

Returns:

• (Array<(SecurityMonitoringPaginatedSuppressionsResponse, Integer, Hash)>) —

  SecurityMonitoringPaginatedSuppressionsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7786

def list_security_monitoring_suppressions_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_suppressions ...'
  end
  allowable_values = ['name', 'start_date', 'expiration_date', 'update_date', 'enabled', '-name', '-start_date', '-expiration_date', '-update_date', '-creation_date', '-enabled']
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'query'] = opts[:'query'] if !opts[:'query'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringPaginatedSuppressionsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_security_monitoring_suppressions,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_suppressions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_static_analysis_codegen_rulesets(opts = {}) ⇒ Object

List codegen rulesets.

See Also:

• #list_static_analysis_codegen_rulesets_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7843

def list_static_analysis_codegen_rulesets(opts = {})
  data, _status_code, _headers = list_static_analysis_codegen_rulesets_with_http_info(opts)
  data
end

#list_static_analysis_codegen_rulesets_with_http_info(opts = {}) ⇒ Array<(SastRulesetsResponse, Integer, Hash)>

List codegen rulesets.

Get the rulesets relevant for code generation for the authenticated user.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SastRulesetsResponse, Integer, Hash)>) —

  SastRulesetsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7854

def list_static_analysis_codegen_rulesets_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_static_analysis_codegen_rulesets".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_static_analysis_codegen_rulesets")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_static_analysis_codegen_rulesets"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_static_analysis_codegen_rulesets ...'
  end
  # resource path
  local_var_path = '/api/v2/static-analysis/codegen/rulesets'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SastRulesetsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :list_static_analysis_codegen_rulesets,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_static_analysis_codegen_rulesets\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_vulnerabilities(opts = {}) ⇒ Object

List vulnerabilities.

See Also:

• #list_vulnerabilities_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 7909

def list_vulnerabilities(opts = {})
  data, _status_code, _headers = list_vulnerabilities_with_http_info(opts)
  data
end

#list_vulnerabilities_with_http_info(opts = {}) ⇒ Array<(ListVulnerabilitiesResponse, Integer, Hash)>

Deprecated.

This API is deprecated.

List vulnerabilities.

Get a list of vulnerabilities.

### Pagination

Pagination is enabled by default in both ‘vulnerabilities` and `assets`. The size of the page varies depending on the endpoint and cannot be modified. To automate the request of the next page, you can use the links section in the response.

This endpoint will return paginated responses. The pages are stored in the links section of the response:

“‘JSON

"data": [...],
"meta": {...,
"links": {
  "self": "https://.../api/v2/security/vulnerabilities",
  "first": "https://.../api/v2/security/vulnerabilities?page[number]=1&page[token]=abc",
  "last": "https://.../api/v2/security/vulnerabilities?page[number]=43&page[token]=abc",
  "next": "https://.../api/v2/security/vulnerabilities?page[number]=2&page[token]=abc"
}

} “‘

• ‘links.previous` is empty if the first page is requested.

• ‘links.next` is empty if the last page is requested.

#### Token

Vulnerabilities can be created, updated or deleted at any point in time.

Upon the first request, a token is created to ensure consistency across subsequent paginated requests.

A token is valid only for 24 hours.

#### First request

We consider a request to be the first request when there is no ‘page` parameter.

The response of this first request contains the newly created token in the ‘links` section.

This token can then be used in the subsequent paginated requests.

*Note: The first request may take longer to complete than subsequent requests.*

#### Subsequent requests

Any request containing valid ‘page` and `page` parameters will be considered a subsequent request.

If the ‘token` is invalid, a `404` response will be returned.

If the page ‘number` is invalid, a `400` response will be returned.

The returned ‘token` is valid for all requests in the pagination sequence. To send paginated requests in parallel, reuse the same `token` and change only the `page` parameter.

### Filtering

The request can include some filter parameters to filter the data to be retrieved. The format of the filter parameters follows the [JSON:API format](jsonapi.org/format/#fetching-filtering): ‘filter`, where `prop_name` is the property name in the entity being filtered by.

All filters can include multiple values, where data will be filtered with an OR clause: ‘filter=Title1,Title2` will filter all vulnerabilities where title is equal to `Title1` OR `Title2`.

String filters are case sensitive.

Boolean filters accept ‘true` or `false` as values.

Number filters must include an operator as a second filter input: ‘filter[$operator]`. For example, for the vulnerabilities endpoint: `filter[lte]=8`.

Available operators are: ‘eq` (==), `lt` (<), `lte` (<=), `gt` (>) and `gte` (>=).

### Metadata

Following [JSON:API format](jsonapi.org/format/#document-meta), object including non-standard meta-information.

This endpoint includes the meta member in the response. For more details on each of the properties included in this section, check the endpoints response tables.

“‘JSON {

"data": [...],
"meta": {
  "total": 1500,
  "count": 18732,
  "token": "some_token"
},
"links": ...

} “‘ ### Extensions

Requests may include extensions to modify the behavior of the requested endpoint. The filter parameters follow the [JSON:API format](jsonapi.org/extensions/#extensions) format: ‘ext:$extension_name`, where `extension_name` is the name of the modifier that is being applied.

Extensions can only include one value: ‘ext:modifier=value`.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_token (String) —

  Its value must come from the ‘links` section of the response of the first request. Do not manually edit it.

• :page_number (Integer) —

  The page number to be retrieved. It should be equal or greater than ‘1`

• :filter_type (VulnerabilityType) —

  Filter by vulnerability type.

• :filter_cvss_base_score_op (Float) —

  Filter by vulnerability base (i.e. from the original advisory) severity score.

• :filter_cvss_base_severity (VulnerabilitySeverity) —

  Filter by vulnerability base severity.

• :filter_cvss_base_vector (String) —

  Filter by vulnerability base CVSS vector.

• :filter_cvss_datadog_score_op (Float) —

  Filter by vulnerability Datadog severity score.

• :filter_cvss_datadog_severity (VulnerabilitySeverity) —

  Filter by vulnerability Datadog severity.

• :filter_cvss_datadog_vector (String) —

  Filter by vulnerability Datadog CVSS vector.

• :filter_status (VulnerabilityStatus) —

  Filter by the status of the vulnerability.

• :filter_tool (VulnerabilityTool) —

  Filter by the tool of the vulnerability.

• :filter_library_name (String) —

  Filter by library name.

• :filter_library_version (String) —

  Filter by library version.

• :filter_advisory_id (String) —

  Filter by advisory ID.

• :filter_risks_exploitation_probability (Boolean) —

  Filter by exploitation probability.

• :filter_risks_poc_exploit_available (Boolean) —

  Filter by POC exploit availability.

• :filter_risks_exploit_available (Boolean) —

  Filter by public exploit availability.

• :filter_risks_epss_score_op (Float) —

  Filter by vulnerability [EPSS](www.first.org/epss/) severity score.

• :filter_risks_epss_severity (VulnerabilitySeverity) —

  Filter by vulnerability [EPSS](www.first.org/epss/) severity.

• :filter_language (String) —

  Filter by language.

• :filter_ecosystem (VulnerabilityEcosystem) —

  Filter by ecosystem.

• :filter_code_location_location (String) —

  Filter by vulnerability location.

• :filter_code_location_file_path (String) —

  Filter by vulnerability file path.

• :filter_code_location_method (String) —

  Filter by method.

• :filter_fix_available (Boolean) —

  Filter by fix availability.

• :filter_repo_digests (String) —

  Filter by vulnerability ‘repo_digest` (when the vulnerability is related to `Image` asset).

• :filter_origin (String) —

  Filter by origin.

• :filter_running_kernel (Boolean) —

  Filter for whether the vulnerability affects a running kernel (for vulnerabilities related to a ‘Host` asset).

• :filter_asset_name (String) —

  Filter by asset name. This field supports the usage of wildcards (*).

• :filter_asset_type (AssetType) —

  Filter by asset type.

• :filter_asset_version_first (String) —

  Filter by the first version of the asset this vulnerability has been detected on.

• :filter_asset_version_last (String) —

  Filter by the last version of the asset this vulnerability has been detected on.

• :filter_asset_repository_url (String) —

  Filter by the repository url associated to the asset.

• :filter_asset_risks_in_production (Boolean) —

  Filter whether the asset is in production or not.

• :filter_asset_risks_under_attack (Boolean) —

  Filter whether the asset is under attack or not.

• :filter_asset_risks_is_publicly_accessible (Boolean) —

  Filter whether the asset is publicly accessible or not.

• :filter_asset_risks_has_privileged_access (Boolean) —

  Filter whether the asset is publicly accessible or not.

• :filter_asset_risks_has_access_to_sensitive_data (Boolean) —

  Filter whether the asset has access to sensitive data or not.

• :filter_asset_environments (String) —

  Filter by asset environments.

• :filter_asset_teams (String) —

  Filter by asset teams.

• :filter_asset_arch (String) —

  Filter by asset architecture.

• :filter_asset_operating_system_name (String) —

  Filter by asset operating system name.

• :filter_asset_operating_system_version (String) —

  Filter by asset operating system version.

Returns:

• (Array<(ListVulnerabilitiesResponse, Integer, Hash)>) —

  ListVulnerabilitiesResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8053

def list_vulnerabilities_with_http_info(opts = {})
  warn "[DEPRECATION] `ListVulnerabilities` is deprecated."
  unstable_enabled = @api_client.config.unstable_operations["v2.list_vulnerabilities".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_vulnerabilities")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_vulnerabilities"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_vulnerabilities ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_number'].nil? && opts[:'page_number'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_number"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be greater than or equal to 1.'
  end
  allowable_values = ['AdminConsoleActive', 'CodeInjection', 'CommandInjection', 'ComponentWithKnownVulnerability', 'DangerousWorkflows', 'DefaultAppDeployed', 'DefaultHtmlEscapeInvalid', 'DirectoryListingLeak', 'EmailHtmlInjection', 'EndOfLife', 'HardcodedPassword', 'HardcodedSecret', 'HeaderInjection', 'HstsHeaderMissing', 'InsecureAuthProtocol', 'InsecureCookie', 'InsecureJspLayout', 'LdapInjection', 'MaliciousPackage', 'MandatoryRemediation', 'NoHttpOnlyCookie', 'NoSameSiteCookie', 'NoSqlMongoDbInjection', 'PathTraversal', 'ReflectionInjection', 'RiskyLicense', 'SessionRewriting', 'SessionTimeout', 'SqlInjection', 'Ssrf', 'StackTraceLeak', 'TrustBoundaryViolation', 'Unmaintained', 'UntrustedDeserialization', 'UnvalidatedRedirect', 'VerbTampering', 'WeakCipher', 'WeakHash', 'WeakRandomness', 'XContentTypeHeaderMissing', 'XPathInjection', 'Xss']
  if @api_client.config.client_side_validation && opts[:'filter_type'] && !allowable_values.include?(opts[:'filter_type'])
    fail ArgumentError, "invalid value for \"filter_type\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'filter_cvss_base_score_op'].nil? && opts[:'filter_cvss_base_score_op'] > 10
    fail ArgumentError, 'invalid value for "opts[:"filter_cvss_base_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be smaller than or equal to 10.'
  end
  if @api_client.config.client_side_validation && !opts[:'filter_cvss_base_score_op'].nil? && opts[:'filter_cvss_base_score_op'] < 0
    fail ArgumentError, 'invalid value for "opts[:"filter_cvss_base_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be greater than or equal to 0.'
  end
  allowable_values = ['Unknown', 'None', 'Low', 'Medium', 'High', 'Critical']
  if @api_client.config.client_side_validation && opts[:'filter_cvss_base_severity'] && !allowable_values.include?(opts[:'filter_cvss_base_severity'])
    fail ArgumentError, "invalid value for \"filter_cvss_base_severity\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'filter_cvss_datadog_score_op'].nil? && opts[:'filter_cvss_datadog_score_op'] > 10
    fail ArgumentError, 'invalid value for "opts[:"filter_cvss_datadog_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be smaller than or equal to 10.'
  end
  if @api_client.config.client_side_validation && !opts[:'filter_cvss_datadog_score_op'].nil? && opts[:'filter_cvss_datadog_score_op'] < 0
    fail ArgumentError, 'invalid value for "opts[:"filter_cvss_datadog_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be greater than or equal to 0.'
  end
  allowable_values = ['Unknown', 'None', 'Low', 'Medium', 'High', 'Critical']
  if @api_client.config.client_side_validation && opts[:'filter_cvss_datadog_severity'] && !allowable_values.include?(opts[:'filter_cvss_datadog_severity'])
    fail ArgumentError, "invalid value for \"filter_cvss_datadog_severity\", must be one of #{allowable_values}"
  end
  allowable_values = ['Open', 'Muted', 'Remediated', 'InProgress', 'AutoClosed']
  if @api_client.config.client_side_validation && opts[:'filter_status'] && !allowable_values.include?(opts[:'filter_status'])
    fail ArgumentError, "invalid value for \"filter_status\", must be one of #{allowable_values}"
  end
  allowable_values = ['IAST', 'SCA', 'Infra', 'SAST']
  if @api_client.config.client_side_validation && opts[:'filter_tool'] && !allowable_values.include?(opts[:'filter_tool'])
    fail ArgumentError, "invalid value for \"filter_tool\", must be one of #{allowable_values}"
  end
  if @api_client.config.client_side_validation && !opts[:'filter_risks_epss_score_op'].nil? && opts[:'filter_risks_epss_score_op'] > 1
    fail ArgumentError, 'invalid value for "opts[:"filter_risks_epss_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be smaller than or equal to 1.'
  end
  if @api_client.config.client_side_validation && !opts[:'filter_risks_epss_score_op'].nil? && opts[:'filter_risks_epss_score_op'] < 0
    fail ArgumentError, 'invalid value for "opts[:"filter_risks_epss_score_op"]" when calling SecurityMonitoringAPI.list_vulnerabilities, must be greater than or equal to 0.'
  end
  allowable_values = ['Unknown', 'None', 'Low', 'Medium', 'High', 'Critical']
  if @api_client.config.client_side_validation && opts[:'filter_risks_epss_severity'] && !allowable_values.include?(opts[:'filter_risks_epss_severity'])
    fail ArgumentError, "invalid value for \"filter_risks_epss_severity\", must be one of #{allowable_values}"
  end
  allowable_values = ['PyPI', 'Maven', 'NuGet', 'Npm', 'RubyGems', 'Go', 'Packagist', 'Deb', 'Rpm', 'Apk', 'Windows', 'Generic', 'MacOs', 'Oci', 'BottleRocket', 'None']
  if @api_client.config.client_side_validation && opts[:'filter_ecosystem'] && !allowable_values.include?(opts[:'filter_ecosystem'])
    fail ArgumentError, "invalid value for \"filter_ecosystem\", must be one of #{allowable_values}"
  end
  allowable_values = ['Repository', 'Service', 'Host', 'HostImage', 'Image']
  if @api_client.config.client_side_validation && opts[:'filter_asset_type'] && !allowable_values.include?(opts[:'filter_asset_type'])
    fail ArgumentError, "invalid value for \"filter_asset_type\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[token]'] = opts[:'page_token'] if !opts[:'page_token'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'filter[type]'] = opts[:'filter_type'] if !opts[:'filter_type'].nil?
  query_params[:'filter[cvss.base.score][`$op`]'] = opts[:'filter_cvss_base_score_op'] if !opts[:'filter_cvss_base_score_op'].nil?
  query_params[:'filter[cvss.base.severity]'] = opts[:'filter_cvss_base_severity'] if !opts[:'filter_cvss_base_severity'].nil?
  query_params[:'filter[cvss.base.vector]'] = opts[:'filter_cvss_base_vector'] if !opts[:'filter_cvss_base_vector'].nil?
  query_params[:'filter[cvss.datadog.score][`$op`]'] = opts[:'filter_cvss_datadog_score_op'] if !opts[:'filter_cvss_datadog_score_op'].nil?
  query_params[:'filter[cvss.datadog.severity]'] = opts[:'filter_cvss_datadog_severity'] if !opts[:'filter_cvss_datadog_severity'].nil?
  query_params[:'filter[cvss.datadog.vector]'] = opts[:'filter_cvss_datadog_vector'] if !opts[:'filter_cvss_datadog_vector'].nil?
  query_params[:'filter[status]'] = opts[:'filter_status'] if !opts[:'filter_status'].nil?
  query_params[:'filter[tool]'] = opts[:'filter_tool'] if !opts[:'filter_tool'].nil?
  query_params[:'filter[library.name]'] = opts[:'filter_library_name'] if !opts[:'filter_library_name'].nil?
  query_params[:'filter[library.version]'] = opts[:'filter_library_version'] if !opts[:'filter_library_version'].nil?
  query_params[:'filter[advisory.id]'] = opts[:'filter_advisory_id'] if !opts[:'filter_advisory_id'].nil?
  query_params[:'filter[risks.exploitation_probability]'] = opts[:'filter_risks_exploitation_probability'] if !opts[:'filter_risks_exploitation_probability'].nil?
  query_params[:'filter[risks.poc_exploit_available]'] = opts[:'filter_risks_poc_exploit_available'] if !opts[:'filter_risks_poc_exploit_available'].nil?
  query_params[:'filter[risks.exploit_available]'] = opts[:'filter_risks_exploit_available'] if !opts[:'filter_risks_exploit_available'].nil?
  query_params[:'filter[risks.epss.score][`$op`]'] = opts[:'filter_risks_epss_score_op'] if !opts[:'filter_risks_epss_score_op'].nil?
  query_params[:'filter[risks.epss.severity]'] = opts[:'filter_risks_epss_severity'] if !opts[:'filter_risks_epss_severity'].nil?
  query_params[:'filter[language]'] = opts[:'filter_language'] if !opts[:'filter_language'].nil?
  query_params[:'filter[ecosystem]'] = opts[:'filter_ecosystem'] if !opts[:'filter_ecosystem'].nil?
  query_params[:'filter[code_location.location]'] = opts[:'filter_code_location_location'] if !opts[:'filter_code_location_location'].nil?
  query_params[:'filter[code_location.file_path]'] = opts[:'filter_code_location_file_path'] if !opts[:'filter_code_location_file_path'].nil?
  query_params[:'filter[code_location.method]'] = opts[:'filter_code_location_method'] if !opts[:'filter_code_location_method'].nil?
  query_params[:'filter[fix_available]'] = opts[:'filter_fix_available'] if !opts[:'filter_fix_available'].nil?
  query_params[:'filter[repo_digests]'] = opts[:'filter_repo_digests'] if !opts[:'filter_repo_digests'].nil?
  query_params[:'filter[origin]'] = opts[:'filter_origin'] if !opts[:'filter_origin'].nil?
  query_params[:'filter[running_kernel]'] = opts[:'filter_running_kernel'] if !opts[:'filter_running_kernel'].nil?
  query_params[:'filter[asset.name]'] = opts[:'filter_asset_name'] if !opts[:'filter_asset_name'].nil?
  query_params[:'filter[asset.type]'] = opts[:'filter_asset_type'] if !opts[:'filter_asset_type'].nil?
  query_params[:'filter[asset.version.first]'] = opts[:'filter_asset_version_first'] if !opts[:'filter_asset_version_first'].nil?
  query_params[:'filter[asset.version.last]'] = opts[:'filter_asset_version_last'] if !opts[:'filter_asset_version_last'].nil?
  query_params[:'filter[asset.repository_url]'] = opts[:'filter_asset_repository_url'] if !opts[:'filter_asset_repository_url'].nil?
  query_params[:'filter[asset.risks.in_production]'] = opts[:'filter_asset_risks_in_production'] if !opts[:'filter_asset_risks_in_production'].nil?
  query_params[:'filter[asset.risks.under_attack]'] = opts[:'filter_asset_risks_under_attack'] if !opts[:'filter_asset_risks_under_attack'].nil?
  query_params[:'filter[asset.risks.is_publicly_accessible]'] = opts[:'filter_asset_risks_is_publicly_accessible'] if !opts[:'filter_asset_risks_is_publicly_accessible'].nil?
  query_params[:'filter[asset.risks.has_privileged_access]'] = opts[:'filter_asset_risks_has_privileged_access'] if !opts[:'filter_asset_risks_has_privileged_access'].nil?
  query_params[:'filter[asset.risks.has_access_to_sensitive_data]'] = opts[:'filter_asset_risks_has_access_to_sensitive_data'] if !opts[:'filter_asset_risks_has_access_to_sensitive_data'].nil?
  query_params[:'filter[asset.environments]'] = opts[:'filter_asset_environments'] if !opts[:'filter_asset_environments'].nil?
  query_params[:'filter[asset.teams]'] = opts[:'filter_asset_teams'] if !opts[:'filter_asset_teams'].nil?
  query_params[:'filter[asset.arch]'] = opts[:'filter_asset_arch'] if !opts[:'filter_asset_arch'].nil?
  query_params[:'filter[asset.operating_system.name]'] = opts[:'filter_asset_operating_system_name'] if !opts[:'filter_asset_operating_system_name'].nil?
  query_params[:'filter[asset.operating_system.version]'] = opts[:'filter_asset_operating_system_version'] if !opts[:'filter_asset_operating_system_version'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListVulnerabilitiesResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :list_vulnerabilities,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_vulnerabilities\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#list_vulnerable_assets(opts = {}) ⇒ Object

List vulnerable assets.

See Also:

• #list_vulnerable_assets_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8205

def list_vulnerable_assets(opts = {})
  data, _status_code, _headers = list_vulnerable_assets_with_http_info(opts)
  data
end

#list_vulnerable_assets_with_http_info(opts = {}) ⇒ Array<(ListVulnerableAssetsResponse, Integer, Hash)>

List vulnerable assets.

Get a list of vulnerable assets.

### Pagination

Please review the [Pagination section for the “List Vulnerabilities”](#pagination) endpoint.

### Filtering

Please review the [Filtering section for the “List Vulnerabilities”](#filtering) endpoint.

### Metadata

Please review the [Metadata section for the “List Vulnerabilities”](#metadata) endpoint.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page_token (String) —

  Its value must come from the ‘links` section of the response of the first request. Do not manually edit it.

• :page_number (Integer) —

  The page number to be retrieved. It should be equal or greater than ‘1`

• :filter_name (String) —

  Filter by name. This field supports the usage of wildcards (*).

• :filter_type (AssetType) —

  Filter by type.

• :filter_version_first (String) —

  Filter by the first version of the asset since it has been vulnerable.

• :filter_version_last (String) —

  Filter by the last detected version of the asset.

• :filter_repository_url (String) —

  Filter by the repository url associated to the asset.

• :filter_risks_in_production (Boolean) —

  Filter whether the asset is in production or not.

• :filter_risks_under_attack (Boolean) —

  Filter whether the asset (Service) is under attack or not.

• :filter_risks_is_publicly_accessible (Boolean) —

  Filter whether the asset (Host) is publicly accessible or not.

• :filter_risks_has_privileged_access (Boolean) —

  Filter whether the asset (Host) has privileged access or not.

• :filter_risks_has_access_to_sensitive_data (Boolean) —

  Filter whether the asset (Host) has access to sensitive data or not.

• :filter_environments (String) —

  Filter by environment.

• :filter_teams (String) —

  Filter by teams.

• :filter_arch (String) —

  Filter by architecture.

• :filter_operating_system_name (String) —

  Filter by operating system name.

• :filter_operating_system_version (String) —

  Filter by operating system version.

Returns:

• (Array<(ListVulnerableAssetsResponse, Integer, Hash)>) —

  ListVulnerableAssetsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8245

def list_vulnerable_assets_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.list_vulnerable_assets".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.list_vulnerable_assets")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.list_vulnerable_assets"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_vulnerable_assets ...'
  end
  if @api_client.config.client_side_validation && !opts[:'page_number'].nil? && opts[:'page_number'] < 1
    fail ArgumentError, 'invalid value for "opts[:"page_number"]" when calling SecurityMonitoringAPI.list_vulnerable_assets, must be greater than or equal to 1.'
  end
  allowable_values = ['Repository', 'Service', 'Host', 'HostImage', 'Image']
  if @api_client.config.client_side_validation && opts[:'filter_type'] && !allowable_values.include?(opts[:'filter_type'])
    fail ArgumentError, "invalid value for \"filter_type\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerable-assets'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'page[token]'] = opts[:'page_token'] if !opts[:'page_token'].nil?
  query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil?
  query_params[:'filter[name]'] = opts[:'filter_name'] if !opts[:'filter_name'].nil?
  query_params[:'filter[type]'] = opts[:'filter_type'] if !opts[:'filter_type'].nil?
  query_params[:'filter[version.first]'] = opts[:'filter_version_first'] if !opts[:'filter_version_first'].nil?
  query_params[:'filter[version.last]'] = opts[:'filter_version_last'] if !opts[:'filter_version_last'].nil?
  query_params[:'filter[repository_url]'] = opts[:'filter_repository_url'] if !opts[:'filter_repository_url'].nil?
  query_params[:'filter[risks.in_production]'] = opts[:'filter_risks_in_production'] if !opts[:'filter_risks_in_production'].nil?
  query_params[:'filter[risks.under_attack]'] = opts[:'filter_risks_under_attack'] if !opts[:'filter_risks_under_attack'].nil?
  query_params[:'filter[risks.is_publicly_accessible]'] = opts[:'filter_risks_is_publicly_accessible'] if !opts[:'filter_risks_is_publicly_accessible'].nil?
  query_params[:'filter[risks.has_privileged_access]'] = opts[:'filter_risks_has_privileged_access'] if !opts[:'filter_risks_has_privileged_access'].nil?
  query_params[:'filter[risks.has_access_to_sensitive_data]'] = opts[:'filter_risks_has_access_to_sensitive_data'] if !opts[:'filter_risks_has_access_to_sensitive_data'].nil?
  query_params[:'filter[environments]'] = opts[:'filter_environments'] if !opts[:'filter_environments'].nil?
  query_params[:'filter[teams]'] = opts[:'filter_teams'] if !opts[:'filter_teams'].nil?
  query_params[:'filter[arch]'] = opts[:'filter_arch'] if !opts[:'filter_arch'].nil?
  query_params[:'filter[operating_system.name]'] = opts[:'filter_operating_system_name'] if !opts[:'filter_operating_system_name'].nil?
  query_params[:'filter[operating_system.version]'] = opts[:'filter_operating_system_version'] if !opts[:'filter_operating_system_version'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ListVulnerableAssetsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :list_vulnerable_assets,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_vulnerable_assets\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#mute_security_findings(body, opts = {}) ⇒ Object

Mute or unmute security findings.

See Also:

• #mute_security_findings_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8324

def mute_security_findings(body, opts = {})
  data, _status_code, _headers = mute_security_findings_with_http_info(body, opts)
  data
end

#mute_security_findings_with_http_info(body, opts = {}) ⇒ Array<(MuteFindingsResponse, Integer, Hash)>

Mute or unmute security findings.

Mute or unmute security findings. You can mute or unmute up to 100 security findings per request. The request body must include ‘is_muted` and `reason` attributes. The allowed reasons depend on whether the finding is being muted or unmuted:

- To mute a finding: `PENDING_FIX`, `FALSE_POSITIVE`, `OTHER`, `NO_FIX`, `DUPLICATE`, `RISK_ACCEPTED`.
- To unmute a finding: `NO_PENDING_FIX`, `HUMAN_ERROR`, `NO_LONGER_ACCEPTED_RISK`, `OTHER`.

Parameters:

• body (MuteFindingsRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(MuteFindingsResponse, Integer, Hash)>) —

  MuteFindingsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8339

def mute_security_findings_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.mute_security_findings ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.mute_security_findings"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/mute'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'MuteFindingsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :mute_security_findings,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#mute_security_findings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#patch_signal_notification_rule(id, body, opts = {}) ⇒ Object

Patch a signal-based notification rule.

See Also:

• #patch_signal_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8394

def patch_signal_notification_rule(id, body, opts = {})
  data, _status_code, _headers = patch_signal_notification_rule_with_http_info(id, body, opts)
  data
end

#patch_signal_notification_rule_with_http_info(id, body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Patch a signal-based notification rule.

Partially update the notification rule. All fields are optional; if a field is not provided, it is not updated.

Parameters:

• id (String) —

  ID of the notification rule.

• body (PatchNotificationRuleParameters)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8407

def patch_signal_notification_rule_with_http_info(id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.patch_signal_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.patch_signal_notification_rule"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.patch_signal_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/signals/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :patch_signal_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#patch_signal_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#patch_vulnerability_notification_rule(id, body, opts = {}) ⇒ Object

Patch a vulnerability-based notification rule.

See Also:

• #patch_vulnerability_notification_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8466

def patch_vulnerability_notification_rule(id, body, opts = {})
  data, _status_code, _headers = patch_vulnerability_notification_rule_with_http_info(id, body, opts)
  data
end

#patch_vulnerability_notification_rule_with_http_info(id, body, opts = {}) ⇒ Array<(NotificationRuleResponse, Integer, Hash)>

Patch a vulnerability-based notification rule.

Partially update the notification rule. All fields are optional; if a field is not provided, it is not updated.

Parameters:

• id (String) —

  ID of the notification rule.

• body (PatchNotificationRuleParameters)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRuleResponse, Integer, Hash)>) —

  NotificationRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8479

def patch_vulnerability_notification_rule_with_http_info(id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.patch_vulnerability_notification_rule ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.patch_vulnerability_notification_rule"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.patch_vulnerability_notification_rule"
  end
  # resource path
  local_var_path = '/api/v2/security/vulnerabilities/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]

  new_options = opts.merge(
    :operation => :patch_vulnerability_notification_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#patch_vulnerability_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#restore_security_monitoring_rule(rule_id, version, opts = {}) ⇒ Object

Restore a rule to a historical version.

See Also:

• #restore_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8538

def restore_security_monitoring_rule(rule_id, version, opts = {})
  data, _status_code, _headers = restore_security_monitoring_rule_with_http_info(rule_id, version, opts)
  data
end

#restore_security_monitoring_rule_with_http_info(rule_id, version, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

Restore a rule to a historical version.

Restores a custom detection rule to a previously saved historical version. Only custom rules can be restored. Default and partner rules return 400. The restore creates a new version entry; it does not overwrite history.

Parameters:

• rule_id (String) —

  The ID of the rule.

• version (Integer) —

  The historical version number of the rule.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleResponse, Integer, Hash)>) —

  SecurityMonitoringRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8553

def restore_security_monitoring_rule_with_http_info(rule_id, version, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.restore_security_monitoring_rule".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.restore_security_monitoring_rule")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.restore_security_monitoring_rule"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.restore_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.restore_security_monitoring_rule"
  end
  # verify the required parameter 'version' is set
  if @api_client.config.client_side_validation && version.nil?
    fail ArgumentError, "Missing the required parameter 'version' when calling SecurityMonitoringAPI.restore_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}/restore/{version}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/')).sub('{version}', CGI.escape(version.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :restore_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#restore_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#run_historical_job(body, opts = {}) ⇒ Object

Run a historical job.

See Also:

• #run_historical_job_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8616

def run_historical_job(body, opts = {})
  data, _status_code, _headers = run_historical_job_with_http_info(body, opts)
  data
end

#run_historical_job_with_http_info(body, opts = {}) ⇒ Array<(JobCreateResponse, Integer, Hash)>

Run a historical job.

Run a historical job.

Parameters:

• body (RunHistoricalJobRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(JobCreateResponse, Integer, Hash)>) —

  JobCreateResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8628

def run_historical_job_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.run_historical_job".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.run_historical_job")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.run_historical_job"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.run_historical_job ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.run_historical_job"
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/jobs'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'JobCreateResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :run_historical_job,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#run_historical_job\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#search_security_findings(body, opts = {}) ⇒ Object

Search security findings.

See Also:

• #search_security_findings_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8689

def search_security_findings(body, opts = {})
  data, _status_code, _headers = search_security_findings_with_http_info(body, opts)
  data
end

#search_security_findings_with_http_info(body, opts = {}) ⇒ Array<(ListSecurityFindingsResponse, Integer, Hash)>

Search security findings.

Get a list of security findings that match a search query. [See the schema for security findings](docs.datadoghq.com/security/guide/findings-schema/).

### Query Syntax

The API uses the logs query syntax. Findings attributes (living in the attributes.attributes. namespace) are prefixed by @ when queried. Tags are queried without a prefix.

Example: ‘@severity:(critical OR high) @status:open team:platform`

Parameters:

• body (SecurityFindingsSearchRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(ListSecurityFindingsResponse, Integer, Hash)>) —

  ListSecurityFindingsResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8707

def search_security_findings_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.search_security_findings ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.search_security_findings"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/search'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'ListSecurityFindingsResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :search_security_findings,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#search_security_findings\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#search_security_findings_with_pagination(body, opts = {}) {|SecurityFindingsData| ... } ⇒ Object

Search security findings.

Provide a paginated version of #search_security_findings, returning all items.

To use it you need to use a block: search_security_findings_with_pagination { |item| p item }

Yields:

• (SecurityFindingsData) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8766

def search_security_findings_with_pagination(body, opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(body, "data.attributes.page.limit", 10)
    @api_client.set_attribute_from_path(api_version, body, "data.attributes.page.limit", SecurityFindingsSearchRequestData, page_size)
    while true do
        response = search_security_findings(body, opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length == 0
          break
        end
        @api_client.set_attribute_from_path(api_version, body, "data.attributes.page.cursor", SecurityFindingsSearchRequestData, @api_client.get_attribute_from_path(response, "meta.page.after"))
    end
end

#search_security_monitoring_histsignals(opts = {}) ⇒ Object

Search hist signals.

See Also:

• #search_security_monitoring_histsignals_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8783

def search_security_monitoring_histsignals(opts = {})
  data, _status_code, _headers = search_security_monitoring_histsignals_with_http_info(opts)
  data
end

#search_security_monitoring_histsignals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

Search hist signals.

Search hist signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :body (SecurityMonitoringSignalListRequest)

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8795

def search_security_monitoring_histsignals_with_http_info(opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.search_security_monitoring_histsignals".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.search_security_monitoring_histsignals")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.search_security_monitoring_histsignals"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.search_security_monitoring_histsignals ...'
  end
  # resource path
  local_var_path = '/api/v2/siem-historical-detections/histsignals/search'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(opts[:'body'])

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :search_security_monitoring_histsignals,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#search_security_monitoring_histsignals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#search_security_monitoring_signals(opts = {}) ⇒ Object

Get a list of security signals.

See Also:

• #search_security_monitoring_signals_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8852

def search_security_monitoring_signals(opts = {})
  data, _status_code, _headers = search_security_monitoring_signals_with_http_info(opts)
  data
end

#search_security_monitoring_signals_with_http_info(opts = {}) ⇒ Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>

Get a list of security signals.

Returns security signals that match a search query. Both this endpoint and the GET endpoint can be used interchangeably for listing security signals.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :body (SecurityMonitoringSignalListRequest)

Returns:

• (Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>) —

  SecurityMonitoringSignalsListResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8866

def search_security_monitoring_signals_with_http_info(opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.search_security_monitoring_signals ...'
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/signals/search'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(opts[:'body'])

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :search_security_monitoring_signals,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#search_security_monitoring_signals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#search_security_monitoring_signals_with_pagination(opts = {}) {|SecurityMonitoringSignal| ... } ⇒ Object

Get a list of security signals.

Provide a paginated version of #search_security_monitoring_signals, returning all items.

To use it you need to use a block: search_security_monitoring_signals_with_pagination { |item| p item }

Yields:

• (SecurityMonitoringSignal) —

  Paginated items

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8921

def search_security_monitoring_signals_with_pagination(opts = {})
    api_version = "V2"
    page_size = @api_client.get_attribute_from_path(opts, "body.page.limit", 10)
    @api_client.set_attribute_from_path(api_version, opts, "body.page.limit", SecurityMonitoringSignalListRequest, page_size)
    while true do
        response = search_security_monitoring_signals(opts)
        @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) }
        if @api_client.get_attribute_from_path(response, "data").length == 0
          break
        end
        @api_client.set_attribute_from_path(api_version, opts, "body.page.cursor", SecurityMonitoringSignalListRequest, @api_client.get_attribute_from_path(response, "meta.page.after"))
    end
end

#send_security_monitoring_notification_preview(body, opts = {}) ⇒ Object

Test a notification rule.

See Also:

• #send_security_monitoring_notification_preview_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8938

def send_security_monitoring_notification_preview(body, opts = {})
  data, _status_code, _headers = send_security_monitoring_notification_preview_with_http_info(body, opts)
  data
end

#send_security_monitoring_notification_preview_with_http_info(body, opts = {}) ⇒ Array<(NotificationRulePreviewResponse, Integer, Hash)>

Test a notification rule.

Send a notification preview to test that a notification rule’s targets are properly configured.

Parameters:

• body (CreateNotificationRuleParameters)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(NotificationRulePreviewResponse, Integer, Hash)>) —

  NotificationRulePreviewResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 8950

def send_security_monitoring_notification_preview_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.send_security_monitoring_notification_preview ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.send_security_monitoring_notification_preview"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/notification_rules/send_notification_preview'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'NotificationRulePreviewResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :send_security_monitoring_notification_preview,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#send_security_monitoring_notification_preview\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#test_existing_security_monitoring_rule(rule_id, body, opts = {}) ⇒ Object

Test an existing rule.

See Also:

• #test_existing_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9005

def test_existing_security_monitoring_rule(rule_id, body, opts = {})
  data, _status_code, _headers = test_existing_security_monitoring_rule_with_http_info(rule_id, body, opts)
  data
end

#test_existing_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) ⇒ Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>

Test an existing rule.

Test an existing rule.

Parameters:

• rule_id (String) —

  The ID of the rule.

• body (SecurityMonitoringRuleTestRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>) —

  SecurityMonitoringRuleTestResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9018

def test_existing_security_monitoring_rule_with_http_info(rule_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.test_existing_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.test_existing_security_monitoring_rule"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.test_existing_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}/test'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleTestResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :test_existing_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#test_existing_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#test_security_monitoring_rule(body, opts = {}) ⇒ Object

Test a rule.

See Also:

• #test_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9077

def test_security_monitoring_rule(body, opts = {})
  data, _status_code, _headers = test_security_monitoring_rule_with_http_info(body, opts)
  data
end

#test_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>

Test a rule.

Test a rule.

Parameters:

• body (SecurityMonitoringRuleTestRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleTestResponse, Integer, Hash)>) —

  SecurityMonitoringRuleTestResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9089

def test_security_monitoring_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.test_security_monitoring_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.test_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/test'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleTestResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :test_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#test_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_custom_framework(handle, version, body, opts = {}) ⇒ Object

Update a custom framework.

See Also:

• #update_custom_framework_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9144

def update_custom_framework(handle, version, body, opts = {})
  data, _status_code, _headers = update_custom_framework_with_http_info(handle, version, body, opts)
  data
end

#update_custom_framework_with_http_info(handle, version, body, opts = {}) ⇒ Array<(UpdateCustomFrameworkResponse, Integer, Hash)>

Update a custom framework.

Update a custom framework.

Parameters:

• handle (String) —

  The framework handle

• version (String) —

  The framework version

• body (UpdateCustomFrameworkRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(UpdateCustomFrameworkResponse, Integer, Hash)>) —

  UpdateCustomFrameworkResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9158

def update_custom_framework_with_http_info(handle, version, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_custom_framework ...'
  end
  # verify the required parameter 'handle' is set
  if @api_client.config.client_side_validation && handle.nil?
    fail ArgumentError, "Missing the required parameter 'handle' when calling SecurityMonitoringAPI.update_custom_framework"
  end
  # verify the required parameter 'version' is set
  if @api_client.config.client_side_validation && version.nil?
    fail ArgumentError, "Missing the required parameter 'version' when calling SecurityMonitoringAPI.update_custom_framework"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_custom_framework"
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/custom_frameworks/{handle}/{version}'.sub('{handle}', CGI.escape(handle.to_s).gsub('%2F', '/')).sub('{version}', CGI.escape(version.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'UpdateCustomFrameworkResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_custom_framework,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Put, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_custom_framework\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_findings_assignee(body, opts = {}) ⇒ Object

Assign or unassign security findings.

See Also:

• #update_findings_assignee_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9221

def update_findings_assignee(body, opts = {})
  data, _status_code, _headers = update_findings_assignee_with_http_info(body, opts)
  data
end

#update_findings_assignee_with_http_info(body, opts = {}) ⇒ Array<(AssigneeResponse, Integer, Hash)>

Assign or unassign security findings.

Assign or unassign security findings. You can assign up to 100 security findings per request. Set ‘assignee_id` to the unique identifier of the Datadog user you want to assign the findings to. Omit `assignee_id` (or set it to `null`) to unassign the findings. Per-finding warnings and failures are returned in the response `meta` object.

Parameters:

• body (AssigneeRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(AssigneeResponse, Integer, Hash)>) —

  AssigneeResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9234

def update_findings_assignee_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.update_findings_assignee".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.update_findings_assignee")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.update_findings_assignee"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_findings_assignee ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_findings_assignee"
  end
  # resource path
  local_var_path = '/api/v2/security/findings/assignee'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'AssigneeResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_findings_assignee,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_findings_assignee\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_resource_evaluation_filters(body, opts = {}) ⇒ Object

Update resource filters.

See Also:

• #update_resource_evaluation_filters_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9295

def update_resource_evaluation_filters(body, opts = {})
  data, _status_code, _headers = update_resource_evaluation_filters_with_http_info(body, opts)
  data
end

#update_resource_evaluation_filters_with_http_info(body, opts = {}) ⇒ Array<(UpdateResourceEvaluationFiltersResponse, Integer, Hash)>

Update resource filters.

Update resource filters.

Parameters:

• body (UpdateResourceEvaluationFiltersRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(UpdateResourceEvaluationFiltersResponse, Integer, Hash)>) —

  UpdateResourceEvaluationFiltersResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9307

def update_resource_evaluation_filters_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_resource_evaluation_filters ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_resource_evaluation_filters"
  end
  # resource path
  local_var_path = '/api/v2/cloud_security_management/resource_filters'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'UpdateResourceEvaluationFiltersResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_resource_evaluation_filters,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Put, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_resource_evaluation_filters\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_filter(security_filter_id, body, opts = {}) ⇒ Object

Update a security filter.

See Also:

• #update_security_filter_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9362

def update_security_filter(security_filter_id, body, opts = {})
  data, _status_code, _headers = update_security_filter_with_http_info(security_filter_id, body, opts)
  data
end

#update_security_filter_with_http_info(security_filter_id, body, opts = {}) ⇒ Array<(SecurityFilterResponse, Integer, Hash)>

Update a security filter.

Update a specific security filter. Returns the security filter object when the request is successful.

Parameters:

• security_filter_id (String) —

  The ID of the security filter.

• body (SecurityFilterUpdateRequest) —

  New definition of the security filter.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityFilterResponse, Integer, Hash)>) —

  SecurityFilterResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9376

def update_security_filter_with_http_info(security_filter_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_filter ...'
  end
  # verify the required parameter 'security_filter_id' is set
  if @api_client.config.client_side_validation && security_filter_id.nil?
    fail ArgumentError, "Missing the required parameter 'security_filter_id' when calling SecurityMonitoringAPI.update_security_filter"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_filter"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}'.sub('{security_filter_id}', CGI.escape(security_filter_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityFilterResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_security_filter,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_monitoring_critical_asset(critical_asset_id, body, opts = {}) ⇒ Object

Update a critical asset.

See Also:

• #update_security_monitoring_critical_asset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9435

def update_security_monitoring_critical_asset(critical_asset_id, body, opts = {})
  data, _status_code, _headers = update_security_monitoring_critical_asset_with_http_info(critical_asset_id, body, opts)
  data
end

#update_security_monitoring_critical_asset_with_http_info(critical_asset_id, body, opts = {}) ⇒ Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>

Update a critical asset.

Update a specific critical asset.

Parameters:

• critical_asset_id (String) —

  The ID of the critical asset.

• body (SecurityMonitoringCriticalAssetUpdateRequest) —

  New definition of the critical asset. Supports partial updates.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>) —

  SecurityMonitoringCriticalAssetResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9448

def update_security_monitoring_critical_asset_with_http_info(critical_asset_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_monitoring_critical_asset ...'
  end
  # verify the required parameter 'critical_asset_id' is set
  if @api_client.config.client_side_validation && critical_asset_id.nil?
    fail ArgumentError, "Missing the required parameter 'critical_asset_id' when calling SecurityMonitoringAPI.update_security_monitoring_critical_asset"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_monitoring_critical_asset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id}'.sub('{critical_asset_id}', CGI.escape(critical_asset_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_security_monitoring_critical_asset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_monitoring_critical_asset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_monitoring_dataset(dataset_id, body, opts = {}) ⇒ Object

Update a dataset.

See Also:

• #update_security_monitoring_dataset_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9507

def update_security_monitoring_dataset(dataset_id, body, opts = {})
  update_security_monitoring_dataset_with_http_info(dataset_id, body, opts)
  nil
end

#update_security_monitoring_dataset_with_http_info(dataset_id, body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Update a dataset.

Update an existing Cloud SIEM dataset. The current version of the dataset can be provided to detect concurrent modifications.

Parameters:

• dataset_id (String) —

  The UUID of the dataset.

• body (SecurityMonitoringDatasetUpdateRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9521

def update_security_monitoring_dataset_with_http_info(dataset_id, body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.update_security_monitoring_dataset".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.update_security_monitoring_dataset")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.update_security_monitoring_dataset"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_monitoring_dataset ...'
  end
  # verify the required parameter 'dataset_id' is set
  if @api_client.config.client_side_validation && dataset_id.nil?
    fail ArgumentError, "Missing the required parameter 'dataset_id' when calling SecurityMonitoringAPI.update_security_monitoring_dataset"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_monitoring_dataset"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/datasets/{dataset_id}'.sub('{dataset_id}', CGI.escape(dataset_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_security_monitoring_dataset,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_monitoring_dataset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_monitoring_integration_config(integration_config_id, body, opts = {}) ⇒ Object

Update an entity context sync configuration.

See Also:

• #update_security_monitoring_integration_config_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9586

def update_security_monitoring_integration_config(integration_config_id, body, opts = {})
  data, _status_code, _headers = update_security_monitoring_integration_config_with_http_info(integration_config_id, body, opts)
  data
end

#update_security_monitoring_integration_config_with_http_info(integration_config_id, body, opts = {}) ⇒ Array<(SecurityMonitoringIntegrationConfigResponse, Integer, Hash)>

Update an entity context sync configuration.

Update an existing entity context sync configuration. Supports partial updates; only the fields provided in the request body are modified.

Parameters:

• integration_config_id (String) —

  The ID of the entity context sync configuration.

• body (SecurityMonitoringIntegrationConfigUpdateRequest) —

  The fields to update on the integration configuration.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringIntegrationConfigResponse, Integer, Hash)>) —

  SecurityMonitoringIntegrationConfigResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9599

def update_security_monitoring_integration_config_with_http_info(integration_config_id, body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.update_security_monitoring_integration_config".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.update_security_monitoring_integration_config")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.update_security_monitoring_integration_config"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_monitoring_integration_config ...'
  end
  # verify the required parameter 'integration_config_id' is set
  if @api_client.config.client_side_validation && integration_config_id.nil?
    fail ArgumentError, "Missing the required parameter 'integration_config_id' when calling SecurityMonitoringAPI.update_security_monitoring_integration_config"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_monitoring_integration_config"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/integration_config/{integration_config_id}'.sub('{integration_config_id}', CGI.escape(integration_config_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringIntegrationConfigResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_security_monitoring_integration_config,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_monitoring_integration_config\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_monitoring_rule(rule_id, body, opts = {}) ⇒ Object

Update an existing rule.

See Also:

• #update_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9664

def update_security_monitoring_rule(rule_id, body, opts = {})
  data, _status_code, _headers = update_security_monitoring_rule_with_http_info(rule_id, body, opts)
  data
end

#update_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) ⇒ Array<(SecurityMonitoringRuleResponse, Integer, Hash)>

Update an existing rule.

Update an existing rule. When updating ‘cases`, `queries` or `options`, the whole field must be included. For example, when modifying a query all queries must be included. Default rules can only be updated to be enabled, to change notifications, or to update the tags (default tags cannot be removed).

Parameters:

• rule_id (String) —

  The ID of the rule.

• body (SecurityMonitoringRuleUpdatePayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringRuleResponse, Integer, Hash)>) —

  SecurityMonitoringRuleResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9680

def update_security_monitoring_rule_with_http_info(rule_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_monitoring_rule ...'
  end
  # verify the required parameter 'rule_id' is set
  if @api_client.config.client_side_validation && rule_id.nil?
    fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.update_security_monitoring_rule"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Put, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#update_security_monitoring_suppression(suppression_id, body, opts = {}) ⇒ Object

Update a suppression rule.

See Also:

• #update_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9739

def update_security_monitoring_suppression(suppression_id, body, opts = {})
  data, _status_code, _headers = update_security_monitoring_suppression_with_http_info(suppression_id, body, opts)
  data
end

#update_security_monitoring_suppression_with_http_info(suppression_id, body, opts = {}) ⇒ Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>

Update a suppression rule.

Update a specific suppression rule.

Parameters:

• suppression_id (String) —

  The ID of the suppression rule

• body (SecurityMonitoringSuppressionUpdateRequest) —

  New definition of the suppression rule. Supports partial updates.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>) —

  SecurityMonitoringSuppressionResponse data, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9752

def update_security_monitoring_suppression_with_http_info(suppression_id, body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_monitoring_suppression ...'
  end
  # verify the required parameter 'suppression_id' is set
  if @api_client.config.client_side_validation && suppression_id.nil?
    fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.update_security_monitoring_suppression"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :update_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#validate_security_monitoring_integration_config(integration_config_id, opts = {}) ⇒ Object

Validate an entity context sync configuration.

See Also:

• #validate_security_monitoring_integration_config_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9811

def validate_security_monitoring_integration_config(integration_config_id, opts = {})
  validate_security_monitoring_integration_config_with_http_info(integration_config_id, opts)
  nil
end

#validate_security_monitoring_integration_config_with_http_info(integration_config_id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Validate an entity context sync configuration.

Validate the credentials currently stored on an existing entity context sync configuration. Returns a 200 status code if the credentials are still valid against the external entity source.

Parameters:

• integration_config_id (String) —

  The ID of the entity context sync configuration.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9824

def validate_security_monitoring_integration_config_with_http_info(integration_config_id, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.validate_security_monitoring_integration_config".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.validate_security_monitoring_integration_config")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.validate_security_monitoring_integration_config"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.validate_security_monitoring_integration_config ...'
  end
  # verify the required parameter 'integration_config_id' is set
  if @api_client.config.client_side_validation && integration_config_id.nil?
    fail ArgumentError, "Missing the required parameter 'integration_config_id' when calling SecurityMonitoringAPI.validate_security_monitoring_integration_config"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/integration_config/{integration_config_id}/validate'.sub('{integration_config_id}', CGI.escape(integration_config_id.to_s).gsub('%2F', '/'))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :validate_security_monitoring_integration_config,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#validate_security_monitoring_integration_config\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#validate_security_monitoring_integration_credentials(body, opts = {}) ⇒ Object

Validate entity context sync credentials.

See Also:

• #validate_security_monitoring_integration_credentials_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9883

def validate_security_monitoring_integration_credentials(body, opts = {})
  validate_security_monitoring_integration_credentials_with_http_info(body, opts)
  nil
end

#validate_security_monitoring_integration_credentials_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Validate entity context sync credentials.

Validate a set of credentials against the external entity source before creating a sync configuration. Returns a 200 status code if the credentials are valid.

Parameters:

• body (SecurityMonitoringIntegrationCredentialsValidateRequest) —

  The credentials to validate.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9896

def validate_security_monitoring_integration_credentials_with_http_info(body, opts = {})
  unstable_enabled = @api_client.config.unstable_operations["v2.validate_security_monitoring_integration_credentials".to_sym]
  if unstable_enabled
    @api_client.config.logger.warn format("Using unstable operation '%s'", "v2.validate_security_monitoring_integration_credentials")
  else
    raise DatadogAPIClient::APIError.new(message: format("Unstable operation '%s' is disabled", "v2.validate_security_monitoring_integration_credentials"))
  end

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.validate_security_monitoring_integration_credentials ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.validate_security_monitoring_integration_credentials"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/integration_config/validate'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :validate_security_monitoring_integration_credentials,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#validate_security_monitoring_integration_credentials\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#validate_security_monitoring_rule(body, opts = {}) ⇒ Object

Validate a detection rule.

See Also:

• #validate_security_monitoring_rule_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9957

def validate_security_monitoring_rule(body, opts = {})
  validate_security_monitoring_rule_with_http_info(body, opts)
  nil
end

#validate_security_monitoring_rule_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Validate a detection rule.

Validate a detection rule.

Parameters:

• body (SecurityMonitoringRuleValidatePayload)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 9969

def validate_security_monitoring_rule_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.validate_security_monitoring_rule ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.validate_security_monitoring_rule"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/rules/validation'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :validate_security_monitoring_rule,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#validate_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#validate_security_monitoring_suppression(body, opts = {}) ⇒ Object

Validate a suppression rule.

See Also:

• #validate_security_monitoring_suppression_with_http_info

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 10024

def validate_security_monitoring_suppression(body, opts = {})
  validate_security_monitoring_suppression_with_http_info(body, opts)
  nil
end

#validate_security_monitoring_suppression_with_http_info(body, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Validate a suppression rule.

Validate a suppression rule.

Parameters:

• body (SecurityMonitoringSuppressionCreateRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(nil, Integer, Hash)>) —

  nil, response status code and response headers

# File 'lib/datadog_api_client/v2/api/security_monitoring_api.rb', line 10036

def validate_security_monitoring_suppression_with_http_info(body, opts = {})

  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.validate_security_monitoring_suppression ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.validate_security_monitoring_suppression"
  end
  # resource path
  local_var_path = '/api/v2/security_monitoring/configuration/suppressions/validation'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['*/*'])
  # HTTP header 'Content-Type'
  header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]

  new_options = opts.merge(
    :operation => :validate_security_monitoring_suppression,
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type,
    :api_version => "V2"
  )

  data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SecurityMonitoringAPI#validate_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end