Sha256: 0cc427ef4eb236b474cc0cf180b1c3633f32f811ea1d0219a02e054a4b285384

Contents?: true

Size: 1.52 KB

Versions: 8

Compression:

Stored size: 1.52 KB

Contents

# Validate a detection rule returns "OK" response

require "datadog_api_client"
api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new

body = DatadogAPIClient::V2::SecurityMonitoringStandardRulePayload.new({
  cases: [
    DatadogAPIClient::V2::SecurityMonitoringRuleCaseCreate.new({
      name: "",
      status: DatadogAPIClient::V2::SecurityMonitoringRuleSeverity::INFO,
      notifications: [],
      condition: "a > 0",
    }),
  ],
  has_extended_title: true,
  is_enabled: true,
  message: "My security monitoring rule",
  name: "My security monitoring rule",
  options: DatadogAPIClient::V2::SecurityMonitoringRuleOptions.new({
    evaluation_window: DatadogAPIClient::V2::SecurityMonitoringRuleEvaluationWindow::THIRTY_MINUTES,
    keep_alive: DatadogAPIClient::V2::SecurityMonitoringRuleKeepAlive::THIRTY_MINUTES,
    max_signal_duration: DatadogAPIClient::V2::SecurityMonitoringRuleMaxSignalDuration::THIRTY_MINUTES,
    detection_method: DatadogAPIClient::V2::SecurityMonitoringRuleDetectionMethod::THRESHOLD,
  }),
  queries: [
    DatadogAPIClient::V2::SecurityMonitoringStandardRuleQuery.new({
      query: "source:source_here",
      group_by_fields: [
        "@userIdentity.assumed_role",
      ],
      distinct_fields: [],
      aggregation: DatadogAPIClient::V2::SecurityMonitoringRuleQueryAggregation::COUNT,
      name: "",
    }),
  ],
  tags: [
    "env:prod",
    "team:security",
  ],
  type: DatadogAPIClient::V2::SecurityMonitoringRuleTypeCreate::LOG_DETECTION,
})
api_instance.validate_security_monitoring_rule(body)

Version data entries

8 entries across 8 versions & 1 rubygems

Version Path
datadog_api_client-2.30.0 examples/v2/security-monitoring/ValidateSecurityMonitoringRule.rb
datadog_api_client-2.29.1 examples/v2/security-monitoring/ValidateSecurityMonitoringRule.rb
datadog_api_client-2.28.1 examples/v2/security-monitoring/ValidateSecurityMonitoringRule.rb
datadog_api_client-2.27.1 examples/v2/security-monitoring/ValidateSecurityMonitoringRule.rb
datadog_api_client-2.26.1 examples/v2/security-monitoring/ValidateSecurityMonitoringRule.rb
datadog_api_client-2.26.0 examples/v2/security-monitoring/ValidateSecurityMonitoringRule.rb
datadog_api_client-2.25.0 examples/v2/security-monitoring/ValidateSecurityMonitoringRule.rb
datadog_api_client-2.24.0 examples/v2/security-monitoring/ValidateSecurityMonitoringRule.rb