# Update an existing rule returns "OK" response require "datadog_api_client" api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new # there is a valid "security_rule" in the system SECURITY_RULE_ID = ENV["SECURITY_RULE_ID"] body = DatadogAPIClient::V2::SecurityMonitoringRuleUpdatePayload.new({ name: "Example-Security-Monitoring-Updated", queries: [ DatadogAPIClient::V2::SecurityMonitoringStandardRuleQuery.new({ query: "@test:true", aggregation: DatadogAPIClient::V2::SecurityMonitoringRuleQueryAggregation::COUNT, group_by_fields: [], distinct_fields: [], metrics: [], }), ], filters: [], cases: [ DatadogAPIClient::V2::SecurityMonitoringRuleCase.new({ name: "", status: DatadogAPIClient::V2::SecurityMonitoringRuleSeverity::INFO, condition: "a > 0", notifications: [], }), ], options: DatadogAPIClient::V2::SecurityMonitoringRuleOptions.new({ evaluation_window: DatadogAPIClient::V2::SecurityMonitoringRuleEvaluationWindow::FIFTEEN_MINUTES, keep_alive: DatadogAPIClient::V2::SecurityMonitoringRuleKeepAlive::ONE_HOUR, max_signal_duration: DatadogAPIClient::V2::SecurityMonitoringRuleMaxSignalDuration::ONE_DAY, }), message: "Test rule", tags: [], is_enabled: true, }) p api_instance.update_security_monitoring_rule(SECURITY_RULE_ID, body)