=begin #Datadog API V2 Collection #Collection of all Datadog Public endpoints. The version of the OpenAPI document: 1.0 Contact: support@datadoghq.com Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. This product includes software developed at Datadog (https://www.datadoghq.com/). Copyright 2020-Present Datadog, Inc. =end require 'cgi' module DatadogAPIClient::V2 class SecurityMonitoringAPI attr_accessor :api_client def initialize(api_client = DatadogAPIClient::APIClient.default) @api_client = api_client end # Create a security filter. # # @see #create_security_filter_with_http_info def create_security_filter(body, opts = {}) data, _status_code, _headers = create_security_filter_with_http_info(body, opts) data end # Create a security filter. # # Create a security filter. # # See the [security filter guide](https://docs.datadoghq.com/security_platform/guide/how-to-setup-security-filters-using-security-monitoring-api/) # for more examples. # # @param body [SecurityFilterCreateRequest] The definition of the new security filter. # @param opts [Hash] the optional parameters # @return [Array<(SecurityFilterResponse, Integer, Hash)>] SecurityFilterResponse data, response status code and response headers def create_security_filter_with_http_info(body, opts = {}) if @api_client.config.debugging @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_filter ...' end # verify the required parameter 'body' is set if @api_client.config.client_side_validation && body.nil? fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_filter" end # resource path local_var_path = '/api/v2/security_monitoring/configuration/security_filters' # query parameters query_params = opts[:query_params] || {} # header parameters header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) # form parameters form_params = opts[:form_params] || {} # http body (model) post_body = opts[:debug_body] || @api_client.object_to_http_body(body) # return_type return_type = opts[:debug_return_type] || 'SecurityFilterResponse' # auth_names auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] new_options = opts.merge( :operation => :create_security_filter, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, :return_type => return_type, :api_version => "V2" ) data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options) if @api_client.config.debugging @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end # Create a detection rule. # # @see #create_security_monitoring_rule_with_http_info def create_security_monitoring_rule(body, opts = {}) data, _status_code, _headers = create_security_monitoring_rule_with_http_info(body, opts) data end # Create a detection rule. # # Create a detection rule. # # @param body [SecurityMonitoringRuleCreatePayload] # @param opts [Hash] the optional parameters # @return [Array<(SecurityMonitoringRuleResponse, Integer, Hash)>] SecurityMonitoringRuleResponse data, response status code and response headers def create_security_monitoring_rule_with_http_info(body, opts = {}) if @api_client.config.debugging @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_monitoring_rule ...' end # verify the required parameter 'body' is set if @api_client.config.client_side_validation && body.nil? fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_monitoring_rule" end # resource path local_var_path = '/api/v2/security_monitoring/rules' # query parameters query_params = opts[:query_params] || {} # header parameters header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) # form parameters form_params = opts[:form_params] || {} # http body (model) post_body = opts[:debug_body] || @api_client.object_to_http_body(body) # return_type return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleResponse' # auth_names auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] new_options = opts.merge( :operation => :create_security_monitoring_rule, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, :return_type => return_type, :api_version => "V2" ) data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options) if @api_client.config.debugging @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end # Delete a security filter. # # @see #delete_security_filter_with_http_info def delete_security_filter(security_filter_id, opts = {}) delete_security_filter_with_http_info(security_filter_id, opts) nil end # Delete a security filter. # # Delete a specific security filter. # # @param security_filter_id [String] The ID of the security filter. # @param opts [Hash] the optional parameters # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers def delete_security_filter_with_http_info(security_filter_id, opts = {}) if @api_client.config.debugging @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_filter ...' end # verify the required parameter 'security_filter_id' is set if @api_client.config.client_side_validation && security_filter_id.nil? fail ArgumentError, "Missing the required parameter 'security_filter_id' when calling SecurityMonitoringAPI.delete_security_filter" end # resource path local_var_path = '/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}'.sub('{security_filter_id}', CGI.escape(security_filter_id.to_s).gsub('%2F', '/')) # query parameters query_params = opts[:query_params] || {} # header parameters header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['*/*']) # form parameters form_params = opts[:form_params] || {} # http body (model) post_body = opts[:debug_body] # return_type return_type = opts[:debug_return_type] # auth_names auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] new_options = opts.merge( :operation => :delete_security_filter, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, :return_type => return_type, :api_version => "V2" ) data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options) if @api_client.config.debugging @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end # Delete an existing rule. # # @see #delete_security_monitoring_rule_with_http_info def delete_security_monitoring_rule(rule_id, opts = {}) delete_security_monitoring_rule_with_http_info(rule_id, opts) nil end # Delete an existing rule. # # Delete an existing rule. Default rules cannot be deleted. # # @param rule_id [String] The ID of the rule. # @param opts [Hash] the optional parameters # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers def delete_security_monitoring_rule_with_http_info(rule_id, opts = {}) if @api_client.config.debugging @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_monitoring_rule ...' end # verify the required parameter 'rule_id' is set if @api_client.config.client_side_validation && rule_id.nil? fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.delete_security_monitoring_rule" end # resource path local_var_path = '/api/v2/security_monitoring/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/')) # query parameters query_params = opts[:query_params] || {} # header parameters header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['*/*']) # form parameters form_params = opts[:form_params] || {} # http body (model) post_body = opts[:debug_body] # return_type return_type = opts[:debug_return_type] # auth_names auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] new_options = opts.merge( :operation => :delete_security_monitoring_rule, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, :return_type => return_type, :api_version => "V2" ) data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options) if @api_client.config.debugging @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end # Modify the triage assignee of a security signal. # # @see #edit_security_monitoring_signal_assignee_with_http_info def edit_security_monitoring_signal_assignee(signal_id, body, opts = {}) data, _status_code, _headers = edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts) data end # Modify the triage assignee of a security signal. # # Modify the triage assignee of a security signal. # # @param signal_id [String] The ID of the signal. # @param body [SecurityMonitoringSignalAssigneeUpdateRequest] Attributes describing the signal update. # @param opts [Hash] the optional parameters # @return [Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>] SecurityMonitoringSignalTriageUpdateResponse data, response status code and response headers def edit_security_monitoring_signal_assignee_with_http_info(signal_id, body, opts = {}) if @api_client.config.debugging @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.edit_security_monitoring_signal_assignee ...' end # verify the required parameter 'signal_id' is set if @api_client.config.client_side_validation && signal_id.nil? fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_assignee" end # verify the required parameter 'body' is set if @api_client.config.client_side_validation && body.nil? fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_assignee" end # resource path local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/assignee'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/')) # query parameters query_params = opts[:query_params] || {} # header parameters header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) # form parameters form_params = opts[:form_params] || {} # http body (model) post_body = opts[:debug_body] || @api_client.object_to_http_body(body) # return_type return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalTriageUpdateResponse' # auth_names auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth] new_options = opts.merge( :operation => :edit_security_monitoring_signal_assignee, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, :return_type => return_type, :api_version => "V2" ) data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options) if @api_client.config.debugging @api_client.config.logger.debug "API called: SecurityMonitoringAPI#edit_security_monitoring_signal_assignee\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end # Change the related incidents of a security signal. # # @see #edit_security_monitoring_signal_incidents_with_http_info def edit_security_monitoring_signal_incidents(signal_id, body, opts = {}) data, _status_code, _headers = edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts) data end # Change the related incidents of a security signal. # # Change the related incidents for a security signal. # # @param signal_id [String] The ID of the signal. # @param body [SecurityMonitoringSignalIncidentsUpdateRequest] Attributes describing the signal update. # @param opts [Hash] the optional parameters # @return [Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>] SecurityMonitoringSignalTriageUpdateResponse data, response status code and response headers def edit_security_monitoring_signal_incidents_with_http_info(signal_id, body, opts = {}) if @api_client.config.debugging @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.edit_security_monitoring_signal_incidents ...' end # verify the required parameter 'signal_id' is set if @api_client.config.client_side_validation && signal_id.nil? fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_incidents" end # verify the required parameter 'body' is set if @api_client.config.client_side_validation && body.nil? fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_incidents" end # resource path local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/incidents'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/')) # query parameters query_params = opts[:query_params] || {} # header parameters header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) # form parameters form_params = opts[:form_params] || {} # http body (model) post_body = opts[:debug_body] || @api_client.object_to_http_body(body) # return_type return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalTriageUpdateResponse' # auth_names auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth] new_options = opts.merge( :operation => :edit_security_monitoring_signal_incidents, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, :return_type => return_type, :api_version => "V2" ) data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options) if @api_client.config.debugging @api_client.config.logger.debug "API called: SecurityMonitoringAPI#edit_security_monitoring_signal_incidents\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end # Change the triage state of a security signal. # # @see #edit_security_monitoring_signal_state_with_http_info def edit_security_monitoring_signal_state(signal_id, body, opts = {}) data, _status_code, _headers = edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts) data end # Change the triage state of a security signal. # # Change the triage state of a security signal. # # @param signal_id [String] The ID of the signal. # @param body [SecurityMonitoringSignalStateUpdateRequest] Attributes describing the signal update. # @param opts [Hash] the optional parameters # @return [Array<(SecurityMonitoringSignalTriageUpdateResponse, Integer, Hash)>] SecurityMonitoringSignalTriageUpdateResponse data, response status code and response headers def edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts = {}) if @api_client.config.debugging @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.edit_security_monitoring_signal_state ...' end # verify the required parameter 'signal_id' is set if @api_client.config.client_side_validation && signal_id.nil? fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_state" end # verify the required parameter 'body' is set if @api_client.config.client_side_validation && body.nil? fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.edit_security_monitoring_signal_state" end # resource path local_var_path = '/api/v2/security_monitoring/signals/{signal_id}/state'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/')) # query parameters query_params = opts[:query_params] || {} # header parameters header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) # form parameters form_params = opts[:form_params] || {} # http body (model) post_body = opts[:debug_body] || @api_client.object_to_http_body(body) # return_type return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalTriageUpdateResponse' # auth_names auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth] new_options = opts.merge( :operation => :edit_security_monitoring_signal_state, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, :return_type => return_type, :api_version => "V2" ) data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options) if @api_client.config.debugging @api_client.config.logger.debug "API called: SecurityMonitoringAPI#edit_security_monitoring_signal_state\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end # Get a security filter. # # @see #get_security_filter_with_http_info def get_security_filter(security_filter_id, opts = {}) data, _status_code, _headers = get_security_filter_with_http_info(security_filter_id, opts) data end # Get a security filter. # # Get the details of a specific security filter. # # See the [security filter guide](https://docs.datadoghq.com/security_platform/guide/how-to-setup-security-filters-using-security-monitoring-api/) # for more examples. # # @param security_filter_id [String] The ID of the security filter. # @param opts [Hash] the optional parameters # @return [Array<(SecurityFilterResponse, Integer, Hash)>] SecurityFilterResponse data, response status code and response headers def get_security_filter_with_http_info(security_filter_id, opts = {}) if @api_client.config.debugging @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_filter ...' end # verify the required parameter 'security_filter_id' is set if @api_client.config.client_side_validation && security_filter_id.nil? fail ArgumentError, "Missing the required parameter 'security_filter_id' when calling SecurityMonitoringAPI.get_security_filter" end # resource path local_var_path = '/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}'.sub('{security_filter_id}', CGI.escape(security_filter_id.to_s).gsub('%2F', '/')) # query parameters query_params = opts[:query_params] || {} # header parameters header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # form parameters form_params = opts[:form_params] || {} # http body (model) post_body = opts[:debug_body] # return_type return_type = opts[:debug_return_type] || 'SecurityFilterResponse' # auth_names auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] new_options = opts.merge( :operation => :get_security_filter, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, :return_type => return_type, :api_version => "V2" ) data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options) if @api_client.config.debugging @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end # Get a rule's details. # # @see #get_security_monitoring_rule_with_http_info def get_security_monitoring_rule(rule_id, opts = {}) data, _status_code, _headers = get_security_monitoring_rule_with_http_info(rule_id, opts) data end # Get a rule's details. # # Get a rule's details. # # @param rule_id [String] The ID of the rule. # @param opts [Hash] the optional parameters # @return [Array<(SecurityMonitoringRuleResponse, Integer, Hash)>] SecurityMonitoringRuleResponse data, response status code and response headers def get_security_monitoring_rule_with_http_info(rule_id, opts = {}) if @api_client.config.debugging @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_rule ...' end # verify the required parameter 'rule_id' is set if @api_client.config.client_side_validation && rule_id.nil? fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.get_security_monitoring_rule" end # resource path local_var_path = '/api/v2/security_monitoring/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/')) # query parameters query_params = opts[:query_params] || {} # header parameters header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # form parameters form_params = opts[:form_params] || {} # http body (model) post_body = opts[:debug_body] # return_type return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleResponse' # auth_names auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] new_options = opts.merge( :operation => :get_security_monitoring_rule, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, :return_type => return_type, :api_version => "V2" ) data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options) if @api_client.config.debugging @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end # Get a signal's details. # # @see #get_security_monitoring_signal_with_http_info def get_security_monitoring_signal(signal_id, opts = {}) data, _status_code, _headers = get_security_monitoring_signal_with_http_info(signal_id, opts) data end # Get a signal's details. # # Get a signal's details. # # @param signal_id [String] The ID of the signal. # @param opts [Hash] the optional parameters # @return [Array<(SecurityMonitoringSignal, Integer, Hash)>] SecurityMonitoringSignal data, response status code and response headers def get_security_monitoring_signal_with_http_info(signal_id, opts = {}) if @api_client.config.debugging @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_signal ...' end # verify the required parameter 'signal_id' is set if @api_client.config.client_side_validation && signal_id.nil? fail ArgumentError, "Missing the required parameter 'signal_id' when calling SecurityMonitoringAPI.get_security_monitoring_signal" end # resource path local_var_path = '/api/v2/security_monitoring/signals/{signal_id}'.sub('{signal_id}', CGI.escape(signal_id.to_s).gsub('%2F', '/')) # query parameters query_params = opts[:query_params] || {} # header parameters header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # form parameters form_params = opts[:form_params] || {} # http body (model) post_body = opts[:debug_body] # return_type return_type = opts[:debug_return_type] || 'SecurityMonitoringSignal' # auth_names auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] new_options = opts.merge( :operation => :get_security_monitoring_signal, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, :return_type => return_type, :api_version => "V2" ) data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options) if @api_client.config.debugging @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_signal\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end # Get all security filters. # # @see #list_security_filters_with_http_info def list_security_filters(opts = {}) data, _status_code, _headers = list_security_filters_with_http_info(opts) data end # Get all security filters. # # Get the list of configured security filters with their definitions. # # @param opts [Hash] the optional parameters # @return [Array<(SecurityFiltersResponse, Integer, Hash)>] SecurityFiltersResponse data, response status code and response headers def list_security_filters_with_http_info(opts = {}) if @api_client.config.debugging @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_filters ...' end # resource path local_var_path = '/api/v2/security_monitoring/configuration/security_filters' # query parameters query_params = opts[:query_params] || {} # header parameters header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # form parameters form_params = opts[:form_params] || {} # http body (model) post_body = opts[:debug_body] # return_type return_type = opts[:debug_return_type] || 'SecurityFiltersResponse' # auth_names auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] new_options = opts.merge( :operation => :list_security_filters, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, :return_type => return_type, :api_version => "V2" ) data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options) if @api_client.config.debugging @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_filters\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end # List rules. # # @see #list_security_monitoring_rules_with_http_info def list_security_monitoring_rules(opts = {}) data, _status_code, _headers = list_security_monitoring_rules_with_http_info(opts) data end # List rules. # # List rules. # # @param opts [Hash] the optional parameters # @option opts [Integer] :page_size Size for a given page. The maximum allowed value is 5000. # @option opts [Integer] :page_number Specific page number to return. # @return [Array<(SecurityMonitoringListRulesResponse, Integer, Hash)>] SecurityMonitoringListRulesResponse data, response status code and response headers def list_security_monitoring_rules_with_http_info(opts = {}) if @api_client.config.debugging @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_rules ...' end # resource path local_var_path = '/api/v2/security_monitoring/rules' # query parameters query_params = opts[:query_params] || {} query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil? query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil? # header parameters header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # form parameters form_params = opts[:form_params] || {} # http body (model) post_body = opts[:debug_body] # return_type return_type = opts[:debug_return_type] || 'SecurityMonitoringListRulesResponse' # auth_names auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] new_options = opts.merge( :operation => :list_security_monitoring_rules, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, :return_type => return_type, :api_version => "V2" ) data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options) if @api_client.config.debugging @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end # Get a quick list of security signals. # # @see #list_security_monitoring_signals_with_http_info def list_security_monitoring_signals(opts = {}) data, _status_code, _headers = list_security_monitoring_signals_with_http_info(opts) data end # Get a quick list of security signals. # # The list endpoint returns security signals that match a search query. # Both this endpoint and the POST endpoint can be used interchangeably when listing # security signals. # # @param opts [Hash] the optional parameters # @option opts [String] :filter_query The search query for security signals. # @option opts [Time] :filter_from The minimum timestamp for requested security signals. # @option opts [Time] :filter_to The maximum timestamp for requested security signals. # @option opts [SecurityMonitoringSignalsSort] :sort The order of the security signals in results. # @option opts [String] :page_cursor A list of results using the cursor provided in the previous query. # @option opts [Integer] :page_limit The maximum number of security signals in the response. # @return [Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>] SecurityMonitoringSignalsListResponse data, response status code and response headers def list_security_monitoring_signals_with_http_info(opts = {}) if @api_client.config.debugging @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_signals ...' end allowable_values = ['timestamp', '-timestamp'] if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort']) fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}" end if @api_client.config.client_side_validation && !opts[:'page_limit'].nil? && opts[:'page_limit'] > 1000 fail ArgumentError, 'invalid value for "opts[:"page_limit"]" when calling SecurityMonitoringAPI.list_security_monitoring_signals, must be smaller than or equal to 1000.' end # resource path local_var_path = '/api/v2/security_monitoring/signals' # query parameters query_params = opts[:query_params] || {} query_params[:'filter[query]'] = opts[:'filter_query'] if !opts[:'filter_query'].nil? query_params[:'filter[from]'] = opts[:'filter_from'] if !opts[:'filter_from'].nil? query_params[:'filter[to]'] = opts[:'filter_to'] if !opts[:'filter_to'].nil? query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil? query_params[:'page[cursor]'] = opts[:'page_cursor'] if !opts[:'page_cursor'].nil? query_params[:'page[limit]'] = opts[:'page_limit'] if !opts[:'page_limit'].nil? # header parameters header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # form parameters form_params = opts[:form_params] || {} # http body (model) post_body = opts[:debug_body] # return_type return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse' # auth_names auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] new_options = opts.merge( :operation => :list_security_monitoring_signals, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, :return_type => return_type, :api_version => "V2" ) data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options) if @api_client.config.debugging @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_signals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end # Get a quick list of security signals. # # Provide a paginated version of {#list_security_monitoring_signals}, returning all items. # # To use it you need to use a block: list_security_monitoring_signals_with_pagination { |item| p item } # # @yield [SecurityMonitoringSignal] Paginated items def list_security_monitoring_signals_with_pagination(opts = {}) api_version = "V2" page_size = @api_client.get_attribute_from_path(opts, "page_limit", 10) @api_client.set_attribute_from_path(api_version, opts, "page_limit", Integer, page_size) while true do response = list_security_monitoring_signals(opts) @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) } if @api_client.get_attribute_from_path(response, "data").length < page_size break end @api_client.set_attribute_from_path(api_version, opts, "page_cursor", Integer, @api_client.get_attribute_from_path(response, "meta.page.after")) end end # Get a list of security signals. # # @see #search_security_monitoring_signals_with_http_info def search_security_monitoring_signals(opts = {}) data, _status_code, _headers = search_security_monitoring_signals_with_http_info(opts) data end # Get a list of security signals. # # Returns security signals that match a search query. # Both this endpoint and the GET endpoint can be used interchangeably for listing # security signals. # # @param opts [Hash] the optional parameters # @option opts [SecurityMonitoringSignalListRequest] :body # @return [Array<(SecurityMonitoringSignalsListResponse, Integer, Hash)>] SecurityMonitoringSignalsListResponse data, response status code and response headers def search_security_monitoring_signals_with_http_info(opts = {}) if @api_client.config.debugging @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.search_security_monitoring_signals ...' end # resource path local_var_path = '/api/v2/security_monitoring/signals/search' # query parameters query_params = opts[:query_params] || {} # header parameters header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) # form parameters form_params = opts[:form_params] || {} # http body (model) post_body = opts[:debug_body] || @api_client.object_to_http_body(opts[:'body']) # return_type return_type = opts[:debug_return_type] || 'SecurityMonitoringSignalsListResponse' # auth_names auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] new_options = opts.merge( :operation => :search_security_monitoring_signals, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, :return_type => return_type, :api_version => "V2" ) data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options) if @api_client.config.debugging @api_client.config.logger.debug "API called: SecurityMonitoringAPI#search_security_monitoring_signals\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end # Get a list of security signals. # # Provide a paginated version of {#search_security_monitoring_signals}, returning all items. # # To use it you need to use a block: search_security_monitoring_signals_with_pagination { |item| p item } # # @yield [SecurityMonitoringSignal] Paginated items def search_security_monitoring_signals_with_pagination(opts = {}) api_version = "V2" page_size = @api_client.get_attribute_from_path(opts, "body.page.limit", 10) @api_client.set_attribute_from_path(api_version, opts, "body.page.limit", SecurityMonitoringSignalListRequest, page_size) while true do response = search_security_monitoring_signals(opts) @api_client.get_attribute_from_path(response, "data").each { |item| yield(item) } if @api_client.get_attribute_from_path(response, "data").length < page_size break end @api_client.set_attribute_from_path(api_version, opts, "body.page.cursor", SecurityMonitoringSignalListRequest, @api_client.get_attribute_from_path(response, "meta.page.after")) end end # Update a security filter. # # @see #update_security_filter_with_http_info def update_security_filter(security_filter_id, body, opts = {}) data, _status_code, _headers = update_security_filter_with_http_info(security_filter_id, body, opts) data end # Update a security filter. # # Update a specific security filter. # Returns the security filter object when the request is successful. # # @param security_filter_id [String] The ID of the security filter. # @param body [SecurityFilterUpdateRequest] New definition of the security filter. # @param opts [Hash] the optional parameters # @return [Array<(SecurityFilterResponse, Integer, Hash)>] SecurityFilterResponse data, response status code and response headers def update_security_filter_with_http_info(security_filter_id, body, opts = {}) if @api_client.config.debugging @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_filter ...' end # verify the required parameter 'security_filter_id' is set if @api_client.config.client_side_validation && security_filter_id.nil? fail ArgumentError, "Missing the required parameter 'security_filter_id' when calling SecurityMonitoringAPI.update_security_filter" end # verify the required parameter 'body' is set if @api_client.config.client_side_validation && body.nil? fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_filter" end # resource path local_var_path = '/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}'.sub('{security_filter_id}', CGI.escape(security_filter_id.to_s).gsub('%2F', '/')) # query parameters query_params = opts[:query_params] || {} # header parameters header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) # form parameters form_params = opts[:form_params] || {} # http body (model) post_body = opts[:debug_body] || @api_client.object_to_http_body(body) # return_type return_type = opts[:debug_return_type] || 'SecurityFilterResponse' # auth_names auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] new_options = opts.merge( :operation => :update_security_filter, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, :return_type => return_type, :api_version => "V2" ) data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options) if @api_client.config.debugging @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_filter\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end # Update an existing rule. # # @see #update_security_monitoring_rule_with_http_info def update_security_monitoring_rule(rule_id, body, opts = {}) data, _status_code, _headers = update_security_monitoring_rule_with_http_info(rule_id, body, opts) data end # Update an existing rule. # # Update an existing rule. When updating `cases`, `queries` or `options`, the whole field # must be included. For example, when modifying a query all queries must be included. # Default rules can only be updated to be enabled and to change notifications. # # @param rule_id [String] The ID of the rule. # @param body [SecurityMonitoringRuleUpdatePayload] # @param opts [Hash] the optional parameters # @return [Array<(SecurityMonitoringRuleResponse, Integer, Hash)>] SecurityMonitoringRuleResponse data, response status code and response headers def update_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) if @api_client.config.debugging @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_monitoring_rule ...' end # verify the required parameter 'rule_id' is set if @api_client.config.client_side_validation && rule_id.nil? fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.update_security_monitoring_rule" end # verify the required parameter 'body' is set if @api_client.config.client_side_validation && body.nil? fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_monitoring_rule" end # resource path local_var_path = '/api/v2/security_monitoring/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/')) # query parameters query_params = opts[:query_params] || {} # header parameters header_params = opts[:header_params] || {} # HTTP header 'Accept' (if needed) header_params['Accept'] = @api_client.select_header_accept(['application/json']) # HTTP header 'Content-Type' header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) # form parameters form_params = opts[:form_params] || {} # http body (model) post_body = opts[:debug_body] || @api_client.object_to_http_body(body) # return_type return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleResponse' # auth_names auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] new_options = opts.merge( :operation => :update_security_monitoring_rule, :header_params => header_params, :query_params => query_params, :form_params => form_params, :body => post_body, :auth_names => auth_names, :return_type => return_type, :api_version => "V2" ) data, status_code, headers = @api_client.call_api(Net::HTTP::Put, local_var_path, new_options) if @api_client.config.debugging @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_monitoring_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" end return data, status_code, headers end end end