diff --git a/.apigentools-info b/.apigentools-info index 6d5f8ad8574..2d95aaae2f4 100644 --- a/.apigentools-info +++ b/.apigentools-info @@ -4,13 +4,13 @@ "spec_versions": { "v1": { "apigentools_version": "1.6.6", - "regenerated": "2024-12-18 19:23:44.640997", - "spec_repo_commit": "3f22290a" + "regenerated": "2024-12-19 07:26:23.728211", + "spec_repo_commit": "5dd2cbe4" }, "v2": { "apigentools_version": "1.6.6", - "regenerated": "2024-12-18 19:23:44.656520", - "spec_repo_commit": "3f22290a" + "regenerated": "2024-12-19 07:26:23.743147", + "spec_repo_commit": "5dd2cbe4" } } } \ No newline at end of file diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index fea0c1deed3..3480f9db3a7 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -12250,6 +12250,65 @@ components: maximum: 2147483647 type: integer type: object + HistoricalJobOptions: + description: Job options. + properties: + detectionMethod: + $ref: '#/components/schemas/SecurityMonitoringRuleDetectionMethod' + evaluationWindow: + $ref: '#/components/schemas/SecurityMonitoringRuleEvaluationWindow' + impossibleTravelOptions: + $ref: '#/components/schemas/SecurityMonitoringRuleImpossibleTravelOptions' + keepAlive: + $ref: '#/components/schemas/SecurityMonitoringRuleKeepAlive' + maxSignalDuration: + $ref: '#/components/schemas/SecurityMonitoringRuleMaxSignalDuration' + newValueOptions: + $ref: '#/components/schemas/SecurityMonitoringRuleNewValueOptions' + thirdPartyRuleOptions: + $ref: '#/components/schemas/SecurityMonitoringRuleThirdPartyOptions' + type: object + HistoricalJobQuery: + description: Query for selecting logs analyzed by the historical job. + properties: + aggregation: + $ref: '#/components/schemas/SecurityMonitoringRuleQueryAggregation' + distinctFields: + description: Field for which the cardinality is measured. Sent as an array. + items: + description: Field. + type: string + type: array + groupByFields: + description: Fields to group by. + items: + description: Field. + type: string + type: array + hasOptionalGroupByFields: + description: When false, events without a group-by value are ignored by + the query. When true, events with missing group-by fields are processed + with `N/A`, replacing the missing values. + example: false + readOnly: true + type: boolean + metrics: + description: Group of target fields to aggregate over when using the sum, + max, geo data, or new value aggregations. The sum, max, and geo data aggregations + only accept one value in this list, whereas the new value aggregation + accepts up to five values. + items: + description: Field. + type: string + type: array + name: + description: Name of the query. + type: string + query: + description: Query to run on logs. + example: a > 3 + type: string + type: object HistoricalJobResponse: description: Historical job response. properties: @@ -14824,13 +14883,6 @@ components: items: $ref: '#/components/schemas/SecurityMonitoringRuleCaseCreate' type: array - filters: - description: Additional queries to filter matched events before they are - processed. This field is deprecated for log detection, signal correlation, - and workload security rules. - items: - $ref: '#/components/schemas/SecurityMonitoringFilter' - type: array from: description: Starting time of data analyzed by the job. example: 1729843470000 @@ -14849,14 +14901,14 @@ components: example: Excessive number of failed attempts. type: string options: - $ref: '#/components/schemas/SecurityMonitoringRuleOptions' + $ref: '#/components/schemas/HistoricalJobOptions' queries: description: Queries for selecting logs analyzed by the job. items: - $ref: '#/components/schemas/SecurityMonitoringStandardRuleQuery' + $ref: '#/components/schemas/HistoricalJobQuery' type: array referenceTables: - description: Reference tables for the rule. + description: Reference tables used in the queries. items: $ref: '#/components/schemas/SecurityMonitoringReferenceTable' type: array @@ -14866,8 +14918,8 @@ components: type: string type: array thirdPartyCases: - description: Cases for generating results from third-party rules. Only available - for third-party rules. + description: Cases for generating results from third-party detection method. + Only available for third-party detection method. example: [] items: $ref: '#/components/schemas/SecurityMonitoringThirdPartyRuleCaseCreate' @@ -22792,7 +22844,7 @@ components: $ref: '#/components/schemas/ResponseMetaAttributes' type: object SecurityMonitoringReferenceTable: - description: Reference table for the rule. + description: Reference tables used in the queries. properties: checkPresence: description: Whether to include or exclude the matched values. @@ -22804,7 +22856,7 @@ components: description: The field in the log to match against the reference table. type: string ruleQueryName: - description: The name of the rule query to apply the reference table to. + description: The name of the query to apply the reference table to. type: string tableName: description: The name of the reference table. @@ -22835,7 +22887,7 @@ components: description: Case when signal is generated. properties: condition: - description: 'A rule case contains logical operations (`>`,`>=`, `&&`, `||`) + description: 'A case contains logical operations (`>`,`>=`, `&&`, `||`) to determine if a signal should be generated based on the event counts in the previously defined queries.' @@ -22844,7 +22896,7 @@ components: description: Name of the case. type: string notifications: - description: Notification targets for each rule case. + description: Notification targets. items: description: Notification. type: string @@ -22906,7 +22958,8 @@ components: description: 'A time window is specified to match when at least one of the cases matches true. This is a sliding window - and evaluates in real time. For third party rules, this field is not used.' + and evaluates in real time. For third party detection method, this field is + not used.' enum: - 0 - 60 @@ -22935,7 +22988,7 @@ components: x-enum-varnames: - LOG4SHELL SecurityMonitoringRuleImpossibleTravelOptions: - description: Options on impossible travel rules. + description: Options on impossible travel detection method. properties: baselineUserLocations: $ref: '#/components/schemas/SecurityMonitoringRuleImpossibleTravelOptionsBaselineUserLocations' @@ -22951,7 +23004,7 @@ components: SecurityMonitoringRuleKeepAlive: description: "Once a signal is generated, the signal will remain \u201Copen\u201D if a case is matched at least once within\nthis keep alive window. For third - party rules, this field is not used." + party detection method, this field is not used." enum: - 0 - 60 @@ -23009,7 +23062,7 @@ components: - TWELVE_HOURS - ONE_DAY SecurityMonitoringRuleNewValueOptions: - description: Options on new value rules. + description: Options on new value detection method. properties: forgetAfter: $ref: '#/components/schemas/SecurityMonitoringRuleNewValueOptionsForgetAfter' @@ -23079,7 +23132,7 @@ components: - ZERO_OCCURRENCES - ONE_OCCURRENCE SecurityMonitoringRuleOptions: - description: Options on rules. + description: Options. properties: complianceRuleOptions: $ref: '#/components/schemas/CloudConfigurationComplianceRuleOptions' @@ -23221,7 +23274,7 @@ components: type: array type: object SecurityMonitoringRuleThirdPartyOptions: - description: Options on third party rules. + description: Options on third party detection method. properties: defaultNotifications: description: Notification targets for the logs that do not correspond to @@ -24621,7 +24674,7 @@ components: description: Name of the case. type: string notifications: - description: Notification targets for each rule case. + description: Notification targets for each case. items: description: Notification. type: string diff --git a/examples/v2/security-monitoring/RunHistoricalJob.java b/examples/v2/security-monitoring/RunHistoricalJob.java index 2bc7fcb6c11..7c9413d8637 100644 --- a/examples/v2/security-monitoring/RunHistoricalJob.java +++ b/examples/v2/security-monitoring/RunHistoricalJob.java @@ -3,6 +3,8 @@ import com.datadog.api.client.ApiClient; import com.datadog.api.client.ApiException; import com.datadog.api.client.v2.api.SecurityMonitoringApi; +import com.datadog.api.client.v2.model.HistoricalJobOptions; +import com.datadog.api.client.v2.model.HistoricalJobQuery; import com.datadog.api.client.v2.model.JobCreateResponse; import com.datadog.api.client.v2.model.JobDefinition; import com.datadog.api.client.v2.model.RunHistoricalJobRequest; @@ -13,10 +15,8 @@ import com.datadog.api.client.v2.model.SecurityMonitoringRuleEvaluationWindow; import com.datadog.api.client.v2.model.SecurityMonitoringRuleKeepAlive; import com.datadog.api.client.v2.model.SecurityMonitoringRuleMaxSignalDuration; -import com.datadog.api.client.v2.model.SecurityMonitoringRuleOptions; import com.datadog.api.client.v2.model.SecurityMonitoringRuleQueryAggregation; import com.datadog.api.client.v2.model.SecurityMonitoringRuleSeverity; -import com.datadog.api.client.v2.model.SecurityMonitoringStandardRuleQuery; import java.util.Collections; public class Example { @@ -38,7 +38,7 @@ public static void main(String[] args) { .name("Excessive number of failed attempts.") .queries( Collections.singletonList( - new SecurityMonitoringStandardRuleQuery() + new HistoricalJobQuery() .query("source:non_existing_src_weekend") .aggregation( SecurityMonitoringRuleQueryAggregation.COUNT))) @@ -49,7 +49,7 @@ public static void main(String[] args) { .status(SecurityMonitoringRuleSeverity.INFO) .condition("a > 1"))) .options( - new SecurityMonitoringRuleOptions() + new HistoricalJobOptions() .keepAlive(SecurityMonitoringRuleKeepAlive.ONE_HOUR) .maxSignalDuration( SecurityMonitoringRuleMaxSignalDuration.ONE_DAY) diff --git a/src/main/java/com/datadog/api/client/v2/model/HistoricalJobOptions.java b/src/main/java/com/datadog/api/client/v2/model/HistoricalJobOptions.java new file mode 100644 index 00000000000..795adf76d05 --- /dev/null +++ b/src/main/java/com/datadog/api/client/v2/model/HistoricalJobOptions.java @@ -0,0 +1,343 @@ +/* + * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + * This product includes software developed at Datadog (https://www.datadoghq.com/). + * Copyright 2019-Present Datadog, Inc. + */ + +package com.datadog.api.client.v2.model; + +import com.fasterxml.jackson.annotation.JsonAnyGetter; +import com.fasterxml.jackson.annotation.JsonAnySetter; +import com.fasterxml.jackson.annotation.JsonIgnore; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonPropertyOrder; +import java.util.HashMap; +import java.util.Map; +import java.util.Objects; + +/** Job options. */ +@JsonPropertyOrder({ + HistoricalJobOptions.JSON_PROPERTY_DETECTION_METHOD, + HistoricalJobOptions.JSON_PROPERTY_EVALUATION_WINDOW, + HistoricalJobOptions.JSON_PROPERTY_IMPOSSIBLE_TRAVEL_OPTIONS, + HistoricalJobOptions.JSON_PROPERTY_KEEP_ALIVE, + HistoricalJobOptions.JSON_PROPERTY_MAX_SIGNAL_DURATION, + HistoricalJobOptions.JSON_PROPERTY_NEW_VALUE_OPTIONS, + HistoricalJobOptions.JSON_PROPERTY_THIRD_PARTY_RULE_OPTIONS +}) +@jakarta.annotation.Generated( + value = "https://github.com/DataDog/datadog-api-client-java/blob/master/.generator") +public class HistoricalJobOptions { + @JsonIgnore public boolean unparsed = false; + public static final String JSON_PROPERTY_DETECTION_METHOD = "detectionMethod"; + private SecurityMonitoringRuleDetectionMethod detectionMethod; + + public static final String JSON_PROPERTY_EVALUATION_WINDOW = "evaluationWindow"; + private SecurityMonitoringRuleEvaluationWindow evaluationWindow; + + public static final String JSON_PROPERTY_IMPOSSIBLE_TRAVEL_OPTIONS = "impossibleTravelOptions"; + private SecurityMonitoringRuleImpossibleTravelOptions impossibleTravelOptions; + + public static final String JSON_PROPERTY_KEEP_ALIVE = "keepAlive"; + private SecurityMonitoringRuleKeepAlive keepAlive; + + public static final String JSON_PROPERTY_MAX_SIGNAL_DURATION = "maxSignalDuration"; + private SecurityMonitoringRuleMaxSignalDuration maxSignalDuration; + + public static final String JSON_PROPERTY_NEW_VALUE_OPTIONS = "newValueOptions"; + private SecurityMonitoringRuleNewValueOptions newValueOptions; + + public static final String JSON_PROPERTY_THIRD_PARTY_RULE_OPTIONS = "thirdPartyRuleOptions"; + private SecurityMonitoringRuleThirdPartyOptions thirdPartyRuleOptions; + + public HistoricalJobOptions detectionMethod( + SecurityMonitoringRuleDetectionMethod detectionMethod) { + this.detectionMethod = detectionMethod; + this.unparsed |= !detectionMethod.isValid(); + return this; + } + + /** + * The detection method. + * + * @return detectionMethod + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_DETECTION_METHOD) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public SecurityMonitoringRuleDetectionMethod getDetectionMethod() { + return detectionMethod; + } + + public void setDetectionMethod(SecurityMonitoringRuleDetectionMethod detectionMethod) { + if (!detectionMethod.isValid()) { + this.unparsed = true; + } + this.detectionMethod = detectionMethod; + } + + public HistoricalJobOptions evaluationWindow( + SecurityMonitoringRuleEvaluationWindow evaluationWindow) { + this.evaluationWindow = evaluationWindow; + this.unparsed |= !evaluationWindow.isValid(); + return this; + } + + /** + * A time window is specified to match when at least one of the cases matches true. This is a + * sliding window and evaluates in real time. For third party detection method, this field is not + * used. + * + * @return evaluationWindow + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_EVALUATION_WINDOW) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public SecurityMonitoringRuleEvaluationWindow getEvaluationWindow() { + return evaluationWindow; + } + + public void setEvaluationWindow(SecurityMonitoringRuleEvaluationWindow evaluationWindow) { + if (!evaluationWindow.isValid()) { + this.unparsed = true; + } + this.evaluationWindow = evaluationWindow; + } + + public HistoricalJobOptions impossibleTravelOptions( + SecurityMonitoringRuleImpossibleTravelOptions impossibleTravelOptions) { + this.impossibleTravelOptions = impossibleTravelOptions; + this.unparsed |= impossibleTravelOptions.unparsed; + return this; + } + + /** + * Options on impossible travel detection method. + * + * @return impossibleTravelOptions + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_IMPOSSIBLE_TRAVEL_OPTIONS) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public SecurityMonitoringRuleImpossibleTravelOptions getImpossibleTravelOptions() { + return impossibleTravelOptions; + } + + public void setImpossibleTravelOptions( + SecurityMonitoringRuleImpossibleTravelOptions impossibleTravelOptions) { + this.impossibleTravelOptions = impossibleTravelOptions; + } + + public HistoricalJobOptions keepAlive(SecurityMonitoringRuleKeepAlive keepAlive) { + this.keepAlive = keepAlive; + this.unparsed |= !keepAlive.isValid(); + return this; + } + + /** + * Once a signal is generated, the signal will remain “open” if a case is matched at least once + * within this keep alive window. For third party detection method, this field is not used. + * + * @return keepAlive + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_KEEP_ALIVE) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public SecurityMonitoringRuleKeepAlive getKeepAlive() { + return keepAlive; + } + + public void setKeepAlive(SecurityMonitoringRuleKeepAlive keepAlive) { + if (!keepAlive.isValid()) { + this.unparsed = true; + } + this.keepAlive = keepAlive; + } + + public HistoricalJobOptions maxSignalDuration( + SecurityMonitoringRuleMaxSignalDuration maxSignalDuration) { + this.maxSignalDuration = maxSignalDuration; + this.unparsed |= !maxSignalDuration.isValid(); + return this; + } + + /** + * A signal will “close” regardless of the query being matched once the time exceeds the maximum + * duration. This time is calculated from the first seen timestamp. + * + * @return maxSignalDuration + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_MAX_SIGNAL_DURATION) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public SecurityMonitoringRuleMaxSignalDuration getMaxSignalDuration() { + return maxSignalDuration; + } + + public void setMaxSignalDuration(SecurityMonitoringRuleMaxSignalDuration maxSignalDuration) { + if (!maxSignalDuration.isValid()) { + this.unparsed = true; + } + this.maxSignalDuration = maxSignalDuration; + } + + public HistoricalJobOptions newValueOptions( + SecurityMonitoringRuleNewValueOptions newValueOptions) { + this.newValueOptions = newValueOptions; + this.unparsed |= newValueOptions.unparsed; + return this; + } + + /** + * Options on new value detection method. + * + * @return newValueOptions + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_NEW_VALUE_OPTIONS) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public SecurityMonitoringRuleNewValueOptions getNewValueOptions() { + return newValueOptions; + } + + public void setNewValueOptions(SecurityMonitoringRuleNewValueOptions newValueOptions) { + this.newValueOptions = newValueOptions; + } + + public HistoricalJobOptions thirdPartyRuleOptions( + SecurityMonitoringRuleThirdPartyOptions thirdPartyRuleOptions) { + this.thirdPartyRuleOptions = thirdPartyRuleOptions; + this.unparsed |= thirdPartyRuleOptions.unparsed; + return this; + } + + /** + * Options on third party detection method. + * + * @return thirdPartyRuleOptions + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_THIRD_PARTY_RULE_OPTIONS) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public SecurityMonitoringRuleThirdPartyOptions getThirdPartyRuleOptions() { + return thirdPartyRuleOptions; + } + + public void setThirdPartyRuleOptions( + SecurityMonitoringRuleThirdPartyOptions thirdPartyRuleOptions) { + this.thirdPartyRuleOptions = thirdPartyRuleOptions; + } + + /** + * A container for additional, undeclared properties. This is a holder for any undeclared + * properties as specified with the 'additionalProperties' keyword in the OAS document. + */ + private Map additionalProperties; + + /** + * Set the additional (undeclared) property with the specified name and value. If the property + * does not already exist, create it otherwise replace it. + * + * @param key The arbitrary key to set + * @param value The associated value + * @return HistoricalJobOptions + */ + @JsonAnySetter + public HistoricalJobOptions putAdditionalProperty(String key, Object value) { + if (this.additionalProperties == null) { + this.additionalProperties = new HashMap(); + } + this.additionalProperties.put(key, value); + return this; + } + + /** + * Return the additional (undeclared) property. + * + * @return The additional properties + */ + @JsonAnyGetter + public Map getAdditionalProperties() { + return additionalProperties; + } + + /** + * Return the additional (undeclared) property with the specified name. + * + * @param key The arbitrary key to get + * @return The specific additional property for the given key + */ + public Object getAdditionalProperty(String key) { + if (this.additionalProperties == null) { + return null; + } + return this.additionalProperties.get(key); + } + + /** Return true if this HistoricalJobOptions object is equal to o. */ + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + HistoricalJobOptions historicalJobOptions = (HistoricalJobOptions) o; + return Objects.equals(this.detectionMethod, historicalJobOptions.detectionMethod) + && Objects.equals(this.evaluationWindow, historicalJobOptions.evaluationWindow) + && Objects.equals( + this.impossibleTravelOptions, historicalJobOptions.impossibleTravelOptions) + && Objects.equals(this.keepAlive, historicalJobOptions.keepAlive) + && Objects.equals(this.maxSignalDuration, historicalJobOptions.maxSignalDuration) + && Objects.equals(this.newValueOptions, historicalJobOptions.newValueOptions) + && Objects.equals(this.thirdPartyRuleOptions, historicalJobOptions.thirdPartyRuleOptions) + && Objects.equals(this.additionalProperties, historicalJobOptions.additionalProperties); + } + + @Override + public int hashCode() { + return Objects.hash( + detectionMethod, + evaluationWindow, + impossibleTravelOptions, + keepAlive, + maxSignalDuration, + newValueOptions, + thirdPartyRuleOptions, + additionalProperties); + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder(); + sb.append("class HistoricalJobOptions {\n"); + sb.append(" detectionMethod: ").append(toIndentedString(detectionMethod)).append("\n"); + sb.append(" evaluationWindow: ").append(toIndentedString(evaluationWindow)).append("\n"); + sb.append(" impossibleTravelOptions: ") + .append(toIndentedString(impossibleTravelOptions)) + .append("\n"); + sb.append(" keepAlive: ").append(toIndentedString(keepAlive)).append("\n"); + sb.append(" maxSignalDuration: ").append(toIndentedString(maxSignalDuration)).append("\n"); + sb.append(" newValueOptions: ").append(toIndentedString(newValueOptions)).append("\n"); + sb.append(" thirdPartyRuleOptions: ") + .append(toIndentedString(thirdPartyRuleOptions)) + .append("\n"); + sb.append(" additionalProperties: ") + .append(toIndentedString(additionalProperties)) + .append("\n"); + sb.append('}'); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces (except the first line). + */ + private String toIndentedString(Object o) { + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n "); + } +} diff --git a/src/main/java/com/datadog/api/client/v2/model/HistoricalJobQuery.java b/src/main/java/com/datadog/api/client/v2/model/HistoricalJobQuery.java new file mode 100644 index 00000000000..ae4deb70663 --- /dev/null +++ b/src/main/java/com/datadog/api/client/v2/model/HistoricalJobQuery.java @@ -0,0 +1,335 @@ +/* + * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + * This product includes software developed at Datadog (https://www.datadoghq.com/). + * Copyright 2019-Present Datadog, Inc. + */ + +package com.datadog.api.client.v2.model; + +import com.fasterxml.jackson.annotation.JsonAnyGetter; +import com.fasterxml.jackson.annotation.JsonAnySetter; +import com.fasterxml.jackson.annotation.JsonIgnore; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonPropertyOrder; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Objects; + +/** Query for selecting logs analyzed by the historical job. */ +@JsonPropertyOrder({ + HistoricalJobQuery.JSON_PROPERTY_AGGREGATION, + HistoricalJobQuery.JSON_PROPERTY_DISTINCT_FIELDS, + HistoricalJobQuery.JSON_PROPERTY_GROUP_BY_FIELDS, + HistoricalJobQuery.JSON_PROPERTY_HAS_OPTIONAL_GROUP_BY_FIELDS, + HistoricalJobQuery.JSON_PROPERTY_METRICS, + HistoricalJobQuery.JSON_PROPERTY_NAME, + HistoricalJobQuery.JSON_PROPERTY_QUERY +}) +@jakarta.annotation.Generated( + value = "https://github.com/DataDog/datadog-api-client-java/blob/master/.generator") +public class HistoricalJobQuery { + @JsonIgnore public boolean unparsed = false; + public static final String JSON_PROPERTY_AGGREGATION = "aggregation"; + private SecurityMonitoringRuleQueryAggregation aggregation; + + public static final String JSON_PROPERTY_DISTINCT_FIELDS = "distinctFields"; + private List distinctFields = null; + + public static final String JSON_PROPERTY_GROUP_BY_FIELDS = "groupByFields"; + private List groupByFields = null; + + public static final String JSON_PROPERTY_HAS_OPTIONAL_GROUP_BY_FIELDS = + "hasOptionalGroupByFields"; + private Boolean hasOptionalGroupByFields; + + public static final String JSON_PROPERTY_METRICS = "metrics"; + private List metrics = null; + + public static final String JSON_PROPERTY_NAME = "name"; + private String name; + + public static final String JSON_PROPERTY_QUERY = "query"; + private String query; + + public HistoricalJobQuery aggregation(SecurityMonitoringRuleQueryAggregation aggregation) { + this.aggregation = aggregation; + this.unparsed |= !aggregation.isValid(); + return this; + } + + /** + * The aggregation type. + * + * @return aggregation + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_AGGREGATION) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public SecurityMonitoringRuleQueryAggregation getAggregation() { + return aggregation; + } + + public void setAggregation(SecurityMonitoringRuleQueryAggregation aggregation) { + if (!aggregation.isValid()) { + this.unparsed = true; + } + this.aggregation = aggregation; + } + + public HistoricalJobQuery distinctFields(List distinctFields) { + this.distinctFields = distinctFields; + return this; + } + + public HistoricalJobQuery addDistinctFieldsItem(String distinctFieldsItem) { + if (this.distinctFields == null) { + this.distinctFields = new ArrayList<>(); + } + this.distinctFields.add(distinctFieldsItem); + return this; + } + + /** + * Field for which the cardinality is measured. Sent as an array. + * + * @return distinctFields + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_DISTINCT_FIELDS) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public List getDistinctFields() { + return distinctFields; + } + + public void setDistinctFields(List distinctFields) { + this.distinctFields = distinctFields; + } + + public HistoricalJobQuery groupByFields(List groupByFields) { + this.groupByFields = groupByFields; + return this; + } + + public HistoricalJobQuery addGroupByFieldsItem(String groupByFieldsItem) { + if (this.groupByFields == null) { + this.groupByFields = new ArrayList<>(); + } + this.groupByFields.add(groupByFieldsItem); + return this; + } + + /** + * Fields to group by. + * + * @return groupByFields + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_GROUP_BY_FIELDS) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public List getGroupByFields() { + return groupByFields; + } + + public void setGroupByFields(List groupByFields) { + this.groupByFields = groupByFields; + } + + /** + * When false, events without a group-by value are ignored by the query. When true, events with + * missing group-by fields are processed with N/A, replacing the missing values. + * + * @return hasOptionalGroupByFields + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_HAS_OPTIONAL_GROUP_BY_FIELDS) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public Boolean getHasOptionalGroupByFields() { + return hasOptionalGroupByFields; + } + + public HistoricalJobQuery metrics(List metrics) { + this.metrics = metrics; + return this; + } + + public HistoricalJobQuery addMetricsItem(String metricsItem) { + if (this.metrics == null) { + this.metrics = new ArrayList<>(); + } + this.metrics.add(metricsItem); + return this; + } + + /** + * Group of target fields to aggregate over when using the sum, max, geo data, or new value + * aggregations. The sum, max, and geo data aggregations only accept one value in this list, + * whereas the new value aggregation accepts up to five values. + * + * @return metrics + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_METRICS) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public List getMetrics() { + return metrics; + } + + public void setMetrics(List metrics) { + this.metrics = metrics; + } + + public HistoricalJobQuery name(String name) { + this.name = name; + return this; + } + + /** + * Name of the query. + * + * @return name + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_NAME) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public String getName() { + return name; + } + + public void setName(String name) { + this.name = name; + } + + public HistoricalJobQuery query(String query) { + this.query = query; + return this; + } + + /** + * Query to run on logs. + * + * @return query + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_QUERY) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public String getQuery() { + return query; + } + + public void setQuery(String query) { + this.query = query; + } + + /** + * A container for additional, undeclared properties. This is a holder for any undeclared + * properties as specified with the 'additionalProperties' keyword in the OAS document. + */ + private Map additionalProperties; + + /** + * Set the additional (undeclared) property with the specified name and value. If the property + * does not already exist, create it otherwise replace it. + * + * @param key The arbitrary key to set + * @param value The associated value + * @return HistoricalJobQuery + */ + @JsonAnySetter + public HistoricalJobQuery putAdditionalProperty(String key, Object value) { + if (this.additionalProperties == null) { + this.additionalProperties = new HashMap(); + } + this.additionalProperties.put(key, value); + return this; + } + + /** + * Return the additional (undeclared) property. + * + * @return The additional properties + */ + @JsonAnyGetter + public Map getAdditionalProperties() { + return additionalProperties; + } + + /** + * Return the additional (undeclared) property with the specified name. + * + * @param key The arbitrary key to get + * @return The specific additional property for the given key + */ + public Object getAdditionalProperty(String key) { + if (this.additionalProperties == null) { + return null; + } + return this.additionalProperties.get(key); + } + + /** Return true if this HistoricalJobQuery object is equal to o. */ + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + HistoricalJobQuery historicalJobQuery = (HistoricalJobQuery) o; + return Objects.equals(this.aggregation, historicalJobQuery.aggregation) + && Objects.equals(this.distinctFields, historicalJobQuery.distinctFields) + && Objects.equals(this.groupByFields, historicalJobQuery.groupByFields) + && Objects.equals( + this.hasOptionalGroupByFields, historicalJobQuery.hasOptionalGroupByFields) + && Objects.equals(this.metrics, historicalJobQuery.metrics) + && Objects.equals(this.name, historicalJobQuery.name) + && Objects.equals(this.query, historicalJobQuery.query) + && Objects.equals(this.additionalProperties, historicalJobQuery.additionalProperties); + } + + @Override + public int hashCode() { + return Objects.hash( + aggregation, + distinctFields, + groupByFields, + hasOptionalGroupByFields, + metrics, + name, + query, + additionalProperties); + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder(); + sb.append("class HistoricalJobQuery {\n"); + sb.append(" aggregation: ").append(toIndentedString(aggregation)).append("\n"); + sb.append(" distinctFields: ").append(toIndentedString(distinctFields)).append("\n"); + sb.append(" groupByFields: ").append(toIndentedString(groupByFields)).append("\n"); + sb.append(" hasOptionalGroupByFields: ") + .append(toIndentedString(hasOptionalGroupByFields)) + .append("\n"); + sb.append(" metrics: ").append(toIndentedString(metrics)).append("\n"); + sb.append(" name: ").append(toIndentedString(name)).append("\n"); + sb.append(" query: ").append(toIndentedString(query)).append("\n"); + sb.append(" additionalProperties: ") + .append(toIndentedString(additionalProperties)) + .append("\n"); + sb.append('}'); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces (except the first line). + */ + private String toIndentedString(Object o) { + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n "); + } +} diff --git a/src/main/java/com/datadog/api/client/v2/model/JobDefinition.java b/src/main/java/com/datadog/api/client/v2/model/JobDefinition.java index 68575ddd9ff..f91a1e767ac 100644 --- a/src/main/java/com/datadog/api/client/v2/model/JobDefinition.java +++ b/src/main/java/com/datadog/api/client/v2/model/JobDefinition.java @@ -23,7 +23,6 @@ @JsonPropertyOrder({ JobDefinition.JSON_PROPERTY_CALCULATED_FIELDS, JobDefinition.JSON_PROPERTY_CASES, - JobDefinition.JSON_PROPERTY_FILTERS, JobDefinition.JSON_PROPERTY_FROM, JobDefinition.JSON_PROPERTY_INDEX, JobDefinition.JSON_PROPERTY_MESSAGE, @@ -46,9 +45,6 @@ public class JobDefinition { public static final String JSON_PROPERTY_CASES = "cases"; private List cases = new ArrayList<>(); - public static final String JSON_PROPERTY_FILTERS = "filters"; - private List filters = null; - public static final String JSON_PROPERTY_FROM = "from"; private Long from; @@ -62,10 +58,10 @@ public class JobDefinition { private String name; public static final String JSON_PROPERTY_OPTIONS = "options"; - private SecurityMonitoringRuleOptions options; + private HistoricalJobOptions options; public static final String JSON_PROPERTY_QUERIES = "queries"; - private List queries = new ArrayList<>(); + private List queries = new ArrayList<>(); public static final String JSON_PROPERTY_REFERENCE_TABLES = "referenceTables"; private List referenceTables = null; @@ -93,7 +89,7 @@ public JobDefinition( @JsonProperty(required = true, value = JSON_PROPERTY_MESSAGE) String message, @JsonProperty(required = true, value = JSON_PROPERTY_NAME) String name, @JsonProperty(required = true, value = JSON_PROPERTY_QUERIES) - List queries, + List queries, @JsonProperty(required = true, value = JSON_PROPERTY_TO) Long to) { this.cases = cases; this.from = from; @@ -166,40 +162,6 @@ public void setCases(List cases) { this.cases = cases; } - public JobDefinition filters(List filters) { - this.filters = filters; - for (SecurityMonitoringFilter item : filters) { - this.unparsed |= item.unparsed; - } - return this; - } - - public JobDefinition addFiltersItem(SecurityMonitoringFilter filtersItem) { - if (this.filters == null) { - this.filters = new ArrayList<>(); - } - this.filters.add(filtersItem); - this.unparsed |= filtersItem.unparsed; - return this; - } - - /** - * Additional queries to filter matched events before they are processed. This field is deprecated - * for log detection, signal correlation, and workload security rules. - * - * @return filters - */ - @jakarta.annotation.Nullable - @JsonProperty(JSON_PROPERTY_FILTERS) - @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) - public List getFilters() { - return filters; - } - - public void setFilters(List filters) { - this.filters = filters; - } - public JobDefinition from(Long from) { this.from = from; return this; @@ -280,37 +242,37 @@ public void setName(String name) { this.name = name; } - public JobDefinition options(SecurityMonitoringRuleOptions options) { + public JobDefinition options(HistoricalJobOptions options) { this.options = options; this.unparsed |= options.unparsed; return this; } /** - * Options on rules. + * Job options. * * @return options */ @jakarta.annotation.Nullable @JsonProperty(JSON_PROPERTY_OPTIONS) @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) - public SecurityMonitoringRuleOptions getOptions() { + public HistoricalJobOptions getOptions() { return options; } - public void setOptions(SecurityMonitoringRuleOptions options) { + public void setOptions(HistoricalJobOptions options) { this.options = options; } - public JobDefinition queries(List queries) { + public JobDefinition queries(List queries) { this.queries = queries; - for (SecurityMonitoringStandardRuleQuery item : queries) { + for (HistoricalJobQuery item : queries) { this.unparsed |= item.unparsed; } return this; } - public JobDefinition addQueriesItem(SecurityMonitoringStandardRuleQuery queriesItem) { + public JobDefinition addQueriesItem(HistoricalJobQuery queriesItem) { this.queries.add(queriesItem); this.unparsed |= queriesItem.unparsed; return this; @@ -323,11 +285,11 @@ public JobDefinition addQueriesItem(SecurityMonitoringStandardRuleQuery queriesI */ @JsonProperty(JSON_PROPERTY_QUERIES) @JsonInclude(value = JsonInclude.Include.ALWAYS) - public List getQueries() { + public List getQueries() { return queries; } - public void setQueries(List queries) { + public void setQueries(List queries) { this.queries = queries; } @@ -350,7 +312,7 @@ public JobDefinition addReferenceTablesItem( } /** - * Reference tables for the rule. + * Reference tables used in the queries. * * @return referenceTables */ @@ -414,7 +376,8 @@ public JobDefinition addThirdPartyCasesItem( } /** - * Cases for generating results from third-party rules. Only available for third-party rules. + * Cases for generating results from third-party detection method. Only available for third-party + * detection method. * * @return thirdPartyCases */ @@ -528,7 +491,6 @@ public boolean equals(Object o) { JobDefinition jobDefinition = (JobDefinition) o; return Objects.equals(this.calculatedFields, jobDefinition.calculatedFields) && Objects.equals(this.cases, jobDefinition.cases) - && Objects.equals(this.filters, jobDefinition.filters) && Objects.equals(this.from, jobDefinition.from) && Objects.equals(this.index, jobDefinition.index) && Objects.equals(this.message, jobDefinition.message) @@ -548,7 +510,6 @@ public int hashCode() { return Objects.hash( calculatedFields, cases, - filters, from, index, message, @@ -569,7 +530,6 @@ public String toString() { sb.append("class JobDefinition {\n"); sb.append(" calculatedFields: ").append(toIndentedString(calculatedFields)).append("\n"); sb.append(" cases: ").append(toIndentedString(cases)).append("\n"); - sb.append(" filters: ").append(toIndentedString(filters)).append("\n"); sb.append(" from: ").append(toIndentedString(from)).append("\n"); sb.append(" index: ").append(toIndentedString(index)).append("\n"); sb.append(" message: ").append(toIndentedString(message)).append("\n"); diff --git a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringReferenceTable.java b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringReferenceTable.java index 99a70ba64c5..5e6d9a20d06 100644 --- a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringReferenceTable.java +++ b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringReferenceTable.java @@ -16,7 +16,7 @@ import java.util.Map; import java.util.Objects; -/** Reference table for the rule. */ +/** Reference tables used in the queries. */ @JsonPropertyOrder({ SecurityMonitoringReferenceTable.JSON_PROPERTY_CHECK_PRESENCE, SecurityMonitoringReferenceTable.JSON_PROPERTY_COLUMN_NAME, @@ -112,7 +112,7 @@ public SecurityMonitoringReferenceTable ruleQueryName(String ruleQueryName) { } /** - * The name of the rule query to apply the reference table to. + * The name of the query to apply the reference table to. * * @return ruleQueryName */ diff --git a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleCaseCreate.java b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleCaseCreate.java index 9cc1faba66f..41f52793a8f 100644 --- a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleCaseCreate.java +++ b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleCaseCreate.java @@ -58,7 +58,7 @@ public SecurityMonitoringRuleCaseCreate condition(String condition) { } /** - * A rule case contains logical operations (>,>=, && + * A case contains logical operations (>,>=, && * , ||) to determine if a signal should be generated based on the event * counts in the previously defined queries. * @@ -110,7 +110,7 @@ public SecurityMonitoringRuleCaseCreate addNotificationsItem(String notification } /** - * Notification targets for each rule case. + * Notification targets. * * @return notifications */ diff --git a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleEvaluationWindow.java b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleEvaluationWindow.java index a109bc50989..f37ecc906c6 100644 --- a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleEvaluationWindow.java +++ b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleEvaluationWindow.java @@ -20,7 +20,8 @@ /** * A time window is specified to match when at least one of the cases matches true. This is a - * sliding window and evaluates in real time. For third party rules, this field is not used. + * sliding window and evaluates in real time. For third party detection method, this field is not + * used. */ @JsonSerialize( using = diff --git a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleImpossibleTravelOptions.java b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleImpossibleTravelOptions.java index ac300f72bbf..754348831be 100644 --- a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleImpossibleTravelOptions.java +++ b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleImpossibleTravelOptions.java @@ -16,7 +16,7 @@ import java.util.Map; import java.util.Objects; -/** Options on impossible travel rules. */ +/** Options on impossible travel detection method. */ @JsonPropertyOrder({ SecurityMonitoringRuleImpossibleTravelOptions.JSON_PROPERTY_BASELINE_USER_LOCATIONS }) diff --git a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleKeepAlive.java b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleKeepAlive.java index 619964af7a2..d0e0d68531f 100644 --- a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleKeepAlive.java +++ b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleKeepAlive.java @@ -20,7 +20,7 @@ /** * Once a signal is generated, the signal will remain “open” if a case is matched at least once - * within this keep alive window. For third party rules, this field is not used. + * within this keep alive window. For third party detection method, this field is not used. */ @JsonSerialize( using = SecurityMonitoringRuleKeepAlive.SecurityMonitoringRuleKeepAliveSerializer.class) diff --git a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleNewValueOptions.java b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleNewValueOptions.java index a522540650d..2081913d7b3 100644 --- a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleNewValueOptions.java +++ b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleNewValueOptions.java @@ -16,7 +16,7 @@ import java.util.Map; import java.util.Objects; -/** Options on new value rules. */ +/** Options on new value detection method. */ @JsonPropertyOrder({ SecurityMonitoringRuleNewValueOptions.JSON_PROPERTY_FORGET_AFTER, SecurityMonitoringRuleNewValueOptions.JSON_PROPERTY_LEARNING_DURATION, diff --git a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleOptions.java b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleOptions.java index 93ee84ebb7c..03c748e360d 100644 --- a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleOptions.java +++ b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleOptions.java @@ -16,7 +16,7 @@ import java.util.Map; import java.util.Objects; -/** Options on rules. */ +/** Options. */ @JsonPropertyOrder({ SecurityMonitoringRuleOptions.JSON_PROPERTY_COMPLIANCE_RULE_OPTIONS, SecurityMonitoringRuleOptions.JSON_PROPERTY_DECREASE_CRITICALITY_BASED_ON_ENV, @@ -151,7 +151,8 @@ public SecurityMonitoringRuleOptions evaluationWindow( /** * A time window is specified to match when at least one of the cases matches true. This is a - * sliding window and evaluates in real time. For third party rules, this field is not used. + * sliding window and evaluates in real time. For third party detection method, this field is not + * used. * * @return evaluationWindow */ @@ -204,7 +205,7 @@ public SecurityMonitoringRuleOptions impossibleTravelOptions( } /** - * Options on impossible travel rules. + * Options on impossible travel detection method. * * @return impossibleTravelOptions */ @@ -228,7 +229,7 @@ public SecurityMonitoringRuleOptions keepAlive(SecurityMonitoringRuleKeepAlive k /** * Once a signal is generated, the signal will remain “open” if a case is matched at least once - * within this keep alive window. For third party rules, this field is not used. + * within this keep alive window. For third party detection method, this field is not used. * * @return keepAlive */ @@ -281,7 +282,7 @@ public SecurityMonitoringRuleOptions newValueOptions( } /** - * Options on new value rules. + * Options on new value detection method. * * @return newValueOptions */ @@ -304,7 +305,7 @@ public SecurityMonitoringRuleOptions thirdPartyRuleOptions( } /** - * Options on third party rules. + * Options on third party detection method. * * @return thirdPartyRuleOptions */ diff --git a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleThirdPartyOptions.java b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleThirdPartyOptions.java index 4d8558cc7ff..02f7cb0d7d8 100644 --- a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleThirdPartyOptions.java +++ b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleThirdPartyOptions.java @@ -18,7 +18,7 @@ import java.util.Map; import java.util.Objects; -/** Options on third party rules. */ +/** Options on third party detection method. */ @JsonPropertyOrder({ SecurityMonitoringRuleThirdPartyOptions.JSON_PROPERTY_DEFAULT_NOTIFICATIONS, SecurityMonitoringRuleThirdPartyOptions.JSON_PROPERTY_DEFAULT_STATUS, diff --git a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleUpdatePayload.java b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleUpdatePayload.java index dc76281775b..ce0c9545ab1 100644 --- a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleUpdatePayload.java +++ b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringRuleUpdatePayload.java @@ -259,7 +259,7 @@ public SecurityMonitoringRuleUpdatePayload options(SecurityMonitoringRuleOptions } /** - * Options on rules. + * Options. * * @return options */ diff --git a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringSignalRuleCreatePayload.java b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringSignalRuleCreatePayload.java index bc08e16d93a..b8033f9efb2 100644 --- a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringSignalRuleCreatePayload.java +++ b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringSignalRuleCreatePayload.java @@ -242,7 +242,7 @@ public SecurityMonitoringSignalRuleCreatePayload options(SecurityMonitoringRuleO } /** - * Options on rules. + * Options. * * @return options */ diff --git a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringSignalRulePayload.java b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringSignalRulePayload.java index b8da8f0e86e..871d2662674 100644 --- a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringSignalRulePayload.java +++ b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringSignalRulePayload.java @@ -240,7 +240,7 @@ public SecurityMonitoringSignalRulePayload options(SecurityMonitoringRuleOptions } /** - * Options on rules. + * Options. * * @return options */ diff --git a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringSignalRuleResponse.java b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringSignalRuleResponse.java index 2230adf6833..0e8d608b74a 100644 --- a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringSignalRuleResponse.java +++ b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringSignalRuleResponse.java @@ -381,7 +381,7 @@ public SecurityMonitoringSignalRuleResponse options(SecurityMonitoringRuleOption } /** - * Options on rules. + * Options. * * @return options */ diff --git a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringStandardRuleCreatePayload.java b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringStandardRuleCreatePayload.java index 6ec313caf52..3663b123ec9 100644 --- a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringStandardRuleCreatePayload.java +++ b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringStandardRuleCreatePayload.java @@ -252,7 +252,7 @@ public SecurityMonitoringStandardRuleCreatePayload options( } /** - * Options on rules. + * Options. * * @return options */ diff --git a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringStandardRulePayload.java b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringStandardRulePayload.java index 783ac32541c..0aba4152777 100644 --- a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringStandardRulePayload.java +++ b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringStandardRulePayload.java @@ -249,7 +249,7 @@ public SecurityMonitoringStandardRulePayload options(SecurityMonitoringRuleOptio } /** - * Options on rules. + * Options. * * @return options */ diff --git a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringStandardRuleResponse.java b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringStandardRuleResponse.java index 65cebe8583e..379c063d57a 100644 --- a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringStandardRuleResponse.java +++ b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringStandardRuleResponse.java @@ -455,7 +455,7 @@ public SecurityMonitoringStandardRuleResponse options(SecurityMonitoringRuleOpti } /** - * Options on rules. + * Options. * * @return options */ diff --git a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringStandardRuleTestPayload.java b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringStandardRuleTestPayload.java index e1854c8cdeb..1a814912da2 100644 --- a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringStandardRuleTestPayload.java +++ b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringStandardRuleTestPayload.java @@ -250,7 +250,7 @@ public SecurityMonitoringStandardRuleTestPayload options(SecurityMonitoringRuleO } /** - * Options on rules. + * Options. * * @return options */ diff --git a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringThirdPartyRuleCaseCreate.java b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringThirdPartyRuleCaseCreate.java index f23853c6693..6a46d8c1c8c 100644 --- a/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringThirdPartyRuleCaseCreate.java +++ b/src/main/java/com/datadog/api/client/v2/model/SecurityMonitoringThirdPartyRuleCaseCreate.java @@ -87,7 +87,7 @@ public SecurityMonitoringThirdPartyRuleCaseCreate addNotificationsItem(String no } /** - * Notification targets for each rule case. + * Notification targets for each case. * * @return notifications */ diff --git a/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_OK_response.freeze b/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_OK_response.freeze index f25fc13ebb0..34c6fa06848 100644 --- a/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_OK_response.freeze +++ b/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_OK_response.freeze @@ -1 +1 @@ -2024-11-08T09:54:39.695Z \ No newline at end of file +2024-12-18T17:02:38.823Z \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_OK_response.json b/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_OK_response.json index 4eca4c58796..97d8aaf36a1 100644 --- a/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_OK_response.json +++ b/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_OK_response.json @@ -12,7 +12,7 @@ "secure": true }, "httpResponse": { - "body": "{\"data\":{\"id\":\"f1753ed6-8c47-4168-9d6b-d11b9612fb3c\",\"type\":\"historicalDetectionsJob\"}}", + "body": "{\"data\":{\"id\":\"fa90e7ac-998d-4bf4-9d32-2e831a1e9479\",\"type\":\"historicalDetectionsJob\"}}", "headers": { "Content-Type": [ "application/vnd.api+json" @@ -33,12 +33,12 @@ "httpRequest": { "headers": {}, "method": "GET", - "path": "/api/v2/siem-historical-detections/jobs/f1753ed6-8c47-4168-9d6b-d11b9612fb3c", + "path": "/api/v2/siem-historical-detections/jobs/fa90e7ac-998d-4bf4-9d32-2e831a1e9479", "keepAlive": false, "secure": true }, "httpResponse": { - "body": "{\"data\":{\"id\":\"f1753ed6-8c47-4168-9d6b-d11b9612fb3c\",\"type\":\"historicalDetectionsJob\",\"attributes\":{\"createdAt\":\"2024-11-08 09:54:39.761792+00\",\"createdByHandle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"createdByName\":\"CI Account\",\"jobDefinition\":{\"from\":1730387522611,\"to\":1730387532611,\"index\":\"main\",\"name\":\"Excessive number of failed attempts.\",\"cases\":[{\"name\":\"Condition 1\",\"status\":\"info\",\"notifications\":[],\"condition\":\"a \\u003e 1\"}],\"queries\":[{\"query\":\"source:non_existing_src_weekend\",\"groupByFields\":[],\"hasOptionalGroupByFields\":false,\"distinctFields\":[],\"aggregation\":\"count\",\"name\":\"\"}],\"options\":{\"evaluationWindow\":900,\"detectionMethod\":\"threshold\",\"maxSignalDuration\":86400,\"keepAlive\":3600},\"message\":\"A large number of failed login attempts.\",\"tags\":[],\"type\":\"log_detection\",\"filters\":[]},\"jobName\":\"Excessive number of failed attempts.\",\"jobStatus\":\"pending\",\"modifiedAt\":\"2024-11-08 09:54:39.761792+00\"}}}", + "body": "{\"data\":{\"id\":\"fa90e7ac-998d-4bf4-9d32-2e831a1e9479\",\"type\":\"historicalDetectionsJob\",\"attributes\":{\"createdAt\":\"2024-12-18 17:02:39.551791+00\",\"createdByHandle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"createdByName\":\"CI Account\",\"jobDefinition\":{\"from\":1730387522611,\"to\":1730387532611,\"index\":\"main\",\"name\":\"Excessive number of failed attempts.\",\"cases\":[{\"name\":\"Condition 1\",\"status\":\"info\",\"notifications\":[],\"condition\":\"a \\u003e 1\"}],\"queries\":[{\"query\":\"source:non_existing_src_weekend\",\"groupByFields\":[],\"hasOptionalGroupByFields\":false,\"distinctFields\":[],\"aggregation\":\"count\",\"name\":\"\"}],\"options\":{\"evaluationWindow\":900,\"detectionMethod\":\"threshold\",\"maxSignalDuration\":86400,\"keepAlive\":3600},\"message\":\"A large number of failed login attempts.\",\"tags\":[],\"type\":\"log_detection\"},\"jobName\":\"Excessive number of failed attempts.\",\"jobStatus\":\"pending\",\"modifiedAt\":\"2024-12-18 17:02:39.551791+00\"}}}", "headers": { "Content-Type": [ "application/vnd.api+json" @@ -53,6 +53,6 @@ "timeToLive": { "unlimited": true }, - "id": "fd2565a2-df20-09de-f41e-c75cf6591662" + "id": "7b01960b-436d-6727-69de-5d7f5dd093c1" } ] \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/List_historical_jobs_returns_OK_response.freeze b/src/test/resources/cassettes/features/v2/List_historical_jobs_returns_OK_response.freeze index b45a44cb78f..b139681f648 100644 --- a/src/test/resources/cassettes/features/v2/List_historical_jobs_returns_OK_response.freeze +++ b/src/test/resources/cassettes/features/v2/List_historical_jobs_returns_OK_response.freeze @@ -1 +1 @@ -2024-11-08T09:54:39.932Z \ No newline at end of file +2024-12-18T17:02:39.880Z \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/List_historical_jobs_returns_OK_response.json b/src/test/resources/cassettes/features/v2/List_historical_jobs_returns_OK_response.json index b5f6efe4156..da9b5e7695e 100644 --- a/src/test/resources/cassettes/features/v2/List_historical_jobs_returns_OK_response.json +++ b/src/test/resources/cassettes/features/v2/List_historical_jobs_returns_OK_response.json @@ -12,7 +12,7 @@ "secure": true }, "httpResponse": { - "body": "{\"data\":{\"id\":\"34df4a54-9d84-4b4c-bc7e-0464d374ee19\",\"type\":\"historicalDetectionsJob\"}}", + "body": "{\"data\":{\"id\":\"7b16f110-0ce9-46cd-9dad-b658ced2ac50\",\"type\":\"historicalDetectionsJob\"}}", "headers": { "Content-Type": [ "application/vnd.api+json" @@ -36,14 +36,14 @@ "path": "/api/v2/siem-historical-detections/jobs", "queryStringParameters": { "filter[query]": [ - "id:34df4a54-9d84-4b4c-bc7e-0464d374ee19" + "id:7b16f110-0ce9-46cd-9dad-b658ced2ac50" ] }, "keepAlive": false, "secure": true }, "httpResponse": { - "body": "{\"data\":[{\"id\":\"34df4a54-9d84-4b4c-bc7e-0464d374ee19\",\"type\":\"historicalDetectionsJob\",\"attributes\":{\"createdAt\":\"2024-11-08 09:54:40.000915+00\",\"createdByHandle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"createdByName\":\"CI Account\",\"jobDefinition\":{\"from\":1730387522611,\"to\":1730387532611,\"index\":\"main\",\"name\":\"Excessive number of failed attempts.\",\"cases\":[{\"name\":\"Condition 1\",\"status\":\"info\",\"notifications\":[],\"condition\":\"a \\u003e 1\"}],\"queries\":[{\"query\":\"source:non_existing_src_weekend\",\"groupByFields\":[],\"hasOptionalGroupByFields\":false,\"distinctFields\":[],\"aggregation\":\"count\",\"name\":\"\"}],\"options\":{\"evaluationWindow\":900,\"detectionMethod\":\"threshold\",\"maxSignalDuration\":86400,\"keepAlive\":3600},\"message\":\"A large number of failed login attempts.\",\"tags\":[],\"type\":\"log_detection\",\"filters\":[]},\"jobName\":\"Excessive number of failed attempts.\",\"jobStatus\":\"pending\",\"modifiedAt\":\"2024-11-08 09:54:40.000915+00\"}}],\"meta\":{\"totalCount\":1}}", + "body": "{\"data\":[{\"id\":\"7b16f110-0ce9-46cd-9dad-b658ced2ac50\",\"type\":\"historicalDetectionsJob\",\"attributes\":{\"createdAt\":\"2024-12-18 17:02:40.144396+00\",\"createdByHandle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"createdByName\":\"CI Account\",\"jobDefinition\":{\"from\":1730387522611,\"to\":1730387532611,\"index\":\"main\",\"name\":\"Excessive number of failed attempts.\",\"cases\":[{\"name\":\"Condition 1\",\"status\":\"info\",\"notifications\":[],\"condition\":\"a \\u003e 1\"}],\"queries\":[{\"query\":\"source:non_existing_src_weekend\",\"groupByFields\":[],\"hasOptionalGroupByFields\":false,\"distinctFields\":[],\"aggregation\":\"count\",\"name\":\"\"}],\"options\":{\"evaluationWindow\":900,\"detectionMethod\":\"threshold\",\"maxSignalDuration\":86400,\"keepAlive\":3600},\"message\":\"A large number of failed login attempts.\",\"tags\":[],\"type\":\"log_detection\"},\"jobName\":\"Excessive number of failed attempts.\",\"jobStatus\":\"pending\",\"modifiedAt\":\"2024-12-18 17:02:40.144396+00\"}}],\"meta\":{\"totalCount\":1}}", "headers": { "Content-Type": [ "application/vnd.api+json" @@ -58,6 +58,6 @@ "timeToLive": { "unlimited": true }, - "id": "3de0815b-9a4e-5dcb-86f2-d0ef4a3c963f" + "id": "0728d69c-abf4-9695-6f86-d405f93de5cf" } ] \ No newline at end of file