diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index 59c7b8b08ef..76247abeacc 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -458,20 +458,6 @@ components: items: $ref: '#/components/schemas/GetIssueIncludeQueryParameterItem' type: array - HistoricalJobID: - description: The ID of the job. - in: path - name: job_id - required: true - schema: - type: string - HistoricalSignalID: - description: The ID of the historical signal. - in: path - name: histsignal_id - required: true - schema: - type: string IncidentAttachmentFilterQueryParameter: description: Specifies which types of attachments are included in the response. explode: false @@ -1091,6 +1077,20 @@ components: required: true schema: type: string + ThreatHuntingJobID: + description: The ID of the job. + in: path + name: job_id + required: true + schema: + type: string + ThreatHuntingSignalID: + description: The ID of the threat hunting signal. + in: path + name: histsignal_id + required: true + schema: + type: string UserID: description: The ID of the user. in: path @@ -11815,7 +11815,7 @@ components: - GZIP - DEFLATE ConvertJobResultsToSignalsAttributes: - description: Attributes for converting historical job results to signals. + description: Attributes for converting threat hunting job results to signals. properties: id: description: Request ID. @@ -11847,7 +11847,7 @@ components: - notifications type: object ConvertJobResultsToSignalsData: - description: Data for converting historical job results to signals. + description: Data for converting threat hunting job results to signals. properties: attributes: $ref: '#/components/schemas/ConvertJobResultsToSignalsAttributes' @@ -11862,7 +11862,7 @@ components: x-enum-varnames: - HISTORICALDETECTIONSJOBRESULTSIGNALCONVERSION ConvertJobResultsToSignalsRequest: - description: Request for converting historical job results to signals. + description: Request for converting threat hunting job results to signals. properties: data: $ref: '#/components/schemas/ConvertJobResultsToSignalsData' @@ -20582,9 +20582,20 @@ components: to this GCP metric namespace. example: true type: boolean + filters: + description: When enabled, Datadog applies these additional filters to limit + metric collection. A metric is collected only if it does not match all + exclusion filters and matches at least one allow filter. + example: + - snapshot.* + - '!*_by_region' + items: + description: A metric namespace filter + type: string + type: array id: description: The id of the GCP metric namespace. - example: aiplatform + example: pubsub type: string type: object GCPMonitoredResourceConfig: @@ -20746,6 +20757,10 @@ components: example: - disabled: true id: aiplatform + - filters: + - snapshot.* + - '!*_by_region' + id: pubsub items: $ref: '#/components/schemas/GCPMetricNamespaceConfig' type: array @@ -22191,130 +22206,6 @@ components: - type - value type: object - HistoricalJobDataType: - description: Type of payload. - enum: - - historicalDetectionsJob - type: string - x-enum-varnames: - - HISTORICALDETECTIONSJOB - HistoricalJobListMeta: - description: Metadata about the list of jobs. - properties: - totalCount: - description: Number of jobs in the list. - format: int32 - maximum: 2147483647 - type: integer - type: object - HistoricalJobOptions: - description: Job options. - properties: - detectionMethod: - $ref: '#/components/schemas/SecurityMonitoringRuleDetectionMethod' - evaluationWindow: - $ref: '#/components/schemas/SecurityMonitoringRuleEvaluationWindow' - impossibleTravelOptions: - $ref: '#/components/schemas/SecurityMonitoringRuleImpossibleTravelOptions' - keepAlive: - $ref: '#/components/schemas/SecurityMonitoringRuleKeepAlive' - maxSignalDuration: - $ref: '#/components/schemas/SecurityMonitoringRuleMaxSignalDuration' - newValueOptions: - $ref: '#/components/schemas/SecurityMonitoringRuleNewValueOptions' - sequenceDetectionOptions: - $ref: '#/components/schemas/SecurityMonitoringRuleSequenceDetectionOptions' - thirdPartyRuleOptions: - $ref: '#/components/schemas/SecurityMonitoringRuleThirdPartyOptions' - type: object - HistoricalJobQuery: - description: Query for selecting logs analyzed by the historical job. - properties: - aggregation: - $ref: '#/components/schemas/SecurityMonitoringRuleQueryAggregation' - dataSource: - $ref: '#/components/schemas/SecurityMonitoringStandardDataSource' - distinctFields: - description: Field for which the cardinality is measured. Sent as an array. - items: - description: Field. - type: string - type: array - groupByFields: - description: Fields to group by. - items: - description: Field. - type: string - type: array - hasOptionalGroupByFields: - default: false - description: When false, events without a group-by value are ignored by - the query. When true, events with missing group-by fields are processed - with `N/A`, replacing the missing values. - example: false - type: boolean - metrics: - description: Group of target fields to aggregate over when using the sum, - max, geo data, or new value aggregations. The sum, max, and geo data aggregations - only accept one value in this list, whereas the new value aggregation - accepts up to five values. - items: - description: Field. - type: string - type: array - name: - description: Name of the query. - type: string - query: - description: Query to run on logs. - example: a > 3 - type: string - type: object - HistoricalJobResponse: - description: Historical job response. - properties: - data: - $ref: '#/components/schemas/HistoricalJobResponseData' - type: object - HistoricalJobResponseAttributes: - description: Historical job attributes. - properties: - createdAt: - description: Time when the job was created. - type: string - createdByHandle: - description: The handle of the user who created the job. - type: string - createdByName: - description: The name of the user who created the job. - type: string - createdFromRuleId: - description: ID of the rule used to create the job (if it is created from - a rule). - type: string - jobDefinition: - $ref: '#/components/schemas/JobDefinition' - jobName: - description: Job name. - type: string - jobStatus: - description: Job status. - type: string - modifiedAt: - description: Last modification time of the job. - type: string - type: object - HistoricalJobResponseData: - description: Historical job response data. - properties: - attributes: - $ref: '#/components/schemas/HistoricalJobResponseAttributes' - id: - description: ID of the job. - type: string - type: - $ref: '#/components/schemas/HistoricalJobDataType' - type: object HourlyUsage: description: Hourly usage for a product family for an org. properties: @@ -26495,7 +26386,7 @@ components: type: string type: object JobCreateResponse: - description: Run a historical job response. + description: Run a threat hunting job response. properties: data: $ref: '#/components/schemas/JobCreateResponseData' @@ -26507,10 +26398,10 @@ components: description: ID of the created job. type: string type: - $ref: '#/components/schemas/HistoricalJobDataType' + $ref: '#/components/schemas/ThreatHuntingJobDataType' type: object JobDefinition: - description: Definition of a historical job. + description: Definition of a threat hunting job. properties: calculatedFields: description: Calculated fields. @@ -26549,11 +26440,11 @@ components: example: Excessive number of failed attempts. type: string options: - $ref: '#/components/schemas/HistoricalJobOptions' + $ref: '#/components/schemas/ThreatHuntingJobOptions' queries: description: Queries for selecting logs analyzed by the job. items: - $ref: '#/components/schemas/HistoricalJobQuery' + $ref: '#/components/schemas/ThreatHuntingJobQuery' type: array referenceTables: description: Reference tables used in the queries. @@ -26590,7 +26481,8 @@ components: - message type: object JobDefinitionFromRule: - description: Definition of a historical job based on a security monitoring rule. + description: Definition of a threat hunting job based on a security monitoring + rule. properties: from: description: Starting time of data analyzed by the job. @@ -27290,17 +27182,6 @@ components: - data - meta type: object - ListHistoricalJobsResponse: - description: List of historical jobs. - properties: - data: - description: Array containing the list of historical jobs. - items: - $ref: '#/components/schemas/HistoricalJobResponseData' - type: array - meta: - $ref: '#/components/schemas/HistoricalJobListMeta' - type: object ListKindCatalogResponse: description: List kind response. properties: @@ -27468,6 +27349,17 @@ components: - _NAME - USER_COUNT - _USER_COUNT + ListThreatHuntingJobsResponse: + description: List of threat hunting jobs. + properties: + data: + description: Array containing the list of threat hunting jobs. + items: + $ref: '#/components/schemas/ThreatHuntingJobResponseData' + type: array + meta: + $ref: '#/components/schemas/ThreatHuntingJobListMeta' + type: object ListVulnerabilitiesResponse: description: The expected response schema when listing vulnerabilities. properties: @@ -41523,14 +41415,18 @@ components: $ref: '#/components/schemas/RumRetentionFilterData' type: array type: object - RunHistoricalJobRequest: - description: Run a historical job request. + RunRetentionFilterName: + description: The name of a RUM retention filter. + example: Retention filter for session + type: string + RunThreatHuntingJobRequest: + description: Run a threat hunting job request. properties: data: - $ref: '#/components/schemas/RunHistoricalJobRequestData' + $ref: '#/components/schemas/RunThreatHuntingJobRequestData' type: object - RunHistoricalJobRequestAttributes: - description: Run a historical job request. + RunThreatHuntingJobRequestAttributes: + description: Run a threat hunting job request. properties: fromRule: $ref: '#/components/schemas/JobDefinitionFromRule' @@ -41540,25 +41436,21 @@ components: jobDefinition: $ref: '#/components/schemas/JobDefinition' type: object - RunHistoricalJobRequestData: - description: Data for running a historical job request. + RunThreatHuntingJobRequestData: + description: Data for running a threat hunting job request. properties: attributes: - $ref: '#/components/schemas/RunHistoricalJobRequestAttributes' + $ref: '#/components/schemas/RunThreatHuntingJobRequestAttributes' type: - $ref: '#/components/schemas/RunHistoricalJobRequestDataType' + $ref: '#/components/schemas/RunThreatHuntingJobRequestDataType' type: object - RunHistoricalJobRequestDataType: + RunThreatHuntingJobRequestDataType: description: Type of data. enum: - historicalDetectionsJobCreate type: string x-enum-varnames: - HISTORICALDETECTIONSJOBCREATE - RunRetentionFilterName: - description: The name of a RUM retention filter. - example: Retention filter for session - type: string SAMLAssertionAttribute: description: SAML assertion attribute. properties: @@ -50443,6 +50335,130 @@ components: description: Offset type. type: string type: object + ThreatHuntingJobDataType: + description: Type of payload. + enum: + - historicalDetectionsJob + type: string + x-enum-varnames: + - HISTORICALDETECTIONSJOB + ThreatHuntingJobListMeta: + description: Metadata about the list of jobs. + properties: + totalCount: + description: Number of jobs in the list. + format: int32 + maximum: 2147483647 + type: integer + type: object + ThreatHuntingJobOptions: + description: Job options. + properties: + detectionMethod: + $ref: '#/components/schemas/SecurityMonitoringRuleDetectionMethod' + evaluationWindow: + $ref: '#/components/schemas/SecurityMonitoringRuleEvaluationWindow' + impossibleTravelOptions: + $ref: '#/components/schemas/SecurityMonitoringRuleImpossibleTravelOptions' + keepAlive: + $ref: '#/components/schemas/SecurityMonitoringRuleKeepAlive' + maxSignalDuration: + $ref: '#/components/schemas/SecurityMonitoringRuleMaxSignalDuration' + newValueOptions: + $ref: '#/components/schemas/SecurityMonitoringRuleNewValueOptions' + sequenceDetectionOptions: + $ref: '#/components/schemas/SecurityMonitoringRuleSequenceDetectionOptions' + thirdPartyRuleOptions: + $ref: '#/components/schemas/SecurityMonitoringRuleThirdPartyOptions' + type: object + ThreatHuntingJobQuery: + description: Query for selecting logs analyzed by the threat hunting job. + properties: + aggregation: + $ref: '#/components/schemas/SecurityMonitoringRuleQueryAggregation' + dataSource: + $ref: '#/components/schemas/SecurityMonitoringStandardDataSource' + distinctFields: + description: Field for which the cardinality is measured. Sent as an array. + items: + description: Field. + type: string + type: array + groupByFields: + description: Fields to group by. + items: + description: Field. + type: string + type: array + hasOptionalGroupByFields: + default: false + description: When false, events without a group-by value are ignored by + the query. When true, events with missing group-by fields are processed + with `N/A`, replacing the missing values. + example: false + type: boolean + metrics: + description: Group of target fields to aggregate over when using the sum, + max, geo data, or new value aggregations. The sum, max, and geo data aggregations + only accept one value in this list, whereas the new value aggregation + accepts up to five values. + items: + description: Field. + type: string + type: array + name: + description: Name of the query. + type: string + query: + description: Query to run on logs. + example: a > 3 + type: string + type: object + ThreatHuntingJobResponse: + description: Threat hunting job response. + properties: + data: + $ref: '#/components/schemas/ThreatHuntingJobResponseData' + type: object + ThreatHuntingJobResponseAttributes: + description: Threat hunting job attributes. + properties: + createdAt: + description: Time when the job was created. + type: string + createdByHandle: + description: The handle of the user who created the job. + type: string + createdByName: + description: The name of the user who created the job. + type: string + createdFromRuleId: + description: ID of the rule used to create the job (if it is created from + a rule). + type: string + jobDefinition: + $ref: '#/components/schemas/JobDefinition' + jobName: + description: Job name. + type: string + jobStatus: + description: Job status. + type: string + modifiedAt: + description: Last modification time of the job. + type: string + type: object + ThreatHuntingJobResponseData: + description: Threat hunting job response data. + properties: + attributes: + $ref: '#/components/schemas/ThreatHuntingJobResponseAttributes' + id: + description: ID of the job. + type: string + type: + $ref: '#/components/schemas/ThreatHuntingJobDataType' + type: object TimeAggregation: description: 'Time aggregation period (in seconds) is used to aggregate the results of the notification rule evaluation. @@ -76493,7 +76509,7 @@ paths: permissions: - incident_settings_write x-unstable: '**Note**: This endpoint is deprecated.' - /api/v2/siem-historical-detections/histsignals: + /api/v2/siem-threat-hunting/histsignals: get: description: List hist signals. operationId: ListSecurityMonitoringHistsignals @@ -76534,7 +76550,7 @@ paths: x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' - /api/v2/siem-historical-detections/histsignals/search: + /api/v2/siem-threat-hunting/histsignals/search: get: description: Search hist signals. operationId: SearchSecurityMonitoringHistsignals @@ -76574,12 +76590,12 @@ paths: x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' - /api/v2/siem-historical-detections/histsignals/{histsignal_id}: + /api/v2/siem-threat-hunting/histsignals/{histsignal_id}: get: description: Get a hist signal's details. operationId: GetSecurityMonitoringHistsignal parameters: - - $ref: '#/components/parameters/HistoricalSignalID' + - $ref: '#/components/parameters/ThreatHuntingSignalID' responses: '200': content: @@ -76610,10 +76626,10 @@ paths: x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' - /api/v2/siem-historical-detections/jobs: + /api/v2/siem-threat-hunting/jobs: get: - description: List historical jobs. - operationId: ListHistoricalJobs + description: List threat hunting jobs. + operationId: ListThreatHuntingJobs parameters: - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' @@ -76636,7 +76652,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListHistoricalJobsResponse' + $ref: '#/components/schemas/ListThreatHuntingJobsResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' @@ -76648,20 +76664,20 @@ paths: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] - summary: List historical jobs + summary: List threat hunting jobs tags: - Security Monitoring x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' post: - description: Run a historical job. - operationId: RunHistoricalJob + description: Run a threat hunting job. + operationId: RunThreatHuntingJob requestBody: content: application/json: schema: - $ref: '#/components/schemas/RunHistoricalJobRequest' + $ref: '#/components/schemas/RunThreatHuntingJobRequest' required: true responses: '201': @@ -76685,7 +76701,7 @@ paths: appKeyAuth: [] - AuthZ: - security_monitoring_rules_write - summary: Run a historical job + summary: Run a threat hunting job tags: - Security Monitoring x-codegen-request-body-name: body @@ -76696,7 +76712,7 @@ paths: x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' - /api/v2/siem-historical-detections/jobs/signal_convert: + /api/v2/siem-threat-hunting/jobs/signal_convert: post: description: Convert a job result to a signal. operationId: ConvertJobResultToSignal @@ -76730,12 +76746,12 @@ paths: x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' - /api/v2/siem-historical-detections/jobs/{job_id}: + /api/v2/siem-threat-hunting/jobs/{job_id}: delete: description: Delete an existing job. - operationId: DeleteHistoricalJob + operationId: DeleteThreatHuntingJob parameters: - - $ref: '#/components/parameters/HistoricalJobID' + - $ref: '#/components/parameters/ThreatHuntingJobID' responses: '204': description: OK @@ -76763,15 +76779,15 @@ paths: Please check the documentation regularly for updates.' get: description: Get a job's details. - operationId: GetHistoricalJob + operationId: GetThreatHuntingJob parameters: - - $ref: '#/components/parameters/HistoricalJobID' + - $ref: '#/components/parameters/ThreatHuntingJobID' responses: '200': content: application/json: schema: - $ref: '#/components/schemas/HistoricalJobResponse' + $ref: '#/components/schemas/ThreatHuntingJobResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' @@ -76796,12 +76812,12 @@ paths: x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' - /api/v2/siem-historical-detections/jobs/{job_id}/cancel: + /api/v2/siem-threat-hunting/jobs/{job_id}/cancel: patch: - description: Cancel a historical job. - operationId: CancelHistoricalJob + description: Cancel a threat hunting job. + operationId: CancelThreatHuntingJob parameters: - - $ref: '#/components/parameters/HistoricalJobID' + - $ref: '#/components/parameters/ThreatHuntingJobID' responses: '204': description: OK @@ -76822,7 +76838,7 @@ paths: appKeyAuth: [] - AuthZ: - security_monitoring_rules_write - summary: Cancel a historical job + summary: Cancel a threat hunting job tags: - Security Monitoring x-permission: @@ -76832,12 +76848,12 @@ paths: x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' - /api/v2/siem-historical-detections/jobs/{job_id}/histsignals: + /api/v2/siem-threat-hunting/jobs/{job_id}/histsignals: get: description: Get a job's hist signals. operationId: GetSecurityMonitoringHistsignalsByJobId parameters: - - $ref: '#/components/parameters/HistoricalJobID' + - $ref: '#/components/parameters/ThreatHuntingJobID' - $ref: '#/components/parameters/QueryFilterSearch' - $ref: '#/components/parameters/QueryFilterFrom' - $ref: '#/components/parameters/QueryFilterTo' diff --git a/api/datadog/configuration.go b/api/datadog/configuration.go index eab0db9561e..5d232f74f65 100644 --- a/api/datadog/configuration.go +++ b/api/datadog/configuration.go @@ -609,24 +609,24 @@ func NewConfiguration() *Configuration { "v2.GetOpenAPI": false, "v2.ListAPIs": false, "v2.UpdateOpenAPI": false, - "v2.CancelHistoricalJob": false, + "v2.CancelThreatHuntingJob": false, "v2.ConvertJobResultToSignal": false, - "v2.DeleteHistoricalJob": false, + "v2.DeleteThreatHuntingJob": false, "v2.GetFinding": false, - "v2.GetHistoricalJob": false, "v2.GetRuleVersionHistory": false, "v2.GetSBOM": false, "v2.GetSecurityMonitoringHistsignal": false, "v2.GetSecurityMonitoringHistsignalsByJobId": false, + "v2.GetThreatHuntingJob": false, "v2.ListAssetsSBOMs": false, "v2.ListFindings": false, - "v2.ListHistoricalJobs": false, "v2.ListScannedAssetsMetadata": false, "v2.ListSecurityMonitoringHistsignals": false, + "v2.ListThreatHuntingJobs": false, "v2.ListVulnerabilities": false, "v2.ListVulnerableAssets": false, "v2.MuteFindings": false, - "v2.RunHistoricalJob": false, + "v2.RunThreatHuntingJob": false, "v2.SearchSecurityMonitoringHistsignals": false, "v2.CreateDataset": false, "v2.DeleteDataset": false, diff --git a/api/datadogV2/api_security_monitoring.go b/api/datadogV2/api_security_monitoring.go index 431df060f54..4d81bade60d 100644 --- a/api/datadogV2/api_security_monitoring.go +++ b/api/datadogV2/api_security_monitoring.go @@ -19,15 +19,15 @@ import ( // SecurityMonitoringApi service type type SecurityMonitoringApi datadog.Service -// CancelHistoricalJob Cancel a historical job. -// Cancel a historical job. -func (a *SecurityMonitoringApi) CancelHistoricalJob(ctx _context.Context, jobId string) (*_nethttp.Response, error) { +// CancelThreatHuntingJob Cancel a threat hunting job. +// Cancel a threat hunting job. +func (a *SecurityMonitoringApi) CancelThreatHuntingJob(ctx _context.Context, jobId string) (*_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodPatch localVarPostBody interface{} ) - operationId := "v2.CancelHistoricalJob" + operationId := "v2.CancelThreatHuntingJob" isOperationEnabled := a.Client.Cfg.IsUnstableOperationEnabled(operationId) if !isOperationEnabled { return nil, datadog.GenericOpenAPIError{ErrorMessage: _fmt.Sprintf("Unstable operation '%s' is disabled", operationId)} @@ -36,12 +36,12 @@ func (a *SecurityMonitoringApi) CancelHistoricalJob(ctx _context.Context, jobId _log.Printf("WARNING: Using unstable operation '%s'", operationId) } - localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.CancelHistoricalJob") + localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.CancelThreatHuntingJob") if err != nil { return nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()} } - localVarPath := localBasePath + "/api/v2/siem-historical-detections/jobs/{job_id}/cancel" + localVarPath := localBasePath + "/api/v2/siem-threat-hunting/jobs/{job_id}/cancel" localVarPath = datadog.ReplacePathParameter(localVarPath, "{job_id}", _neturl.PathEscape(datadog.ParameterToString(jobId, ""))) localVarHeaderParams := make(map[string]string) @@ -197,7 +197,7 @@ func (a *SecurityMonitoringApi) ConvertJobResultToSignal(ctx _context.Context, b return nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()} } - localVarPath := localBasePath + "/api/v2/siem-historical-detections/jobs/signal_convert" + localVarPath := localBasePath + "/api/v2/siem-threat-hunting/jobs/signal_convert" localVarHeaderParams := make(map[string]string) localVarQueryParams := _neturl.Values{} @@ -897,30 +897,21 @@ func (a *SecurityMonitoringApi) DeleteCustomFramework(ctx _context.Context, hand return localVarReturnValue, localVarHTTPResponse, nil } -// DeleteHistoricalJob Delete an existing job. -// Delete an existing job. -func (a *SecurityMonitoringApi) DeleteHistoricalJob(ctx _context.Context, jobId string) (*_nethttp.Response, error) { +// DeleteSecurityFilter Delete a security filter. +// Delete a specific security filter. +func (a *SecurityMonitoringApi) DeleteSecurityFilter(ctx _context.Context, securityFilterId string) (*_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodDelete localVarPostBody interface{} ) - operationId := "v2.DeleteHistoricalJob" - isOperationEnabled := a.Client.Cfg.IsUnstableOperationEnabled(operationId) - if !isOperationEnabled { - return nil, datadog.GenericOpenAPIError{ErrorMessage: _fmt.Sprintf("Unstable operation '%s' is disabled", operationId)} - } - if isOperationEnabled && a.Client.Cfg.Debug { - _log.Printf("WARNING: Using unstable operation '%s'", operationId) - } - - localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.DeleteHistoricalJob") + localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.DeleteSecurityFilter") if err != nil { return nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()} } - localVarPath := localBasePath + "/api/v2/siem-historical-detections/jobs/{job_id}" - localVarPath = datadog.ReplacePathParameter(localVarPath, "{job_id}", _neturl.PathEscape(datadog.ParameterToString(jobId, ""))) + localVarPath := localBasePath + "/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}" + localVarPath = datadog.ReplacePathParameter(localVarPath, "{security_filter_id}", _neturl.PathEscape(datadog.ParameterToString(securityFilterId, ""))) localVarHeaderParams := make(map[string]string) localVarQueryParams := _neturl.Values{} @@ -960,7 +951,7 @@ func (a *SecurityMonitoringApi) DeleteHistoricalJob(ctx _context.Context, jobId ErrorBody: localVarBody, ErrorMessage: localVarHTTPResponse.Status, } - if localVarHTTPResponse.StatusCode == 400 || localVarHTTPResponse.StatusCode == 401 || localVarHTTPResponse.StatusCode == 403 || localVarHTTPResponse.StatusCode == 404 || localVarHTTPResponse.StatusCode == 409 || localVarHTTPResponse.StatusCode == 429 { + if localVarHTTPResponse.StatusCode == 403 || localVarHTTPResponse.StatusCode == 404 || localVarHTTPResponse.StatusCode == 429 { var v APIErrorResponse err = a.Client.Decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) if err != nil { @@ -974,21 +965,21 @@ func (a *SecurityMonitoringApi) DeleteHistoricalJob(ctx _context.Context, jobId return localVarHTTPResponse, nil } -// DeleteSecurityFilter Delete a security filter. -// Delete a specific security filter. -func (a *SecurityMonitoringApi) DeleteSecurityFilter(ctx _context.Context, securityFilterId string) (*_nethttp.Response, error) { +// DeleteSecurityMonitoringRule Delete an existing rule. +// Delete an existing rule. Default rules cannot be deleted. +func (a *SecurityMonitoringApi) DeleteSecurityMonitoringRule(ctx _context.Context, ruleId string) (*_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodDelete localVarPostBody interface{} ) - localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.DeleteSecurityFilter") + localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.DeleteSecurityMonitoringRule") if err != nil { return nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()} } - localVarPath := localBasePath + "/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}" - localVarPath = datadog.ReplacePathParameter(localVarPath, "{security_filter_id}", _neturl.PathEscape(datadog.ParameterToString(securityFilterId, ""))) + localVarPath := localBasePath + "/api/v2/security_monitoring/rules/{rule_id}" + localVarPath = datadog.ReplacePathParameter(localVarPath, "{rule_id}", _neturl.PathEscape(datadog.ParameterToString(ruleId, ""))) localVarHeaderParams := make(map[string]string) localVarQueryParams := _neturl.Values{} @@ -1042,21 +1033,21 @@ func (a *SecurityMonitoringApi) DeleteSecurityFilter(ctx _context.Context, secur return localVarHTTPResponse, nil } -// DeleteSecurityMonitoringRule Delete an existing rule. -// Delete an existing rule. Default rules cannot be deleted. -func (a *SecurityMonitoringApi) DeleteSecurityMonitoringRule(ctx _context.Context, ruleId string) (*_nethttp.Response, error) { +// DeleteSecurityMonitoringSuppression Delete a suppression rule. +// Delete a specific suppression rule. +func (a *SecurityMonitoringApi) DeleteSecurityMonitoringSuppression(ctx _context.Context, suppressionId string) (*_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodDelete localVarPostBody interface{} ) - localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.DeleteSecurityMonitoringRule") + localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.DeleteSecurityMonitoringSuppression") if err != nil { return nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()} } - localVarPath := localBasePath + "/api/v2/security_monitoring/rules/{rule_id}" - localVarPath = datadog.ReplacePathParameter(localVarPath, "{rule_id}", _neturl.PathEscape(datadog.ParameterToString(ruleId, ""))) + localVarPath := localBasePath + "/api/v2/security_monitoring/configuration/suppressions/{suppression_id}" + localVarPath = datadog.ReplacePathParameter(localVarPath, "{suppression_id}", _neturl.PathEscape(datadog.ParameterToString(suppressionId, ""))) localVarHeaderParams := make(map[string]string) localVarQueryParams := _neturl.Values{} @@ -1110,21 +1101,21 @@ func (a *SecurityMonitoringApi) DeleteSecurityMonitoringRule(ctx _context.Contex return localVarHTTPResponse, nil } -// DeleteSecurityMonitoringSuppression Delete a suppression rule. -// Delete a specific suppression rule. -func (a *SecurityMonitoringApi) DeleteSecurityMonitoringSuppression(ctx _context.Context, suppressionId string) (*_nethttp.Response, error) { +// DeleteSignalNotificationRule Delete a signal-based notification rule. +// Delete a notification rule for security signals. +func (a *SecurityMonitoringApi) DeleteSignalNotificationRule(ctx _context.Context, id string) (*_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodDelete localVarPostBody interface{} ) - localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.DeleteSecurityMonitoringSuppression") + localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.DeleteSignalNotificationRule") if err != nil { return nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()} } - localVarPath := localBasePath + "/api/v2/security_monitoring/configuration/suppressions/{suppression_id}" - localVarPath = datadog.ReplacePathParameter(localVarPath, "{suppression_id}", _neturl.PathEscape(datadog.ParameterToString(suppressionId, ""))) + localVarPath := localBasePath + "/api/v2/security/signals/notification_rules/{id}" + localVarPath = datadog.ReplacePathParameter(localVarPath, "{id}", _neturl.PathEscape(datadog.ParameterToString(id, ""))) localVarHeaderParams := make(map[string]string) localVarQueryParams := _neturl.Values{} @@ -1178,21 +1169,30 @@ func (a *SecurityMonitoringApi) DeleteSecurityMonitoringSuppression(ctx _context return localVarHTTPResponse, nil } -// DeleteSignalNotificationRule Delete a signal-based notification rule. -// Delete a notification rule for security signals. -func (a *SecurityMonitoringApi) DeleteSignalNotificationRule(ctx _context.Context, id string) (*_nethttp.Response, error) { +// DeleteThreatHuntingJob Delete an existing job. +// Delete an existing job. +func (a *SecurityMonitoringApi) DeleteThreatHuntingJob(ctx _context.Context, jobId string) (*_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodDelete localVarPostBody interface{} ) - localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.DeleteSignalNotificationRule") + operationId := "v2.DeleteThreatHuntingJob" + isOperationEnabled := a.Client.Cfg.IsUnstableOperationEnabled(operationId) + if !isOperationEnabled { + return nil, datadog.GenericOpenAPIError{ErrorMessage: _fmt.Sprintf("Unstable operation '%s' is disabled", operationId)} + } + if isOperationEnabled && a.Client.Cfg.Debug { + _log.Printf("WARNING: Using unstable operation '%s'", operationId) + } + + localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.DeleteThreatHuntingJob") if err != nil { return nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()} } - localVarPath := localBasePath + "/api/v2/security/signals/notification_rules/{id}" - localVarPath = datadog.ReplacePathParameter(localVarPath, "{id}", _neturl.PathEscape(datadog.ParameterToString(id, ""))) + localVarPath := localBasePath + "/api/v2/siem-threat-hunting/jobs/{job_id}" + localVarPath = datadog.ReplacePathParameter(localVarPath, "{job_id}", _neturl.PathEscape(datadog.ParameterToString(jobId, ""))) localVarHeaderParams := make(map[string]string) localVarQueryParams := _neturl.Values{} @@ -1232,7 +1232,7 @@ func (a *SecurityMonitoringApi) DeleteSignalNotificationRule(ctx _context.Contex ErrorBody: localVarBody, ErrorMessage: localVarHTTPResponse.Status, } - if localVarHTTPResponse.StatusCode == 403 || localVarHTTPResponse.StatusCode == 404 || localVarHTTPResponse.StatusCode == 429 { + if localVarHTTPResponse.StatusCode == 400 || localVarHTTPResponse.StatusCode == 401 || localVarHTTPResponse.StatusCode == 403 || localVarHTTPResponse.StatusCode == 404 || localVarHTTPResponse.StatusCode == 409 || localVarHTTPResponse.StatusCode == 429 { var v APIErrorResponse err = a.Client.Decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) if err != nil { @@ -1751,93 +1751,6 @@ func (a *SecurityMonitoringApi) GetFinding(ctx _context.Context, findingId strin return localVarReturnValue, localVarHTTPResponse, nil } -// GetHistoricalJob Get a job's details. -// Get a job's details. -func (a *SecurityMonitoringApi) GetHistoricalJob(ctx _context.Context, jobId string) (HistoricalJobResponse, *_nethttp.Response, error) { - var ( - localVarHTTPMethod = _nethttp.MethodGet - localVarPostBody interface{} - localVarReturnValue HistoricalJobResponse - ) - - operationId := "v2.GetHistoricalJob" - isOperationEnabled := a.Client.Cfg.IsUnstableOperationEnabled(operationId) - if !isOperationEnabled { - return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: _fmt.Sprintf("Unstable operation '%s' is disabled", operationId)} - } - if isOperationEnabled && a.Client.Cfg.Debug { - _log.Printf("WARNING: Using unstable operation '%s'", operationId) - } - - localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.GetHistoricalJob") - if err != nil { - return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()} - } - - localVarPath := localBasePath + "/api/v2/siem-historical-detections/jobs/{job_id}" - localVarPath = datadog.ReplacePathParameter(localVarPath, "{job_id}", _neturl.PathEscape(datadog.ParameterToString(jobId, ""))) - - localVarHeaderParams := make(map[string]string) - localVarQueryParams := _neturl.Values{} - localVarFormParams := _neturl.Values{} - localVarHeaderParams["Accept"] = "application/json" - - if a.Client.Cfg.DelegatedTokenConfig != nil { - err = datadog.UseDelegatedTokenAuth(ctx, &localVarHeaderParams, a.Client.Cfg.DelegatedTokenConfig) - if err != nil { - return localVarReturnValue, nil, err - } - } else { - datadog.SetAuthKeys( - ctx, - &localVarHeaderParams, - [2]string{"apiKeyAuth", "DD-API-KEY"}, - [2]string{"appKeyAuth", "DD-APPLICATION-KEY"}, - ) - } - req, err := a.Client.PrepareRequest(ctx, localVarPath, localVarHTTPMethod, localVarPostBody, localVarHeaderParams, localVarQueryParams, localVarFormParams, nil) - if err != nil { - return localVarReturnValue, nil, err - } - - localVarHTTPResponse, err := a.Client.CallAPI(req) - if err != nil || localVarHTTPResponse == nil { - return localVarReturnValue, localVarHTTPResponse, err - } - - localVarBody, err := datadog.ReadBody(localVarHTTPResponse) - if err != nil { - return localVarReturnValue, localVarHTTPResponse, err - } - - if localVarHTTPResponse.StatusCode >= 300 { - newErr := datadog.GenericOpenAPIError{ - ErrorBody: localVarBody, - ErrorMessage: localVarHTTPResponse.Status, - } - if localVarHTTPResponse.StatusCode == 400 || localVarHTTPResponse.StatusCode == 403 || localVarHTTPResponse.StatusCode == 404 || localVarHTTPResponse.StatusCode == 429 { - var v APIErrorResponse - err = a.Client.Decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) - if err != nil { - return localVarReturnValue, localVarHTTPResponse, newErr - } - newErr.ErrorModel = v - } - return localVarReturnValue, localVarHTTPResponse, newErr - } - - err = a.Client.Decode(&localVarReturnValue, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) - if err != nil { - newErr := datadog.GenericOpenAPIError{ - ErrorBody: localVarBody, - ErrorMessage: err.Error(), - } - return localVarReturnValue, localVarHTTPResponse, newErr - } - - return localVarReturnValue, localVarHTTPResponse, nil -} - // GetResourceEvaluationFiltersOptionalParameters holds optional parameters for GetResourceEvaluationFilters. type GetResourceEvaluationFiltersOptionalParameters struct { CloudProvider *string @@ -2327,7 +2240,7 @@ func (a *SecurityMonitoringApi) GetSecurityMonitoringHistsignal(ctx _context.Con return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()} } - localVarPath := localBasePath + "/api/v2/siem-historical-detections/histsignals/{histsignal_id}" + localVarPath := localBasePath + "/api/v2/siem-threat-hunting/histsignals/{histsignal_id}" localVarPath = datadog.ReplacePathParameter(localVarPath, "{histsignal_id}", _neturl.PathEscape(datadog.ParameterToString(histsignalId, ""))) localVarHeaderParams := make(map[string]string) @@ -2474,7 +2387,7 @@ func (a *SecurityMonitoringApi) GetSecurityMonitoringHistsignalsByJobId(ctx _con return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()} } - localVarPath := localBasePath + "/api/v2/siem-historical-detections/jobs/{job_id}/histsignals" + localVarPath := localBasePath + "/api/v2/siem-threat-hunting/jobs/{job_id}/histsignals" localVarPath = datadog.ReplacePathParameter(localVarPath, "{job_id}", _neturl.PathEscape(datadog.ParameterToString(jobId, ""))) localVarHeaderParams := make(map[string]string) @@ -3103,6 +3016,93 @@ func (a *SecurityMonitoringApi) GetSuppressionsAffectingRule(ctx _context.Contex return localVarReturnValue, localVarHTTPResponse, nil } +// GetThreatHuntingJob Get a job's details. +// Get a job's details. +func (a *SecurityMonitoringApi) GetThreatHuntingJob(ctx _context.Context, jobId string) (ThreatHuntingJobResponse, *_nethttp.Response, error) { + var ( + localVarHTTPMethod = _nethttp.MethodGet + localVarPostBody interface{} + localVarReturnValue ThreatHuntingJobResponse + ) + + operationId := "v2.GetThreatHuntingJob" + isOperationEnabled := a.Client.Cfg.IsUnstableOperationEnabled(operationId) + if !isOperationEnabled { + return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: _fmt.Sprintf("Unstable operation '%s' is disabled", operationId)} + } + if isOperationEnabled && a.Client.Cfg.Debug { + _log.Printf("WARNING: Using unstable operation '%s'", operationId) + } + + localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.GetThreatHuntingJob") + if err != nil { + return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()} + } + + localVarPath := localBasePath + "/api/v2/siem-threat-hunting/jobs/{job_id}" + localVarPath = datadog.ReplacePathParameter(localVarPath, "{job_id}", _neturl.PathEscape(datadog.ParameterToString(jobId, ""))) + + localVarHeaderParams := make(map[string]string) + localVarQueryParams := _neturl.Values{} + localVarFormParams := _neturl.Values{} + localVarHeaderParams["Accept"] = "application/json" + + if a.Client.Cfg.DelegatedTokenConfig != nil { + err = datadog.UseDelegatedTokenAuth(ctx, &localVarHeaderParams, a.Client.Cfg.DelegatedTokenConfig) + if err != nil { + return localVarReturnValue, nil, err + } + } else { + datadog.SetAuthKeys( + ctx, + &localVarHeaderParams, + [2]string{"apiKeyAuth", "DD-API-KEY"}, + [2]string{"appKeyAuth", "DD-APPLICATION-KEY"}, + ) + } + req, err := a.Client.PrepareRequest(ctx, localVarPath, localVarHTTPMethod, localVarPostBody, localVarHeaderParams, localVarQueryParams, localVarFormParams, nil) + if err != nil { + return localVarReturnValue, nil, err + } + + localVarHTTPResponse, err := a.Client.CallAPI(req) + if err != nil || localVarHTTPResponse == nil { + return localVarReturnValue, localVarHTTPResponse, err + } + + localVarBody, err := datadog.ReadBody(localVarHTTPResponse) + if err != nil { + return localVarReturnValue, localVarHTTPResponse, err + } + + if localVarHTTPResponse.StatusCode >= 300 { + newErr := datadog.GenericOpenAPIError{ + ErrorBody: localVarBody, + ErrorMessage: localVarHTTPResponse.Status, + } + if localVarHTTPResponse.StatusCode == 400 || localVarHTTPResponse.StatusCode == 403 || localVarHTTPResponse.StatusCode == 404 || localVarHTTPResponse.StatusCode == 429 { + var v APIErrorResponse + err = a.Client.Decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) + if err != nil { + return localVarReturnValue, localVarHTTPResponse, newErr + } + newErr.ErrorModel = v + } + return localVarReturnValue, localVarHTTPResponse, newErr + } + + err = a.Client.Decode(&localVarReturnValue, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) + if err != nil { + newErr := datadog.GenericOpenAPIError{ + ErrorBody: localVarBody, + ErrorMessage: err.Error(), + } + return localVarReturnValue, localVarHTTPResponse, newErr + } + + return localVarReturnValue, localVarHTTPResponse, nil +} + // GetVulnerabilityNotificationRule Get details of a vulnerability notification rule. // Get the details of a notification rule for security vulnerabilities. func (a *SecurityMonitoringApi) GetVulnerabilityNotificationRule(ctx _context.Context, id string) (NotificationRuleResponse, *_nethttp.Response, error) { @@ -3826,150 +3826,6 @@ func (a *SecurityMonitoringApi) ListFindingsWithPagination(ctx _context.Context, return items, cancel } -// ListHistoricalJobsOptionalParameters holds optional parameters for ListHistoricalJobs. -type ListHistoricalJobsOptionalParameters struct { - PageSize *int64 - PageNumber *int64 - Sort *string - FilterQuery *string -} - -// NewListHistoricalJobsOptionalParameters creates an empty struct for parameters. -func NewListHistoricalJobsOptionalParameters() *ListHistoricalJobsOptionalParameters { - this := ListHistoricalJobsOptionalParameters{} - return &this -} - -// WithPageSize sets the corresponding parameter name and returns the struct. -func (r *ListHistoricalJobsOptionalParameters) WithPageSize(pageSize int64) *ListHistoricalJobsOptionalParameters { - r.PageSize = &pageSize - return r -} - -// WithPageNumber sets the corresponding parameter name and returns the struct. -func (r *ListHistoricalJobsOptionalParameters) WithPageNumber(pageNumber int64) *ListHistoricalJobsOptionalParameters { - r.PageNumber = &pageNumber - return r -} - -// WithSort sets the corresponding parameter name and returns the struct. -func (r *ListHistoricalJobsOptionalParameters) WithSort(sort string) *ListHistoricalJobsOptionalParameters { - r.Sort = &sort - return r -} - -// WithFilterQuery sets the corresponding parameter name and returns the struct. -func (r *ListHistoricalJobsOptionalParameters) WithFilterQuery(filterQuery string) *ListHistoricalJobsOptionalParameters { - r.FilterQuery = &filterQuery - return r -} - -// ListHistoricalJobs List historical jobs. -// List historical jobs. -func (a *SecurityMonitoringApi) ListHistoricalJobs(ctx _context.Context, o ...ListHistoricalJobsOptionalParameters) (ListHistoricalJobsResponse, *_nethttp.Response, error) { - var ( - localVarHTTPMethod = _nethttp.MethodGet - localVarPostBody interface{} - localVarReturnValue ListHistoricalJobsResponse - optionalParams ListHistoricalJobsOptionalParameters - ) - - if len(o) > 1 { - return localVarReturnValue, nil, datadog.ReportError("only one argument of type ListHistoricalJobsOptionalParameters is allowed") - } - if len(o) == 1 { - optionalParams = o[0] - } - - operationId := "v2.ListHistoricalJobs" - isOperationEnabled := a.Client.Cfg.IsUnstableOperationEnabled(operationId) - if !isOperationEnabled { - return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: _fmt.Sprintf("Unstable operation '%s' is disabled", operationId)} - } - if isOperationEnabled && a.Client.Cfg.Debug { - _log.Printf("WARNING: Using unstable operation '%s'", operationId) - } - - localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.ListHistoricalJobs") - if err != nil { - return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()} - } - - localVarPath := localBasePath + "/api/v2/siem-historical-detections/jobs" - - localVarHeaderParams := make(map[string]string) - localVarQueryParams := _neturl.Values{} - localVarFormParams := _neturl.Values{} - if optionalParams.PageSize != nil { - localVarQueryParams.Add("page[size]", datadog.ParameterToString(*optionalParams.PageSize, "")) - } - if optionalParams.PageNumber != nil { - localVarQueryParams.Add("page[number]", datadog.ParameterToString(*optionalParams.PageNumber, "")) - } - if optionalParams.Sort != nil { - localVarQueryParams.Add("sort", datadog.ParameterToString(*optionalParams.Sort, "")) - } - if optionalParams.FilterQuery != nil { - localVarQueryParams.Add("filter[query]", datadog.ParameterToString(*optionalParams.FilterQuery, "")) - } - localVarHeaderParams["Accept"] = "application/json" - - if a.Client.Cfg.DelegatedTokenConfig != nil { - err = datadog.UseDelegatedTokenAuth(ctx, &localVarHeaderParams, a.Client.Cfg.DelegatedTokenConfig) - if err != nil { - return localVarReturnValue, nil, err - } - } else { - datadog.SetAuthKeys( - ctx, - &localVarHeaderParams, - [2]string{"apiKeyAuth", "DD-API-KEY"}, - [2]string{"appKeyAuth", "DD-APPLICATION-KEY"}, - ) - } - req, err := a.Client.PrepareRequest(ctx, localVarPath, localVarHTTPMethod, localVarPostBody, localVarHeaderParams, localVarQueryParams, localVarFormParams, nil) - if err != nil { - return localVarReturnValue, nil, err - } - - localVarHTTPResponse, err := a.Client.CallAPI(req) - if err != nil || localVarHTTPResponse == nil { - return localVarReturnValue, localVarHTTPResponse, err - } - - localVarBody, err := datadog.ReadBody(localVarHTTPResponse) - if err != nil { - return localVarReturnValue, localVarHTTPResponse, err - } - - if localVarHTTPResponse.StatusCode >= 300 { - newErr := datadog.GenericOpenAPIError{ - ErrorBody: localVarBody, - ErrorMessage: localVarHTTPResponse.Status, - } - if localVarHTTPResponse.StatusCode == 400 || localVarHTTPResponse.StatusCode == 403 || localVarHTTPResponse.StatusCode == 429 { - var v APIErrorResponse - err = a.Client.Decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) - if err != nil { - return localVarReturnValue, localVarHTTPResponse, newErr - } - newErr.ErrorModel = v - } - return localVarReturnValue, localVarHTTPResponse, newErr - } - - err = a.Client.Decode(&localVarReturnValue, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) - if err != nil { - newErr := datadog.GenericOpenAPIError{ - ErrorBody: localVarBody, - ErrorMessage: err.Error(), - } - return localVarReturnValue, localVarHTTPResponse, newErr - } - - return localVarReturnValue, localVarHTTPResponse, nil -} - // ListScannedAssetsMetadataOptionalParameters holds optional parameters for ListScannedAssetsMetadata. type ListScannedAssetsMetadataOptionalParameters struct { PageToken *string @@ -4346,7 +4202,7 @@ func (a *SecurityMonitoringApi) ListSecurityMonitoringHistsignals(ctx _context.C return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()} } - localVarPath := localBasePath + "/api/v2/siem-historical-detections/histsignals" + localVarPath := localBasePath + "/api/v2/siem-threat-hunting/histsignals" localVarHeaderParams := make(map[string]string) localVarQueryParams := _neturl.Values{} @@ -4862,6 +4718,150 @@ func (a *SecurityMonitoringApi) ListSecurityMonitoringSuppressions(ctx _context. return localVarReturnValue, localVarHTTPResponse, nil } +// ListThreatHuntingJobsOptionalParameters holds optional parameters for ListThreatHuntingJobs. +type ListThreatHuntingJobsOptionalParameters struct { + PageSize *int64 + PageNumber *int64 + Sort *string + FilterQuery *string +} + +// NewListThreatHuntingJobsOptionalParameters creates an empty struct for parameters. +func NewListThreatHuntingJobsOptionalParameters() *ListThreatHuntingJobsOptionalParameters { + this := ListThreatHuntingJobsOptionalParameters{} + return &this +} + +// WithPageSize sets the corresponding parameter name and returns the struct. +func (r *ListThreatHuntingJobsOptionalParameters) WithPageSize(pageSize int64) *ListThreatHuntingJobsOptionalParameters { + r.PageSize = &pageSize + return r +} + +// WithPageNumber sets the corresponding parameter name and returns the struct. +func (r *ListThreatHuntingJobsOptionalParameters) WithPageNumber(pageNumber int64) *ListThreatHuntingJobsOptionalParameters { + r.PageNumber = &pageNumber + return r +} + +// WithSort sets the corresponding parameter name and returns the struct. +func (r *ListThreatHuntingJobsOptionalParameters) WithSort(sort string) *ListThreatHuntingJobsOptionalParameters { + r.Sort = &sort + return r +} + +// WithFilterQuery sets the corresponding parameter name and returns the struct. +func (r *ListThreatHuntingJobsOptionalParameters) WithFilterQuery(filterQuery string) *ListThreatHuntingJobsOptionalParameters { + r.FilterQuery = &filterQuery + return r +} + +// ListThreatHuntingJobs List threat hunting jobs. +// List threat hunting jobs. +func (a *SecurityMonitoringApi) ListThreatHuntingJobs(ctx _context.Context, o ...ListThreatHuntingJobsOptionalParameters) (ListThreatHuntingJobsResponse, *_nethttp.Response, error) { + var ( + localVarHTTPMethod = _nethttp.MethodGet + localVarPostBody interface{} + localVarReturnValue ListThreatHuntingJobsResponse + optionalParams ListThreatHuntingJobsOptionalParameters + ) + + if len(o) > 1 { + return localVarReturnValue, nil, datadog.ReportError("only one argument of type ListThreatHuntingJobsOptionalParameters is allowed") + } + if len(o) == 1 { + optionalParams = o[0] + } + + operationId := "v2.ListThreatHuntingJobs" + isOperationEnabled := a.Client.Cfg.IsUnstableOperationEnabled(operationId) + if !isOperationEnabled { + return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: _fmt.Sprintf("Unstable operation '%s' is disabled", operationId)} + } + if isOperationEnabled && a.Client.Cfg.Debug { + _log.Printf("WARNING: Using unstable operation '%s'", operationId) + } + + localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.ListThreatHuntingJobs") + if err != nil { + return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()} + } + + localVarPath := localBasePath + "/api/v2/siem-threat-hunting/jobs" + + localVarHeaderParams := make(map[string]string) + localVarQueryParams := _neturl.Values{} + localVarFormParams := _neturl.Values{} + if optionalParams.PageSize != nil { + localVarQueryParams.Add("page[size]", datadog.ParameterToString(*optionalParams.PageSize, "")) + } + if optionalParams.PageNumber != nil { + localVarQueryParams.Add("page[number]", datadog.ParameterToString(*optionalParams.PageNumber, "")) + } + if optionalParams.Sort != nil { + localVarQueryParams.Add("sort", datadog.ParameterToString(*optionalParams.Sort, "")) + } + if optionalParams.FilterQuery != nil { + localVarQueryParams.Add("filter[query]", datadog.ParameterToString(*optionalParams.FilterQuery, "")) + } + localVarHeaderParams["Accept"] = "application/json" + + if a.Client.Cfg.DelegatedTokenConfig != nil { + err = datadog.UseDelegatedTokenAuth(ctx, &localVarHeaderParams, a.Client.Cfg.DelegatedTokenConfig) + if err != nil { + return localVarReturnValue, nil, err + } + } else { + datadog.SetAuthKeys( + ctx, + &localVarHeaderParams, + [2]string{"apiKeyAuth", "DD-API-KEY"}, + [2]string{"appKeyAuth", "DD-APPLICATION-KEY"}, + ) + } + req, err := a.Client.PrepareRequest(ctx, localVarPath, localVarHTTPMethod, localVarPostBody, localVarHeaderParams, localVarQueryParams, localVarFormParams, nil) + if err != nil { + return localVarReturnValue, nil, err + } + + localVarHTTPResponse, err := a.Client.CallAPI(req) + if err != nil || localVarHTTPResponse == nil { + return localVarReturnValue, localVarHTTPResponse, err + } + + localVarBody, err := datadog.ReadBody(localVarHTTPResponse) + if err != nil { + return localVarReturnValue, localVarHTTPResponse, err + } + + if localVarHTTPResponse.StatusCode >= 300 { + newErr := datadog.GenericOpenAPIError{ + ErrorBody: localVarBody, + ErrorMessage: localVarHTTPResponse.Status, + } + if localVarHTTPResponse.StatusCode == 400 || localVarHTTPResponse.StatusCode == 403 || localVarHTTPResponse.StatusCode == 429 { + var v APIErrorResponse + err = a.Client.Decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) + if err != nil { + return localVarReturnValue, localVarHTTPResponse, newErr + } + newErr.ErrorModel = v + } + return localVarReturnValue, localVarHTTPResponse, newErr + } + + err = a.Client.Decode(&localVarReturnValue, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) + if err != nil { + newErr := datadog.GenericOpenAPIError{ + ErrorBody: localVarBody, + ErrorMessage: err.Error(), + } + return localVarReturnValue, localVarHTTPResponse, newErr + } + + return localVarReturnValue, localVarHTTPResponse, nil +} + // ListVulnerabilitiesOptionalParameters holds optional parameters for ListVulnerabilities. type ListVulnerabilitiesOptionalParameters struct { PageToken *string @@ -6050,16 +6050,16 @@ func (a *SecurityMonitoringApi) PatchVulnerabilityNotificationRule(ctx _context. return localVarReturnValue, localVarHTTPResponse, nil } -// RunHistoricalJob Run a historical job. -// Run a historical job. -func (a *SecurityMonitoringApi) RunHistoricalJob(ctx _context.Context, body RunHistoricalJobRequest) (JobCreateResponse, *_nethttp.Response, error) { +// RunThreatHuntingJob Run a threat hunting job. +// Run a threat hunting job. +func (a *SecurityMonitoringApi) RunThreatHuntingJob(ctx _context.Context, body RunThreatHuntingJobRequest) (JobCreateResponse, *_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodPost localVarPostBody interface{} localVarReturnValue JobCreateResponse ) - operationId := "v2.RunHistoricalJob" + operationId := "v2.RunThreatHuntingJob" isOperationEnabled := a.Client.Cfg.IsUnstableOperationEnabled(operationId) if !isOperationEnabled { return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: _fmt.Sprintf("Unstable operation '%s' is disabled", operationId)} @@ -6068,12 +6068,12 @@ func (a *SecurityMonitoringApi) RunHistoricalJob(ctx _context.Context, body RunH _log.Printf("WARNING: Using unstable operation '%s'", operationId) } - localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.RunHistoricalJob") + localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.RunThreatHuntingJob") if err != nil { return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()} } - localVarPath := localBasePath + "/api/v2/siem-historical-detections/jobs" + localVarPath := localBasePath + "/api/v2/siem-threat-hunting/jobs" localVarHeaderParams := make(map[string]string) localVarQueryParams := _neturl.Values{} @@ -6187,7 +6187,7 @@ func (a *SecurityMonitoringApi) SearchSecurityMonitoringHistsignals(ctx _context return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()} } - localVarPath := localBasePath + "/api/v2/siem-historical-detections/histsignals/search" + localVarPath := localBasePath + "/api/v2/siem-threat-hunting/histsignals/search" localVarHeaderParams := make(map[string]string) localVarQueryParams := _neturl.Values{} diff --git a/api/datadogV2/doc.go b/api/datadogV2/doc.go index f134f76aac8..e708bb3f9fc 100644 --- a/api/datadogV2/doc.go +++ b/api/datadogV2/doc.go @@ -479,7 +479,7 @@ // - [RumRetentionFiltersApi.ListRetentionFilters] // - [RumRetentionFiltersApi.OrderRetentionFilters] // - [RumRetentionFiltersApi.UpdateRetentionFilter] -// - [SecurityMonitoringApi.CancelHistoricalJob] +// - [SecurityMonitoringApi.CancelThreatHuntingJob] // - [SecurityMonitoringApi.ConvertExistingSecurityMonitoringRule] // - [SecurityMonitoringApi.ConvertJobResultToSignal] // - [SecurityMonitoringApi.ConvertSecurityMonitoringRuleFromJSONToTerraform] @@ -490,18 +490,17 @@ // - [SecurityMonitoringApi.CreateSignalNotificationRule] // - [SecurityMonitoringApi.CreateVulnerabilityNotificationRule] // - [SecurityMonitoringApi.DeleteCustomFramework] -// - [SecurityMonitoringApi.DeleteHistoricalJob] // - [SecurityMonitoringApi.DeleteSecurityFilter] // - [SecurityMonitoringApi.DeleteSecurityMonitoringRule] // - [SecurityMonitoringApi.DeleteSecurityMonitoringSuppression] // - [SecurityMonitoringApi.DeleteSignalNotificationRule] +// - [SecurityMonitoringApi.DeleteThreatHuntingJob] // - [SecurityMonitoringApi.DeleteVulnerabilityNotificationRule] // - [SecurityMonitoringApi.EditSecurityMonitoringSignalAssignee] // - [SecurityMonitoringApi.EditSecurityMonitoringSignalIncidents] // - [SecurityMonitoringApi.EditSecurityMonitoringSignalState] // - [SecurityMonitoringApi.GetCustomFramework] // - [SecurityMonitoringApi.GetFinding] -// - [SecurityMonitoringApi.GetHistoricalJob] // - [SecurityMonitoringApi.GetResourceEvaluationFilters] // - [SecurityMonitoringApi.GetRuleVersionHistory] // - [SecurityMonitoringApi.GetSBOM] @@ -515,23 +514,24 @@ // - [SecurityMonitoringApi.GetSignalNotificationRules] // - [SecurityMonitoringApi.GetSuppressionsAffectingFutureRule] // - [SecurityMonitoringApi.GetSuppressionsAffectingRule] +// - [SecurityMonitoringApi.GetThreatHuntingJob] // - [SecurityMonitoringApi.GetVulnerabilityNotificationRule] // - [SecurityMonitoringApi.GetVulnerabilityNotificationRules] // - [SecurityMonitoringApi.ListAssetsSBOMs] // - [SecurityMonitoringApi.ListFindings] -// - [SecurityMonitoringApi.ListHistoricalJobs] // - [SecurityMonitoringApi.ListScannedAssetsMetadata] // - [SecurityMonitoringApi.ListSecurityFilters] // - [SecurityMonitoringApi.ListSecurityMonitoringHistsignals] // - [SecurityMonitoringApi.ListSecurityMonitoringRules] // - [SecurityMonitoringApi.ListSecurityMonitoringSignals] // - [SecurityMonitoringApi.ListSecurityMonitoringSuppressions] +// - [SecurityMonitoringApi.ListThreatHuntingJobs] // - [SecurityMonitoringApi.ListVulnerabilities] // - [SecurityMonitoringApi.ListVulnerableAssets] // - [SecurityMonitoringApi.MuteFindings] // - [SecurityMonitoringApi.PatchSignalNotificationRule] // - [SecurityMonitoringApi.PatchVulnerabilityNotificationRule] -// - [SecurityMonitoringApi.RunHistoricalJob] +// - [SecurityMonitoringApi.RunThreatHuntingJob] // - [SecurityMonitoringApi.SearchSecurityMonitoringHistsignals] // - [SecurityMonitoringApi.SearchSecurityMonitoringSignals] // - [SecurityMonitoringApi.TestExistingSecurityMonitoringRule] diff --git a/api/datadogV2/model_convert_job_results_to_signals_attributes.go b/api/datadogV2/model_convert_job_results_to_signals_attributes.go index e10ac0e0ec0..1b2b4a2366d 100644 --- a/api/datadogV2/model_convert_job_results_to_signals_attributes.go +++ b/api/datadogV2/model_convert_job_results_to_signals_attributes.go @@ -10,7 +10,7 @@ import ( "github.com/DataDog/datadog-api-client-go/v2/api/datadog" ) -// ConvertJobResultsToSignalsAttributes Attributes for converting historical job results to signals. +// ConvertJobResultsToSignalsAttributes Attributes for converting threat hunting job results to signals. type ConvertJobResultsToSignalsAttributes struct { // Request ID. Id *string `json:"id,omitempty"` diff --git a/api/datadogV2/model_convert_job_results_to_signals_data.go b/api/datadogV2/model_convert_job_results_to_signals_data.go index a46b9ce101c..ab7314c15de 100644 --- a/api/datadogV2/model_convert_job_results_to_signals_data.go +++ b/api/datadogV2/model_convert_job_results_to_signals_data.go @@ -8,9 +8,9 @@ import ( "github.com/DataDog/datadog-api-client-go/v2/api/datadog" ) -// ConvertJobResultsToSignalsData Data for converting historical job results to signals. +// ConvertJobResultsToSignalsData Data for converting threat hunting job results to signals. type ConvertJobResultsToSignalsData struct { - // Attributes for converting historical job results to signals. + // Attributes for converting threat hunting job results to signals. Attributes *ConvertJobResultsToSignalsAttributes `json:"attributes,omitempty"` // Type of payload. Type *ConvertJobResultsToSignalsDataType `json:"type,omitempty"` diff --git a/api/datadogV2/model_convert_job_results_to_signals_request.go b/api/datadogV2/model_convert_job_results_to_signals_request.go index 5f4d94aabc6..2889db4eb3d 100644 --- a/api/datadogV2/model_convert_job_results_to_signals_request.go +++ b/api/datadogV2/model_convert_job_results_to_signals_request.go @@ -8,9 +8,9 @@ import ( "github.com/DataDog/datadog-api-client-go/v2/api/datadog" ) -// ConvertJobResultsToSignalsRequest Request for converting historical job results to signals. +// ConvertJobResultsToSignalsRequest Request for converting threat hunting job results to signals. type ConvertJobResultsToSignalsRequest struct { - // Data for converting historical job results to signals. + // Data for converting threat hunting job results to signals. Data *ConvertJobResultsToSignalsData `json:"data,omitempty"` // UnparsedObject contains the raw value of the object if there was an error when deserializing into the struct UnparsedObject map[string]interface{} `json:"-"` diff --git a/api/datadogV2/model_gcp_metric_namespace_config.go b/api/datadogV2/model_gcp_metric_namespace_config.go index a3cbee0326e..6afda211eab 100644 --- a/api/datadogV2/model_gcp_metric_namespace_config.go +++ b/api/datadogV2/model_gcp_metric_namespace_config.go @@ -12,6 +12,8 @@ import ( type GCPMetricNamespaceConfig struct { // When disabled, Datadog does not collect metrics that are related to this GCP metric namespace. Disabled *bool `json:"disabled,omitempty"` + // When enabled, Datadog applies these additional filters to limit metric collection. A metric is collected only if it does not match all exclusion filters and matches at least one allow filter. + Filters []string `json:"filters,omitempty"` // The id of the GCP metric namespace. Id *string `json:"id,omitempty"` // UnparsedObject contains the raw value of the object if there was an error when deserializing into the struct @@ -68,6 +70,34 @@ func (o *GCPMetricNamespaceConfig) SetDisabled(v bool) { o.Disabled = &v } +// GetFilters returns the Filters field value if set, zero value otherwise. +func (o *GCPMetricNamespaceConfig) GetFilters() []string { + if o == nil || o.Filters == nil { + var ret []string + return ret + } + return o.Filters +} + +// GetFiltersOk returns a tuple with the Filters field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *GCPMetricNamespaceConfig) GetFiltersOk() (*[]string, bool) { + if o == nil || o.Filters == nil { + return nil, false + } + return &o.Filters, true +} + +// HasFilters returns a boolean if a field has been set. +func (o *GCPMetricNamespaceConfig) HasFilters() bool { + return o != nil && o.Filters != nil +} + +// SetFilters gets a reference to the given []string and assigns it to the Filters field. +func (o *GCPMetricNamespaceConfig) SetFilters(v []string) { + o.Filters = v +} + // GetId returns the Id field value if set, zero value otherwise. func (o *GCPMetricNamespaceConfig) GetId() string { if o == nil || o.Id == nil { @@ -105,6 +135,9 @@ func (o GCPMetricNamespaceConfig) MarshalJSON() ([]byte, error) { if o.Disabled != nil { toSerialize["disabled"] = o.Disabled } + if o.Filters != nil { + toSerialize["filters"] = o.Filters + } if o.Id != nil { toSerialize["id"] = o.Id } @@ -118,19 +151,21 @@ func (o GCPMetricNamespaceConfig) MarshalJSON() ([]byte, error) { // UnmarshalJSON deserializes the given payload. func (o *GCPMetricNamespaceConfig) UnmarshalJSON(bytes []byte) (err error) { all := struct { - Disabled *bool `json:"disabled,omitempty"` - Id *string `json:"id,omitempty"` + Disabled *bool `json:"disabled,omitempty"` + Filters []string `json:"filters,omitempty"` + Id *string `json:"id,omitempty"` }{} if err = datadog.Unmarshal(bytes, &all); err != nil { return datadog.Unmarshal(bytes, &o.UnparsedObject) } additionalProperties := make(map[string]interface{}) if err = datadog.Unmarshal(bytes, &additionalProperties); err == nil { - datadog.DeleteKeys(additionalProperties, &[]string{"disabled", "id"}) + datadog.DeleteKeys(additionalProperties, &[]string{"disabled", "filters", "id"}) } else { return err } o.Disabled = all.Disabled + o.Filters = all.Filters o.Id = all.Id if len(additionalProperties) > 0 { diff --git a/api/datadogV2/model_historical_job_data_type.go b/api/datadogV2/model_historical_job_data_type.go deleted file mode 100644 index 2982b37eedb..00000000000 --- a/api/datadogV2/model_historical_job_data_type.go +++ /dev/null @@ -1,64 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2019-Present Datadog, Inc. - -package datadogV2 - -import ( - "fmt" - - "github.com/DataDog/datadog-api-client-go/v2/api/datadog" -) - -// HistoricalJobDataType Type of payload. -type HistoricalJobDataType string - -// List of HistoricalJobDataType. -const ( - HISTORICALJOBDATATYPE_HISTORICALDETECTIONSJOB HistoricalJobDataType = "historicalDetectionsJob" -) - -var allowedHistoricalJobDataTypeEnumValues = []HistoricalJobDataType{ - HISTORICALJOBDATATYPE_HISTORICALDETECTIONSJOB, -} - -// GetAllowedValues reeturns the list of possible values. -func (v *HistoricalJobDataType) GetAllowedValues() []HistoricalJobDataType { - return allowedHistoricalJobDataTypeEnumValues -} - -// UnmarshalJSON deserializes the given payload. -func (v *HistoricalJobDataType) UnmarshalJSON(src []byte) error { - var value string - err := datadog.Unmarshal(src, &value) - if err != nil { - return err - } - *v = HistoricalJobDataType(value) - return nil -} - -// NewHistoricalJobDataTypeFromValue returns a pointer to a valid HistoricalJobDataType -// for the value passed as argument, or an error if the value passed is not allowed by the enum. -func NewHistoricalJobDataTypeFromValue(v string) (*HistoricalJobDataType, error) { - ev := HistoricalJobDataType(v) - if ev.IsValid() { - return &ev, nil - } - return nil, fmt.Errorf("invalid value '%v' for HistoricalJobDataType: valid values are %v", v, allowedHistoricalJobDataTypeEnumValues) -} - -// IsValid return true if the value is valid for the enum, false otherwise. -func (v HistoricalJobDataType) IsValid() bool { - for _, existing := range allowedHistoricalJobDataTypeEnumValues { - if existing == v { - return true - } - } - return false -} - -// Ptr returns reference to HistoricalJobDataType value. -func (v HistoricalJobDataType) Ptr() *HistoricalJobDataType { - return &v -} diff --git a/api/datadogV2/model_job_create_response.go b/api/datadogV2/model_job_create_response.go index ab21b2563bf..f74818152e9 100644 --- a/api/datadogV2/model_job_create_response.go +++ b/api/datadogV2/model_job_create_response.go @@ -8,7 +8,7 @@ import ( "github.com/DataDog/datadog-api-client-go/v2/api/datadog" ) -// JobCreateResponse Run a historical job response. +// JobCreateResponse Run a threat hunting job response. type JobCreateResponse struct { // The definition of `JobCreateResponseData` object. Data *JobCreateResponseData `json:"data,omitempty"` diff --git a/api/datadogV2/model_job_create_response_data.go b/api/datadogV2/model_job_create_response_data.go index efa90b06214..263037aaf2e 100644 --- a/api/datadogV2/model_job_create_response_data.go +++ b/api/datadogV2/model_job_create_response_data.go @@ -13,7 +13,7 @@ type JobCreateResponseData struct { // ID of the created job. Id *string `json:"id,omitempty"` // Type of payload. - Type *HistoricalJobDataType `json:"type,omitempty"` + Type *ThreatHuntingJobDataType `json:"type,omitempty"` // UnparsedObject contains the raw value of the object if there was an error when deserializing into the struct UnparsedObject map[string]interface{} `json:"-"` AdditionalProperties map[string]interface{} `json:"-"` @@ -65,9 +65,9 @@ func (o *JobCreateResponseData) SetId(v string) { } // GetType returns the Type field value if set, zero value otherwise. -func (o *JobCreateResponseData) GetType() HistoricalJobDataType { +func (o *JobCreateResponseData) GetType() ThreatHuntingJobDataType { if o == nil || o.Type == nil { - var ret HistoricalJobDataType + var ret ThreatHuntingJobDataType return ret } return *o.Type @@ -75,7 +75,7 @@ func (o *JobCreateResponseData) GetType() HistoricalJobDataType { // GetTypeOk returns a tuple with the Type field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *JobCreateResponseData) GetTypeOk() (*HistoricalJobDataType, bool) { +func (o *JobCreateResponseData) GetTypeOk() (*ThreatHuntingJobDataType, bool) { if o == nil || o.Type == nil { return nil, false } @@ -87,8 +87,8 @@ func (o *JobCreateResponseData) HasType() bool { return o != nil && o.Type != nil } -// SetType gets a reference to the given HistoricalJobDataType and assigns it to the Type field. -func (o *JobCreateResponseData) SetType(v HistoricalJobDataType) { +// SetType gets a reference to the given ThreatHuntingJobDataType and assigns it to the Type field. +func (o *JobCreateResponseData) SetType(v ThreatHuntingJobDataType) { o.Type = &v } @@ -114,8 +114,8 @@ func (o JobCreateResponseData) MarshalJSON() ([]byte, error) { // UnmarshalJSON deserializes the given payload. func (o *JobCreateResponseData) UnmarshalJSON(bytes []byte) (err error) { all := struct { - Id *string `json:"id,omitempty"` - Type *HistoricalJobDataType `json:"type,omitempty"` + Id *string `json:"id,omitempty"` + Type *ThreatHuntingJobDataType `json:"type,omitempty"` }{} if err = datadog.Unmarshal(bytes, &all); err != nil { return datadog.Unmarshal(bytes, &o.UnparsedObject) diff --git a/api/datadogV2/model_job_definition.go b/api/datadogV2/model_job_definition.go index 70428bfa83e..2f661bf71f5 100644 --- a/api/datadogV2/model_job_definition.go +++ b/api/datadogV2/model_job_definition.go @@ -10,7 +10,7 @@ import ( "github.com/DataDog/datadog-api-client-go/v2/api/datadog" ) -// JobDefinition Definition of a historical job. +// JobDefinition Definition of a threat hunting job. type JobDefinition struct { // Calculated fields. CalculatedFields []CalculatedField `json:"calculatedFields,omitempty"` @@ -27,9 +27,9 @@ type JobDefinition struct { // Job name. Name string `json:"name"` // Job options. - Options *HistoricalJobOptions `json:"options,omitempty"` + Options *ThreatHuntingJobOptions `json:"options,omitempty"` // Queries for selecting logs analyzed by the job. - Queries []HistoricalJobQuery `json:"queries"` + Queries []ThreatHuntingJobQuery `json:"queries"` // Reference tables used in the queries. ReferenceTables []SecurityMonitoringReferenceTable `json:"referenceTables,omitempty"` // Tags for generated signals. @@ -49,7 +49,7 @@ type JobDefinition struct { // This constructor will assign default values to properties that have it defined, // and makes sure properties required by API are set, but the set of arguments // will change when the set of required properties is changed. -func NewJobDefinition(cases []SecurityMonitoringRuleCaseCreate, from int64, index string, message string, name string, queries []HistoricalJobQuery, to int64) *JobDefinition { +func NewJobDefinition(cases []SecurityMonitoringRuleCaseCreate, from int64, index string, message string, name string, queries []ThreatHuntingJobQuery, to int64) *JobDefinition { this := JobDefinition{} this.Cases = cases this.From = from @@ -241,9 +241,9 @@ func (o *JobDefinition) SetName(v string) { } // GetOptions returns the Options field value if set, zero value otherwise. -func (o *JobDefinition) GetOptions() HistoricalJobOptions { +func (o *JobDefinition) GetOptions() ThreatHuntingJobOptions { if o == nil || o.Options == nil { - var ret HistoricalJobOptions + var ret ThreatHuntingJobOptions return ret } return *o.Options @@ -251,7 +251,7 @@ func (o *JobDefinition) GetOptions() HistoricalJobOptions { // GetOptionsOk returns a tuple with the Options field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *JobDefinition) GetOptionsOk() (*HistoricalJobOptions, bool) { +func (o *JobDefinition) GetOptionsOk() (*ThreatHuntingJobOptions, bool) { if o == nil || o.Options == nil { return nil, false } @@ -263,15 +263,15 @@ func (o *JobDefinition) HasOptions() bool { return o != nil && o.Options != nil } -// SetOptions gets a reference to the given HistoricalJobOptions and assigns it to the Options field. -func (o *JobDefinition) SetOptions(v HistoricalJobOptions) { +// SetOptions gets a reference to the given ThreatHuntingJobOptions and assigns it to the Options field. +func (o *JobDefinition) SetOptions(v ThreatHuntingJobOptions) { o.Options = &v } // GetQueries returns the Queries field value. -func (o *JobDefinition) GetQueries() []HistoricalJobQuery { +func (o *JobDefinition) GetQueries() []ThreatHuntingJobQuery { if o == nil { - var ret []HistoricalJobQuery + var ret []ThreatHuntingJobQuery return ret } return o.Queries @@ -279,7 +279,7 @@ func (o *JobDefinition) GetQueries() []HistoricalJobQuery { // GetQueriesOk returns a tuple with the Queries field value // and a boolean to check if the value has been set. -func (o *JobDefinition) GetQueriesOk() (*[]HistoricalJobQuery, bool) { +func (o *JobDefinition) GetQueriesOk() (*[]ThreatHuntingJobQuery, bool) { if o == nil { return nil, false } @@ -287,7 +287,7 @@ func (o *JobDefinition) GetQueriesOk() (*[]HistoricalJobQuery, bool) { } // SetQueries sets field value. -func (o *JobDefinition) SetQueries(v []HistoricalJobQuery) { +func (o *JobDefinition) SetQueries(v []ThreatHuntingJobQuery) { o.Queries = v } @@ -477,8 +477,8 @@ func (o *JobDefinition) UnmarshalJSON(bytes []byte) (err error) { Index *string `json:"index"` Message *string `json:"message"` Name *string `json:"name"` - Options *HistoricalJobOptions `json:"options,omitempty"` - Queries *[]HistoricalJobQuery `json:"queries"` + Options *ThreatHuntingJobOptions `json:"options,omitempty"` + Queries *[]ThreatHuntingJobQuery `json:"queries"` ReferenceTables []SecurityMonitoringReferenceTable `json:"referenceTables,omitempty"` Tags []string `json:"tags,omitempty"` ThirdPartyCases []SecurityMonitoringThirdPartyRuleCaseCreate `json:"thirdPartyCases,omitempty"` diff --git a/api/datadogV2/model_job_definition_from_rule.go b/api/datadogV2/model_job_definition_from_rule.go index 87e0b74d732..cf8bb20774e 100644 --- a/api/datadogV2/model_job_definition_from_rule.go +++ b/api/datadogV2/model_job_definition_from_rule.go @@ -10,7 +10,7 @@ import ( "github.com/DataDog/datadog-api-client-go/v2/api/datadog" ) -// JobDefinitionFromRule Definition of a historical job based on a security monitoring rule. +// JobDefinitionFromRule Definition of a threat hunting job based on a security monitoring rule. type JobDefinitionFromRule struct { // Starting time of data analyzed by the job. From int64 `json:"from"` diff --git a/api/datadogV2/model_list_historical_jobs_response.go b/api/datadogV2/model_list_threat_hunting_jobs_response.go similarity index 61% rename from api/datadogV2/model_list_historical_jobs_response.go rename to api/datadogV2/model_list_threat_hunting_jobs_response.go index 72a437d0ce0..561dc3209ea 100644 --- a/api/datadogV2/model_list_historical_jobs_response.go +++ b/api/datadogV2/model_list_threat_hunting_jobs_response.go @@ -8,38 +8,38 @@ import ( "github.com/DataDog/datadog-api-client-go/v2/api/datadog" ) -// ListHistoricalJobsResponse List of historical jobs. -type ListHistoricalJobsResponse struct { - // Array containing the list of historical jobs. - Data []HistoricalJobResponseData `json:"data,omitempty"` +// ListThreatHuntingJobsResponse List of threat hunting jobs. +type ListThreatHuntingJobsResponse struct { + // Array containing the list of threat hunting jobs. + Data []ThreatHuntingJobResponseData `json:"data,omitempty"` // Metadata about the list of jobs. - Meta *HistoricalJobListMeta `json:"meta,omitempty"` + Meta *ThreatHuntingJobListMeta `json:"meta,omitempty"` // UnparsedObject contains the raw value of the object if there was an error when deserializing into the struct UnparsedObject map[string]interface{} `json:"-"` AdditionalProperties map[string]interface{} `json:"-"` } -// NewListHistoricalJobsResponse instantiates a new ListHistoricalJobsResponse object. +// NewListThreatHuntingJobsResponse instantiates a new ListThreatHuntingJobsResponse object. // This constructor will assign default values to properties that have it defined, // and makes sure properties required by API are set, but the set of arguments // will change when the set of required properties is changed. -func NewListHistoricalJobsResponse() *ListHistoricalJobsResponse { - this := ListHistoricalJobsResponse{} +func NewListThreatHuntingJobsResponse() *ListThreatHuntingJobsResponse { + this := ListThreatHuntingJobsResponse{} return &this } -// NewListHistoricalJobsResponseWithDefaults instantiates a new ListHistoricalJobsResponse object. +// NewListThreatHuntingJobsResponseWithDefaults instantiates a new ListThreatHuntingJobsResponse object. // This constructor will only assign default values to properties that have it defined, // but it doesn't guarantee that properties required by API are set. -func NewListHistoricalJobsResponseWithDefaults() *ListHistoricalJobsResponse { - this := ListHistoricalJobsResponse{} +func NewListThreatHuntingJobsResponseWithDefaults() *ListThreatHuntingJobsResponse { + this := ListThreatHuntingJobsResponse{} return &this } // GetData returns the Data field value if set, zero value otherwise. -func (o *ListHistoricalJobsResponse) GetData() []HistoricalJobResponseData { +func (o *ListThreatHuntingJobsResponse) GetData() []ThreatHuntingJobResponseData { if o == nil || o.Data == nil { - var ret []HistoricalJobResponseData + var ret []ThreatHuntingJobResponseData return ret } return o.Data @@ -47,7 +47,7 @@ func (o *ListHistoricalJobsResponse) GetData() []HistoricalJobResponseData { // GetDataOk returns a tuple with the Data field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *ListHistoricalJobsResponse) GetDataOk() (*[]HistoricalJobResponseData, bool) { +func (o *ListThreatHuntingJobsResponse) GetDataOk() (*[]ThreatHuntingJobResponseData, bool) { if o == nil || o.Data == nil { return nil, false } @@ -55,19 +55,19 @@ func (o *ListHistoricalJobsResponse) GetDataOk() (*[]HistoricalJobResponseData, } // HasData returns a boolean if a field has been set. -func (o *ListHistoricalJobsResponse) HasData() bool { +func (o *ListThreatHuntingJobsResponse) HasData() bool { return o != nil && o.Data != nil } -// SetData gets a reference to the given []HistoricalJobResponseData and assigns it to the Data field. -func (o *ListHistoricalJobsResponse) SetData(v []HistoricalJobResponseData) { +// SetData gets a reference to the given []ThreatHuntingJobResponseData and assigns it to the Data field. +func (o *ListThreatHuntingJobsResponse) SetData(v []ThreatHuntingJobResponseData) { o.Data = v } // GetMeta returns the Meta field value if set, zero value otherwise. -func (o *ListHistoricalJobsResponse) GetMeta() HistoricalJobListMeta { +func (o *ListThreatHuntingJobsResponse) GetMeta() ThreatHuntingJobListMeta { if o == nil || o.Meta == nil { - var ret HistoricalJobListMeta + var ret ThreatHuntingJobListMeta return ret } return *o.Meta @@ -75,7 +75,7 @@ func (o *ListHistoricalJobsResponse) GetMeta() HistoricalJobListMeta { // GetMetaOk returns a tuple with the Meta field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *ListHistoricalJobsResponse) GetMetaOk() (*HistoricalJobListMeta, bool) { +func (o *ListThreatHuntingJobsResponse) GetMetaOk() (*ThreatHuntingJobListMeta, bool) { if o == nil || o.Meta == nil { return nil, false } @@ -83,17 +83,17 @@ func (o *ListHistoricalJobsResponse) GetMetaOk() (*HistoricalJobListMeta, bool) } // HasMeta returns a boolean if a field has been set. -func (o *ListHistoricalJobsResponse) HasMeta() bool { +func (o *ListThreatHuntingJobsResponse) HasMeta() bool { return o != nil && o.Meta != nil } -// SetMeta gets a reference to the given HistoricalJobListMeta and assigns it to the Meta field. -func (o *ListHistoricalJobsResponse) SetMeta(v HistoricalJobListMeta) { +// SetMeta gets a reference to the given ThreatHuntingJobListMeta and assigns it to the Meta field. +func (o *ListThreatHuntingJobsResponse) SetMeta(v ThreatHuntingJobListMeta) { o.Meta = &v } // MarshalJSON serializes the struct using spec logic. -func (o ListHistoricalJobsResponse) MarshalJSON() ([]byte, error) { +func (o ListThreatHuntingJobsResponse) MarshalJSON() ([]byte, error) { toSerialize := map[string]interface{}{} if o.UnparsedObject != nil { return datadog.Marshal(o.UnparsedObject) @@ -112,10 +112,10 @@ func (o ListHistoricalJobsResponse) MarshalJSON() ([]byte, error) { } // UnmarshalJSON deserializes the given payload. -func (o *ListHistoricalJobsResponse) UnmarshalJSON(bytes []byte) (err error) { +func (o *ListThreatHuntingJobsResponse) UnmarshalJSON(bytes []byte) (err error) { all := struct { - Data []HistoricalJobResponseData `json:"data,omitempty"` - Meta *HistoricalJobListMeta `json:"meta,omitempty"` + Data []ThreatHuntingJobResponseData `json:"data,omitempty"` + Meta *ThreatHuntingJobListMeta `json:"meta,omitempty"` }{} if err = datadog.Unmarshal(bytes, &all); err != nil { return datadog.Unmarshal(bytes, &o.UnparsedObject) diff --git a/api/datadogV2/model_run_historical_job_request_data_type.go b/api/datadogV2/model_run_historical_job_request_data_type.go deleted file mode 100644 index b89c9fb60cf..00000000000 --- a/api/datadogV2/model_run_historical_job_request_data_type.go +++ /dev/null @@ -1,64 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2019-Present Datadog, Inc. - -package datadogV2 - -import ( - "fmt" - - "github.com/DataDog/datadog-api-client-go/v2/api/datadog" -) - -// RunHistoricalJobRequestDataType Type of data. -type RunHistoricalJobRequestDataType string - -// List of RunHistoricalJobRequestDataType. -const ( - RUNHISTORICALJOBREQUESTDATATYPE_HISTORICALDETECTIONSJOBCREATE RunHistoricalJobRequestDataType = "historicalDetectionsJobCreate" -) - -var allowedRunHistoricalJobRequestDataTypeEnumValues = []RunHistoricalJobRequestDataType{ - RUNHISTORICALJOBREQUESTDATATYPE_HISTORICALDETECTIONSJOBCREATE, -} - -// GetAllowedValues reeturns the list of possible values. -func (v *RunHistoricalJobRequestDataType) GetAllowedValues() []RunHistoricalJobRequestDataType { - return allowedRunHistoricalJobRequestDataTypeEnumValues -} - -// UnmarshalJSON deserializes the given payload. -func (v *RunHistoricalJobRequestDataType) UnmarshalJSON(src []byte) error { - var value string - err := datadog.Unmarshal(src, &value) - if err != nil { - return err - } - *v = RunHistoricalJobRequestDataType(value) - return nil -} - -// NewRunHistoricalJobRequestDataTypeFromValue returns a pointer to a valid RunHistoricalJobRequestDataType -// for the value passed as argument, or an error if the value passed is not allowed by the enum. -func NewRunHistoricalJobRequestDataTypeFromValue(v string) (*RunHistoricalJobRequestDataType, error) { - ev := RunHistoricalJobRequestDataType(v) - if ev.IsValid() { - return &ev, nil - } - return nil, fmt.Errorf("invalid value '%v' for RunHistoricalJobRequestDataType: valid values are %v", v, allowedRunHistoricalJobRequestDataTypeEnumValues) -} - -// IsValid return true if the value is valid for the enum, false otherwise. -func (v RunHistoricalJobRequestDataType) IsValid() bool { - for _, existing := range allowedRunHistoricalJobRequestDataTypeEnumValues { - if existing == v { - return true - } - } - return false -} - -// Ptr returns reference to RunHistoricalJobRequestDataType value. -func (v RunHistoricalJobRequestDataType) Ptr() *RunHistoricalJobRequestDataType { - return &v -} diff --git a/api/datadogV2/model_run_historical_job_request.go b/api/datadogV2/model_run_threat_hunting_job_request.go similarity index 66% rename from api/datadogV2/model_run_historical_job_request.go rename to api/datadogV2/model_run_threat_hunting_job_request.go index 09b1773bdf5..c8c7a2ce8c2 100644 --- a/api/datadogV2/model_run_historical_job_request.go +++ b/api/datadogV2/model_run_threat_hunting_job_request.go @@ -8,36 +8,36 @@ import ( "github.com/DataDog/datadog-api-client-go/v2/api/datadog" ) -// RunHistoricalJobRequest Run a historical job request. -type RunHistoricalJobRequest struct { - // Data for running a historical job request. - Data *RunHistoricalJobRequestData `json:"data,omitempty"` +// RunThreatHuntingJobRequest Run a threat hunting job request. +type RunThreatHuntingJobRequest struct { + // Data for running a threat hunting job request. + Data *RunThreatHuntingJobRequestData `json:"data,omitempty"` // UnparsedObject contains the raw value of the object if there was an error when deserializing into the struct UnparsedObject map[string]interface{} `json:"-"` AdditionalProperties map[string]interface{} `json:"-"` } -// NewRunHistoricalJobRequest instantiates a new RunHistoricalJobRequest object. +// NewRunThreatHuntingJobRequest instantiates a new RunThreatHuntingJobRequest object. // This constructor will assign default values to properties that have it defined, // and makes sure properties required by API are set, but the set of arguments // will change when the set of required properties is changed. -func NewRunHistoricalJobRequest() *RunHistoricalJobRequest { - this := RunHistoricalJobRequest{} +func NewRunThreatHuntingJobRequest() *RunThreatHuntingJobRequest { + this := RunThreatHuntingJobRequest{} return &this } -// NewRunHistoricalJobRequestWithDefaults instantiates a new RunHistoricalJobRequest object. +// NewRunThreatHuntingJobRequestWithDefaults instantiates a new RunThreatHuntingJobRequest object. // This constructor will only assign default values to properties that have it defined, // but it doesn't guarantee that properties required by API are set. -func NewRunHistoricalJobRequestWithDefaults() *RunHistoricalJobRequest { - this := RunHistoricalJobRequest{} +func NewRunThreatHuntingJobRequestWithDefaults() *RunThreatHuntingJobRequest { + this := RunThreatHuntingJobRequest{} return &this } // GetData returns the Data field value if set, zero value otherwise. -func (o *RunHistoricalJobRequest) GetData() RunHistoricalJobRequestData { +func (o *RunThreatHuntingJobRequest) GetData() RunThreatHuntingJobRequestData { if o == nil || o.Data == nil { - var ret RunHistoricalJobRequestData + var ret RunThreatHuntingJobRequestData return ret } return *o.Data @@ -45,7 +45,7 @@ func (o *RunHistoricalJobRequest) GetData() RunHistoricalJobRequestData { // GetDataOk returns a tuple with the Data field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *RunHistoricalJobRequest) GetDataOk() (*RunHistoricalJobRequestData, bool) { +func (o *RunThreatHuntingJobRequest) GetDataOk() (*RunThreatHuntingJobRequestData, bool) { if o == nil || o.Data == nil { return nil, false } @@ -53,17 +53,17 @@ func (o *RunHistoricalJobRequest) GetDataOk() (*RunHistoricalJobRequestData, boo } // HasData returns a boolean if a field has been set. -func (o *RunHistoricalJobRequest) HasData() bool { +func (o *RunThreatHuntingJobRequest) HasData() bool { return o != nil && o.Data != nil } -// SetData gets a reference to the given RunHistoricalJobRequestData and assigns it to the Data field. -func (o *RunHistoricalJobRequest) SetData(v RunHistoricalJobRequestData) { +// SetData gets a reference to the given RunThreatHuntingJobRequestData and assigns it to the Data field. +func (o *RunThreatHuntingJobRequest) SetData(v RunThreatHuntingJobRequestData) { o.Data = &v } // MarshalJSON serializes the struct using spec logic. -func (o RunHistoricalJobRequest) MarshalJSON() ([]byte, error) { +func (o RunThreatHuntingJobRequest) MarshalJSON() ([]byte, error) { toSerialize := map[string]interface{}{} if o.UnparsedObject != nil { return datadog.Marshal(o.UnparsedObject) @@ -79,9 +79,9 @@ func (o RunHistoricalJobRequest) MarshalJSON() ([]byte, error) { } // UnmarshalJSON deserializes the given payload. -func (o *RunHistoricalJobRequest) UnmarshalJSON(bytes []byte) (err error) { +func (o *RunThreatHuntingJobRequest) UnmarshalJSON(bytes []byte) (err error) { all := struct { - Data *RunHistoricalJobRequestData `json:"data,omitempty"` + Data *RunThreatHuntingJobRequestData `json:"data,omitempty"` }{} if err = datadog.Unmarshal(bytes, &all); err != nil { return datadog.Unmarshal(bytes, &o.UnparsedObject) diff --git a/api/datadogV2/model_run_historical_job_request_attributes.go b/api/datadogV2/model_run_threat_hunting_job_request_attributes.go similarity index 71% rename from api/datadogV2/model_run_historical_job_request_attributes.go rename to api/datadogV2/model_run_threat_hunting_job_request_attributes.go index ddbe860d4f4..b5f8b170a3d 100644 --- a/api/datadogV2/model_run_historical_job_request_attributes.go +++ b/api/datadogV2/model_run_threat_hunting_job_request_attributes.go @@ -8,38 +8,38 @@ import ( "github.com/DataDog/datadog-api-client-go/v2/api/datadog" ) -// RunHistoricalJobRequestAttributes Run a historical job request. -type RunHistoricalJobRequestAttributes struct { - // Definition of a historical job based on a security monitoring rule. +// RunThreatHuntingJobRequestAttributes Run a threat hunting job request. +type RunThreatHuntingJobRequestAttributes struct { + // Definition of a threat hunting job based on a security monitoring rule. FromRule *JobDefinitionFromRule `json:"fromRule,omitempty"` // Request ID. Id *string `json:"id,omitempty"` - // Definition of a historical job. + // Definition of a threat hunting job. JobDefinition *JobDefinition `json:"jobDefinition,omitempty"` // UnparsedObject contains the raw value of the object if there was an error when deserializing into the struct UnparsedObject map[string]interface{} `json:"-"` AdditionalProperties map[string]interface{} `json:"-"` } -// NewRunHistoricalJobRequestAttributes instantiates a new RunHistoricalJobRequestAttributes object. +// NewRunThreatHuntingJobRequestAttributes instantiates a new RunThreatHuntingJobRequestAttributes object. // This constructor will assign default values to properties that have it defined, // and makes sure properties required by API are set, but the set of arguments // will change when the set of required properties is changed. -func NewRunHistoricalJobRequestAttributes() *RunHistoricalJobRequestAttributes { - this := RunHistoricalJobRequestAttributes{} +func NewRunThreatHuntingJobRequestAttributes() *RunThreatHuntingJobRequestAttributes { + this := RunThreatHuntingJobRequestAttributes{} return &this } -// NewRunHistoricalJobRequestAttributesWithDefaults instantiates a new RunHistoricalJobRequestAttributes object. +// NewRunThreatHuntingJobRequestAttributesWithDefaults instantiates a new RunThreatHuntingJobRequestAttributes object. // This constructor will only assign default values to properties that have it defined, // but it doesn't guarantee that properties required by API are set. -func NewRunHistoricalJobRequestAttributesWithDefaults() *RunHistoricalJobRequestAttributes { - this := RunHistoricalJobRequestAttributes{} +func NewRunThreatHuntingJobRequestAttributesWithDefaults() *RunThreatHuntingJobRequestAttributes { + this := RunThreatHuntingJobRequestAttributes{} return &this } // GetFromRule returns the FromRule field value if set, zero value otherwise. -func (o *RunHistoricalJobRequestAttributes) GetFromRule() JobDefinitionFromRule { +func (o *RunThreatHuntingJobRequestAttributes) GetFromRule() JobDefinitionFromRule { if o == nil || o.FromRule == nil { var ret JobDefinitionFromRule return ret @@ -49,7 +49,7 @@ func (o *RunHistoricalJobRequestAttributes) GetFromRule() JobDefinitionFromRule // GetFromRuleOk returns a tuple with the FromRule field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *RunHistoricalJobRequestAttributes) GetFromRuleOk() (*JobDefinitionFromRule, bool) { +func (o *RunThreatHuntingJobRequestAttributes) GetFromRuleOk() (*JobDefinitionFromRule, bool) { if o == nil || o.FromRule == nil { return nil, false } @@ -57,17 +57,17 @@ func (o *RunHistoricalJobRequestAttributes) GetFromRuleOk() (*JobDefinitionFromR } // HasFromRule returns a boolean if a field has been set. -func (o *RunHistoricalJobRequestAttributes) HasFromRule() bool { +func (o *RunThreatHuntingJobRequestAttributes) HasFromRule() bool { return o != nil && o.FromRule != nil } // SetFromRule gets a reference to the given JobDefinitionFromRule and assigns it to the FromRule field. -func (o *RunHistoricalJobRequestAttributes) SetFromRule(v JobDefinitionFromRule) { +func (o *RunThreatHuntingJobRequestAttributes) SetFromRule(v JobDefinitionFromRule) { o.FromRule = &v } // GetId returns the Id field value if set, zero value otherwise. -func (o *RunHistoricalJobRequestAttributes) GetId() string { +func (o *RunThreatHuntingJobRequestAttributes) GetId() string { if o == nil || o.Id == nil { var ret string return ret @@ -77,7 +77,7 @@ func (o *RunHistoricalJobRequestAttributes) GetId() string { // GetIdOk returns a tuple with the Id field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *RunHistoricalJobRequestAttributes) GetIdOk() (*string, bool) { +func (o *RunThreatHuntingJobRequestAttributes) GetIdOk() (*string, bool) { if o == nil || o.Id == nil { return nil, false } @@ -85,17 +85,17 @@ func (o *RunHistoricalJobRequestAttributes) GetIdOk() (*string, bool) { } // HasId returns a boolean if a field has been set. -func (o *RunHistoricalJobRequestAttributes) HasId() bool { +func (o *RunThreatHuntingJobRequestAttributes) HasId() bool { return o != nil && o.Id != nil } // SetId gets a reference to the given string and assigns it to the Id field. -func (o *RunHistoricalJobRequestAttributes) SetId(v string) { +func (o *RunThreatHuntingJobRequestAttributes) SetId(v string) { o.Id = &v } // GetJobDefinition returns the JobDefinition field value if set, zero value otherwise. -func (o *RunHistoricalJobRequestAttributes) GetJobDefinition() JobDefinition { +func (o *RunThreatHuntingJobRequestAttributes) GetJobDefinition() JobDefinition { if o == nil || o.JobDefinition == nil { var ret JobDefinition return ret @@ -105,7 +105,7 @@ func (o *RunHistoricalJobRequestAttributes) GetJobDefinition() JobDefinition { // GetJobDefinitionOk returns a tuple with the JobDefinition field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *RunHistoricalJobRequestAttributes) GetJobDefinitionOk() (*JobDefinition, bool) { +func (o *RunThreatHuntingJobRequestAttributes) GetJobDefinitionOk() (*JobDefinition, bool) { if o == nil || o.JobDefinition == nil { return nil, false } @@ -113,17 +113,17 @@ func (o *RunHistoricalJobRequestAttributes) GetJobDefinitionOk() (*JobDefinition } // HasJobDefinition returns a boolean if a field has been set. -func (o *RunHistoricalJobRequestAttributes) HasJobDefinition() bool { +func (o *RunThreatHuntingJobRequestAttributes) HasJobDefinition() bool { return o != nil && o.JobDefinition != nil } // SetJobDefinition gets a reference to the given JobDefinition and assigns it to the JobDefinition field. -func (o *RunHistoricalJobRequestAttributes) SetJobDefinition(v JobDefinition) { +func (o *RunThreatHuntingJobRequestAttributes) SetJobDefinition(v JobDefinition) { o.JobDefinition = &v } // MarshalJSON serializes the struct using spec logic. -func (o RunHistoricalJobRequestAttributes) MarshalJSON() ([]byte, error) { +func (o RunThreatHuntingJobRequestAttributes) MarshalJSON() ([]byte, error) { toSerialize := map[string]interface{}{} if o.UnparsedObject != nil { return datadog.Marshal(o.UnparsedObject) @@ -145,7 +145,7 @@ func (o RunHistoricalJobRequestAttributes) MarshalJSON() ([]byte, error) { } // UnmarshalJSON deserializes the given payload. -func (o *RunHistoricalJobRequestAttributes) UnmarshalJSON(bytes []byte) (err error) { +func (o *RunThreatHuntingJobRequestAttributes) UnmarshalJSON(bytes []byte) (err error) { all := struct { FromRule *JobDefinitionFromRule `json:"fromRule,omitempty"` Id *string `json:"id,omitempty"` diff --git a/api/datadogV2/model_run_historical_job_request_data.go b/api/datadogV2/model_run_threat_hunting_job_request_data.go similarity index 60% rename from api/datadogV2/model_run_historical_job_request_data.go rename to api/datadogV2/model_run_threat_hunting_job_request_data.go index 15e2baa742d..026ead758a7 100644 --- a/api/datadogV2/model_run_historical_job_request_data.go +++ b/api/datadogV2/model_run_threat_hunting_job_request_data.go @@ -8,38 +8,38 @@ import ( "github.com/DataDog/datadog-api-client-go/v2/api/datadog" ) -// RunHistoricalJobRequestData Data for running a historical job request. -type RunHistoricalJobRequestData struct { - // Run a historical job request. - Attributes *RunHistoricalJobRequestAttributes `json:"attributes,omitempty"` +// RunThreatHuntingJobRequestData Data for running a threat hunting job request. +type RunThreatHuntingJobRequestData struct { + // Run a threat hunting job request. + Attributes *RunThreatHuntingJobRequestAttributes `json:"attributes,omitempty"` // Type of data. - Type *RunHistoricalJobRequestDataType `json:"type,omitempty"` + Type *RunThreatHuntingJobRequestDataType `json:"type,omitempty"` // UnparsedObject contains the raw value of the object if there was an error when deserializing into the struct UnparsedObject map[string]interface{} `json:"-"` AdditionalProperties map[string]interface{} `json:"-"` } -// NewRunHistoricalJobRequestData instantiates a new RunHistoricalJobRequestData object. +// NewRunThreatHuntingJobRequestData instantiates a new RunThreatHuntingJobRequestData object. // This constructor will assign default values to properties that have it defined, // and makes sure properties required by API are set, but the set of arguments // will change when the set of required properties is changed. -func NewRunHistoricalJobRequestData() *RunHistoricalJobRequestData { - this := RunHistoricalJobRequestData{} +func NewRunThreatHuntingJobRequestData() *RunThreatHuntingJobRequestData { + this := RunThreatHuntingJobRequestData{} return &this } -// NewRunHistoricalJobRequestDataWithDefaults instantiates a new RunHistoricalJobRequestData object. +// NewRunThreatHuntingJobRequestDataWithDefaults instantiates a new RunThreatHuntingJobRequestData object. // This constructor will only assign default values to properties that have it defined, // but it doesn't guarantee that properties required by API are set. -func NewRunHistoricalJobRequestDataWithDefaults() *RunHistoricalJobRequestData { - this := RunHistoricalJobRequestData{} +func NewRunThreatHuntingJobRequestDataWithDefaults() *RunThreatHuntingJobRequestData { + this := RunThreatHuntingJobRequestData{} return &this } // GetAttributes returns the Attributes field value if set, zero value otherwise. -func (o *RunHistoricalJobRequestData) GetAttributes() RunHistoricalJobRequestAttributes { +func (o *RunThreatHuntingJobRequestData) GetAttributes() RunThreatHuntingJobRequestAttributes { if o == nil || o.Attributes == nil { - var ret RunHistoricalJobRequestAttributes + var ret RunThreatHuntingJobRequestAttributes return ret } return *o.Attributes @@ -47,7 +47,7 @@ func (o *RunHistoricalJobRequestData) GetAttributes() RunHistoricalJobRequestAtt // GetAttributesOk returns a tuple with the Attributes field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *RunHistoricalJobRequestData) GetAttributesOk() (*RunHistoricalJobRequestAttributes, bool) { +func (o *RunThreatHuntingJobRequestData) GetAttributesOk() (*RunThreatHuntingJobRequestAttributes, bool) { if o == nil || o.Attributes == nil { return nil, false } @@ -55,19 +55,19 @@ func (o *RunHistoricalJobRequestData) GetAttributesOk() (*RunHistoricalJobReques } // HasAttributes returns a boolean if a field has been set. -func (o *RunHistoricalJobRequestData) HasAttributes() bool { +func (o *RunThreatHuntingJobRequestData) HasAttributes() bool { return o != nil && o.Attributes != nil } -// SetAttributes gets a reference to the given RunHistoricalJobRequestAttributes and assigns it to the Attributes field. -func (o *RunHistoricalJobRequestData) SetAttributes(v RunHistoricalJobRequestAttributes) { +// SetAttributes gets a reference to the given RunThreatHuntingJobRequestAttributes and assigns it to the Attributes field. +func (o *RunThreatHuntingJobRequestData) SetAttributes(v RunThreatHuntingJobRequestAttributes) { o.Attributes = &v } // GetType returns the Type field value if set, zero value otherwise. -func (o *RunHistoricalJobRequestData) GetType() RunHistoricalJobRequestDataType { +func (o *RunThreatHuntingJobRequestData) GetType() RunThreatHuntingJobRequestDataType { if o == nil || o.Type == nil { - var ret RunHistoricalJobRequestDataType + var ret RunThreatHuntingJobRequestDataType return ret } return *o.Type @@ -75,7 +75,7 @@ func (o *RunHistoricalJobRequestData) GetType() RunHistoricalJobRequestDataType // GetTypeOk returns a tuple with the Type field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *RunHistoricalJobRequestData) GetTypeOk() (*RunHistoricalJobRequestDataType, bool) { +func (o *RunThreatHuntingJobRequestData) GetTypeOk() (*RunThreatHuntingJobRequestDataType, bool) { if o == nil || o.Type == nil { return nil, false } @@ -83,17 +83,17 @@ func (o *RunHistoricalJobRequestData) GetTypeOk() (*RunHistoricalJobRequestDataT } // HasType returns a boolean if a field has been set. -func (o *RunHistoricalJobRequestData) HasType() bool { +func (o *RunThreatHuntingJobRequestData) HasType() bool { return o != nil && o.Type != nil } -// SetType gets a reference to the given RunHistoricalJobRequestDataType and assigns it to the Type field. -func (o *RunHistoricalJobRequestData) SetType(v RunHistoricalJobRequestDataType) { +// SetType gets a reference to the given RunThreatHuntingJobRequestDataType and assigns it to the Type field. +func (o *RunThreatHuntingJobRequestData) SetType(v RunThreatHuntingJobRequestDataType) { o.Type = &v } // MarshalJSON serializes the struct using spec logic. -func (o RunHistoricalJobRequestData) MarshalJSON() ([]byte, error) { +func (o RunThreatHuntingJobRequestData) MarshalJSON() ([]byte, error) { toSerialize := map[string]interface{}{} if o.UnparsedObject != nil { return datadog.Marshal(o.UnparsedObject) @@ -112,10 +112,10 @@ func (o RunHistoricalJobRequestData) MarshalJSON() ([]byte, error) { } // UnmarshalJSON deserializes the given payload. -func (o *RunHistoricalJobRequestData) UnmarshalJSON(bytes []byte) (err error) { +func (o *RunThreatHuntingJobRequestData) UnmarshalJSON(bytes []byte) (err error) { all := struct { - Attributes *RunHistoricalJobRequestAttributes `json:"attributes,omitempty"` - Type *RunHistoricalJobRequestDataType `json:"type,omitempty"` + Attributes *RunThreatHuntingJobRequestAttributes `json:"attributes,omitempty"` + Type *RunThreatHuntingJobRequestDataType `json:"type,omitempty"` }{} if err = datadog.Unmarshal(bytes, &all); err != nil { return datadog.Unmarshal(bytes, &o.UnparsedObject) diff --git a/api/datadogV2/model_run_threat_hunting_job_request_data_type.go b/api/datadogV2/model_run_threat_hunting_job_request_data_type.go new file mode 100644 index 00000000000..5d10dc1cdc8 --- /dev/null +++ b/api/datadogV2/model_run_threat_hunting_job_request_data_type.go @@ -0,0 +1,64 @@ +// Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2019-Present Datadog, Inc. + +package datadogV2 + +import ( + "fmt" + + "github.com/DataDog/datadog-api-client-go/v2/api/datadog" +) + +// RunThreatHuntingJobRequestDataType Type of data. +type RunThreatHuntingJobRequestDataType string + +// List of RunThreatHuntingJobRequestDataType. +const ( + RUNTHREATHUNTINGJOBREQUESTDATATYPE_HISTORICALDETECTIONSJOBCREATE RunThreatHuntingJobRequestDataType = "historicalDetectionsJobCreate" +) + +var allowedRunThreatHuntingJobRequestDataTypeEnumValues = []RunThreatHuntingJobRequestDataType{ + RUNTHREATHUNTINGJOBREQUESTDATATYPE_HISTORICALDETECTIONSJOBCREATE, +} + +// GetAllowedValues reeturns the list of possible values. +func (v *RunThreatHuntingJobRequestDataType) GetAllowedValues() []RunThreatHuntingJobRequestDataType { + return allowedRunThreatHuntingJobRequestDataTypeEnumValues +} + +// UnmarshalJSON deserializes the given payload. +func (v *RunThreatHuntingJobRequestDataType) UnmarshalJSON(src []byte) error { + var value string + err := datadog.Unmarshal(src, &value) + if err != nil { + return err + } + *v = RunThreatHuntingJobRequestDataType(value) + return nil +} + +// NewRunThreatHuntingJobRequestDataTypeFromValue returns a pointer to a valid RunThreatHuntingJobRequestDataType +// for the value passed as argument, or an error if the value passed is not allowed by the enum. +func NewRunThreatHuntingJobRequestDataTypeFromValue(v string) (*RunThreatHuntingJobRequestDataType, error) { + ev := RunThreatHuntingJobRequestDataType(v) + if ev.IsValid() { + return &ev, nil + } + return nil, fmt.Errorf("invalid value '%v' for RunThreatHuntingJobRequestDataType: valid values are %v", v, allowedRunThreatHuntingJobRequestDataTypeEnumValues) +} + +// IsValid return true if the value is valid for the enum, false otherwise. +func (v RunThreatHuntingJobRequestDataType) IsValid() bool { + for _, existing := range allowedRunThreatHuntingJobRequestDataTypeEnumValues { + if existing == v { + return true + } + } + return false +} + +// Ptr returns reference to RunThreatHuntingJobRequestDataType value. +func (v RunThreatHuntingJobRequestDataType) Ptr() *RunThreatHuntingJobRequestDataType { + return &v +} diff --git a/api/datadogV2/model_threat_hunting_job_data_type.go b/api/datadogV2/model_threat_hunting_job_data_type.go new file mode 100644 index 00000000000..b1755e32986 --- /dev/null +++ b/api/datadogV2/model_threat_hunting_job_data_type.go @@ -0,0 +1,64 @@ +// Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2019-Present Datadog, Inc. + +package datadogV2 + +import ( + "fmt" + + "github.com/DataDog/datadog-api-client-go/v2/api/datadog" +) + +// ThreatHuntingJobDataType Type of payload. +type ThreatHuntingJobDataType string + +// List of ThreatHuntingJobDataType. +const ( + THREATHUNTINGJOBDATATYPE_HISTORICALDETECTIONSJOB ThreatHuntingJobDataType = "historicalDetectionsJob" +) + +var allowedThreatHuntingJobDataTypeEnumValues = []ThreatHuntingJobDataType{ + THREATHUNTINGJOBDATATYPE_HISTORICALDETECTIONSJOB, +} + +// GetAllowedValues reeturns the list of possible values. +func (v *ThreatHuntingJobDataType) GetAllowedValues() []ThreatHuntingJobDataType { + return allowedThreatHuntingJobDataTypeEnumValues +} + +// UnmarshalJSON deserializes the given payload. +func (v *ThreatHuntingJobDataType) UnmarshalJSON(src []byte) error { + var value string + err := datadog.Unmarshal(src, &value) + if err != nil { + return err + } + *v = ThreatHuntingJobDataType(value) + return nil +} + +// NewThreatHuntingJobDataTypeFromValue returns a pointer to a valid ThreatHuntingJobDataType +// for the value passed as argument, or an error if the value passed is not allowed by the enum. +func NewThreatHuntingJobDataTypeFromValue(v string) (*ThreatHuntingJobDataType, error) { + ev := ThreatHuntingJobDataType(v) + if ev.IsValid() { + return &ev, nil + } + return nil, fmt.Errorf("invalid value '%v' for ThreatHuntingJobDataType: valid values are %v", v, allowedThreatHuntingJobDataTypeEnumValues) +} + +// IsValid return true if the value is valid for the enum, false otherwise. +func (v ThreatHuntingJobDataType) IsValid() bool { + for _, existing := range allowedThreatHuntingJobDataTypeEnumValues { + if existing == v { + return true + } + } + return false +} + +// Ptr returns reference to ThreatHuntingJobDataType value. +func (v ThreatHuntingJobDataType) Ptr() *ThreatHuntingJobDataType { + return &v +} diff --git a/api/datadogV2/model_historical_job_list_meta.go b/api/datadogV2/model_threat_hunting_job_list_meta.go similarity index 74% rename from api/datadogV2/model_historical_job_list_meta.go rename to api/datadogV2/model_threat_hunting_job_list_meta.go index 76174babdc5..a343953a7e2 100644 --- a/api/datadogV2/model_historical_job_list_meta.go +++ b/api/datadogV2/model_threat_hunting_job_list_meta.go @@ -8,8 +8,8 @@ import ( "github.com/DataDog/datadog-api-client-go/v2/api/datadog" ) -// HistoricalJobListMeta Metadata about the list of jobs. -type HistoricalJobListMeta struct { +// ThreatHuntingJobListMeta Metadata about the list of jobs. +type ThreatHuntingJobListMeta struct { // Number of jobs in the list. TotalCount *int32 `json:"totalCount,omitempty"` // UnparsedObject contains the raw value of the object if there was an error when deserializing into the struct @@ -17,25 +17,25 @@ type HistoricalJobListMeta struct { AdditionalProperties map[string]interface{} `json:"-"` } -// NewHistoricalJobListMeta instantiates a new HistoricalJobListMeta object. +// NewThreatHuntingJobListMeta instantiates a new ThreatHuntingJobListMeta object. // This constructor will assign default values to properties that have it defined, // and makes sure properties required by API are set, but the set of arguments // will change when the set of required properties is changed. -func NewHistoricalJobListMeta() *HistoricalJobListMeta { - this := HistoricalJobListMeta{} +func NewThreatHuntingJobListMeta() *ThreatHuntingJobListMeta { + this := ThreatHuntingJobListMeta{} return &this } -// NewHistoricalJobListMetaWithDefaults instantiates a new HistoricalJobListMeta object. +// NewThreatHuntingJobListMetaWithDefaults instantiates a new ThreatHuntingJobListMeta object. // This constructor will only assign default values to properties that have it defined, // but it doesn't guarantee that properties required by API are set. -func NewHistoricalJobListMetaWithDefaults() *HistoricalJobListMeta { - this := HistoricalJobListMeta{} +func NewThreatHuntingJobListMetaWithDefaults() *ThreatHuntingJobListMeta { + this := ThreatHuntingJobListMeta{} return &this } // GetTotalCount returns the TotalCount field value if set, zero value otherwise. -func (o *HistoricalJobListMeta) GetTotalCount() int32 { +func (o *ThreatHuntingJobListMeta) GetTotalCount() int32 { if o == nil || o.TotalCount == nil { var ret int32 return ret @@ -45,7 +45,7 @@ func (o *HistoricalJobListMeta) GetTotalCount() int32 { // GetTotalCountOk returns a tuple with the TotalCount field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobListMeta) GetTotalCountOk() (*int32, bool) { +func (o *ThreatHuntingJobListMeta) GetTotalCountOk() (*int32, bool) { if o == nil || o.TotalCount == nil { return nil, false } @@ -53,17 +53,17 @@ func (o *HistoricalJobListMeta) GetTotalCountOk() (*int32, bool) { } // HasTotalCount returns a boolean if a field has been set. -func (o *HistoricalJobListMeta) HasTotalCount() bool { +func (o *ThreatHuntingJobListMeta) HasTotalCount() bool { return o != nil && o.TotalCount != nil } // SetTotalCount gets a reference to the given int32 and assigns it to the TotalCount field. -func (o *HistoricalJobListMeta) SetTotalCount(v int32) { +func (o *ThreatHuntingJobListMeta) SetTotalCount(v int32) { o.TotalCount = &v } // MarshalJSON serializes the struct using spec logic. -func (o HistoricalJobListMeta) MarshalJSON() ([]byte, error) { +func (o ThreatHuntingJobListMeta) MarshalJSON() ([]byte, error) { toSerialize := map[string]interface{}{} if o.UnparsedObject != nil { return datadog.Marshal(o.UnparsedObject) @@ -79,7 +79,7 @@ func (o HistoricalJobListMeta) MarshalJSON() ([]byte, error) { } // UnmarshalJSON deserializes the given payload. -func (o *HistoricalJobListMeta) UnmarshalJSON(bytes []byte) (err error) { +func (o *ThreatHuntingJobListMeta) UnmarshalJSON(bytes []byte) (err error) { all := struct { TotalCount *int32 `json:"totalCount,omitempty"` }{} diff --git a/api/datadogV2/model_historical_job_options.go b/api/datadogV2/model_threat_hunting_job_options.go similarity index 78% rename from api/datadogV2/model_historical_job_options.go rename to api/datadogV2/model_threat_hunting_job_options.go index acd81eb7f54..bc7df0cf85f 100644 --- a/api/datadogV2/model_historical_job_options.go +++ b/api/datadogV2/model_threat_hunting_job_options.go @@ -8,8 +8,8 @@ import ( "github.com/DataDog/datadog-api-client-go/v2/api/datadog" ) -// HistoricalJobOptions Job options. -type HistoricalJobOptions struct { +// ThreatHuntingJobOptions Job options. +type ThreatHuntingJobOptions struct { // The detection method. DetectionMethod *SecurityMonitoringRuleDetectionMethod `json:"detectionMethod,omitempty"` // A time window is specified to match when at least one of the cases matches true. This is a sliding window @@ -34,25 +34,25 @@ type HistoricalJobOptions struct { AdditionalProperties map[string]interface{} `json:"-"` } -// NewHistoricalJobOptions instantiates a new HistoricalJobOptions object. +// NewThreatHuntingJobOptions instantiates a new ThreatHuntingJobOptions object. // This constructor will assign default values to properties that have it defined, // and makes sure properties required by API are set, but the set of arguments // will change when the set of required properties is changed. -func NewHistoricalJobOptions() *HistoricalJobOptions { - this := HistoricalJobOptions{} +func NewThreatHuntingJobOptions() *ThreatHuntingJobOptions { + this := ThreatHuntingJobOptions{} return &this } -// NewHistoricalJobOptionsWithDefaults instantiates a new HistoricalJobOptions object. +// NewThreatHuntingJobOptionsWithDefaults instantiates a new ThreatHuntingJobOptions object. // This constructor will only assign default values to properties that have it defined, // but it doesn't guarantee that properties required by API are set. -func NewHistoricalJobOptionsWithDefaults() *HistoricalJobOptions { - this := HistoricalJobOptions{} +func NewThreatHuntingJobOptionsWithDefaults() *ThreatHuntingJobOptions { + this := ThreatHuntingJobOptions{} return &this } // GetDetectionMethod returns the DetectionMethod field value if set, zero value otherwise. -func (o *HistoricalJobOptions) GetDetectionMethod() SecurityMonitoringRuleDetectionMethod { +func (o *ThreatHuntingJobOptions) GetDetectionMethod() SecurityMonitoringRuleDetectionMethod { if o == nil || o.DetectionMethod == nil { var ret SecurityMonitoringRuleDetectionMethod return ret @@ -62,7 +62,7 @@ func (o *HistoricalJobOptions) GetDetectionMethod() SecurityMonitoringRuleDetect // GetDetectionMethodOk returns a tuple with the DetectionMethod field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobOptions) GetDetectionMethodOk() (*SecurityMonitoringRuleDetectionMethod, bool) { +func (o *ThreatHuntingJobOptions) GetDetectionMethodOk() (*SecurityMonitoringRuleDetectionMethod, bool) { if o == nil || o.DetectionMethod == nil { return nil, false } @@ -70,17 +70,17 @@ func (o *HistoricalJobOptions) GetDetectionMethodOk() (*SecurityMonitoringRuleDe } // HasDetectionMethod returns a boolean if a field has been set. -func (o *HistoricalJobOptions) HasDetectionMethod() bool { +func (o *ThreatHuntingJobOptions) HasDetectionMethod() bool { return o != nil && o.DetectionMethod != nil } // SetDetectionMethod gets a reference to the given SecurityMonitoringRuleDetectionMethod and assigns it to the DetectionMethod field. -func (o *HistoricalJobOptions) SetDetectionMethod(v SecurityMonitoringRuleDetectionMethod) { +func (o *ThreatHuntingJobOptions) SetDetectionMethod(v SecurityMonitoringRuleDetectionMethod) { o.DetectionMethod = &v } // GetEvaluationWindow returns the EvaluationWindow field value if set, zero value otherwise. -func (o *HistoricalJobOptions) GetEvaluationWindow() SecurityMonitoringRuleEvaluationWindow { +func (o *ThreatHuntingJobOptions) GetEvaluationWindow() SecurityMonitoringRuleEvaluationWindow { if o == nil || o.EvaluationWindow == nil { var ret SecurityMonitoringRuleEvaluationWindow return ret @@ -90,7 +90,7 @@ func (o *HistoricalJobOptions) GetEvaluationWindow() SecurityMonitoringRuleEvalu // GetEvaluationWindowOk returns a tuple with the EvaluationWindow field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobOptions) GetEvaluationWindowOk() (*SecurityMonitoringRuleEvaluationWindow, bool) { +func (o *ThreatHuntingJobOptions) GetEvaluationWindowOk() (*SecurityMonitoringRuleEvaluationWindow, bool) { if o == nil || o.EvaluationWindow == nil { return nil, false } @@ -98,17 +98,17 @@ func (o *HistoricalJobOptions) GetEvaluationWindowOk() (*SecurityMonitoringRuleE } // HasEvaluationWindow returns a boolean if a field has been set. -func (o *HistoricalJobOptions) HasEvaluationWindow() bool { +func (o *ThreatHuntingJobOptions) HasEvaluationWindow() bool { return o != nil && o.EvaluationWindow != nil } // SetEvaluationWindow gets a reference to the given SecurityMonitoringRuleEvaluationWindow and assigns it to the EvaluationWindow field. -func (o *HistoricalJobOptions) SetEvaluationWindow(v SecurityMonitoringRuleEvaluationWindow) { +func (o *ThreatHuntingJobOptions) SetEvaluationWindow(v SecurityMonitoringRuleEvaluationWindow) { o.EvaluationWindow = &v } // GetImpossibleTravelOptions returns the ImpossibleTravelOptions field value if set, zero value otherwise. -func (o *HistoricalJobOptions) GetImpossibleTravelOptions() SecurityMonitoringRuleImpossibleTravelOptions { +func (o *ThreatHuntingJobOptions) GetImpossibleTravelOptions() SecurityMonitoringRuleImpossibleTravelOptions { if o == nil || o.ImpossibleTravelOptions == nil { var ret SecurityMonitoringRuleImpossibleTravelOptions return ret @@ -118,7 +118,7 @@ func (o *HistoricalJobOptions) GetImpossibleTravelOptions() SecurityMonitoringRu // GetImpossibleTravelOptionsOk returns a tuple with the ImpossibleTravelOptions field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobOptions) GetImpossibleTravelOptionsOk() (*SecurityMonitoringRuleImpossibleTravelOptions, bool) { +func (o *ThreatHuntingJobOptions) GetImpossibleTravelOptionsOk() (*SecurityMonitoringRuleImpossibleTravelOptions, bool) { if o == nil || o.ImpossibleTravelOptions == nil { return nil, false } @@ -126,17 +126,17 @@ func (o *HistoricalJobOptions) GetImpossibleTravelOptionsOk() (*SecurityMonitori } // HasImpossibleTravelOptions returns a boolean if a field has been set. -func (o *HistoricalJobOptions) HasImpossibleTravelOptions() bool { +func (o *ThreatHuntingJobOptions) HasImpossibleTravelOptions() bool { return o != nil && o.ImpossibleTravelOptions != nil } // SetImpossibleTravelOptions gets a reference to the given SecurityMonitoringRuleImpossibleTravelOptions and assigns it to the ImpossibleTravelOptions field. -func (o *HistoricalJobOptions) SetImpossibleTravelOptions(v SecurityMonitoringRuleImpossibleTravelOptions) { +func (o *ThreatHuntingJobOptions) SetImpossibleTravelOptions(v SecurityMonitoringRuleImpossibleTravelOptions) { o.ImpossibleTravelOptions = &v } // GetKeepAlive returns the KeepAlive field value if set, zero value otherwise. -func (o *HistoricalJobOptions) GetKeepAlive() SecurityMonitoringRuleKeepAlive { +func (o *ThreatHuntingJobOptions) GetKeepAlive() SecurityMonitoringRuleKeepAlive { if o == nil || o.KeepAlive == nil { var ret SecurityMonitoringRuleKeepAlive return ret @@ -146,7 +146,7 @@ func (o *HistoricalJobOptions) GetKeepAlive() SecurityMonitoringRuleKeepAlive { // GetKeepAliveOk returns a tuple with the KeepAlive field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobOptions) GetKeepAliveOk() (*SecurityMonitoringRuleKeepAlive, bool) { +func (o *ThreatHuntingJobOptions) GetKeepAliveOk() (*SecurityMonitoringRuleKeepAlive, bool) { if o == nil || o.KeepAlive == nil { return nil, false } @@ -154,17 +154,17 @@ func (o *HistoricalJobOptions) GetKeepAliveOk() (*SecurityMonitoringRuleKeepAliv } // HasKeepAlive returns a boolean if a field has been set. -func (o *HistoricalJobOptions) HasKeepAlive() bool { +func (o *ThreatHuntingJobOptions) HasKeepAlive() bool { return o != nil && o.KeepAlive != nil } // SetKeepAlive gets a reference to the given SecurityMonitoringRuleKeepAlive and assigns it to the KeepAlive field. -func (o *HistoricalJobOptions) SetKeepAlive(v SecurityMonitoringRuleKeepAlive) { +func (o *ThreatHuntingJobOptions) SetKeepAlive(v SecurityMonitoringRuleKeepAlive) { o.KeepAlive = &v } // GetMaxSignalDuration returns the MaxSignalDuration field value if set, zero value otherwise. -func (o *HistoricalJobOptions) GetMaxSignalDuration() SecurityMonitoringRuleMaxSignalDuration { +func (o *ThreatHuntingJobOptions) GetMaxSignalDuration() SecurityMonitoringRuleMaxSignalDuration { if o == nil || o.MaxSignalDuration == nil { var ret SecurityMonitoringRuleMaxSignalDuration return ret @@ -174,7 +174,7 @@ func (o *HistoricalJobOptions) GetMaxSignalDuration() SecurityMonitoringRuleMaxS // GetMaxSignalDurationOk returns a tuple with the MaxSignalDuration field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobOptions) GetMaxSignalDurationOk() (*SecurityMonitoringRuleMaxSignalDuration, bool) { +func (o *ThreatHuntingJobOptions) GetMaxSignalDurationOk() (*SecurityMonitoringRuleMaxSignalDuration, bool) { if o == nil || o.MaxSignalDuration == nil { return nil, false } @@ -182,17 +182,17 @@ func (o *HistoricalJobOptions) GetMaxSignalDurationOk() (*SecurityMonitoringRule } // HasMaxSignalDuration returns a boolean if a field has been set. -func (o *HistoricalJobOptions) HasMaxSignalDuration() bool { +func (o *ThreatHuntingJobOptions) HasMaxSignalDuration() bool { return o != nil && o.MaxSignalDuration != nil } // SetMaxSignalDuration gets a reference to the given SecurityMonitoringRuleMaxSignalDuration and assigns it to the MaxSignalDuration field. -func (o *HistoricalJobOptions) SetMaxSignalDuration(v SecurityMonitoringRuleMaxSignalDuration) { +func (o *ThreatHuntingJobOptions) SetMaxSignalDuration(v SecurityMonitoringRuleMaxSignalDuration) { o.MaxSignalDuration = &v } // GetNewValueOptions returns the NewValueOptions field value if set, zero value otherwise. -func (o *HistoricalJobOptions) GetNewValueOptions() SecurityMonitoringRuleNewValueOptions { +func (o *ThreatHuntingJobOptions) GetNewValueOptions() SecurityMonitoringRuleNewValueOptions { if o == nil || o.NewValueOptions == nil { var ret SecurityMonitoringRuleNewValueOptions return ret @@ -202,7 +202,7 @@ func (o *HistoricalJobOptions) GetNewValueOptions() SecurityMonitoringRuleNewVal // GetNewValueOptionsOk returns a tuple with the NewValueOptions field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobOptions) GetNewValueOptionsOk() (*SecurityMonitoringRuleNewValueOptions, bool) { +func (o *ThreatHuntingJobOptions) GetNewValueOptionsOk() (*SecurityMonitoringRuleNewValueOptions, bool) { if o == nil || o.NewValueOptions == nil { return nil, false } @@ -210,17 +210,17 @@ func (o *HistoricalJobOptions) GetNewValueOptionsOk() (*SecurityMonitoringRuleNe } // HasNewValueOptions returns a boolean if a field has been set. -func (o *HistoricalJobOptions) HasNewValueOptions() bool { +func (o *ThreatHuntingJobOptions) HasNewValueOptions() bool { return o != nil && o.NewValueOptions != nil } // SetNewValueOptions gets a reference to the given SecurityMonitoringRuleNewValueOptions and assigns it to the NewValueOptions field. -func (o *HistoricalJobOptions) SetNewValueOptions(v SecurityMonitoringRuleNewValueOptions) { +func (o *ThreatHuntingJobOptions) SetNewValueOptions(v SecurityMonitoringRuleNewValueOptions) { o.NewValueOptions = &v } // GetSequenceDetectionOptions returns the SequenceDetectionOptions field value if set, zero value otherwise. -func (o *HistoricalJobOptions) GetSequenceDetectionOptions() SecurityMonitoringRuleSequenceDetectionOptions { +func (o *ThreatHuntingJobOptions) GetSequenceDetectionOptions() SecurityMonitoringRuleSequenceDetectionOptions { if o == nil || o.SequenceDetectionOptions == nil { var ret SecurityMonitoringRuleSequenceDetectionOptions return ret @@ -230,7 +230,7 @@ func (o *HistoricalJobOptions) GetSequenceDetectionOptions() SecurityMonitoringR // GetSequenceDetectionOptionsOk returns a tuple with the SequenceDetectionOptions field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobOptions) GetSequenceDetectionOptionsOk() (*SecurityMonitoringRuleSequenceDetectionOptions, bool) { +func (o *ThreatHuntingJobOptions) GetSequenceDetectionOptionsOk() (*SecurityMonitoringRuleSequenceDetectionOptions, bool) { if o == nil || o.SequenceDetectionOptions == nil { return nil, false } @@ -238,17 +238,17 @@ func (o *HistoricalJobOptions) GetSequenceDetectionOptionsOk() (*SecurityMonitor } // HasSequenceDetectionOptions returns a boolean if a field has been set. -func (o *HistoricalJobOptions) HasSequenceDetectionOptions() bool { +func (o *ThreatHuntingJobOptions) HasSequenceDetectionOptions() bool { return o != nil && o.SequenceDetectionOptions != nil } // SetSequenceDetectionOptions gets a reference to the given SecurityMonitoringRuleSequenceDetectionOptions and assigns it to the SequenceDetectionOptions field. -func (o *HistoricalJobOptions) SetSequenceDetectionOptions(v SecurityMonitoringRuleSequenceDetectionOptions) { +func (o *ThreatHuntingJobOptions) SetSequenceDetectionOptions(v SecurityMonitoringRuleSequenceDetectionOptions) { o.SequenceDetectionOptions = &v } // GetThirdPartyRuleOptions returns the ThirdPartyRuleOptions field value if set, zero value otherwise. -func (o *HistoricalJobOptions) GetThirdPartyRuleOptions() SecurityMonitoringRuleThirdPartyOptions { +func (o *ThreatHuntingJobOptions) GetThirdPartyRuleOptions() SecurityMonitoringRuleThirdPartyOptions { if o == nil || o.ThirdPartyRuleOptions == nil { var ret SecurityMonitoringRuleThirdPartyOptions return ret @@ -258,7 +258,7 @@ func (o *HistoricalJobOptions) GetThirdPartyRuleOptions() SecurityMonitoringRule // GetThirdPartyRuleOptionsOk returns a tuple with the ThirdPartyRuleOptions field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobOptions) GetThirdPartyRuleOptionsOk() (*SecurityMonitoringRuleThirdPartyOptions, bool) { +func (o *ThreatHuntingJobOptions) GetThirdPartyRuleOptionsOk() (*SecurityMonitoringRuleThirdPartyOptions, bool) { if o == nil || o.ThirdPartyRuleOptions == nil { return nil, false } @@ -266,17 +266,17 @@ func (o *HistoricalJobOptions) GetThirdPartyRuleOptionsOk() (*SecurityMonitoring } // HasThirdPartyRuleOptions returns a boolean if a field has been set. -func (o *HistoricalJobOptions) HasThirdPartyRuleOptions() bool { +func (o *ThreatHuntingJobOptions) HasThirdPartyRuleOptions() bool { return o != nil && o.ThirdPartyRuleOptions != nil } // SetThirdPartyRuleOptions gets a reference to the given SecurityMonitoringRuleThirdPartyOptions and assigns it to the ThirdPartyRuleOptions field. -func (o *HistoricalJobOptions) SetThirdPartyRuleOptions(v SecurityMonitoringRuleThirdPartyOptions) { +func (o *ThreatHuntingJobOptions) SetThirdPartyRuleOptions(v SecurityMonitoringRuleThirdPartyOptions) { o.ThirdPartyRuleOptions = &v } // MarshalJSON serializes the struct using spec logic. -func (o HistoricalJobOptions) MarshalJSON() ([]byte, error) { +func (o ThreatHuntingJobOptions) MarshalJSON() ([]byte, error) { toSerialize := map[string]interface{}{} if o.UnparsedObject != nil { return datadog.Marshal(o.UnparsedObject) @@ -313,7 +313,7 @@ func (o HistoricalJobOptions) MarshalJSON() ([]byte, error) { } // UnmarshalJSON deserializes the given payload. -func (o *HistoricalJobOptions) UnmarshalJSON(bytes []byte) (err error) { +func (o *ThreatHuntingJobOptions) UnmarshalJSON(bytes []byte) (err error) { all := struct { DetectionMethod *SecurityMonitoringRuleDetectionMethod `json:"detectionMethod,omitempty"` EvaluationWindow *SecurityMonitoringRuleEvaluationWindow `json:"evaluationWindow,omitempty"` diff --git a/api/datadogV2/model_historical_job_query.go b/api/datadogV2/model_threat_hunting_job_query.go similarity index 79% rename from api/datadogV2/model_historical_job_query.go rename to api/datadogV2/model_threat_hunting_job_query.go index 3fe4a3cf6a2..f906f74fcbd 100644 --- a/api/datadogV2/model_historical_job_query.go +++ b/api/datadogV2/model_threat_hunting_job_query.go @@ -8,8 +8,8 @@ import ( "github.com/DataDog/datadog-api-client-go/v2/api/datadog" ) -// HistoricalJobQuery Query for selecting logs analyzed by the historical job. -type HistoricalJobQuery struct { +// ThreatHuntingJobQuery Query for selecting logs analyzed by the threat hunting job. +type ThreatHuntingJobQuery struct { // The aggregation type. Aggregation *SecurityMonitoringRuleQueryAggregation `json:"aggregation,omitempty"` // Source of events, either logs, audit trail, or Datadog events. @@ -31,12 +31,12 @@ type HistoricalJobQuery struct { AdditionalProperties map[string]interface{} `json:"-"` } -// NewHistoricalJobQuery instantiates a new HistoricalJobQuery object. +// NewThreatHuntingJobQuery instantiates a new ThreatHuntingJobQuery object. // This constructor will assign default values to properties that have it defined, // and makes sure properties required by API are set, but the set of arguments // will change when the set of required properties is changed. -func NewHistoricalJobQuery() *HistoricalJobQuery { - this := HistoricalJobQuery{} +func NewThreatHuntingJobQuery() *ThreatHuntingJobQuery { + this := ThreatHuntingJobQuery{} var dataSource SecurityMonitoringStandardDataSource = SECURITYMONITORINGSTANDARDDATASOURCE_LOGS this.DataSource = &dataSource var hasOptionalGroupByFields bool = false @@ -44,11 +44,11 @@ func NewHistoricalJobQuery() *HistoricalJobQuery { return &this } -// NewHistoricalJobQueryWithDefaults instantiates a new HistoricalJobQuery object. +// NewThreatHuntingJobQueryWithDefaults instantiates a new ThreatHuntingJobQuery object. // This constructor will only assign default values to properties that have it defined, // but it doesn't guarantee that properties required by API are set. -func NewHistoricalJobQueryWithDefaults() *HistoricalJobQuery { - this := HistoricalJobQuery{} +func NewThreatHuntingJobQueryWithDefaults() *ThreatHuntingJobQuery { + this := ThreatHuntingJobQuery{} var dataSource SecurityMonitoringStandardDataSource = SECURITYMONITORINGSTANDARDDATASOURCE_LOGS this.DataSource = &dataSource var hasOptionalGroupByFields bool = false @@ -57,7 +57,7 @@ func NewHistoricalJobQueryWithDefaults() *HistoricalJobQuery { } // GetAggregation returns the Aggregation field value if set, zero value otherwise. -func (o *HistoricalJobQuery) GetAggregation() SecurityMonitoringRuleQueryAggregation { +func (o *ThreatHuntingJobQuery) GetAggregation() SecurityMonitoringRuleQueryAggregation { if o == nil || o.Aggregation == nil { var ret SecurityMonitoringRuleQueryAggregation return ret @@ -67,7 +67,7 @@ func (o *HistoricalJobQuery) GetAggregation() SecurityMonitoringRuleQueryAggrega // GetAggregationOk returns a tuple with the Aggregation field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobQuery) GetAggregationOk() (*SecurityMonitoringRuleQueryAggregation, bool) { +func (o *ThreatHuntingJobQuery) GetAggregationOk() (*SecurityMonitoringRuleQueryAggregation, bool) { if o == nil || o.Aggregation == nil { return nil, false } @@ -75,17 +75,17 @@ func (o *HistoricalJobQuery) GetAggregationOk() (*SecurityMonitoringRuleQueryAgg } // HasAggregation returns a boolean if a field has been set. -func (o *HistoricalJobQuery) HasAggregation() bool { +func (o *ThreatHuntingJobQuery) HasAggregation() bool { return o != nil && o.Aggregation != nil } // SetAggregation gets a reference to the given SecurityMonitoringRuleQueryAggregation and assigns it to the Aggregation field. -func (o *HistoricalJobQuery) SetAggregation(v SecurityMonitoringRuleQueryAggregation) { +func (o *ThreatHuntingJobQuery) SetAggregation(v SecurityMonitoringRuleQueryAggregation) { o.Aggregation = &v } // GetDataSource returns the DataSource field value if set, zero value otherwise. -func (o *HistoricalJobQuery) GetDataSource() SecurityMonitoringStandardDataSource { +func (o *ThreatHuntingJobQuery) GetDataSource() SecurityMonitoringStandardDataSource { if o == nil || o.DataSource == nil { var ret SecurityMonitoringStandardDataSource return ret @@ -95,7 +95,7 @@ func (o *HistoricalJobQuery) GetDataSource() SecurityMonitoringStandardDataSourc // GetDataSourceOk returns a tuple with the DataSource field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobQuery) GetDataSourceOk() (*SecurityMonitoringStandardDataSource, bool) { +func (o *ThreatHuntingJobQuery) GetDataSourceOk() (*SecurityMonitoringStandardDataSource, bool) { if o == nil || o.DataSource == nil { return nil, false } @@ -103,17 +103,17 @@ func (o *HistoricalJobQuery) GetDataSourceOk() (*SecurityMonitoringStandardDataS } // HasDataSource returns a boolean if a field has been set. -func (o *HistoricalJobQuery) HasDataSource() bool { +func (o *ThreatHuntingJobQuery) HasDataSource() bool { return o != nil && o.DataSource != nil } // SetDataSource gets a reference to the given SecurityMonitoringStandardDataSource and assigns it to the DataSource field. -func (o *HistoricalJobQuery) SetDataSource(v SecurityMonitoringStandardDataSource) { +func (o *ThreatHuntingJobQuery) SetDataSource(v SecurityMonitoringStandardDataSource) { o.DataSource = &v } // GetDistinctFields returns the DistinctFields field value if set, zero value otherwise. -func (o *HistoricalJobQuery) GetDistinctFields() []string { +func (o *ThreatHuntingJobQuery) GetDistinctFields() []string { if o == nil || o.DistinctFields == nil { var ret []string return ret @@ -123,7 +123,7 @@ func (o *HistoricalJobQuery) GetDistinctFields() []string { // GetDistinctFieldsOk returns a tuple with the DistinctFields field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobQuery) GetDistinctFieldsOk() (*[]string, bool) { +func (o *ThreatHuntingJobQuery) GetDistinctFieldsOk() (*[]string, bool) { if o == nil || o.DistinctFields == nil { return nil, false } @@ -131,17 +131,17 @@ func (o *HistoricalJobQuery) GetDistinctFieldsOk() (*[]string, bool) { } // HasDistinctFields returns a boolean if a field has been set. -func (o *HistoricalJobQuery) HasDistinctFields() bool { +func (o *ThreatHuntingJobQuery) HasDistinctFields() bool { return o != nil && o.DistinctFields != nil } // SetDistinctFields gets a reference to the given []string and assigns it to the DistinctFields field. -func (o *HistoricalJobQuery) SetDistinctFields(v []string) { +func (o *ThreatHuntingJobQuery) SetDistinctFields(v []string) { o.DistinctFields = v } // GetGroupByFields returns the GroupByFields field value if set, zero value otherwise. -func (o *HistoricalJobQuery) GetGroupByFields() []string { +func (o *ThreatHuntingJobQuery) GetGroupByFields() []string { if o == nil || o.GroupByFields == nil { var ret []string return ret @@ -151,7 +151,7 @@ func (o *HistoricalJobQuery) GetGroupByFields() []string { // GetGroupByFieldsOk returns a tuple with the GroupByFields field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobQuery) GetGroupByFieldsOk() (*[]string, bool) { +func (o *ThreatHuntingJobQuery) GetGroupByFieldsOk() (*[]string, bool) { if o == nil || o.GroupByFields == nil { return nil, false } @@ -159,17 +159,17 @@ func (o *HistoricalJobQuery) GetGroupByFieldsOk() (*[]string, bool) { } // HasGroupByFields returns a boolean if a field has been set. -func (o *HistoricalJobQuery) HasGroupByFields() bool { +func (o *ThreatHuntingJobQuery) HasGroupByFields() bool { return o != nil && o.GroupByFields != nil } // SetGroupByFields gets a reference to the given []string and assigns it to the GroupByFields field. -func (o *HistoricalJobQuery) SetGroupByFields(v []string) { +func (o *ThreatHuntingJobQuery) SetGroupByFields(v []string) { o.GroupByFields = v } // GetHasOptionalGroupByFields returns the HasOptionalGroupByFields field value if set, zero value otherwise. -func (o *HistoricalJobQuery) GetHasOptionalGroupByFields() bool { +func (o *ThreatHuntingJobQuery) GetHasOptionalGroupByFields() bool { if o == nil || o.HasOptionalGroupByFields == nil { var ret bool return ret @@ -179,7 +179,7 @@ func (o *HistoricalJobQuery) GetHasOptionalGroupByFields() bool { // GetHasOptionalGroupByFieldsOk returns a tuple with the HasOptionalGroupByFields field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobQuery) GetHasOptionalGroupByFieldsOk() (*bool, bool) { +func (o *ThreatHuntingJobQuery) GetHasOptionalGroupByFieldsOk() (*bool, bool) { if o == nil || o.HasOptionalGroupByFields == nil { return nil, false } @@ -187,17 +187,17 @@ func (o *HistoricalJobQuery) GetHasOptionalGroupByFieldsOk() (*bool, bool) { } // HasHasOptionalGroupByFields returns a boolean if a field has been set. -func (o *HistoricalJobQuery) HasHasOptionalGroupByFields() bool { +func (o *ThreatHuntingJobQuery) HasHasOptionalGroupByFields() bool { return o != nil && o.HasOptionalGroupByFields != nil } // SetHasOptionalGroupByFields gets a reference to the given bool and assigns it to the HasOptionalGroupByFields field. -func (o *HistoricalJobQuery) SetHasOptionalGroupByFields(v bool) { +func (o *ThreatHuntingJobQuery) SetHasOptionalGroupByFields(v bool) { o.HasOptionalGroupByFields = &v } // GetMetrics returns the Metrics field value if set, zero value otherwise. -func (o *HistoricalJobQuery) GetMetrics() []string { +func (o *ThreatHuntingJobQuery) GetMetrics() []string { if o == nil || o.Metrics == nil { var ret []string return ret @@ -207,7 +207,7 @@ func (o *HistoricalJobQuery) GetMetrics() []string { // GetMetricsOk returns a tuple with the Metrics field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobQuery) GetMetricsOk() (*[]string, bool) { +func (o *ThreatHuntingJobQuery) GetMetricsOk() (*[]string, bool) { if o == nil || o.Metrics == nil { return nil, false } @@ -215,17 +215,17 @@ func (o *HistoricalJobQuery) GetMetricsOk() (*[]string, bool) { } // HasMetrics returns a boolean if a field has been set. -func (o *HistoricalJobQuery) HasMetrics() bool { +func (o *ThreatHuntingJobQuery) HasMetrics() bool { return o != nil && o.Metrics != nil } // SetMetrics gets a reference to the given []string and assigns it to the Metrics field. -func (o *HistoricalJobQuery) SetMetrics(v []string) { +func (o *ThreatHuntingJobQuery) SetMetrics(v []string) { o.Metrics = v } // GetName returns the Name field value if set, zero value otherwise. -func (o *HistoricalJobQuery) GetName() string { +func (o *ThreatHuntingJobQuery) GetName() string { if o == nil || o.Name == nil { var ret string return ret @@ -235,7 +235,7 @@ func (o *HistoricalJobQuery) GetName() string { // GetNameOk returns a tuple with the Name field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobQuery) GetNameOk() (*string, bool) { +func (o *ThreatHuntingJobQuery) GetNameOk() (*string, bool) { if o == nil || o.Name == nil { return nil, false } @@ -243,17 +243,17 @@ func (o *HistoricalJobQuery) GetNameOk() (*string, bool) { } // HasName returns a boolean if a field has been set. -func (o *HistoricalJobQuery) HasName() bool { +func (o *ThreatHuntingJobQuery) HasName() bool { return o != nil && o.Name != nil } // SetName gets a reference to the given string and assigns it to the Name field. -func (o *HistoricalJobQuery) SetName(v string) { +func (o *ThreatHuntingJobQuery) SetName(v string) { o.Name = &v } // GetQuery returns the Query field value if set, zero value otherwise. -func (o *HistoricalJobQuery) GetQuery() string { +func (o *ThreatHuntingJobQuery) GetQuery() string { if o == nil || o.Query == nil { var ret string return ret @@ -263,7 +263,7 @@ func (o *HistoricalJobQuery) GetQuery() string { // GetQueryOk returns a tuple with the Query field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobQuery) GetQueryOk() (*string, bool) { +func (o *ThreatHuntingJobQuery) GetQueryOk() (*string, bool) { if o == nil || o.Query == nil { return nil, false } @@ -271,17 +271,17 @@ func (o *HistoricalJobQuery) GetQueryOk() (*string, bool) { } // HasQuery returns a boolean if a field has been set. -func (o *HistoricalJobQuery) HasQuery() bool { +func (o *ThreatHuntingJobQuery) HasQuery() bool { return o != nil && o.Query != nil } // SetQuery gets a reference to the given string and assigns it to the Query field. -func (o *HistoricalJobQuery) SetQuery(v string) { +func (o *ThreatHuntingJobQuery) SetQuery(v string) { o.Query = &v } // MarshalJSON serializes the struct using spec logic. -func (o HistoricalJobQuery) MarshalJSON() ([]byte, error) { +func (o ThreatHuntingJobQuery) MarshalJSON() ([]byte, error) { toSerialize := map[string]interface{}{} if o.UnparsedObject != nil { return datadog.Marshal(o.UnparsedObject) @@ -318,7 +318,7 @@ func (o HistoricalJobQuery) MarshalJSON() ([]byte, error) { } // UnmarshalJSON deserializes the given payload. -func (o *HistoricalJobQuery) UnmarshalJSON(bytes []byte) (err error) { +func (o *ThreatHuntingJobQuery) UnmarshalJSON(bytes []byte) (err error) { all := struct { Aggregation *SecurityMonitoringRuleQueryAggregation `json:"aggregation,omitempty"` DataSource *SecurityMonitoringStandardDataSource `json:"dataSource,omitempty"` diff --git a/api/datadogV2/model_historical_job_response.go b/api/datadogV2/model_threat_hunting_job_response.go similarity index 67% rename from api/datadogV2/model_historical_job_response.go rename to api/datadogV2/model_threat_hunting_job_response.go index c839d95d7d5..033300a0c8b 100644 --- a/api/datadogV2/model_historical_job_response.go +++ b/api/datadogV2/model_threat_hunting_job_response.go @@ -8,36 +8,36 @@ import ( "github.com/DataDog/datadog-api-client-go/v2/api/datadog" ) -// HistoricalJobResponse Historical job response. -type HistoricalJobResponse struct { - // Historical job response data. - Data *HistoricalJobResponseData `json:"data,omitempty"` +// ThreatHuntingJobResponse Threat hunting job response. +type ThreatHuntingJobResponse struct { + // Threat hunting job response data. + Data *ThreatHuntingJobResponseData `json:"data,omitempty"` // UnparsedObject contains the raw value of the object if there was an error when deserializing into the struct UnparsedObject map[string]interface{} `json:"-"` AdditionalProperties map[string]interface{} `json:"-"` } -// NewHistoricalJobResponse instantiates a new HistoricalJobResponse object. +// NewThreatHuntingJobResponse instantiates a new ThreatHuntingJobResponse object. // This constructor will assign default values to properties that have it defined, // and makes sure properties required by API are set, but the set of arguments // will change when the set of required properties is changed. -func NewHistoricalJobResponse() *HistoricalJobResponse { - this := HistoricalJobResponse{} +func NewThreatHuntingJobResponse() *ThreatHuntingJobResponse { + this := ThreatHuntingJobResponse{} return &this } -// NewHistoricalJobResponseWithDefaults instantiates a new HistoricalJobResponse object. +// NewThreatHuntingJobResponseWithDefaults instantiates a new ThreatHuntingJobResponse object. // This constructor will only assign default values to properties that have it defined, // but it doesn't guarantee that properties required by API are set. -func NewHistoricalJobResponseWithDefaults() *HistoricalJobResponse { - this := HistoricalJobResponse{} +func NewThreatHuntingJobResponseWithDefaults() *ThreatHuntingJobResponse { + this := ThreatHuntingJobResponse{} return &this } // GetData returns the Data field value if set, zero value otherwise. -func (o *HistoricalJobResponse) GetData() HistoricalJobResponseData { +func (o *ThreatHuntingJobResponse) GetData() ThreatHuntingJobResponseData { if o == nil || o.Data == nil { - var ret HistoricalJobResponseData + var ret ThreatHuntingJobResponseData return ret } return *o.Data @@ -45,7 +45,7 @@ func (o *HistoricalJobResponse) GetData() HistoricalJobResponseData { // GetDataOk returns a tuple with the Data field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobResponse) GetDataOk() (*HistoricalJobResponseData, bool) { +func (o *ThreatHuntingJobResponse) GetDataOk() (*ThreatHuntingJobResponseData, bool) { if o == nil || o.Data == nil { return nil, false } @@ -53,17 +53,17 @@ func (o *HistoricalJobResponse) GetDataOk() (*HistoricalJobResponseData, bool) { } // HasData returns a boolean if a field has been set. -func (o *HistoricalJobResponse) HasData() bool { +func (o *ThreatHuntingJobResponse) HasData() bool { return o != nil && o.Data != nil } -// SetData gets a reference to the given HistoricalJobResponseData and assigns it to the Data field. -func (o *HistoricalJobResponse) SetData(v HistoricalJobResponseData) { +// SetData gets a reference to the given ThreatHuntingJobResponseData and assigns it to the Data field. +func (o *ThreatHuntingJobResponse) SetData(v ThreatHuntingJobResponseData) { o.Data = &v } // MarshalJSON serializes the struct using spec logic. -func (o HistoricalJobResponse) MarshalJSON() ([]byte, error) { +func (o ThreatHuntingJobResponse) MarshalJSON() ([]byte, error) { toSerialize := map[string]interface{}{} if o.UnparsedObject != nil { return datadog.Marshal(o.UnparsedObject) @@ -79,9 +79,9 @@ func (o HistoricalJobResponse) MarshalJSON() ([]byte, error) { } // UnmarshalJSON deserializes the given payload. -func (o *HistoricalJobResponse) UnmarshalJSON(bytes []byte) (err error) { +func (o *ThreatHuntingJobResponse) UnmarshalJSON(bytes []byte) (err error) { all := struct { - Data *HistoricalJobResponseData `json:"data,omitempty"` + Data *ThreatHuntingJobResponseData `json:"data,omitempty"` }{} if err = datadog.Unmarshal(bytes, &all); err != nil { return datadog.Unmarshal(bytes, &o.UnparsedObject) diff --git a/api/datadogV2/model_historical_job_response_attributes.go b/api/datadogV2/model_threat_hunting_job_response_attributes.go similarity index 75% rename from api/datadogV2/model_historical_job_response_attributes.go rename to api/datadogV2/model_threat_hunting_job_response_attributes.go index 5fa9130cc8d..63aadf245ff 100644 --- a/api/datadogV2/model_historical_job_response_attributes.go +++ b/api/datadogV2/model_threat_hunting_job_response_attributes.go @@ -8,8 +8,8 @@ import ( "github.com/DataDog/datadog-api-client-go/v2/api/datadog" ) -// HistoricalJobResponseAttributes Historical job attributes. -type HistoricalJobResponseAttributes struct { +// ThreatHuntingJobResponseAttributes Threat hunting job attributes. +type ThreatHuntingJobResponseAttributes struct { // Time when the job was created. CreatedAt *string `json:"createdAt,omitempty"` // The handle of the user who created the job. @@ -18,7 +18,7 @@ type HistoricalJobResponseAttributes struct { CreatedByName *string `json:"createdByName,omitempty"` // ID of the rule used to create the job (if it is created from a rule). CreatedFromRuleId *string `json:"createdFromRuleId,omitempty"` - // Definition of a historical job. + // Definition of a threat hunting job. JobDefinition *JobDefinition `json:"jobDefinition,omitempty"` // Job name. JobName *string `json:"jobName,omitempty"` @@ -31,25 +31,25 @@ type HistoricalJobResponseAttributes struct { AdditionalProperties map[string]interface{} `json:"-"` } -// NewHistoricalJobResponseAttributes instantiates a new HistoricalJobResponseAttributes object. +// NewThreatHuntingJobResponseAttributes instantiates a new ThreatHuntingJobResponseAttributes object. // This constructor will assign default values to properties that have it defined, // and makes sure properties required by API are set, but the set of arguments // will change when the set of required properties is changed. -func NewHistoricalJobResponseAttributes() *HistoricalJobResponseAttributes { - this := HistoricalJobResponseAttributes{} +func NewThreatHuntingJobResponseAttributes() *ThreatHuntingJobResponseAttributes { + this := ThreatHuntingJobResponseAttributes{} return &this } -// NewHistoricalJobResponseAttributesWithDefaults instantiates a new HistoricalJobResponseAttributes object. +// NewThreatHuntingJobResponseAttributesWithDefaults instantiates a new ThreatHuntingJobResponseAttributes object. // This constructor will only assign default values to properties that have it defined, // but it doesn't guarantee that properties required by API are set. -func NewHistoricalJobResponseAttributesWithDefaults() *HistoricalJobResponseAttributes { - this := HistoricalJobResponseAttributes{} +func NewThreatHuntingJobResponseAttributesWithDefaults() *ThreatHuntingJobResponseAttributes { + this := ThreatHuntingJobResponseAttributes{} return &this } // GetCreatedAt returns the CreatedAt field value if set, zero value otherwise. -func (o *HistoricalJobResponseAttributes) GetCreatedAt() string { +func (o *ThreatHuntingJobResponseAttributes) GetCreatedAt() string { if o == nil || o.CreatedAt == nil { var ret string return ret @@ -59,7 +59,7 @@ func (o *HistoricalJobResponseAttributes) GetCreatedAt() string { // GetCreatedAtOk returns a tuple with the CreatedAt field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobResponseAttributes) GetCreatedAtOk() (*string, bool) { +func (o *ThreatHuntingJobResponseAttributes) GetCreatedAtOk() (*string, bool) { if o == nil || o.CreatedAt == nil { return nil, false } @@ -67,17 +67,17 @@ func (o *HistoricalJobResponseAttributes) GetCreatedAtOk() (*string, bool) { } // HasCreatedAt returns a boolean if a field has been set. -func (o *HistoricalJobResponseAttributes) HasCreatedAt() bool { +func (o *ThreatHuntingJobResponseAttributes) HasCreatedAt() bool { return o != nil && o.CreatedAt != nil } // SetCreatedAt gets a reference to the given string and assigns it to the CreatedAt field. -func (o *HistoricalJobResponseAttributes) SetCreatedAt(v string) { +func (o *ThreatHuntingJobResponseAttributes) SetCreatedAt(v string) { o.CreatedAt = &v } // GetCreatedByHandle returns the CreatedByHandle field value if set, zero value otherwise. -func (o *HistoricalJobResponseAttributes) GetCreatedByHandle() string { +func (o *ThreatHuntingJobResponseAttributes) GetCreatedByHandle() string { if o == nil || o.CreatedByHandle == nil { var ret string return ret @@ -87,7 +87,7 @@ func (o *HistoricalJobResponseAttributes) GetCreatedByHandle() string { // GetCreatedByHandleOk returns a tuple with the CreatedByHandle field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobResponseAttributes) GetCreatedByHandleOk() (*string, bool) { +func (o *ThreatHuntingJobResponseAttributes) GetCreatedByHandleOk() (*string, bool) { if o == nil || o.CreatedByHandle == nil { return nil, false } @@ -95,17 +95,17 @@ func (o *HistoricalJobResponseAttributes) GetCreatedByHandleOk() (*string, bool) } // HasCreatedByHandle returns a boolean if a field has been set. -func (o *HistoricalJobResponseAttributes) HasCreatedByHandle() bool { +func (o *ThreatHuntingJobResponseAttributes) HasCreatedByHandle() bool { return o != nil && o.CreatedByHandle != nil } // SetCreatedByHandle gets a reference to the given string and assigns it to the CreatedByHandle field. -func (o *HistoricalJobResponseAttributes) SetCreatedByHandle(v string) { +func (o *ThreatHuntingJobResponseAttributes) SetCreatedByHandle(v string) { o.CreatedByHandle = &v } // GetCreatedByName returns the CreatedByName field value if set, zero value otherwise. -func (o *HistoricalJobResponseAttributes) GetCreatedByName() string { +func (o *ThreatHuntingJobResponseAttributes) GetCreatedByName() string { if o == nil || o.CreatedByName == nil { var ret string return ret @@ -115,7 +115,7 @@ func (o *HistoricalJobResponseAttributes) GetCreatedByName() string { // GetCreatedByNameOk returns a tuple with the CreatedByName field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobResponseAttributes) GetCreatedByNameOk() (*string, bool) { +func (o *ThreatHuntingJobResponseAttributes) GetCreatedByNameOk() (*string, bool) { if o == nil || o.CreatedByName == nil { return nil, false } @@ -123,17 +123,17 @@ func (o *HistoricalJobResponseAttributes) GetCreatedByNameOk() (*string, bool) { } // HasCreatedByName returns a boolean if a field has been set. -func (o *HistoricalJobResponseAttributes) HasCreatedByName() bool { +func (o *ThreatHuntingJobResponseAttributes) HasCreatedByName() bool { return o != nil && o.CreatedByName != nil } // SetCreatedByName gets a reference to the given string and assigns it to the CreatedByName field. -func (o *HistoricalJobResponseAttributes) SetCreatedByName(v string) { +func (o *ThreatHuntingJobResponseAttributes) SetCreatedByName(v string) { o.CreatedByName = &v } // GetCreatedFromRuleId returns the CreatedFromRuleId field value if set, zero value otherwise. -func (o *HistoricalJobResponseAttributes) GetCreatedFromRuleId() string { +func (o *ThreatHuntingJobResponseAttributes) GetCreatedFromRuleId() string { if o == nil || o.CreatedFromRuleId == nil { var ret string return ret @@ -143,7 +143,7 @@ func (o *HistoricalJobResponseAttributes) GetCreatedFromRuleId() string { // GetCreatedFromRuleIdOk returns a tuple with the CreatedFromRuleId field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobResponseAttributes) GetCreatedFromRuleIdOk() (*string, bool) { +func (o *ThreatHuntingJobResponseAttributes) GetCreatedFromRuleIdOk() (*string, bool) { if o == nil || o.CreatedFromRuleId == nil { return nil, false } @@ -151,17 +151,17 @@ func (o *HistoricalJobResponseAttributes) GetCreatedFromRuleIdOk() (*string, boo } // HasCreatedFromRuleId returns a boolean if a field has been set. -func (o *HistoricalJobResponseAttributes) HasCreatedFromRuleId() bool { +func (o *ThreatHuntingJobResponseAttributes) HasCreatedFromRuleId() bool { return o != nil && o.CreatedFromRuleId != nil } // SetCreatedFromRuleId gets a reference to the given string and assigns it to the CreatedFromRuleId field. -func (o *HistoricalJobResponseAttributes) SetCreatedFromRuleId(v string) { +func (o *ThreatHuntingJobResponseAttributes) SetCreatedFromRuleId(v string) { o.CreatedFromRuleId = &v } // GetJobDefinition returns the JobDefinition field value if set, zero value otherwise. -func (o *HistoricalJobResponseAttributes) GetJobDefinition() JobDefinition { +func (o *ThreatHuntingJobResponseAttributes) GetJobDefinition() JobDefinition { if o == nil || o.JobDefinition == nil { var ret JobDefinition return ret @@ -171,7 +171,7 @@ func (o *HistoricalJobResponseAttributes) GetJobDefinition() JobDefinition { // GetJobDefinitionOk returns a tuple with the JobDefinition field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobResponseAttributes) GetJobDefinitionOk() (*JobDefinition, bool) { +func (o *ThreatHuntingJobResponseAttributes) GetJobDefinitionOk() (*JobDefinition, bool) { if o == nil || o.JobDefinition == nil { return nil, false } @@ -179,17 +179,17 @@ func (o *HistoricalJobResponseAttributes) GetJobDefinitionOk() (*JobDefinition, } // HasJobDefinition returns a boolean if a field has been set. -func (o *HistoricalJobResponseAttributes) HasJobDefinition() bool { +func (o *ThreatHuntingJobResponseAttributes) HasJobDefinition() bool { return o != nil && o.JobDefinition != nil } // SetJobDefinition gets a reference to the given JobDefinition and assigns it to the JobDefinition field. -func (o *HistoricalJobResponseAttributes) SetJobDefinition(v JobDefinition) { +func (o *ThreatHuntingJobResponseAttributes) SetJobDefinition(v JobDefinition) { o.JobDefinition = &v } // GetJobName returns the JobName field value if set, zero value otherwise. -func (o *HistoricalJobResponseAttributes) GetJobName() string { +func (o *ThreatHuntingJobResponseAttributes) GetJobName() string { if o == nil || o.JobName == nil { var ret string return ret @@ -199,7 +199,7 @@ func (o *HistoricalJobResponseAttributes) GetJobName() string { // GetJobNameOk returns a tuple with the JobName field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobResponseAttributes) GetJobNameOk() (*string, bool) { +func (o *ThreatHuntingJobResponseAttributes) GetJobNameOk() (*string, bool) { if o == nil || o.JobName == nil { return nil, false } @@ -207,17 +207,17 @@ func (o *HistoricalJobResponseAttributes) GetJobNameOk() (*string, bool) { } // HasJobName returns a boolean if a field has been set. -func (o *HistoricalJobResponseAttributes) HasJobName() bool { +func (o *ThreatHuntingJobResponseAttributes) HasJobName() bool { return o != nil && o.JobName != nil } // SetJobName gets a reference to the given string and assigns it to the JobName field. -func (o *HistoricalJobResponseAttributes) SetJobName(v string) { +func (o *ThreatHuntingJobResponseAttributes) SetJobName(v string) { o.JobName = &v } // GetJobStatus returns the JobStatus field value if set, zero value otherwise. -func (o *HistoricalJobResponseAttributes) GetJobStatus() string { +func (o *ThreatHuntingJobResponseAttributes) GetJobStatus() string { if o == nil || o.JobStatus == nil { var ret string return ret @@ -227,7 +227,7 @@ func (o *HistoricalJobResponseAttributes) GetJobStatus() string { // GetJobStatusOk returns a tuple with the JobStatus field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobResponseAttributes) GetJobStatusOk() (*string, bool) { +func (o *ThreatHuntingJobResponseAttributes) GetJobStatusOk() (*string, bool) { if o == nil || o.JobStatus == nil { return nil, false } @@ -235,17 +235,17 @@ func (o *HistoricalJobResponseAttributes) GetJobStatusOk() (*string, bool) { } // HasJobStatus returns a boolean if a field has been set. -func (o *HistoricalJobResponseAttributes) HasJobStatus() bool { +func (o *ThreatHuntingJobResponseAttributes) HasJobStatus() bool { return o != nil && o.JobStatus != nil } // SetJobStatus gets a reference to the given string and assigns it to the JobStatus field. -func (o *HistoricalJobResponseAttributes) SetJobStatus(v string) { +func (o *ThreatHuntingJobResponseAttributes) SetJobStatus(v string) { o.JobStatus = &v } // GetModifiedAt returns the ModifiedAt field value if set, zero value otherwise. -func (o *HistoricalJobResponseAttributes) GetModifiedAt() string { +func (o *ThreatHuntingJobResponseAttributes) GetModifiedAt() string { if o == nil || o.ModifiedAt == nil { var ret string return ret @@ -255,7 +255,7 @@ func (o *HistoricalJobResponseAttributes) GetModifiedAt() string { // GetModifiedAtOk returns a tuple with the ModifiedAt field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobResponseAttributes) GetModifiedAtOk() (*string, bool) { +func (o *ThreatHuntingJobResponseAttributes) GetModifiedAtOk() (*string, bool) { if o == nil || o.ModifiedAt == nil { return nil, false } @@ -263,17 +263,17 @@ func (o *HistoricalJobResponseAttributes) GetModifiedAtOk() (*string, bool) { } // HasModifiedAt returns a boolean if a field has been set. -func (o *HistoricalJobResponseAttributes) HasModifiedAt() bool { +func (o *ThreatHuntingJobResponseAttributes) HasModifiedAt() bool { return o != nil && o.ModifiedAt != nil } // SetModifiedAt gets a reference to the given string and assigns it to the ModifiedAt field. -func (o *HistoricalJobResponseAttributes) SetModifiedAt(v string) { +func (o *ThreatHuntingJobResponseAttributes) SetModifiedAt(v string) { o.ModifiedAt = &v } // MarshalJSON serializes the struct using spec logic. -func (o HistoricalJobResponseAttributes) MarshalJSON() ([]byte, error) { +func (o ThreatHuntingJobResponseAttributes) MarshalJSON() ([]byte, error) { toSerialize := map[string]interface{}{} if o.UnparsedObject != nil { return datadog.Marshal(o.UnparsedObject) @@ -310,7 +310,7 @@ func (o HistoricalJobResponseAttributes) MarshalJSON() ([]byte, error) { } // UnmarshalJSON deserializes the given payload. -func (o *HistoricalJobResponseAttributes) UnmarshalJSON(bytes []byte) (err error) { +func (o *ThreatHuntingJobResponseAttributes) UnmarshalJSON(bytes []byte) (err error) { all := struct { CreatedAt *string `json:"createdAt,omitempty"` CreatedByHandle *string `json:"createdByHandle,omitempty"` diff --git a/api/datadogV2/model_historical_job_response_data.go b/api/datadogV2/model_threat_hunting_job_response_data.go similarity index 63% rename from api/datadogV2/model_historical_job_response_data.go rename to api/datadogV2/model_threat_hunting_job_response_data.go index 984e256a9cd..f79d55b41fe 100644 --- a/api/datadogV2/model_historical_job_response_data.go +++ b/api/datadogV2/model_threat_hunting_job_response_data.go @@ -8,40 +8,40 @@ import ( "github.com/DataDog/datadog-api-client-go/v2/api/datadog" ) -// HistoricalJobResponseData Historical job response data. -type HistoricalJobResponseData struct { - // Historical job attributes. - Attributes *HistoricalJobResponseAttributes `json:"attributes,omitempty"` +// ThreatHuntingJobResponseData Threat hunting job response data. +type ThreatHuntingJobResponseData struct { + // Threat hunting job attributes. + Attributes *ThreatHuntingJobResponseAttributes `json:"attributes,omitempty"` // ID of the job. Id *string `json:"id,omitempty"` // Type of payload. - Type *HistoricalJobDataType `json:"type,omitempty"` + Type *ThreatHuntingJobDataType `json:"type,omitempty"` // UnparsedObject contains the raw value of the object if there was an error when deserializing into the struct UnparsedObject map[string]interface{} `json:"-"` AdditionalProperties map[string]interface{} `json:"-"` } -// NewHistoricalJobResponseData instantiates a new HistoricalJobResponseData object. +// NewThreatHuntingJobResponseData instantiates a new ThreatHuntingJobResponseData object. // This constructor will assign default values to properties that have it defined, // and makes sure properties required by API are set, but the set of arguments // will change when the set of required properties is changed. -func NewHistoricalJobResponseData() *HistoricalJobResponseData { - this := HistoricalJobResponseData{} +func NewThreatHuntingJobResponseData() *ThreatHuntingJobResponseData { + this := ThreatHuntingJobResponseData{} return &this } -// NewHistoricalJobResponseDataWithDefaults instantiates a new HistoricalJobResponseData object. +// NewThreatHuntingJobResponseDataWithDefaults instantiates a new ThreatHuntingJobResponseData object. // This constructor will only assign default values to properties that have it defined, // but it doesn't guarantee that properties required by API are set. -func NewHistoricalJobResponseDataWithDefaults() *HistoricalJobResponseData { - this := HistoricalJobResponseData{} +func NewThreatHuntingJobResponseDataWithDefaults() *ThreatHuntingJobResponseData { + this := ThreatHuntingJobResponseData{} return &this } // GetAttributes returns the Attributes field value if set, zero value otherwise. -func (o *HistoricalJobResponseData) GetAttributes() HistoricalJobResponseAttributes { +func (o *ThreatHuntingJobResponseData) GetAttributes() ThreatHuntingJobResponseAttributes { if o == nil || o.Attributes == nil { - var ret HistoricalJobResponseAttributes + var ret ThreatHuntingJobResponseAttributes return ret } return *o.Attributes @@ -49,7 +49,7 @@ func (o *HistoricalJobResponseData) GetAttributes() HistoricalJobResponseAttribu // GetAttributesOk returns a tuple with the Attributes field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobResponseData) GetAttributesOk() (*HistoricalJobResponseAttributes, bool) { +func (o *ThreatHuntingJobResponseData) GetAttributesOk() (*ThreatHuntingJobResponseAttributes, bool) { if o == nil || o.Attributes == nil { return nil, false } @@ -57,17 +57,17 @@ func (o *HistoricalJobResponseData) GetAttributesOk() (*HistoricalJobResponseAtt } // HasAttributes returns a boolean if a field has been set. -func (o *HistoricalJobResponseData) HasAttributes() bool { +func (o *ThreatHuntingJobResponseData) HasAttributes() bool { return o != nil && o.Attributes != nil } -// SetAttributes gets a reference to the given HistoricalJobResponseAttributes and assigns it to the Attributes field. -func (o *HistoricalJobResponseData) SetAttributes(v HistoricalJobResponseAttributes) { +// SetAttributes gets a reference to the given ThreatHuntingJobResponseAttributes and assigns it to the Attributes field. +func (o *ThreatHuntingJobResponseData) SetAttributes(v ThreatHuntingJobResponseAttributes) { o.Attributes = &v } // GetId returns the Id field value if set, zero value otherwise. -func (o *HistoricalJobResponseData) GetId() string { +func (o *ThreatHuntingJobResponseData) GetId() string { if o == nil || o.Id == nil { var ret string return ret @@ -77,7 +77,7 @@ func (o *HistoricalJobResponseData) GetId() string { // GetIdOk returns a tuple with the Id field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobResponseData) GetIdOk() (*string, bool) { +func (o *ThreatHuntingJobResponseData) GetIdOk() (*string, bool) { if o == nil || o.Id == nil { return nil, false } @@ -85,19 +85,19 @@ func (o *HistoricalJobResponseData) GetIdOk() (*string, bool) { } // HasId returns a boolean if a field has been set. -func (o *HistoricalJobResponseData) HasId() bool { +func (o *ThreatHuntingJobResponseData) HasId() bool { return o != nil && o.Id != nil } // SetId gets a reference to the given string and assigns it to the Id field. -func (o *HistoricalJobResponseData) SetId(v string) { +func (o *ThreatHuntingJobResponseData) SetId(v string) { o.Id = &v } // GetType returns the Type field value if set, zero value otherwise. -func (o *HistoricalJobResponseData) GetType() HistoricalJobDataType { +func (o *ThreatHuntingJobResponseData) GetType() ThreatHuntingJobDataType { if o == nil || o.Type == nil { - var ret HistoricalJobDataType + var ret ThreatHuntingJobDataType return ret } return *o.Type @@ -105,7 +105,7 @@ func (o *HistoricalJobResponseData) GetType() HistoricalJobDataType { // GetTypeOk returns a tuple with the Type field value if set, nil otherwise // and a boolean to check if the value has been set. -func (o *HistoricalJobResponseData) GetTypeOk() (*HistoricalJobDataType, bool) { +func (o *ThreatHuntingJobResponseData) GetTypeOk() (*ThreatHuntingJobDataType, bool) { if o == nil || o.Type == nil { return nil, false } @@ -113,17 +113,17 @@ func (o *HistoricalJobResponseData) GetTypeOk() (*HistoricalJobDataType, bool) { } // HasType returns a boolean if a field has been set. -func (o *HistoricalJobResponseData) HasType() bool { +func (o *ThreatHuntingJobResponseData) HasType() bool { return o != nil && o.Type != nil } -// SetType gets a reference to the given HistoricalJobDataType and assigns it to the Type field. -func (o *HistoricalJobResponseData) SetType(v HistoricalJobDataType) { +// SetType gets a reference to the given ThreatHuntingJobDataType and assigns it to the Type field. +func (o *ThreatHuntingJobResponseData) SetType(v ThreatHuntingJobDataType) { o.Type = &v } // MarshalJSON serializes the struct using spec logic. -func (o HistoricalJobResponseData) MarshalJSON() ([]byte, error) { +func (o ThreatHuntingJobResponseData) MarshalJSON() ([]byte, error) { toSerialize := map[string]interface{}{} if o.UnparsedObject != nil { return datadog.Marshal(o.UnparsedObject) @@ -145,11 +145,11 @@ func (o HistoricalJobResponseData) MarshalJSON() ([]byte, error) { } // UnmarshalJSON deserializes the given payload. -func (o *HistoricalJobResponseData) UnmarshalJSON(bytes []byte) (err error) { +func (o *ThreatHuntingJobResponseData) UnmarshalJSON(bytes []byte) (err error) { all := struct { - Attributes *HistoricalJobResponseAttributes `json:"attributes,omitempty"` - Id *string `json:"id,omitempty"` - Type *HistoricalJobDataType `json:"type,omitempty"` + Attributes *ThreatHuntingJobResponseAttributes `json:"attributes,omitempty"` + Id *string `json:"id,omitempty"` + Type *ThreatHuntingJobDataType `json:"type,omitempty"` }{} if err = datadog.Unmarshal(bytes, &all); err != nil { return datadog.Unmarshal(bytes, &o.UnparsedObject) diff --git a/examples/v2/security-monitoring/CancelThreatHuntingJob.go b/examples/v2/security-monitoring/CancelThreatHuntingJob.go new file mode 100644 index 00000000000..f96d3c90527 --- /dev/null +++ b/examples/v2/security-monitoring/CancelThreatHuntingJob.go @@ -0,0 +1,26 @@ +// Cancel a threat hunting job returns "OK" response + +package main + +import ( + "context" + "fmt" + "os" + + "github.com/DataDog/datadog-api-client-go/v2/api/datadog" + "github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" +) + +func main() { + ctx := datadog.NewDefaultContext(context.Background()) + configuration := datadog.NewConfiguration() + configuration.SetUnstableOperationEnabled("v2.CancelThreatHuntingJob", true) + apiClient := datadog.NewAPIClient(configuration) + api := datadogV2.NewSecurityMonitoringApi(apiClient) + r, err := api.CancelThreatHuntingJob(ctx, "job_id") + + if err != nil { + fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.CancelThreatHuntingJob`: %v\n", err) + fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) + } +} diff --git a/examples/v2/security-monitoring/CancelHistoricalJob.go b/examples/v2/security-monitoring/CancelThreatHuntingJob_1945505845.go similarity index 61% rename from examples/v2/security-monitoring/CancelHistoricalJob.go rename to examples/v2/security-monitoring/CancelThreatHuntingJob_1945505845.go index 7b4f2aab3a7..b1e2a2ed362 100644 --- a/examples/v2/security-monitoring/CancelHistoricalJob.go +++ b/examples/v2/security-monitoring/CancelThreatHuntingJob_1945505845.go @@ -12,19 +12,19 @@ import ( ) func main() { - // there is a valid "historical_job" in the system - HistoricalJobDataID := os.Getenv("HISTORICAL_JOB_DATA_ID") + // there is a valid "threat_hunting_job" in the system + ThreatHuntingJobDataID := os.Getenv("THREAT_HUNTING_JOB_DATA_ID") ctx := datadog.NewDefaultContext(context.Background()) configuration := datadog.NewConfiguration() - configuration.SetUnstableOperationEnabled("v2.CancelHistoricalJob", true) - configuration.SetUnstableOperationEnabled("v2.RunHistoricalJob", true) + configuration.SetUnstableOperationEnabled("v2.CancelThreatHuntingJob", true) + configuration.SetUnstableOperationEnabled("v2.RunThreatHuntingJob", true) apiClient := datadog.NewAPIClient(configuration) api := datadogV2.NewSecurityMonitoringApi(apiClient) - r, err := api.CancelHistoricalJob(ctx, HistoricalJobDataID) + r, err := api.CancelThreatHuntingJob(ctx, ThreatHuntingJobDataID) if err != nil { - fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.CancelHistoricalJob`: %v\n", err) + fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.CancelThreatHuntingJob`: %v\n", err) fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) } } diff --git a/examples/v2/security-monitoring/DeleteHistoricalJob.go b/examples/v2/security-monitoring/DeleteThreatHuntingJob.go similarity index 77% rename from examples/v2/security-monitoring/DeleteHistoricalJob.go rename to examples/v2/security-monitoring/DeleteThreatHuntingJob.go index 1a2d77d4e76..8505aef7de0 100644 --- a/examples/v2/security-monitoring/DeleteHistoricalJob.go +++ b/examples/v2/security-monitoring/DeleteThreatHuntingJob.go @@ -14,13 +14,13 @@ import ( func main() { ctx := datadog.NewDefaultContext(context.Background()) configuration := datadog.NewConfiguration() - configuration.SetUnstableOperationEnabled("v2.DeleteHistoricalJob", true) + configuration.SetUnstableOperationEnabled("v2.DeleteThreatHuntingJob", true) apiClient := datadog.NewAPIClient(configuration) api := datadogV2.NewSecurityMonitoringApi(apiClient) - r, err := api.DeleteHistoricalJob(ctx, "job_id") + r, err := api.DeleteThreatHuntingJob(ctx, "job_id") if err != nil { - fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.DeleteHistoricalJob`: %v\n", err) + fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.DeleteThreatHuntingJob`: %v\n", err) fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) } } diff --git a/examples/v2/security-monitoring/GetHistoricalJob.go b/examples/v2/security-monitoring/GetThreatHuntingJob.go similarity index 62% rename from examples/v2/security-monitoring/GetHistoricalJob.go rename to examples/v2/security-monitoring/GetThreatHuntingJob.go index f04254617a6..53908e5b249 100644 --- a/examples/v2/security-monitoring/GetHistoricalJob.go +++ b/examples/v2/security-monitoring/GetThreatHuntingJob.go @@ -13,22 +13,22 @@ import ( ) func main() { - // there is a valid "historical_job" in the system - HistoricalJobDataID := os.Getenv("HISTORICAL_JOB_DATA_ID") + // there is a valid "threat_hunting_job" in the system + ThreatHuntingJobDataID := os.Getenv("THREAT_HUNTING_JOB_DATA_ID") ctx := datadog.NewDefaultContext(context.Background()) configuration := datadog.NewConfiguration() - configuration.SetUnstableOperationEnabled("v2.GetHistoricalJob", true) - configuration.SetUnstableOperationEnabled("v2.RunHistoricalJob", true) + configuration.SetUnstableOperationEnabled("v2.GetThreatHuntingJob", true) + configuration.SetUnstableOperationEnabled("v2.RunThreatHuntingJob", true) apiClient := datadog.NewAPIClient(configuration) api := datadogV2.NewSecurityMonitoringApi(apiClient) - resp, r, err := api.GetHistoricalJob(ctx, HistoricalJobDataID) + resp, r, err := api.GetThreatHuntingJob(ctx, ThreatHuntingJobDataID) if err != nil { - fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.GetHistoricalJob`: %v\n", err) + fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.GetThreatHuntingJob`: %v\n", err) fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) } responseContent, _ := json.MarshalIndent(resp, "", " ") - fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.GetHistoricalJob`:\n%s\n", responseContent) + fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.GetThreatHuntingJob`:\n%s\n", responseContent) } diff --git a/examples/v2/security-monitoring/ListThreatHuntingJobs.go b/examples/v2/security-monitoring/ListThreatHuntingJobs.go new file mode 100644 index 00000000000..68e5a56658d --- /dev/null +++ b/examples/v2/security-monitoring/ListThreatHuntingJobs.go @@ -0,0 +1,30 @@ +// List threat hunting jobs returns "OK" response + +package main + +import ( + "context" + "encoding/json" + "fmt" + "os" + + "github.com/DataDog/datadog-api-client-go/v2/api/datadog" + "github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" +) + +func main() { + ctx := datadog.NewDefaultContext(context.Background()) + configuration := datadog.NewConfiguration() + configuration.SetUnstableOperationEnabled("v2.ListThreatHuntingJobs", true) + apiClient := datadog.NewAPIClient(configuration) + api := datadogV2.NewSecurityMonitoringApi(apiClient) + resp, r, err := api.ListThreatHuntingJobs(ctx, *datadogV2.NewListThreatHuntingJobsOptionalParameters()) + + if err != nil { + fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.ListThreatHuntingJobs`: %v\n", err) + fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) + } + + responseContent, _ := json.MarshalIndent(resp, "", " ") + fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.ListThreatHuntingJobs`:\n%s\n", responseContent) +} diff --git a/examples/v2/security-monitoring/ListHistoricalJobs.go b/examples/v2/security-monitoring/ListThreatHuntingJobs_1365512061.go similarity index 62% rename from examples/v2/security-monitoring/ListHistoricalJobs.go rename to examples/v2/security-monitoring/ListThreatHuntingJobs_1365512061.go index a0406a22ada..a7aff9f353e 100644 --- a/examples/v2/security-monitoring/ListHistoricalJobs.go +++ b/examples/v2/security-monitoring/ListThreatHuntingJobs_1365512061.go @@ -13,21 +13,21 @@ import ( ) func main() { - // there is a valid "historical_job" in the system + // there is a valid "threat_hunting_job" in the system ctx := datadog.NewDefaultContext(context.Background()) configuration := datadog.NewConfiguration() - configuration.SetUnstableOperationEnabled("v2.ListHistoricalJobs", true) - configuration.SetUnstableOperationEnabled("v2.RunHistoricalJob", true) + configuration.SetUnstableOperationEnabled("v2.ListThreatHuntingJobs", true) + configuration.SetUnstableOperationEnabled("v2.RunThreatHuntingJob", true) apiClient := datadog.NewAPIClient(configuration) api := datadogV2.NewSecurityMonitoringApi(apiClient) - resp, r, err := api.ListHistoricalJobs(ctx, *datadogV2.NewListHistoricalJobsOptionalParameters().WithFilterQuery("id:string")) + resp, r, err := api.ListThreatHuntingJobs(ctx, *datadogV2.NewListThreatHuntingJobsOptionalParameters().WithFilterQuery("id:string")) if err != nil { - fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.ListHistoricalJobs`: %v\n", err) + fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.ListThreatHuntingJobs`: %v\n", err) fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) } responseContent, _ := json.MarshalIndent(resp, "", " ") - fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.ListHistoricalJobs`:\n%s\n", responseContent) + fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.ListThreatHuntingJobs`:\n%s\n", responseContent) } diff --git a/examples/v2/security-monitoring/RunHistoricalJob.go b/examples/v2/security-monitoring/RunThreatHuntingJob.go similarity index 74% rename from examples/v2/security-monitoring/RunHistoricalJob.go rename to examples/v2/security-monitoring/RunThreatHuntingJob.go index 6a1702d52f1..2767990cb67 100644 --- a/examples/v2/security-monitoring/RunHistoricalJob.go +++ b/examples/v2/security-monitoring/RunThreatHuntingJob.go @@ -1,4 +1,4 @@ -// Run a historical job returns "Status created" response +// Run a threat hunting job returns "Status created" response package main @@ -13,14 +13,14 @@ import ( ) func main() { - body := datadogV2.RunHistoricalJobRequest{ - Data: &datadogV2.RunHistoricalJobRequestData{ - Type: datadogV2.RUNHISTORICALJOBREQUESTDATATYPE_HISTORICALDETECTIONSJOBCREATE.Ptr(), - Attributes: &datadogV2.RunHistoricalJobRequestAttributes{ + body := datadogV2.RunThreatHuntingJobRequest{ + Data: &datadogV2.RunThreatHuntingJobRequestData{ + Type: datadogV2.RUNTHREATHUNTINGJOBREQUESTDATATYPE_HISTORICALDETECTIONSJOBCREATE.Ptr(), + Attributes: &datadogV2.RunThreatHuntingJobRequestAttributes{ JobDefinition: &datadogV2.JobDefinition{ Type: datadog.PtrString("log_detection"), Name: "Excessive number of failed attempts.", - Queries: []datadogV2.HistoricalJobQuery{ + Queries: []datadogV2.ThreatHuntingJobQuery{ { Query: datadog.PtrString("source:non_existing_src_weekend"), Aggregation: datadogV2.SECURITYMONITORINGRULEQUERYAGGREGATION_COUNT.Ptr(), @@ -36,7 +36,7 @@ func main() { Condition: datadog.PtrString("a > 1"), }, }, - Options: &datadogV2.HistoricalJobOptions{ + Options: &datadogV2.ThreatHuntingJobOptions{ KeepAlive: datadogV2.SECURITYMONITORINGRULEKEEPALIVE_ONE_HOUR.Ptr(), MaxSignalDuration: datadogV2.SECURITYMONITORINGRULEMAXSIGNALDURATION_ONE_DAY.Ptr(), EvaluationWindow: datadogV2.SECURITYMONITORINGRULEEVALUATIONWINDOW_FIFTEEN_MINUTES.Ptr(), @@ -52,16 +52,16 @@ func main() { } ctx := datadog.NewDefaultContext(context.Background()) configuration := datadog.NewConfiguration() - configuration.SetUnstableOperationEnabled("v2.RunHistoricalJob", true) + configuration.SetUnstableOperationEnabled("v2.RunThreatHuntingJob", true) apiClient := datadog.NewAPIClient(configuration) api := datadogV2.NewSecurityMonitoringApi(apiClient) - resp, r, err := api.RunHistoricalJob(ctx, body) + resp, r, err := api.RunThreatHuntingJob(ctx, body) if err != nil { - fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.RunHistoricalJob`: %v\n", err) + fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.RunThreatHuntingJob`: %v\n", err) fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) } responseContent, _ := json.MarshalIndent(resp, "", " ") - fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.RunHistoricalJob`:\n%s\n", responseContent) + fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.RunThreatHuntingJob`:\n%s\n", responseContent) } diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_Bad_Request_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_Bad_Request_response.freeze index bf92f15d9de..633b88ea1af 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_Bad_Request_response.freeze +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_Bad_Request_response.freeze @@ -1 +1 @@ -2024-11-08T09:54:38.539Z \ No newline at end of file +2025-10-24T14:24:00.041Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_Bad_Request_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_Bad_Request_response.yaml index 5d008597155..f88c1f86299 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_Bad_Request_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_Bad_Request_response.yaml @@ -7,7 +7,7 @@ interactions: - '*/*' id: 0 method: PATCH - url: https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/inva-lid/cancel + url: https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/inva-lid/cancel response: body: '{"errors":[{"status":"400","detail":"invalid jobId"}]}' code: 400 diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_Not_Found_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_Not_Found_response.freeze index 8bf8faeef38..213014e1d2d 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_Not_Found_response.freeze +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_Not_Found_response.freeze @@ -1 +1 @@ -2024-11-08T09:54:39.006Z \ No newline at end of file +2025-10-24T14:24:00.856Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_Not_Found_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_Not_Found_response.yaml index 8494055a81e..bd957a8ba7e 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_Not_Found_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_Not_Found_response.yaml @@ -7,10 +7,9 @@ interactions: - '*/*' id: 0 method: PATCH - url: https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93/cancel + url: https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93/cancel response: - body: '{"errors":[{"status":"404","title":"Not Found","detail":"Job 8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93 - was not found."}]}' + body: '{"errors":[{"status":"404","detail":"Not Found"}]}' code: 404 duration: 0ms headers: diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_OK_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_OK_response.freeze index 8eee63f586c..9b9326abb8c 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_OK_response.freeze +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_OK_response.freeze @@ -1 +1 @@ -2024-11-08T09:54:39.082Z \ No newline at end of file +2025-10-24T14:24:00.975Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_OK_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_OK_response.yaml index 9d4ed51e7d2..aa71e5f3567 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_OK_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Cancel_a_historical_job_returns_OK_response.yaml @@ -10,9 +10,9 @@ interactions: - application/json id: 0 method: POST - url: https://api.datadoghq.com/api/v2/siem-historical-detections/jobs + url: https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs response: - body: '{"data":{"id":"e332b07e-d573-45fa-b2df-9a1bcc27f17e","type":"historicalDetectionsJob"}}' + body: '{"data":{"id":"cafe565c-106b-486e-ad21-a712656723b4","type":"historicalDetectionsJob"}}' code: 201 duration: 0ms headers: @@ -27,7 +27,7 @@ interactions: - '*/*' id: 1 method: PATCH - url: https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/e332b07e-d573-45fa-b2df-9a1bcc27f17e/cancel + url: https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/cafe565c-106b-486e-ad21-a712656723b4/cancel response: body: '' code: 204 diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Convert_a_job_result_to_a_signal_returns_Bad_Request_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Convert_a_job_result_to_a_signal_returns_Bad_Request_response.freeze index b819957f316..ba1f583e595 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Convert_a_job_result_to_a_signal_returns_Bad_Request_response.freeze +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Convert_a_job_result_to_a_signal_returns_Bad_Request_response.freeze @@ -1 +1 @@ -2024-11-08T09:54:39.280Z \ No newline at end of file +2025-10-24T14:24:01.235Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Convert_a_job_result_to_a_signal_returns_Bad_Request_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Convert_a_job_result_to_a_signal_returns_Bad_Request_response.yaml index 213219d6a85..241c55eed53 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Convert_a_job_result_to_a_signal_returns_Bad_Request_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Convert_a_job_result_to_a_signal_returns_Bad_Request_response.yaml @@ -10,7 +10,7 @@ interactions: - application/json id: 0 method: POST - url: https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/signal_convert + url: https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/signal_convert response: body: '{"errors":[{"status":"400","title":"Generic Error","detail":"empty jobResultId provided"}]}' diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_job_returns_Bad_Request_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_job_returns_Bad_Request_response.freeze index 553556ed2e1..cf2f32dfa3e 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_job_returns_Bad_Request_response.freeze +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_job_returns_Bad_Request_response.freeze @@ -1 +1 @@ -2024-11-08T09:54:39.371Z \ No newline at end of file +2025-10-24T14:24:01.339Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_job_returns_Bad_Request_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_job_returns_Bad_Request_response.yaml index 66eb1570ebc..71f01827057 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_job_returns_Bad_Request_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_job_returns_Bad_Request_response.yaml @@ -7,7 +7,7 @@ interactions: - '*/*' id: 0 method: DELETE - url: https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/inva-lid + url: https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/inva-lid response: body: '{"errors":[{"status":"400","title":"Generic Error","detail":"invalid jobId"}]}' code: 400 diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_job_returns_Not_Found_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_job_returns_Not_Found_response.freeze index e02fd6acb10..68a6b0aca24 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_job_returns_Not_Found_response.freeze +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_job_returns_Not_Found_response.freeze @@ -1 +1 @@ -2024-11-08T09:54:39.455Z \ No newline at end of file +2025-10-24T14:24:01.428Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_job_returns_Not_Found_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_job_returns_Not_Found_response.yaml index 727056e2169..539d27374d6 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_job_returns_Not_Found_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_job_returns_Not_Found_response.yaml @@ -7,10 +7,9 @@ interactions: - '*/*' id: 0 method: DELETE - url: https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93 + url: https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93 response: - body: '{"errors":[{"status":"404","title":"Not Found","detail":"Job 8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93 - was not found."}]}' + body: '{"errors":[{"status":"404","detail":"Not Found"}]}' code: 404 duration: 0ms headers: diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_Bad_Request_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_Bad_Request_response.freeze index 14e96034851..fa7eb2eaf3b 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_Bad_Request_response.freeze +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_Bad_Request_response.freeze @@ -1 +1 @@ -2024-11-08T09:54:39.538Z \ No newline at end of file +2025-10-24T14:24:01.540Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_Bad_Request_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_Bad_Request_response.yaml index 9da1f83a915..91f56e83258 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_Bad_Request_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_Bad_Request_response.yaml @@ -7,7 +7,7 @@ interactions: - application/json id: 0 method: GET - url: https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/inva-lid + url: https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/inva-lid response: body: '{"errors":[{"status":"400","detail":"invalid jobId"}]}' code: 400 diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_Not_Found_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_Not_Found_response.freeze index 5cc9a16c879..8b7389cc8ba 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_Not_Found_response.freeze +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_Not_Found_response.freeze @@ -1 +1 @@ -2024-11-08T09:54:39.611Z \ No newline at end of file +2025-10-24T14:24:01.618Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_Not_Found_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_Not_Found_response.yaml index ee14b84c19c..40df2933ceb 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_Not_Found_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_Not_Found_response.yaml @@ -7,7 +7,7 @@ interactions: - application/json id: 0 method: GET - url: https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93 + url: https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93 response: body: '{"errors":[{"status":"404","title":"Not Found","detail":"Job 8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93 was not found."}]}' diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_OK_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_OK_response.freeze index 34c6fa06848..6994ed27070 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_OK_response.freeze +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_OK_response.freeze @@ -1 +1 @@ -2024-12-18T17:02:38.823Z \ No newline at end of file +2025-10-24T14:24:01.707Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_OK_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_OK_response.yaml index feb6e889d69..67000642686 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_OK_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_jobs_details_returns_OK_response.yaml @@ -10,9 +10,9 @@ interactions: - application/json id: 0 method: POST - url: https://api.datadoghq.com/api/v2/siem-historical-detections/jobs + url: https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs response: - body: '{"data":{"id":"fa90e7ac-998d-4bf4-9d32-2e831a1e9479","type":"historicalDetectionsJob"}}' + body: '{"data":{"id":"071b3516-4072-44d9-9288-d4adaa1db921","type":"historicalDetectionsJob"}}' code: 201 duration: 0ms headers: @@ -27,15 +27,15 @@ interactions: - application/json id: 1 method: GET - url: https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/fa90e7ac-998d-4bf4-9d32-2e831a1e9479 + url: https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/071b3516-4072-44d9-9288-d4adaa1db921 response: - body: '{"data":{"id":"fa90e7ac-998d-4bf4-9d32-2e831a1e9479","type":"historicalDetectionsJob","attributes":{"createdAt":"2024-12-18 - 17:02:39.551791+00","createdByHandle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","createdByName":"CI + body: '{"data":{"id":"071b3516-4072-44d9-9288-d4adaa1db921","type":"historicalDetectionsJob","attributes":{"createdAt":"2025-10-24 + 14:24:02.057923+00","createdByHandle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","createdByName":"CI Account","jobDefinition":{"from":1730387522611,"to":1730387532611,"index":"main","name":"Excessive number of failed attempts.","cases":[{"name":"Condition 1","status":"info","notifications":[],"condition":"a - \u003e 1"}],"queries":[{"query":"source:non_existing_src_weekend","groupByFields":[],"hasOptionalGroupByFields":false,"distinctFields":[],"aggregation":"count","name":""}],"options":{"evaluationWindow":900,"detectionMethod":"threshold","maxSignalDuration":86400,"keepAlive":3600},"message":"A + \u003e 1"}],"queries":[{"query":"source:non_existing_src_weekend","groupByFields":[],"hasOptionalGroupByFields":false,"distinctFields":[],"aggregation":"count","name":"","dataSource":"logs"}],"options":{"evaluationWindow":900,"detectionMethod":"threshold","maxSignalDuration":86400,"keepAlive":3600},"message":"A large number of failed login attempts.","tags":[],"type":"log_detection"},"jobName":"Excessive - number of failed attempts.","jobStatus":"pending","modifiedAt":"2024-12-18 17:02:39.551791+00"}}}' + number of failed attempts.","jobStatus":"pending","modifiedAt":"2025-10-24 14:24:02.057923+00"}}}' code: 200 duration: 0ms headers: diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_List_historical_jobs_returns_OK_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_List_historical_jobs_returns_OK_response.freeze index b139681f648..2c0d4ff4e33 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_List_historical_jobs_returns_OK_response.freeze +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_List_historical_jobs_returns_OK_response.freeze @@ -1 +1 @@ -2024-12-18T17:02:39.880Z \ No newline at end of file +2025-10-24T14:24:02.188Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_List_historical_jobs_returns_OK_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_List_historical_jobs_returns_OK_response.yaml index 71370c98518..d084e74fd8d 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_List_historical_jobs_returns_OK_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_List_historical_jobs_returns_OK_response.yaml @@ -10,9 +10,9 @@ interactions: - application/json id: 0 method: POST - url: https://api.datadoghq.com/api/v2/siem-historical-detections/jobs + url: https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs response: - body: '{"data":{"id":"7b16f110-0ce9-46cd-9dad-b658ced2ac50","type":"historicalDetectionsJob"}}' + body: '{"data":{"id":"e935c6c8-ba76-4ebf-8770-bb772a5ec1ed","type":"historicalDetectionsJob"}}' code: 201 duration: 0ms headers: @@ -27,15 +27,15 @@ interactions: - application/json id: 1 method: GET - url: https://api.datadoghq.com/api/v2/siem-historical-detections/jobs?filter%5Bquery%5D=id%3A7b16f110-0ce9-46cd-9dad-b658ced2ac50 + url: https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs?filter%5Bquery%5D=id%3Ae935c6c8-ba76-4ebf-8770-bb772a5ec1ed response: - body: '{"data":[{"id":"7b16f110-0ce9-46cd-9dad-b658ced2ac50","type":"historicalDetectionsJob","attributes":{"createdAt":"2024-12-18 - 17:02:40.144396+00","createdByHandle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","createdByName":"CI + body: '{"data":[{"id":"e935c6c8-ba76-4ebf-8770-bb772a5ec1ed","type":"historicalDetectionsJob","attributes":{"createdAt":"2025-10-24 + 14:24:02.256887+00","createdByHandle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","createdByName":"CI Account","jobDefinition":{"from":1730387522611,"to":1730387532611,"index":"main","name":"Excessive number of failed attempts.","cases":[{"name":"Condition 1","status":"info","notifications":[],"condition":"a - \u003e 1"}],"queries":[{"query":"source:non_existing_src_weekend","groupByFields":[],"hasOptionalGroupByFields":false,"distinctFields":[],"aggregation":"count","name":""}],"options":{"evaluationWindow":900,"detectionMethod":"threshold","maxSignalDuration":86400,"keepAlive":3600},"message":"A + \u003e 1"}],"queries":[{"query":"source:non_existing_src_weekend","groupByFields":[],"hasOptionalGroupByFields":false,"distinctFields":[],"aggregation":"count","name":"","dataSource":"logs"}],"options":{"evaluationWindow":900,"detectionMethod":"threshold","maxSignalDuration":86400,"keepAlive":3600},"message":"A large number of failed login attempts.","tags":[],"type":"log_detection"},"jobName":"Excessive - number of failed attempts.","jobStatus":"pending","modifiedAt":"2024-12-18 17:02:40.144396+00"}}],"meta":{"totalCount":1}}' + number of failed attempts.","jobStatus":"pending","modifiedAt":"2025-10-24 14:24:02.256887+00"}}],"meta":{"totalCount":1}}' code: 200 duration: 0ms headers: diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_historical_job_returns_Bad_Request_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_historical_job_returns_Bad_Request_response.freeze deleted file mode 100644 index 9720094d000..00000000000 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_historical_job_returns_Bad_Request_response.freeze +++ /dev/null @@ -1 +0,0 @@ -2024-11-08T09:54:40.114Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_historical_job_returns_Not_Found_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_historical_job_returns_Not_Found_response.freeze deleted file mode 100644 index 376ccf5d386..00000000000 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_historical_job_returns_Not_Found_response.freeze +++ /dev/null @@ -1 +0,0 @@ -2025-06-26T16:57:47.524Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_historical_job_returns_Status_created_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_historical_job_returns_Status_created_response.freeze deleted file mode 100644 index 3e9fdecb999..00000000000 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_historical_job_returns_Status_created_response.freeze +++ /dev/null @@ -1 +0,0 @@ -2024-11-08T09:54:40.272Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_threat_hunting_job_returns_Bad_Request_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_threat_hunting_job_returns_Bad_Request_response.freeze new file mode 100644 index 00000000000..3776cfacfd8 --- /dev/null +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_threat_hunting_job_returns_Bad_Request_response.freeze @@ -0,0 +1 @@ +2025-10-24T14:24:02.385Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_historical_job_returns_Bad_Request_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_threat_hunting_job_returns_Bad_Request_response.yaml similarity index 93% rename from tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_historical_job_returns_Bad_Request_response.yaml rename to tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_threat_hunting_job_returns_Bad_Request_response.yaml index d7ecf97f3d6..c9269b0365b 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_historical_job_returns_Bad_Request_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_threat_hunting_job_returns_Bad_Request_response.yaml @@ -10,7 +10,7 @@ interactions: - application/json id: 0 method: POST - url: https://api.datadoghq.com/api/v2/siem-historical-detections/jobs + url: https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs response: body: '{"errors":["input_validation_error(Field ''index'' is invalid: Invalid index): Index must exist"]}' diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_threat_hunting_job_returns_Not_Found_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_threat_hunting_job_returns_Not_Found_response.freeze new file mode 100644 index 00000000000..9cda11fb151 --- /dev/null +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_threat_hunting_job_returns_Not_Found_response.freeze @@ -0,0 +1 @@ +2025-10-24T14:24:02.486Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_historical_job_returns_Not_Found_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_threat_hunting_job_returns_Not_Found_response.yaml similarity index 88% rename from tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_historical_job_returns_Not_Found_response.yaml rename to tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_threat_hunting_job_returns_Not_Found_response.yaml index c9aa8b687e4..f05abe41ade 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_historical_job_returns_Not_Found_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_threat_hunting_job_returns_Not_Found_response.yaml @@ -10,7 +10,7 @@ interactions: - application/json id: 0 method: POST - url: https://api.datadoghq.com/api/v2/siem-historical-detections/jobs + url: https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs response: body: '{"errors":[{"status":"404","title":"Not Found"}]}' code: 404 diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_threat_hunting_job_returns_Status_created_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_threat_hunting_job_returns_Status_created_response.freeze new file mode 100644 index 00000000000..f914d8b2412 --- /dev/null +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_threat_hunting_job_returns_Status_created_response.freeze @@ -0,0 +1 @@ +2025-10-24T14:24:02.570Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_historical_job_returns_Status_created_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_threat_hunting_job_returns_Status_created_response.yaml similarity index 86% rename from tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_historical_job_returns_Status_created_response.yaml rename to tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_threat_hunting_job_returns_Status_created_response.yaml index 0945edbd6fd..353ad9fdcbf 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_historical_job_returns_Status_created_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Run_a_threat_hunting_job_returns_Status_created_response.yaml @@ -10,9 +10,9 @@ interactions: - application/json id: 0 method: POST - url: https://api.datadoghq.com/api/v2/siem-historical-detections/jobs + url: https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs response: - body: '{"data":{"id":"6f4c9c40-782b-4d14-900f-65ccc02389db","type":"historicalDetectionsJob"}}' + body: '{"data":{"id":"6ff7a8ce-a0d1-4ea3-8cc9-e9c52cda0d24","type":"historicalDetectionsJob"}}' code: 201 duration: 0ms headers: diff --git a/tests/scenarios/features/v2/gcp_integration.feature b/tests/scenarios/features/v2/gcp_integration.feature index 935adb2d93b..6d47a1508eb 100644 --- a/tests/scenarios/features/v2/gcp_integration.feature +++ b/tests/scenarios/features/v2/gcp_integration.feature @@ -34,14 +34,14 @@ Feature: GCP Integration @generated @skip @team:DataDog/gcp-integrations Scenario: Create a new entry for your service account returns "Bad Request" response Given new "CreateGCPSTSAccount" request - And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "cloud_run_revision_filters": ["$KEY:$VALUE"], "host_filters": ["$KEY:$VALUE"], "is_per_project_quota_enabled": true, "is_resource_change_collection_enabled": true, "is_security_command_center_enabled": true, "metric_namespace_configs": [{"disabled": true, "id": "aiplatform"}], "monitored_resource_configs": [{"filters": ["$KEY:$VALUE"], "type": "gce_instance"}]}, "type": "gcp_service_account"}} + And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "cloud_run_revision_filters": ["$KEY:$VALUE"], "host_filters": ["$KEY:$VALUE"], "is_per_project_quota_enabled": true, "is_resource_change_collection_enabled": true, "is_security_command_center_enabled": true, "metric_namespace_configs": [{"disabled": true, "id": "aiplatform"}, {"filters": ["snapshot.*", "!*_by_region"], "id": "pubsub"}], "monitored_resource_configs": [{"filters": ["$KEY:$VALUE"], "type": "gce_instance"}]}, "type": "gcp_service_account"}} When the request is sent Then the response status is 400 Bad Request @generated @skip @team:DataDog/gcp-integrations Scenario: Create a new entry for your service account returns "Conflict" response Given new "CreateGCPSTSAccount" request - And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "cloud_run_revision_filters": ["$KEY:$VALUE"], "host_filters": ["$KEY:$VALUE"], "is_per_project_quota_enabled": true, "is_resource_change_collection_enabled": true, "is_security_command_center_enabled": true, "metric_namespace_configs": [{"disabled": true, "id": "aiplatform"}], "monitored_resource_configs": [{"filters": ["$KEY:$VALUE"], "type": "gce_instance"}]}, "type": "gcp_service_account"}} + And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "cloud_run_revision_filters": ["$KEY:$VALUE"], "host_filters": ["$KEY:$VALUE"], "is_per_project_quota_enabled": true, "is_resource_change_collection_enabled": true, "is_security_command_center_enabled": true, "metric_namespace_configs": [{"disabled": true, "id": "aiplatform"}, {"filters": ["snapshot.*", "!*_by_region"], "id": "pubsub"}], "monitored_resource_configs": [{"filters": ["$KEY:$VALUE"], "type": "gce_instance"}]}, "type": "gcp_service_account"}} When the request is sent Then the response status is 409 Conflict @@ -151,7 +151,7 @@ Feature: GCP Integration Scenario: Update STS Service Account returns "Bad Request" response Given new "UpdateGCPSTSAccount" request And request contains "account_id" parameter from "REPLACE.ME" - And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "cloud_run_revision_filters": ["$KEY:$VALUE"], "host_filters": ["$KEY:$VALUE"], "is_per_project_quota_enabled": true, "is_resource_change_collection_enabled": true, "is_security_command_center_enabled": true, "metric_namespace_configs": [{"disabled": true, "id": "aiplatform"}], "monitored_resource_configs": [{"filters": ["$KEY:$VALUE"], "type": "gce_instance"}]}, "id": "d291291f-12c2-22g4-j290-123456678897", "type": "gcp_service_account"}} + And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "cloud_run_revision_filters": ["$KEY:$VALUE"], "host_filters": ["$KEY:$VALUE"], "is_per_project_quota_enabled": true, "is_resource_change_collection_enabled": true, "is_security_command_center_enabled": true, "metric_namespace_configs": [{"disabled": true, "id": "aiplatform"}, {"filters": ["snapshot.*", "!*_by_region"], "id": "pubsub"}], "monitored_resource_configs": [{"filters": ["$KEY:$VALUE"], "type": "gce_instance"}]}, "id": "d291291f-12c2-22g4-j290-123456678897", "type": "gcp_service_account"}} When the request is sent Then the response status is 400 Bad Request @@ -159,7 +159,7 @@ Feature: GCP Integration Scenario: Update STS Service Account returns "Not Found" response Given new "UpdateGCPSTSAccount" request And request contains "account_id" parameter from "REPLACE.ME" - And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "cloud_run_revision_filters": ["$KEY:$VALUE"], "host_filters": ["$KEY:$VALUE"], "is_per_project_quota_enabled": true, "is_resource_change_collection_enabled": true, "is_security_command_center_enabled": true, "metric_namespace_configs": [{"disabled": true, "id": "aiplatform"}], "monitored_resource_configs": [{"filters": ["$KEY:$VALUE"], "type": "gce_instance"}]}, "id": "d291291f-12c2-22g4-j290-123456678897", "type": "gcp_service_account"}} + And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "cloud_run_revision_filters": ["$KEY:$VALUE"], "host_filters": ["$KEY:$VALUE"], "is_per_project_quota_enabled": true, "is_resource_change_collection_enabled": true, "is_security_command_center_enabled": true, "metric_namespace_configs": [{"disabled": true, "id": "aiplatform"}, {"filters": ["snapshot.*", "!*_by_region"], "id": "pubsub"}], "monitored_resource_configs": [{"filters": ["$KEY:$VALUE"], "type": "gce_instance"}]}, "id": "d291291f-12c2-22g4-j290-123456678897", "type": "gcp_service_account"}} When the request is sent Then the response status is 404 Not Found diff --git a/tests/scenarios/features/v2/given.json b/tests/scenarios/features/v2/given.json index a4ab9c24bd1..7c9df160aad 100644 --- a/tests/scenarios/features/v2/given.json +++ b/tests/scenarios/features/v2/given.json @@ -1086,10 +1086,10 @@ "value": "{\n \"data\": {\n \"type\": \"historicalDetectionsJobCreate\",\n \"attributes\": {\n \"jobDefinition\": {\n \"type\": \"log_detection\",\n \"name\": \"Excessive number of failed attempts.\",\n \"queries\": [\n {\n \"query\": \"source:non_existing_src_weekend\",\n \"aggregation\": \"count\",\n \"groupByFields\": [],\n \"distinctFields\": []\n }\n ],\n \"cases\": [\n {\n \"name\": \"Condition 1\",\n \"status\": \"info\",\n \"notifications\": [],\n \"condition\": \"a > 1\"\n }\n ],\n \"options\": {\n \"keepAlive\": 3600,\n \"maxSignalDuration\": 86400,\n \"evaluationWindow\": 900\n },\n \"message\": \"A large number of failed login attempts.\",\n \"tags\": [],\n \"from\": 1730387522611,\n \"to\": 1730387532611,\n \"index\": \"main\"\n }\n }\n }\n}" } ], - "step": "there is a valid \"historical_job\" in the system", - "key": "historical_job", + "step": "there is a valid \"threat_hunting_job\" in the system", + "key": "threat_hunting_job", "tag": "Security Monitoring", - "operationId": "RunHistoricalJob" + "operationId": "RunThreatHuntingJob" }, { "parameters": [ diff --git a/tests/scenarios/features/v2/security_monitoring.feature b/tests/scenarios/features/v2/security_monitoring.feature index 8e5e22baade..703fc3e460f 100644 --- a/tests/scenarios/features/v2/security_monitoring.feature +++ b/tests/scenarios/features/v2/security_monitoring.feature @@ -11,38 +11,62 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Cancel a historical job returns "Bad Request" response - Given operation "CancelHistoricalJob" enabled - And new "CancelHistoricalJob" request + Given operation "CancelThreatHuntingJob" enabled + And new "CancelThreatHuntingJob" request And request contains "job_id" parameter with value "inva-lid" When the request is sent Then the response status is 400 Bad Request - @generated @skip @team:DataDog/k9-cloud-security-platform - Scenario: Cancel a historical job returns "Conflict" response - Given operation "CancelHistoricalJob" enabled - And new "CancelHistoricalJob" request - And request contains "job_id" parameter from "REPLACE.ME" - When the request is sent - Then the response status is 409 Conflict - @team:DataDog/k9-cloud-security-platform Scenario: Cancel a historical job returns "Not Found" response - Given operation "CancelHistoricalJob" enabled - And new "CancelHistoricalJob" request + Given operation "CancelThreatHuntingJob" enabled + And new "CancelThreatHuntingJob" request And request contains "job_id" parameter with value "8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" When the request is sent Then the response status is 404 Not Found @team:DataDog/k9-cloud-security-platform Scenario: Cancel a historical job returns "OK" response - Given operation "CancelHistoricalJob" enabled - And operation "RunHistoricalJob" enabled - And new "CancelHistoricalJob" request - And there is a valid "historical_job" in the system - And request contains "job_id" parameter from "historical_job.data.id" + Given operation "CancelThreatHuntingJob" enabled + And operation "RunThreatHuntingJob" enabled + And new "CancelThreatHuntingJob" request + And there is a valid "threat_hunting_job" in the system + And request contains "job_id" parameter from "threat_hunting_job.data.id" When the request is sent Then the response status is 204 No Content + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Cancel a threat hunting job returns "Bad Request" response + Given operation "CancelThreatHuntingJob" enabled + And new "CancelThreatHuntingJob" request + And request contains "job_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Cancel a threat hunting job returns "Conflict" response + Given operation "CancelThreatHuntingJob" enabled + And new "CancelThreatHuntingJob" request + And request contains "job_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 409 Conflict + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Cancel a threat hunting job returns "Not Found" response + Given operation "CancelThreatHuntingJob" enabled + And new "CancelThreatHuntingJob" request + And request contains "job_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 404 Not Found + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Cancel a threat hunting job returns "OK" response + Given operation "CancelThreatHuntingJob" enabled + And new "CancelThreatHuntingJob" request + And request contains "job_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 204 OK + @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Change the related incidents of a security signal returns "Bad Request" response Given new "EditSecurityMonitoringSignalIncidents" request @@ -477,32 +501,32 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Delete an existing job returns "Bad Request" response - Given operation "DeleteHistoricalJob" enabled - And new "DeleteHistoricalJob" request + Given operation "DeleteThreatHuntingJob" enabled + And new "DeleteThreatHuntingJob" request And request contains "job_id" parameter with value "inva-lid" When the request is sent Then the response status is 400 Bad Request @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Delete an existing job returns "Conflict" response - Given operation "DeleteHistoricalJob" enabled - And new "DeleteHistoricalJob" request + Given operation "DeleteThreatHuntingJob" enabled + And new "DeleteThreatHuntingJob" request And request contains "job_id" parameter from "REPLACE.ME" When the request is sent Then the response status is 409 Conflict @team:DataDog/k9-cloud-security-platform Scenario: Delete an existing job returns "Not Found" response - Given operation "DeleteHistoricalJob" enabled - And new "DeleteHistoricalJob" request + Given operation "DeleteThreatHuntingJob" enabled + And new "DeleteThreatHuntingJob" request And request contains "job_id" parameter with value "8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" When the request is sent Then the response status is 404 Not Found @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Delete an existing job returns "OK" response - Given operation "DeleteHistoricalJob" enabled - And new "DeleteHistoricalJob" request + Given operation "DeleteThreatHuntingJob" enabled + And new "DeleteThreatHuntingJob" request And request contains "job_id" parameter from "REPLACE.ME" When the request is sent Then the response status is 204 OK @@ -627,27 +651,27 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Get a job's details returns "Bad Request" response - Given operation "GetHistoricalJob" enabled - And new "GetHistoricalJob" request + Given operation "GetThreatHuntingJob" enabled + And new "GetThreatHuntingJob" request And request contains "job_id" parameter with value "inva-lid" When the request is sent Then the response status is 400 Bad Request @team:DataDog/k9-cloud-security-platform Scenario: Get a job's details returns "Not Found" response - Given operation "GetHistoricalJob" enabled - And new "GetHistoricalJob" request + Given operation "GetThreatHuntingJob" enabled + And new "GetThreatHuntingJob" request And request contains "job_id" parameter with value "8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" When the request is sent Then the response status is 404 Not Found @team:DataDog/k9-cloud-security-platform Scenario: Get a job's details returns "OK" response - Given operation "GetHistoricalJob" enabled - And operation "RunHistoricalJob" enabled - And new "GetHistoricalJob" request - And there is a valid "historical_job" in the system - And request contains "job_id" parameter from "historical_job.data.id" + Given operation "GetThreatHuntingJob" enabled + And operation "RunThreatHuntingJob" enabled + And new "GetThreatHuntingJob" request + And there is a valid "threat_hunting_job" in the system + And request contains "job_id" parameter from "threat_hunting_job.data.id" When the request is sent Then the response status is 200 OK @@ -1021,20 +1045,13 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK - @generated @skip @team:DataDog/k9-cloud-security-platform - Scenario: List historical jobs returns "Bad Request" response - Given operation "ListHistoricalJobs" enabled - And new "ListHistoricalJobs" request - When the request is sent - Then the response status is 400 Bad Request - @team:DataDog/k9-cloud-security-platform Scenario: List historical jobs returns "OK" response - Given operation "ListHistoricalJobs" enabled - And operation "RunHistoricalJob" enabled - And new "ListHistoricalJobs" request - And there is a valid "historical_job" in the system - And request contains "filter[query]" parameter with value "id:{{historical_job.data.id}}" + Given operation "ListThreatHuntingJobs" enabled + And operation "RunThreatHuntingJob" enabled + And new "ListThreatHuntingJobs" request + And there is a valid "threat_hunting_job" in the system + And request contains "filter[query]" parameter with value "id:{{threat_hunting_job.data.id}}" When the request is sent Then the response status is 200 OK @@ -1088,6 +1105,20 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: List threat hunting jobs returns "Bad Request" response + Given operation "ListThreatHuntingJobs" enabled + And new "ListThreatHuntingJobs" request + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: List threat hunting jobs returns "OK" response + Given operation "ListThreatHuntingJobs" enabled + And new "ListThreatHuntingJobs" request + When the request is sent + Then the response status is 200 OK + @generated @skip @team:DataDog/asm-vm Scenario: List vulnerabilities returns "Bad request: The server cannot process the request due to invalid syntax in the request." response Given operation "ListVulnerabilities" enabled @@ -1265,25 +1296,25 @@ Feature: Security Monitoring Then the response status is 422 The server cannot process the request because it contains invalid data. @team:DataDog/k9-cloud-security-platform - Scenario: Run a historical job returns "Bad Request" response - Given operation "RunHistoricalJob" enabled - And new "RunHistoricalJob" request + Scenario: Run a threat hunting job returns "Bad Request" response + Given operation "RunThreatHuntingJob" enabled + And new "RunThreatHuntingJob" request And body with value {"data":{"type":"historicalDetectionsJobCreate","attributes":{"jobDefinition":{"type":"log_detection","name":"Excessive number of failed attempts.","queries":[{"query":"source:non_existing_src_weekend","aggregation":"count","groupByFields":[],"distinctFields":[]}],"cases":[{"name":"Condition 1","status":"info","notifications":[],"condition":"a > 1"}],"options":{"keepAlive":3600,"maxSignalDuration":86400,"evaluationWindow":900},"message":"A large number of failed login attempts.","tags":[],"from":1730387522611,"to":1730391122611,"index":"non_existing_index"}}}} When the request is sent Then the response status is 400 Bad Request @team:DataDog/k9-cloud-security-platform - Scenario: Run a historical job returns "Not Found" response - Given operation "RunHistoricalJob" enabled - And new "RunHistoricalJob" request + Scenario: Run a threat hunting job returns "Not Found" response + Given operation "RunThreatHuntingJob" enabled + And new "RunThreatHuntingJob" request And body with value {"data": { "type": "historicalDetectionsJobCreate", "attributes": {"fromRule": {"from": 1730201035064, "id": "non-existng", "index": "main", "notifications": [], "to": 1730204635115}}}} When the request is sent Then the response status is 404 Not Found @team:DataDog/k9-cloud-security-platform - Scenario: Run a historical job returns "Status created" response - Given operation "RunHistoricalJob" enabled - And new "RunHistoricalJob" request + Scenario: Run a threat hunting job returns "Status created" response + Given operation "RunThreatHuntingJob" enabled + And new "RunThreatHuntingJob" request And body with value {"data":{"type":"historicalDetectionsJobCreate","attributes":{"jobDefinition":{"type":"log_detection","name":"Excessive number of failed attempts.","queries":[{"query":"source:non_existing_src_weekend","aggregation":"count","groupByFields":[],"distinctFields":[]}],"cases":[{"name":"Condition 1","status":"info","notifications":[],"condition":"a > 1"}],"options":{"keepAlive":3600,"maxSignalDuration":86400,"evaluationWindow":900},"message":"A large number of failed login attempts.","tags":[],"from":1730387522611,"to":1730387532611,"index":"main"}}}} When the request is sent Then the response status is 201 Status created diff --git a/tests/scenarios/features/v2/undo.json b/tests/scenarios/features/v2/undo.json index 5f2144f5fb2..eb1380ab6b8 100644 --- a/tests/scenarios/features/v2/undo.json +++ b/tests/scenarios/features/v2/undo.json @@ -3909,13 +3909,13 @@ "type": "safe" } }, - "ListHistoricalJobs": { + "ListThreatHuntingJobs": { "tag": "Security Monitoring", "undo": { "type": "safe" } }, - "RunHistoricalJob": { + "RunThreatHuntingJob": { "tag": "Security Monitoring", "undo": { "type": "idempotent" @@ -3927,19 +3927,19 @@ "type": "idempotent" } }, - "DeleteHistoricalJob": { + "DeleteThreatHuntingJob": { "tag": "Security Monitoring", "undo": { "type": "idempotent" } }, - "GetHistoricalJob": { + "GetThreatHuntingJob": { "tag": "Security Monitoring", "undo": { "type": "safe" } }, - "CancelHistoricalJob": { + "CancelThreatHuntingJob": { "tag": "Security Monitoring", "undo": { "type": "idempotent"