-
Notifications
You must be signed in to change notification settings - Fork 32
Expand file tree
/
Copy pathThreatHuntingJobQuery.java
More file actions
378 lines (333 loc) · 11.7 KB
/
ThreatHuntingJobQuery.java
File metadata and controls
378 lines (333 loc) · 11.7 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
/*
* Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License.
* This product includes software developed at Datadog (https://www.datadoghq.com/).
* Copyright 2019-Present Datadog, Inc.
*/
package com.datadog.api.client.v2.model;
import com.fasterxml.jackson.annotation.JsonAnyGetter;
import com.fasterxml.jackson.annotation.JsonAnySetter;
import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.annotation.JsonPropertyOrder;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
/** Query for selecting logs analyzed by the threat hunting job. */
@JsonPropertyOrder({
ThreatHuntingJobQuery.JSON_PROPERTY_AGGREGATION,
ThreatHuntingJobQuery.JSON_PROPERTY_DATA_SOURCE,
ThreatHuntingJobQuery.JSON_PROPERTY_DISTINCT_FIELDS,
ThreatHuntingJobQuery.JSON_PROPERTY_GROUP_BY_FIELDS,
ThreatHuntingJobQuery.JSON_PROPERTY_HAS_OPTIONAL_GROUP_BY_FIELDS,
ThreatHuntingJobQuery.JSON_PROPERTY_METRICS,
ThreatHuntingJobQuery.JSON_PROPERTY_NAME,
ThreatHuntingJobQuery.JSON_PROPERTY_QUERY
})
@jakarta.annotation.Generated(
value = "https://github.com/DataDog/datadog-api-client-java/blob/master/.generator")
public class ThreatHuntingJobQuery {
@JsonIgnore public boolean unparsed = false;
public static final String JSON_PROPERTY_AGGREGATION = "aggregation";
private SecurityMonitoringRuleQueryAggregation aggregation;
public static final String JSON_PROPERTY_DATA_SOURCE = "dataSource";
private SecurityMonitoringStandardDataSource dataSource =
SecurityMonitoringStandardDataSource.LOGS;
public static final String JSON_PROPERTY_DISTINCT_FIELDS = "distinctFields";
private List<String> distinctFields = null;
public static final String JSON_PROPERTY_GROUP_BY_FIELDS = "groupByFields";
private List<String> groupByFields = null;
public static final String JSON_PROPERTY_HAS_OPTIONAL_GROUP_BY_FIELDS =
"hasOptionalGroupByFields";
private Boolean hasOptionalGroupByFields = false;
public static final String JSON_PROPERTY_METRICS = "metrics";
private List<String> metrics = null;
public static final String JSON_PROPERTY_NAME = "name";
private String name;
public static final String JSON_PROPERTY_QUERY = "query";
private String query;
public ThreatHuntingJobQuery aggregation(SecurityMonitoringRuleQueryAggregation aggregation) {
this.aggregation = aggregation;
this.unparsed |= !aggregation.isValid();
return this;
}
/**
* The aggregation type.
*
* @return aggregation
*/
@jakarta.annotation.Nullable
@JsonProperty(JSON_PROPERTY_AGGREGATION)
@JsonInclude(value = JsonInclude.Include.USE_DEFAULTS)
public SecurityMonitoringRuleQueryAggregation getAggregation() {
return aggregation;
}
public void setAggregation(SecurityMonitoringRuleQueryAggregation aggregation) {
if (!aggregation.isValid()) {
this.unparsed = true;
}
this.aggregation = aggregation;
}
public ThreatHuntingJobQuery dataSource(SecurityMonitoringStandardDataSource dataSource) {
this.dataSource = dataSource;
this.unparsed |= !dataSource.isValid();
return this;
}
/**
* Source of events, either logs, audit trail, or Datadog events. <code>app_sec_spans</code> is
* deprecated in favor of <code>spans</code>.
*
* @return dataSource
*/
@jakarta.annotation.Nullable
@JsonProperty(JSON_PROPERTY_DATA_SOURCE)
@JsonInclude(value = JsonInclude.Include.USE_DEFAULTS)
public SecurityMonitoringStandardDataSource getDataSource() {
return dataSource;
}
public void setDataSource(SecurityMonitoringStandardDataSource dataSource) {
if (!dataSource.isValid()) {
this.unparsed = true;
}
this.dataSource = dataSource;
}
public ThreatHuntingJobQuery distinctFields(List<String> distinctFields) {
this.distinctFields = distinctFields;
return this;
}
public ThreatHuntingJobQuery addDistinctFieldsItem(String distinctFieldsItem) {
if (this.distinctFields == null) {
this.distinctFields = new ArrayList<>();
}
this.distinctFields.add(distinctFieldsItem);
return this;
}
/**
* Field for which the cardinality is measured. Sent as an array.
*
* @return distinctFields
*/
@jakarta.annotation.Nullable
@JsonProperty(JSON_PROPERTY_DISTINCT_FIELDS)
@JsonInclude(value = JsonInclude.Include.USE_DEFAULTS)
public List<String> getDistinctFields() {
return distinctFields;
}
public void setDistinctFields(List<String> distinctFields) {
this.distinctFields = distinctFields;
}
public ThreatHuntingJobQuery groupByFields(List<String> groupByFields) {
this.groupByFields = groupByFields;
return this;
}
public ThreatHuntingJobQuery addGroupByFieldsItem(String groupByFieldsItem) {
if (this.groupByFields == null) {
this.groupByFields = new ArrayList<>();
}
this.groupByFields.add(groupByFieldsItem);
return this;
}
/**
* Fields to group by.
*
* @return groupByFields
*/
@jakarta.annotation.Nullable
@JsonProperty(JSON_PROPERTY_GROUP_BY_FIELDS)
@JsonInclude(value = JsonInclude.Include.USE_DEFAULTS)
public List<String> getGroupByFields() {
return groupByFields;
}
public void setGroupByFields(List<String> groupByFields) {
this.groupByFields = groupByFields;
}
public ThreatHuntingJobQuery hasOptionalGroupByFields(Boolean hasOptionalGroupByFields) {
this.hasOptionalGroupByFields = hasOptionalGroupByFields;
return this;
}
/**
* When false, events without a group-by value are ignored by the query. When true, events with
* missing group-by fields are processed with <code>N/A</code>, replacing the missing values.
*
* @return hasOptionalGroupByFields
*/
@jakarta.annotation.Nullable
@JsonProperty(JSON_PROPERTY_HAS_OPTIONAL_GROUP_BY_FIELDS)
@JsonInclude(value = JsonInclude.Include.USE_DEFAULTS)
public Boolean getHasOptionalGroupByFields() {
return hasOptionalGroupByFields;
}
public void setHasOptionalGroupByFields(Boolean hasOptionalGroupByFields) {
this.hasOptionalGroupByFields = hasOptionalGroupByFields;
}
public ThreatHuntingJobQuery metrics(List<String> metrics) {
this.metrics = metrics;
return this;
}
public ThreatHuntingJobQuery addMetricsItem(String metricsItem) {
if (this.metrics == null) {
this.metrics = new ArrayList<>();
}
this.metrics.add(metricsItem);
return this;
}
/**
* Group of target fields to aggregate over when using the sum, max, geo data, or new value
* aggregations. The sum, max, and geo data aggregations only accept one value in this list,
* whereas the new value aggregation accepts up to five values.
*
* @return metrics
*/
@jakarta.annotation.Nullable
@JsonProperty(JSON_PROPERTY_METRICS)
@JsonInclude(value = JsonInclude.Include.USE_DEFAULTS)
public List<String> getMetrics() {
return metrics;
}
public void setMetrics(List<String> metrics) {
this.metrics = metrics;
}
public ThreatHuntingJobQuery name(String name) {
this.name = name;
return this;
}
/**
* Name of the query.
*
* @return name
*/
@jakarta.annotation.Nullable
@JsonProperty(JSON_PROPERTY_NAME)
@JsonInclude(value = JsonInclude.Include.USE_DEFAULTS)
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public ThreatHuntingJobQuery query(String query) {
this.query = query;
return this;
}
/**
* Query to run on logs.
*
* @return query
*/
@jakarta.annotation.Nullable
@JsonProperty(JSON_PROPERTY_QUERY)
@JsonInclude(value = JsonInclude.Include.USE_DEFAULTS)
public String getQuery() {
return query;
}
public void setQuery(String query) {
this.query = query;
}
/**
* A container for additional, undeclared properties. This is a holder for any undeclared
* properties as specified with the 'additionalProperties' keyword in the OAS document.
*/
private Map<String, Object> additionalProperties;
/**
* Set the additional (undeclared) property with the specified name and value. If the property
* does not already exist, create it otherwise replace it.
*
* @param key The arbitrary key to set
* @param value The associated value
* @return ThreatHuntingJobQuery
*/
@JsonAnySetter
public ThreatHuntingJobQuery putAdditionalProperty(String key, Object value) {
if (this.additionalProperties == null) {
this.additionalProperties = new HashMap<String, Object>();
}
this.additionalProperties.put(key, value);
return this;
}
/**
* Return the additional (undeclared) property.
*
* @return The additional properties
*/
@JsonAnyGetter
public Map<String, Object> getAdditionalProperties() {
return additionalProperties;
}
/**
* Return the additional (undeclared) property with the specified name.
*
* @param key The arbitrary key to get
* @return The specific additional property for the given key
*/
public Object getAdditionalProperty(String key) {
if (this.additionalProperties == null) {
return null;
}
return this.additionalProperties.get(key);
}
/** Return true if this ThreatHuntingJobQuery object is equal to o. */
@Override
public boolean equals(Object o) {
if (this == o) {
return true;
}
if (o == null || getClass() != o.getClass()) {
return false;
}
ThreatHuntingJobQuery threatHuntingJobQuery = (ThreatHuntingJobQuery) o;
return Objects.equals(this.aggregation, threatHuntingJobQuery.aggregation)
&& Objects.equals(this.dataSource, threatHuntingJobQuery.dataSource)
&& Objects.equals(this.distinctFields, threatHuntingJobQuery.distinctFields)
&& Objects.equals(this.groupByFields, threatHuntingJobQuery.groupByFields)
&& Objects.equals(
this.hasOptionalGroupByFields, threatHuntingJobQuery.hasOptionalGroupByFields)
&& Objects.equals(this.metrics, threatHuntingJobQuery.metrics)
&& Objects.equals(this.name, threatHuntingJobQuery.name)
&& Objects.equals(this.query, threatHuntingJobQuery.query)
&& Objects.equals(this.additionalProperties, threatHuntingJobQuery.additionalProperties);
}
@Override
public int hashCode() {
return Objects.hash(
aggregation,
dataSource,
distinctFields,
groupByFields,
hasOptionalGroupByFields,
metrics,
name,
query,
additionalProperties);
}
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("class ThreatHuntingJobQuery {\n");
sb.append(" aggregation: ").append(toIndentedString(aggregation)).append("\n");
sb.append(" dataSource: ").append(toIndentedString(dataSource)).append("\n");
sb.append(" distinctFields: ").append(toIndentedString(distinctFields)).append("\n");
sb.append(" groupByFields: ").append(toIndentedString(groupByFields)).append("\n");
sb.append(" hasOptionalGroupByFields: ")
.append(toIndentedString(hasOptionalGroupByFields))
.append("\n");
sb.append(" metrics: ").append(toIndentedString(metrics)).append("\n");
sb.append(" name: ").append(toIndentedString(name)).append("\n");
sb.append(" query: ").append(toIndentedString(query)).append("\n");
sb.append(" additionalProperties: ")
.append(toIndentedString(additionalProperties))
.append("\n");
sb.append('}');
return sb.toString();
}
/**
* Convert the given object to string with each line indented by 4 spaces (except the first line).
*/
private String toIndentedString(Object o) {
if (o == null) {
return "null";
}
return o.toString().replace("\n", "\n ");
}
}