-
Notifications
You must be signed in to change notification settings - Fork 53
Expand file tree
/
Copy pathValidateSecurityMonitoringSuppression.py
More file actions
34 lines (31 loc) · 1.43 KB
/
ValidateSecurityMonitoringSuppression.py
File metadata and controls
34 lines (31 loc) · 1.43 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
"""
Validate a suppression rule returns "OK" response
"""
from datadog_api_client import ApiClient, Configuration
from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi
from datadog_api_client.v2.model.security_monitoring_suppression_create_attributes import (
SecurityMonitoringSuppressionCreateAttributes,
)
from datadog_api_client.v2.model.security_monitoring_suppression_create_data import (
SecurityMonitoringSuppressionCreateData,
)
from datadog_api_client.v2.model.security_monitoring_suppression_create_request import (
SecurityMonitoringSuppressionCreateRequest,
)
from datadog_api_client.v2.model.security_monitoring_suppression_type import SecurityMonitoringSuppressionType
body = SecurityMonitoringSuppressionCreateRequest(
data=SecurityMonitoringSuppressionCreateData(
attributes=SecurityMonitoringSuppressionCreateAttributes(
data_exclusion_query="source:cloudtrail account_id:12345",
description="This rule suppresses low-severity signals in staging environments.",
enabled=True,
name="Custom suppression",
rule_query="type:log_detection source:cloudtrail",
),
type=SecurityMonitoringSuppressionType.SUPPRESSIONS,
),
)
configuration = Configuration()
with ApiClient(configuration) as api_client:
api_instance = SecurityMonitoringApi(api_client)
api_instance.validate_security_monitoring_suppression(body=body)