datadog-api-client-python/src/datadog_api_client/v2/model/historical_job_query.py at f0b8f18c5add7af339c04cb3eaa37d38329bc612 · DataDog/datadog-api-client-python · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License.
# This product includes software developed at Datadog (https://www.datadoghq.com/).
# Copyright 2019-Present Datadog, Inc.
from __future__ import annotations

from typing import List, Union, TYPE_CHECKING

from datadog_api_client.model_utils import (
    ModelNormal,
    cached_property,
    unset,
    UnsetType,
)


if TYPE_CHECKING:
    from datadog_api_client.v2.model.security_monitoring_rule_query_aggregation import (
        SecurityMonitoringRuleQueryAggregation,
    )
    from datadog_api_client.v2.model.security_monitoring_standard_data_source import (
        SecurityMonitoringStandardDataSource,
    )


class HistoricalJobQuery(ModelNormal):
    @cached_property
    def openapi_types(_):
        from datadog_api_client.v2.model.security_monitoring_rule_query_aggregation import (
            SecurityMonitoringRuleQueryAggregation,
        )
        from datadog_api_client.v2.model.security_monitoring_standard_data_source import (
            SecurityMonitoringStandardDataSource,
        )

        return {
            "aggregation": (SecurityMonitoringRuleQueryAggregation,),
            "data_source": (SecurityMonitoringStandardDataSource,),
            "distinct_fields": ([str],),
            "group_by_fields": ([str],),
            "has_optional_group_by_fields": (bool,),
            "metrics": ([str],),
            "name": (str,),
            "query": (str,),
        }

    attribute_map = {
        "aggregation": "aggregation",
        "data_source": "dataSource",
        "distinct_fields": "distinctFields",
        "group_by_fields": "groupByFields",
        "has_optional_group_by_fields": "hasOptionalGroupByFields",
        "metrics": "metrics",
        "name": "name",
        "query": "query",
    }

    def __init__(
        self_,
        aggregation: Union[SecurityMonitoringRuleQueryAggregation, UnsetType] = unset,
        data_source: Union[SecurityMonitoringStandardDataSource, UnsetType] = unset,
        distinct_fields: Union[List[str], UnsetType] = unset,
        group_by_fields: Union[List[str], UnsetType] = unset,
        has_optional_group_by_fields: Union[bool, UnsetType] = unset,
        metrics: Union[List[str], UnsetType] = unset,
        name: Union[str, UnsetType] = unset,
        query: Union[str, UnsetType] = unset,
        **kwargs,
    ):
        """
        Query for selecting logs analyzed by the historical job.

        :param aggregation: The aggregation type.
        :type aggregation: SecurityMonitoringRuleQueryAggregation, optional

        :param data_source: Source of events, either logs, audit trail, or Datadog events.
        :type data_source: SecurityMonitoringStandardDataSource, optional

        :param distinct_fields: Field for which the cardinality is measured. Sent as an array.
        :type distinct_fields: [str], optional

        :param group_by_fields: Fields to group by.
        :type group_by_fields: [str], optional

        :param has_optional_group_by_fields: When false, events without a group-by value are ignored by the query. When true, events with missing group-by fields are processed with ``N/A`` , replacing the missing values.
        :type has_optional_group_by_fields: bool, optional

        :param metrics: Group of target fields to aggregate over when using the sum, max, geo data, or new value aggregations. The sum, max, and geo data aggregations only accept one value in this list, whereas the new value aggregation accepts up to five values.
        :type metrics: [str], optional

        :param name: Name of the query.
        :type name: str, optional

        :param query: Query to run on logs.
        :type query: str, optional
        """
        if aggregation is not unset:
            kwargs["aggregation"] = aggregation
        if data_source is not unset:
            kwargs["data_source"] = data_source
        if distinct_fields is not unset:
            kwargs["distinct_fields"] = distinct_fields
        if group_by_fields is not unset:
            kwargs["group_by_fields"] = group_by_fields
        if has_optional_group_by_fields is not unset:
            kwargs["has_optional_group_by_fields"] = has_optional_group_by_fields
        if metrics is not unset:
            kwargs["metrics"] = metrics
        if name is not unset:
            kwargs["name"] = name
        if query is not unset:
            kwargs["query"] = query
        super().__init__(kwargs)