Regenerate client from commit bb11200 of spec repo

ci.datadog-api-spec · ci.datadog-api-spec · commit 8a1568e8f8ce · 2026-03-25T14:25:08.000Z
diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml
@@ -45795,6 +45795,13 @@ components:
           description: The unique identifier for this component. Used in other parts of the pipeline to reference this component (for example, as the `input` to downstream components).
           example: splunk-hec-source
           type: string
+        store_hec_token:
+          default: false
+          description: |-
+            If `true`, the HEC token is stored in the event's metadata and made available to the Enrichment Table
+            processor and the `splunk_hec` destination for routing or enrichment based on the token. Defaults to `false`.
+          example: true
+          type: boolean
         tls:
           $ref: "#/components/schemas/ObservabilityPipelineTls"
         type:
@@ -57909,7 +57916,6 @@ components:
         - none
         - false_positive
         - testing_or_maintenance
-        - remediated
         - investigated_case_opened
         - true_positive_benign
         - true_positive_malicious
@@ -57919,7 +57925,6 @@ components:
         - NONE
         - FALSE_POSITIVE
         - TESTING_OR_MAINTENANCE
-        - REMEDIATED
         - INVESTIGATED_CASE_OPENED
         - TRUE_POSITIVE_BENIGN
         - TRUE_POSITIVE_MALICIOUS
@@ -102449,8 +102454,6 @@ paths:
               schema:
                 $ref: "#/components/schemas/SecurityMonitoringSignalResponse"
           description: OK
-        "403":
-          $ref: "#/components/responses/NotAuthorizedResponse"
         "404":
           $ref: "#/components/responses/NotFoundResponse"
         "429":
@@ -102488,17 +102491,25 @@ paths:
                 $ref: "#/components/schemas/SecurityMonitoringSignalTriageUpdateResponse"
           description: OK
         "400":
-          $ref: "#/components/responses/BadRequestResponse"
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/APIErrorResponse"
+          description: Bad Request
         "403":
-          $ref: "#/components/responses/NotAuthorizedResponse"
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/APIErrorResponse"
+          description: Forbidden
         "404":
-          $ref: "#/components/responses/NotFoundResponse"
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/APIErrorResponse"
+          description: Not Found
         "429":
           $ref: "#/components/responses/TooManyRequestsResponse"
-      security:
-        - apiKeyAuth: []
-          appKeyAuth: []
-        - AuthZ: []
       summary: Modify the triage assignee of a security signal
       tags: ["Security Monitoring"]
       x-codegen-request-body-name: body
@@ -102528,17 +102539,25 @@ paths:
                 $ref: "#/components/schemas/SecurityMonitoringSignalTriageUpdateResponse"
           description: OK
         "400":
-          $ref: "#/components/responses/BadRequestResponse"
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/APIErrorResponse"
+          description: Bad Request
         "403":
-          $ref: "#/components/responses/NotAuthorizedResponse"
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/APIErrorResponse"
+          description: Forbidden
         "404":
-          $ref: "#/components/responses/NotFoundResponse"
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/APIErrorResponse"
+          description: Not Found
         "429":
           $ref: "#/components/responses/TooManyRequestsResponse"
-      security:
-        - apiKeyAuth: []
-          appKeyAuth: []
-        - AuthZ: []
       summary: Change the related incidents of a security signal
       tags: ["Security Monitoring"]
       x-codegen-request-body-name: body
@@ -102568,17 +102587,25 @@ paths:
                 $ref: "#/components/schemas/SecurityMonitoringSignalTriageUpdateResponse"
           description: OK
         "400":
-          $ref: "#/components/responses/BadRequestResponse"
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/APIErrorResponse"
+          description: Bad Request
         "403":
-          $ref: "#/components/responses/NotAuthorizedResponse"
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/APIErrorResponse"
+          description: Forbidden
         "404":
-          $ref: "#/components/responses/NotFoundResponse"
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/APIErrorResponse"
+          description: Not Found
         "429":
           $ref: "#/components/responses/TooManyRequestsResponse"
-      security:
-        - apiKeyAuth: []
-          appKeyAuth: []
-        - AuthZ: []
       summary: Change the triage state of a security signal
       tags: ["Security Monitoring"]
       x-codegen-request-body-name: body
diff --git a/src/datadog_api_client/v2/api/security_monitoring_api.py b/src/datadog_api_client/v2/api/security_monitoring_api.py
@@ -749,7 +749,7 @@ def __init__(self, api_client=None):
         self._edit_security_monitoring_signal_assignee_endpoint = _Endpoint(
             settings={
                 "response_type": (SecurityMonitoringSignalTriageUpdateResponse,),
-                "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"],
+                "auth": ["apiKeyAuth", "appKeyAuth"],
                 "endpoint_path": "/api/v2/security_monitoring/signals/{signal_id}/assignee",
                 "operation_id": "edit_security_monitoring_signal_assignee",
                 "http_method": "PATCH",
@@ -775,7 +775,7 @@ def __init__(self, api_client=None):
         self._edit_security_monitoring_signal_incidents_endpoint = _Endpoint(
             settings={
                 "response_type": (SecurityMonitoringSignalTriageUpdateResponse,),
-                "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"],
+                "auth": ["apiKeyAuth", "appKeyAuth"],
                 "endpoint_path": "/api/v2/security_monitoring/signals/{signal_id}/incidents",
                 "operation_id": "edit_security_monitoring_signal_incidents",
                 "http_method": "PATCH",
@@ -801,7 +801,7 @@ def __init__(self, api_client=None):
         self._edit_security_monitoring_signal_state_endpoint = _Endpoint(
             settings={
                 "response_type": (SecurityMonitoringSignalTriageUpdateResponse,),
-                "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"],
+                "auth": ["apiKeyAuth", "appKeyAuth"],
                 "endpoint_path": "/api/v2/security_monitoring/signals/{signal_id}/state",
                 "operation_id": "edit_security_monitoring_signal_state",
                 "http_method": "PATCH",
diff --git a/src/datadog_api_client/v2/model/observability_pipeline_config_source_item.py b/src/datadog_api_client/v2/model/observability_pipeline_config_source_item.py
@@ -91,6 +91,10 @@ def __init__(self, **kwargs):
         :param framing: Framing method configuration for the socket source.
         :type framing: ObservabilityPipelineSocketSourceFraming
 
+        :param store_hec_token: If `true`, the HEC token is stored in the event's metadata and made available to the Enrichment Table
+            processor and the `splunk_hec` destination for routing or enrichment based on the token. Defaults to `false`.
+        :type store_hec_token: bool, optional
+
         :param grpc_address_key: Environment variable name containing the gRPC server address for receiving OTLP data. Must be a valid environment variable name (alphanumeric characters and underscores only).
         :type grpc_address_key: str, optional
 
diff --git a/src/datadog_api_client/v2/model/observability_pipeline_splunk_hec_source.py b/src/datadog_api_client/v2/model/observability_pipeline_splunk_hec_source.py
@@ -31,13 +31,15 @@ def openapi_types(_):
         return {
             "address_key": (str,),
             "id": (str,),
+            "store_hec_token": (bool,),
             "tls": (ObservabilityPipelineTls,),
             "type": (ObservabilityPipelineSplunkHecSourceType,),
         }
 
     attribute_map = {
         "address_key": "address_key",
         "id": "id",
+        "store_hec_token": "store_hec_token",
         "tls": "tls",
         "type": "type",
     }
@@ -47,6 +49,7 @@ def __init__(
         id: str,
         type: ObservabilityPipelineSplunkHecSourceType,
         address_key: Union[str, UnsetType] = unset,
+        store_hec_token: Union[bool, UnsetType] = unset,
         tls: Union[ObservabilityPipelineTls, UnsetType] = unset,
         **kwargs,
     ):
@@ -61,6 +64,10 @@ def __init__(
         :param id: The unique identifier for this component. Used in other parts of the pipeline to reference this component (for example, as the ``input`` to downstream components).
         :type id: str
 
+        :param store_hec_token: If ``true`` , the HEC token is stored in the event's metadata and made available to the Enrichment Table
+            processor and the ``splunk_hec`` destination for routing or enrichment based on the token. Defaults to ``false``.
+        :type store_hec_token: bool, optional
+
         :param tls: Configuration for enabling TLS encryption between the pipeline component and external services.
         :type tls: ObservabilityPipelineTls, optional
 
@@ -69,6 +76,8 @@ def __init__(
         """
         if address_key is not unset:
             kwargs["address_key"] = address_key
+        if store_hec_token is not unset:
+            kwargs["store_hec_token"] = store_hec_token
         if tls is not unset:
             kwargs["tls"] = tls
         super().__init__(kwargs)
diff --git a/src/datadog_api_client/v2/model/security_monitoring_signal_archive_reason.py b/src/datadog_api_client/v2/model/security_monitoring_signal_archive_reason.py
@@ -16,15 +16,14 @@ class SecurityMonitoringSignalArchiveReason(ModelSimple):
     """
     Reason a signal is archived.
 
-    :param value: Must be one of ["none", "false_positive", "testing_or_maintenance", "remediated", "investigated_case_opened", "true_positive_benign", "true_positive_malicious", "other"].
+    :param value: Must be one of ["none", "false_positive", "testing_or_maintenance", "investigated_case_opened", "true_positive_benign", "true_positive_malicious", "other"].
     :type value: str
     """
 
     allowed_values = {
         "none",
         "false_positive",
         "testing_or_maintenance",
-        "remediated",
         "investigated_case_opened",
         "true_positive_benign",
         "true_positive_malicious",
@@ -33,7 +32,6 @@ class SecurityMonitoringSignalArchiveReason(ModelSimple):
     NONE: ClassVar["SecurityMonitoringSignalArchiveReason"]
     FALSE_POSITIVE: ClassVar["SecurityMonitoringSignalArchiveReason"]
     TESTING_OR_MAINTENANCE: ClassVar["SecurityMonitoringSignalArchiveReason"]
-    REMEDIATED: ClassVar["SecurityMonitoringSignalArchiveReason"]
     INVESTIGATED_CASE_OPENED: ClassVar["SecurityMonitoringSignalArchiveReason"]
     TRUE_POSITIVE_BENIGN: ClassVar["SecurityMonitoringSignalArchiveReason"]
     TRUE_POSITIVE_MALICIOUS: ClassVar["SecurityMonitoringSignalArchiveReason"]
@@ -51,7 +49,6 @@ def openapi_types(_):
 SecurityMonitoringSignalArchiveReason.TESTING_OR_MAINTENANCE = SecurityMonitoringSignalArchiveReason(
     "testing_or_maintenance"
 )
-SecurityMonitoringSignalArchiveReason.REMEDIATED = SecurityMonitoringSignalArchiveReason("remediated")
 SecurityMonitoringSignalArchiveReason.INVESTIGATED_CASE_OPENED = SecurityMonitoringSignalArchiveReason(
     "investigated_case_opened"
 )
