From 3f1c75bfbcda59f6bb00a29c851064088eb29da2 Mon Sep 17 00:00:00 2001 From: "ci.datadog-api-spec" Date: Mon, 13 Apr 2026 12:15:02 +0000 Subject: [PATCH] Regenerate client from commit 843ea74 of spec repo --- .generator/schemas/v2/openapi.yaml | 396 ++++---- .../frozen.json | 2 +- .../recording.har | 10 +- .../frozen.json | 2 +- .../recording.har | 8 +- .../frozen.json | 2 +- .../recording.har | 22 +- .../frozen.json | 2 +- .../recording.har | 10 +- .../frozen.json | 2 +- .../recording.har | 10 +- .../frozen.json | 2 +- .../recording.har | 10 +- .../frozen.json | 2 +- .../recording.har | 10 +- .../frozen.json | 2 +- .../recording.har | 10 +- .../frozen.json | 2 +- .../recording.har | 28 +- .../recording.har | 4 +- .../frozen.json | 1 + .../recording.har | 12 +- .../frozen.json | 1 + .../recording.har | 12 +- .../frozen.json | 1 + .../recording.har | 14 +- .../frozen.json | 1 - .../frozen.json | 1 - .../frozen.json | 1 - ...b_1945505845.ts => CancelHistoricalJob.ts} | 15 +- .../CancelThreatHuntingJob.ts | 22 - ...atHuntingJob.ts => DeleteHistoricalJob.ts} | 6 +- .../security-monitoring/GetHistoricalJob.ts | 26 + .../GetThreatHuntingJob.ts | 27 - ...atHuntingJobs.ts => ListHistoricalJobs.ts} | 8 +- .../ListThreatHuntingJobs_1365512061.ts | 25 - ...hreatHuntingJob.ts => RunHistoricalJob.ts} | 8 +- features/support/scenarios_model_mapping.ts | 16 +- features/v2/given.json | 6 +- features/v2/security_monitoring.feature | 140 ++- features/v2/undo.json | 10 +- .../configuration.ts | 10 +- .../apis/SecurityMonitoringApi.ts | 872 +++++++++--------- packages/datadog-api-client-v2/index.ts | 34 +- .../ConvertJobResultsToSignalsAttributes.ts | 2 +- .../models/ConvertJobResultsToSignalsData.ts | 4 +- .../ConvertJobResultsToSignalsRequest.ts | 4 +- ...obDataType.ts => HistoricalJobDataType.ts} | 2 +- ...obListMeta.ts => HistoricalJobListMeta.ts} | 4 +- ...gJobOptions.ts => HistoricalJobOptions.ts} | 4 +- ...ntingJobQuery.ts => HistoricalJobQuery.ts} | 6 +- ...obResponse.ts => HistoricalJobResponse.ts} | 14 +- ....ts => HistoricalJobResponseAttributes.ts} | 8 +- ...seData.ts => HistoricalJobResponseData.ts} | 20 +- .../models/JobCreateResponse.ts | 2 +- .../models/JobCreateResponseData.ts | 6 +- .../models/JobDefinition.ts | 14 +- .../models/JobDefinitionFromRule.ts | 2 +- ...ponse.ts => ListHistoricalJobsResponse.ts} | 20 +- .../models/ObjectSerializer.ts | 44 +- ...bRequest.ts => RunHistoricalJobRequest.ts} | 14 +- ...s => RunHistoricalJobRequestAttributes.ts} | 10 +- ...Data.ts => RunHistoricalJobRequestData.ts} | 20 +- ....ts => RunHistoricalJobRequestDataType.ts} | 2 +- 64 files changed, 960 insertions(+), 1047 deletions(-) create mode 100644 cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Bad-Request-response_3841593672/frozen.json rename cassettes/v2/Security-Monitoring_1187227211/{Run-a-threat-hunting-job-returns-Bad-Request-response_1567776629 => Run-a-historical-job-returns-Bad-Request-response_3841593672}/recording.har (86%) create mode 100644 cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Not-Found-response_258356351/frozen.json rename cassettes/v2/Security-Monitoring_1187227211/{Run-a-threat-hunting-job-returns-Not-Found-response_4013068630 => Run-a-historical-job-returns-Not-Found-response_258356351}/recording.har (83%) create mode 100644 cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Status-created-response_2964716074/frozen.json rename cassettes/v2/Security-Monitoring_1187227211/{Run-a-threat-hunting-job-returns-Status-created-response_674813617 => Run-a-historical-job-returns-Status-created-response_2964716074}/recording.har (81%) delete mode 100644 cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Bad-Request-response_1567776629/frozen.json delete mode 100644 cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Not-Found-response_4013068630/frozen.json delete mode 100644 cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Status-created-response_674813617/frozen.json rename examples/v2/security-monitoring/{CancelThreatHuntingJob_1945505845.ts => CancelHistoricalJob.ts} (50%) delete mode 100644 examples/v2/security-monitoring/CancelThreatHuntingJob.ts rename examples/v2/security-monitoring/{DeleteThreatHuntingJob.ts => DeleteHistoricalJob.ts} (71%) create mode 100644 examples/v2/security-monitoring/GetHistoricalJob.ts delete mode 100644 examples/v2/security-monitoring/GetThreatHuntingJob.ts rename examples/v2/security-monitoring/{ListThreatHuntingJobs.ts => ListHistoricalJobs.ts} (63%) delete mode 100644 examples/v2/security-monitoring/ListThreatHuntingJobs_1365512061.ts rename examples/v2/security-monitoring/{RunThreatHuntingJob.ts => RunHistoricalJob.ts} (85%) rename packages/datadog-api-client-v2/models/{ThreatHuntingJobDataType.ts => HistoricalJobDataType.ts} (92%) rename packages/datadog-api-client-v2/models/{ThreatHuntingJobListMeta.ts => HistoricalJobListMeta.ts} (92%) rename packages/datadog-api-client-v2/models/{ThreatHuntingJobOptions.ts => HistoricalJobOptions.ts} (98%) rename packages/datadog-api-client-v2/models/{ThreatHuntingJobQuery.ts => HistoricalJobQuery.ts} (95%) rename packages/datadog-api-client-v2/models/{ThreatHuntingJobResponse.ts => HistoricalJobResponse.ts} (75%) rename packages/datadog-api-client-v2/models/{ThreatHuntingJobResponseAttributes.ts => HistoricalJobResponseAttributes.ts} (92%) rename packages/datadog-api-client-v2/models/{ThreatHuntingJobResponseData.ts => HistoricalJobResponseData.ts} (69%) rename packages/datadog-api-client-v2/models/{ListThreatHuntingJobsResponse.ts => ListHistoricalJobsResponse.ts} (67%) rename packages/datadog-api-client-v2/models/{RunThreatHuntingJobRequest.ts => RunHistoricalJobRequest.ts} (73%) rename packages/datadog-api-client-v2/models/{RunThreatHuntingJobRequestAttributes.ts => RunHistoricalJobRequestAttributes.ts} (84%) rename packages/datadog-api-client-v2/models/{RunThreatHuntingJobRequestData.ts => RunHistoricalJobRequestData.ts} (64%) rename packages/datadog-api-client-v2/models/{RunThreatHuntingJobRequestDataType.ts => RunHistoricalJobRequestDataType.ts} (90%) diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index 759d9cf0624e..d9b40c685763 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -529,6 +529,20 @@ components: required: true schema: type: string + HistoricalJobID: + description: The ID of the job. + in: path + name: job_id + required: true + schema: + type: string + HistoricalSignalID: + description: The ID of the historical signal. + in: path + name: histsignal_id + required: true + schema: + type: string IncidentIDPathParameter: description: The UUID of the incident. in: path @@ -1238,20 +1252,6 @@ components: required: true schema: type: string - ThreatHuntingJobID: - description: The ID of the job. - in: path - name: job_id - required: true - schema: - type: string - ThreatHuntingSignalID: - description: The ID of the threat hunting signal. - in: path - name: histsignal_id - required: true - schema: - type: string ToTimestamp: description: The ending timestamp for the SLO status query in epoch seconds. in: query @@ -14414,7 +14414,7 @@ components: - GZIP - DEFLATE ConvertJobResultsToSignalsAttributes: - description: Attributes for converting threat hunting job results to signals. + description: Attributes for converting historical job results to signals. properties: id: description: Request ID. @@ -14448,7 +14448,7 @@ components: - notifications type: object ConvertJobResultsToSignalsData: - description: Data for converting threat hunting job results to signals. + description: Data for converting historical job results to signals. properties: attributes: $ref: "#/components/schemas/ConvertJobResultsToSignalsAttributes" @@ -14463,7 +14463,7 @@ components: x-enum-varnames: - HISTORICALDETECTIONSJOBRESULTSIGNALCONVERSION ConvertJobResultsToSignalsRequest: - description: Request for converting threat hunting job results to signals. + description: Request for converting historical job results to signals. properties: data: $ref: "#/components/schemas/ConvertJobResultsToSignalsData" @@ -30621,6 +30621,129 @@ components: type: string x-enum-varnames: - HAMR_ORG_CONNECTIONS + HistoricalJobDataType: + description: Type of payload. + enum: + - historicalDetectionsJob + type: string + x-enum-varnames: + - HISTORICALDETECTIONSJOB + HistoricalJobListMeta: + description: Metadata about the list of jobs. + properties: + totalCount: + description: Number of jobs in the list. + format: int32 + maximum: 2147483647 + type: integer + type: object + HistoricalJobOptions: + description: Job options. + properties: + anomalyDetectionOptions: + $ref: "#/components/schemas/SecurityMonitoringRuleAnomalyDetectionOptions" + detectionMethod: + $ref: "#/components/schemas/SecurityMonitoringRuleDetectionMethod" + evaluationWindow: + $ref: "#/components/schemas/SecurityMonitoringRuleEvaluationWindow" + impossibleTravelOptions: + $ref: "#/components/schemas/SecurityMonitoringRuleImpossibleTravelOptions" + keepAlive: + $ref: "#/components/schemas/SecurityMonitoringRuleKeepAlive" + maxSignalDuration: + $ref: "#/components/schemas/SecurityMonitoringRuleMaxSignalDuration" + newValueOptions: + $ref: "#/components/schemas/SecurityMonitoringRuleNewValueOptions" + sequenceDetectionOptions: + $ref: "#/components/schemas/SecurityMonitoringRuleSequenceDetectionOptions" + thirdPartyRuleOptions: + $ref: "#/components/schemas/SecurityMonitoringRuleThirdPartyOptions" + type: object + HistoricalJobQuery: + description: Query for selecting logs analyzed by the historical job. + properties: + aggregation: + $ref: "#/components/schemas/SecurityMonitoringRuleQueryAggregation" + dataSource: + $ref: "#/components/schemas/SecurityMonitoringStandardDataSource" + distinctFields: + description: Field for which the cardinality is measured. Sent as an array. + items: + description: Field. + type: string + type: array + groupByFields: + description: Fields to group by. + items: + description: Field. + type: string + type: array + hasOptionalGroupByFields: + default: false + description: When false, events without a group-by value are ignored by the query. When true, events with missing group-by fields are processed with `N/A`, replacing the missing values. + example: false + type: boolean + metrics: + description: Group of target fields to aggregate over when using the sum, max, geo data, or new value aggregations. The sum, max, and geo data aggregations only accept one value in this list, whereas the new value aggregation accepts up to five values. + items: + description: Field. + type: string + type: array + name: + description: Name of the query. + type: string + query: + description: Query to run on logs. + example: a > 3 + type: string + type: object + HistoricalJobResponse: + description: Historical job response. + properties: + data: + $ref: "#/components/schemas/HistoricalJobResponseData" + type: object + HistoricalJobResponseAttributes: + description: Historical job attributes. + properties: + createdAt: + description: Time when the job was created. + type: string + createdByHandle: + description: The handle of the user who created the job. + type: string + createdByName: + description: The name of the user who created the job. + type: string + createdFromRuleId: + description: ID of the rule used to create the job (if it is created from a rule). + type: string + jobDefinition: + $ref: "#/components/schemas/JobDefinition" + jobName: + description: Job name. + type: string + jobStatus: + description: Job status. + type: string + modifiedAt: + description: Last modification time of the job. + type: string + signalOutput: + description: Whether the job outputs signals. + type: boolean + type: object + HistoricalJobResponseData: + description: Historical job response data. + properties: + attributes: + $ref: "#/components/schemas/HistoricalJobResponseAttributes" + id: + description: ID of the job. + type: string + type: + $ref: "#/components/schemas/HistoricalJobDataType" + type: object HourlyUsage: description: Hourly usage for a product family for an org. properties: @@ -35919,7 +36042,7 @@ components: x-enum-varnames: - JIRA_ISSUES JobCreateResponse: - description: Run a threat hunting job response. + description: Run a historical job response. properties: data: $ref: "#/components/schemas/JobCreateResponseData" @@ -35931,10 +36054,10 @@ components: description: ID of the created job. type: string type: - $ref: "#/components/schemas/ThreatHuntingJobDataType" + $ref: "#/components/schemas/HistoricalJobDataType" type: object JobDefinition: - description: Definition of a threat hunting job. + description: Definition of a historical job. properties: calculatedFields: description: Calculated fields. @@ -35972,11 +36095,11 @@ components: example: Excessive number of failed attempts. type: string options: - $ref: "#/components/schemas/ThreatHuntingJobOptions" + $ref: "#/components/schemas/HistoricalJobOptions" queries: description: Queries for selecting logs analyzed by the job. items: - $ref: "#/components/schemas/ThreatHuntingJobQuery" + $ref: "#/components/schemas/HistoricalJobQuery" type: array referenceTables: description: Reference tables used in the queries. @@ -36013,7 +36136,7 @@ components: - message type: object JobDefinitionFromRule: - description: Definition of a threat hunting job based on a security monitoring rule. + description: Definition of a historical job based on a security monitoring rule. properties: from: description: Starting time of data analyzed by the job. @@ -38412,6 +38535,17 @@ components: - data - meta type: object + ListHistoricalJobsResponse: + description: List of historical jobs. + properties: + data: + description: Array containing the list of historical jobs. + items: + $ref: "#/components/schemas/HistoricalJobResponseData" + type: array + meta: + $ref: "#/components/schemas/HistoricalJobListMeta" + type: object ListIntegrationsResponse: description: Response containing information about multiple integrations. properties: @@ -38763,17 +38897,6 @@ components: - _NAME - USER_COUNT - _USER_COUNT - ListThreatHuntingJobsResponse: - description: List of threat hunting jobs. - properties: - data: - description: Array containing the list of threat hunting jobs. - items: - $ref: "#/components/schemas/ThreatHuntingJobResponseData" - type: array - meta: - $ref: "#/components/schemas/ThreatHuntingJobListMeta" - type: object ListVulnerabilitiesResponse: description: The expected response schema when listing vulnerabilities. properties: @@ -56533,18 +56656,14 @@ components: $ref: "#/components/schemas/RumRetentionFilterData" type: array type: object - RunRetentionFilterName: - description: The name of a RUM retention filter. - example: "Retention filter for session" - type: string - RunThreatHuntingJobRequest: - description: Run a threat hunting job request. + RunHistoricalJobRequest: + description: Run a historical job request. properties: data: - $ref: "#/components/schemas/RunThreatHuntingJobRequestData" + $ref: "#/components/schemas/RunHistoricalJobRequestData" type: object - RunThreatHuntingJobRequestAttributes: - description: Run a threat hunting job request. + RunHistoricalJobRequestAttributes: + description: Run a historical job request. properties: fromRule: $ref: "#/components/schemas/JobDefinitionFromRule" @@ -56554,21 +56673,25 @@ components: jobDefinition: $ref: "#/components/schemas/JobDefinition" type: object - RunThreatHuntingJobRequestData: - description: Data for running a threat hunting job request. + RunHistoricalJobRequestData: + description: Data for running a historical job request. properties: attributes: - $ref: "#/components/schemas/RunThreatHuntingJobRequestAttributes" + $ref: "#/components/schemas/RunHistoricalJobRequestAttributes" type: - $ref: "#/components/schemas/RunThreatHuntingJobRequestDataType" + $ref: "#/components/schemas/RunHistoricalJobRequestDataType" type: object - RunThreatHuntingJobRequestDataType: + RunHistoricalJobRequestDataType: description: Type of data. enum: - historicalDetectionsJobCreate type: string x-enum-varnames: - HISTORICALDETECTIONSJOBCREATE + RunRetentionFilterName: + description: The name of a RUM retention filter. + example: "Retention filter for session" + type: string SAMLAssertionAttribute: description: SAML assertion attribute. properties: @@ -71480,129 +71603,6 @@ components: type: string x-enum-varnames: - TEST_OPTIMIZATION_UPDATE_SERVICE_SETTINGS_REQUEST - ThreatHuntingJobDataType: - description: Type of payload. - enum: - - historicalDetectionsJob - type: string - x-enum-varnames: - - HISTORICALDETECTIONSJOB - ThreatHuntingJobListMeta: - description: Metadata about the list of jobs. - properties: - totalCount: - description: Number of jobs in the list. - format: int32 - maximum: 2147483647 - type: integer - type: object - ThreatHuntingJobOptions: - description: Job options. - properties: - anomalyDetectionOptions: - $ref: "#/components/schemas/SecurityMonitoringRuleAnomalyDetectionOptions" - detectionMethod: - $ref: "#/components/schemas/SecurityMonitoringRuleDetectionMethod" - evaluationWindow: - $ref: "#/components/schemas/SecurityMonitoringRuleEvaluationWindow" - impossibleTravelOptions: - $ref: "#/components/schemas/SecurityMonitoringRuleImpossibleTravelOptions" - keepAlive: - $ref: "#/components/schemas/SecurityMonitoringRuleKeepAlive" - maxSignalDuration: - $ref: "#/components/schemas/SecurityMonitoringRuleMaxSignalDuration" - newValueOptions: - $ref: "#/components/schemas/SecurityMonitoringRuleNewValueOptions" - sequenceDetectionOptions: - $ref: "#/components/schemas/SecurityMonitoringRuleSequenceDetectionOptions" - thirdPartyRuleOptions: - $ref: "#/components/schemas/SecurityMonitoringRuleThirdPartyOptions" - type: object - ThreatHuntingJobQuery: - description: Query for selecting logs analyzed by the threat hunting job. - properties: - aggregation: - $ref: "#/components/schemas/SecurityMonitoringRuleQueryAggregation" - dataSource: - $ref: "#/components/schemas/SecurityMonitoringStandardDataSource" - distinctFields: - description: Field for which the cardinality is measured. Sent as an array. - items: - description: Field. - type: string - type: array - groupByFields: - description: Fields to group by. - items: - description: Field. - type: string - type: array - hasOptionalGroupByFields: - default: false - description: When false, events without a group-by value are ignored by the query. When true, events with missing group-by fields are processed with `N/A`, replacing the missing values. - example: false - type: boolean - metrics: - description: Group of target fields to aggregate over when using the sum, max, geo data, or new value aggregations. The sum, max, and geo data aggregations only accept one value in this list, whereas the new value aggregation accepts up to five values. - items: - description: Field. - type: string - type: array - name: - description: Name of the query. - type: string - query: - description: Query to run on logs. - example: a > 3 - type: string - type: object - ThreatHuntingJobResponse: - description: Threat hunting job response. - properties: - data: - $ref: "#/components/schemas/ThreatHuntingJobResponseData" - type: object - ThreatHuntingJobResponseAttributes: - description: Threat hunting job attributes. - properties: - createdAt: - description: Time when the job was created. - type: string - createdByHandle: - description: The handle of the user who created the job. - type: string - createdByName: - description: The name of the user who created the job. - type: string - createdFromRuleId: - description: ID of the rule used to create the job (if it is created from a rule). - type: string - jobDefinition: - $ref: "#/components/schemas/JobDefinition" - jobName: - description: Job name. - type: string - jobStatus: - description: Job status. - type: string - modifiedAt: - description: Last modification time of the job. - type: string - signalOutput: - description: Whether the job outputs signals. - type: boolean - type: object - ThreatHuntingJobResponseData: - description: Threat hunting job response data. - properties: - attributes: - $ref: "#/components/schemas/ThreatHuntingJobResponseAttributes" - id: - description: ID of the job. - type: string - type: - $ref: "#/components/schemas/ThreatHuntingJobDataType" - type: object TimeAggregation: description: |- Time aggregation period (in seconds) is used to aggregate the results of the notification rule evaluation. @@ -109986,7 +109986,7 @@ paths: - incident_settings_write x-unstable: |- **Note**: This endpoint is deprecated. - /api/v2/siem-threat-hunting/histsignals: + /api/v2/siem-historical-detections/histsignals: get: description: List hist signals. operationId: ListSecurityMonitoringHistsignals @@ -110026,7 +110026,7 @@ paths: x-unstable: |- **Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates. - /api/v2/siem-threat-hunting/histsignals/search: + /api/v2/siem-historical-detections/histsignals/search: get: description: Search hist signals. operationId: SearchSecurityMonitoringHistsignals @@ -110065,12 +110065,12 @@ paths: x-unstable: |- **Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates. - /api/v2/siem-threat-hunting/histsignals/{histsignal_id}: + /api/v2/siem-historical-detections/histsignals/{histsignal_id}: get: description: Get a hist signal's details. operationId: GetSecurityMonitoringHistsignal parameters: - - $ref: "#/components/parameters/ThreatHuntingSignalID" + - $ref: "#/components/parameters/HistoricalSignalID" responses: "200": content: @@ -110100,10 +110100,10 @@ paths: x-unstable: |- **Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates. - /api/v2/siem-threat-hunting/jobs: + /api/v2/siem-historical-detections/jobs: get: - description: List threat hunting jobs. - operationId: ListThreatHuntingJobs + description: List historical jobs. + operationId: ListHistoricalJobs parameters: - $ref: "#/components/parameters/PageSize" - $ref: "#/components/parameters/PageNumber" @@ -110126,7 +110126,7 @@ paths: content: "application/json": schema: - $ref: "#/components/schemas/ListThreatHuntingJobsResponse" + $ref: "#/components/schemas/ListHistoricalJobsResponse" description: OK "400": $ref: "#/components/responses/BadRequestResponse" @@ -110138,20 +110138,20 @@ paths: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] - summary: List threat hunting jobs + summary: List historical jobs tags: ["Security Monitoring"] x-unstable: |- **Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates. post: description: |- - Run a threat hunting job. - operationId: RunThreatHuntingJob + Run a historical job. + operationId: RunHistoricalJob requestBody: content: "application/json": schema: - $ref: "#/components/schemas/RunThreatHuntingJobRequest" + $ref: "#/components/schemas/RunHistoricalJobRequest" required: true responses: "201": @@ -110175,7 +110175,7 @@ paths: appKeyAuth: [] - AuthZ: - security_monitoring_rules_write - summary: Run a threat hunting job + summary: Run a historical job tags: ["Security Monitoring"] x-codegen-request-body-name: body "x-permission": @@ -110185,7 +110185,7 @@ paths: x-unstable: |- **Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates. - /api/v2/siem-threat-hunting/jobs/signal_convert: + /api/v2/siem-historical-detections/jobs/signal_convert: post: description: |- Convert a job result to a signal. @@ -110219,13 +110219,13 @@ paths: x-unstable: |- **Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates. - /api/v2/siem-threat-hunting/jobs/{job_id}: + /api/v2/siem-historical-detections/jobs/{job_id}: delete: description: |- Delete an existing job. - operationId: DeleteThreatHuntingJob + operationId: DeleteHistoricalJob parameters: - - $ref: "#/components/parameters/ThreatHuntingJobID" + - $ref: "#/components/parameters/HistoricalJobID" responses: "204": description: OK @@ -110252,15 +110252,15 @@ paths: Please check the documentation regularly for updates. get: description: Get a job's details. - operationId: GetThreatHuntingJob + operationId: GetHistoricalJob parameters: - - $ref: "#/components/parameters/ThreatHuntingJobID" + - $ref: "#/components/parameters/HistoricalJobID" responses: "200": content: "application/json": schema: - $ref: "#/components/schemas/ThreatHuntingJobResponse" + $ref: "#/components/schemas/HistoricalJobResponse" description: OK "400": $ref: "#/components/responses/BadRequestResponse" @@ -110284,12 +110284,12 @@ paths: x-unstable: |- **Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates. - /api/v2/siem-threat-hunting/jobs/{job_id}/cancel: + /api/v2/siem-historical-detections/jobs/{job_id}/cancel: patch: - description: Cancel a threat hunting job. - operationId: CancelThreatHuntingJob + description: Cancel a historical job. + operationId: CancelHistoricalJob parameters: - - $ref: "#/components/parameters/ThreatHuntingJobID" + - $ref: "#/components/parameters/HistoricalJobID" responses: "204": description: OK @@ -110310,7 +110310,7 @@ paths: appKeyAuth: [] - AuthZ: - security_monitoring_rules_write - summary: Cancel a threat hunting job + summary: Cancel a historical job tags: ["Security Monitoring"] "x-permission": operator: OR @@ -110319,12 +110319,12 @@ paths: x-unstable: |- **Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates. - /api/v2/siem-threat-hunting/jobs/{job_id}/histsignals: + /api/v2/siem-historical-detections/jobs/{job_id}/histsignals: get: description: Get a job's hist signals. operationId: GetSecurityMonitoringHistsignalsByJobId parameters: - - $ref: "#/components/parameters/ThreatHuntingJobID" + - $ref: "#/components/parameters/HistoricalJobID" - $ref: "#/components/parameters/QueryFilterSearch" - $ref: "#/components/parameters/QueryFilterFrom" - $ref: "#/components/parameters/QueryFilterTo" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Bad-Request-response_2626511957/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Bad-Request-response_2626511957/frozen.json index b5a56d601766..548b7c62096c 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Bad-Request-response_2626511957/frozen.json +++ b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Bad-Request-response_2626511957/frozen.json @@ -1 +1 @@ -"2025-10-24T14:24:00.041Z" +"2026-04-13T09:15:40.141Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Bad-Request-response_2626511957/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Bad-Request-response_2626511957/recording.har index 5dce883c618a..5dc8c09353bf 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Bad-Request-response_2626511957/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Bad-Request-response_2626511957/recording.har @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "e4257625426956fbc2c716c61d098a68", + "_id": "9ee0d12dc2a76c2c4cd5598af0680035", "_order": 0, "cache": {}, "request": { @@ -21,11 +21,11 @@ "value": "*/*" } ], - "headersSize": 532, + "headersSize": 536, "httpVersion": "HTTP/1.1", "method": "PATCH", "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/inva-lid/cancel" + "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/inva-lid/cancel" }, "response": { "bodySize": 54, @@ -47,8 +47,8 @@ "status": 400, "statusText": "Bad Request" }, - "startedDateTime": "2025-10-24T14:24:00.666Z", - "time": 183 + "startedDateTime": "2026-04-13T09:15:41.062Z", + "time": 101 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Not-Found-response_1180168758/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Not-Found-response_1180168758/frozen.json index 43f153497ff5..937c06dd7699 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Not-Found-response_1180168758/frozen.json +++ b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Not-Found-response_1180168758/frozen.json @@ -1 +1 @@ -"2025-10-24T14:24:00.856Z" +"2026-04-13T09:15:41.174Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Not-Found-response_1180168758/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Not-Found-response_1180168758/recording.har index 195bfa7dfb98..0967fe8b1864 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Not-Found-response_1180168758/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Not-Found-response_1180168758/recording.har @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "e39b14a977fad872956237286fee579e", + "_id": "699b2b92566c9d9269d6d218f57402f8", "_order": 0, "cache": {}, "request": { @@ -21,11 +21,11 @@ "value": "*/*" } ], - "headersSize": 560, + "headersSize": 564, "httpVersion": "HTTP/1.1", "method": "PATCH", "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93/cancel" + "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93/cancel" }, "response": { "bodySize": 50, @@ -47,7 +47,7 @@ "status": 404, "statusText": "Not Found" }, - "startedDateTime": "2025-10-24T14:24:00.869Z", + "startedDateTime": "2026-04-13T09:15:41.178Z", "time": 101 } ], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-OK-response_1956551145/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-OK-response_1956551145/frozen.json index 83279b597ce6..6f35a2040c74 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-OK-response_1956551145/frozen.json +++ b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-OK-response_1956551145/frozen.json @@ -1 +1 @@ -"2025-10-24T14:24:00.975Z" +"2026-04-13T09:15:41.286Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-OK-response_1956551145/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-OK-response_1956551145/recording.har index e7e8eb7093f4..aa689f2e60ab 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-OK-response_1956551145/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-OK-response_1956551145/recording.har @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "4c138fa0d83459728bd7894a659525ac", + "_id": "6bb82102e994f0d1ee96e1e3f1d80ffd", "_order": 0, "cache": {}, "request": { @@ -26,7 +26,7 @@ "value": "application/json" } ], - "headersSize": 578, + "headersSize": 582, "httpVersion": "HTTP/1.1", "method": "POST", "postData": { @@ -35,14 +35,14 @@ "text": "{\"data\":{\"attributes\":{\"jobDefinition\":{\"cases\":[{\"condition\":\"a > 1\",\"name\":\"Condition 1\",\"notifications\":[],\"status\":\"info\"}],\"from\":1730387522611,\"index\":\"main\",\"message\":\"A large number of failed login attempts.\",\"name\":\"Excessive number of failed attempts.\",\"options\":{\"evaluationWindow\":900,\"keepAlive\":3600,\"maxSignalDuration\":86400},\"queries\":[{\"aggregation\":\"count\",\"distinctFields\":[],\"groupByFields\":[],\"query\":\"source:non_existing_src_weekend\"}],\"tags\":[],\"to\":1730387532611,\"type\":\"log_detection\"}},\"type\":\"historicalDetectionsJobCreate\"}}" }, "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs" + "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs" }, "response": { "bodySize": 87, "content": { "mimeType": "application/vnd.api+json", "size": 87, - "text": "{\"data\":{\"id\":\"cafe565c-106b-486e-ad21-a712656723b4\",\"type\":\"historicalDetectionsJob\"}}" + "text": "{\"data\":{\"id\":\"67278df4-84b8-4413-884b-88d9facdb68a\",\"type\":\"historicalDetectionsJob\"}}" }, "cookies": [], "headers": [ @@ -57,11 +57,11 @@ "status": 201, "statusText": "Created" }, - "startedDateTime": "2025-10-24T14:24:00.980Z", - "time": 140 + "startedDateTime": "2026-04-13T09:15:41.290Z", + "time": 210 }, { - "_id": "260d5e644c21417854680ac43b40d556", + "_id": "f7ee4604982adbca72d6b8ad43fcc8d7", "_order": 0, "cache": {}, "request": { @@ -74,11 +74,11 @@ "value": "*/*" } ], - "headersSize": 560, + "headersSize": 563, "httpVersion": "HTTP/1.1", "method": "PATCH", "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/cafe565c-106b-486e-ad21-a712656723b4/cancel" + "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/67278df4-84b8-4413-884b-88d9facdb68a/cancel" }, "response": { "bodySize": 0, @@ -94,8 +94,8 @@ "status": 204, "statusText": "No Content" }, - "startedDateTime": "2025-10-24T14:24:01.125Z", - "time": 92 + "startedDateTime": "2026-04-13T09:15:41.506Z", + "time": 139 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Convert-a-job-result-to-a-signal-returns-Bad-Request-response_2618814137/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Convert-a-job-result-to-a-signal-returns-Bad-Request-response_2618814137/frozen.json index 85dc03005dbc..6d2334e387e1 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Convert-a-job-result-to-a-signal-returns-Bad-Request-response_2618814137/frozen.json +++ b/cassettes/v2/Security-Monitoring_1187227211/Convert-a-job-result-to-a-signal-returns-Bad-Request-response_2618814137/frozen.json @@ -1 +1 @@ -"2025-10-24T14:24:01.235Z" +"2026-04-13T09:15:41.656Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Convert-a-job-result-to-a-signal-returns-Bad-Request-response_2618814137/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Convert-a-job-result-to-a-signal-returns-Bad-Request-response_2618814137/recording.har index 32dddbcbba41..8709b47827d2 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Convert-a-job-result-to-a-signal-returns-Bad-Request-response_2618814137/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Convert-a-job-result-to-a-signal-returns-Bad-Request-response_2618814137/recording.har @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "547f0189451a142459cd9f22ee5351f6", + "_id": "0d4946af2c85586b74ddeb117a50a4a6", "_order": 0, "cache": {}, "request": { @@ -26,7 +26,7 @@ "value": "application/json" } ], - "headersSize": 585, + "headersSize": 592, "httpVersion": "HTTP/1.1", "method": "POST", "postData": { @@ -35,7 +35,7 @@ "text": "{\"data\":{\"attributes\":{\"jobResultIds\":[\"\"],\"notifications\":[\"\"],\"signalMessage\":\"A large number of failed login attempts.\",\"signalSeverity\":\"critical\"},\"type\":\"historicalDetectionsJobResultSignalConversion\"}}" }, "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/signal_convert" + "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/signal_convert" }, "response": { "bodySize": 91, @@ -57,8 +57,8 @@ "status": 400, "statusText": "Bad Request" }, - "startedDateTime": "2025-10-24T14:24:01.238Z", - "time": 74 + "startedDateTime": "2026-04-13T09:15:41.659Z", + "time": 132 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Bad-Request-response_812796719/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Bad-Request-response_812796719/frozen.json index 43d60b929130..61cf9aad7a34 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Bad-Request-response_812796719/frozen.json +++ b/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Bad-Request-response_812796719/frozen.json @@ -1 +1 @@ -"2025-10-24T14:24:01.339Z" +"2026-04-13T09:15:41.819Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Bad-Request-response_812796719/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Bad-Request-response_812796719/recording.har index 0cf09beadde1..adf336ca58ea 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Bad-Request-response_812796719/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Bad-Request-response_812796719/recording.har @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "75c431a76ec2040e5a4c0f15acc3ea11", + "_id": "74a52942ee0024790dc5b284709530a7", "_order": 0, "cache": {}, "request": { @@ -21,11 +21,11 @@ "value": "*/*" } ], - "headersSize": 526, + "headersSize": 530, "httpVersion": "HTTP/1.1", "method": "DELETE", "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/inva-lid" + "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/inva-lid" }, "response": { "bodySize": 78, @@ -47,8 +47,8 @@ "status": 400, "statusText": "Bad Request" }, - "startedDateTime": "2025-10-24T14:24:01.341Z", - "time": 81 + "startedDateTime": "2026-04-13T09:15:42.327Z", + "time": 113 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Not-Found-response_3638474920/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Not-Found-response_3638474920/frozen.json index 0b5719d0620d..c453665e6926 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Not-Found-response_3638474920/frozen.json +++ b/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Not-Found-response_3638474920/frozen.json @@ -1 +1 @@ -"2025-10-24T14:24:01.428Z" +"2026-04-13T09:15:42.455Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Not-Found-response_3638474920/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Not-Found-response_3638474920/recording.har index 85efc0f9cd1c..8e75ad21d4a1 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Not-Found-response_3638474920/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Not-Found-response_3638474920/recording.har @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "4d768dca9f974e76a412a45a6abf3e26", + "_id": "9e763f3fed9d995ac14975ddbbeec6b1", "_order": 0, "cache": {}, "request": { @@ -21,11 +21,11 @@ "value": "*/*" } ], - "headersSize": 552, + "headersSize": 558, "httpVersion": "HTTP/1.1", "method": "DELETE", "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" + "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" }, "response": { "bodySize": 50, @@ -47,8 +47,8 @@ "status": 404, "statusText": "Not Found" }, - "startedDateTime": "2025-10-24T14:24:01.433Z", - "time": 93 + "startedDateTime": "2026-04-13T09:15:42.461Z", + "time": 62 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Bad-Request-response_334587409/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Bad-Request-response_334587409/frozen.json index 76b7447ff6ce..b738d2daa709 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Bad-Request-response_334587409/frozen.json +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Bad-Request-response_334587409/frozen.json @@ -1 +1 @@ -"2025-10-24T14:24:01.540Z" +"2026-04-13T09:15:42.536Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Bad-Request-response_334587409/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Bad-Request-response_334587409/recording.har index b8da1baa1b95..888d3edfe7cd 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Bad-Request-response_334587409/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Bad-Request-response_334587409/recording.har @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "97fa0f78e4c02b547fb1fd5e12937587", + "_id": "b91d3d2f868f0795c35b288e8f822892", "_order": 0, "cache": {}, "request": { @@ -21,11 +21,11 @@ "value": "application/json" } ], - "headersSize": 532, + "headersSize": 537, "httpVersion": "HTTP/1.1", "method": "GET", "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/inva-lid" + "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/inva-lid" }, "response": { "bodySize": 54, @@ -47,8 +47,8 @@ "status": 400, "statusText": "Bad Request" }, - "startedDateTime": "2025-10-24T14:24:01.543Z", - "time": 71 + "startedDateTime": "2026-04-13T09:15:42.539Z", + "time": 54 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Not-Found-response_2859948026/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Not-Found-response_2859948026/frozen.json index 92af3308d292..5e9d77b98ed1 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Not-Found-response_2859948026/frozen.json +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Not-Found-response_2859948026/frozen.json @@ -1 +1 @@ -"2025-10-24T14:24:01.618Z" +"2026-04-13T09:15:42.599Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Not-Found-response_2859948026/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Not-Found-response_2859948026/recording.har index ae4320831322..91baa52b519d 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Not-Found-response_2859948026/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Not-Found-response_2859948026/recording.har @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "5374e38c55425a83f75d7f135c065277", + "_id": "30d26c2a643971ca97218f20041d2227", "_order": 0, "cache": {}, "request": { @@ -21,11 +21,11 @@ "value": "application/json" } ], - "headersSize": 561, + "headersSize": 564, "httpVersion": "HTTP/1.1", "method": "GET", "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" + "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" }, "response": { "bodySize": 116, @@ -47,8 +47,8 @@ "status": 404, "statusText": "Not Found" }, - "startedDateTime": "2025-10-24T14:24:01.621Z", - "time": 81 + "startedDateTime": "2026-04-13T09:15:42.601Z", + "time": 56 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-OK-response_1805717789/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-OK-response_1805717789/frozen.json index 124c833e2238..1f13d6253af7 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-OK-response_1805717789/frozen.json +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-OK-response_1805717789/frozen.json @@ -1 +1 @@ -"2025-11-11T21:36:52.314Z" +"2026-04-13T09:15:42.662Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-OK-response_1805717789/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-OK-response_1805717789/recording.har index a59db941ebd2..062402539889 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-OK-response_1805717789/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-OK-response_1805717789/recording.har @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "4c138fa0d83459728bd7894a659525ac", + "_id": "6bb82102e994f0d1ee96e1e3f1d80ffd", "_order": 0, "cache": {}, "request": { @@ -26,7 +26,7 @@ "value": "application/json" } ], - "headersSize": 598, + "headersSize": 582, "httpVersion": "HTTP/1.1", "method": "POST", "postData": { @@ -35,14 +35,14 @@ "text": "{\"data\":{\"attributes\":{\"jobDefinition\":{\"cases\":[{\"condition\":\"a > 1\",\"name\":\"Condition 1\",\"notifications\":[],\"status\":\"info\"}],\"from\":1730387522611,\"index\":\"main\",\"message\":\"A large number of failed login attempts.\",\"name\":\"Excessive number of failed attempts.\",\"options\":{\"evaluationWindow\":900,\"keepAlive\":3600,\"maxSignalDuration\":86400},\"queries\":[{\"aggregation\":\"count\",\"distinctFields\":[],\"groupByFields\":[],\"query\":\"source:non_existing_src_weekend\"}],\"tags\":[],\"to\":1730387532611,\"type\":\"log_detection\"}},\"type\":\"historicalDetectionsJobCreate\"}}" }, "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs" + "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs" }, "response": { "bodySize": 87, "content": { "mimeType": "application/vnd.api+json", "size": 87, - "text": "{\"data\":{\"id\":\"66896986-212c-4e6c-9890-14e5cfd0fc19\",\"type\":\"historicalDetectionsJob\"}}" + "text": "{\"data\":{\"id\":\"876b8334-58f8-4b7d-8e62-0101cb019208\",\"type\":\"historicalDetectionsJob\"}}" }, "cookies": [], "headers": [ @@ -57,11 +57,11 @@ "status": 201, "statusText": "Created" }, - "startedDateTime": "2025-11-11T21:36:52.320Z", - "time": 249 + "startedDateTime": "2026-04-13T09:15:42.665Z", + "time": 78 }, { - "_id": "288fd23d8d2d2972e670accb59b90273", + "_id": "8e624a477fe418ef6d32b48313dc1217", "_order": 0, "cache": {}, "request": { @@ -74,18 +74,18 @@ "value": "application/json" } ], - "headersSize": 581, + "headersSize": 565, "httpVersion": "HTTP/1.1", "method": "GET", "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/66896986-212c-4e6c-9890-14e5cfd0fc19" + "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/876b8334-58f8-4b7d-8e62-0101cb019208" }, "response": { - "bodySize": 931, + "bodySize": 955, "content": { "mimeType": "application/vnd.api+json", - "size": 931, - "text": "{\"data\":{\"id\":\"66896986-212c-4e6c-9890-14e5cfd0fc19\",\"type\":\"historicalDetectionsJob\",\"attributes\":{\"createdAt\":\"2025-11-11 21:36:52.581297+00\",\"createdByHandle\":\"frog@datadoghq.com\",\"createdByName\":\"frog\",\"jobDefinition\":{\"from\":1730387522611,\"to\":1730387532611,\"index\":\"main\",\"name\":\"Excessive number of failed attempts.\",\"cases\":[{\"name\":\"Condition 1\",\"status\":\"info\",\"notifications\":[],\"condition\":\"a \\u003e 1\"}],\"queries\":[{\"query\":\"source:non_existing_src_weekend\",\"groupByFields\":[],\"hasOptionalGroupByFields\":false,\"distinctFields\":[],\"aggregation\":\"count\",\"name\":\"\",\"dataSource\":\"logs\"}],\"options\":{\"evaluationWindow\":900,\"detectionMethod\":\"threshold\",\"maxSignalDuration\":86400,\"keepAlive\":3600},\"message\":\"A large number of failed login attempts.\",\"tags\":[],\"type\":\"log_detection\"},\"jobName\":\"Excessive number of failed attempts.\",\"jobStatus\":\"pending\",\"modifiedAt\":\"2025-11-11 21:36:52.581297+00\",\"signalOutput\":false}}}" + "size": 955, + "text": "{\"data\":{\"id\":\"876b8334-58f8-4b7d-8e62-0101cb019208\",\"type\":\"historicalDetectionsJob\",\"attributes\":{\"createdAt\":\"2026-04-13 09:15:42.715435+00\",\"createdByHandle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"createdByName\":\"CI Account\",\"jobDefinition\":{\"from\":1730387522611,\"to\":1730387532611,\"index\":\"main\",\"name\":\"Excessive number of failed attempts.\",\"cases\":[{\"name\":\"Condition 1\",\"status\":\"info\",\"notifications\":[],\"condition\":\"a \\u003e 1\"}],\"queries\":[{\"query\":\"source:non_existing_src_weekend\",\"groupByFields\":[],\"hasOptionalGroupByFields\":false,\"distinctFields\":[],\"aggregation\":\"count\",\"name\":\"\",\"dataSource\":\"logs\"}],\"options\":{\"evaluationWindow\":900,\"detectionMethod\":\"threshold\",\"maxSignalDuration\":86400,\"keepAlive\":3600},\"message\":\"A large number of failed login attempts.\",\"tags\":[],\"type\":\"log_detection\"},\"jobName\":\"Excessive number of failed attempts.\",\"jobStatus\":\"pending\",\"modifiedAt\":\"2026-04-13 09:15:42.715435+00\",\"signalOutput\":false}}}" }, "cookies": [], "headers": [ @@ -100,8 +100,8 @@ "status": 200, "statusText": "OK" }, - "startedDateTime": "2025-11-11T21:36:52.580Z", - "time": 101 + "startedDateTime": "2026-04-13T09:15:42.748Z", + "time": 54 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/List-historical-jobs-returns-OK-response_1213227315/recording.har b/cassettes/v2/Security-Monitoring_1187227211/List-historical-jobs-returns-OK-response_1213227315/recording.har index d5baa771df5e..82b386e56f0a 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/List-historical-jobs-returns-OK-response_1213227315/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/List-historical-jobs-returns-OK-response_1213227315/recording.har @@ -35,7 +35,7 @@ "text": "{\"data\":{\"attributes\":{\"jobDefinition\":{\"cases\":[{\"condition\":\"a > 1\",\"name\":\"Condition 1\",\"notifications\":[],\"status\":\"info\"}],\"from\":1730387522611,\"index\":\"main\",\"message\":\"A large number of failed login attempts.\",\"name\":\"Excessive number of failed attempts.\",\"options\":{\"evaluationWindow\":900,\"keepAlive\":3600,\"maxSignalDuration\":86400},\"queries\":[{\"aggregation\":\"count\",\"distinctFields\":[],\"groupByFields\":[],\"query\":\"source:non_existing_src_weekend\"}],\"tags\":[],\"to\":1730387532611,\"type\":\"log_detection\"}},\"type\":\"historicalDetectionsJobCreate\"}}" }, "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs" + "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs" }, "response": { "bodySize": 87, @@ -85,7 +85,7 @@ } } ], - "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs?filter%5Bquery%5D=id%3Ac3564eed-ff70-43e1-ab6f-593de95bd21f" + "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs?filter%5Bquery%5D=id%3Ac3564eed-ff70-43e1-ab6f-593de95bd21f" }, "response": { "bodySize": 957, diff --git a/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Bad-Request-response_3841593672/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Bad-Request-response_3841593672/frozen.json new file mode 100644 index 000000000000..f03c30068a0f --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Bad-Request-response_3841593672/frozen.json @@ -0,0 +1 @@ +"2026-04-13T09:15:42.851Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Bad-Request-response_1567776629/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Bad-Request-response_3841593672/recording.har similarity index 86% rename from cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Bad-Request-response_1567776629/recording.har rename to cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Bad-Request-response_3841593672/recording.har index 8746624d05cd..68fd9b4fab8e 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Bad-Request-response_1567776629/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Bad-Request-response_3841593672/recording.har @@ -1,6 +1,6 @@ { "log": { - "_recordingName": "Security Monitoring/Run a threat hunting job returns \"Bad Request\" response", + "_recordingName": "Security Monitoring/Run a historical job returns \"Bad Request\" response", "creator": { "comment": "persister:fs", "name": "Polly.JS", @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "8385b3da78cdf5dc4258fcc039b5013a", + "_id": "d6c37d4c15bfd57cafedccbe43952e41", "_order": 0, "cache": {}, "request": { @@ -26,7 +26,7 @@ "value": "application/json" } ], - "headersSize": 578, + "headersSize": 582, "httpVersion": "HTTP/1.1", "method": "POST", "postData": { @@ -35,7 +35,7 @@ "text": "{\"data\":{\"attributes\":{\"jobDefinition\":{\"cases\":[{\"condition\":\"a > 1\",\"name\":\"Condition 1\",\"notifications\":[],\"status\":\"info\"}],\"from\":1730387522611,\"index\":\"non_existing_index\",\"message\":\"A large number of failed login attempts.\",\"name\":\"Excessive number of failed attempts.\",\"options\":{\"evaluationWindow\":900,\"keepAlive\":3600,\"maxSignalDuration\":86400},\"queries\":[{\"aggregation\":\"count\",\"distinctFields\":[],\"groupByFields\":[],\"query\":\"source:non_existing_src_weekend\"}],\"tags\":[],\"to\":1730391122611,\"type\":\"log_detection\"}},\"type\":\"historicalDetectionsJobCreate\"}}" }, "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs" + "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs" }, "response": { "bodySize": 96, @@ -57,8 +57,8 @@ "status": 400, "statusText": "Bad Request" }, - "startedDateTime": "2025-10-24T14:24:02.389Z", - "time": 93 + "startedDateTime": "2026-04-13T09:15:42.854Z", + "time": 64 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Not-Found-response_258356351/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Not-Found-response_258356351/frozen.json new file mode 100644 index 000000000000..adb6f53fea33 --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Not-Found-response_258356351/frozen.json @@ -0,0 +1 @@ +"2026-04-13T09:15:42.922Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Not-Found-response_4013068630/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Not-Found-response_258356351/recording.har similarity index 83% rename from cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Not-Found-response_4013068630/recording.har rename to cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Not-Found-response_258356351/recording.har index 7917aa1c1e31..597aabaecdcb 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Not-Found-response_4013068630/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Not-Found-response_258356351/recording.har @@ -1,6 +1,6 @@ { "log": { - "_recordingName": "Security Monitoring/Run a threat hunting job returns \"Not Found\" response", + "_recordingName": "Security Monitoring/Run a historical job returns \"Not Found\" response", "creator": { "comment": "persister:fs", "name": "Polly.JS", @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "ad287eca8deaa404d9ebbd2408021229", + "_id": "6baefcd2575a7f9d36bff35d836edcfc", "_order": 0, "cache": {}, "request": { @@ -26,7 +26,7 @@ "value": "application/json" } ], - "headersSize": 578, + "headersSize": 582, "httpVersion": "HTTP/1.1", "method": "POST", "postData": { @@ -35,7 +35,7 @@ "text": "{\"data\":{\"attributes\":{\"fromRule\":{\"from\":1730201035064,\"id\":\"non-existng\",\"index\":\"main\",\"notifications\":[],\"to\":1730204635115}},\"type\":\"historicalDetectionsJobCreate\"}}" }, "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs" + "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs" }, "response": { "bodySize": 49, @@ -57,8 +57,8 @@ "status": 404, "statusText": "Not Found" }, - "startedDateTime": "2025-10-24T14:24:02.489Z", - "time": 76 + "startedDateTime": "2026-04-13T09:15:42.924Z", + "time": 51 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Status-created-response_2964716074/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Status-created-response_2964716074/frozen.json new file mode 100644 index 000000000000..0f3506abe1ea --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Status-created-response_2964716074/frozen.json @@ -0,0 +1 @@ +"2026-04-13T09:15:42.979Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Status-created-response_674813617/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Status-created-response_2964716074/recording.har similarity index 81% rename from cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Status-created-response_674813617/recording.har rename to cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Status-created-response_2964716074/recording.har index 4e45701183b8..1f52562b02f7 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Status-created-response_674813617/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Status-created-response_2964716074/recording.har @@ -1,6 +1,6 @@ { "log": { - "_recordingName": "Security Monitoring/Run a threat hunting job returns \"Status created\" response", + "_recordingName": "Security Monitoring/Run a historical job returns \"Status created\" response", "creator": { "comment": "persister:fs", "name": "Polly.JS", @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "4c138fa0d83459728bd7894a659525ac", + "_id": "6bb82102e994f0d1ee96e1e3f1d80ffd", "_order": 0, "cache": {}, "request": { @@ -26,7 +26,7 @@ "value": "application/json" } ], - "headersSize": 577, + "headersSize": 582, "httpVersion": "HTTP/1.1", "method": "POST", "postData": { @@ -35,14 +35,14 @@ "text": "{\"data\":{\"attributes\":{\"jobDefinition\":{\"cases\":[{\"condition\":\"a > 1\",\"name\":\"Condition 1\",\"notifications\":[],\"status\":\"info\"}],\"from\":1730387522611,\"index\":\"main\",\"message\":\"A large number of failed login attempts.\",\"name\":\"Excessive number of failed attempts.\",\"options\":{\"evaluationWindow\":900,\"keepAlive\":3600,\"maxSignalDuration\":86400},\"queries\":[{\"aggregation\":\"count\",\"distinctFields\":[],\"groupByFields\":[],\"query\":\"source:non_existing_src_weekend\"}],\"tags\":[],\"to\":1730387532611,\"type\":\"log_detection\"}},\"type\":\"historicalDetectionsJobCreate\"}}" }, "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs" + "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs" }, "response": { "bodySize": 87, "content": { "mimeType": "application/vnd.api+json", "size": 87, - "text": "{\"data\":{\"id\":\"6ff7a8ce-a0d1-4ea3-8cc9-e9c52cda0d24\",\"type\":\"historicalDetectionsJob\"}}" + "text": "{\"data\":{\"id\":\"8ce2a4d4-db9e-445d-93bb-b60980d56d25\",\"type\":\"historicalDetectionsJob\"}}" }, "cookies": [], "headers": [ @@ -57,8 +57,8 @@ "status": 201, "statusText": "Created" }, - "startedDateTime": "2025-10-24T14:24:02.572Z", - "time": 104 + "startedDateTime": "2026-04-13T09:15:42.981Z", + "time": 154 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Bad-Request-response_1567776629/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Bad-Request-response_1567776629/frozen.json deleted file mode 100644 index 7bb1005d01cf..000000000000 --- a/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Bad-Request-response_1567776629/frozen.json +++ /dev/null @@ -1 +0,0 @@ -"2025-10-24T14:24:02.385Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Not-Found-response_4013068630/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Not-Found-response_4013068630/frozen.json deleted file mode 100644 index 0436a829ceba..000000000000 --- a/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Not-Found-response_4013068630/frozen.json +++ /dev/null @@ -1 +0,0 @@ -"2025-10-24T14:24:02.486Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Status-created-response_674813617/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Status-created-response_674813617/frozen.json deleted file mode 100644 index 609cbdfc0aa7..000000000000 --- a/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Status-created-response_674813617/frozen.json +++ /dev/null @@ -1 +0,0 @@ -"2025-10-24T14:24:02.570Z" diff --git a/examples/v2/security-monitoring/CancelThreatHuntingJob_1945505845.ts b/examples/v2/security-monitoring/CancelHistoricalJob.ts similarity index 50% rename from examples/v2/security-monitoring/CancelThreatHuntingJob_1945505845.ts rename to examples/v2/security-monitoring/CancelHistoricalJob.ts index 2cb927c171d0..6bff4c4b9632 100644 --- a/examples/v2/security-monitoring/CancelThreatHuntingJob_1945505845.ts +++ b/examples/v2/security-monitoring/CancelHistoricalJob.ts @@ -5,20 +5,19 @@ import { client, v2 } from "@datadog/datadog-api-client"; const configuration = client.createConfiguration(); -configuration.unstableOperations["v2.cancelThreatHuntingJob"] = true; -configuration.unstableOperations["v2.runThreatHuntingJob"] = true; +configuration.unstableOperations["v2.cancelHistoricalJob"] = true; +configuration.unstableOperations["v2.runHistoricalJob"] = true; const apiInstance = new v2.SecurityMonitoringApi(configuration); -// there is a valid "threat_hunting_job" in the system -const THREAT_HUNTING_JOB_DATA_ID = process.env - .THREAT_HUNTING_JOB_DATA_ID as string; +// there is a valid "historical_job" in the system +const HISTORICAL_JOB_DATA_ID = process.env.HISTORICAL_JOB_DATA_ID as string; -const params: v2.SecurityMonitoringApiCancelThreatHuntingJobRequest = { - jobId: THREAT_HUNTING_JOB_DATA_ID, +const params: v2.SecurityMonitoringApiCancelHistoricalJobRequest = { + jobId: HISTORICAL_JOB_DATA_ID, }; apiInstance - .cancelThreatHuntingJob(params) + .cancelHistoricalJob(params) .then((data: any) => { console.log( "API called successfully. Returned data: " + JSON.stringify(data) diff --git a/examples/v2/security-monitoring/CancelThreatHuntingJob.ts b/examples/v2/security-monitoring/CancelThreatHuntingJob.ts deleted file mode 100644 index 182ccef5b3c3..000000000000 --- a/examples/v2/security-monitoring/CancelThreatHuntingJob.ts +++ /dev/null @@ -1,22 +0,0 @@ -/** - * Cancel a threat hunting job returns "OK" response - */ - -import { client, v2 } from "@datadog/datadog-api-client"; - -const configuration = client.createConfiguration(); -configuration.unstableOperations["v2.cancelThreatHuntingJob"] = true; -const apiInstance = new v2.SecurityMonitoringApi(configuration); - -const params: v2.SecurityMonitoringApiCancelThreatHuntingJobRequest = { - jobId: "job_id", -}; - -apiInstance - .cancelThreatHuntingJob(params) - .then((data: any) => { - console.log( - "API called successfully. Returned data: " + JSON.stringify(data) - ); - }) - .catch((error: any) => console.error(error)); diff --git a/examples/v2/security-monitoring/DeleteThreatHuntingJob.ts b/examples/v2/security-monitoring/DeleteHistoricalJob.ts similarity index 71% rename from examples/v2/security-monitoring/DeleteThreatHuntingJob.ts rename to examples/v2/security-monitoring/DeleteHistoricalJob.ts index 4670a9022e8e..f2cfd17873f5 100644 --- a/examples/v2/security-monitoring/DeleteThreatHuntingJob.ts +++ b/examples/v2/security-monitoring/DeleteHistoricalJob.ts @@ -5,15 +5,15 @@ import { client, v2 } from "@datadog/datadog-api-client"; const configuration = client.createConfiguration(); -configuration.unstableOperations["v2.deleteThreatHuntingJob"] = true; +configuration.unstableOperations["v2.deleteHistoricalJob"] = true; const apiInstance = new v2.SecurityMonitoringApi(configuration); -const params: v2.SecurityMonitoringApiDeleteThreatHuntingJobRequest = { +const params: v2.SecurityMonitoringApiDeleteHistoricalJobRequest = { jobId: "job_id", }; apiInstance - .deleteThreatHuntingJob(params) + .deleteHistoricalJob(params) .then((data: any) => { console.log( "API called successfully. Returned data: " + JSON.stringify(data) diff --git a/examples/v2/security-monitoring/GetHistoricalJob.ts b/examples/v2/security-monitoring/GetHistoricalJob.ts new file mode 100644 index 000000000000..a4f838106502 --- /dev/null +++ b/examples/v2/security-monitoring/GetHistoricalJob.ts @@ -0,0 +1,26 @@ +/** + * Get a job's details returns "OK" response + */ + +import { client, v2 } from "@datadog/datadog-api-client"; + +const configuration = client.createConfiguration(); +configuration.unstableOperations["v2.getHistoricalJob"] = true; +configuration.unstableOperations["v2.runHistoricalJob"] = true; +const apiInstance = new v2.SecurityMonitoringApi(configuration); + +// there is a valid "historical_job" in the system +const HISTORICAL_JOB_DATA_ID = process.env.HISTORICAL_JOB_DATA_ID as string; + +const params: v2.SecurityMonitoringApiGetHistoricalJobRequest = { + jobId: HISTORICAL_JOB_DATA_ID, +}; + +apiInstance + .getHistoricalJob(params) + .then((data: v2.HistoricalJobResponse) => { + console.log( + "API called successfully. Returned data: " + JSON.stringify(data) + ); + }) + .catch((error: any) => console.error(error)); diff --git a/examples/v2/security-monitoring/GetThreatHuntingJob.ts b/examples/v2/security-monitoring/GetThreatHuntingJob.ts deleted file mode 100644 index 70c90896d8c4..000000000000 --- a/examples/v2/security-monitoring/GetThreatHuntingJob.ts +++ /dev/null @@ -1,27 +0,0 @@ -/** - * Get a job's details returns "OK" response - */ - -import { client, v2 } from "@datadog/datadog-api-client"; - -const configuration = client.createConfiguration(); -configuration.unstableOperations["v2.getThreatHuntingJob"] = true; -configuration.unstableOperations["v2.runThreatHuntingJob"] = true; -const apiInstance = new v2.SecurityMonitoringApi(configuration); - -// there is a valid "threat_hunting_job" in the system -const THREAT_HUNTING_JOB_DATA_ID = process.env - .THREAT_HUNTING_JOB_DATA_ID as string; - -const params: v2.SecurityMonitoringApiGetThreatHuntingJobRequest = { - jobId: THREAT_HUNTING_JOB_DATA_ID, -}; - -apiInstance - .getThreatHuntingJob(params) - .then((data: v2.ThreatHuntingJobResponse) => { - console.log( - "API called successfully. Returned data: " + JSON.stringify(data) - ); - }) - .catch((error: any) => console.error(error)); diff --git a/examples/v2/security-monitoring/ListThreatHuntingJobs.ts b/examples/v2/security-monitoring/ListHistoricalJobs.ts similarity index 63% rename from examples/v2/security-monitoring/ListThreatHuntingJobs.ts rename to examples/v2/security-monitoring/ListHistoricalJobs.ts index f891eac2cda2..24c8ee4613ad 100644 --- a/examples/v2/security-monitoring/ListThreatHuntingJobs.ts +++ b/examples/v2/security-monitoring/ListHistoricalJobs.ts @@ -1,16 +1,16 @@ /** - * List threat hunting jobs returns "OK" response + * List historical jobs returns "OK" response */ import { client, v2 } from "@datadog/datadog-api-client"; const configuration = client.createConfiguration(); -configuration.unstableOperations["v2.listThreatHuntingJobs"] = true; +configuration.unstableOperations["v2.listHistoricalJobs"] = true; const apiInstance = new v2.SecurityMonitoringApi(configuration); apiInstance - .listThreatHuntingJobs() - .then((data: v2.ListThreatHuntingJobsResponse) => { + .listHistoricalJobs() + .then((data: v2.ListHistoricalJobsResponse) => { console.log( "API called successfully. Returned data: " + JSON.stringify(data) ); diff --git a/examples/v2/security-monitoring/ListThreatHuntingJobs_1365512061.ts b/examples/v2/security-monitoring/ListThreatHuntingJobs_1365512061.ts deleted file mode 100644 index 0fdd3d227da5..000000000000 --- a/examples/v2/security-monitoring/ListThreatHuntingJobs_1365512061.ts +++ /dev/null @@ -1,25 +0,0 @@ -/** - * List historical jobs returns "OK" response - */ - -import { client, v2 } from "@datadog/datadog-api-client"; - -const configuration = client.createConfiguration(); -configuration.unstableOperations["v2.listThreatHuntingJobs"] = true; -configuration.unstableOperations["v2.runThreatHuntingJob"] = true; -const apiInstance = new v2.SecurityMonitoringApi(configuration); - -// there is a valid "threat_hunting_job" in the system - -const params: v2.SecurityMonitoringApiListThreatHuntingJobsRequest = { - filterQuery: "id:string", -}; - -apiInstance - .listThreatHuntingJobs(params) - .then((data: v2.ListThreatHuntingJobsResponse) => { - console.log( - "API called successfully. Returned data: " + JSON.stringify(data) - ); - }) - .catch((error: any) => console.error(error)); diff --git a/examples/v2/security-monitoring/RunThreatHuntingJob.ts b/examples/v2/security-monitoring/RunHistoricalJob.ts similarity index 85% rename from examples/v2/security-monitoring/RunThreatHuntingJob.ts rename to examples/v2/security-monitoring/RunHistoricalJob.ts index 640b5e932c71..93d2ec9bdc9a 100644 --- a/examples/v2/security-monitoring/RunThreatHuntingJob.ts +++ b/examples/v2/security-monitoring/RunHistoricalJob.ts @@ -1,14 +1,14 @@ /** - * Run a threat hunting job returns "Status created" response + * Run a historical job returns "Status created" response */ import { client, v2 } from "@datadog/datadog-api-client"; const configuration = client.createConfiguration(); -configuration.unstableOperations["v2.runThreatHuntingJob"] = true; +configuration.unstableOperations["v2.runHistoricalJob"] = true; const apiInstance = new v2.SecurityMonitoringApi(configuration); -const params: v2.SecurityMonitoringApiRunThreatHuntingJobRequest = { +const params: v2.SecurityMonitoringApiRunHistoricalJobRequest = { body: { data: { type: "historicalDetectionsJobCreate", @@ -49,7 +49,7 @@ const params: v2.SecurityMonitoringApiRunThreatHuntingJobRequest = { }; apiInstance - .runThreatHuntingJob(params) + .runHistoricalJob(params) .then((data: v2.JobCreateResponse) => { console.log( "API called successfully. Returned data: " + JSON.stringify(data) diff --git a/features/support/scenarios_model_mapping.ts b/features/support/scenarios_model_mapping.ts index 903a604caa55..68c021aec8b1 100644 --- a/features/support/scenarios_model_mapping.ts +++ b/features/support/scenarios_model_mapping.ts @@ -5103,7 +5103,7 @@ export const ScenariosModelMappings: {[key: string]: {[key: string]: any}} = { }, "operationResponseType": "SecurityMonitoringSignalResponse", }, - "v2.ListThreatHuntingJobs": { + "v2.ListHistoricalJobs": { "pageSize": { "type": "number", "format": "int64", @@ -5120,11 +5120,11 @@ export const ScenariosModelMappings: {[key: string]: {[key: string]: any}} = { "type": "string", "format": "", }, - "operationResponseType": "ListThreatHuntingJobsResponse", + "operationResponseType": "ListHistoricalJobsResponse", }, - "v2.RunThreatHuntingJob": { + "v2.RunHistoricalJob": { "body": { - "type": "RunThreatHuntingJobRequest", + "type": "RunHistoricalJobRequest", "format": "", }, "operationResponseType": "JobCreateResponse", @@ -5136,21 +5136,21 @@ export const ScenariosModelMappings: {[key: string]: {[key: string]: any}} = { }, "operationResponseType": "{}", }, - "v2.GetThreatHuntingJob": { + "v2.GetHistoricalJob": { "jobId": { "type": "string", "format": "", }, - "operationResponseType": "ThreatHuntingJobResponse", + "operationResponseType": "HistoricalJobResponse", }, - "v2.DeleteThreatHuntingJob": { + "v2.DeleteHistoricalJob": { "jobId": { "type": "string", "format": "", }, "operationResponseType": "{}", }, - "v2.CancelThreatHuntingJob": { + "v2.CancelHistoricalJob": { "jobId": { "type": "string", "format": "", diff --git a/features/v2/given.json b/features/v2/given.json index e4a5d8817164..de477cdab282 100644 --- a/features/v2/given.json +++ b/features/v2/given.json @@ -1311,10 +1311,10 @@ "value": "{\n \"data\": {\n \"type\": \"historicalDetectionsJobCreate\",\n \"attributes\": {\n \"jobDefinition\": {\n \"type\": \"log_detection\",\n \"name\": \"Excessive number of failed attempts.\",\n \"queries\": [\n {\n \"query\": \"source:non_existing_src_weekend\",\n \"aggregation\": \"count\",\n \"groupByFields\": [],\n \"distinctFields\": []\n }\n ],\n \"cases\": [\n {\n \"name\": \"Condition 1\",\n \"status\": \"info\",\n \"notifications\": [],\n \"condition\": \"a > 1\"\n }\n ],\n \"options\": {\n \"keepAlive\": 3600,\n \"maxSignalDuration\": 86400,\n \"evaluationWindow\": 900\n },\n \"message\": \"A large number of failed login attempts.\",\n \"tags\": [],\n \"from\": 1730387522611,\n \"to\": 1730387532611,\n \"index\": \"main\"\n }\n }\n }\n}" } ], - "step": "there is a valid \"threat_hunting_job\" in the system", - "key": "threat_hunting_job", + "step": "there is a valid \"historical_job\" in the system", + "key": "historical_job", "tag": "Security Monitoring", - "operationId": "RunThreatHuntingJob" + "operationId": "RunHistoricalJob" }, { "parameters": [ diff --git a/features/v2/security_monitoring.feature b/features/v2/security_monitoring.feature index 1fdee4f141b9..6e0edfcc510c 100644 --- a/features/v2/security_monitoring.feature +++ b/features/v2/security_monitoring.feature @@ -153,62 +153,38 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-siem Scenario: Cancel a historical job returns "Bad Request" response - Given operation "CancelThreatHuntingJob" enabled - And new "CancelThreatHuntingJob" request + Given operation "CancelHistoricalJob" enabled + And new "CancelHistoricalJob" request And request contains "job_id" parameter with value "inva-lid" When the request is sent Then the response status is 400 Bad Request + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Cancel a historical job returns "Conflict" response + Given operation "CancelHistoricalJob" enabled + And new "CancelHistoricalJob" request + And request contains "job_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 409 Conflict + @team:DataDog/k9-cloud-siem Scenario: Cancel a historical job returns "Not Found" response - Given operation "CancelThreatHuntingJob" enabled - And new "CancelThreatHuntingJob" request + Given operation "CancelHistoricalJob" enabled + And new "CancelHistoricalJob" request And request contains "job_id" parameter with value "8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" When the request is sent Then the response status is 404 Not Found @team:DataDog/k9-cloud-siem Scenario: Cancel a historical job returns "OK" response - Given operation "CancelThreatHuntingJob" enabled - And operation "RunThreatHuntingJob" enabled - And new "CancelThreatHuntingJob" request - And there is a valid "threat_hunting_job" in the system - And request contains "job_id" parameter from "threat_hunting_job.data.id" + Given operation "CancelHistoricalJob" enabled + And operation "RunHistoricalJob" enabled + And new "CancelHistoricalJob" request + And there is a valid "historical_job" in the system + And request contains "job_id" parameter from "historical_job.data.id" When the request is sent Then the response status is 204 No Content - @generated @skip @team:DataDog/k9-cloud-siem - Scenario: Cancel a threat hunting job returns "Bad Request" response - Given operation "CancelThreatHuntingJob" enabled - And new "CancelThreatHuntingJob" request - And request contains "job_id" parameter from "REPLACE.ME" - When the request is sent - Then the response status is 400 Bad Request - - @generated @skip @team:DataDog/k9-cloud-siem - Scenario: Cancel a threat hunting job returns "Conflict" response - Given operation "CancelThreatHuntingJob" enabled - And new "CancelThreatHuntingJob" request - And request contains "job_id" parameter from "REPLACE.ME" - When the request is sent - Then the response status is 409 Conflict - - @generated @skip @team:DataDog/k9-cloud-siem - Scenario: Cancel a threat hunting job returns "Not Found" response - Given operation "CancelThreatHuntingJob" enabled - And new "CancelThreatHuntingJob" request - And request contains "job_id" parameter from "REPLACE.ME" - When the request is sent - Then the response status is 404 Not Found - - @generated @skip @team:DataDog/k9-cloud-siem - Scenario: Cancel a threat hunting job returns "OK" response - Given operation "CancelThreatHuntingJob" enabled - And new "CancelThreatHuntingJob" request - And request contains "job_id" parameter from "REPLACE.ME" - When the request is sent - Then the response status is 204 OK - @generated @skip @team:DataDog/k9-cloud-siem Scenario: Change the related incidents of a security signal returns "Bad Request" response Given new "EditSecurityMonitoringSignalIncidents" request @@ -862,32 +838,32 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-siem Scenario: Delete an existing job returns "Bad Request" response - Given operation "DeleteThreatHuntingJob" enabled - And new "DeleteThreatHuntingJob" request + Given operation "DeleteHistoricalJob" enabled + And new "DeleteHistoricalJob" request And request contains "job_id" parameter with value "inva-lid" When the request is sent Then the response status is 400 Bad Request @generated @skip @team:DataDog/k9-cloud-siem Scenario: Delete an existing job returns "Conflict" response - Given operation "DeleteThreatHuntingJob" enabled - And new "DeleteThreatHuntingJob" request + Given operation "DeleteHistoricalJob" enabled + And new "DeleteHistoricalJob" request And request contains "job_id" parameter from "REPLACE.ME" When the request is sent Then the response status is 409 Conflict @team:DataDog/k9-cloud-siem Scenario: Delete an existing job returns "Not Found" response - Given operation "DeleteThreatHuntingJob" enabled - And new "DeleteThreatHuntingJob" request + Given operation "DeleteHistoricalJob" enabled + And new "DeleteHistoricalJob" request And request contains "job_id" parameter with value "8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" When the request is sent Then the response status is 404 Not Found @generated @skip @team:DataDog/k9-cloud-siem Scenario: Delete an existing job returns "OK" response - Given operation "DeleteThreatHuntingJob" enabled - And new "DeleteThreatHuntingJob" request + Given operation "DeleteHistoricalJob" enabled + And new "DeleteHistoricalJob" request And request contains "job_id" parameter from "REPLACE.ME" When the request is sent Then the response status is 204 OK @@ -1047,27 +1023,27 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-siem Scenario: Get a job's details returns "Bad Request" response - Given operation "GetThreatHuntingJob" enabled - And new "GetThreatHuntingJob" request + Given operation "GetHistoricalJob" enabled + And new "GetHistoricalJob" request And request contains "job_id" parameter with value "inva-lid" When the request is sent Then the response status is 400 Bad Request @team:DataDog/k9-cloud-siem Scenario: Get a job's details returns "Not Found" response - Given operation "GetThreatHuntingJob" enabled - And new "GetThreatHuntingJob" request + Given operation "GetHistoricalJob" enabled + And new "GetHistoricalJob" request And request contains "job_id" parameter with value "8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" When the request is sent Then the response status is 404 Not Found @team:DataDog/k9-cloud-siem Scenario: Get a job's details returns "OK" response - Given operation "GetThreatHuntingJob" enabled - And operation "RunThreatHuntingJob" enabled - And new "GetThreatHuntingJob" request - And there is a valid "threat_hunting_job" in the system - And request contains "job_id" parameter from "threat_hunting_job.data.id" + Given operation "GetHistoricalJob" enabled + And operation "RunHistoricalJob" enabled + And new "GetHistoricalJob" request + And there is a valid "historical_job" in the system + And request contains "job_id" parameter from "historical_job.data.id" When the request is sent Then the response status is 200 OK @@ -1563,13 +1539,17 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK - @team:DataDog/k9-cloud-siem + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: List historical jobs returns "Bad Request" response + Given operation "ListHistoricalJobs" enabled + And new "ListHistoricalJobs" request + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-siem Scenario: List historical jobs returns "OK" response - Given operation "ListThreatHuntingJobs" enabled - And operation "RunThreatHuntingJob" enabled - And new "ListThreatHuntingJobs" request - And there is a valid "threat_hunting_job" in the system - And request contains "filter[query]" parameter with value "id:{{threat_hunting_job.data.id}}" + Given operation "ListHistoricalJobs" enabled + And new "ListHistoricalJobs" request When the request is sent Then the response status is 200 OK @@ -1646,20 +1626,6 @@ Feature: Security Monitoring And the response "meta.page" has field "after" And the response "links" has field "next" - @generated @skip @team:DataDog/k9-cloud-siem - Scenario: List threat hunting jobs returns "Bad Request" response - Given operation "ListThreatHuntingJobs" enabled - And new "ListThreatHuntingJobs" request - When the request is sent - Then the response status is 400 Bad Request - - @generated @skip @team:DataDog/k9-cloud-siem - Scenario: List threat hunting jobs returns "OK" response - Given operation "ListThreatHuntingJobs" enabled - And new "ListThreatHuntingJobs" request - When the request is sent - Then the response status is 200 OK - @generated @skip @team:DataDog/k9-cloud-vm Scenario: List vulnerabilities returns "Bad request: The server cannot process the request due to invalid syntax in the request." response Given operation "ListVulnerabilities" enabled @@ -1852,25 +1818,25 @@ Feature: Security Monitoring Then the response status is 200 OK @team:DataDog/k9-cloud-siem - Scenario: Run a threat hunting job returns "Bad Request" response - Given operation "RunThreatHuntingJob" enabled - And new "RunThreatHuntingJob" request + Scenario: Run a historical job returns "Bad Request" response + Given operation "RunHistoricalJob" enabled + And new "RunHistoricalJob" request And body with value {"data":{"type":"historicalDetectionsJobCreate","attributes":{"jobDefinition":{"type":"log_detection","name":"Excessive number of failed attempts.","queries":[{"query":"source:non_existing_src_weekend","aggregation":"count","groupByFields":[],"distinctFields":[]}],"cases":[{"name":"Condition 1","status":"info","notifications":[],"condition":"a > 1"}],"options":{"keepAlive":3600,"maxSignalDuration":86400,"evaluationWindow":900},"message":"A large number of failed login attempts.","tags":[],"from":1730387522611,"to":1730391122611,"index":"non_existing_index"}}}} When the request is sent Then the response status is 400 Bad Request @team:DataDog/k9-cloud-siem - Scenario: Run a threat hunting job returns "Not Found" response - Given operation "RunThreatHuntingJob" enabled - And new "RunThreatHuntingJob" request + Scenario: Run a historical job returns "Not Found" response + Given operation "RunHistoricalJob" enabled + And new "RunHistoricalJob" request And body with value {"data": { "type": "historicalDetectionsJobCreate", "attributes": {"fromRule": {"from": 1730201035064, "id": "non-existng", "index": "main", "notifications": [], "to": 1730204635115}}}} When the request is sent Then the response status is 404 Not Found @team:DataDog/k9-cloud-siem - Scenario: Run a threat hunting job returns "Status created" response - Given operation "RunThreatHuntingJob" enabled - And new "RunThreatHuntingJob" request + Scenario: Run a historical job returns "Status created" response + Given operation "RunHistoricalJob" enabled + And new "RunHistoricalJob" request And body with value {"data":{"type":"historicalDetectionsJobCreate","attributes":{"jobDefinition":{"type":"log_detection","name":"Excessive number of failed attempts.","queries":[{"query":"source:non_existing_src_weekend","aggregation":"count","groupByFields":[],"distinctFields":[]}],"cases":[{"name":"Condition 1","status":"info","notifications":[],"condition":"a > 1"}],"options":{"keepAlive":3600,"maxSignalDuration":86400,"evaluationWindow":900},"message":"A large number of failed login attempts.","tags":[],"from":1730387522611,"to":1730387532611,"index":"main"}}}} When the request is sent Then the response status is 201 Status created diff --git a/features/v2/undo.json b/features/v2/undo.json index 19a52adbfc2d..9f4364d4438c 100644 --- a/features/v2/undo.json +++ b/features/v2/undo.json @@ -5705,13 +5705,13 @@ "type": "safe" } }, - "ListThreatHuntingJobs": { + "ListHistoricalJobs": { "tag": "Security Monitoring", "undo": { "type": "safe" } }, - "RunThreatHuntingJob": { + "RunHistoricalJob": { "tag": "Security Monitoring", "undo": { "type": "idempotent" @@ -5723,19 +5723,19 @@ "type": "idempotent" } }, - "DeleteThreatHuntingJob": { + "DeleteHistoricalJob": { "tag": "Security Monitoring", "undo": { "type": "idempotent" } }, - "GetThreatHuntingJob": { + "GetHistoricalJob": { "tag": "Security Monitoring", "undo": { "type": "safe" } }, - "CancelThreatHuntingJob": { + "CancelHistoricalJob": { "tag": "Security Monitoring", "undo": { "type": "idempotent" diff --git a/packages/datadog-api-client-common/configuration.ts b/packages/datadog-api-client-common/configuration.ts index 1a9b29da2e53..d76f64412649 100644 --- a/packages/datadog-api-client-common/configuration.ts +++ b/packages/datadog-api-client-common/configuration.ts @@ -269,26 +269,26 @@ export function createConfiguration( "v2.getAWSCloudAuthPersonaMapping": false, "v2.listAWSCloudAuthPersonaMappings": false, "v2.activateContentPack": false, - "v2.cancelThreatHuntingJob": false, + "v2.cancelHistoricalJob": false, "v2.convertJobResultToSignal": false, "v2.deactivateContentPack": false, - "v2.deleteThreatHuntingJob": false, + "v2.deleteHistoricalJob": false, "v2.getContentPacksStates": false, "v2.getFinding": false, + "v2.getHistoricalJob": false, "v2.getRuleVersionHistory": false, "v2.getSecretsRules": false, "v2.getSecurityMonitoringHistsignal": false, "v2.getSecurityMonitoringHistsignalsByJobId": false, - "v2.getThreatHuntingJob": false, "v2.listFindings": false, + "v2.listHistoricalJobs": false, "v2.listMultipleRulesets": false, "v2.listScannedAssetsMetadata": false, "v2.listSecurityMonitoringHistsignals": false, - "v2.listThreatHuntingJobs": false, "v2.listVulnerabilities": false, "v2.listVulnerableAssets": false, "v2.muteFindings": false, - "v2.runThreatHuntingJob": false, + "v2.runHistoricalJob": false, "v2.searchSecurityMonitoringHistsignals": false, "v2.getCodeCoverageBranchSummary": false, "v2.getCodeCoverageCommitSummary": false, diff --git a/packages/datadog-api-client-v2/apis/SecurityMonitoringApi.ts b/packages/datadog-api-client-v2/apis/SecurityMonitoringApi.ts index 8a34dfe6d6af..b4aeda5afc1c 100644 --- a/packages/datadog-api-client-v2/apis/SecurityMonitoringApi.ts +++ b/packages/datadog-api-client-v2/apis/SecurityMonitoringApi.ts @@ -46,18 +46,19 @@ import { GetResourceEvaluationFiltersResponse } from "../models/GetResourceEvalu import { GetRuleVersionHistoryResponse } from "../models/GetRuleVersionHistoryResponse"; import { GetSBOMResponse } from "../models/GetSBOMResponse"; import { GetSuppressionVersionHistoryResponse } from "../models/GetSuppressionVersionHistoryResponse"; +import { HistoricalJobResponse } from "../models/HistoricalJobResponse"; import { JobCreateResponse } from "../models/JobCreateResponse"; import { JSONAPIErrorResponse } from "../models/JSONAPIErrorResponse"; import { ListAssetsSBOMsResponse } from "../models/ListAssetsSBOMsResponse"; import { ListFindingsResponse } from "../models/ListFindingsResponse"; +import { ListHistoricalJobsResponse } from "../models/ListHistoricalJobsResponse"; import { ListSecurityFindingsResponse } from "../models/ListSecurityFindingsResponse"; -import { ListThreatHuntingJobsResponse } from "../models/ListThreatHuntingJobsResponse"; import { ListVulnerabilitiesResponse } from "../models/ListVulnerabilitiesResponse"; import { ListVulnerableAssetsResponse } from "../models/ListVulnerableAssetsResponse"; import { NotificationRuleResponse } from "../models/NotificationRuleResponse"; import { NotificationRulesList } from "../models/NotificationRulesList"; import { PatchNotificationRuleParameters } from "../models/PatchNotificationRuleParameters"; -import { RunThreatHuntingJobRequest } from "../models/RunThreatHuntingJobRequest"; +import { RunHistoricalJobRequest } from "../models/RunHistoricalJobRequest"; import { SBOMComponentLicenseType } from "../models/SBOMComponentLicenseType"; import { SBOMFormat } from "../models/SBOMFormat"; import { ScannedAssetsMetadata } from "../models/ScannedAssetsMetadata"; @@ -108,7 +109,6 @@ import { SecurityMonitoringSuppressionResponse } from "../models/SecurityMonitor import { SecurityMonitoringSuppressionSort } from "../models/SecurityMonitoringSuppressionSort"; import { SecurityMonitoringSuppressionsResponse } from "../models/SecurityMonitoringSuppressionsResponse"; import { SecurityMonitoringSuppressionUpdateRequest } from "../models/SecurityMonitoringSuppressionUpdateRequest"; -import { ThreatHuntingJobResponse } from "../models/ThreatHuntingJobResponse"; import { UpdateCustomFrameworkRequest } from "../models/UpdateCustomFrameworkRequest"; import { UpdateCustomFrameworkResponse } from "../models/UpdateCustomFrameworkResponse"; import { UpdateResourceEvaluationFiltersRequest } from "../models/UpdateResourceEvaluationFiltersRequest"; @@ -398,34 +398,32 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } - public async cancelThreatHuntingJob( + public async cancelHistoricalJob( jobId: string, _options?: Configuration ): Promise { const _config = _options || this.configuration; - logger.warn("Using unstable operation 'cancelThreatHuntingJob'"); - if (!_config.unstableOperations["v2.cancelThreatHuntingJob"]) { - throw new Error( - "Unstable operation 'cancelThreatHuntingJob' is disabled" - ); + logger.warn("Using unstable operation 'cancelHistoricalJob'"); + if (!_config.unstableOperations["v2.cancelHistoricalJob"]) { + throw new Error("Unstable operation 'cancelHistoricalJob' is disabled"); } // verify required parameter 'jobId' is not null or undefined if (jobId === null || jobId === undefined) { - throw new RequiredError("jobId", "cancelThreatHuntingJob"); + throw new RequiredError("jobId", "cancelHistoricalJob"); } // Path Params const localVarPath = - "/api/v2/siem-threat-hunting/jobs/{job_id}/cancel".replace( + "/api/v2/siem-historical-detections/jobs/{job_id}/cancel".replace( "{job_id}", encodeURIComponent(String(jobId)) ); // Make Request Context const requestContext = _config - .getServer("v2.SecurityMonitoringApi.cancelThreatHuntingJob") + .getServer("v2.SecurityMonitoringApi.cancelHistoricalJob") .makeRequestContext(localVarPath, HttpMethod.PATCH); requestContext.setHeaderParam("Accept", "*/*"); requestContext.setHttpConfig(_config.httpConfig); @@ -499,7 +497,8 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { } // Path Params - const localVarPath = "/api/v2/siem-threat-hunting/jobs/signal_convert"; + const localVarPath = + "/api/v2/siem-historical-detections/jobs/signal_convert"; // Make Request Context const requestContext = _config @@ -1051,6 +1050,46 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } + public async deleteHistoricalJob( + jobId: string, + _options?: Configuration + ): Promise { + const _config = _options || this.configuration; + + logger.warn("Using unstable operation 'deleteHistoricalJob'"); + if (!_config.unstableOperations["v2.deleteHistoricalJob"]) { + throw new Error("Unstable operation 'deleteHistoricalJob' is disabled"); + } + + // verify required parameter 'jobId' is not null or undefined + if (jobId === null || jobId === undefined) { + throw new RequiredError("jobId", "deleteHistoricalJob"); + } + + // Path Params + const localVarPath = + "/api/v2/siem-historical-detections/jobs/{job_id}".replace( + "{job_id}", + encodeURIComponent(String(jobId)) + ); + + // Make Request Context + const requestContext = _config + .getServer("v2.SecurityMonitoringApi.deleteHistoricalJob") + .makeRequestContext(localVarPath, HttpMethod.DELETE); + requestContext.setHeaderParam("Accept", "*/*"); + requestContext.setHttpConfig(_config.httpConfig); + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } + public async deleteSecurityFilter( securityFilterId: string, _options?: Configuration @@ -1232,47 +1271,6 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } - public async deleteThreatHuntingJob( - jobId: string, - _options?: Configuration - ): Promise { - const _config = _options || this.configuration; - - logger.warn("Using unstable operation 'deleteThreatHuntingJob'"); - if (!_config.unstableOperations["v2.deleteThreatHuntingJob"]) { - throw new Error( - "Unstable operation 'deleteThreatHuntingJob' is disabled" - ); - } - - // verify required parameter 'jobId' is not null or undefined - if (jobId === null || jobId === undefined) { - throw new RequiredError("jobId", "deleteThreatHuntingJob"); - } - - // Path Params - const localVarPath = "/api/v2/siem-threat-hunting/jobs/{job_id}".replace( - "{job_id}", - encodeURIComponent(String(jobId)) - ); - - // Make Request Context - const requestContext = _config - .getServer("v2.SecurityMonitoringApi.deleteThreatHuntingJob") - .makeRequestContext(localVarPath, HttpMethod.DELETE); - requestContext.setHeaderParam("Accept", "*/*"); - requestContext.setHttpConfig(_config.httpConfig); - - // Apply auth methods - applySecurityAuthentication(_config, requestContext, [ - "apiKeyAuth", - "appKeyAuth", - "AuthZ", - ]); - - return requestContext; - } - public async deleteVulnerabilityNotificationRule( id: string, _options?: Configuration @@ -1681,6 +1679,46 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } + public async getHistoricalJob( + jobId: string, + _options?: Configuration + ): Promise { + const _config = _options || this.configuration; + + logger.warn("Using unstable operation 'getHistoricalJob'"); + if (!_config.unstableOperations["v2.getHistoricalJob"]) { + throw new Error("Unstable operation 'getHistoricalJob' is disabled"); + } + + // verify required parameter 'jobId' is not null or undefined + if (jobId === null || jobId === undefined) { + throw new RequiredError("jobId", "getHistoricalJob"); + } + + // Path Params + const localVarPath = + "/api/v2/siem-historical-detections/jobs/{job_id}".replace( + "{job_id}", + encodeURIComponent(String(jobId)) + ); + + // Make Request Context + const requestContext = _config + .getServer("v2.SecurityMonitoringApi.getHistoricalJob") + .makeRequestContext(localVarPath, HttpMethod.GET); + requestContext.setHeaderParam("Accept", "application/json"); + requestContext.setHttpConfig(_config.httpConfig); + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } + public async getInvestigationLogQueriesMatchingSignal( signalId: string, _options?: Configuration @@ -2019,7 +2057,7 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { // Path Params const localVarPath = - "/api/v2/siem-threat-hunting/histsignals/{histsignal_id}".replace( + "/api/v2/siem-historical-detections/histsignals/{histsignal_id}".replace( "{histsignal_id}", encodeURIComponent(String(histsignalId)) ); @@ -2074,7 +2112,7 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { // Path Params const localVarPath = - "/api/v2/siem-threat-hunting/jobs/{job_id}/histsignals".replace( + "/api/v2/siem-historical-detections/jobs/{job_id}/histsignals".replace( "{job_id}", encodeURIComponent(String(jobId)) ); @@ -2477,45 +2515,6 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } - public async getThreatHuntingJob( - jobId: string, - _options?: Configuration - ): Promise { - const _config = _options || this.configuration; - - logger.warn("Using unstable operation 'getThreatHuntingJob'"); - if (!_config.unstableOperations["v2.getThreatHuntingJob"]) { - throw new Error("Unstable operation 'getThreatHuntingJob' is disabled"); - } - - // verify required parameter 'jobId' is not null or undefined - if (jobId === null || jobId === undefined) { - throw new RequiredError("jobId", "getThreatHuntingJob"); - } - - // Path Params - const localVarPath = "/api/v2/siem-threat-hunting/jobs/{job_id}".replace( - "{job_id}", - encodeURIComponent(String(jobId)) - ); - - // Make Request Context - const requestContext = _config - .getServer("v2.SecurityMonitoringApi.getThreatHuntingJob") - .makeRequestContext(localVarPath, HttpMethod.GET); - requestContext.setHeaderParam("Accept", "application/json"); - requestContext.setHttpConfig(_config.httpConfig); - - // Apply auth methods - applySecurityAuthentication(_config, requestContext, [ - "apiKeyAuth", - "appKeyAuth", - "AuthZ", - ]); - - return requestContext; - } - public async getVulnerabilityNotificationRule( id: string, _options?: Configuration @@ -2824,6 +2823,70 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } + public async listHistoricalJobs( + pageSize?: number, + pageNumber?: number, + sort?: string, + filterQuery?: string, + _options?: Configuration + ): Promise { + const _config = _options || this.configuration; + + logger.warn("Using unstable operation 'listHistoricalJobs'"); + if (!_config.unstableOperations["v2.listHistoricalJobs"]) { + throw new Error("Unstable operation 'listHistoricalJobs' is disabled"); + } + + // Path Params + const localVarPath = "/api/v2/siem-historical-detections/jobs"; + + // Make Request Context + const requestContext = _config + .getServer("v2.SecurityMonitoringApi.listHistoricalJobs") + .makeRequestContext(localVarPath, HttpMethod.GET); + requestContext.setHeaderParam("Accept", "application/json"); + requestContext.setHttpConfig(_config.httpConfig); + + // Query Params + if (pageSize !== undefined) { + requestContext.setQueryParam( + "page[size]", + ObjectSerializer.serialize(pageSize, "number", "int64"), + "" + ); + } + if (pageNumber !== undefined) { + requestContext.setQueryParam( + "page[number]", + ObjectSerializer.serialize(pageNumber, "number", "int64"), + "" + ); + } + if (sort !== undefined) { + requestContext.setQueryParam( + "sort", + ObjectSerializer.serialize(sort, "string", ""), + "" + ); + } + if (filterQuery !== undefined) { + requestContext.setQueryParam( + "filter[query]", + ObjectSerializer.serialize(filterQuery, "string", ""), + "" + ); + } + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } + public async listMultipleRulesets( body: GetMultipleRulesetsRequest, _options?: Configuration @@ -3084,7 +3147,7 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { } // Path Params - const localVarPath = "/api/v2/siem-threat-hunting/histsignals"; + const localVarPath = "/api/v2/siem-historical-detections/histsignals"; // Make Request Context const requestContext = _config @@ -3345,70 +3408,6 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } - public async listThreatHuntingJobs( - pageSize?: number, - pageNumber?: number, - sort?: string, - filterQuery?: string, - _options?: Configuration - ): Promise { - const _config = _options || this.configuration; - - logger.warn("Using unstable operation 'listThreatHuntingJobs'"); - if (!_config.unstableOperations["v2.listThreatHuntingJobs"]) { - throw new Error("Unstable operation 'listThreatHuntingJobs' is disabled"); - } - - // Path Params - const localVarPath = "/api/v2/siem-threat-hunting/jobs"; - - // Make Request Context - const requestContext = _config - .getServer("v2.SecurityMonitoringApi.listThreatHuntingJobs") - .makeRequestContext(localVarPath, HttpMethod.GET); - requestContext.setHeaderParam("Accept", "application/json"); - requestContext.setHttpConfig(_config.httpConfig); - - // Query Params - if (pageSize !== undefined) { - requestContext.setQueryParam( - "page[size]", - ObjectSerializer.serialize(pageSize, "number", "int64"), - "" - ); - } - if (pageNumber !== undefined) { - requestContext.setQueryParam( - "page[number]", - ObjectSerializer.serialize(pageNumber, "number", "int64"), - "" - ); - } - if (sort !== undefined) { - requestContext.setQueryParam( - "sort", - ObjectSerializer.serialize(sort, "string", ""), - "" - ); - } - if (filterQuery !== undefined) { - requestContext.setQueryParam( - "filter[query]", - ObjectSerializer.serialize(filterQuery, "string", ""), - "" - ); - } - - // Apply auth methods - applySecurityAuthentication(_config, requestContext, [ - "apiKeyAuth", - "appKeyAuth", - "AuthZ", - ]); - - return requestContext; - } - public async listVulnerabilities( pageToken?: string, pageNumber?: number, @@ -4160,28 +4159,28 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } - public async runThreatHuntingJob( - body: RunThreatHuntingJobRequest, + public async runHistoricalJob( + body: RunHistoricalJobRequest, _options?: Configuration ): Promise { const _config = _options || this.configuration; - logger.warn("Using unstable operation 'runThreatHuntingJob'"); - if (!_config.unstableOperations["v2.runThreatHuntingJob"]) { - throw new Error("Unstable operation 'runThreatHuntingJob' is disabled"); + logger.warn("Using unstable operation 'runHistoricalJob'"); + if (!_config.unstableOperations["v2.runHistoricalJob"]) { + throw new Error("Unstable operation 'runHistoricalJob' is disabled"); } // verify required parameter 'body' is not null or undefined if (body === null || body === undefined) { - throw new RequiredError("body", "runThreatHuntingJob"); + throw new RequiredError("body", "runHistoricalJob"); } // Path Params - const localVarPath = "/api/v2/siem-threat-hunting/jobs"; + const localVarPath = "/api/v2/siem-historical-detections/jobs"; // Make Request Context const requestContext = _config - .getServer("v2.SecurityMonitoringApi.runThreatHuntingJob") + .getServer("v2.SecurityMonitoringApi.runHistoricalJob") .makeRequestContext(localVarPath, HttpMethod.POST); requestContext.setHeaderParam("Accept", "application/json"); requestContext.setHttpConfig(_config.httpConfig); @@ -4192,7 +4191,7 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { ]); requestContext.setHeaderParam("Content-Type", contentType); const serializedBody = ObjectSerializer.stringify( - ObjectSerializer.serialize(body, "RunThreatHuntingJobRequest", ""), + ObjectSerializer.serialize(body, "RunHistoricalJobRequest", ""), contentType ); requestContext.setBody(serializedBody); @@ -4265,7 +4264,8 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { } // Path Params - const localVarPath = "/api/v2/siem-threat-hunting/histsignals/search"; + const localVarPath = + "/api/v2/siem-historical-detections/histsignals/search"; // Make Request Context const requestContext = _config @@ -5282,12 +5282,10 @@ export class SecurityMonitoringApiResponseProcessor { * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects * - * @params response Response returned by the server for a request to cancelThreatHuntingJob + * @params response Response returned by the server for a request to cancelHistoricalJob * @throws ApiException if the response code was not in [200, 299] */ - public async cancelThreatHuntingJob( - response: ResponseContext - ): Promise { + public async cancelHistoricalJob(response: ResponseContext): Promise { const contentType = ObjectSerializer.normalizeMediaType( response.headers["content-type"] ); @@ -6222,10 +6220,10 @@ export class SecurityMonitoringApiResponseProcessor { * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects * - * @params response Response returned by the server for a request to deleteSecurityFilter + * @params response Response returned by the server for a request to deleteHistoricalJob * @throws ApiException if the response code was not in [200, 299] */ - public async deleteSecurityFilter(response: ResponseContext): Promise { + public async deleteHistoricalJob(response: ResponseContext): Promise { const contentType = ObjectSerializer.normalizeMediaType( response.headers["content-type"] ); @@ -6233,8 +6231,11 @@ export class SecurityMonitoringApiResponseProcessor { return; } if ( + response.httpStatusCode === 400 || + response.httpStatusCode === 401 || response.httpStatusCode === 403 || response.httpStatusCode === 404 || + response.httpStatusCode === 409 || response.httpStatusCode === 429 ) { const bodyText = ObjectSerializer.parse( @@ -6273,12 +6274,10 @@ export class SecurityMonitoringApiResponseProcessor { * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects * - * @params response Response returned by the server for a request to deleteSecurityMonitoringCriticalAsset + * @params response Response returned by the server for a request to deleteSecurityFilter * @throws ApiException if the response code was not in [200, 299] */ - public async deleteSecurityMonitoringCriticalAsset( - response: ResponseContext - ): Promise { + public async deleteSecurityFilter(response: ResponseContext): Promise { const contentType = ObjectSerializer.normalizeMediaType( response.headers["content-type"] ); @@ -6326,10 +6325,10 @@ export class SecurityMonitoringApiResponseProcessor { * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects * - * @params response Response returned by the server for a request to deleteSecurityMonitoringRule + * @params response Response returned by the server for a request to deleteSecurityMonitoringCriticalAsset * @throws ApiException if the response code was not in [200, 299] */ - public async deleteSecurityMonitoringRule( + public async deleteSecurityMonitoringCriticalAsset( response: ResponseContext ): Promise { const contentType = ObjectSerializer.normalizeMediaType( @@ -6379,10 +6378,10 @@ export class SecurityMonitoringApiResponseProcessor { * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects * - * @params response Response returned by the server for a request to deleteSecurityMonitoringSuppression + * @params response Response returned by the server for a request to deleteSecurityMonitoringRule * @throws ApiException if the response code was not in [200, 299] */ - public async deleteSecurityMonitoringSuppression( + public async deleteSecurityMonitoringRule( response: ResponseContext ): Promise { const contentType = ObjectSerializer.normalizeMediaType( @@ -6432,10 +6431,10 @@ export class SecurityMonitoringApiResponseProcessor { * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects * - * @params response Response returned by the server for a request to deleteSignalNotificationRule + * @params response Response returned by the server for a request to deleteSecurityMonitoringSuppression * @throws ApiException if the response code was not in [200, 299] */ - public async deleteSignalNotificationRule( + public async deleteSecurityMonitoringSuppression( response: ResponseContext ): Promise { const contentType = ObjectSerializer.normalizeMediaType( @@ -6485,10 +6484,10 @@ export class SecurityMonitoringApiResponseProcessor { * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects * - * @params response Response returned by the server for a request to deleteThreatHuntingJob + * @params response Response returned by the server for a request to deleteSignalNotificationRule * @throws ApiException if the response code was not in [200, 299] */ - public async deleteThreatHuntingJob( + public async deleteSignalNotificationRule( response: ResponseContext ): Promise { const contentType = ObjectSerializer.normalizeMediaType( @@ -6498,11 +6497,8 @@ export class SecurityMonitoringApiResponseProcessor { return; } if ( - response.httpStatusCode === 400 || - response.httpStatusCode === 401 || response.httpStatusCode === 403 || response.httpStatusCode === 404 || - response.httpStatusCode === 409 || response.httpStatusCode === 429 ) { const bodyText = ObjectSerializer.parse( @@ -7111,6 +7107,69 @@ export class SecurityMonitoringApiResponseProcessor { ); } + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to getHistoricalJob + * @throws ApiException if the response code was not in [200, 299] + */ + public async getHistoricalJob( + response: ResponseContext + ): Promise { + const contentType = ObjectSerializer.normalizeMediaType( + response.headers["content-type"] + ); + if (response.httpStatusCode === 200) { + const body: HistoricalJobResponse = ObjectSerializer.deserialize( + ObjectSerializer.parse(await response.body.text(), contentType), + "HistoricalJobResponse" + ) as HistoricalJobResponse; + return body; + } + if ( + response.httpStatusCode === 400 || + response.httpStatusCode === 403 || + response.httpStatusCode === 404 || + response.httpStatusCode === 429 + ) { + const bodyText = ObjectSerializer.parse( + await response.body.text(), + contentType + ); + let body: APIErrorResponse; + try { + body = ObjectSerializer.deserialize( + bodyText, + "APIErrorResponse" + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + const body: HistoricalJobResponse = ObjectSerializer.deserialize( + ObjectSerializer.parse(await response.body.text(), contentType), + "HistoricalJobResponse", + "" + ) as HistoricalJobResponse; + return body; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"' + ); + } + /** * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects @@ -8262,69 +8321,6 @@ export class SecurityMonitoringApiResponseProcessor { ); } - /** - * Unwraps the actual response sent by the server from the response context and deserializes the response content - * to the expected objects - * - * @params response Response returned by the server for a request to getThreatHuntingJob - * @throws ApiException if the response code was not in [200, 299] - */ - public async getThreatHuntingJob( - response: ResponseContext - ): Promise { - const contentType = ObjectSerializer.normalizeMediaType( - response.headers["content-type"] - ); - if (response.httpStatusCode === 200) { - const body: ThreatHuntingJobResponse = ObjectSerializer.deserialize( - ObjectSerializer.parse(await response.body.text(), contentType), - "ThreatHuntingJobResponse" - ) as ThreatHuntingJobResponse; - return body; - } - if ( - response.httpStatusCode === 400 || - response.httpStatusCode === 403 || - response.httpStatusCode === 404 || - response.httpStatusCode === 429 - ) { - const bodyText = ObjectSerializer.parse( - await response.body.text(), - contentType - ); - let body: APIErrorResponse; - try { - body = ObjectSerializer.deserialize( - bodyText, - "APIErrorResponse" - ) as APIErrorResponse; - } catch (error) { - logger.debug(`Got error deserializing error: ${error}`); - throw new ApiException( - response.httpStatusCode, - bodyText - ); - } - throw new ApiException(response.httpStatusCode, body); - } - - // Work around for missing responses in specification, e.g. for petstore.yaml - if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { - const body: ThreatHuntingJobResponse = ObjectSerializer.deserialize( - ObjectSerializer.parse(await response.body.text(), contentType), - "ThreatHuntingJobResponse", - "" - ) as ThreatHuntingJobResponse; - return body; - } - - const body = (await response.body.text()) || ""; - throw new ApiException( - response.httpStatusCode, - 'Unknown API Status Code!\nBody: "' + body + '"' - ); - } - /** * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects @@ -8597,6 +8593,68 @@ export class SecurityMonitoringApiResponseProcessor { ); } + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to listHistoricalJobs + * @throws ApiException if the response code was not in [200, 299] + */ + public async listHistoricalJobs( + response: ResponseContext + ): Promise { + const contentType = ObjectSerializer.normalizeMediaType( + response.headers["content-type"] + ); + if (response.httpStatusCode === 200) { + const body: ListHistoricalJobsResponse = ObjectSerializer.deserialize( + ObjectSerializer.parse(await response.body.text(), contentType), + "ListHistoricalJobsResponse" + ) as ListHistoricalJobsResponse; + return body; + } + if ( + response.httpStatusCode === 400 || + response.httpStatusCode === 403 || + response.httpStatusCode === 429 + ) { + const bodyText = ObjectSerializer.parse( + await response.body.text(), + contentType + ); + let body: APIErrorResponse; + try { + body = ObjectSerializer.deserialize( + bodyText, + "APIErrorResponse" + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + const body: ListHistoricalJobsResponse = ObjectSerializer.deserialize( + ObjectSerializer.parse(await response.body.text(), contentType), + "ListHistoricalJobsResponse", + "" + ) as ListHistoricalJobsResponse; + return body; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"' + ); + } + /** * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects @@ -9169,68 +9227,6 @@ export class SecurityMonitoringApiResponseProcessor { ); } - /** - * Unwraps the actual response sent by the server from the response context and deserializes the response content - * to the expected objects - * - * @params response Response returned by the server for a request to listThreatHuntingJobs - * @throws ApiException if the response code was not in [200, 299] - */ - public async listThreatHuntingJobs( - response: ResponseContext - ): Promise { - const contentType = ObjectSerializer.normalizeMediaType( - response.headers["content-type"] - ); - if (response.httpStatusCode === 200) { - const body: ListThreatHuntingJobsResponse = ObjectSerializer.deserialize( - ObjectSerializer.parse(await response.body.text(), contentType), - "ListThreatHuntingJobsResponse" - ) as ListThreatHuntingJobsResponse; - return body; - } - if ( - response.httpStatusCode === 400 || - response.httpStatusCode === 403 || - response.httpStatusCode === 429 - ) { - const bodyText = ObjectSerializer.parse( - await response.body.text(), - contentType - ); - let body: APIErrorResponse; - try { - body = ObjectSerializer.deserialize( - bodyText, - "APIErrorResponse" - ) as APIErrorResponse; - } catch (error) { - logger.debug(`Got error deserializing error: ${error}`); - throw new ApiException( - response.httpStatusCode, - bodyText - ); - } - throw new ApiException(response.httpStatusCode, body); - } - - // Work around for missing responses in specification, e.g. for petstore.yaml - if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { - const body: ListThreatHuntingJobsResponse = ObjectSerializer.deserialize( - ObjectSerializer.parse(await response.body.text(), contentType), - "ListThreatHuntingJobsResponse", - "" - ) as ListThreatHuntingJobsResponse; - return body; - } - - const body = (await response.body.text()) || ""; - throw new ApiException( - response.httpStatusCode, - 'Unknown API Status Code!\nBody: "' + body + '"' - ); - } - /** * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects @@ -9644,10 +9640,10 @@ export class SecurityMonitoringApiResponseProcessor { * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects * - * @params response Response returned by the server for a request to runThreatHuntingJob + * @params response Response returned by the server for a request to runHistoricalJob * @throws ApiException if the response code was not in [200, 299] */ - public async runThreatHuntingJob( + public async runHistoricalJob( response: ResponseContext ): Promise { const contentType = ObjectSerializer.normalizeMediaType( @@ -10570,7 +10566,7 @@ export interface SecurityMonitoringApiBulkExportSecurityMonitoringRulesRequest { body: SecurityMonitoringRuleBulkExportPayload; } -export interface SecurityMonitoringApiCancelThreatHuntingJobRequest { +export interface SecurityMonitoringApiCancelHistoricalJobRequest { /** * The ID of the job. * @type string @@ -10691,6 +10687,14 @@ export interface SecurityMonitoringApiDeleteCustomFrameworkRequest { version: string; } +export interface SecurityMonitoringApiDeleteHistoricalJobRequest { + /** + * The ID of the job. + * @type string + */ + jobId: string; +} + export interface SecurityMonitoringApiDeleteSecurityFilterRequest { /** * The ID of the security filter. @@ -10731,14 +10735,6 @@ export interface SecurityMonitoringApiDeleteSignalNotificationRuleRequest { id: string; } -export interface SecurityMonitoringApiDeleteThreatHuntingJobRequest { - /** - * The ID of the job. - * @type string - */ - jobId: string; -} - export interface SecurityMonitoringApiDeleteVulnerabilityNotificationRuleRequest { /** * ID of the notification rule. @@ -10827,6 +10823,14 @@ export interface SecurityMonitoringApiGetFindingRequest { snapshotTimestamp?: number; } +export interface SecurityMonitoringApiGetHistoricalJobRequest { + /** + * The ID of the job. + * @type string + */ + jobId: string; +} + export interface SecurityMonitoringApiGetInvestigationLogQueriesMatchingSignalRequest { /** * The ID of the signal. @@ -10912,7 +10916,7 @@ export interface SecurityMonitoringApiGetSecurityMonitoringCriticalAssetRequest export interface SecurityMonitoringApiGetSecurityMonitoringHistsignalRequest { /** - * The ID of the threat hunting signal. + * The ID of the historical signal. * @type string */ histsignalId: string; @@ -11029,14 +11033,6 @@ export interface SecurityMonitoringApiGetSuppressionVersionHistoryRequest { pageNumber?: number; } -export interface SecurityMonitoringApiGetThreatHuntingJobRequest { - /** - * The ID of the job. - * @type string - */ - jobId: string; -} - export interface SecurityMonitoringApiGetVulnerabilityNotificationRuleRequest { /** * ID of the notification rule. @@ -11166,6 +11162,29 @@ export interface SecurityMonitoringApiListFindingsRequest { detailedFindings?: boolean; } +export interface SecurityMonitoringApiListHistoricalJobsRequest { + /** + * Size for a given page. The maximum allowed value is 100. + * @type number + */ + pageSize?: number; + /** + * Specific page number to return. + * @type number + */ + pageNumber?: number; + /** + * The order of the jobs in results. + * @type string + */ + sort?: string; + /** + * Query used to filter items from the fetched list. + * @type string + */ + filterQuery?: string; +} + export interface SecurityMonitoringApiListMultipleRulesetsRequest { /** * @type GetMultipleRulesetsRequest @@ -11341,29 +11360,6 @@ export interface SecurityMonitoringApiListSecurityMonitoringSuppressionsRequest pageNumber?: number; } -export interface SecurityMonitoringApiListThreatHuntingJobsRequest { - /** - * Size for a given page. The maximum allowed value is 100. - * @type number - */ - pageSize?: number; - /** - * Specific page number to return. - * @type number - */ - pageNumber?: number; - /** - * The order of the jobs in results. - * @type string - */ - sort?: string; - /** - * Query used to filter items from the fetched list. - * @type string - */ - filterQuery?: string; -} - export interface SecurityMonitoringApiListVulnerabilitiesRequest { /** * Its value must come from the `links` section of the response of the first request. Do not manually edit it. @@ -11711,11 +11707,11 @@ export interface SecurityMonitoringApiPatchVulnerabilityNotificationRuleRequest body: PatchNotificationRuleParameters; } -export interface SecurityMonitoringApiRunThreatHuntingJobRequest { +export interface SecurityMonitoringApiRunHistoricalJobRequest { /** - * @type RunThreatHuntingJobRequest + * @type RunHistoricalJobRequest */ - body: RunThreatHuntingJobRequest; + body: RunHistoricalJobRequest; } export interface SecurityMonitoringApiSearchSecurityFindingsRequest { @@ -12009,14 +12005,14 @@ export class SecurityMonitoringApi { } /** - * Cancel a threat hunting job. + * Cancel a historical job. * @param param The request object */ - public cancelThreatHuntingJob( - param: SecurityMonitoringApiCancelThreatHuntingJobRequest, + public cancelHistoricalJob( + param: SecurityMonitoringApiCancelHistoricalJobRequest, options?: Configuration ): Promise { - const requestContextPromise = this.requestFactory.cancelThreatHuntingJob( + const requestContextPromise = this.requestFactory.cancelHistoricalJob( param.jobId, options ); @@ -12024,7 +12020,7 @@ export class SecurityMonitoringApi { return this.configuration.httpApi .send(requestContext) .then((responseContext) => { - return this.responseProcessor.cancelThreatHuntingJob(responseContext); + return this.responseProcessor.cancelHistoricalJob(responseContext); }); }); } @@ -12359,6 +12355,27 @@ export class SecurityMonitoringApi { }); } + /** + * Delete an existing job. + * @param param The request object + */ + public deleteHistoricalJob( + param: SecurityMonitoringApiDeleteHistoricalJobRequest, + options?: Configuration + ): Promise { + const requestContextPromise = this.requestFactory.deleteHistoricalJob( + param.jobId, + options + ); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.deleteHistoricalJob(responseContext); + }); + }); + } + /** * Delete a specific security filter. * @param param The request object @@ -12470,27 +12487,6 @@ export class SecurityMonitoringApi { }); } - /** - * Delete an existing job. - * @param param The request object - */ - public deleteThreatHuntingJob( - param: SecurityMonitoringApiDeleteThreatHuntingJobRequest, - options?: Configuration - ): Promise { - const requestContextPromise = this.requestFactory.deleteThreatHuntingJob( - param.jobId, - options - ); - return requestContextPromise.then((requestContext) => { - return this.configuration.httpApi - .send(requestContext) - .then((responseContext) => { - return this.responseProcessor.deleteThreatHuntingJob(responseContext); - }); - }); - } - /** * Delete a notification rule for security vulnerabilities. * @param param The request object @@ -12697,6 +12693,27 @@ export class SecurityMonitoringApi { }); } + /** + * Get a job's details. + * @param param The request object + */ + public getHistoricalJob( + param: SecurityMonitoringApiGetHistoricalJobRequest, + options?: Configuration + ): Promise { + const requestContextPromise = this.requestFactory.getHistoricalJob( + param.jobId, + options + ); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.getHistoricalJob(responseContext); + }); + }); + } + /** * Get the list of investigation log queries available for a given security signal. * @param param The request object @@ -13117,27 +13134,6 @@ export class SecurityMonitoringApi { }); } - /** - * Get a job's details. - * @param param The request object - */ - public getThreatHuntingJob( - param: SecurityMonitoringApiGetThreatHuntingJobRequest, - options?: Configuration - ): Promise { - const requestContextPromise = this.requestFactory.getThreatHuntingJob( - param.jobId, - options - ); - return requestContextPromise.then((requestContext) => { - return this.configuration.httpApi - .send(requestContext) - .then((responseContext) => { - return this.responseProcessor.getThreatHuntingJob(responseContext); - }); - }); - } - /** * Get the details of a notification rule for security vulnerabilities. * @param param The request object @@ -13363,6 +13359,30 @@ export class SecurityMonitoringApi { } } + /** + * List historical jobs. + * @param param The request object + */ + public listHistoricalJobs( + param: SecurityMonitoringApiListHistoricalJobsRequest = {}, + options?: Configuration + ): Promise { + const requestContextPromise = this.requestFactory.listHistoricalJobs( + param.pageSize, + param.pageNumber, + param.sort, + param.filterQuery, + options + ); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.listHistoricalJobs(responseContext); + }); + }); + } + /** * Get rules for multiple rulesets in batch. * @param param The request object @@ -13751,30 +13771,6 @@ export class SecurityMonitoringApi { }); } - /** - * List threat hunting jobs. - * @param param The request object - */ - public listThreatHuntingJobs( - param: SecurityMonitoringApiListThreatHuntingJobsRequest = {}, - options?: Configuration - ): Promise { - const requestContextPromise = this.requestFactory.listThreatHuntingJobs( - param.pageSize, - param.pageNumber, - param.sort, - param.filterQuery, - options - ); - return requestContextPromise.then((requestContext) => { - return this.configuration.httpApi - .send(requestContext) - .then((responseContext) => { - return this.responseProcessor.listThreatHuntingJobs(responseContext); - }); - }); - } - /** * Get a list of vulnerabilities. * @@ -14047,14 +14043,14 @@ export class SecurityMonitoringApi { } /** - * Run a threat hunting job. + * Run a historical job. * @param param The request object */ - public runThreatHuntingJob( - param: SecurityMonitoringApiRunThreatHuntingJobRequest, + public runHistoricalJob( + param: SecurityMonitoringApiRunHistoricalJobRequest, options?: Configuration ): Promise { - const requestContextPromise = this.requestFactory.runThreatHuntingJob( + const requestContextPromise = this.requestFactory.runHistoricalJob( param.body, options ); @@ -14062,7 +14058,7 @@ export class SecurityMonitoringApi { return this.configuration.httpApi .send(requestContext) .then((responseContext) => { - return this.responseProcessor.runThreatHuntingJob(responseContext); + return this.responseProcessor.runHistoricalJob(responseContext); }); }); } diff --git a/packages/datadog-api-client-v2/index.ts b/packages/datadog-api-client-v2/index.ts index a7a2f29897ba..037ae4a00d4a 100644 --- a/packages/datadog-api-client-v2/index.ts +++ b/packages/datadog-api-client-v2/index.ts @@ -974,7 +974,7 @@ export { SecurityMonitoringApiBulkEditSecurityMonitoringSignalsAssigneeRequest, SecurityMonitoringApiBulkEditSecurityMonitoringSignalsStateRequest, SecurityMonitoringApiBulkExportSecurityMonitoringRulesRequest, - SecurityMonitoringApiCancelThreatHuntingJobRequest, + SecurityMonitoringApiCancelHistoricalJobRequest, SecurityMonitoringApiConvertExistingSecurityMonitoringRuleRequest, SecurityMonitoringApiConvertJobResultToSignalRequest, SecurityMonitoringApiConvertSecurityMonitoringRuleFromJSONToTerraformRequest, @@ -989,12 +989,12 @@ export { SecurityMonitoringApiCreateVulnerabilityNotificationRuleRequest, SecurityMonitoringApiDeactivateContentPackRequest, SecurityMonitoringApiDeleteCustomFrameworkRequest, + SecurityMonitoringApiDeleteHistoricalJobRequest, SecurityMonitoringApiDeleteSecurityFilterRequest, SecurityMonitoringApiDeleteSecurityMonitoringCriticalAssetRequest, SecurityMonitoringApiDeleteSecurityMonitoringRuleRequest, SecurityMonitoringApiDeleteSecurityMonitoringSuppressionRequest, SecurityMonitoringApiDeleteSignalNotificationRuleRequest, - SecurityMonitoringApiDeleteThreatHuntingJobRequest, SecurityMonitoringApiDeleteVulnerabilityNotificationRuleRequest, SecurityMonitoringApiDetachCaseRequest, SecurityMonitoringApiEditSecurityMonitoringSignalAssigneeRequest, @@ -1003,6 +1003,7 @@ export { SecurityMonitoringApiGetCriticalAssetsAffectingRuleRequest, SecurityMonitoringApiGetCustomFrameworkRequest, SecurityMonitoringApiGetFindingRequest, + SecurityMonitoringApiGetHistoricalJobRequest, SecurityMonitoringApiGetInvestigationLogQueriesMatchingSignalRequest, SecurityMonitoringApiGetResourceEvaluationFiltersRequest, SecurityMonitoringApiGetRuleVersionHistoryRequest, @@ -1019,10 +1020,10 @@ export { SecurityMonitoringApiGetSuppressionVersionHistoryRequest, SecurityMonitoringApiGetSuppressionsAffectingFutureRuleRequest, SecurityMonitoringApiGetSuppressionsAffectingRuleRequest, - SecurityMonitoringApiGetThreatHuntingJobRequest, SecurityMonitoringApiGetVulnerabilityNotificationRuleRequest, SecurityMonitoringApiListAssetsSBOMsRequest, SecurityMonitoringApiListFindingsRequest, + SecurityMonitoringApiListHistoricalJobsRequest, SecurityMonitoringApiListMultipleRulesetsRequest, SecurityMonitoringApiListScannedAssetsMetadataRequest, SecurityMonitoringApiListSecurityFindingsRequest, @@ -1030,13 +1031,12 @@ export { SecurityMonitoringApiListSecurityMonitoringRulesRequest, SecurityMonitoringApiListSecurityMonitoringSignalsRequest, SecurityMonitoringApiListSecurityMonitoringSuppressionsRequest, - SecurityMonitoringApiListThreatHuntingJobsRequest, SecurityMonitoringApiListVulnerabilitiesRequest, SecurityMonitoringApiListVulnerableAssetsRequest, SecurityMonitoringApiMuteFindingsRequest, SecurityMonitoringApiPatchSignalNotificationRuleRequest, SecurityMonitoringApiPatchVulnerabilityNotificationRuleRequest, - SecurityMonitoringApiRunThreatHuntingJobRequest, + SecurityMonitoringApiRunHistoricalJobRequest, SecurityMonitoringApiSearchSecurityFindingsRequest, SecurityMonitoringApiSearchSecurityMonitoringHistsignalsRequest, SecurityMonitoringApiSearchSecurityMonitoringSignalsRequest, @@ -3147,6 +3147,13 @@ export { HamrOrgConnectionRequest } from "./models/HamrOrgConnectionRequest"; export { HamrOrgConnectionResponse } from "./models/HamrOrgConnectionResponse"; export { HamrOrgConnectionStatus } from "./models/HamrOrgConnectionStatus"; export { HamrOrgConnectionType } from "./models/HamrOrgConnectionType"; +export { HistoricalJobDataType } from "./models/HistoricalJobDataType"; +export { HistoricalJobListMeta } from "./models/HistoricalJobListMeta"; +export { HistoricalJobOptions } from "./models/HistoricalJobOptions"; +export { HistoricalJobQuery } from "./models/HistoricalJobQuery"; +export { HistoricalJobResponse } from "./models/HistoricalJobResponse"; +export { HistoricalJobResponseAttributes } from "./models/HistoricalJobResponseAttributes"; +export { HistoricalJobResponseData } from "./models/HistoricalJobResponseData"; export { HourlyUsage } from "./models/HourlyUsage"; export { HourlyUsageAttributes } from "./models/HourlyUsageAttributes"; export { HourlyUsageMeasurement } from "./models/HourlyUsageMeasurement"; @@ -3583,6 +3590,7 @@ export { ListFeatureFlagsResponse } from "./models/ListFeatureFlagsResponse"; export { ListFindingsMeta } from "./models/ListFindingsMeta"; export { ListFindingsPage } from "./models/ListFindingsPage"; export { ListFindingsResponse } from "./models/ListFindingsResponse"; +export { ListHistoricalJobsResponse } from "./models/ListHistoricalJobsResponse"; export { ListIntegrationsResponse } from "./models/ListIntegrationsResponse"; export { ListInterfaceTagsResponse } from "./models/ListInterfaceTagsResponse"; export { ListInterfaceTagsResponseData } from "./models/ListInterfaceTagsResponseData"; @@ -3610,7 +3618,6 @@ export { ListTagsResponseData } from "./models/ListTagsResponseData"; export { ListTagsResponseDataAttributes } from "./models/ListTagsResponseDataAttributes"; export { ListTeamsInclude } from "./models/ListTeamsInclude"; export { ListTeamsSort } from "./models/ListTeamsSort"; -export { ListThreatHuntingJobsResponse } from "./models/ListThreatHuntingJobsResponse"; export { ListVulnerabilitiesResponse } from "./models/ListVulnerabilitiesResponse"; export { ListVulnerableAssetsResponse } from "./models/ListVulnerableAssetsResponse"; export { LLMObsAnnotatedInteractionItem } from "./models/LLMObsAnnotatedInteractionItem"; @@ -4926,10 +4933,10 @@ export { RUMSearchEventsRequest } from "./models/RUMSearchEventsRequest"; export { RUMSort } from "./models/RUMSort"; export { RUMSortOrder } from "./models/RUMSortOrder"; export { RUMWarning } from "./models/RUMWarning"; -export { RunThreatHuntingJobRequest } from "./models/RunThreatHuntingJobRequest"; -export { RunThreatHuntingJobRequestAttributes } from "./models/RunThreatHuntingJobRequestAttributes"; -export { RunThreatHuntingJobRequestData } from "./models/RunThreatHuntingJobRequestData"; -export { RunThreatHuntingJobRequestDataType } from "./models/RunThreatHuntingJobRequestDataType"; +export { RunHistoricalJobRequest } from "./models/RunHistoricalJobRequest"; +export { RunHistoricalJobRequestAttributes } from "./models/RunHistoricalJobRequestAttributes"; +export { RunHistoricalJobRequestData } from "./models/RunHistoricalJobRequestData"; +export { RunHistoricalJobRequestDataType } from "./models/RunHistoricalJobRequestDataType"; export { SAMLAssertionAttribute } from "./models/SAMLAssertionAttribute"; export { SAMLAssertionAttributeAttributes } from "./models/SAMLAssertionAttributeAttributes"; export { SAMLAssertionAttributesType } from "./models/SAMLAssertionAttributesType"; @@ -5875,13 +5882,6 @@ export { TestOptimizationUpdateServiceSettingsRequest } from "./models/TestOptim export { TestOptimizationUpdateServiceSettingsRequestAttributes } from "./models/TestOptimizationUpdateServiceSettingsRequestAttributes"; export { TestOptimizationUpdateServiceSettingsRequestData } from "./models/TestOptimizationUpdateServiceSettingsRequestData"; export { TestOptimizationUpdateServiceSettingsRequestDataType } from "./models/TestOptimizationUpdateServiceSettingsRequestDataType"; -export { ThreatHuntingJobDataType } from "./models/ThreatHuntingJobDataType"; -export { ThreatHuntingJobListMeta } from "./models/ThreatHuntingJobListMeta"; -export { ThreatHuntingJobOptions } from "./models/ThreatHuntingJobOptions"; -export { ThreatHuntingJobQuery } from "./models/ThreatHuntingJobQuery"; -export { ThreatHuntingJobResponse } from "./models/ThreatHuntingJobResponse"; -export { ThreatHuntingJobResponseAttributes } from "./models/ThreatHuntingJobResponseAttributes"; -export { ThreatHuntingJobResponseData } from "./models/ThreatHuntingJobResponseData"; export { TimelineCell } from "./models/TimelineCell"; export { TimelineCellAuthor } from "./models/TimelineCellAuthor"; export { TimelineCellAuthorUser } from "./models/TimelineCellAuthorUser"; diff --git a/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsAttributes.ts b/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsAttributes.ts index 40cb92b8f9a7..fd57577e110b 100644 --- a/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsAttributes.ts +++ b/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsAttributes.ts @@ -8,7 +8,7 @@ import { SecurityMonitoringRuleSeverity } from "./SecurityMonitoringRuleSeverity import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Attributes for converting threat hunting job results to signals. + * Attributes for converting historical job results to signals. */ export class ConvertJobResultsToSignalsAttributes { /** diff --git a/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsData.ts b/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsData.ts index 4253fa34fcef..ac79f9d1a34a 100644 --- a/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsData.ts +++ b/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsData.ts @@ -9,11 +9,11 @@ import { ConvertJobResultsToSignalsDataType } from "./ConvertJobResultsToSignals import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Data for converting threat hunting job results to signals. + * Data for converting historical job results to signals. */ export class ConvertJobResultsToSignalsData { /** - * Attributes for converting threat hunting job results to signals. + * Attributes for converting historical job results to signals. */ "attributes"?: ConvertJobResultsToSignalsAttributes; /** diff --git a/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsRequest.ts b/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsRequest.ts index 8161f8af85bc..ac16adaf6176 100644 --- a/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsRequest.ts +++ b/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsRequest.ts @@ -8,11 +8,11 @@ import { ConvertJobResultsToSignalsData } from "./ConvertJobResultsToSignalsData import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Request for converting threat hunting job results to signals. + * Request for converting historical job results to signals. */ export class ConvertJobResultsToSignalsRequest { /** - * Data for converting threat hunting job results to signals. + * Data for converting historical job results to signals. */ "data"?: ConvertJobResultsToSignalsData; diff --git a/packages/datadog-api-client-v2/models/ThreatHuntingJobDataType.ts b/packages/datadog-api-client-v2/models/HistoricalJobDataType.ts similarity index 92% rename from packages/datadog-api-client-v2/models/ThreatHuntingJobDataType.ts rename to packages/datadog-api-client-v2/models/HistoricalJobDataType.ts index 6ff4ef7ddc00..398cd3294ceb 100644 --- a/packages/datadog-api-client-v2/models/ThreatHuntingJobDataType.ts +++ b/packages/datadog-api-client-v2/models/HistoricalJobDataType.ts @@ -10,7 +10,7 @@ import { UnparsedObject } from "../../datadog-api-client-common/util"; * Type of payload. */ -export type ThreatHuntingJobDataType = +export type HistoricalJobDataType = | typeof HISTORICALDETECTIONSJOB | UnparsedObject; export const HISTORICALDETECTIONSJOB = "historicalDetectionsJob"; diff --git a/packages/datadog-api-client-v2/models/ThreatHuntingJobListMeta.ts b/packages/datadog-api-client-v2/models/HistoricalJobListMeta.ts similarity index 92% rename from packages/datadog-api-client-v2/models/ThreatHuntingJobListMeta.ts rename to packages/datadog-api-client-v2/models/HistoricalJobListMeta.ts index 4371bfbfe6ef..158928b480de 100644 --- a/packages/datadog-api-client-v2/models/ThreatHuntingJobListMeta.ts +++ b/packages/datadog-api-client-v2/models/HistoricalJobListMeta.ts @@ -9,7 +9,7 @@ import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** * Metadata about the list of jobs. */ -export class ThreatHuntingJobListMeta { +export class HistoricalJobListMeta { /** * Number of jobs in the list. */ @@ -46,7 +46,7 @@ export class ThreatHuntingJobListMeta { * @ignore */ static getAttributeTypeMap(): AttributeTypeMap { - return ThreatHuntingJobListMeta.attributeTypeMap; + return HistoricalJobListMeta.attributeTypeMap; } public constructor() {} diff --git a/packages/datadog-api-client-v2/models/ThreatHuntingJobOptions.ts b/packages/datadog-api-client-v2/models/HistoricalJobOptions.ts similarity index 98% rename from packages/datadog-api-client-v2/models/ThreatHuntingJobOptions.ts rename to packages/datadog-api-client-v2/models/HistoricalJobOptions.ts index f76f9d30eb42..a0c4f990c312 100644 --- a/packages/datadog-api-client-v2/models/ThreatHuntingJobOptions.ts +++ b/packages/datadog-api-client-v2/models/HistoricalJobOptions.ts @@ -18,7 +18,7 @@ import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** * Job options. */ -export class ThreatHuntingJobOptions { +export class HistoricalJobOptions { /** * Options on anomaly detection method. */ @@ -121,7 +121,7 @@ export class ThreatHuntingJobOptions { * @ignore */ static getAttributeTypeMap(): AttributeTypeMap { - return ThreatHuntingJobOptions.attributeTypeMap; + return HistoricalJobOptions.attributeTypeMap; } public constructor() {} diff --git a/packages/datadog-api-client-v2/models/ThreatHuntingJobQuery.ts b/packages/datadog-api-client-v2/models/HistoricalJobQuery.ts similarity index 95% rename from packages/datadog-api-client-v2/models/ThreatHuntingJobQuery.ts rename to packages/datadog-api-client-v2/models/HistoricalJobQuery.ts index 5e00d79c8e1d..b2a2bc129c63 100644 --- a/packages/datadog-api-client-v2/models/ThreatHuntingJobQuery.ts +++ b/packages/datadog-api-client-v2/models/HistoricalJobQuery.ts @@ -9,9 +9,9 @@ import { SecurityMonitoringStandardDataSource } from "./SecurityMonitoringStanda import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Query for selecting logs analyzed by the threat hunting job. + * Query for selecting logs analyzed by the historical job. */ -export class ThreatHuntingJobQuery { +export class HistoricalJobQuery { /** * The aggregation type. */ @@ -103,7 +103,7 @@ export class ThreatHuntingJobQuery { * @ignore */ static getAttributeTypeMap(): AttributeTypeMap { - return ThreatHuntingJobQuery.attributeTypeMap; + return HistoricalJobQuery.attributeTypeMap; } public constructor() {} diff --git a/packages/datadog-api-client-v2/models/ThreatHuntingJobResponse.ts b/packages/datadog-api-client-v2/models/HistoricalJobResponse.ts similarity index 75% rename from packages/datadog-api-client-v2/models/ThreatHuntingJobResponse.ts rename to packages/datadog-api-client-v2/models/HistoricalJobResponse.ts index 0fbb0d5fbea5..4ba8336784d0 100644 --- a/packages/datadog-api-client-v2/models/ThreatHuntingJobResponse.ts +++ b/packages/datadog-api-client-v2/models/HistoricalJobResponse.ts @@ -3,18 +3,18 @@ * This product includes software developed at Datadog (https://www.datadoghq.com/). * Copyright 2020-Present Datadog, Inc. */ -import { ThreatHuntingJobResponseData } from "./ThreatHuntingJobResponseData"; +import { HistoricalJobResponseData } from "./HistoricalJobResponseData"; import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Threat hunting job response. + * Historical job response. */ -export class ThreatHuntingJobResponse { +export class HistoricalJobResponse { /** - * Threat hunting job response data. + * Historical job response data. */ - "data"?: ThreatHuntingJobResponseData; + "data"?: HistoricalJobResponseData; /** * A container for additional, undeclared properties. @@ -34,7 +34,7 @@ export class ThreatHuntingJobResponse { static readonly attributeTypeMap: AttributeTypeMap = { data: { baseName: "data", - type: "ThreatHuntingJobResponseData", + type: "HistoricalJobResponseData", }, additionalProperties: { baseName: "additionalProperties", @@ -46,7 +46,7 @@ export class ThreatHuntingJobResponse { * @ignore */ static getAttributeTypeMap(): AttributeTypeMap { - return ThreatHuntingJobResponse.attributeTypeMap; + return HistoricalJobResponse.attributeTypeMap; } public constructor() {} diff --git a/packages/datadog-api-client-v2/models/ThreatHuntingJobResponseAttributes.ts b/packages/datadog-api-client-v2/models/HistoricalJobResponseAttributes.ts similarity index 92% rename from packages/datadog-api-client-v2/models/ThreatHuntingJobResponseAttributes.ts rename to packages/datadog-api-client-v2/models/HistoricalJobResponseAttributes.ts index 30d6e327aaf5..466fd3a5a1af 100644 --- a/packages/datadog-api-client-v2/models/ThreatHuntingJobResponseAttributes.ts +++ b/packages/datadog-api-client-v2/models/HistoricalJobResponseAttributes.ts @@ -8,9 +8,9 @@ import { JobDefinition } from "./JobDefinition"; import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Threat hunting job attributes. + * Historical job attributes. */ -export class ThreatHuntingJobResponseAttributes { +export class HistoricalJobResponseAttributes { /** * Time when the job was created. */ @@ -28,7 +28,7 @@ export class ThreatHuntingJobResponseAttributes { */ "createdFromRuleId"?: string; /** - * Definition of a threat hunting job. + * Definition of a historical job. */ "jobDefinition"?: JobDefinition; /** @@ -110,7 +110,7 @@ export class ThreatHuntingJobResponseAttributes { * @ignore */ static getAttributeTypeMap(): AttributeTypeMap { - return ThreatHuntingJobResponseAttributes.attributeTypeMap; + return HistoricalJobResponseAttributes.attributeTypeMap; } public constructor() {} diff --git a/packages/datadog-api-client-v2/models/ThreatHuntingJobResponseData.ts b/packages/datadog-api-client-v2/models/HistoricalJobResponseData.ts similarity index 69% rename from packages/datadog-api-client-v2/models/ThreatHuntingJobResponseData.ts rename to packages/datadog-api-client-v2/models/HistoricalJobResponseData.ts index 510dd322a50c..d28c6e75d17d 100644 --- a/packages/datadog-api-client-v2/models/ThreatHuntingJobResponseData.ts +++ b/packages/datadog-api-client-v2/models/HistoricalJobResponseData.ts @@ -3,19 +3,19 @@ * This product includes software developed at Datadog (https://www.datadoghq.com/). * Copyright 2020-Present Datadog, Inc. */ -import { ThreatHuntingJobDataType } from "./ThreatHuntingJobDataType"; -import { ThreatHuntingJobResponseAttributes } from "./ThreatHuntingJobResponseAttributes"; +import { HistoricalJobDataType } from "./HistoricalJobDataType"; +import { HistoricalJobResponseAttributes } from "./HistoricalJobResponseAttributes"; import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Threat hunting job response data. + * Historical job response data. */ -export class ThreatHuntingJobResponseData { +export class HistoricalJobResponseData { /** - * Threat hunting job attributes. + * Historical job attributes. */ - "attributes"?: ThreatHuntingJobResponseAttributes; + "attributes"?: HistoricalJobResponseAttributes; /** * ID of the job. */ @@ -23,7 +23,7 @@ export class ThreatHuntingJobResponseData { /** * Type of payload. */ - "type"?: ThreatHuntingJobDataType; + "type"?: HistoricalJobDataType; /** * A container for additional, undeclared properties. @@ -43,7 +43,7 @@ export class ThreatHuntingJobResponseData { static readonly attributeTypeMap: AttributeTypeMap = { attributes: { baseName: "attributes", - type: "ThreatHuntingJobResponseAttributes", + type: "HistoricalJobResponseAttributes", }, id: { baseName: "id", @@ -51,7 +51,7 @@ export class ThreatHuntingJobResponseData { }, type: { baseName: "type", - type: "ThreatHuntingJobDataType", + type: "HistoricalJobDataType", }, additionalProperties: { baseName: "additionalProperties", @@ -63,7 +63,7 @@ export class ThreatHuntingJobResponseData { * @ignore */ static getAttributeTypeMap(): AttributeTypeMap { - return ThreatHuntingJobResponseData.attributeTypeMap; + return HistoricalJobResponseData.attributeTypeMap; } public constructor() {} diff --git a/packages/datadog-api-client-v2/models/JobCreateResponse.ts b/packages/datadog-api-client-v2/models/JobCreateResponse.ts index e1daa5b866b3..abd55fa82232 100644 --- a/packages/datadog-api-client-v2/models/JobCreateResponse.ts +++ b/packages/datadog-api-client-v2/models/JobCreateResponse.ts @@ -8,7 +8,7 @@ import { JobCreateResponseData } from "./JobCreateResponseData"; import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Run a threat hunting job response. + * Run a historical job response. */ export class JobCreateResponse { /** diff --git a/packages/datadog-api-client-v2/models/JobCreateResponseData.ts b/packages/datadog-api-client-v2/models/JobCreateResponseData.ts index 7e76ba56bedf..80e9268122c5 100644 --- a/packages/datadog-api-client-v2/models/JobCreateResponseData.ts +++ b/packages/datadog-api-client-v2/models/JobCreateResponseData.ts @@ -3,7 +3,7 @@ * This product includes software developed at Datadog (https://www.datadoghq.com/). * Copyright 2020-Present Datadog, Inc. */ -import { ThreatHuntingJobDataType } from "./ThreatHuntingJobDataType"; +import { HistoricalJobDataType } from "./HistoricalJobDataType"; import { AttributeTypeMap } from "../../datadog-api-client-common/util"; @@ -18,7 +18,7 @@ export class JobCreateResponseData { /** * Type of payload. */ - "type"?: ThreatHuntingJobDataType; + "type"?: HistoricalJobDataType; /** * A container for additional, undeclared properties. @@ -42,7 +42,7 @@ export class JobCreateResponseData { }, type: { baseName: "type", - type: "ThreatHuntingJobDataType", + type: "HistoricalJobDataType", }, additionalProperties: { baseName: "additionalProperties", diff --git a/packages/datadog-api-client-v2/models/JobDefinition.ts b/packages/datadog-api-client-v2/models/JobDefinition.ts index fb1e274f66b2..8db46a9f5e9f 100644 --- a/packages/datadog-api-client-v2/models/JobDefinition.ts +++ b/packages/datadog-api-client-v2/models/JobDefinition.ts @@ -4,16 +4,16 @@ * Copyright 2020-Present Datadog, Inc. */ import { CalculatedField } from "./CalculatedField"; +import { HistoricalJobOptions } from "./HistoricalJobOptions"; +import { HistoricalJobQuery } from "./HistoricalJobQuery"; import { SecurityMonitoringReferenceTable } from "./SecurityMonitoringReferenceTable"; import { SecurityMonitoringRuleCaseCreate } from "./SecurityMonitoringRuleCaseCreate"; import { SecurityMonitoringThirdPartyRuleCaseCreate } from "./SecurityMonitoringThirdPartyRuleCaseCreate"; -import { ThreatHuntingJobOptions } from "./ThreatHuntingJobOptions"; -import { ThreatHuntingJobQuery } from "./ThreatHuntingJobQuery"; import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Definition of a threat hunting job. + * Definition of a historical job. */ export class JobDefinition { /** @@ -47,11 +47,11 @@ export class JobDefinition { /** * Job options. */ - "options"?: ThreatHuntingJobOptions; + "options"?: HistoricalJobOptions; /** * Queries for selecting logs analyzed by the job. */ - "queries": Array; + "queries": Array; /** * Reference tables used in the queries. */ @@ -125,11 +125,11 @@ export class JobDefinition { }, options: { baseName: "options", - type: "ThreatHuntingJobOptions", + type: "HistoricalJobOptions", }, queries: { baseName: "queries", - type: "Array", + type: "Array", required: true, }, referenceTables: { diff --git a/packages/datadog-api-client-v2/models/JobDefinitionFromRule.ts b/packages/datadog-api-client-v2/models/JobDefinitionFromRule.ts index 6aecc50486fd..4ec07f7cd116 100644 --- a/packages/datadog-api-client-v2/models/JobDefinitionFromRule.ts +++ b/packages/datadog-api-client-v2/models/JobDefinitionFromRule.ts @@ -7,7 +7,7 @@ import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Definition of a threat hunting job based on a security monitoring rule. + * Definition of a historical job based on a security monitoring rule. */ export class JobDefinitionFromRule { /** diff --git a/packages/datadog-api-client-v2/models/ListThreatHuntingJobsResponse.ts b/packages/datadog-api-client-v2/models/ListHistoricalJobsResponse.ts similarity index 67% rename from packages/datadog-api-client-v2/models/ListThreatHuntingJobsResponse.ts rename to packages/datadog-api-client-v2/models/ListHistoricalJobsResponse.ts index 322ef2e18d3f..af5bbcb353c4 100644 --- a/packages/datadog-api-client-v2/models/ListThreatHuntingJobsResponse.ts +++ b/packages/datadog-api-client-v2/models/ListHistoricalJobsResponse.ts @@ -3,23 +3,23 @@ * This product includes software developed at Datadog (https://www.datadoghq.com/). * Copyright 2020-Present Datadog, Inc. */ -import { ThreatHuntingJobListMeta } from "./ThreatHuntingJobListMeta"; -import { ThreatHuntingJobResponseData } from "./ThreatHuntingJobResponseData"; +import { HistoricalJobListMeta } from "./HistoricalJobListMeta"; +import { HistoricalJobResponseData } from "./HistoricalJobResponseData"; import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * List of threat hunting jobs. + * List of historical jobs. */ -export class ListThreatHuntingJobsResponse { +export class ListHistoricalJobsResponse { /** - * Array containing the list of threat hunting jobs. + * Array containing the list of historical jobs. */ - "data"?: Array; + "data"?: Array; /** * Metadata about the list of jobs. */ - "meta"?: ThreatHuntingJobListMeta; + "meta"?: HistoricalJobListMeta; /** * A container for additional, undeclared properties. @@ -39,11 +39,11 @@ export class ListThreatHuntingJobsResponse { static readonly attributeTypeMap: AttributeTypeMap = { data: { baseName: "data", - type: "Array", + type: "Array", }, meta: { baseName: "meta", - type: "ThreatHuntingJobListMeta", + type: "HistoricalJobListMeta", }, additionalProperties: { baseName: "additionalProperties", @@ -55,7 +55,7 @@ export class ListThreatHuntingJobsResponse { * @ignore */ static getAttributeTypeMap(): AttributeTypeMap { - return ListThreatHuntingJobsResponse.attributeTypeMap; + return ListHistoricalJobsResponse.attributeTypeMap; } public constructor() {} diff --git a/packages/datadog-api-client-v2/models/ObjectSerializer.ts b/packages/datadog-api-client-v2/models/ObjectSerializer.ts index f154ab0d9f6e..4f9b07c2dfdb 100644 --- a/packages/datadog-api-client-v2/models/ObjectSerializer.ts +++ b/packages/datadog-api-client-v2/models/ObjectSerializer.ts @@ -1448,6 +1448,12 @@ import { HamrOrgConnectionDataRequest } from "./HamrOrgConnectionDataRequest"; import { HamrOrgConnectionDataResponse } from "./HamrOrgConnectionDataResponse"; import { HamrOrgConnectionRequest } from "./HamrOrgConnectionRequest"; import { HamrOrgConnectionResponse } from "./HamrOrgConnectionResponse"; +import { HistoricalJobListMeta } from "./HistoricalJobListMeta"; +import { HistoricalJobOptions } from "./HistoricalJobOptions"; +import { HistoricalJobQuery } from "./HistoricalJobQuery"; +import { HistoricalJobResponse } from "./HistoricalJobResponse"; +import { HistoricalJobResponseAttributes } from "./HistoricalJobResponseAttributes"; +import { HistoricalJobResponseData } from "./HistoricalJobResponseData"; import { HourlyUsage } from "./HourlyUsage"; import { HourlyUsageAttributes } from "./HourlyUsageAttributes"; import { HourlyUsageMeasurement } from "./HourlyUsageMeasurement"; @@ -1866,6 +1872,7 @@ import { ListFeatureFlagsResponse } from "./ListFeatureFlagsResponse"; import { ListFindingsMeta } from "./ListFindingsMeta"; import { ListFindingsPage } from "./ListFindingsPage"; import { ListFindingsResponse } from "./ListFindingsResponse"; +import { ListHistoricalJobsResponse } from "./ListHistoricalJobsResponse"; import { ListIntegrationsResponse } from "./ListIntegrationsResponse"; import { ListInterfaceTagsResponse } from "./ListInterfaceTagsResponse"; import { ListInterfaceTagsResponseData } from "./ListInterfaceTagsResponseData"; @@ -1891,7 +1898,6 @@ import { ListSecurityFindingsResponse } from "./ListSecurityFindingsResponse"; import { ListTagsResponse } from "./ListTagsResponse"; import { ListTagsResponseData } from "./ListTagsResponseData"; import { ListTagsResponseDataAttributes } from "./ListTagsResponseDataAttributes"; -import { ListThreatHuntingJobsResponse } from "./ListThreatHuntingJobsResponse"; import { ListVulnerabilitiesResponse } from "./ListVulnerabilitiesResponse"; import { ListVulnerableAssetsResponse } from "./ListVulnerableAssetsResponse"; import { Log } from "./Log"; @@ -2771,9 +2777,9 @@ import { RumRetentionFiltersOrderData } from "./RumRetentionFiltersOrderData"; import { RumRetentionFiltersOrderRequest } from "./RumRetentionFiltersOrderRequest"; import { RumRetentionFiltersOrderResponse } from "./RumRetentionFiltersOrderResponse"; import { RumRetentionFiltersResponse } from "./RumRetentionFiltersResponse"; -import { RunThreatHuntingJobRequest } from "./RunThreatHuntingJobRequest"; -import { RunThreatHuntingJobRequestAttributes } from "./RunThreatHuntingJobRequestAttributes"; -import { RunThreatHuntingJobRequestData } from "./RunThreatHuntingJobRequestData"; +import { RunHistoricalJobRequest } from "./RunHistoricalJobRequest"; +import { RunHistoricalJobRequestAttributes } from "./RunHistoricalJobRequestAttributes"; +import { RunHistoricalJobRequestData } from "./RunHistoricalJobRequestData"; import { SAMLAssertionAttribute } from "./SAMLAssertionAttribute"; import { SAMLAssertionAttributeAttributes } from "./SAMLAssertionAttributeAttributes"; import { SBOM } from "./SBOM"; @@ -3485,12 +3491,6 @@ import { TestOptimizationServiceSettingsResponse } from "./TestOptimizationServi import { TestOptimizationUpdateServiceSettingsRequest } from "./TestOptimizationUpdateServiceSettingsRequest"; import { TestOptimizationUpdateServiceSettingsRequestAttributes } from "./TestOptimizationUpdateServiceSettingsRequestAttributes"; import { TestOptimizationUpdateServiceSettingsRequestData } from "./TestOptimizationUpdateServiceSettingsRequestData"; -import { ThreatHuntingJobListMeta } from "./ThreatHuntingJobListMeta"; -import { ThreatHuntingJobOptions } from "./ThreatHuntingJobOptions"; -import { ThreatHuntingJobQuery } from "./ThreatHuntingJobQuery"; -import { ThreatHuntingJobResponse } from "./ThreatHuntingJobResponse"; -import { ThreatHuntingJobResponseAttributes } from "./ThreatHuntingJobResponseAttributes"; -import { ThreatHuntingJobResponseData } from "./ThreatHuntingJobResponseData"; import { TimeRestriction } from "./TimeRestriction"; import { TimeRestrictions } from "./TimeRestrictions"; import { TimelineCell } from "./TimelineCell"; @@ -4402,6 +4402,7 @@ const enumsMap: { [key: string]: any[] } = { HTTPTokenAuthType: ["HTTPTokenAuth"], HamrOrgConnectionStatus: [0, 1, 2, 3, 4, 5], HamrOrgConnectionType: ["hamr_org_connections"], + HistoricalJobDataType: ["historicalDetectionsJob"], HourlyUsageType: [ "app_sec_host_count", "observability_pipelines_bytes_processed", @@ -5186,7 +5187,7 @@ const enumsMap: { [key: string]: any[] } = { "vital", ], RumRetentionFilterType: ["retention_filters"], - RunThreatHuntingJobRequestDataType: ["historicalDetectionsJobCreate"], + RunHistoricalJobRequestDataType: ["historicalDetectionsJobCreate"], SAMLAssertionAttributesType: ["saml_assertion_attributes"], SBOMComponentLicenseType: [ "network_strong_copyleft", @@ -5713,7 +5714,6 @@ const enumsMap: { [key: string]: any[] } = { TestOptimizationUpdateServiceSettingsRequestDataType: [ "test_optimization_update_service_settings_request", ], - ThreatHuntingJobDataType: ["historicalDetectionsJob"], TimelineCellAuthorUserType: ["USER"], TimelineCellResourceType: ["timeline_cell"], TimelineCellType: ["COMMENT"], @@ -7602,6 +7602,12 @@ const typeMap: { [index: string]: any } = { HamrOrgConnectionDataResponse: HamrOrgConnectionDataResponse, HamrOrgConnectionRequest: HamrOrgConnectionRequest, HamrOrgConnectionResponse: HamrOrgConnectionResponse, + HistoricalJobListMeta: HistoricalJobListMeta, + HistoricalJobOptions: HistoricalJobOptions, + HistoricalJobQuery: HistoricalJobQuery, + HistoricalJobResponse: HistoricalJobResponse, + HistoricalJobResponseAttributes: HistoricalJobResponseAttributes, + HistoricalJobResponseData: HistoricalJobResponseData, HourlyUsage: HourlyUsage, HourlyUsageAttributes: HourlyUsageAttributes, HourlyUsageMeasurement: HourlyUsageMeasurement, @@ -8086,6 +8092,7 @@ const typeMap: { [index: string]: any } = { ListFindingsMeta: ListFindingsMeta, ListFindingsPage: ListFindingsPage, ListFindingsResponse: ListFindingsResponse, + ListHistoricalJobsResponse: ListHistoricalJobsResponse, ListIntegrationsResponse: ListIntegrationsResponse, ListInterfaceTagsResponse: ListInterfaceTagsResponse, ListInterfaceTagsResponseData: ListInterfaceTagsResponseData, @@ -8112,7 +8119,6 @@ const typeMap: { [index: string]: any } = { ListTagsResponse: ListTagsResponse, ListTagsResponseData: ListTagsResponseData, ListTagsResponseDataAttributes: ListTagsResponseDataAttributes, - ListThreatHuntingJobsResponse: ListThreatHuntingJobsResponse, ListVulnerabilitiesResponse: ListVulnerabilitiesResponse, ListVulnerableAssetsResponse: ListVulnerableAssetsResponse, Log: Log, @@ -9206,9 +9212,9 @@ const typeMap: { [index: string]: any } = { RumRetentionFiltersOrderRequest: RumRetentionFiltersOrderRequest, RumRetentionFiltersOrderResponse: RumRetentionFiltersOrderResponse, RumRetentionFiltersResponse: RumRetentionFiltersResponse, - RunThreatHuntingJobRequest: RunThreatHuntingJobRequest, - RunThreatHuntingJobRequestAttributes: RunThreatHuntingJobRequestAttributes, - RunThreatHuntingJobRequestData: RunThreatHuntingJobRequestData, + RunHistoricalJobRequest: RunHistoricalJobRequest, + RunHistoricalJobRequestAttributes: RunHistoricalJobRequestAttributes, + RunHistoricalJobRequestData: RunHistoricalJobRequestData, SAMLAssertionAttribute: SAMLAssertionAttribute, SAMLAssertionAttributeAttributes: SAMLAssertionAttributeAttributes, SBOM: SBOM, @@ -10129,12 +10135,6 @@ const typeMap: { [index: string]: any } = { TestOptimizationUpdateServiceSettingsRequestAttributes, TestOptimizationUpdateServiceSettingsRequestData: TestOptimizationUpdateServiceSettingsRequestData, - ThreatHuntingJobListMeta: ThreatHuntingJobListMeta, - ThreatHuntingJobOptions: ThreatHuntingJobOptions, - ThreatHuntingJobQuery: ThreatHuntingJobQuery, - ThreatHuntingJobResponse: ThreatHuntingJobResponse, - ThreatHuntingJobResponseAttributes: ThreatHuntingJobResponseAttributes, - ThreatHuntingJobResponseData: ThreatHuntingJobResponseData, TimeRestriction: TimeRestriction, TimeRestrictions: TimeRestrictions, TimelineCell: TimelineCell, diff --git a/packages/datadog-api-client-v2/models/RunThreatHuntingJobRequest.ts b/packages/datadog-api-client-v2/models/RunHistoricalJobRequest.ts similarity index 73% rename from packages/datadog-api-client-v2/models/RunThreatHuntingJobRequest.ts rename to packages/datadog-api-client-v2/models/RunHistoricalJobRequest.ts index 6f424457b1ff..f7c768fef170 100644 --- a/packages/datadog-api-client-v2/models/RunThreatHuntingJobRequest.ts +++ b/packages/datadog-api-client-v2/models/RunHistoricalJobRequest.ts @@ -3,18 +3,18 @@ * This product includes software developed at Datadog (https://www.datadoghq.com/). * Copyright 2020-Present Datadog, Inc. */ -import { RunThreatHuntingJobRequestData } from "./RunThreatHuntingJobRequestData"; +import { RunHistoricalJobRequestData } from "./RunHistoricalJobRequestData"; import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Run a threat hunting job request. + * Run a historical job request. */ -export class RunThreatHuntingJobRequest { +export class RunHistoricalJobRequest { /** - * Data for running a threat hunting job request. + * Data for running a historical job request. */ - "data"?: RunThreatHuntingJobRequestData; + "data"?: RunHistoricalJobRequestData; /** * A container for additional, undeclared properties. @@ -34,7 +34,7 @@ export class RunThreatHuntingJobRequest { static readonly attributeTypeMap: AttributeTypeMap = { data: { baseName: "data", - type: "RunThreatHuntingJobRequestData", + type: "RunHistoricalJobRequestData", }, additionalProperties: { baseName: "additionalProperties", @@ -46,7 +46,7 @@ export class RunThreatHuntingJobRequest { * @ignore */ static getAttributeTypeMap(): AttributeTypeMap { - return RunThreatHuntingJobRequest.attributeTypeMap; + return RunHistoricalJobRequest.attributeTypeMap; } public constructor() {} diff --git a/packages/datadog-api-client-v2/models/RunThreatHuntingJobRequestAttributes.ts b/packages/datadog-api-client-v2/models/RunHistoricalJobRequestAttributes.ts similarity index 84% rename from packages/datadog-api-client-v2/models/RunThreatHuntingJobRequestAttributes.ts rename to packages/datadog-api-client-v2/models/RunHistoricalJobRequestAttributes.ts index 885981acbc32..5951e4afa580 100644 --- a/packages/datadog-api-client-v2/models/RunThreatHuntingJobRequestAttributes.ts +++ b/packages/datadog-api-client-v2/models/RunHistoricalJobRequestAttributes.ts @@ -9,11 +9,11 @@ import { JobDefinitionFromRule } from "./JobDefinitionFromRule"; import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Run a threat hunting job request. + * Run a historical job request. */ -export class RunThreatHuntingJobRequestAttributes { +export class RunHistoricalJobRequestAttributes { /** - * Definition of a threat hunting job based on a security monitoring rule. + * Definition of a historical job based on a security monitoring rule. */ "fromRule"?: JobDefinitionFromRule; /** @@ -21,7 +21,7 @@ export class RunThreatHuntingJobRequestAttributes { */ "id"?: string; /** - * Definition of a threat hunting job. + * Definition of a historical job. */ "jobDefinition"?: JobDefinition; @@ -63,7 +63,7 @@ export class RunThreatHuntingJobRequestAttributes { * @ignore */ static getAttributeTypeMap(): AttributeTypeMap { - return RunThreatHuntingJobRequestAttributes.attributeTypeMap; + return RunHistoricalJobRequestAttributes.attributeTypeMap; } public constructor() {} diff --git a/packages/datadog-api-client-v2/models/RunThreatHuntingJobRequestData.ts b/packages/datadog-api-client-v2/models/RunHistoricalJobRequestData.ts similarity index 64% rename from packages/datadog-api-client-v2/models/RunThreatHuntingJobRequestData.ts rename to packages/datadog-api-client-v2/models/RunHistoricalJobRequestData.ts index a66686e5d084..661579ee9572 100644 --- a/packages/datadog-api-client-v2/models/RunThreatHuntingJobRequestData.ts +++ b/packages/datadog-api-client-v2/models/RunHistoricalJobRequestData.ts @@ -3,23 +3,23 @@ * This product includes software developed at Datadog (https://www.datadoghq.com/). * Copyright 2020-Present Datadog, Inc. */ -import { RunThreatHuntingJobRequestAttributes } from "./RunThreatHuntingJobRequestAttributes"; -import { RunThreatHuntingJobRequestDataType } from "./RunThreatHuntingJobRequestDataType"; +import { RunHistoricalJobRequestAttributes } from "./RunHistoricalJobRequestAttributes"; +import { RunHistoricalJobRequestDataType } from "./RunHistoricalJobRequestDataType"; import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Data for running a threat hunting job request. + * Data for running a historical job request. */ -export class RunThreatHuntingJobRequestData { +export class RunHistoricalJobRequestData { /** - * Run a threat hunting job request. + * Run a historical job request. */ - "attributes"?: RunThreatHuntingJobRequestAttributes; + "attributes"?: RunHistoricalJobRequestAttributes; /** * Type of data. */ - "type"?: RunThreatHuntingJobRequestDataType; + "type"?: RunHistoricalJobRequestDataType; /** * A container for additional, undeclared properties. @@ -39,11 +39,11 @@ export class RunThreatHuntingJobRequestData { static readonly attributeTypeMap: AttributeTypeMap = { attributes: { baseName: "attributes", - type: "RunThreatHuntingJobRequestAttributes", + type: "RunHistoricalJobRequestAttributes", }, type: { baseName: "type", - type: "RunThreatHuntingJobRequestDataType", + type: "RunHistoricalJobRequestDataType", }, additionalProperties: { baseName: "additionalProperties", @@ -55,7 +55,7 @@ export class RunThreatHuntingJobRequestData { * @ignore */ static getAttributeTypeMap(): AttributeTypeMap { - return RunThreatHuntingJobRequestData.attributeTypeMap; + return RunHistoricalJobRequestData.attributeTypeMap; } public constructor() {} diff --git a/packages/datadog-api-client-v2/models/RunThreatHuntingJobRequestDataType.ts b/packages/datadog-api-client-v2/models/RunHistoricalJobRequestDataType.ts similarity index 90% rename from packages/datadog-api-client-v2/models/RunThreatHuntingJobRequestDataType.ts rename to packages/datadog-api-client-v2/models/RunHistoricalJobRequestDataType.ts index 3e151b37c976..83bb2ce63e44 100644 --- a/packages/datadog-api-client-v2/models/RunThreatHuntingJobRequestDataType.ts +++ b/packages/datadog-api-client-v2/models/RunHistoricalJobRequestDataType.ts @@ -10,7 +10,7 @@ import { UnparsedObject } from "../../datadog-api-client-common/util"; * Type of data. */ -export type RunThreatHuntingJobRequestDataType = +export type RunHistoricalJobRequestDataType = | typeof HISTORICALDETECTIONSJOBCREATE | UnparsedObject; export const HISTORICALDETECTIONSJOBCREATE = "historicalDetectionsJobCreate";