data [required]
\nobject
The data of a governance control update request.
attributes
\nobject
The attributes of a governance control that can be updated. Only the attributes present in the request are modified.
detection_frequency
\nstring
How often detections should be evaluated for the control.
detection_parameters
\nobject
A free-form map of parameter names to their configured values.
mitigation_parameters
\nobject
A free-form map of parameter names to their configured values.
mitigation_type
\nstring
The mitigation type to configure for the control.
name
\nstring
A new human-readable name for the control.
notification_frequency
\nstring
The notification frequency to configure for the control.
notification_parameters
\nobject
A free-form map of parameter names to their configured values.
notification_type
\nstring
The notification type to configure for the control.
id
\nstring
The unique identifier of the control.
type [required]
\nenum
JSON:API resource type for a governance control. \nAllowed enum values: governance_control
data [required]
\n[object]
An array of governance control detection resources.
attributes [required]
\nobject
The attributes of a governance control detection.
assigned_team
\nstring
The identifier of the team the detection is assigned to, if any.
assigned_to
\nstring
The identifier of the user the detection is assigned to, if any.
assignment_source [required]
\nenum
How the detection's current assignment was determined. Possible values are auto_resolved, manual, reassigned, and cleared. \nAllowed enum values: auto_resolved,manual,reassigned,cleared
control_id [required]
\nstring
The unique identifier of the control that produced this detection.
created_at [required]
\ndate-time
The date and time when the detection was created.
detection_type [required]
\nstring
The type of detection, which determines what condition was detected.
display_name [required]
\nstring
The human-readable name of the detected resource.
exception_at
\ndate-time
The date and time when the detection was marked as an exception, if applicable.
exception_by
\nstring
The identifier of the user who marked the detection as an exception, if applicable.
metadata
\nFree-form metadata associated with the detection.
mitigate_after
\ndate-time
The date and time after which the detection is scheduled to be mitigated, if applicable.
mitigated_at
\ndate-time
The date and time when the detection was mitigated, if applicable.
priority [required]
\nint64
The priority of the detection, if set.
resource_id [required]
\nstring
The identifier of the resource the detection applies to.
resource_url [required]
\nstring
A link to the detected resource in Datadog.
state [required]
\nenum
The current state of the detection. Possible values are active, exception, mitigated, inactive, obsolete, resolved_externally, and mitigation_in_progress. \nAllowed enum values: active,exception,mitigated,inactive,obsolete,resolved_externally,mitigation_in_progress
id [required]
\nstring
The unique identifier of the detection.
type [required]
\nenum
Governance control detection resource type. \nAllowed enum values: governance_control_detection
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[string]
A list of errors.
data [required]
\nobject
A governance control detection resource.
attributes [required]
\nobject
The attributes of a governance control detection.
assigned_team
\nstring
The identifier of the team the detection is assigned to, if any.
assigned_to
\nstring
The identifier of the user the detection is assigned to, if any.
assignment_source [required]
\nenum
How the detection's current assignment was determined. Possible values are auto_resolved, manual, reassigned, and cleared. \nAllowed enum values: auto_resolved,manual,reassigned,cleared
control_id [required]
\nstring
The unique identifier of the control that produced this detection.
created_at [required]
\ndate-time
The date and time when the detection was created.
detection_type [required]
\nstring
The type of detection, which determines what condition was detected.
display_name [required]
\nstring
The human-readable name of the detected resource.
exception_at
\ndate-time
The date and time when the detection was marked as an exception, if applicable.
exception_by
\nstring
The identifier of the user who marked the detection as an exception, if applicable.
metadata
\nFree-form metadata associated with the detection.
mitigate_after
\ndate-time
The date and time after which the detection is scheduled to be mitigated, if applicable.
mitigated_at
\ndate-time
The date and time when the detection was mitigated, if applicable.
priority [required]
\nint64
The priority of the detection, if set.
resource_id [required]
\nstring
The identifier of the resource the detection applies to.
resource_url [required]
\nstring
A link to the detected resource in Datadog.
state [required]
\nenum
The current state of the detection. Possible values are active, exception, mitigated, inactive, obsolete, resolved_externally, and mitigation_in_progress. \nAllowed enum values: active,exception,mitigated,inactive,obsolete,resolved_externally,mitigation_in_progress
id [required]
\nstring
The unique identifier of the detection.
type [required]
\nenum
Governance control detection resource type. \nAllowed enum values: governance_control_detection
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[string]
A list of errors.
data [required]
\nobject
A governance control detection resource.
attributes [required]
\nobject
The attributes of a governance control detection.
assigned_team
\nstring
The identifier of the team the detection is assigned to, if any.
assigned_to
\nstring
The identifier of the user the detection is assigned to, if any.
assignment_source [required]
\nenum
How the detection's current assignment was determined. Possible values are auto_resolved, manual, reassigned, and cleared. \nAllowed enum values: auto_resolved,manual,reassigned,cleared
control_id [required]
\nstring
The unique identifier of the control that produced this detection.
created_at [required]
\ndate-time
The date and time when the detection was created.
detection_type [required]
\nstring
The type of detection, which determines what condition was detected.
display_name [required]
\nstring
The human-readable name of the detected resource.
exception_at
\ndate-time
The date and time when the detection was marked as an exception, if applicable.
exception_by
\nstring
The identifier of the user who marked the detection as an exception, if applicable.
metadata
\nFree-form metadata associated with the detection.
mitigate_after
\ndate-time
The date and time after which the detection is scheduled to be mitigated, if applicable.
mitigated_at
\ndate-time
The date and time when the detection was mitigated, if applicable.
priority [required]
\nint64
The priority of the detection, if set.
resource_id [required]
\nstring
The identifier of the resource the detection applies to.
resource_url [required]
\nstring
A link to the detected resource in Datadog.
state [required]
\nenum
The current state of the detection. Possible values are active, exception, mitigated, inactive, obsolete, resolved_externally, and mitigation_in_progress. \nAllowed enum values: active,exception,mitigated,inactive,obsolete,resolved_externally,mitigation_in_progress
id [required]
\nstring
The unique identifier of the detection.
type [required]
\nenum
Governance control detection resource type. \nAllowed enum values: governance_control_detection
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[string]
A list of errors.
data [required]
\nobject
The data of a governance control detection update request.
attributes
\nobject
The attributes of a governance control detection that can be updated. Only the attributes present in the request are modified.
assigned_team
\nstring
The handle of the team the detection is assigned to. Set to an empty string to clear the assignment.
assigned_to
\nstring
The UUID of the user the detection is assigned to. Set to an empty string to clear the assignment.
mitigate_after
\ndate-time
The timestamp after which the detection becomes eligible for mitigation. Used to defer mitigation to a later time.
state
\nenum
The new state to set for the detection. Set to exception to acknowledge the detection and exclude it from active counts, or active to reopen it. \nAllowed enum values: exception,active
type [required]
\nenum
Governance control detection resource type. \nAllowed enum values: governance_control_detection
data [required]
\nobject
A control notification settings resource.
attributes [required]
\nobject
The attributes of a governance control's notification settings.
event_settings [required]
\n[object]
The notification settings for each supported event type on the control.
enabled [required]
\nboolean
Whether notifications are enabled for this event type.
event_type [required]
\nstring
The event type the notification settings apply to, such as new_detection.
targets [required]
\n[object]
The destinations that receive notifications for an event type.
handle [required]
\nstring
The destination handle, such as an email address, Slack channel, or user handle.
type [required]
\nenum
The type of notification destination. \nAllowed enum values: email,slack,at_mention,case
id [required]
\nstring
The detection type the notification settings apply to.
type [required]
\nenum
Control notification settings resource type. \nAllowed enum values: control_notification_settings
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[string]
A list of errors.
data [required]
\nobject
A control notification settings resource.
attributes [required]
\nobject
The attributes of a governance control's notification settings.
event_settings [required]
\n[object]
The notification settings for each supported event type on the control.
enabled [required]
\nboolean
Whether notifications are enabled for this event type.
event_type [required]
\nstring
The event type the notification settings apply to, such as new_detection.
targets [required]
\n[object]
The destinations that receive notifications for an event type.
handle [required]
\nstring
The destination handle, such as an email address, Slack channel, or user handle.
type [required]
\nenum
The type of notification destination. \nAllowed enum values: email,slack,at_mention,case
id [required]
\nstring
The detection type the notification settings apply to.
type [required]
\nenum
Control notification settings resource type. \nAllowed enum values: control_notification_settings
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[string]
A list of errors.
data [required]
\nobject
The data of a control notification settings update request.
attributes
\nobject
The attributes of a governance control's notification settings that can be updated.
event_settings
\n[object]
The notification settings for each supported event type on the control.
enabled [required]
\nboolean
Whether notifications are enabled for this event type.
event_type [required]
\nstring
The event type the notification settings apply to, such as new_detection.
targets [required]
\n[object]
The destinations that receive notifications for an event type.
handle [required]
\nstring
The destination handle, such as an email address, Slack channel, or user handle.
type [required]
\nenum
The type of notification destination. \nAllowed enum values: email,slack,at_mention,case
type [required]
\nenum
Control notification settings resource type. \nAllowed enum values: control_notification_settings
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[string]
A list of errors.
data [required]
\nobject
The data of a governance mitigation request.
attributes
\nobject
The attributes of a governance mitigation request.
detection_ids
\n[string]
The identifiers of the detections to mitigate in this request.
detection_type
\nstring
The detection type whose detections should be mitigated.
mitigation_parameters
\nobject
A free-form map of parameter names to their configured values.
mitigation_type
\nstring
The mitigation to apply to the selected detections. Defaults to the control's configured mitigation when omitted.
type [required]
\nenum
Governance control detection resource type. \nAllowed enum values: governance_control_detection
data [required]
\n[object]
An array of governance insight resources.
attributes [required]
\nobject
The attributes of a governance insight.
audit_query [required]
\nobject
An audit log query used to compute an insight value.
compute [required]
\nobject
The aggregation applied to an audit log query.
aggregation [required]
\nstring
The aggregation function to apply.
interval [required]
\nint64
The aggregation time window, in milliseconds.
metric [required]
\nstring
The metric or attribute to aggregate.
rollup
\nstring
An optional secondary aggregation applied to the audit query result.
indexes [required]
\n[string]
The audit log indexes the query runs against.
query [required]
\nstring
The audit log search query string.
source [required]
\nstring
The data source the query runs against.
best_practice [required]
\nobject
The best practice associated with an insight. Populated with the first active best practice\nmatched to the insight; null when no best practice is attached.
category [required]
\nstring
The value driver the best practice is grouped under, such as access_governance,\nsecurity, compliance, or operational_hygiene.
deep_link [required]
\nstring
A relative link to the configuration page where the best practice can be acted upon.
description [required]
\nstring
The full rationale and guidance for the best practice.
detection_type
\nstring
An optional association to a control's detection type. null when not associated with a control.
id [required]
\nstring
The unique identifier of the best practice.
impact [required]
\nstring
The expected impact of following the best practice.
impact_hint [required]
\nint64
A priority hint for ordering best practices by expected impact. Lower values indicate\nhigher priority.
permissions [required]
\n[string]
The permissions required for the user to act on the best practice.
status [required]
\nstring
Whether the best practice is currently active or deprecated.
summary [required]
\nstring
A one-line explanation of why this best practice matters.
title [required]
\nstring
A short, human-readable name for the best practice.
trigger_condition [required]
\nstring
The condition that surfaces the best practice. For an insight trigger, the insight\nslug; for a static trigger, a descriptive condition key.
trigger_type [required]
\nstring
How the best practice is surfaced. insight ties it to an insight; static surfaces it\nunless its condition is met.
deep_link [required]
\nstring
A relative link to the product surface where the insight can be acted upon.
description [required]
\nstring
A human-readable description of what the insight measures.
display_name [required]
\nstring
Human-readable name of the insight.
event_query [required]
\nobject
An event query used to compute an insight value.
compute
\nobject
The aggregation applied to an event query.
aggregation [required]
\nstring
The aggregation function to apply.
interval [required]
\nint64
The aggregation time window, in milliseconds.
indexes [required]
\n[string]
The event indexes the query runs against.
query [required]
\nstring
The event search query string.
metric_query [required]
\nobject
A metric query used to compute an insight value.
query [required]
\nstring
The query string.
reducer [required]
\nstring
How the query result series is reduced to a single value.
source [required]
\nstring
The data source the query runs against.
old_value [required]
\ndouble
The value of the insight over the previous comparison window. null when values were\nnot requested or could not be computed.
percentage_query [required]
\nobject
A percentage query that computes an insight value as a ratio of two metric queries.
denominator_query [required]
\nobject
A metric query used to compute an insight value.
query [required]
\nstring
The query string.
reducer [required]
\nstring
How the query result series is reduced to a single value.
source [required]
\nstring
The data source the query runs against.
numerator_query [required]
\nobject
A metric query used to compute an insight value.
query [required]
\nstring
The query string.
reducer [required]
\nstring
How the query result series is reduced to a single value.
source [required]
\nstring
The data source the query runs against.
product [required]
\nstring
The product the insight belongs to.
query_config
\nobject
Query execution context that allows the frontend to execute insight queries directly.
chart_type
\nstring
The chart type the frontend should use to render the insight.
comparison_shift [required]
\nstring
The window used for the previous value comparison, for example week or month.
default_value
\nint64
The default value to display when no data is available.
directionality
\nstring
Whether an increase in the value is good, bad, or neutral. One of neutral,\nincrease_better, or decrease_better.
effective_time_window_days [required]
\nint64
The number of days the insight value is computed over.
sort_order
\nint64
The relative order in which the insight should be displayed.
state [required]
\nstring
The state of the insight. A critical insight receives extra UI treatment to draw\nattention to it.
sub_product [required]
\nstring
The sub-product the insight belongs to, if any.
time_range [required]
\nstring
The time range the insight value is computed over, if applicable.
unit_name [required]
\nstring
The unit that the insight's value is measured in.
usage_query [required]
\nobject
A usage query used to compute an insight value.
query [required]
\nstring
The usage query string.
reducer [required]
\nstring
How the query result series is reduced to a single value.
value [required]
\ndouble
The current value of the insight. null when values were not requested or could not be computed.
id [required]
\nstring
The unique identifier of the insight.
type [required]
\nenum
JSON:API resource type for a governance insight. \nAllowed enum values: insight
data [required]
\n[object]
An array of governance insight resources.
attributes [required]
\nobject
The attributes of a governance insight.
audit_query [required]
\nobject
An audit log query used to compute an insight value.
compute [required]
\nobject
The aggregation applied to an audit log query.
aggregation [required]
\nstring
The aggregation function to apply.
interval [required]
\nint64
The aggregation time window, in milliseconds.
metric [required]
\nstring
The metric or attribute to aggregate.
rollup
\nstring
An optional secondary aggregation applied to the audit query result.
indexes [required]
\n[string]
The audit log indexes the query runs against.
query [required]
\nstring
The audit log search query string.
source [required]
\nstring
The data source the query runs against.
best_practice [required]
\nobject
The best practice associated with an insight. Populated with the first active best practice\nmatched to the insight; null when no best practice is attached.
category [required]
\nstring
The value driver the best practice is grouped under, such as access_governance,\nsecurity, compliance, or operational_hygiene.
deep_link [required]
\nstring
A relative link to the configuration page where the best practice can be acted upon.
description [required]
\nstring
The full rationale and guidance for the best practice.
detection_type
\nstring
An optional association to a control's detection type. null when not associated with a control.
id [required]
\nstring
The unique identifier of the best practice.
impact [required]
\nstring
The expected impact of following the best practice.
impact_hint [required]
\nint64
A priority hint for ordering best practices by expected impact. Lower values indicate\nhigher priority.
permissions [required]
\n[string]
The permissions required for the user to act on the best practice.
status [required]
\nstring
Whether the best practice is currently active or deprecated.
summary [required]
\nstring
A one-line explanation of why this best practice matters.
title [required]
\nstring
A short, human-readable name for the best practice.
trigger_condition [required]
\nstring
The condition that surfaces the best practice. For an insight trigger, the insight\nslug; for a static trigger, a descriptive condition key.
trigger_type [required]
\nstring
How the best practice is surfaced. insight ties it to an insight; static surfaces it\nunless its condition is met.
deep_link [required]
\nstring
A relative link to the product surface where the insight can be acted upon.
description [required]
\nstring
A human-readable description of what the insight measures.
display_name [required]
\nstring
Human-readable name of the insight.
event_query [required]
\nobject
An event query used to compute an insight value.
compute
\nobject
The aggregation applied to an event query.
aggregation [required]
\nstring
The aggregation function to apply.
interval [required]
\nint64
The aggregation time window, in milliseconds.
indexes [required]
\n[string]
The event indexes the query runs against.
query [required]
\nstring
The event search query string.
metric_query [required]
\nobject
A metric query used to compute an insight value.
query [required]
\nstring
The query string.
reducer [required]
\nstring
How the query result series is reduced to a single value.
source [required]
\nstring
The data source the query runs against.
old_value [required]
\ndouble
The value of the insight over the previous comparison window. null when values were\nnot requested or could not be computed.
percentage_query [required]
\nobject
A percentage query that computes an insight value as a ratio of two metric queries.
denominator_query [required]
\nobject
A metric query used to compute an insight value.
query [required]
\nstring
The query string.
reducer [required]
\nstring
How the query result series is reduced to a single value.
source [required]
\nstring
The data source the query runs against.
numerator_query [required]
\nobject
A metric query used to compute an insight value.
query [required]
\nstring
The query string.
reducer [required]
\nstring
How the query result series is reduced to a single value.
source [required]
\nstring
The data source the query runs against.
product [required]
\nstring
The product the insight belongs to.
query_config
\nobject
Query execution context that allows the frontend to execute insight queries directly.
chart_type
\nstring
The chart type the frontend should use to render the insight.
comparison_shift [required]
\nstring
The window used for the previous value comparison; for example, week or month.
default_value
\nint64
The default value to display when no data is available.
directionality
\nstring
Whether an increase in the value is good, bad, or neutral. One of neutral,\nincrease_better, or decrease_better.
effective_time_window_days [required]
\nint64
The number of days the insight value is computed over.
sort_order
\nint64
The relative order in which the insight should be displayed.
state [required]
\nstring
The state of the insight. A critical insight receives extra UI treatment to draw\nattention to it.
sub_product [required]
\nstring
The sub-product the insight belongs to, if any.
time_range [required]
\nstring
The time range the insight value is computed over, if applicable.
unit_name [required]
\nstring
The unit that the insight's value is measured in.
usage_query [required]
\nobject
A usage query used to compute an insight value.
query [required]
\nstring
The usage query string.
reducer [required]
\nstring
How the query result series is reduced to a single value.
value [required]
\ndouble
The current value of the insight. null when values were not requested or could not be computed.
id [required]
\nstring
The unique identifier of the insight.
type [required]
\nenum
JSON:API resource type for a governance insight. \nAllowed enum values: insight
data [required]
\nobject
A Governance Console configuration resource.
attributes [required]
\nobject
The attributes of a Governance Console configuration.
assignment_notifications_enabled [required]
\nboolean
Whether notifications are sent to users when detections are assigned to them.
enabled [required]
\nboolean
Whether the Governance Console is enabled for the organization.
usage_attribution_configured [required]
\nboolean
Whether usage attribution is configured for the organization.
id [required]
\nstring
The unique identifier of the organization the Governance Console configuration applies to.
type [required]
\nenum
Governance console config resource type. \nAllowed enum values: governance_console_config
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[string]
A list of errors.
data [required]
\n[object]
An array of governance limit resources.
attributes [required]
\nobject
The attributes of a governance limit.
description [required]
\nstring
A description of what the limit measures.
display_name [required]
\nstring
The human-readable name of the limit.
limit_type [required]
\nstring
The type of limit, such as a rate limit or a usage limit.
product [required]
\nstring
The Datadog product the limit belongs to.
query [required]
\nobject
A metric query used to compute usage against a limit.
query [required]
\nstring
The metric query expression used to compute the limit value.
reducer [required]
\nstring
How the query results are aggregated into a single value (for example, sum, max, or avg).
source [required]
\nstring
The data source used to evaluate the metric query (for example, the metrics or events backend).
query_config [required]
\nobject
The query execution context used to visualize a limit and its usage.
chart_type
\nstring
The chart type used to visualize the limit and its usage.
comparison_shift
\nstring
The time shift applied to compare current usage against a prior period.
default_value
\nint64
The default value used for the limit when no explicit value is configured.
directionality
\nstring
The direction in which usage approaches the limit, indicating whether higher or lower values are closer to the limit.
effective_time_window_days
\nint64
The number of days of data the limit query evaluates over.
time_range [required]
\nstring
The time range over which usage against the limit is measured.
times_hit_limit [required]
\ndouble
The number of times usage has reached the limit within the measured time range.
unit_name [required]
\nstring
The unit in which the limit and its usage are measured.
usage_status [required]
\nstring
The current usage status of the limit relative to its threshold.
id [required]
\nstring
The unique identifier of the limit.
type [required]
\nenum
Limit resource type. \nAllowed enum values: limit
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[string]
A list of errors.
data [required]
\nobject
A governance notification settings resource.
attributes [required]
\nobject
The attributes of the organization-wide governance notification settings.
assignment_notifications_enabled [required]
\nboolean
Whether notifications are sent to users when detections are assigned to them.
id [required]
\nstring
The unique identifier of the organization the notification settings apply to.
type [required]
\nenum
Governance notification settings resource type. \nAllowed enum values: governance_notification_settings
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[string]
A list of errors.
data [required]
\nobject
A governance notification settings resource.
attributes [required]
\nobject
The attributes of the organization-wide governance notification settings.
assignment_notifications_enabled [required]
\nboolean
Whether notifications are sent to users when detections are assigned to them.
id [required]
\nstring
The unique identifier of the organization the notification settings apply to.
type [required]
\nenum
Governance notification settings resource type. \nAllowed enum values: governance_notification_settings
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[string]
A list of errors.
data [required]
\nobject
The data of a governance notification settings update request.
attributes
\nobject
The attributes of the governance notification settings that can be updated. Only the attributes present in the request are modified.
assignment_notifications_enabled
\nboolean
Whether notifications are sent to users when detections are assigned to them.
type [required]
\nenum
Governance notification settings resource type. \nAllowed enum values: governance_notification_settings
data [required]
\n[object]
An array of governance resource limit resources.
attributes [required]
\nobject
The attributes of a governance resource limit.
current_limit [required]
\ndouble
The current limit configured for the resource.
current_value [required]
\ndouble
The current value of the resource.
deep_link [required]
\nstring
A link to the Datadog page where the resource and its limit can be managed.
default_current_value [required]
\ndouble
The default current value used when the resource value cannot be computed from the query.
default_limit_value [required]
\ndouble
The default limit value used when the limit cannot be computed from the query.
description [required]
\nstring
A description of what the resource limit measures.
display_name [required]
\nstring
The human-readable name of the resource limit.
limit_query [required]
\nobject
A metric query used to compute usage against a limit.
query [required]
\nstring
The metric query expression used to compute the limit value.
reducer [required]
\nstring
How the query results are aggregated into a single value (for example, sum, max, or avg).
source [required]
\nstring
The data source used to evaluate the metric query (for example, the metrics or events backend).
product [required]
\nstring
The Datadog product the resource limit belongs to.
query [required]
\nobject
A metric query used to compute usage against a limit.
query [required]
\nstring
The metric query expression used to compute the limit value.
reducer [required]
\nstring
How the query results are aggregated into a single value (for example, sum, max, or avg).
source [required]
\nstring
The data source used to evaluate the metric query (for example, the metrics or events backend).
query_config [required]
\nobject
The query execution context used to visualize a limit and its usage.
chart_type
\nstring
The chart type used to visualize the limit and its usage.
comparison_shift
\nstring
The time shift applied to compare current usage against a prior period.
default_value
\nint64
The default value used for the limit when no explicit value is configured.
directionality
\nstring
The direction in which usage approaches the limit, indicating whether higher or lower values are closer to the limit.
effective_time_window_days
\nint64
The number of days of data the limit query evaluates over.
time_range [required]
\nstring
The time range over which the resource value is measured.
unit_name [required]
\nstring
The unit in which the resource value and limit are measured.
usage_status [required]
\nstring
The current usage status of the resource relative to its limit.
id [required]
\nstring
The unique identifier of the resource limit.
type [required]
\nenum
Resource limit resource type. \nAllowed enum values: resource-limit
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[object]
A list of errors.
detail
\nstring
A human-readable explanation specific to this occurrence of the error.
meta
\nobject
Non-standard meta-information about the error
source
\nobject
References to the source of the error.
header
\nstring
A string indicating the name of a single request header which caused the error.
parameter
\nstring
A string indicating which URI query parameter caused the error.
pointer
\nstring
A JSON pointer to the value in the request document that caused the error.
status
\nstring
Status code of the response.
title
\nstring
Short human-readable summary of the error.
errors [required]
\n[string]
A list of errors.