diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index f731f36b7945..a86914eb7985 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -3109,12 +3109,14 @@ components: - runbook - documentation - dashboard + - resource example: runbook type: string x-enum-varnames: - RUNBOOK - DOCUMENTATION - DASHBOARD + - RESOURCE AlertEventCustomAttributesPriority: default: '5' description: The priority of the alert. @@ -10383,9 +10385,11 @@ components: properties: name: description: The name of the resource that was changed. Limited to 128 characters. + Must contain at least one non-whitespace character. example: fallback_payments_test maxLength: 128 minLength: 1 + pattern: .*\S.* type: string type: $ref: '#/components/schemas/ChangeEventCustomAttributesChangedResourceType' @@ -41365,6 +41369,7 @@ components: example: CloudTrail Account Change oneOf: - $ref: '#/components/schemas/ObservabilityPipelineOcsfMappingLibrary' + - $ref: '#/components/schemas/ObservabilityPipelineOcsfMappingCustom' ObservabilityPipelineOcsfMapperProcessorType: default: ocsf_mapper description: The processor type. The value should always be `ocsf_mapper`. @@ -41374,6 +41379,116 @@ components: type: string x-enum-varnames: - OCSF_MAPPER + ObservabilityPipelineOcsfMappingCustom: + description: Custom OCSF mapping configuration for transforming logs. + properties: + mapping: + description: A list of field mapping rules for transforming log fields to + OCSF schema fields. + items: + $ref: '#/components/schemas/ObservabilityPipelineOcsfMappingCustomFieldMapping' + type: array + metadata: + $ref: '#/components/schemas/ObservabilityPipelineOcsfMappingCustomMetadata' + version: + description: The version of the custom mapping configuration. + example: 1 + format: int64 + type: integer + required: + - mapping + - metadata + - version + type: object + ObservabilityPipelineOcsfMappingCustomFieldMapping: + description: Defines a single field mapping rule for transforming a source field + to an OCSF destination field. + properties: + default: + description: The default value to use if the source field is missing or + empty. + example: '' + dest: + description: The destination OCSF field path. + example: device.type + type: string + lookup: + $ref: '#/components/schemas/ObservabilityPipelineOcsfMappingCustomLookup' + source: + description: The source field path from the log event. + example: host.type + sources: + description: Multiple source field paths for combined mapping. + example: + - field1 + - field2 + value: + description: A static value to use for the destination field. + example: static_value + required: + - dest + type: object + ObservabilityPipelineOcsfMappingCustomLookup: + description: Lookup table configuration for mapping source values to destination + values. + properties: + default: + description: The default value to use if no lookup match is found. + example: unknown + table: + description: A list of lookup table entries for value transformation. + items: + $ref: '#/components/schemas/ObservabilityPipelineOcsfMappingCustomLookupTableEntry' + type: array + type: object + ObservabilityPipelineOcsfMappingCustomLookupTableEntry: + description: A single entry in a lookup table for value transformation. + properties: + contains: + description: The substring to match in the source value. + example: Desktop + type: string + equals: + description: The exact value to match in the source. + example: desktop + equals_source: + description: The source field to match against. + example: device_type + type: string + matches: + description: A regex pattern to match in the source value. + example: ^Desktop.* + type: string + not_matches: + description: A regex pattern that must not match the source value. + example: ^Mobile.* + type: string + value: + description: The value to use when a match is found. + example: desktop + type: object + ObservabilityPipelineOcsfMappingCustomMetadata: + description: Metadata for the custom OCSF mapping. + properties: + class: + description: The OCSF event class name. + example: Device Inventory Info + type: string + profiles: + description: A list of OCSF profiles to apply. + example: + - container + items: + type: string + type: array + version: + description: The OCSF schema version. + example: 1.3.0 + type: string + required: + - class + - version + type: object ObservabilityPipelineOcsfMappingLibrary: description: Predefined library mappings for common log formats. enum: @@ -54350,6 +54465,39 @@ components: - MEDIUM - HIGH - CRITICAL + SecurityMonitoringRuleSort: + description: The sort parameters used for querying security monitoring rules. + enum: + - name + - creation_date + - update_date + - enabled + - type + - highest_severity + - source + - -name + - -creation_date + - -update_date + - -enabled + - -type + - -highest_severity + - -source + type: string + x-enum-varnames: + - NAME + - CREATION_DATE + - UPDATE_DATE + - ENABLED + - TYPE + - HIGHEST_SEVERITY + - SOURCE + - NAME_DESCENDING + - CREATION_DATE_DESCENDING + - UPDATE_DATE_DESCENDING + - ENABLED_DESCENDING + - TYPE_DESCENDING + - HIGHEST_SEVERITY_DESCENDING + - SOURCE_DESCENDING SecurityMonitoringRuleTestPayload: description: Test a rule. oneOf: @@ -95844,6 +95992,13 @@ paths: required: false schema: type: string + - description: Attribute used to sort rules. Prefix with `-` to sort in descending + order. + in: query + name: sort + required: false + schema: + $ref: '#/components/schemas/SecurityMonitoringRuleSort' responses: '200': content: diff --git a/cassettes/features/v2/observability_pipelines/Validate-an-observability-pipeline-with-OCSF-mapper-custom-mapping-returns-OK-response.frozen b/cassettes/features/v2/observability_pipelines/Validate-an-observability-pipeline-with-OCSF-mapper-custom-mapping-returns-OK-response.frozen new file mode 100644 index 000000000000..0a0ae84b13b4 --- /dev/null +++ b/cassettes/features/v2/observability_pipelines/Validate-an-observability-pipeline-with-OCSF-mapper-custom-mapping-returns-OK-response.frozen @@ -0,0 +1 @@ +2026-02-10T14:12:05.668Z \ No newline at end of file diff --git a/cassettes/features/v2/observability_pipelines/Validate-an-observability-pipeline-with-OCSF-mapper-custom-mapping-returns-OK-response.yml b/cassettes/features/v2/observability_pipelines/Validate-an-observability-pipeline-with-OCSF-mapper-custom-mapping-returns-OK-response.yml new file mode 100644 index 000000000000..972362d9c2d2 --- /dev/null +++ b/cassettes/features/v2/observability_pipelines/Validate-an-observability-pipeline-with-OCSF-mapper-custom-mapping-returns-OK-response.yml @@ -0,0 +1,28 @@ +http_interactions: +- recorded_at: Tue, 10 Feb 2026 14:12:05 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"config":{"destinations":[{"id":"datadog-logs-destination","inputs":["my-processor-group"],"type":"datadog_logs"}],"processor_groups":[{"enabled":true,"id":"my-processor-group","include":"service:my-service","inputs":["datadog-agent-source"],"processors":[{"enabled":true,"id":"ocsf-mapper-processor","include":"service:my-service","mappings":[{"include":"source:custom","mapping":{"mapping":[{"default":"","dest":"time","source":"timestamp"},{"default":"","dest":"severity","source":"level"},{"default":"","dest":"device.type","lookup":{"table":[{"contains":"Desktop","value":"desktop"}]},"source":"host.type"}],"metadata":{"class":"Device + Inventory Info","profiles":["container"],"version":"1.3.0"},"version":1}}],"type":"ocsf_mapper"}]}],"sources":[{"id":"datadog-agent-source","type":"datadog_agent"}]},"name":"OCSF + Custom Mapper Pipeline"},"type":"pipelines"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/obs-pipelines/pipelines/validate + response: + body: + encoding: UTF-8 + string: '{"errors":[]} + + ' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 200 + message: OK +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/observability_pipelines/Validate-an-observability-pipeline-with-OCSF-mapper-invalid-custom-mapping-returns-Bad-Request-response.frozen b/cassettes/features/v2/observability_pipelines/Validate-an-observability-pipeline-with-OCSF-mapper-invalid-custom-mapping-returns-Bad-Request-response.frozen new file mode 100644 index 000000000000..55487b67b256 --- /dev/null +++ b/cassettes/features/v2/observability_pipelines/Validate-an-observability-pipeline-with-OCSF-mapper-invalid-custom-mapping-returns-Bad-Request-response.frozen @@ -0,0 +1 @@ +2026-02-10T14:12:06.064Z \ No newline at end of file diff --git a/cassettes/features/v2/observability_pipelines/Validate-an-observability-pipeline-with-OCSF-mapper-invalid-custom-mapping-returns-Bad-Request-response.yml b/cassettes/features/v2/observability_pipelines/Validate-an-observability-pipeline-with-OCSF-mapper-invalid-custom-mapping-returns-Bad-Request-response.yml new file mode 100644 index 000000000000..5d05c98f3a3f --- /dev/null +++ b/cassettes/features/v2/observability_pipelines/Validate-an-observability-pipeline-with-OCSF-mapper-invalid-custom-mapping-returns-Bad-Request-response.yml @@ -0,0 +1,30 @@ +http_interactions: +- recorded_at: Tue, 10 Feb 2026 14:12:06 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"config":{"destinations":[{"id":"datadog-logs-destination","inputs":["my-processor-group"],"type":"datadog_logs"}],"processor_groups":[{"enabled":true,"id":"my-processor-group","include":"service:my-service","inputs":["datadog-agent-source"],"processors":[{"enabled":true,"id":"ocsf-mapper-processor","include":"service:my-service","mappings":[{"include":"source:custom","mapping":{"mapping":[{"dest":"time","source":"timestamp"}],"metadata":{"class":"Invalid + Class","profiles":["container"],"version":"1.3.0"},"version":0}}],"type":"ocsf_mapper"}]}],"sources":[{"id":"datadog-agent-source","type":"datadog_agent"}]},"name":"OCSF + Invalid Mapper Pipeline"},"type":"pipelines"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/obs-pipelines/pipelines/validate + response: + body: + encoding: UTF-8 + string: '{"errors":[{"title":"Schema version must be a positive integer","meta":{"field":"mappings.0.version","id":"ocsf-mapper-processor","message":"Schema + version must be a positive integer"}},{"title":"Invalid custom mapping class","meta":{"field":"mappings.0.metadata.class","id":"ocsf-mapper-processor","message":"Invalid + custom mapping class"}}]} + + ' + headers: + Content-Type: + - application/json + status: + code: 400 + message: Bad Request +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/observability_pipelines/Validate-an-observability-pipeline-with-OCSF-mapper-library-mapping-returns-OK-response.frozen b/cassettes/features/v2/observability_pipelines/Validate-an-observability-pipeline-with-OCSF-mapper-library-mapping-returns-OK-response.frozen new file mode 100644 index 000000000000..fbeecac324cc --- /dev/null +++ b/cassettes/features/v2/observability_pipelines/Validate-an-observability-pipeline-with-OCSF-mapper-library-mapping-returns-OK-response.frozen @@ -0,0 +1 @@ +2026-02-10T14:12:05.285Z \ No newline at end of file diff --git a/cassettes/features/v2/observability_pipelines/Validate-an-observability-pipeline-with-OCSF-mapper-library-mapping-returns-OK-response.yml b/cassettes/features/v2/observability_pipelines/Validate-an-observability-pipeline-with-OCSF-mapper-library-mapping-returns-OK-response.yml new file mode 100644 index 000000000000..40ed03b919fc --- /dev/null +++ b/cassettes/features/v2/observability_pipelines/Validate-an-observability-pipeline-with-OCSF-mapper-library-mapping-returns-OK-response.yml @@ -0,0 +1,28 @@ +http_interactions: +- recorded_at: Tue, 10 Feb 2026 14:12:05 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"config":{"destinations":[{"id":"datadog-logs-destination","inputs":["my-processor-group"],"type":"datadog_logs"}],"processor_groups":[{"enabled":true,"id":"my-processor-group","include":"service:my-service","inputs":["datadog-agent-source"],"processors":[{"enabled":true,"id":"ocsf-mapper-processor","include":"service:my-service","mappings":[{"include":"source:cloudtrail","mapping":"CloudTrail + Account Change"}],"type":"ocsf_mapper"}]}],"sources":[{"id":"datadog-agent-source","type":"datadog_agent"}]},"name":"OCSF + Mapper Pipeline"},"type":"pipelines"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/obs-pipelines/pipelines/validate + response: + body: + encoding: UTF-8 + string: '{"errors":[]} + + ' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 200 + message: OK +recorded_with: VCR 6.0.0 diff --git a/examples/v2/observability-pipelines/ValidatePipeline_3024756866.rb b/examples/v2/observability-pipelines/ValidatePipeline_3024756866.rb new file mode 100644 index 000000000000..2599a64b2e7b --- /dev/null +++ b/examples/v2/observability-pipelines/ValidatePipeline_3024756866.rb @@ -0,0 +1,89 @@ +# Validate an observability pipeline with OCSF mapper custom mapping returns "OK" response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::ObservabilityPipelinesAPI.new + +body = DatadogAPIClient::V2::ObservabilityPipelineSpec.new({ + data: DatadogAPIClient::V2::ObservabilityPipelineSpecData.new({ + attributes: DatadogAPIClient::V2::ObservabilityPipelineDataAttributes.new({ + config: DatadogAPIClient::V2::ObservabilityPipelineConfig.new({ + destinations: [ + DatadogAPIClient::V2::ObservabilityPipelineDatadogLogsDestination.new({ + id: "datadog-logs-destination", + inputs: [ + "my-processor-group", + ], + type: DatadogAPIClient::V2::ObservabilityPipelineDatadogLogsDestinationType::DATADOG_LOGS, + }), + ], + processor_groups: [ + DatadogAPIClient::V2::ObservabilityPipelineConfigProcessorGroup.new({ + enabled: true, + id: "my-processor-group", + include: "service:my-service", + inputs: [ + "datadog-agent-source", + ], + processors: [ + DatadogAPIClient::V2::ObservabilityPipelineOcsfMapperProcessor.new({ + enabled: true, + id: "ocsf-mapper-processor", + include: "service:my-service", + mappings: [ + DatadogAPIClient::V2::ObservabilityPipelineOcsfMapperProcessorMapping.new({ + include: "source:custom", + mapping: DatadogAPIClient::V2::ObservabilityPipelineOcsfMappingCustom.new({ + mapping: [ + DatadogAPIClient::V2::ObservabilityPipelineOcsfMappingCustomFieldMapping.new({ + default: "", + dest: "time", + source: "timestamp", + }), + DatadogAPIClient::V2::ObservabilityPipelineOcsfMappingCustomFieldMapping.new({ + default: "", + dest: "severity", + source: "level", + }), + DatadogAPIClient::V2::ObservabilityPipelineOcsfMappingCustomFieldMapping.new({ + default: "", + dest: "device.type", + lookup: DatadogAPIClient::V2::ObservabilityPipelineOcsfMappingCustomLookup.new({ + table: [ + DatadogAPIClient::V2::ObservabilityPipelineOcsfMappingCustomLookupTableEntry.new({ + contains: "Desktop", + value: "desktop", + }), + ], + }), + source: "host.type", + }), + ], + metadata: DatadogAPIClient::V2::ObservabilityPipelineOcsfMappingCustomMetadata.new({ + _class: "Device Inventory Info", + profiles: [ + "container", + ], + version: "1.3.0", + }), + version: 1, + }), + }), + ], + type: DatadogAPIClient::V2::ObservabilityPipelineOcsfMapperProcessorType::OCSF_MAPPER, + }), + ], + }), + ], + sources: [ + DatadogAPIClient::V2::ObservabilityPipelineDatadogAgentSource.new({ + id: "datadog-agent-source", + type: DatadogAPIClient::V2::ObservabilityPipelineDatadogAgentSourceType::DATADOG_AGENT, + }), + ], + }), + name: "OCSF Custom Mapper Pipeline", + }), + type: "pipelines", + }), +}) +p api_instance.validate_pipeline(body) diff --git a/examples/v2/observability-pipelines/ValidatePipeline_3565101276.rb b/examples/v2/observability-pipelines/ValidatePipeline_3565101276.rb new file mode 100644 index 000000000000..3f984c89c207 --- /dev/null +++ b/examples/v2/observability-pipelines/ValidatePipeline_3565101276.rb @@ -0,0 +1,55 @@ +# Validate an observability pipeline with OCSF mapper library mapping returns "OK" response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::ObservabilityPipelinesAPI.new + +body = DatadogAPIClient::V2::ObservabilityPipelineSpec.new({ + data: DatadogAPIClient::V2::ObservabilityPipelineSpecData.new({ + attributes: DatadogAPIClient::V2::ObservabilityPipelineDataAttributes.new({ + config: DatadogAPIClient::V2::ObservabilityPipelineConfig.new({ + destinations: [ + DatadogAPIClient::V2::ObservabilityPipelineDatadogLogsDestination.new({ + id: "datadog-logs-destination", + inputs: [ + "my-processor-group", + ], + type: DatadogAPIClient::V2::ObservabilityPipelineDatadogLogsDestinationType::DATADOG_LOGS, + }), + ], + processor_groups: [ + DatadogAPIClient::V2::ObservabilityPipelineConfigProcessorGroup.new({ + enabled: true, + id: "my-processor-group", + include: "service:my-service", + inputs: [ + "datadog-agent-source", + ], + processors: [ + DatadogAPIClient::V2::ObservabilityPipelineOcsfMapperProcessor.new({ + enabled: true, + id: "ocsf-mapper-processor", + include: "service:my-service", + type: DatadogAPIClient::V2::ObservabilityPipelineOcsfMapperProcessorType::OCSF_MAPPER, + mappings: [ + DatadogAPIClient::V2::ObservabilityPipelineOcsfMapperProcessorMapping.new({ + include: "source:cloudtrail", + mapping: DatadogAPIClient::V2::ObservabilityPipelineOcsfMappingLibrary::CLOUDTRAIL_ACCOUNT_CHANGE, + }), + ], + }), + ], + }), + ], + sources: [ + DatadogAPIClient::V2::ObservabilityPipelineDatadogAgentSource.new({ + id: "datadog-agent-source", + type: DatadogAPIClient::V2::ObservabilityPipelineDatadogAgentSourceType::DATADOG_AGENT, + }), + ], + }), + name: "OCSF Mapper Pipeline", + }), + type: "pipelines", + }), +}) +p api_instance.validate_pipeline(body) diff --git a/features/scenarios_model_mapping.rb b/features/scenarios_model_mapping.rb index cb334f67c5c1..c6c7a88faf3b 100644 --- a/features/scenarios_model_mapping.rb +++ b/features/scenarios_model_mapping.rb @@ -1650,6 +1650,7 @@ "page_size" => "Integer", "page_number" => "Integer", "query" => "String", + "sort" => "SecurityMonitoringRuleSort", }, "v2.CreateSecurityMonitoringRule" => { "body" => "SecurityMonitoringRuleCreatePayload", diff --git a/features/v2/observability_pipelines.feature b/features/v2/observability_pipelines.feature index 725b9e425a7e..b5c685768059 100644 --- a/features/v2/observability_pipelines.feature +++ b/features/v2/observability_pipelines.feature @@ -167,3 +167,26 @@ Feature: Observability Pipelines When the request is sent Then the response status is 200 OK And the response "errors" has length 0 + + @team:DataDog/observability-pipelines + Scenario: Validate an observability pipeline with OCSF mapper custom mapping returns "OK" response + Given new "ValidatePipeline" request + And body with value {"data": {"attributes": {"config": {"destinations": [{"id": "datadog-logs-destination", "inputs": ["my-processor-group"], "type": "datadog_logs"}], "processor_groups": [{"enabled": true, "id": "my-processor-group", "include": "service:my-service", "inputs": ["datadog-agent-source"], "processors": [{"enabled": true, "id": "ocsf-mapper-processor", "include": "service:my-service", "mappings": [{"include": "source:custom", "mapping": {"mapping": [{"default": "", "dest": "time", "source": "timestamp"}, {"default": "", "dest": "severity", "source": "level"}, {"default": "", "dest": "device.type", "lookup": {"table": [{"contains": "Desktop", "value": "desktop"}]}, "source": "host.type"}], "metadata": {"class": "Device Inventory Info", "profiles": ["container"], "version": "1.3.0"}, "version": 1}}], "type": "ocsf_mapper"}]}], "sources": [{"id": "datadog-agent-source", "type": "datadog_agent"}]}, "name": "OCSF Custom Mapper Pipeline"}, "type": "pipelines"}} + When the request is sent + Then the response status is 200 OK + And the response "errors" has length 0 + + @team:DataDog/observability-pipelines + Scenario: Validate an observability pipeline with OCSF mapper invalid custom mapping returns "Bad Request" response + Given new "ValidatePipeline" request + And body with value {"data": {"attributes": {"config": {"destinations": [{"id": "datadog-logs-destination", "inputs": ["my-processor-group"], "type": "datadog_logs"}], "processor_groups": [{"enabled": true, "id": "my-processor-group", "include": "service:my-service", "inputs": ["datadog-agent-source"], "processors": [{"enabled": true, "id": "ocsf-mapper-processor", "include": "service:my-service", "mappings": [{"include": "source:custom", "mapping": {"mapping": [{"dest": "time", "source": "timestamp"}], "metadata": {"class": "Invalid Class", "profiles": ["container"], "version": "1.3.0"}, "version": 0}}], "type": "ocsf_mapper"}]}], "sources": [{"id": "datadog-agent-source", "type": "datadog_agent"}]}, "name": "OCSF Invalid Mapper Pipeline"}, "type": "pipelines"}} + When the request is sent + Then the response status is 400 Bad Request + + @team:DataDog/observability-pipelines + Scenario: Validate an observability pipeline with OCSF mapper library mapping returns "OK" response + Given new "ValidatePipeline" request + And body with value {"data": {"attributes": {"config": {"destinations": [{"id": "datadog-logs-destination", "inputs": ["my-processor-group"], "type": "datadog_logs"}], "processor_groups": [{"enabled": true, "id": "my-processor-group", "include": "service:my-service", "inputs": ["datadog-agent-source"], "processors": [{"enabled": true, "id": "ocsf-mapper-processor", "include": "service:my-service", "type": "ocsf_mapper", "mappings": [{"include": "source:cloudtrail", "mapping": "CloudTrail Account Change"}]}]}], "sources": [{"id": "datadog-agent-source", "type": "datadog_agent"}]}, "name": "OCSF Mapper Pipeline"}, "type": "pipelines"}} + When the request is sent + Then the response status is 200 OK + And the response "errors" has length 0 diff --git a/lib/datadog_api_client/inflector.rb b/lib/datadog_api_client/inflector.rb index f337e528d2d4..b580619b1513 100644 --- a/lib/datadog_api_client/inflector.rb +++ b/lib/datadog_api_client/inflector.rb @@ -3517,6 +3517,11 @@ def overrides "v2.observability_pipeline_ocsf_mapper_processor_mapping" => "ObservabilityPipelineOcsfMapperProcessorMapping", "v2.observability_pipeline_ocsf_mapper_processor_mapping_mapping" => "ObservabilityPipelineOcsfMapperProcessorMappingMapping", "v2.observability_pipeline_ocsf_mapper_processor_type" => "ObservabilityPipelineOcsfMapperProcessorType", + "v2.observability_pipeline_ocsf_mapping_custom" => "ObservabilityPipelineOcsfMappingCustom", + "v2.observability_pipeline_ocsf_mapping_custom_field_mapping" => "ObservabilityPipelineOcsfMappingCustomFieldMapping", + "v2.observability_pipeline_ocsf_mapping_custom_lookup" => "ObservabilityPipelineOcsfMappingCustomLookup", + "v2.observability_pipeline_ocsf_mapping_custom_lookup_table_entry" => "ObservabilityPipelineOcsfMappingCustomLookupTableEntry", + "v2.observability_pipeline_ocsf_mapping_custom_metadata" => "ObservabilityPipelineOcsfMappingCustomMetadata", "v2.observability_pipeline_ocsf_mapping_library" => "ObservabilityPipelineOcsfMappingLibrary", "v2.observability_pipeline_open_search_destination" => "ObservabilityPipelineOpenSearchDestination", "v2.observability_pipeline_open_search_destination_data_stream" => "ObservabilityPipelineOpenSearchDestinationDataStream", @@ -4386,6 +4391,7 @@ def overrides "v2.security_monitoring_rule_sequence_detection_step" => "SecurityMonitoringRuleSequenceDetectionStep", "v2.security_monitoring_rule_sequence_detection_step_transition" => "SecurityMonitoringRuleSequenceDetectionStepTransition", "v2.security_monitoring_rule_severity" => "SecurityMonitoringRuleSeverity", + "v2.security_monitoring_rule_sort" => "SecurityMonitoringRuleSort", "v2.security_monitoring_rule_test_payload" => "SecurityMonitoringRuleTestPayload", "v2.security_monitoring_rule_test_request" => "SecurityMonitoringRuleTestRequest", "v2.security_monitoring_rule_test_response" => "SecurityMonitoringRuleTestResponse", diff --git a/lib/datadog_api_client/v2/api/security_monitoring_api.rb b/lib/datadog_api_client/v2/api/security_monitoring_api.rb index 20a6a388f600..01aa43835f9c 100644 --- a/lib/datadog_api_client/v2/api/security_monitoring_api.rb +++ b/lib/datadog_api_client/v2/api/security_monitoring_api.rb @@ -4476,12 +4476,17 @@ def list_security_monitoring_rules(opts = {}) # @option opts [Integer] :page_size Size for a given page. The maximum allowed value is 100. # @option opts [Integer] :page_number Specific page number to return. # @option opts [String] :query A search query to filter security rules. You can filter by attributes such as `type`, `source`, `tags`. + # @option opts [SecurityMonitoringRuleSort] :sort Attribute used to sort rules. Prefix with `-` to sort in descending order. # @return [Array<(SecurityMonitoringListRulesResponse, Integer, Hash)>] SecurityMonitoringListRulesResponse data, response status code and response headers def list_security_monitoring_rules_with_http_info(opts = {}) if @api_client.config.debugging @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_rules ...' end + allowable_values = ['name', 'creation_date', 'update_date', 'enabled', 'type', 'highest_severity', 'source', '-name', '-creation_date', '-update_date', '-enabled', '-type', '-highest_severity', '-source'] + if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort']) + fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}" + end # resource path local_var_path = '/api/v2/security_monitoring/rules' @@ -4490,6 +4495,7 @@ def list_security_monitoring_rules_with_http_info(opts = {}) query_params[:'page[size]'] = opts[:'page_size'] if !opts[:'page_size'].nil? query_params[:'page[number]'] = opts[:'page_number'] if !opts[:'page_number'].nil? query_params[:'query'] = opts[:'query'] if !opts[:'query'].nil? + query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil? # header parameters header_params = opts[:header_params] || {} diff --git a/lib/datadog_api_client/v2/models/alert_event_custom_attributes_links_items_category.rb b/lib/datadog_api_client/v2/models/alert_event_custom_attributes_links_items_category.rb index e6f75a46ae95..06561850a664 100644 --- a/lib/datadog_api_client/v2/models/alert_event_custom_attributes_links_items_category.rb +++ b/lib/datadog_api_client/v2/models/alert_event_custom_attributes_links_items_category.rb @@ -24,5 +24,6 @@ class AlertEventCustomAttributesLinksItemsCategory RUNBOOK = "runbook".freeze DOCUMENTATION = "documentation".freeze DASHBOARD = "dashboard".freeze + RESOURCE = "resource".freeze end end diff --git a/lib/datadog_api_client/v2/models/change_event_custom_attributes_changed_resource.rb b/lib/datadog_api_client/v2/models/change_event_custom_attributes_changed_resource.rb index e9291fea283d..2e95833a763f 100644 --- a/lib/datadog_api_client/v2/models/change_event_custom_attributes_changed_resource.rb +++ b/lib/datadog_api_client/v2/models/change_event_custom_attributes_changed_resource.rb @@ -21,7 +21,7 @@ module DatadogAPIClient::V2 class ChangeEventCustomAttributesChangedResource include BaseGenericModel - # The name of the resource that was changed. Limited to 128 characters. + # The name of the resource that was changed. Limited to 128 characters. Must contain at least one non-whitespace character. attr_reader :name # The type of the resource that was changed. @@ -77,6 +77,8 @@ def valid? return false if @name.nil? return false if @name.to_s.length > 128 return false if @name.to_s.length < 1 + pattern = Regexp.new(/.*\S.*/) + return false if @name !~ pattern return false if @type.nil? true end @@ -94,6 +96,10 @@ def name=(name) if name.to_s.length < 1 fail ArgumentError, 'invalid value for "name", the character length must be great than or equal to 1.' end + pattern = Regexp.new(/.*\S.*/) + if name !~ pattern + fail ArgumentError, "invalid value for \"name\", must conform to the pattern #{pattern}." + end @name = name end diff --git a/lib/datadog_api_client/v2/models/observability_pipeline_ocsf_mapper_processor_mapping_mapping.rb b/lib/datadog_api_client/v2/models/observability_pipeline_ocsf_mapper_processor_mapping_mapping.rb index c9d11b273529..03e3941abf62 100644 --- a/lib/datadog_api_client/v2/models/observability_pipeline_ocsf_mapper_processor_mapping_mapping.rb +++ b/lib/datadog_api_client/v2/models/observability_pipeline_ocsf_mapper_processor_mapping_mapping.rb @@ -26,7 +26,8 @@ class << self # List of class defined in oneOf (OpenAPI v3) def openapi_one_of [ - :'ObservabilityPipelineOcsfMappingLibrary' + :'ObservabilityPipelineOcsfMappingLibrary', + :'ObservabilityPipelineOcsfMappingCustom' ] end # Builds the object diff --git a/lib/datadog_api_client/v2/models/observability_pipeline_ocsf_mapping_custom.rb b/lib/datadog_api_client/v2/models/observability_pipeline_ocsf_mapping_custom.rb new file mode 100644 index 000000000000..17f27a283e9b --- /dev/null +++ b/lib/datadog_api_client/v2/models/observability_pipeline_ocsf_mapping_custom.rb @@ -0,0 +1,167 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Custom OCSF mapping configuration for transforming logs. + class ObservabilityPipelineOcsfMappingCustom + include BaseGenericModel + + # A list of field mapping rules for transforming log fields to OCSF schema fields. + attr_reader :mapping + + # Metadata for the custom OCSF mapping. + attr_reader :metadata + + # The version of the custom mapping configuration. + attr_reader :version + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'mapping' => :'mapping', + :'metadata' => :'metadata', + :'version' => :'version' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'mapping' => :'Array', + :'metadata' => :'ObservabilityPipelineOcsfMappingCustomMetadata', + :'version' => :'Integer' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::ObservabilityPipelineOcsfMappingCustom` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'mapping') + if (value = attributes[:'mapping']).is_a?(Array) + self.mapping = value + end + end + + if attributes.key?(:'metadata') + self.metadata = attributes[:'metadata'] + end + + if attributes.key?(:'version') + self.version = attributes[:'version'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if @mapping.nil? + return false if @metadata.nil? + return false if @version.nil? + true + end + + # Custom attribute writer method with validation + # @param mapping [Object] Object to be assigned + # @!visibility private + def mapping=(mapping) + if mapping.nil? + fail ArgumentError, 'invalid value for "mapping", mapping cannot be nil.' + end + @mapping = mapping + end + + # Custom attribute writer method with validation + # @param metadata [Object] Object to be assigned + # @!visibility private + def metadata=(metadata) + if metadata.nil? + fail ArgumentError, 'invalid value for "metadata", metadata cannot be nil.' + end + @metadata = metadata + end + + # Custom attribute writer method with validation + # @param version [Object] Object to be assigned + # @!visibility private + def version=(version) + if version.nil? + fail ArgumentError, 'invalid value for "version", version cannot be nil.' + end + @version = version + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + mapping == o.mapping && + metadata == o.metadata && + version == o.version && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [mapping, metadata, version, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/observability_pipeline_ocsf_mapping_custom_field_mapping.rb b/lib/datadog_api_client/v2/models/observability_pipeline_ocsf_mapping_custom_field_mapping.rb new file mode 100644 index 000000000000..05a28cb7aeef --- /dev/null +++ b/lib/datadog_api_client/v2/models/observability_pipeline_ocsf_mapping_custom_field_mapping.rb @@ -0,0 +1,173 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Defines a single field mapping rule for transforming a source field to an OCSF destination field. + class ObservabilityPipelineOcsfMappingCustomFieldMapping + include BaseGenericModel + + # The default value to use if the source field is missing or empty. + attr_accessor :default + + # The destination OCSF field path. + attr_reader :dest + + # Lookup table configuration for mapping source values to destination values. + attr_accessor :lookup + + # The source field path from the log event. + attr_accessor :source + + # Multiple source field paths for combined mapping. + attr_accessor :sources + + # A static value to use for the destination field. + attr_accessor :value + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'default' => :'default', + :'dest' => :'dest', + :'lookup' => :'lookup', + :'source' => :'source', + :'sources' => :'sources', + :'value' => :'value' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'default' => :'Object', + :'dest' => :'String', + :'lookup' => :'ObservabilityPipelineOcsfMappingCustomLookup', + :'source' => :'Object', + :'sources' => :'Object', + :'value' => :'Object' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::ObservabilityPipelineOcsfMappingCustomFieldMapping` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'default') + self.default = attributes[:'default'] + end + + if attributes.key?(:'dest') + self.dest = attributes[:'dest'] + end + + if attributes.key?(:'lookup') + self.lookup = attributes[:'lookup'] + end + + if attributes.key?(:'source') + self.source = attributes[:'source'] + end + + if attributes.key?(:'sources') + self.sources = attributes[:'sources'] + end + + if attributes.key?(:'value') + self.value = attributes[:'value'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if @dest.nil? + true + end + + # Custom attribute writer method with validation + # @param dest [Object] Object to be assigned + # @!visibility private + def dest=(dest) + if dest.nil? + fail ArgumentError, 'invalid value for "dest", dest cannot be nil.' + end + @dest = dest + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + default == o.default && + dest == o.dest && + lookup == o.lookup && + source == o.source && + sources == o.sources && + value == o.value && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [default, dest, lookup, source, sources, value, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/observability_pipeline_ocsf_mapping_custom_lookup.rb b/lib/datadog_api_client/v2/models/observability_pipeline_ocsf_mapping_custom_lookup.rb new file mode 100644 index 000000000000..142433ed7c7c --- /dev/null +++ b/lib/datadog_api_client/v2/models/observability_pipeline_ocsf_mapping_custom_lookup.rb @@ -0,0 +1,117 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Lookup table configuration for mapping source values to destination values. + class ObservabilityPipelineOcsfMappingCustomLookup + include BaseGenericModel + + # The default value to use if no lookup match is found. + attr_accessor :default + + # A list of lookup table entries for value transformation. + attr_accessor :table + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'default' => :'default', + :'table' => :'table' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'default' => :'Object', + :'table' => :'Array' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::ObservabilityPipelineOcsfMappingCustomLookup` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'default') + self.default = attributes[:'default'] + end + + if attributes.key?(:'table') + if (value = attributes[:'table']).is_a?(Array) + self.table = value + end + end + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + default == o.default && + table == o.table && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [default, table, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/observability_pipeline_ocsf_mapping_custom_lookup_table_entry.rb b/lib/datadog_api_client/v2/models/observability_pipeline_ocsf_mapping_custom_lookup_table_entry.rb new file mode 100644 index 000000000000..bc35fdb999e7 --- /dev/null +++ b/lib/datadog_api_client/v2/models/observability_pipeline_ocsf_mapping_custom_lookup_table_entry.rb @@ -0,0 +1,155 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # A single entry in a lookup table for value transformation. + class ObservabilityPipelineOcsfMappingCustomLookupTableEntry + include BaseGenericModel + + # The substring to match in the source value. + attr_accessor :contains + + # The exact value to match in the source. + attr_accessor :equals + + # The source field to match against. + attr_accessor :equals_source + + # A regex pattern to match in the source value. + attr_accessor :matches + + # A regex pattern that must not match the source value. + attr_accessor :not_matches + + # The value to use when a match is found. + attr_accessor :value + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'contains' => :'contains', + :'equals' => :'equals', + :'equals_source' => :'equals_source', + :'matches' => :'matches', + :'not_matches' => :'not_matches', + :'value' => :'value' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'contains' => :'String', + :'equals' => :'Object', + :'equals_source' => :'String', + :'matches' => :'String', + :'not_matches' => :'String', + :'value' => :'Object' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::ObservabilityPipelineOcsfMappingCustomLookupTableEntry` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'contains') + self.contains = attributes[:'contains'] + end + + if attributes.key?(:'equals') + self.equals = attributes[:'equals'] + end + + if attributes.key?(:'equals_source') + self.equals_source = attributes[:'equals_source'] + end + + if attributes.key?(:'matches') + self.matches = attributes[:'matches'] + end + + if attributes.key?(:'not_matches') + self.not_matches = attributes[:'not_matches'] + end + + if attributes.key?(:'value') + self.value = attributes[:'value'] + end + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + contains == o.contains && + equals == o.equals && + equals_source == o.equals_source && + matches == o.matches && + not_matches == o.not_matches && + value == o.value && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [contains, equals, equals_source, matches, not_matches, value, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/observability_pipeline_ocsf_mapping_custom_metadata.rb b/lib/datadog_api_client/v2/models/observability_pipeline_ocsf_mapping_custom_metadata.rb new file mode 100644 index 000000000000..267dd0686116 --- /dev/null +++ b/lib/datadog_api_client/v2/models/observability_pipeline_ocsf_mapping_custom_metadata.rb @@ -0,0 +1,156 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Metadata for the custom OCSF mapping. + class ObservabilityPipelineOcsfMappingCustomMetadata + include BaseGenericModel + + # The OCSF event class name. + attr_reader :_class + + # A list of OCSF profiles to apply. + attr_accessor :profiles + + # The OCSF schema version. + attr_reader :version + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'_class' => :'class', + :'profiles' => :'profiles', + :'version' => :'version' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'_class' => :'String', + :'profiles' => :'Array', + :'version' => :'String' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::ObservabilityPipelineOcsfMappingCustomMetadata` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'_class') + self._class = attributes[:'_class'] + end + + if attributes.key?(:'profiles') + if (value = attributes[:'profiles']).is_a?(Array) + self.profiles = value + end + end + + if attributes.key?(:'version') + self.version = attributes[:'version'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if @_class.nil? + return false if @version.nil? + true + end + + # Custom attribute writer method with validation + # @param _class [Object] Object to be assigned + # @!visibility private + def _class=(_class) + if _class.nil? + fail ArgumentError, 'invalid value for "_class", _class cannot be nil.' + end + @_class = _class + end + + # Custom attribute writer method with validation + # @param version [Object] Object to be assigned + # @!visibility private + def version=(version) + if version.nil? + fail ArgumentError, 'invalid value for "version", version cannot be nil.' + end + @version = version + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + _class == o._class && + profiles == o.profiles && + version == o.version && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [_class, profiles, version, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_rule_sort.rb b/lib/datadog_api_client/v2/models/security_monitoring_rule_sort.rb new file mode 100644 index 000000000000..c38bf8d49a04 --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_rule_sort.rb @@ -0,0 +1,39 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # The sort parameters used for querying security monitoring rules. + class SecurityMonitoringRuleSort + include BaseEnumModel + + NAME = "name".freeze + CREATION_DATE = "creation_date".freeze + UPDATE_DATE = "update_date".freeze + ENABLED = "enabled".freeze + TYPE = "type".freeze + HIGHEST_SEVERITY = "highest_severity".freeze + SOURCE = "source".freeze + NAME_DESCENDING = "-name".freeze + CREATION_DATE_DESCENDING = "-creation_date".freeze + UPDATE_DATE_DESCENDING = "-update_date".freeze + ENABLED_DESCENDING = "-enabled".freeze + TYPE_DESCENDING = "-type".freeze + HIGHEST_SEVERITY_DESCENDING = "-highest_severity".freeze + SOURCE_DESCENDING = "-source".freeze + end +end