diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index 59c7b8b08efc..be9a2271b2b3 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -458,20 +458,6 @@ components: items: $ref: '#/components/schemas/GetIssueIncludeQueryParameterItem' type: array - HistoricalJobID: - description: The ID of the job. - in: path - name: job_id - required: true - schema: - type: string - HistoricalSignalID: - description: The ID of the historical signal. - in: path - name: histsignal_id - required: true - schema: - type: string IncidentAttachmentFilterQueryParameter: description: Specifies which types of attachments are included in the response. explode: false @@ -1091,6 +1077,20 @@ components: required: true schema: type: string + ThreatHuntingJobID: + description: The ID of the job. + in: path + name: job_id + required: true + schema: + type: string + ThreatHuntingSignalID: + description: The ID of the threat hunting signal. + in: path + name: histsignal_id + required: true + schema: + type: string UserID: description: The ID of the user. in: path @@ -11815,7 +11815,7 @@ components: - GZIP - DEFLATE ConvertJobResultsToSignalsAttributes: - description: Attributes for converting historical job results to signals. + description: Attributes for converting threat hunting job results to signals. properties: id: description: Request ID. @@ -11847,7 +11847,7 @@ components: - notifications type: object ConvertJobResultsToSignalsData: - description: Data for converting historical job results to signals. + description: Data for converting threat hunting job results to signals. properties: attributes: $ref: '#/components/schemas/ConvertJobResultsToSignalsAttributes' @@ -11862,7 +11862,7 @@ components: x-enum-varnames: - HISTORICALDETECTIONSJOBRESULTSIGNALCONVERSION ConvertJobResultsToSignalsRequest: - description: Request for converting historical job results to signals. + description: Request for converting threat hunting job results to signals. properties: data: $ref: '#/components/schemas/ConvertJobResultsToSignalsData' @@ -22191,130 +22191,6 @@ components: - type - value type: object - HistoricalJobDataType: - description: Type of payload. - enum: - - historicalDetectionsJob - type: string - x-enum-varnames: - - HISTORICALDETECTIONSJOB - HistoricalJobListMeta: - description: Metadata about the list of jobs. - properties: - totalCount: - description: Number of jobs in the list. - format: int32 - maximum: 2147483647 - type: integer - type: object - HistoricalJobOptions: - description: Job options. - properties: - detectionMethod: - $ref: '#/components/schemas/SecurityMonitoringRuleDetectionMethod' - evaluationWindow: - $ref: '#/components/schemas/SecurityMonitoringRuleEvaluationWindow' - impossibleTravelOptions: - $ref: '#/components/schemas/SecurityMonitoringRuleImpossibleTravelOptions' - keepAlive: - $ref: '#/components/schemas/SecurityMonitoringRuleKeepAlive' - maxSignalDuration: - $ref: '#/components/schemas/SecurityMonitoringRuleMaxSignalDuration' - newValueOptions: - $ref: '#/components/schemas/SecurityMonitoringRuleNewValueOptions' - sequenceDetectionOptions: - $ref: '#/components/schemas/SecurityMonitoringRuleSequenceDetectionOptions' - thirdPartyRuleOptions: - $ref: '#/components/schemas/SecurityMonitoringRuleThirdPartyOptions' - type: object - HistoricalJobQuery: - description: Query for selecting logs analyzed by the historical job. - properties: - aggregation: - $ref: '#/components/schemas/SecurityMonitoringRuleQueryAggregation' - dataSource: - $ref: '#/components/schemas/SecurityMonitoringStandardDataSource' - distinctFields: - description: Field for which the cardinality is measured. Sent as an array. - items: - description: Field. - type: string - type: array - groupByFields: - description: Fields to group by. - items: - description: Field. - type: string - type: array - hasOptionalGroupByFields: - default: false - description: When false, events without a group-by value are ignored by - the query. When true, events with missing group-by fields are processed - with `N/A`, replacing the missing values. - example: false - type: boolean - metrics: - description: Group of target fields to aggregate over when using the sum, - max, geo data, or new value aggregations. The sum, max, and geo data aggregations - only accept one value in this list, whereas the new value aggregation - accepts up to five values. - items: - description: Field. - type: string - type: array - name: - description: Name of the query. - type: string - query: - description: Query to run on logs. - example: a > 3 - type: string - type: object - HistoricalJobResponse: - description: Historical job response. - properties: - data: - $ref: '#/components/schemas/HistoricalJobResponseData' - type: object - HistoricalJobResponseAttributes: - description: Historical job attributes. - properties: - createdAt: - description: Time when the job was created. - type: string - createdByHandle: - description: The handle of the user who created the job. - type: string - createdByName: - description: The name of the user who created the job. - type: string - createdFromRuleId: - description: ID of the rule used to create the job (if it is created from - a rule). - type: string - jobDefinition: - $ref: '#/components/schemas/JobDefinition' - jobName: - description: Job name. - type: string - jobStatus: - description: Job status. - type: string - modifiedAt: - description: Last modification time of the job. - type: string - type: object - HistoricalJobResponseData: - description: Historical job response data. - properties: - attributes: - $ref: '#/components/schemas/HistoricalJobResponseAttributes' - id: - description: ID of the job. - type: string - type: - $ref: '#/components/schemas/HistoricalJobDataType' - type: object HourlyUsage: description: Hourly usage for a product family for an org. properties: @@ -26495,7 +26371,7 @@ components: type: string type: object JobCreateResponse: - description: Run a historical job response. + description: Run a threat hunting job response. properties: data: $ref: '#/components/schemas/JobCreateResponseData' @@ -26507,10 +26383,10 @@ components: description: ID of the created job. type: string type: - $ref: '#/components/schemas/HistoricalJobDataType' + $ref: '#/components/schemas/ThreatHuntingJobDataType' type: object JobDefinition: - description: Definition of a historical job. + description: Definition of a threat hunting job. properties: calculatedFields: description: Calculated fields. @@ -26549,11 +26425,11 @@ components: example: Excessive number of failed attempts. type: string options: - $ref: '#/components/schemas/HistoricalJobOptions' + $ref: '#/components/schemas/ThreatHuntingJobOptions' queries: description: Queries for selecting logs analyzed by the job. items: - $ref: '#/components/schemas/HistoricalJobQuery' + $ref: '#/components/schemas/ThreatHuntingJobQuery' type: array referenceTables: description: Reference tables used in the queries. @@ -26590,7 +26466,8 @@ components: - message type: object JobDefinitionFromRule: - description: Definition of a historical job based on a security monitoring rule. + description: Definition of a threat hunting job based on a security monitoring + rule. properties: from: description: Starting time of data analyzed by the job. @@ -27290,17 +27167,6 @@ components: - data - meta type: object - ListHistoricalJobsResponse: - description: List of historical jobs. - properties: - data: - description: Array containing the list of historical jobs. - items: - $ref: '#/components/schemas/HistoricalJobResponseData' - type: array - meta: - $ref: '#/components/schemas/HistoricalJobListMeta' - type: object ListKindCatalogResponse: description: List kind response. properties: @@ -27468,6 +27334,17 @@ components: - _NAME - USER_COUNT - _USER_COUNT + ListThreatHuntingJobsResponse: + description: List of threat hunting jobs. + properties: + data: + description: Array containing the list of threat hunting jobs. + items: + $ref: '#/components/schemas/ThreatHuntingJobResponseData' + type: array + meta: + $ref: '#/components/schemas/ThreatHuntingJobListMeta' + type: object ListVulnerabilitiesResponse: description: The expected response schema when listing vulnerabilities. properties: @@ -41523,14 +41400,18 @@ components: $ref: '#/components/schemas/RumRetentionFilterData' type: array type: object - RunHistoricalJobRequest: - description: Run a historical job request. + RunRetentionFilterName: + description: The name of a RUM retention filter. + example: Retention filter for session + type: string + RunThreatHuntingJobRequest: + description: Run a threat hunting job request. properties: data: - $ref: '#/components/schemas/RunHistoricalJobRequestData' + $ref: '#/components/schemas/RunThreatHuntingJobRequestData' type: object - RunHistoricalJobRequestAttributes: - description: Run a historical job request. + RunThreatHuntingJobRequestAttributes: + description: Run a threat hunting job request. properties: fromRule: $ref: '#/components/schemas/JobDefinitionFromRule' @@ -41540,25 +41421,21 @@ components: jobDefinition: $ref: '#/components/schemas/JobDefinition' type: object - RunHistoricalJobRequestData: - description: Data for running a historical job request. + RunThreatHuntingJobRequestData: + description: Data for running a threat hunting job request. properties: attributes: - $ref: '#/components/schemas/RunHistoricalJobRequestAttributes' + $ref: '#/components/schemas/RunThreatHuntingJobRequestAttributes' type: - $ref: '#/components/schemas/RunHistoricalJobRequestDataType' + $ref: '#/components/schemas/RunThreatHuntingJobRequestDataType' type: object - RunHistoricalJobRequestDataType: + RunThreatHuntingJobRequestDataType: description: Type of data. enum: - historicalDetectionsJobCreate type: string x-enum-varnames: - HISTORICALDETECTIONSJOBCREATE - RunRetentionFilterName: - description: The name of a RUM retention filter. - example: Retention filter for session - type: string SAMLAssertionAttribute: description: SAML assertion attribute. properties: @@ -50443,6 +50320,130 @@ components: description: Offset type. type: string type: object + ThreatHuntingJobDataType: + description: Type of payload. + enum: + - historicalDetectionsJob + type: string + x-enum-varnames: + - HISTORICALDETECTIONSJOB + ThreatHuntingJobListMeta: + description: Metadata about the list of jobs. + properties: + totalCount: + description: Number of jobs in the list. + format: int32 + maximum: 2147483647 + type: integer + type: object + ThreatHuntingJobOptions: + description: Job options. + properties: + detectionMethod: + $ref: '#/components/schemas/SecurityMonitoringRuleDetectionMethod' + evaluationWindow: + $ref: '#/components/schemas/SecurityMonitoringRuleEvaluationWindow' + impossibleTravelOptions: + $ref: '#/components/schemas/SecurityMonitoringRuleImpossibleTravelOptions' + keepAlive: + $ref: '#/components/schemas/SecurityMonitoringRuleKeepAlive' + maxSignalDuration: + $ref: '#/components/schemas/SecurityMonitoringRuleMaxSignalDuration' + newValueOptions: + $ref: '#/components/schemas/SecurityMonitoringRuleNewValueOptions' + sequenceDetectionOptions: + $ref: '#/components/schemas/SecurityMonitoringRuleSequenceDetectionOptions' + thirdPartyRuleOptions: + $ref: '#/components/schemas/SecurityMonitoringRuleThirdPartyOptions' + type: object + ThreatHuntingJobQuery: + description: Query for selecting logs analyzed by the threat hunting job. + properties: + aggregation: + $ref: '#/components/schemas/SecurityMonitoringRuleQueryAggregation' + dataSource: + $ref: '#/components/schemas/SecurityMonitoringStandardDataSource' + distinctFields: + description: Field for which the cardinality is measured. Sent as an array. + items: + description: Field. + type: string + type: array + groupByFields: + description: Fields to group by. + items: + description: Field. + type: string + type: array + hasOptionalGroupByFields: + default: false + description: When false, events without a group-by value are ignored by + the query. When true, events with missing group-by fields are processed + with `N/A`, replacing the missing values. + example: false + type: boolean + metrics: + description: Group of target fields to aggregate over when using the sum, + max, geo data, or new value aggregations. The sum, max, and geo data aggregations + only accept one value in this list, whereas the new value aggregation + accepts up to five values. + items: + description: Field. + type: string + type: array + name: + description: Name of the query. + type: string + query: + description: Query to run on logs. + example: a > 3 + type: string + type: object + ThreatHuntingJobResponse: + description: Threat hunting job response. + properties: + data: + $ref: '#/components/schemas/ThreatHuntingJobResponseData' + type: object + ThreatHuntingJobResponseAttributes: + description: Threat hunting job attributes. + properties: + createdAt: + description: Time when the job was created. + type: string + createdByHandle: + description: The handle of the user who created the job. + type: string + createdByName: + description: The name of the user who created the job. + type: string + createdFromRuleId: + description: ID of the rule used to create the job (if it is created from + a rule). + type: string + jobDefinition: + $ref: '#/components/schemas/JobDefinition' + jobName: + description: Job name. + type: string + jobStatus: + description: Job status. + type: string + modifiedAt: + description: Last modification time of the job. + type: string + type: object + ThreatHuntingJobResponseData: + description: Threat hunting job response data. + properties: + attributes: + $ref: '#/components/schemas/ThreatHuntingJobResponseAttributes' + id: + description: ID of the job. + type: string + type: + $ref: '#/components/schemas/ThreatHuntingJobDataType' + type: object TimeAggregation: description: 'Time aggregation period (in seconds) is used to aggregate the results of the notification rule evaluation. @@ -76493,7 +76494,7 @@ paths: permissions: - incident_settings_write x-unstable: '**Note**: This endpoint is deprecated.' - /api/v2/siem-historical-detections/histsignals: + /api/v2/siem-threat-hunting/histsignals: get: description: List hist signals. operationId: ListSecurityMonitoringHistsignals @@ -76534,7 +76535,7 @@ paths: x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' - /api/v2/siem-historical-detections/histsignals/search: + /api/v2/siem-threat-hunting/histsignals/search: get: description: Search hist signals. operationId: SearchSecurityMonitoringHistsignals @@ -76574,12 +76575,12 @@ paths: x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' - /api/v2/siem-historical-detections/histsignals/{histsignal_id}: + /api/v2/siem-threat-hunting/histsignals/{histsignal_id}: get: description: Get a hist signal's details. operationId: GetSecurityMonitoringHistsignal parameters: - - $ref: '#/components/parameters/HistoricalSignalID' + - $ref: '#/components/parameters/ThreatHuntingSignalID' responses: '200': content: @@ -76610,10 +76611,10 @@ paths: x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' - /api/v2/siem-historical-detections/jobs: + /api/v2/siem-threat-hunting/jobs: get: - description: List historical jobs. - operationId: ListHistoricalJobs + description: List threat hunting jobs. + operationId: ListThreatHuntingJobs parameters: - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' @@ -76636,7 +76637,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListHistoricalJobsResponse' + $ref: '#/components/schemas/ListThreatHuntingJobsResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' @@ -76648,20 +76649,20 @@ paths: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] - summary: List historical jobs + summary: List threat hunting jobs tags: - Security Monitoring x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' post: - description: Run a historical job. - operationId: RunHistoricalJob + description: Run a threat hunting job. + operationId: RunThreatHuntingJob requestBody: content: application/json: schema: - $ref: '#/components/schemas/RunHistoricalJobRequest' + $ref: '#/components/schemas/RunThreatHuntingJobRequest' required: true responses: '201': @@ -76685,7 +76686,7 @@ paths: appKeyAuth: [] - AuthZ: - security_monitoring_rules_write - summary: Run a historical job + summary: Run a threat hunting job tags: - Security Monitoring x-codegen-request-body-name: body @@ -76696,7 +76697,7 @@ paths: x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' - /api/v2/siem-historical-detections/jobs/signal_convert: + /api/v2/siem-threat-hunting/jobs/signal_convert: post: description: Convert a job result to a signal. operationId: ConvertJobResultToSignal @@ -76730,12 +76731,12 @@ paths: x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' - /api/v2/siem-historical-detections/jobs/{job_id}: + /api/v2/siem-threat-hunting/jobs/{job_id}: delete: description: Delete an existing job. - operationId: DeleteHistoricalJob + operationId: DeleteThreatHuntingJob parameters: - - $ref: '#/components/parameters/HistoricalJobID' + - $ref: '#/components/parameters/ThreatHuntingJobID' responses: '204': description: OK @@ -76763,15 +76764,15 @@ paths: Please check the documentation regularly for updates.' get: description: Get a job's details. - operationId: GetHistoricalJob + operationId: GetThreatHuntingJob parameters: - - $ref: '#/components/parameters/HistoricalJobID' + - $ref: '#/components/parameters/ThreatHuntingJobID' responses: '200': content: application/json: schema: - $ref: '#/components/schemas/HistoricalJobResponse' + $ref: '#/components/schemas/ThreatHuntingJobResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' @@ -76796,12 +76797,12 @@ paths: x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' - /api/v2/siem-historical-detections/jobs/{job_id}/cancel: + /api/v2/siem-threat-hunting/jobs/{job_id}/cancel: patch: - description: Cancel a historical job. - operationId: CancelHistoricalJob + description: Cancel a threat hunting job. + operationId: CancelThreatHuntingJob parameters: - - $ref: '#/components/parameters/HistoricalJobID' + - $ref: '#/components/parameters/ThreatHuntingJobID' responses: '204': description: OK @@ -76822,7 +76823,7 @@ paths: appKeyAuth: [] - AuthZ: - security_monitoring_rules_write - summary: Cancel a historical job + summary: Cancel a threat hunting job tags: - Security Monitoring x-permission: @@ -76832,12 +76833,12 @@ paths: x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' - /api/v2/siem-historical-detections/jobs/{job_id}/histsignals: + /api/v2/siem-threat-hunting/jobs/{job_id}/histsignals: get: description: Get a job's hist signals. operationId: GetSecurityMonitoringHistsignalsByJobId parameters: - - $ref: '#/components/parameters/HistoricalJobID' + - $ref: '#/components/parameters/ThreatHuntingJobID' - $ref: '#/components/parameters/QueryFilterSearch' - $ref: '#/components/parameters/QueryFilterFrom' - $ref: '#/components/parameters/QueryFilterTo' diff --git a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Bad-Request-response_2626511957/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Bad-Request-response_2626511957/frozen.json index 13b076dc4f2f..b5a56d601766 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Bad-Request-response_2626511957/frozen.json +++ b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Bad-Request-response_2626511957/frozen.json @@ -1 +1 @@ -"2024-11-08T09:54:38.539Z" +"2025-10-24T14:24:00.041Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Bad-Request-response_2626511957/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Bad-Request-response_2626511957/recording.har index 42cc0ec6da0b..5dce883c618a 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Bad-Request-response_2626511957/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Bad-Request-response_2626511957/recording.har @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "9ee0d12dc2a76c2c4cd5598af0680035", + "_id": "e4257625426956fbc2c716c61d098a68", "_order": 0, "cache": {}, "request": { @@ -21,11 +21,11 @@ "value": "*/*" } ], - "headersSize": 536, + "headersSize": 532, "httpVersion": "HTTP/1.1", "method": "PATCH", "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/inva-lid/cancel" + "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/inva-lid/cancel" }, "response": { "bodySize": 54, @@ -47,8 +47,8 @@ "status": 400, "statusText": "Bad Request" }, - "startedDateTime": "2024-11-08T09:54:38.930Z", - "time": 66 + "startedDateTime": "2025-10-24T14:24:00.666Z", + "time": 183 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Not-Found-response_1180168758/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Not-Found-response_1180168758/frozen.json index 465df313840a..43f153497ff5 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Not-Found-response_1180168758/frozen.json +++ b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Not-Found-response_1180168758/frozen.json @@ -1 +1 @@ -"2024-11-08T09:54:39.006Z" +"2025-10-24T14:24:00.856Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Not-Found-response_1180168758/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Not-Found-response_1180168758/recording.har index 243a532e9988..195bfa7dfb98 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Not-Found-response_1180168758/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-Not-Found-response_1180168758/recording.har @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "699b2b92566c9d9269d6d218f57402f8", + "_id": "e39b14a977fad872956237286fee579e", "_order": 0, "cache": {}, "request": { @@ -21,18 +21,18 @@ "value": "*/*" } ], - "headersSize": 563, + "headersSize": 560, "httpVersion": "HTTP/1.1", "method": "PATCH", "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93/cancel" + "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93/cancel" }, "response": { - "bodySize": 116, + "bodySize": 50, "content": { "mimeType": "application/vnd.api+json", - "size": 116, - "text": "{\"errors\":[{\"status\":\"404\",\"title\":\"Not Found\",\"detail\":\"Job 8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93 was not found.\"}]}" + "size": 50, + "text": "{\"errors\":[{\"status\":\"404\",\"detail\":\"Not Found\"}]}" }, "cookies": [], "headers": [ @@ -41,14 +41,14 @@ "value": "application/vnd.api+json" } ], - "headersSize": 525, + "headersSize": 524, "httpVersion": "HTTP/1.1", "redirectURL": "", "status": 404, "statusText": "Not Found" }, - "startedDateTime": "2024-11-08T09:54:39.009Z", - "time": 68 + "startedDateTime": "2025-10-24T14:24:00.869Z", + "time": 101 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-OK-response_1956551145/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-OK-response_1956551145/frozen.json index 6cecbf756651..83279b597ce6 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-OK-response_1956551145/frozen.json +++ b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-OK-response_1956551145/frozen.json @@ -1 +1 @@ -"2024-11-08T09:54:39.082Z" +"2025-10-24T14:24:00.975Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-OK-response_1956551145/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-OK-response_1956551145/recording.har index 3290eb4b7147..e7e8eb7093f4 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-OK-response_1956551145/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Cancel-a-historical-job-returns-OK-response_1956551145/recording.har @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "6bb82102e994f0d1ee96e1e3f1d80ffd", + "_id": "4c138fa0d83459728bd7894a659525ac", "_order": 0, "cache": {}, "request": { @@ -26,7 +26,7 @@ "value": "application/json" } ], - "headersSize": 582, + "headersSize": 578, "httpVersion": "HTTP/1.1", "method": "POST", "postData": { @@ -35,14 +35,14 @@ "text": "{\"data\":{\"attributes\":{\"jobDefinition\":{\"cases\":[{\"condition\":\"a > 1\",\"name\":\"Condition 1\",\"notifications\":[],\"status\":\"info\"}],\"from\":1730387522611,\"index\":\"main\",\"message\":\"A large number of failed login attempts.\",\"name\":\"Excessive number of failed attempts.\",\"options\":{\"evaluationWindow\":900,\"keepAlive\":3600,\"maxSignalDuration\":86400},\"queries\":[{\"aggregation\":\"count\",\"distinctFields\":[],\"groupByFields\":[],\"query\":\"source:non_existing_src_weekend\"}],\"tags\":[],\"to\":1730387532611,\"type\":\"log_detection\"}},\"type\":\"historicalDetectionsJobCreate\"}}" }, "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs" + "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs" }, "response": { "bodySize": 87, "content": { "mimeType": "application/vnd.api+json", "size": 87, - "text": "{\"data\":{\"id\":\"e332b07e-d573-45fa-b2df-9a1bcc27f17e\",\"type\":\"historicalDetectionsJob\"}}" + "text": "{\"data\":{\"id\":\"cafe565c-106b-486e-ad21-a712656723b4\",\"type\":\"historicalDetectionsJob\"}}" }, "cookies": [], "headers": [ @@ -57,11 +57,11 @@ "status": 201, "statusText": "Created" }, - "startedDateTime": "2024-11-08T09:54:39.085Z", - "time": 108 + "startedDateTime": "2025-10-24T14:24:00.980Z", + "time": 140 }, { - "_id": "43cd9ba3ae67113c4ab17f57b600ac37", + "_id": "260d5e644c21417854680ac43b40d556", "_order": 0, "cache": {}, "request": { @@ -74,11 +74,11 @@ "value": "*/*" } ], - "headersSize": 564, + "headersSize": 560, "httpVersion": "HTTP/1.1", "method": "PATCH", "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/e332b07e-d573-45fa-b2df-9a1bcc27f17e/cancel" + "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/cafe565c-106b-486e-ad21-a712656723b4/cancel" }, "response": { "bodySize": 0, @@ -94,8 +94,8 @@ "status": 204, "statusText": "No Content" }, - "startedDateTime": "2024-11-08T09:54:39.197Z", - "time": 74 + "startedDateTime": "2025-10-24T14:24:01.125Z", + "time": 92 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Convert-a-job-result-to-a-signal-returns-Bad-Request-response_2618814137/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Convert-a-job-result-to-a-signal-returns-Bad-Request-response_2618814137/frozen.json index 78bd1eb7e90b..85dc03005dbc 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Convert-a-job-result-to-a-signal-returns-Bad-Request-response_2618814137/frozen.json +++ b/cassettes/v2/Security-Monitoring_1187227211/Convert-a-job-result-to-a-signal-returns-Bad-Request-response_2618814137/frozen.json @@ -1 +1 @@ -"2024-11-08T09:54:39.280Z" +"2025-10-24T14:24:01.235Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Convert-a-job-result-to-a-signal-returns-Bad-Request-response_2618814137/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Convert-a-job-result-to-a-signal-returns-Bad-Request-response_2618814137/recording.har index 8cc89eddcfb1..32dddbcbba41 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Convert-a-job-result-to-a-signal-returns-Bad-Request-response_2618814137/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Convert-a-job-result-to-a-signal-returns-Bad-Request-response_2618814137/recording.har @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "0d4946af2c85586b74ddeb117a50a4a6", + "_id": "547f0189451a142459cd9f22ee5351f6", "_order": 0, "cache": {}, "request": { @@ -26,7 +26,7 @@ "value": "application/json" } ], - "headersSize": 592, + "headersSize": 585, "httpVersion": "HTTP/1.1", "method": "POST", "postData": { @@ -35,7 +35,7 @@ "text": "{\"data\":{\"attributes\":{\"jobResultIds\":[\"\"],\"notifications\":[\"\"],\"signalMessage\":\"A large number of failed login attempts.\",\"signalSeverity\":\"critical\"},\"type\":\"historicalDetectionsJobResultSignalConversion\"}}" }, "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/signal_convert" + "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/signal_convert" }, "response": { "bodySize": 91, @@ -57,8 +57,8 @@ "status": 400, "statusText": "Bad Request" }, - "startedDateTime": "2024-11-08T09:54:39.282Z", - "time": 62 + "startedDateTime": "2025-10-24T14:24:01.238Z", + "time": 74 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Bad-Request-response_812796719/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Bad-Request-response_812796719/frozen.json index 2334f25deaf7..43d60b929130 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Bad-Request-response_812796719/frozen.json +++ b/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Bad-Request-response_812796719/frozen.json @@ -1 +1 @@ -"2024-11-08T09:54:39.371Z" +"2025-10-24T14:24:01.339Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Bad-Request-response_812796719/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Bad-Request-response_812796719/recording.har index f40dd9178595..0cf09beadde1 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Bad-Request-response_812796719/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Bad-Request-response_812796719/recording.har @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "74a52942ee0024790dc5b284709530a7", + "_id": "75c431a76ec2040e5a4c0f15acc3ea11", "_order": 0, "cache": {}, "request": { @@ -21,11 +21,11 @@ "value": "*/*" } ], - "headersSize": 530, + "headersSize": 526, "httpVersion": "HTTP/1.1", "method": "DELETE", "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/inva-lid" + "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/inva-lid" }, "response": { "bodySize": 78, @@ -47,8 +47,8 @@ "status": 400, "statusText": "Bad Request" }, - "startedDateTime": "2024-11-08T09:54:39.375Z", - "time": 74 + "startedDateTime": "2025-10-24T14:24:01.341Z", + "time": 81 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Not-Found-response_3638474920/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Not-Found-response_3638474920/frozen.json index 4c2be97946cb..0b5719d0620d 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Not-Found-response_3638474920/frozen.json +++ b/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Not-Found-response_3638474920/frozen.json @@ -1 +1 @@ -"2024-11-08T09:54:39.455Z" +"2025-10-24T14:24:01.428Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Not-Found-response_3638474920/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Not-Found-response_3638474920/recording.har index 3f7721a3fea5..85efc0f9cd1c 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Not-Found-response_3638474920/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Delete-an-existing-job-returns-Not-Found-response_3638474920/recording.har @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "9e763f3fed9d995ac14975ddbbeec6b1", + "_id": "4d768dca9f974e76a412a45a6abf3e26", "_order": 0, "cache": {}, "request": { @@ -21,18 +21,18 @@ "value": "*/*" } ], - "headersSize": 558, + "headersSize": 552, "httpVersion": "HTTP/1.1", "method": "DELETE", "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" + "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" }, "response": { - "bodySize": 116, + "bodySize": 50, "content": { "mimeType": "application/vnd.api+json", - "size": 116, - "text": "{\"errors\":[{\"status\":\"404\",\"title\":\"Not Found\",\"detail\":\"Job 8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93 was not found.\"}]}" + "size": 50, + "text": "{\"errors\":[{\"status\":\"404\",\"detail\":\"Not Found\"}]}" }, "cookies": [], "headers": [ @@ -41,14 +41,14 @@ "value": "application/vnd.api+json" } ], - "headersSize": 525, + "headersSize": 524, "httpVersion": "HTTP/1.1", "redirectURL": "", "status": 404, "statusText": "Not Found" }, - "startedDateTime": "2024-11-08T09:54:39.457Z", - "time": 72 + "startedDateTime": "2025-10-24T14:24:01.433Z", + "time": 93 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Bad-Request-response_334587409/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Bad-Request-response_334587409/frozen.json index 5ee867c763cc..76b7447ff6ce 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Bad-Request-response_334587409/frozen.json +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Bad-Request-response_334587409/frozen.json @@ -1 +1 @@ -"2024-11-08T09:54:39.538Z" +"2025-10-24T14:24:01.540Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Bad-Request-response_334587409/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Bad-Request-response_334587409/recording.har index 0eb31ad963a5..b8da1baa1b95 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Bad-Request-response_334587409/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Bad-Request-response_334587409/recording.har @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "b91d3d2f868f0795c35b288e8f822892", + "_id": "97fa0f78e4c02b547fb1fd5e12937587", "_order": 0, "cache": {}, "request": { @@ -21,11 +21,11 @@ "value": "application/json" } ], - "headersSize": 537, + "headersSize": 532, "httpVersion": "HTTP/1.1", "method": "GET", "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/inva-lid" + "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/inva-lid" }, "response": { "bodySize": 54, @@ -47,8 +47,8 @@ "status": 400, "statusText": "Bad Request" }, - "startedDateTime": "2024-11-08T09:54:39.543Z", - "time": 64 + "startedDateTime": "2025-10-24T14:24:01.543Z", + "time": 71 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Not-Found-response_2859948026/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Not-Found-response_2859948026/frozen.json index b4f3053e351f..92af3308d292 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Not-Found-response_2859948026/frozen.json +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Not-Found-response_2859948026/frozen.json @@ -1 +1 @@ -"2024-11-08T09:54:39.611Z" +"2025-10-24T14:24:01.618Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Not-Found-response_2859948026/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Not-Found-response_2859948026/recording.har index 1d455778ba5a..ae4320831322 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Not-Found-response_2859948026/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-Not-Found-response_2859948026/recording.har @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "30d26c2a643971ca97218f20041d2227", + "_id": "5374e38c55425a83f75d7f135c065277", "_order": 0, "cache": {}, "request": { @@ -21,11 +21,11 @@ "value": "application/json" } ], - "headersSize": 565, + "headersSize": 561, "httpVersion": "HTTP/1.1", "method": "GET", "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" + "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" }, "response": { "bodySize": 116, @@ -47,8 +47,8 @@ "status": 404, "statusText": "Not Found" }, - "startedDateTime": "2024-11-08T09:54:39.616Z", - "time": 73 + "startedDateTime": "2025-10-24T14:24:01.621Z", + "time": 81 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-OK-response_1805717789/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-OK-response_1805717789/frozen.json index 39b3bcc8acc0..fc5fbf825da7 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-OK-response_1805717789/frozen.json +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-OK-response_1805717789/frozen.json @@ -1 +1 @@ -"2024-12-18T17:02:38.823Z" +"2025-10-24T14:24:01.707Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-OK-response_1805717789/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-OK-response_1805717789/recording.har index 77fcd6d9781c..f7d7bf98413e 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-OK-response_1805717789/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-a-job-s-details-returns-OK-response_1805717789/recording.har @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "6bb82102e994f0d1ee96e1e3f1d80ffd", + "_id": "4c138fa0d83459728bd7894a659525ac", "_order": 0, "cache": {}, "request": { @@ -26,7 +26,7 @@ "value": "application/json" } ], - "headersSize": 582, + "headersSize": 577, "httpVersion": "HTTP/1.1", "method": "POST", "postData": { @@ -35,14 +35,14 @@ "text": "{\"data\":{\"attributes\":{\"jobDefinition\":{\"cases\":[{\"condition\":\"a > 1\",\"name\":\"Condition 1\",\"notifications\":[],\"status\":\"info\"}],\"from\":1730387522611,\"index\":\"main\",\"message\":\"A large number of failed login attempts.\",\"name\":\"Excessive number of failed attempts.\",\"options\":{\"evaluationWindow\":900,\"keepAlive\":3600,\"maxSignalDuration\":86400},\"queries\":[{\"aggregation\":\"count\",\"distinctFields\":[],\"groupByFields\":[],\"query\":\"source:non_existing_src_weekend\"}],\"tags\":[],\"to\":1730387532611,\"type\":\"log_detection\"}},\"type\":\"historicalDetectionsJobCreate\"}}" }, "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs" + "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs" }, "response": { "bodySize": 87, "content": { "mimeType": "application/vnd.api+json", "size": 87, - "text": "{\"data\":{\"id\":\"fa90e7ac-998d-4bf4-9d32-2e831a1e9479\",\"type\":\"historicalDetectionsJob\"}}" + "text": "{\"data\":{\"id\":\"071b3516-4072-44d9-9288-d4adaa1db921\",\"type\":\"historicalDetectionsJob\"}}" }, "cookies": [], "headers": [ @@ -57,11 +57,11 @@ "status": 201, "statusText": "Created" }, - "startedDateTime": "2024-12-18T17:02:39.209Z", - "time": 474 + "startedDateTime": "2025-10-24T14:24:01.710Z", + "time": 376 }, { - "_id": "7b01960b436d672769de5d7f5dd093c1", + "_id": "08901fdd0425df60dbdee039f0e4a4dc", "_order": 0, "cache": {}, "request": { @@ -74,18 +74,18 @@ "value": "application/json" } ], - "headersSize": 565, + "headersSize": 560, "httpVersion": "HTTP/1.1", "method": "GET", "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/fa90e7ac-998d-4bf4-9d32-2e831a1e9479" + "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/071b3516-4072-44d9-9288-d4adaa1db921" }, "response": { - "bodySize": 914, + "bodySize": 934, "content": { "mimeType": "application/vnd.api+json", - "size": 914, - "text": "{\"data\":{\"id\":\"fa90e7ac-998d-4bf4-9d32-2e831a1e9479\",\"type\":\"historicalDetectionsJob\",\"attributes\":{\"createdAt\":\"2024-12-18 17:02:39.551791+00\",\"createdByHandle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"createdByName\":\"CI Account\",\"jobDefinition\":{\"from\":1730387522611,\"to\":1730387532611,\"index\":\"main\",\"name\":\"Excessive number of failed attempts.\",\"cases\":[{\"name\":\"Condition 1\",\"status\":\"info\",\"notifications\":[],\"condition\":\"a \\u003e 1\"}],\"queries\":[{\"query\":\"source:non_existing_src_weekend\",\"groupByFields\":[],\"hasOptionalGroupByFields\":false,\"distinctFields\":[],\"aggregation\":\"count\",\"name\":\"\"}],\"options\":{\"evaluationWindow\":900,\"detectionMethod\":\"threshold\",\"maxSignalDuration\":86400,\"keepAlive\":3600},\"message\":\"A large number of failed login attempts.\",\"tags\":[],\"type\":\"log_detection\"},\"jobName\":\"Excessive number of failed attempts.\",\"jobStatus\":\"pending\",\"modifiedAt\":\"2024-12-18 17:02:39.551791+00\"}}}" + "size": 934, + "text": "{\"data\":{\"id\":\"071b3516-4072-44d9-9288-d4adaa1db921\",\"type\":\"historicalDetectionsJob\",\"attributes\":{\"createdAt\":\"2025-10-24 14:24:02.057923+00\",\"createdByHandle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"createdByName\":\"CI Account\",\"jobDefinition\":{\"from\":1730387522611,\"to\":1730387532611,\"index\":\"main\",\"name\":\"Excessive number of failed attempts.\",\"cases\":[{\"name\":\"Condition 1\",\"status\":\"info\",\"notifications\":[],\"condition\":\"a \\u003e 1\"}],\"queries\":[{\"query\":\"source:non_existing_src_weekend\",\"groupByFields\":[],\"hasOptionalGroupByFields\":false,\"distinctFields\":[],\"aggregation\":\"count\",\"name\":\"\",\"dataSource\":\"logs\"}],\"options\":{\"evaluationWindow\":900,\"detectionMethod\":\"threshold\",\"maxSignalDuration\":86400,\"keepAlive\":3600},\"message\":\"A large number of failed login attempts.\",\"tags\":[],\"type\":\"log_detection\"},\"jobName\":\"Excessive number of failed attempts.\",\"jobStatus\":\"pending\",\"modifiedAt\":\"2025-10-24 14:24:02.057923+00\"}}}" }, "cookies": [], "headers": [ @@ -100,8 +100,8 @@ "status": 200, "statusText": "OK" }, - "startedDateTime": "2024-12-18T17:02:39.691Z", - "time": 171 + "startedDateTime": "2025-10-24T14:24:02.090Z", + "time": 73 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/List-historical-jobs-returns-OK-response_1213227315/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/List-historical-jobs-returns-OK-response_1213227315/frozen.json index b2aadd2a6cc7..ecaf4231cafe 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/List-historical-jobs-returns-OK-response_1213227315/frozen.json +++ b/cassettes/v2/Security-Monitoring_1187227211/List-historical-jobs-returns-OK-response_1213227315/frozen.json @@ -1 +1 @@ -"2024-12-18T17:02:39.880Z" +"2025-10-24T14:24:02.188Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/List-historical-jobs-returns-OK-response_1213227315/recording.har b/cassettes/v2/Security-Monitoring_1187227211/List-historical-jobs-returns-OK-response_1213227315/recording.har index 983a9bead67e..cfed885ffca0 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/List-historical-jobs-returns-OK-response_1213227315/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/List-historical-jobs-returns-OK-response_1213227315/recording.har @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "6bb82102e994f0d1ee96e1e3f1d80ffd", + "_id": "4c138fa0d83459728bd7894a659525ac", "_order": 0, "cache": {}, "request": { @@ -26,7 +26,7 @@ "value": "application/json" } ], - "headersSize": 582, + "headersSize": 578, "httpVersion": "HTTP/1.1", "method": "POST", "postData": { @@ -35,14 +35,14 @@ "text": "{\"data\":{\"attributes\":{\"jobDefinition\":{\"cases\":[{\"condition\":\"a > 1\",\"name\":\"Condition 1\",\"notifications\":[],\"status\":\"info\"}],\"from\":1730387522611,\"index\":\"main\",\"message\":\"A large number of failed login attempts.\",\"name\":\"Excessive number of failed attempts.\",\"options\":{\"evaluationWindow\":900,\"keepAlive\":3600,\"maxSignalDuration\":86400},\"queries\":[{\"aggregation\":\"count\",\"distinctFields\":[],\"groupByFields\":[],\"query\":\"source:non_existing_src_weekend\"}],\"tags\":[],\"to\":1730387532611,\"type\":\"log_detection\"}},\"type\":\"historicalDetectionsJobCreate\"}}" }, "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs" + "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs" }, "response": { "bodySize": 87, "content": { "mimeType": "application/vnd.api+json", "size": 87, - "text": "{\"data\":{\"id\":\"7b16f110-0ce9-46cd-9dad-b658ced2ac50\",\"type\":\"historicalDetectionsJob\"}}" + "text": "{\"data\":{\"id\":\"e935c6c8-ba76-4ebf-8770-bb772a5ec1ed\",\"type\":\"historicalDetectionsJob\"}}" }, "cookies": [], "headers": [ @@ -57,11 +57,11 @@ "status": 201, "statusText": "Created" }, - "startedDateTime": "2024-12-18T17:02:39.882Z", - "time": 402 + "startedDateTime": "2025-10-24T14:24:02.195Z", + "time": 87 }, { - "_id": "0728d69cabf496956f86d405f93de5cf", + "_id": "4f7ef994a9ff2d13c4074a6f863a4781", "_order": 0, "cache": {}, "request": { @@ -74,25 +74,25 @@ "value": "application/json" } ], - "headersSize": 590, + "headersSize": 586, "httpVersion": "HTTP/1.1", "method": "GET", "queryString": [ { "name": "filter", "value": { - "query": "id:7b16f110-0ce9-46cd-9dad-b658ced2ac50" + "query": "id:e935c6c8-ba76-4ebf-8770-bb772a5ec1ed" } } ], - "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs?filter%5Bquery%5D=id%3A7b16f110-0ce9-46cd-9dad-b658ced2ac50" + "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs?filter%5Bquery%5D=id%3Ae935c6c8-ba76-4ebf-8770-bb772a5ec1ed" }, "response": { - "bodySize": 940, + "bodySize": 960, "content": { "mimeType": "application/vnd.api+json", - "size": 940, - "text": "{\"data\":[{\"id\":\"7b16f110-0ce9-46cd-9dad-b658ced2ac50\",\"type\":\"historicalDetectionsJob\",\"attributes\":{\"createdAt\":\"2024-12-18 17:02:40.144396+00\",\"createdByHandle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"createdByName\":\"CI Account\",\"jobDefinition\":{\"from\":1730387522611,\"to\":1730387532611,\"index\":\"main\",\"name\":\"Excessive number of failed attempts.\",\"cases\":[{\"name\":\"Condition 1\",\"status\":\"info\",\"notifications\":[],\"condition\":\"a \\u003e 1\"}],\"queries\":[{\"query\":\"source:non_existing_src_weekend\",\"groupByFields\":[],\"hasOptionalGroupByFields\":false,\"distinctFields\":[],\"aggregation\":\"count\",\"name\":\"\"}],\"options\":{\"evaluationWindow\":900,\"detectionMethod\":\"threshold\",\"maxSignalDuration\":86400,\"keepAlive\":3600},\"message\":\"A large number of failed login attempts.\",\"tags\":[],\"type\":\"log_detection\"},\"jobName\":\"Excessive number of failed attempts.\",\"jobStatus\":\"pending\",\"modifiedAt\":\"2024-12-18 17:02:40.144396+00\"}}],\"meta\":{\"totalCount\":1}}" + "size": 960, + "text": "{\"data\":[{\"id\":\"e935c6c8-ba76-4ebf-8770-bb772a5ec1ed\",\"type\":\"historicalDetectionsJob\",\"attributes\":{\"createdAt\":\"2025-10-24 14:24:02.256887+00\",\"createdByHandle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"createdByName\":\"CI Account\",\"jobDefinition\":{\"from\":1730387522611,\"to\":1730387532611,\"index\":\"main\",\"name\":\"Excessive number of failed attempts.\",\"cases\":[{\"name\":\"Condition 1\",\"status\":\"info\",\"notifications\":[],\"condition\":\"a \\u003e 1\"}],\"queries\":[{\"query\":\"source:non_existing_src_weekend\",\"groupByFields\":[],\"hasOptionalGroupByFields\":false,\"distinctFields\":[],\"aggregation\":\"count\",\"name\":\"\",\"dataSource\":\"logs\"}],\"options\":{\"evaluationWindow\":900,\"detectionMethod\":\"threshold\",\"maxSignalDuration\":86400,\"keepAlive\":3600},\"message\":\"A large number of failed login attempts.\",\"tags\":[],\"type\":\"log_detection\"},\"jobName\":\"Excessive number of failed attempts.\",\"jobStatus\":\"pending\",\"modifiedAt\":\"2025-10-24 14:24:02.256887+00\"}}],\"meta\":{\"totalCount\":1}}" }, "cookies": [], "headers": [ @@ -107,8 +107,8 @@ "status": 200, "statusText": "OK" }, - "startedDateTime": "2024-12-18T17:02:40.290Z", - "time": 189 + "startedDateTime": "2025-10-24T14:24:02.289Z", + "time": 78 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Bad-Request-response_3841593672/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Bad-Request-response_3841593672/frozen.json deleted file mode 100644 index 717f83d1d840..000000000000 --- a/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Bad-Request-response_3841593672/frozen.json +++ /dev/null @@ -1 +0,0 @@ -"2024-11-08T09:54:40.114Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Not-Found-response_258356351/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Not-Found-response_258356351/frozen.json deleted file mode 100644 index d97d22162bff..000000000000 --- a/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Not-Found-response_258356351/frozen.json +++ /dev/null @@ -1 +0,0 @@ -"2025-06-26T16:57:47.524Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Status-created-response_2964716074/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Status-created-response_2964716074/frozen.json deleted file mode 100644 index bbb8004149c8..000000000000 --- a/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Status-created-response_2964716074/frozen.json +++ /dev/null @@ -1 +0,0 @@ -"2024-11-08T09:54:40.272Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Bad-Request-response_1567776629/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Bad-Request-response_1567776629/frozen.json new file mode 100644 index 000000000000..7bb1005d01cf --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Bad-Request-response_1567776629/frozen.json @@ -0,0 +1 @@ +"2025-10-24T14:24:02.385Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Bad-Request-response_3841593672/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Bad-Request-response_1567776629/recording.har similarity index 86% rename from cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Bad-Request-response_3841593672/recording.har rename to cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Bad-Request-response_1567776629/recording.har index 61ecf202035e..8746624d05cd 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Bad-Request-response_3841593672/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Bad-Request-response_1567776629/recording.har @@ -1,6 +1,6 @@ { "log": { - "_recordingName": "Security Monitoring/Run a historical job returns \"Bad Request\" response", + "_recordingName": "Security Monitoring/Run a threat hunting job returns \"Bad Request\" response", "creator": { "comment": "persister:fs", "name": "Polly.JS", @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "d6c37d4c15bfd57cafedccbe43952e41", + "_id": "8385b3da78cdf5dc4258fcc039b5013a", "_order": 0, "cache": {}, "request": { @@ -26,7 +26,7 @@ "value": "application/json" } ], - "headersSize": 581, + "headersSize": 578, "httpVersion": "HTTP/1.1", "method": "POST", "postData": { @@ -35,7 +35,7 @@ "text": "{\"data\":{\"attributes\":{\"jobDefinition\":{\"cases\":[{\"condition\":\"a > 1\",\"name\":\"Condition 1\",\"notifications\":[],\"status\":\"info\"}],\"from\":1730387522611,\"index\":\"non_existing_index\",\"message\":\"A large number of failed login attempts.\",\"name\":\"Excessive number of failed attempts.\",\"options\":{\"evaluationWindow\":900,\"keepAlive\":3600,\"maxSignalDuration\":86400},\"queries\":[{\"aggregation\":\"count\",\"distinctFields\":[],\"groupByFields\":[],\"query\":\"source:non_existing_src_weekend\"}],\"tags\":[],\"to\":1730391122611,\"type\":\"log_detection\"}},\"type\":\"historicalDetectionsJobCreate\"}}" }, "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs" + "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs" }, "response": { "bodySize": 96, @@ -57,8 +57,8 @@ "status": 400, "statusText": "Bad Request" }, - "startedDateTime": "2024-11-08T09:54:40.117Z", - "time": 70 + "startedDateTime": "2025-10-24T14:24:02.389Z", + "time": 93 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Not-Found-response_4013068630/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Not-Found-response_4013068630/frozen.json new file mode 100644 index 000000000000..0436a829ceba --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Not-Found-response_4013068630/frozen.json @@ -0,0 +1 @@ +"2025-10-24T14:24:02.486Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Not-Found-response_258356351/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Not-Found-response_4013068630/recording.har similarity index 83% rename from cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Not-Found-response_258356351/recording.har rename to cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Not-Found-response_4013068630/recording.har index 25316b1a3e78..7917aa1c1e31 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Not-Found-response_258356351/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Not-Found-response_4013068630/recording.har @@ -1,6 +1,6 @@ { "log": { - "_recordingName": "Security Monitoring/Run a historical job returns \"Not Found\" response", + "_recordingName": "Security Monitoring/Run a threat hunting job returns \"Not Found\" response", "creator": { "comment": "persister:fs", "name": "Polly.JS", @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "6baefcd2575a7f9d36bff35d836edcfc", + "_id": "ad287eca8deaa404d9ebbd2408021229", "_order": 0, "cache": {}, "request": { @@ -26,7 +26,7 @@ "value": "application/json" } ], - "headersSize": 582, + "headersSize": 578, "httpVersion": "HTTP/1.1", "method": "POST", "postData": { @@ -35,7 +35,7 @@ "text": "{\"data\":{\"attributes\":{\"fromRule\":{\"from\":1730201035064,\"id\":\"non-existng\",\"index\":\"main\",\"notifications\":[],\"to\":1730204635115}},\"type\":\"historicalDetectionsJobCreate\"}}" }, "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs" + "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs" }, "response": { "bodySize": 49, @@ -57,8 +57,8 @@ "status": 404, "statusText": "Not Found" }, - "startedDateTime": "2025-06-26T16:57:47.528Z", - "time": 100 + "startedDateTime": "2025-10-24T14:24:02.489Z", + "time": 76 } ], "pages": [], diff --git a/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Status-created-response_674813617/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Status-created-response_674813617/frozen.json new file mode 100644 index 000000000000..609cbdfc0aa7 --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Status-created-response_674813617/frozen.json @@ -0,0 +1 @@ +"2025-10-24T14:24:02.570Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Status-created-response_2964716074/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Status-created-response_674813617/recording.har similarity index 81% rename from cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Status-created-response_2964716074/recording.har rename to cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Status-created-response_674813617/recording.har index 18ef041376f5..4e45701183b8 100644 --- a/cassettes/v2/Security-Monitoring_1187227211/Run-a-historical-job-returns-Status-created-response_2964716074/recording.har +++ b/cassettes/v2/Security-Monitoring_1187227211/Run-a-threat-hunting-job-returns-Status-created-response_674813617/recording.har @@ -1,6 +1,6 @@ { "log": { - "_recordingName": "Security Monitoring/Run a historical job returns \"Status created\" response", + "_recordingName": "Security Monitoring/Run a threat hunting job returns \"Status created\" response", "creator": { "comment": "persister:fs", "name": "Polly.JS", @@ -8,7 +8,7 @@ }, "entries": [ { - "_id": "6bb82102e994f0d1ee96e1e3f1d80ffd", + "_id": "4c138fa0d83459728bd7894a659525ac", "_order": 0, "cache": {}, "request": { @@ -26,7 +26,7 @@ "value": "application/json" } ], - "headersSize": 582, + "headersSize": 577, "httpVersion": "HTTP/1.1", "method": "POST", "postData": { @@ -35,14 +35,14 @@ "text": "{\"data\":{\"attributes\":{\"jobDefinition\":{\"cases\":[{\"condition\":\"a > 1\",\"name\":\"Condition 1\",\"notifications\":[],\"status\":\"info\"}],\"from\":1730387522611,\"index\":\"main\",\"message\":\"A large number of failed login attempts.\",\"name\":\"Excessive number of failed attempts.\",\"options\":{\"evaluationWindow\":900,\"keepAlive\":3600,\"maxSignalDuration\":86400},\"queries\":[{\"aggregation\":\"count\",\"distinctFields\":[],\"groupByFields\":[],\"query\":\"source:non_existing_src_weekend\"}],\"tags\":[],\"to\":1730387532611,\"type\":\"log_detection\"}},\"type\":\"historicalDetectionsJobCreate\"}}" }, "queryString": [], - "url": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs" + "url": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs" }, "response": { "bodySize": 87, "content": { "mimeType": "application/vnd.api+json", "size": 87, - "text": "{\"data\":{\"id\":\"6f4c9c40-782b-4d14-900f-65ccc02389db\",\"type\":\"historicalDetectionsJob\"}}" + "text": "{\"data\":{\"id\":\"6ff7a8ce-a0d1-4ea3-8cc9-e9c52cda0d24\",\"type\":\"historicalDetectionsJob\"}}" }, "cookies": [], "headers": [ @@ -57,8 +57,8 @@ "status": 201, "statusText": "Created" }, - "startedDateTime": "2024-11-08T09:54:40.274Z", - "time": 86 + "startedDateTime": "2025-10-24T14:24:02.572Z", + "time": 104 } ], "pages": [], diff --git a/examples/v2/security-monitoring/CancelThreatHuntingJob.ts b/examples/v2/security-monitoring/CancelThreatHuntingJob.ts new file mode 100644 index 000000000000..182ccef5b3c3 --- /dev/null +++ b/examples/v2/security-monitoring/CancelThreatHuntingJob.ts @@ -0,0 +1,22 @@ +/** + * Cancel a threat hunting job returns "OK" response + */ + +import { client, v2 } from "@datadog/datadog-api-client"; + +const configuration = client.createConfiguration(); +configuration.unstableOperations["v2.cancelThreatHuntingJob"] = true; +const apiInstance = new v2.SecurityMonitoringApi(configuration); + +const params: v2.SecurityMonitoringApiCancelThreatHuntingJobRequest = { + jobId: "job_id", +}; + +apiInstance + .cancelThreatHuntingJob(params) + .then((data: any) => { + console.log( + "API called successfully. Returned data: " + JSON.stringify(data) + ); + }) + .catch((error: any) => console.error(error)); diff --git a/examples/v2/security-monitoring/CancelHistoricalJob.ts b/examples/v2/security-monitoring/CancelThreatHuntingJob_1945505845.ts similarity index 50% rename from examples/v2/security-monitoring/CancelHistoricalJob.ts rename to examples/v2/security-monitoring/CancelThreatHuntingJob_1945505845.ts index 6bff4c4b9632..2cb927c171d0 100644 --- a/examples/v2/security-monitoring/CancelHistoricalJob.ts +++ b/examples/v2/security-monitoring/CancelThreatHuntingJob_1945505845.ts @@ -5,19 +5,20 @@ import { client, v2 } from "@datadog/datadog-api-client"; const configuration = client.createConfiguration(); -configuration.unstableOperations["v2.cancelHistoricalJob"] = true; -configuration.unstableOperations["v2.runHistoricalJob"] = true; +configuration.unstableOperations["v2.cancelThreatHuntingJob"] = true; +configuration.unstableOperations["v2.runThreatHuntingJob"] = true; const apiInstance = new v2.SecurityMonitoringApi(configuration); -// there is a valid "historical_job" in the system -const HISTORICAL_JOB_DATA_ID = process.env.HISTORICAL_JOB_DATA_ID as string; +// there is a valid "threat_hunting_job" in the system +const THREAT_HUNTING_JOB_DATA_ID = process.env + .THREAT_HUNTING_JOB_DATA_ID as string; -const params: v2.SecurityMonitoringApiCancelHistoricalJobRequest = { - jobId: HISTORICAL_JOB_DATA_ID, +const params: v2.SecurityMonitoringApiCancelThreatHuntingJobRequest = { + jobId: THREAT_HUNTING_JOB_DATA_ID, }; apiInstance - .cancelHistoricalJob(params) + .cancelThreatHuntingJob(params) .then((data: any) => { console.log( "API called successfully. Returned data: " + JSON.stringify(data) diff --git a/examples/v2/security-monitoring/DeleteHistoricalJob.ts b/examples/v2/security-monitoring/DeleteThreatHuntingJob.ts similarity index 71% rename from examples/v2/security-monitoring/DeleteHistoricalJob.ts rename to examples/v2/security-monitoring/DeleteThreatHuntingJob.ts index f2cfd17873f5..4670a9022e8e 100644 --- a/examples/v2/security-monitoring/DeleteHistoricalJob.ts +++ b/examples/v2/security-monitoring/DeleteThreatHuntingJob.ts @@ -5,15 +5,15 @@ import { client, v2 } from "@datadog/datadog-api-client"; const configuration = client.createConfiguration(); -configuration.unstableOperations["v2.deleteHistoricalJob"] = true; +configuration.unstableOperations["v2.deleteThreatHuntingJob"] = true; const apiInstance = new v2.SecurityMonitoringApi(configuration); -const params: v2.SecurityMonitoringApiDeleteHistoricalJobRequest = { +const params: v2.SecurityMonitoringApiDeleteThreatHuntingJobRequest = { jobId: "job_id", }; apiInstance - .deleteHistoricalJob(params) + .deleteThreatHuntingJob(params) .then((data: any) => { console.log( "API called successfully. Returned data: " + JSON.stringify(data) diff --git a/examples/v2/security-monitoring/GetHistoricalJob.ts b/examples/v2/security-monitoring/GetHistoricalJob.ts deleted file mode 100644 index a4f838106502..000000000000 --- a/examples/v2/security-monitoring/GetHistoricalJob.ts +++ /dev/null @@ -1,26 +0,0 @@ -/** - * Get a job's details returns "OK" response - */ - -import { client, v2 } from "@datadog/datadog-api-client"; - -const configuration = client.createConfiguration(); -configuration.unstableOperations["v2.getHistoricalJob"] = true; -configuration.unstableOperations["v2.runHistoricalJob"] = true; -const apiInstance = new v2.SecurityMonitoringApi(configuration); - -// there is a valid "historical_job" in the system -const HISTORICAL_JOB_DATA_ID = process.env.HISTORICAL_JOB_DATA_ID as string; - -const params: v2.SecurityMonitoringApiGetHistoricalJobRequest = { - jobId: HISTORICAL_JOB_DATA_ID, -}; - -apiInstance - .getHistoricalJob(params) - .then((data: v2.HistoricalJobResponse) => { - console.log( - "API called successfully. Returned data: " + JSON.stringify(data) - ); - }) - .catch((error: any) => console.error(error)); diff --git a/examples/v2/security-monitoring/GetThreatHuntingJob.ts b/examples/v2/security-monitoring/GetThreatHuntingJob.ts new file mode 100644 index 000000000000..70c90896d8c4 --- /dev/null +++ b/examples/v2/security-monitoring/GetThreatHuntingJob.ts @@ -0,0 +1,27 @@ +/** + * Get a job's details returns "OK" response + */ + +import { client, v2 } from "@datadog/datadog-api-client"; + +const configuration = client.createConfiguration(); +configuration.unstableOperations["v2.getThreatHuntingJob"] = true; +configuration.unstableOperations["v2.runThreatHuntingJob"] = true; +const apiInstance = new v2.SecurityMonitoringApi(configuration); + +// there is a valid "threat_hunting_job" in the system +const THREAT_HUNTING_JOB_DATA_ID = process.env + .THREAT_HUNTING_JOB_DATA_ID as string; + +const params: v2.SecurityMonitoringApiGetThreatHuntingJobRequest = { + jobId: THREAT_HUNTING_JOB_DATA_ID, +}; + +apiInstance + .getThreatHuntingJob(params) + .then((data: v2.ThreatHuntingJobResponse) => { + console.log( + "API called successfully. Returned data: " + JSON.stringify(data) + ); + }) + .catch((error: any) => console.error(error)); diff --git a/examples/v2/security-monitoring/ListThreatHuntingJobs.ts b/examples/v2/security-monitoring/ListThreatHuntingJobs.ts new file mode 100644 index 000000000000..f891eac2cda2 --- /dev/null +++ b/examples/v2/security-monitoring/ListThreatHuntingJobs.ts @@ -0,0 +1,18 @@ +/** + * List threat hunting jobs returns "OK" response + */ + +import { client, v2 } from "@datadog/datadog-api-client"; + +const configuration = client.createConfiguration(); +configuration.unstableOperations["v2.listThreatHuntingJobs"] = true; +const apiInstance = new v2.SecurityMonitoringApi(configuration); + +apiInstance + .listThreatHuntingJobs() + .then((data: v2.ListThreatHuntingJobsResponse) => { + console.log( + "API called successfully. Returned data: " + JSON.stringify(data) + ); + }) + .catch((error: any) => console.error(error)); diff --git a/examples/v2/security-monitoring/ListHistoricalJobs.ts b/examples/v2/security-monitoring/ListThreatHuntingJobs_1365512061.ts similarity index 54% rename from examples/v2/security-monitoring/ListHistoricalJobs.ts rename to examples/v2/security-monitoring/ListThreatHuntingJobs_1365512061.ts index ec286a2ba6df..0fdd3d227da5 100644 --- a/examples/v2/security-monitoring/ListHistoricalJobs.ts +++ b/examples/v2/security-monitoring/ListThreatHuntingJobs_1365512061.ts @@ -5,19 +5,19 @@ import { client, v2 } from "@datadog/datadog-api-client"; const configuration = client.createConfiguration(); -configuration.unstableOperations["v2.listHistoricalJobs"] = true; -configuration.unstableOperations["v2.runHistoricalJob"] = true; +configuration.unstableOperations["v2.listThreatHuntingJobs"] = true; +configuration.unstableOperations["v2.runThreatHuntingJob"] = true; const apiInstance = new v2.SecurityMonitoringApi(configuration); -// there is a valid "historical_job" in the system +// there is a valid "threat_hunting_job" in the system -const params: v2.SecurityMonitoringApiListHistoricalJobsRequest = { +const params: v2.SecurityMonitoringApiListThreatHuntingJobsRequest = { filterQuery: "id:string", }; apiInstance - .listHistoricalJobs(params) - .then((data: v2.ListHistoricalJobsResponse) => { + .listThreatHuntingJobs(params) + .then((data: v2.ListThreatHuntingJobsResponse) => { console.log( "API called successfully. Returned data: " + JSON.stringify(data) ); diff --git a/examples/v2/security-monitoring/RunHistoricalJob.ts b/examples/v2/security-monitoring/RunThreatHuntingJob.ts similarity index 85% rename from examples/v2/security-monitoring/RunHistoricalJob.ts rename to examples/v2/security-monitoring/RunThreatHuntingJob.ts index 93d2ec9bdc9a..640b5e932c71 100644 --- a/examples/v2/security-monitoring/RunHistoricalJob.ts +++ b/examples/v2/security-monitoring/RunThreatHuntingJob.ts @@ -1,14 +1,14 @@ /** - * Run a historical job returns "Status created" response + * Run a threat hunting job returns "Status created" response */ import { client, v2 } from "@datadog/datadog-api-client"; const configuration = client.createConfiguration(); -configuration.unstableOperations["v2.runHistoricalJob"] = true; +configuration.unstableOperations["v2.runThreatHuntingJob"] = true; const apiInstance = new v2.SecurityMonitoringApi(configuration); -const params: v2.SecurityMonitoringApiRunHistoricalJobRequest = { +const params: v2.SecurityMonitoringApiRunThreatHuntingJobRequest = { body: { data: { type: "historicalDetectionsJobCreate", @@ -49,7 +49,7 @@ const params: v2.SecurityMonitoringApiRunHistoricalJobRequest = { }; apiInstance - .runHistoricalJob(params) + .runThreatHuntingJob(params) .then((data: v2.JobCreateResponse) => { console.log( "API called successfully. Returned data: " + JSON.stringify(data) diff --git a/features/support/scenarios_model_mapping.ts b/features/support/scenarios_model_mapping.ts index 3b7897602472..9c82691853c5 100644 --- a/features/support/scenarios_model_mapping.ts +++ b/features/support/scenarios_model_mapping.ts @@ -4497,7 +4497,7 @@ export const ScenariosModelMappings: {[key: string]: {[key: string]: any}} = { }, "operationResponseType": "SecurityMonitoringSignalResponse", }, - "v2.ListHistoricalJobs": { + "v2.ListThreatHuntingJobs": { "pageSize": { "type": "number", "format": "int64", @@ -4514,11 +4514,11 @@ export const ScenariosModelMappings: {[key: string]: {[key: string]: any}} = { "type": "string", "format": "", }, - "operationResponseType": "ListHistoricalJobsResponse", + "operationResponseType": "ListThreatHuntingJobsResponse", }, - "v2.RunHistoricalJob": { + "v2.RunThreatHuntingJob": { "body": { - "type": "RunHistoricalJobRequest", + "type": "RunThreatHuntingJobRequest", "format": "", }, "operationResponseType": "JobCreateResponse", @@ -4530,21 +4530,21 @@ export const ScenariosModelMappings: {[key: string]: {[key: string]: any}} = { }, "operationResponseType": "{}", }, - "v2.GetHistoricalJob": { + "v2.GetThreatHuntingJob": { "jobId": { "type": "string", "format": "", }, - "operationResponseType": "HistoricalJobResponse", + "operationResponseType": "ThreatHuntingJobResponse", }, - "v2.DeleteHistoricalJob": { + "v2.DeleteThreatHuntingJob": { "jobId": { "type": "string", "format": "", }, "operationResponseType": "{}", }, - "v2.CancelHistoricalJob": { + "v2.CancelThreatHuntingJob": { "jobId": { "type": "string", "format": "", diff --git a/features/v2/given.json b/features/v2/given.json index a4ab9c24bd17..7c9df160aade 100644 --- a/features/v2/given.json +++ b/features/v2/given.json @@ -1086,10 +1086,10 @@ "value": "{\n \"data\": {\n \"type\": \"historicalDetectionsJobCreate\",\n \"attributes\": {\n \"jobDefinition\": {\n \"type\": \"log_detection\",\n \"name\": \"Excessive number of failed attempts.\",\n \"queries\": [\n {\n \"query\": \"source:non_existing_src_weekend\",\n \"aggregation\": \"count\",\n \"groupByFields\": [],\n \"distinctFields\": []\n }\n ],\n \"cases\": [\n {\n \"name\": \"Condition 1\",\n \"status\": \"info\",\n \"notifications\": [],\n \"condition\": \"a > 1\"\n }\n ],\n \"options\": {\n \"keepAlive\": 3600,\n \"maxSignalDuration\": 86400,\n \"evaluationWindow\": 900\n },\n \"message\": \"A large number of failed login attempts.\",\n \"tags\": [],\n \"from\": 1730387522611,\n \"to\": 1730387532611,\n \"index\": \"main\"\n }\n }\n }\n}" } ], - "step": "there is a valid \"historical_job\" in the system", - "key": "historical_job", + "step": "there is a valid \"threat_hunting_job\" in the system", + "key": "threat_hunting_job", "tag": "Security Monitoring", - "operationId": "RunHistoricalJob" + "operationId": "RunThreatHuntingJob" }, { "parameters": [ diff --git a/features/v2/security_monitoring.feature b/features/v2/security_monitoring.feature index 8e5e22baade8..703fc3e460f9 100644 --- a/features/v2/security_monitoring.feature +++ b/features/v2/security_monitoring.feature @@ -11,38 +11,62 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Cancel a historical job returns "Bad Request" response - Given operation "CancelHistoricalJob" enabled - And new "CancelHistoricalJob" request + Given operation "CancelThreatHuntingJob" enabled + And new "CancelThreatHuntingJob" request And request contains "job_id" parameter with value "inva-lid" When the request is sent Then the response status is 400 Bad Request - @generated @skip @team:DataDog/k9-cloud-security-platform - Scenario: Cancel a historical job returns "Conflict" response - Given operation "CancelHistoricalJob" enabled - And new "CancelHistoricalJob" request - And request contains "job_id" parameter from "REPLACE.ME" - When the request is sent - Then the response status is 409 Conflict - @team:DataDog/k9-cloud-security-platform Scenario: Cancel a historical job returns "Not Found" response - Given operation "CancelHistoricalJob" enabled - And new "CancelHistoricalJob" request + Given operation "CancelThreatHuntingJob" enabled + And new "CancelThreatHuntingJob" request And request contains "job_id" parameter with value "8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" When the request is sent Then the response status is 404 Not Found @team:DataDog/k9-cloud-security-platform Scenario: Cancel a historical job returns "OK" response - Given operation "CancelHistoricalJob" enabled - And operation "RunHistoricalJob" enabled - And new "CancelHistoricalJob" request - And there is a valid "historical_job" in the system - And request contains "job_id" parameter from "historical_job.data.id" + Given operation "CancelThreatHuntingJob" enabled + And operation "RunThreatHuntingJob" enabled + And new "CancelThreatHuntingJob" request + And there is a valid "threat_hunting_job" in the system + And request contains "job_id" parameter from "threat_hunting_job.data.id" When the request is sent Then the response status is 204 No Content + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Cancel a threat hunting job returns "Bad Request" response + Given operation "CancelThreatHuntingJob" enabled + And new "CancelThreatHuntingJob" request + And request contains "job_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Cancel a threat hunting job returns "Conflict" response + Given operation "CancelThreatHuntingJob" enabled + And new "CancelThreatHuntingJob" request + And request contains "job_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 409 Conflict + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Cancel a threat hunting job returns "Not Found" response + Given operation "CancelThreatHuntingJob" enabled + And new "CancelThreatHuntingJob" request + And request contains "job_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 404 Not Found + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Cancel a threat hunting job returns "OK" response + Given operation "CancelThreatHuntingJob" enabled + And new "CancelThreatHuntingJob" request + And request contains "job_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 204 OK + @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Change the related incidents of a security signal returns "Bad Request" response Given new "EditSecurityMonitoringSignalIncidents" request @@ -477,32 +501,32 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Delete an existing job returns "Bad Request" response - Given operation "DeleteHistoricalJob" enabled - And new "DeleteHistoricalJob" request + Given operation "DeleteThreatHuntingJob" enabled + And new "DeleteThreatHuntingJob" request And request contains "job_id" parameter with value "inva-lid" When the request is sent Then the response status is 400 Bad Request @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Delete an existing job returns "Conflict" response - Given operation "DeleteHistoricalJob" enabled - And new "DeleteHistoricalJob" request + Given operation "DeleteThreatHuntingJob" enabled + And new "DeleteThreatHuntingJob" request And request contains "job_id" parameter from "REPLACE.ME" When the request is sent Then the response status is 409 Conflict @team:DataDog/k9-cloud-security-platform Scenario: Delete an existing job returns "Not Found" response - Given operation "DeleteHistoricalJob" enabled - And new "DeleteHistoricalJob" request + Given operation "DeleteThreatHuntingJob" enabled + And new "DeleteThreatHuntingJob" request And request contains "job_id" parameter with value "8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" When the request is sent Then the response status is 404 Not Found @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Delete an existing job returns "OK" response - Given operation "DeleteHistoricalJob" enabled - And new "DeleteHistoricalJob" request + Given operation "DeleteThreatHuntingJob" enabled + And new "DeleteThreatHuntingJob" request And request contains "job_id" parameter from "REPLACE.ME" When the request is sent Then the response status is 204 OK @@ -627,27 +651,27 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Get a job's details returns "Bad Request" response - Given operation "GetHistoricalJob" enabled - And new "GetHistoricalJob" request + Given operation "GetThreatHuntingJob" enabled + And new "GetThreatHuntingJob" request And request contains "job_id" parameter with value "inva-lid" When the request is sent Then the response status is 400 Bad Request @team:DataDog/k9-cloud-security-platform Scenario: Get a job's details returns "Not Found" response - Given operation "GetHistoricalJob" enabled - And new "GetHistoricalJob" request + Given operation "GetThreatHuntingJob" enabled + And new "GetThreatHuntingJob" request And request contains "job_id" parameter with value "8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" When the request is sent Then the response status is 404 Not Found @team:DataDog/k9-cloud-security-platform Scenario: Get a job's details returns "OK" response - Given operation "GetHistoricalJob" enabled - And operation "RunHistoricalJob" enabled - And new "GetHistoricalJob" request - And there is a valid "historical_job" in the system - And request contains "job_id" parameter from "historical_job.data.id" + Given operation "GetThreatHuntingJob" enabled + And operation "RunThreatHuntingJob" enabled + And new "GetThreatHuntingJob" request + And there is a valid "threat_hunting_job" in the system + And request contains "job_id" parameter from "threat_hunting_job.data.id" When the request is sent Then the response status is 200 OK @@ -1021,20 +1045,13 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK - @generated @skip @team:DataDog/k9-cloud-security-platform - Scenario: List historical jobs returns "Bad Request" response - Given operation "ListHistoricalJobs" enabled - And new "ListHistoricalJobs" request - When the request is sent - Then the response status is 400 Bad Request - @team:DataDog/k9-cloud-security-platform Scenario: List historical jobs returns "OK" response - Given operation "ListHistoricalJobs" enabled - And operation "RunHistoricalJob" enabled - And new "ListHistoricalJobs" request - And there is a valid "historical_job" in the system - And request contains "filter[query]" parameter with value "id:{{historical_job.data.id}}" + Given operation "ListThreatHuntingJobs" enabled + And operation "RunThreatHuntingJob" enabled + And new "ListThreatHuntingJobs" request + And there is a valid "threat_hunting_job" in the system + And request contains "filter[query]" parameter with value "id:{{threat_hunting_job.data.id}}" When the request is sent Then the response status is 200 OK @@ -1088,6 +1105,20 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: List threat hunting jobs returns "Bad Request" response + Given operation "ListThreatHuntingJobs" enabled + And new "ListThreatHuntingJobs" request + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: List threat hunting jobs returns "OK" response + Given operation "ListThreatHuntingJobs" enabled + And new "ListThreatHuntingJobs" request + When the request is sent + Then the response status is 200 OK + @generated @skip @team:DataDog/asm-vm Scenario: List vulnerabilities returns "Bad request: The server cannot process the request due to invalid syntax in the request." response Given operation "ListVulnerabilities" enabled @@ -1265,25 +1296,25 @@ Feature: Security Monitoring Then the response status is 422 The server cannot process the request because it contains invalid data. @team:DataDog/k9-cloud-security-platform - Scenario: Run a historical job returns "Bad Request" response - Given operation "RunHistoricalJob" enabled - And new "RunHistoricalJob" request + Scenario: Run a threat hunting job returns "Bad Request" response + Given operation "RunThreatHuntingJob" enabled + And new "RunThreatHuntingJob" request And body with value {"data":{"type":"historicalDetectionsJobCreate","attributes":{"jobDefinition":{"type":"log_detection","name":"Excessive number of failed attempts.","queries":[{"query":"source:non_existing_src_weekend","aggregation":"count","groupByFields":[],"distinctFields":[]}],"cases":[{"name":"Condition 1","status":"info","notifications":[],"condition":"a > 1"}],"options":{"keepAlive":3600,"maxSignalDuration":86400,"evaluationWindow":900},"message":"A large number of failed login attempts.","tags":[],"from":1730387522611,"to":1730391122611,"index":"non_existing_index"}}}} When the request is sent Then the response status is 400 Bad Request @team:DataDog/k9-cloud-security-platform - Scenario: Run a historical job returns "Not Found" response - Given operation "RunHistoricalJob" enabled - And new "RunHistoricalJob" request + Scenario: Run a threat hunting job returns "Not Found" response + Given operation "RunThreatHuntingJob" enabled + And new "RunThreatHuntingJob" request And body with value {"data": { "type": "historicalDetectionsJobCreate", "attributes": {"fromRule": {"from": 1730201035064, "id": "non-existng", "index": "main", "notifications": [], "to": 1730204635115}}}} When the request is sent Then the response status is 404 Not Found @team:DataDog/k9-cloud-security-platform - Scenario: Run a historical job returns "Status created" response - Given operation "RunHistoricalJob" enabled - And new "RunHistoricalJob" request + Scenario: Run a threat hunting job returns "Status created" response + Given operation "RunThreatHuntingJob" enabled + And new "RunThreatHuntingJob" request And body with value {"data":{"type":"historicalDetectionsJobCreate","attributes":{"jobDefinition":{"type":"log_detection","name":"Excessive number of failed attempts.","queries":[{"query":"source:non_existing_src_weekend","aggregation":"count","groupByFields":[],"distinctFields":[]}],"cases":[{"name":"Condition 1","status":"info","notifications":[],"condition":"a > 1"}],"options":{"keepAlive":3600,"maxSignalDuration":86400,"evaluationWindow":900},"message":"A large number of failed login attempts.","tags":[],"from":1730387522611,"to":1730387532611,"index":"main"}}}} When the request is sent Then the response status is 201 Status created diff --git a/features/v2/undo.json b/features/v2/undo.json index 5f2144f5fb2d..eb1380ab6b86 100644 --- a/features/v2/undo.json +++ b/features/v2/undo.json @@ -3909,13 +3909,13 @@ "type": "safe" } }, - "ListHistoricalJobs": { + "ListThreatHuntingJobs": { "tag": "Security Monitoring", "undo": { "type": "safe" } }, - "RunHistoricalJob": { + "RunThreatHuntingJob": { "tag": "Security Monitoring", "undo": { "type": "idempotent" @@ -3927,19 +3927,19 @@ "type": "idempotent" } }, - "DeleteHistoricalJob": { + "DeleteThreatHuntingJob": { "tag": "Security Monitoring", "undo": { "type": "idempotent" } }, - "GetHistoricalJob": { + "GetThreatHuntingJob": { "tag": "Security Monitoring", "undo": { "type": "safe" } }, - "CancelHistoricalJob": { + "CancelThreatHuntingJob": { "tag": "Security Monitoring", "undo": { "type": "idempotent" diff --git a/packages/datadog-api-client-common/configuration.ts b/packages/datadog-api-client-common/configuration.ts index 675802ad08f9..5dd9faf2d8d9 100644 --- a/packages/datadog-api-client-common/configuration.ts +++ b/packages/datadog-api-client-common/configuration.ts @@ -231,24 +231,24 @@ export function createConfiguration( "v2.getOpenAPI": false, "v2.listAPIs": false, "v2.updateOpenAPI": false, - "v2.cancelHistoricalJob": false, + "v2.cancelThreatHuntingJob": false, "v2.convertJobResultToSignal": false, - "v2.deleteHistoricalJob": false, + "v2.deleteThreatHuntingJob": false, "v2.getFinding": false, - "v2.getHistoricalJob": false, "v2.getRuleVersionHistory": false, "v2.getSBOM": false, "v2.getSecurityMonitoringHistsignal": false, "v2.getSecurityMonitoringHistsignalsByJobId": false, + "v2.getThreatHuntingJob": false, "v2.listAssetsSBOMs": false, "v2.listFindings": false, - "v2.listHistoricalJobs": false, "v2.listScannedAssetsMetadata": false, "v2.listSecurityMonitoringHistsignals": false, + "v2.listThreatHuntingJobs": false, "v2.listVulnerabilities": false, "v2.listVulnerableAssets": false, "v2.muteFindings": false, - "v2.runHistoricalJob": false, + "v2.runThreatHuntingJob": false, "v2.searchSecurityMonitoringHistsignals": false, "v2.createDataset": false, "v2.deleteDataset": false, diff --git a/packages/datadog-api-client-v2/apis/SecurityMonitoringApi.ts b/packages/datadog-api-client-v2/apis/SecurityMonitoringApi.ts index bdf9d913b779..adab681a1dc5 100644 --- a/packages/datadog-api-client-v2/apis/SecurityMonitoringApi.ts +++ b/packages/datadog-api-client-v2/apis/SecurityMonitoringApi.ts @@ -35,18 +35,17 @@ import { GetFindingResponse } from "../models/GetFindingResponse"; import { GetResourceEvaluationFiltersResponse } from "../models/GetResourceEvaluationFiltersResponse"; import { GetRuleVersionHistoryResponse } from "../models/GetRuleVersionHistoryResponse"; import { GetSBOMResponse } from "../models/GetSBOMResponse"; -import { HistoricalJobResponse } from "../models/HistoricalJobResponse"; import { JobCreateResponse } from "../models/JobCreateResponse"; import { JSONAPIErrorResponse } from "../models/JSONAPIErrorResponse"; import { ListAssetsSBOMsResponse } from "../models/ListAssetsSBOMsResponse"; import { ListFindingsResponse } from "../models/ListFindingsResponse"; -import { ListHistoricalJobsResponse } from "../models/ListHistoricalJobsResponse"; +import { ListThreatHuntingJobsResponse } from "../models/ListThreatHuntingJobsResponse"; import { ListVulnerabilitiesResponse } from "../models/ListVulnerabilitiesResponse"; import { ListVulnerableAssetsResponse } from "../models/ListVulnerableAssetsResponse"; import { NotificationRuleResponse } from "../models/NotificationRuleResponse"; import { NotificationRulesList } from "../models/NotificationRulesList"; import { PatchNotificationRuleParameters } from "../models/PatchNotificationRuleParameters"; -import { RunHistoricalJobRequest } from "../models/RunHistoricalJobRequest"; +import { RunThreatHuntingJobRequest } from "../models/RunThreatHuntingJobRequest"; import { SBOMComponentLicenseType } from "../models/SBOMComponentLicenseType"; import { SBOMFormat } from "../models/SBOMFormat"; import { ScannedAssetsMetadata } from "../models/ScannedAssetsMetadata"; @@ -77,6 +76,7 @@ import { SecurityMonitoringSuppressionCreateRequest } from "../models/SecurityMo import { SecurityMonitoringSuppressionResponse } from "../models/SecurityMonitoringSuppressionResponse"; import { SecurityMonitoringSuppressionsResponse } from "../models/SecurityMonitoringSuppressionsResponse"; import { SecurityMonitoringSuppressionUpdateRequest } from "../models/SecurityMonitoringSuppressionUpdateRequest"; +import { ThreatHuntingJobResponse } from "../models/ThreatHuntingJobResponse"; import { UpdateCustomFrameworkRequest } from "../models/UpdateCustomFrameworkRequest"; import { UpdateCustomFrameworkResponse } from "../models/UpdateCustomFrameworkResponse"; import { UpdateResourceEvaluationFiltersRequest } from "../models/UpdateResourceEvaluationFiltersRequest"; @@ -88,32 +88,34 @@ import { VulnerabilityTool } from "../models/VulnerabilityTool"; import { VulnerabilityType } from "../models/VulnerabilityType"; export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { - public async cancelHistoricalJob( + public async cancelThreatHuntingJob( jobId: string, _options?: Configuration ): Promise { const _config = _options || this.configuration; - logger.warn("Using unstable operation 'cancelHistoricalJob'"); - if (!_config.unstableOperations["v2.cancelHistoricalJob"]) { - throw new Error("Unstable operation 'cancelHistoricalJob' is disabled"); + logger.warn("Using unstable operation 'cancelThreatHuntingJob'"); + if (!_config.unstableOperations["v2.cancelThreatHuntingJob"]) { + throw new Error( + "Unstable operation 'cancelThreatHuntingJob' is disabled" + ); } // verify required parameter 'jobId' is not null or undefined if (jobId === null || jobId === undefined) { - throw new RequiredError("jobId", "cancelHistoricalJob"); + throw new RequiredError("jobId", "cancelThreatHuntingJob"); } // Path Params const localVarPath = - "/api/v2/siem-historical-detections/jobs/{job_id}/cancel".replace( + "/api/v2/siem-threat-hunting/jobs/{job_id}/cancel".replace( "{job_id}", encodeURIComponent(String(jobId)) ); // Make Request Context const requestContext = _config - .getServer("v2.SecurityMonitoringApi.cancelHistoricalJob") + .getServer("v2.SecurityMonitoringApi.cancelThreatHuntingJob") .makeRequestContext(localVarPath, HttpMethod.PATCH); requestContext.setHeaderParam("Accept", "*/*"); requestContext.setHttpConfig(_config.httpConfig); @@ -187,8 +189,7 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { } // Path Params - const localVarPath = - "/api/v2/siem-historical-detections/jobs/signal_convert"; + const localVarPath = "/api/v2/siem-threat-hunting/jobs/signal_convert"; // Make Request Context const requestContext = _config @@ -568,46 +569,6 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } - public async deleteHistoricalJob( - jobId: string, - _options?: Configuration - ): Promise { - const _config = _options || this.configuration; - - logger.warn("Using unstable operation 'deleteHistoricalJob'"); - if (!_config.unstableOperations["v2.deleteHistoricalJob"]) { - throw new Error("Unstable operation 'deleteHistoricalJob' is disabled"); - } - - // verify required parameter 'jobId' is not null or undefined - if (jobId === null || jobId === undefined) { - throw new RequiredError("jobId", "deleteHistoricalJob"); - } - - // Path Params - const localVarPath = - "/api/v2/siem-historical-detections/jobs/{job_id}".replace( - "{job_id}", - encodeURIComponent(String(jobId)) - ); - - // Make Request Context - const requestContext = _config - .getServer("v2.SecurityMonitoringApi.deleteHistoricalJob") - .makeRequestContext(localVarPath, HttpMethod.DELETE); - requestContext.setHeaderParam("Accept", "*/*"); - requestContext.setHttpConfig(_config.httpConfig); - - // Apply auth methods - applySecurityAuthentication(_config, requestContext, [ - "apiKeyAuth", - "appKeyAuth", - "AuthZ", - ]); - - return requestContext; - } - public async deleteSecurityFilter( securityFilterId: string, _options?: Configuration @@ -749,6 +710,47 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } + public async deleteThreatHuntingJob( + jobId: string, + _options?: Configuration + ): Promise { + const _config = _options || this.configuration; + + logger.warn("Using unstable operation 'deleteThreatHuntingJob'"); + if (!_config.unstableOperations["v2.deleteThreatHuntingJob"]) { + throw new Error( + "Unstable operation 'deleteThreatHuntingJob' is disabled" + ); + } + + // verify required parameter 'jobId' is not null or undefined + if (jobId === null || jobId === undefined) { + throw new RequiredError("jobId", "deleteThreatHuntingJob"); + } + + // Path Params + const localVarPath = "/api/v2/siem-threat-hunting/jobs/{job_id}".replace( + "{job_id}", + encodeURIComponent(String(jobId)) + ); + + // Make Request Context + const requestContext = _config + .getServer("v2.SecurityMonitoringApi.deleteThreatHuntingJob") + .makeRequestContext(localVarPath, HttpMethod.DELETE); + requestContext.setHeaderParam("Accept", "*/*"); + requestContext.setHttpConfig(_config.httpConfig); + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } + public async deleteVulnerabilityNotificationRule( id: string, _options?: Configuration @@ -1048,46 +1050,6 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } - public async getHistoricalJob( - jobId: string, - _options?: Configuration - ): Promise { - const _config = _options || this.configuration; - - logger.warn("Using unstable operation 'getHistoricalJob'"); - if (!_config.unstableOperations["v2.getHistoricalJob"]) { - throw new Error("Unstable operation 'getHistoricalJob' is disabled"); - } - - // verify required parameter 'jobId' is not null or undefined - if (jobId === null || jobId === undefined) { - throw new RequiredError("jobId", "getHistoricalJob"); - } - - // Path Params - const localVarPath = - "/api/v2/siem-historical-detections/jobs/{job_id}".replace( - "{job_id}", - encodeURIComponent(String(jobId)) - ); - - // Make Request Context - const requestContext = _config - .getServer("v2.SecurityMonitoringApi.getHistoricalJob") - .makeRequestContext(localVarPath, HttpMethod.GET); - requestContext.setHeaderParam("Accept", "application/json"); - requestContext.setHttpConfig(_config.httpConfig); - - // Apply auth methods - applySecurityAuthentication(_config, requestContext, [ - "apiKeyAuth", - "appKeyAuth", - "AuthZ", - ]); - - return requestContext; - } - public async getResourceEvaluationFilters( cloudProvider?: string, accountId?: string, @@ -1323,7 +1285,7 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { // Path Params const localVarPath = - "/api/v2/siem-historical-detections/histsignals/{histsignal_id}".replace( + "/api/v2/siem-threat-hunting/histsignals/{histsignal_id}".replace( "{histsignal_id}", encodeURIComponent(String(histsignalId)) ); @@ -1378,7 +1340,7 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { // Path Params const localVarPath = - "/api/v2/siem-historical-detections/jobs/{job_id}/histsignals".replace( + "/api/v2/siem-threat-hunting/jobs/{job_id}/histsignals".replace( "{job_id}", encodeURIComponent(String(jobId)) ); @@ -1693,6 +1655,45 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } + public async getThreatHuntingJob( + jobId: string, + _options?: Configuration + ): Promise { + const _config = _options || this.configuration; + + logger.warn("Using unstable operation 'getThreatHuntingJob'"); + if (!_config.unstableOperations["v2.getThreatHuntingJob"]) { + throw new Error("Unstable operation 'getThreatHuntingJob' is disabled"); + } + + // verify required parameter 'jobId' is not null or undefined + if (jobId === null || jobId === undefined) { + throw new RequiredError("jobId", "getThreatHuntingJob"); + } + + // Path Params + const localVarPath = "/api/v2/siem-threat-hunting/jobs/{job_id}".replace( + "{job_id}", + encodeURIComponent(String(jobId)) + ); + + // Make Request Context + const requestContext = _config + .getServer("v2.SecurityMonitoringApi.getThreatHuntingJob") + .makeRequestContext(localVarPath, HttpMethod.GET); + requestContext.setHeaderParam("Accept", "application/json"); + requestContext.setHttpConfig(_config.httpConfig); + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } + public async getVulnerabilityNotificationRule( id: string, _options?: Configuration @@ -2006,70 +2007,6 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } - public async listHistoricalJobs( - pageSize?: number, - pageNumber?: number, - sort?: string, - filterQuery?: string, - _options?: Configuration - ): Promise { - const _config = _options || this.configuration; - - logger.warn("Using unstable operation 'listHistoricalJobs'"); - if (!_config.unstableOperations["v2.listHistoricalJobs"]) { - throw new Error("Unstable operation 'listHistoricalJobs' is disabled"); - } - - // Path Params - const localVarPath = "/api/v2/siem-historical-detections/jobs"; - - // Make Request Context - const requestContext = _config - .getServer("v2.SecurityMonitoringApi.listHistoricalJobs") - .makeRequestContext(localVarPath, HttpMethod.GET); - requestContext.setHeaderParam("Accept", "application/json"); - requestContext.setHttpConfig(_config.httpConfig); - - // Query Params - if (pageSize !== undefined) { - requestContext.setQueryParam( - "page[size]", - ObjectSerializer.serialize(pageSize, "number", "int64"), - "" - ); - } - if (pageNumber !== undefined) { - requestContext.setQueryParam( - "page[number]", - ObjectSerializer.serialize(pageNumber, "number", "int64"), - "" - ); - } - if (sort !== undefined) { - requestContext.setQueryParam( - "sort", - ObjectSerializer.serialize(sort, "string", ""), - "" - ); - } - if (filterQuery !== undefined) { - requestContext.setQueryParam( - "filter[query]", - ObjectSerializer.serialize(filterQuery, "string", ""), - "" - ); - } - - // Apply auth methods - applySecurityAuthentication(_config, requestContext, [ - "apiKeyAuth", - "appKeyAuth", - "AuthZ", - ]); - - return requestContext; - } - public async listScannedAssetsMetadata( pageToken?: string, pageNumber?: number, @@ -2196,7 +2133,7 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { } // Path Params - const localVarPath = "/api/v2/siem-historical-detections/histsignals"; + const localVarPath = "/api/v2/siem-threat-hunting/histsignals"; // Make Request Context const requestContext = _config @@ -2413,6 +2350,70 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } + public async listThreatHuntingJobs( + pageSize?: number, + pageNumber?: number, + sort?: string, + filterQuery?: string, + _options?: Configuration + ): Promise { + const _config = _options || this.configuration; + + logger.warn("Using unstable operation 'listThreatHuntingJobs'"); + if (!_config.unstableOperations["v2.listThreatHuntingJobs"]) { + throw new Error("Unstable operation 'listThreatHuntingJobs' is disabled"); + } + + // Path Params + const localVarPath = "/api/v2/siem-threat-hunting/jobs"; + + // Make Request Context + const requestContext = _config + .getServer("v2.SecurityMonitoringApi.listThreatHuntingJobs") + .makeRequestContext(localVarPath, HttpMethod.GET); + requestContext.setHeaderParam("Accept", "application/json"); + requestContext.setHttpConfig(_config.httpConfig); + + // Query Params + if (pageSize !== undefined) { + requestContext.setQueryParam( + "page[size]", + ObjectSerializer.serialize(pageSize, "number", "int64"), + "" + ); + } + if (pageNumber !== undefined) { + requestContext.setQueryParam( + "page[number]", + ObjectSerializer.serialize(pageNumber, "number", "int64"), + "" + ); + } + if (sort !== undefined) { + requestContext.setQueryParam( + "sort", + ObjectSerializer.serialize(sort, "string", ""), + "" + ); + } + if (filterQuery !== undefined) { + requestContext.setQueryParam( + "filter[query]", + ObjectSerializer.serialize(filterQuery, "string", ""), + "" + ); + } + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } + public async listVulnerabilities( pageToken?: string, pageNumber?: number, @@ -3155,28 +3156,28 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } - public async runHistoricalJob( - body: RunHistoricalJobRequest, + public async runThreatHuntingJob( + body: RunThreatHuntingJobRequest, _options?: Configuration ): Promise { const _config = _options || this.configuration; - logger.warn("Using unstable operation 'runHistoricalJob'"); - if (!_config.unstableOperations["v2.runHistoricalJob"]) { - throw new Error("Unstable operation 'runHistoricalJob' is disabled"); + logger.warn("Using unstable operation 'runThreatHuntingJob'"); + if (!_config.unstableOperations["v2.runThreatHuntingJob"]) { + throw new Error("Unstable operation 'runThreatHuntingJob' is disabled"); } // verify required parameter 'body' is not null or undefined if (body === null || body === undefined) { - throw new RequiredError("body", "runHistoricalJob"); + throw new RequiredError("body", "runThreatHuntingJob"); } // Path Params - const localVarPath = "/api/v2/siem-historical-detections/jobs"; + const localVarPath = "/api/v2/siem-threat-hunting/jobs"; // Make Request Context const requestContext = _config - .getServer("v2.SecurityMonitoringApi.runHistoricalJob") + .getServer("v2.SecurityMonitoringApi.runThreatHuntingJob") .makeRequestContext(localVarPath, HttpMethod.POST); requestContext.setHeaderParam("Accept", "application/json"); requestContext.setHttpConfig(_config.httpConfig); @@ -3187,7 +3188,7 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { ]); requestContext.setHeaderParam("Content-Type", contentType); const serializedBody = ObjectSerializer.stringify( - ObjectSerializer.serialize(body, "RunHistoricalJobRequest", ""), + ObjectSerializer.serialize(body, "RunThreatHuntingJobRequest", ""), contentType ); requestContext.setBody(serializedBody); @@ -3218,8 +3219,7 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { } // Path Params - const localVarPath = - "/api/v2/siem-historical-detections/histsignals/search"; + const localVarPath = "/api/v2/siem-threat-hunting/histsignals/search"; // Make Request Context const requestContext = _config @@ -3758,10 +3758,12 @@ export class SecurityMonitoringApiResponseProcessor { * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects * - * @params response Response returned by the server for a request to cancelHistoricalJob + * @params response Response returned by the server for a request to cancelThreatHuntingJob * @throws ApiException if the response code was not in [200, 299] */ - public async cancelHistoricalJob(response: ResponseContext): Promise { + public async cancelThreatHuntingJob( + response: ResponseContext + ): Promise { const contentType = ObjectSerializer.normalizeMediaType( response.headers["content-type"] ); @@ -4437,10 +4439,10 @@ export class SecurityMonitoringApiResponseProcessor { * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects * - * @params response Response returned by the server for a request to deleteHistoricalJob + * @params response Response returned by the server for a request to deleteSecurityFilter * @throws ApiException if the response code was not in [200, 299] */ - public async deleteHistoricalJob(response: ResponseContext): Promise { + public async deleteSecurityFilter(response: ResponseContext): Promise { const contentType = ObjectSerializer.normalizeMediaType( response.headers["content-type"] ); @@ -4448,11 +4450,8 @@ export class SecurityMonitoringApiResponseProcessor { return; } if ( - response.httpStatusCode === 400 || - response.httpStatusCode === 401 || response.httpStatusCode === 403 || response.httpStatusCode === 404 || - response.httpStatusCode === 409 || response.httpStatusCode === 429 ) { const bodyText = ObjectSerializer.parse( @@ -4491,10 +4490,12 @@ export class SecurityMonitoringApiResponseProcessor { * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects * - * @params response Response returned by the server for a request to deleteSecurityFilter + * @params response Response returned by the server for a request to deleteSecurityMonitoringRule * @throws ApiException if the response code was not in [200, 299] */ - public async deleteSecurityFilter(response: ResponseContext): Promise { + public async deleteSecurityMonitoringRule( + response: ResponseContext + ): Promise { const contentType = ObjectSerializer.normalizeMediaType( response.headers["content-type"] ); @@ -4542,10 +4543,10 @@ export class SecurityMonitoringApiResponseProcessor { * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects * - * @params response Response returned by the server for a request to deleteSecurityMonitoringRule + * @params response Response returned by the server for a request to deleteSecurityMonitoringSuppression * @throws ApiException if the response code was not in [200, 299] */ - public async deleteSecurityMonitoringRule( + public async deleteSecurityMonitoringSuppression( response: ResponseContext ): Promise { const contentType = ObjectSerializer.normalizeMediaType( @@ -4595,10 +4596,10 @@ export class SecurityMonitoringApiResponseProcessor { * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects * - * @params response Response returned by the server for a request to deleteSecurityMonitoringSuppression + * @params response Response returned by the server for a request to deleteSignalNotificationRule * @throws ApiException if the response code was not in [200, 299] */ - public async deleteSecurityMonitoringSuppression( + public async deleteSignalNotificationRule( response: ResponseContext ): Promise { const contentType = ObjectSerializer.normalizeMediaType( @@ -4648,10 +4649,10 @@ export class SecurityMonitoringApiResponseProcessor { * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects * - * @params response Response returned by the server for a request to deleteSignalNotificationRule + * @params response Response returned by the server for a request to deleteThreatHuntingJob * @throws ApiException if the response code was not in [200, 299] */ - public async deleteSignalNotificationRule( + public async deleteThreatHuntingJob( response: ResponseContext ): Promise { const contentType = ObjectSerializer.normalizeMediaType( @@ -4661,8 +4662,11 @@ export class SecurityMonitoringApiResponseProcessor { return; } if ( + response.httpStatusCode === 400 || + response.httpStatusCode === 401 || response.httpStatusCode === 403 || response.httpStatusCode === 404 || + response.httpStatusCode === 409 || response.httpStatusCode === 429 ) { const bodyText = ObjectSerializer.parse( @@ -5073,69 +5077,6 @@ export class SecurityMonitoringApiResponseProcessor { ); } - /** - * Unwraps the actual response sent by the server from the response context and deserializes the response content - * to the expected objects - * - * @params response Response returned by the server for a request to getHistoricalJob - * @throws ApiException if the response code was not in [200, 299] - */ - public async getHistoricalJob( - response: ResponseContext - ): Promise { - const contentType = ObjectSerializer.normalizeMediaType( - response.headers["content-type"] - ); - if (response.httpStatusCode === 200) { - const body: HistoricalJobResponse = ObjectSerializer.deserialize( - ObjectSerializer.parse(await response.body.text(), contentType), - "HistoricalJobResponse" - ) as HistoricalJobResponse; - return body; - } - if ( - response.httpStatusCode === 400 || - response.httpStatusCode === 403 || - response.httpStatusCode === 404 || - response.httpStatusCode === 429 - ) { - const bodyText = ObjectSerializer.parse( - await response.body.text(), - contentType - ); - let body: APIErrorResponse; - try { - body = ObjectSerializer.deserialize( - bodyText, - "APIErrorResponse" - ) as APIErrorResponse; - } catch (error) { - logger.debug(`Got error deserializing error: ${error}`); - throw new ApiException( - response.httpStatusCode, - bodyText - ); - } - throw new ApiException(response.httpStatusCode, body); - } - - // Work around for missing responses in specification, e.g. for petstore.yaml - if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { - const body: HistoricalJobResponse = ObjectSerializer.deserialize( - ObjectSerializer.parse(await response.body.text(), contentType), - "HistoricalJobResponse", - "" - ) as HistoricalJobResponse; - return body; - } - - const body = (await response.body.text()) || ""; - throw new ApiException( - response.httpStatusCode, - 'Unknown API Status Code!\nBody: "' + body + '"' - ); - } - /** * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects @@ -5969,6 +5910,69 @@ export class SecurityMonitoringApiResponseProcessor { ); } + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to getThreatHuntingJob + * @throws ApiException if the response code was not in [200, 299] + */ + public async getThreatHuntingJob( + response: ResponseContext + ): Promise { + const contentType = ObjectSerializer.normalizeMediaType( + response.headers["content-type"] + ); + if (response.httpStatusCode === 200) { + const body: ThreatHuntingJobResponse = ObjectSerializer.deserialize( + ObjectSerializer.parse(await response.body.text(), contentType), + "ThreatHuntingJobResponse" + ) as ThreatHuntingJobResponse; + return body; + } + if ( + response.httpStatusCode === 400 || + response.httpStatusCode === 403 || + response.httpStatusCode === 404 || + response.httpStatusCode === 429 + ) { + const bodyText = ObjectSerializer.parse( + await response.body.text(), + contentType + ); + let body: APIErrorResponse; + try { + body = ObjectSerializer.deserialize( + bodyText, + "APIErrorResponse" + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + const body: ThreatHuntingJobResponse = ObjectSerializer.deserialize( + ObjectSerializer.parse(await response.body.text(), contentType), + "ThreatHuntingJobResponse", + "" + ) as ThreatHuntingJobResponse; + return body; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"' + ); + } + /** * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects @@ -6241,68 +6245,6 @@ export class SecurityMonitoringApiResponseProcessor { ); } - /** - * Unwraps the actual response sent by the server from the response context and deserializes the response content - * to the expected objects - * - * @params response Response returned by the server for a request to listHistoricalJobs - * @throws ApiException if the response code was not in [200, 299] - */ - public async listHistoricalJobs( - response: ResponseContext - ): Promise { - const contentType = ObjectSerializer.normalizeMediaType( - response.headers["content-type"] - ); - if (response.httpStatusCode === 200) { - const body: ListHistoricalJobsResponse = ObjectSerializer.deserialize( - ObjectSerializer.parse(await response.body.text(), contentType), - "ListHistoricalJobsResponse" - ) as ListHistoricalJobsResponse; - return body; - } - if ( - response.httpStatusCode === 400 || - response.httpStatusCode === 403 || - response.httpStatusCode === 429 - ) { - const bodyText = ObjectSerializer.parse( - await response.body.text(), - contentType - ); - let body: APIErrorResponse; - try { - body = ObjectSerializer.deserialize( - bodyText, - "APIErrorResponse" - ) as APIErrorResponse; - } catch (error) { - logger.debug(`Got error deserializing error: ${error}`); - throw new ApiException( - response.httpStatusCode, - bodyText - ); - } - throw new ApiException(response.httpStatusCode, body); - } - - // Work around for missing responses in specification, e.g. for petstore.yaml - if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { - const body: ListHistoricalJobsResponse = ObjectSerializer.deserialize( - ObjectSerializer.parse(await response.body.text(), contentType), - "ListHistoricalJobsResponse", - "" - ) as ListHistoricalJobsResponse; - return body; - } - - const body = (await response.body.text()) || ""; - throw new ApiException( - response.httpStatusCode, - 'Unknown API Status Code!\nBody: "' + body + '"' - ); - } - /** * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects @@ -6695,6 +6637,68 @@ export class SecurityMonitoringApiResponseProcessor { ); } + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to listThreatHuntingJobs + * @throws ApiException if the response code was not in [200, 299] + */ + public async listThreatHuntingJobs( + response: ResponseContext + ): Promise { + const contentType = ObjectSerializer.normalizeMediaType( + response.headers["content-type"] + ); + if (response.httpStatusCode === 200) { + const body: ListThreatHuntingJobsResponse = ObjectSerializer.deserialize( + ObjectSerializer.parse(await response.body.text(), contentType), + "ListThreatHuntingJobsResponse" + ) as ListThreatHuntingJobsResponse; + return body; + } + if ( + response.httpStatusCode === 400 || + response.httpStatusCode === 403 || + response.httpStatusCode === 429 + ) { + const bodyText = ObjectSerializer.parse( + await response.body.text(), + contentType + ); + let body: APIErrorResponse; + try { + body = ObjectSerializer.deserialize( + bodyText, + "APIErrorResponse" + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + const body: ListThreatHuntingJobsResponse = ObjectSerializer.deserialize( + ObjectSerializer.parse(await response.body.text(), contentType), + "ListThreatHuntingJobsResponse", + "" + ) as ListThreatHuntingJobsResponse; + return body; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"' + ); + } + /** * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects @@ -7108,10 +7112,10 @@ export class SecurityMonitoringApiResponseProcessor { * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects * - * @params response Response returned by the server for a request to runHistoricalJob + * @params response Response returned by the server for a request to runThreatHuntingJob * @throws ApiException if the response code was not in [200, 299] */ - public async runHistoricalJob( + public async runThreatHuntingJob( response: ResponseContext ): Promise { const contentType = ObjectSerializer.normalizeMediaType( @@ -7856,7 +7860,7 @@ export class SecurityMonitoringApiResponseProcessor { } } -export interface SecurityMonitoringApiCancelHistoricalJobRequest { +export interface SecurityMonitoringApiCancelThreatHuntingJobRequest { /** * The ID of the job. * @type string @@ -7947,14 +7951,6 @@ export interface SecurityMonitoringApiDeleteCustomFrameworkRequest { version: string; } -export interface SecurityMonitoringApiDeleteHistoricalJobRequest { - /** - * The ID of the job. - * @type string - */ - jobId: string; -} - export interface SecurityMonitoringApiDeleteSecurityFilterRequest { /** * The ID of the security filter. @@ -7987,6 +7983,14 @@ export interface SecurityMonitoringApiDeleteSignalNotificationRuleRequest { id: string; } +export interface SecurityMonitoringApiDeleteThreatHuntingJobRequest { + /** + * The ID of the job. + * @type string + */ + jobId: string; +} + export interface SecurityMonitoringApiDeleteVulnerabilityNotificationRuleRequest { /** * ID of the notification rule. @@ -8060,14 +8064,6 @@ export interface SecurityMonitoringApiGetFindingRequest { snapshotTimestamp?: number; } -export interface SecurityMonitoringApiGetHistoricalJobRequest { - /** - * The ID of the job. - * @type string - */ - jobId: string; -} - export interface SecurityMonitoringApiGetResourceEvaluationFiltersRequest { /** * Filter resource filters by cloud provider (e.g. aws, gcp, azure). @@ -8137,7 +8133,7 @@ export interface SecurityMonitoringApiGetSecurityFilterRequest { export interface SecurityMonitoringApiGetSecurityMonitoringHistsignalRequest { /** - * The ID of the historical signal. + * The ID of the threat hunting signal. * @type string */ histsignalId: string; @@ -8228,6 +8224,14 @@ export interface SecurityMonitoringApiGetSuppressionsAffectingRuleRequest { ruleId: string; } +export interface SecurityMonitoringApiGetThreatHuntingJobRequest { + /** + * The ID of the job. + * @type string + */ + jobId: string; +} + export interface SecurityMonitoringApiGetVulnerabilityNotificationRuleRequest { /** * ID of the notification rule. @@ -8357,29 +8361,6 @@ export interface SecurityMonitoringApiListFindingsRequest { detailedFindings?: boolean; } -export interface SecurityMonitoringApiListHistoricalJobsRequest { - /** - * Size for a given page. The maximum allowed value is 100. - * @type number - */ - pageSize?: number; - /** - * Specific page number to return. - * @type number - */ - pageNumber?: number; - /** - * The order of the jobs in results. - * @type string - */ - sort?: string; - /** - * Query used to filter items from the fetched list. - * @type string - */ - filterQuery?: string; -} - export interface SecurityMonitoringApiListScannedAssetsMetadataRequest { /** * Its value must come from the `links` section of the response of the first request. Do not manually edit it. @@ -8500,6 +8481,29 @@ export interface SecurityMonitoringApiListSecurityMonitoringSuppressionsRequest query?: string; } +export interface SecurityMonitoringApiListThreatHuntingJobsRequest { + /** + * Size for a given page. The maximum allowed value is 100. + * @type number + */ + pageSize?: number; + /** + * Specific page number to return. + * @type number + */ + pageNumber?: number; + /** + * The order of the jobs in results. + * @type string + */ + sort?: string; + /** + * Query used to filter items from the fetched list. + * @type string + */ + filterQuery?: string; +} + export interface SecurityMonitoringApiListVulnerabilitiesRequest { /** * Its value must come from the `links` section of the response of the first request. Do not manually edit it. @@ -8842,11 +8846,11 @@ export interface SecurityMonitoringApiPatchVulnerabilityNotificationRuleRequest body: PatchNotificationRuleParameters; } -export interface SecurityMonitoringApiRunHistoricalJobRequest { +export interface SecurityMonitoringApiRunThreatHuntingJobRequest { /** - * @type RunHistoricalJobRequest + * @type RunThreatHuntingJobRequest */ - body: RunHistoricalJobRequest; + body: RunThreatHuntingJobRequest; } export interface SecurityMonitoringApiSearchSecurityMonitoringHistsignalsRequest { @@ -8976,14 +8980,14 @@ export class SecurityMonitoringApi { } /** - * Cancel a historical job. + * Cancel a threat hunting job. * @param param The request object */ - public cancelHistoricalJob( - param: SecurityMonitoringApiCancelHistoricalJobRequest, + public cancelThreatHuntingJob( + param: SecurityMonitoringApiCancelThreatHuntingJobRequest, options?: Configuration ): Promise { - const requestContextPromise = this.requestFactory.cancelHistoricalJob( + const requestContextPromise = this.requestFactory.cancelThreatHuntingJob( param.jobId, options ); @@ -8991,7 +8995,7 @@ export class SecurityMonitoringApi { return this.configuration.httpApi .send(requestContext) .then((responseContext) => { - return this.responseProcessor.cancelHistoricalJob(responseContext); + return this.responseProcessor.cancelThreatHuntingJob(responseContext); }); }); } @@ -9226,27 +9230,6 @@ export class SecurityMonitoringApi { }); } - /** - * Delete an existing job. - * @param param The request object - */ - public deleteHistoricalJob( - param: SecurityMonitoringApiDeleteHistoricalJobRequest, - options?: Configuration - ): Promise { - const requestContextPromise = this.requestFactory.deleteHistoricalJob( - param.jobId, - options - ); - return requestContextPromise.then((requestContext) => { - return this.configuration.httpApi - .send(requestContext) - .then((responseContext) => { - return this.responseProcessor.deleteHistoricalJob(responseContext); - }); - }); - } - /** * Delete a specific security filter. * @param param The request object @@ -9334,6 +9317,27 @@ export class SecurityMonitoringApi { }); } + /** + * Delete an existing job. + * @param param The request object + */ + public deleteThreatHuntingJob( + param: SecurityMonitoringApiDeleteThreatHuntingJobRequest, + options?: Configuration + ): Promise { + const requestContextPromise = this.requestFactory.deleteThreatHuntingJob( + param.jobId, + options + ); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.deleteThreatHuntingJob(responseContext); + }); + }); + } + /** * Delete a notification rule for security vulnerabilities. * @param param The request object @@ -9477,27 +9481,6 @@ export class SecurityMonitoringApi { }); } - /** - * Get a job's details. - * @param param The request object - */ - public getHistoricalJob( - param: SecurityMonitoringApiGetHistoricalJobRequest, - options?: Configuration - ): Promise { - const requestContextPromise = this.requestFactory.getHistoricalJob( - param.jobId, - options - ); - return requestContextPromise.then((requestContext) => { - return this.configuration.httpApi - .send(requestContext) - .then((responseContext) => { - return this.responseProcessor.getHistoricalJob(responseContext); - }); - }); - } - /** * List resource filters. * @param param The request object @@ -9805,6 +9788,27 @@ export class SecurityMonitoringApi { }); } + /** + * Get a job's details. + * @param param The request object + */ + public getThreatHuntingJob( + param: SecurityMonitoringApiGetThreatHuntingJobRequest, + options?: Configuration + ): Promise { + const requestContextPromise = this.requestFactory.getThreatHuntingJob( + param.jobId, + options + ); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.getThreatHuntingJob(responseContext); + }); + }); + } + /** * Get the details of a notification rule for security vulnerabilities. * @param param The request object @@ -10030,30 +10034,6 @@ export class SecurityMonitoringApi { } } - /** - * List historical jobs. - * @param param The request object - */ - public listHistoricalJobs( - param: SecurityMonitoringApiListHistoricalJobsRequest = {}, - options?: Configuration - ): Promise { - const requestContextPromise = this.requestFactory.listHistoricalJobs( - param.pageSize, - param.pageNumber, - param.sort, - param.filterQuery, - options - ); - return requestContextPromise.then((requestContext) => { - return this.configuration.httpApi - .send(requestContext) - .then((responseContext) => { - return this.responseProcessor.listHistoricalJobs(responseContext); - }); - }); - } - /** * Get a list of security scanned assets metadata for an organization. * @@ -10311,6 +10291,30 @@ export class SecurityMonitoringApi { }); } + /** + * List threat hunting jobs. + * @param param The request object + */ + public listThreatHuntingJobs( + param: SecurityMonitoringApiListThreatHuntingJobsRequest = {}, + options?: Configuration + ): Promise { + const requestContextPromise = this.requestFactory.listThreatHuntingJobs( + param.pageSize, + param.pageNumber, + param.sort, + param.filterQuery, + options + ); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.listThreatHuntingJobs(responseContext); + }); + }); + } + /** * Get a list of vulnerabilities. * @@ -10582,14 +10586,14 @@ export class SecurityMonitoringApi { } /** - * Run a historical job. + * Run a threat hunting job. * @param param The request object */ - public runHistoricalJob( - param: SecurityMonitoringApiRunHistoricalJobRequest, + public runThreatHuntingJob( + param: SecurityMonitoringApiRunThreatHuntingJobRequest, options?: Configuration ): Promise { - const requestContextPromise = this.requestFactory.runHistoricalJob( + const requestContextPromise = this.requestFactory.runThreatHuntingJob( param.body, options ); @@ -10597,7 +10601,7 @@ export class SecurityMonitoringApi { return this.configuration.httpApi .send(requestContext) .then((responseContext) => { - return this.responseProcessor.runHistoricalJob(responseContext); + return this.responseProcessor.runThreatHuntingJob(responseContext); }); }); } diff --git a/packages/datadog-api-client-v2/index.ts b/packages/datadog-api-client-v2/index.ts index 0aceeaa4813f..393dde0d1800 100644 --- a/packages/datadog-api-client-v2/index.ts +++ b/packages/datadog-api-client-v2/index.ts @@ -676,7 +676,7 @@ export { } from "./apis/RumRetentionFiltersApi"; export { - SecurityMonitoringApiCancelHistoricalJobRequest, + SecurityMonitoringApiCancelThreatHuntingJobRequest, SecurityMonitoringApiConvertExistingSecurityMonitoringRuleRequest, SecurityMonitoringApiConvertJobResultToSignalRequest, SecurityMonitoringApiConvertSecurityMonitoringRuleFromJSONToTerraformRequest, @@ -687,18 +687,17 @@ export { SecurityMonitoringApiCreateSignalNotificationRuleRequest, SecurityMonitoringApiCreateVulnerabilityNotificationRuleRequest, SecurityMonitoringApiDeleteCustomFrameworkRequest, - SecurityMonitoringApiDeleteHistoricalJobRequest, SecurityMonitoringApiDeleteSecurityFilterRequest, SecurityMonitoringApiDeleteSecurityMonitoringRuleRequest, SecurityMonitoringApiDeleteSecurityMonitoringSuppressionRequest, SecurityMonitoringApiDeleteSignalNotificationRuleRequest, + SecurityMonitoringApiDeleteThreatHuntingJobRequest, SecurityMonitoringApiDeleteVulnerabilityNotificationRuleRequest, SecurityMonitoringApiEditSecurityMonitoringSignalAssigneeRequest, SecurityMonitoringApiEditSecurityMonitoringSignalIncidentsRequest, SecurityMonitoringApiEditSecurityMonitoringSignalStateRequest, SecurityMonitoringApiGetCustomFrameworkRequest, SecurityMonitoringApiGetFindingRequest, - SecurityMonitoringApiGetHistoricalJobRequest, SecurityMonitoringApiGetResourceEvaluationFiltersRequest, SecurityMonitoringApiGetRuleVersionHistoryRequest, SecurityMonitoringApiGetSBOMRequest, @@ -711,21 +710,22 @@ export { SecurityMonitoringApiGetSignalNotificationRuleRequest, SecurityMonitoringApiGetSuppressionsAffectingFutureRuleRequest, SecurityMonitoringApiGetSuppressionsAffectingRuleRequest, + SecurityMonitoringApiGetThreatHuntingJobRequest, SecurityMonitoringApiGetVulnerabilityNotificationRuleRequest, SecurityMonitoringApiListAssetsSBOMsRequest, SecurityMonitoringApiListFindingsRequest, - SecurityMonitoringApiListHistoricalJobsRequest, SecurityMonitoringApiListScannedAssetsMetadataRequest, SecurityMonitoringApiListSecurityMonitoringHistsignalsRequest, SecurityMonitoringApiListSecurityMonitoringRulesRequest, SecurityMonitoringApiListSecurityMonitoringSignalsRequest, SecurityMonitoringApiListSecurityMonitoringSuppressionsRequest, + SecurityMonitoringApiListThreatHuntingJobsRequest, SecurityMonitoringApiListVulnerabilitiesRequest, SecurityMonitoringApiListVulnerableAssetsRequest, SecurityMonitoringApiMuteFindingsRequest, SecurityMonitoringApiPatchSignalNotificationRuleRequest, SecurityMonitoringApiPatchVulnerabilityNotificationRuleRequest, - SecurityMonitoringApiRunHistoricalJobRequest, + SecurityMonitoringApiRunThreatHuntingJobRequest, SecurityMonitoringApiSearchSecurityMonitoringHistsignalsRequest, SecurityMonitoringApiSearchSecurityMonitoringSignalsRequest, SecurityMonitoringApiTestExistingSecurityMonitoringRuleRequest, @@ -2201,13 +2201,6 @@ export { GreyNoiseIntegration } from "./models/GreyNoiseIntegration"; export { GreyNoiseIntegrationType } from "./models/GreyNoiseIntegrationType"; export { GreyNoiseIntegrationUpdate } from "./models/GreyNoiseIntegrationUpdate"; export { GroupScalarColumn } from "./models/GroupScalarColumn"; -export { HistoricalJobDataType } from "./models/HistoricalJobDataType"; -export { HistoricalJobListMeta } from "./models/HistoricalJobListMeta"; -export { HistoricalJobOptions } from "./models/HistoricalJobOptions"; -export { HistoricalJobQuery } from "./models/HistoricalJobQuery"; -export { HistoricalJobResponse } from "./models/HistoricalJobResponse"; -export { HistoricalJobResponseAttributes } from "./models/HistoricalJobResponseAttributes"; -export { HistoricalJobResponseData } from "./models/HistoricalJobResponseData"; export { HourlyUsage } from "./models/HourlyUsage"; export { HourlyUsageAttributes } from "./models/HourlyUsageAttributes"; export { HourlyUsageMeasurement } from "./models/HourlyUsageMeasurement"; @@ -2542,7 +2535,6 @@ export { ListEntityCatalogResponseLinks } from "./models/ListEntityCatalogRespon export { ListFindingsMeta } from "./models/ListFindingsMeta"; export { ListFindingsPage } from "./models/ListFindingsPage"; export { ListFindingsResponse } from "./models/ListFindingsResponse"; -export { ListHistoricalJobsResponse } from "./models/ListHistoricalJobsResponse"; export { ListKindCatalogResponse } from "./models/ListKindCatalogResponse"; export { ListPipelinesResponse } from "./models/ListPipelinesResponse"; export { ListPipelinesResponseMeta } from "./models/ListPipelinesResponseMeta"; @@ -2557,6 +2549,7 @@ export { ListTagsResponseData } from "./models/ListTagsResponseData"; export { ListTagsResponseDataAttributes } from "./models/ListTagsResponseDataAttributes"; export { ListTeamsInclude } from "./models/ListTeamsInclude"; export { ListTeamsSort } from "./models/ListTeamsSort"; +export { ListThreatHuntingJobsResponse } from "./models/ListThreatHuntingJobsResponse"; export { ListVulnerabilitiesResponse } from "./models/ListVulnerabilitiesResponse"; export { ListVulnerableAssetsResponse } from "./models/ListVulnerableAssetsResponse"; export { Log } from "./models/Log"; @@ -3499,10 +3492,10 @@ export { RUMSearchEventsRequest } from "./models/RUMSearchEventsRequest"; export { RUMSort } from "./models/RUMSort"; export { RUMSortOrder } from "./models/RUMSortOrder"; export { RUMWarning } from "./models/RUMWarning"; -export { RunHistoricalJobRequest } from "./models/RunHistoricalJobRequest"; -export { RunHistoricalJobRequestAttributes } from "./models/RunHistoricalJobRequestAttributes"; -export { RunHistoricalJobRequestData } from "./models/RunHistoricalJobRequestData"; -export { RunHistoricalJobRequestDataType } from "./models/RunHistoricalJobRequestDataType"; +export { RunThreatHuntingJobRequest } from "./models/RunThreatHuntingJobRequest"; +export { RunThreatHuntingJobRequestAttributes } from "./models/RunThreatHuntingJobRequestAttributes"; +export { RunThreatHuntingJobRequestData } from "./models/RunThreatHuntingJobRequestData"; +export { RunThreatHuntingJobRequestDataType } from "./models/RunThreatHuntingJobRequestDataType"; export { SAMLAssertionAttribute } from "./models/SAMLAssertionAttribute"; export { SAMLAssertionAttributeAttributes } from "./models/SAMLAssertionAttributeAttributes"; export { SAMLAssertionAttributesType } from "./models/SAMLAssertionAttributesType"; @@ -4051,6 +4044,13 @@ export { TeamUpdate } from "./models/TeamUpdate"; export { TeamUpdateAttributes } from "./models/TeamUpdateAttributes"; export { TeamUpdateRelationships } from "./models/TeamUpdateRelationships"; export { TeamUpdateRequest } from "./models/TeamUpdateRequest"; +export { ThreatHuntingJobDataType } from "./models/ThreatHuntingJobDataType"; +export { ThreatHuntingJobListMeta } from "./models/ThreatHuntingJobListMeta"; +export { ThreatHuntingJobOptions } from "./models/ThreatHuntingJobOptions"; +export { ThreatHuntingJobQuery } from "./models/ThreatHuntingJobQuery"; +export { ThreatHuntingJobResponse } from "./models/ThreatHuntingJobResponse"; +export { ThreatHuntingJobResponseAttributes } from "./models/ThreatHuntingJobResponseAttributes"; +export { ThreatHuntingJobResponseData } from "./models/ThreatHuntingJobResponseData"; export { TimelineCell } from "./models/TimelineCell"; export { TimelineCellAuthor } from "./models/TimelineCellAuthor"; export { TimelineCellAuthorUser } from "./models/TimelineCellAuthorUser"; diff --git a/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsAttributes.ts b/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsAttributes.ts index fd57577e110b..40cb92b8f9a7 100644 --- a/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsAttributes.ts +++ b/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsAttributes.ts @@ -8,7 +8,7 @@ import { SecurityMonitoringRuleSeverity } from "./SecurityMonitoringRuleSeverity import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Attributes for converting historical job results to signals. + * Attributes for converting threat hunting job results to signals. */ export class ConvertJobResultsToSignalsAttributes { /** diff --git a/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsData.ts b/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsData.ts index ac79f9d1a34a..4253fa34fcef 100644 --- a/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsData.ts +++ b/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsData.ts @@ -9,11 +9,11 @@ import { ConvertJobResultsToSignalsDataType } from "./ConvertJobResultsToSignals import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Data for converting historical job results to signals. + * Data for converting threat hunting job results to signals. */ export class ConvertJobResultsToSignalsData { /** - * Attributes for converting historical job results to signals. + * Attributes for converting threat hunting job results to signals. */ "attributes"?: ConvertJobResultsToSignalsAttributes; /** diff --git a/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsRequest.ts b/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsRequest.ts index ac16adaf6176..8161f8af85bc 100644 --- a/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsRequest.ts +++ b/packages/datadog-api-client-v2/models/ConvertJobResultsToSignalsRequest.ts @@ -8,11 +8,11 @@ import { ConvertJobResultsToSignalsData } from "./ConvertJobResultsToSignalsData import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Request for converting historical job results to signals. + * Request for converting threat hunting job results to signals. */ export class ConvertJobResultsToSignalsRequest { /** - * Data for converting historical job results to signals. + * Data for converting threat hunting job results to signals. */ "data"?: ConvertJobResultsToSignalsData; diff --git a/packages/datadog-api-client-v2/models/JobCreateResponse.ts b/packages/datadog-api-client-v2/models/JobCreateResponse.ts index abd55fa82232..e1daa5b866b3 100644 --- a/packages/datadog-api-client-v2/models/JobCreateResponse.ts +++ b/packages/datadog-api-client-v2/models/JobCreateResponse.ts @@ -8,7 +8,7 @@ import { JobCreateResponseData } from "./JobCreateResponseData"; import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Run a historical job response. + * Run a threat hunting job response. */ export class JobCreateResponse { /** diff --git a/packages/datadog-api-client-v2/models/JobCreateResponseData.ts b/packages/datadog-api-client-v2/models/JobCreateResponseData.ts index 80e9268122c5..7e76ba56bedf 100644 --- a/packages/datadog-api-client-v2/models/JobCreateResponseData.ts +++ b/packages/datadog-api-client-v2/models/JobCreateResponseData.ts @@ -3,7 +3,7 @@ * This product includes software developed at Datadog (https://www.datadoghq.com/). * Copyright 2020-Present Datadog, Inc. */ -import { HistoricalJobDataType } from "./HistoricalJobDataType"; +import { ThreatHuntingJobDataType } from "./ThreatHuntingJobDataType"; import { AttributeTypeMap } from "../../datadog-api-client-common/util"; @@ -18,7 +18,7 @@ export class JobCreateResponseData { /** * Type of payload. */ - "type"?: HistoricalJobDataType; + "type"?: ThreatHuntingJobDataType; /** * A container for additional, undeclared properties. @@ -42,7 +42,7 @@ export class JobCreateResponseData { }, type: { baseName: "type", - type: "HistoricalJobDataType", + type: "ThreatHuntingJobDataType", }, additionalProperties: { baseName: "additionalProperties", diff --git a/packages/datadog-api-client-v2/models/JobDefinition.ts b/packages/datadog-api-client-v2/models/JobDefinition.ts index 8db46a9f5e9f..fb1e274f66b2 100644 --- a/packages/datadog-api-client-v2/models/JobDefinition.ts +++ b/packages/datadog-api-client-v2/models/JobDefinition.ts @@ -4,16 +4,16 @@ * Copyright 2020-Present Datadog, Inc. */ import { CalculatedField } from "./CalculatedField"; -import { HistoricalJobOptions } from "./HistoricalJobOptions"; -import { HistoricalJobQuery } from "./HistoricalJobQuery"; import { SecurityMonitoringReferenceTable } from "./SecurityMonitoringReferenceTable"; import { SecurityMonitoringRuleCaseCreate } from "./SecurityMonitoringRuleCaseCreate"; import { SecurityMonitoringThirdPartyRuleCaseCreate } from "./SecurityMonitoringThirdPartyRuleCaseCreate"; +import { ThreatHuntingJobOptions } from "./ThreatHuntingJobOptions"; +import { ThreatHuntingJobQuery } from "./ThreatHuntingJobQuery"; import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Definition of a historical job. + * Definition of a threat hunting job. */ export class JobDefinition { /** @@ -47,11 +47,11 @@ export class JobDefinition { /** * Job options. */ - "options"?: HistoricalJobOptions; + "options"?: ThreatHuntingJobOptions; /** * Queries for selecting logs analyzed by the job. */ - "queries": Array; + "queries": Array; /** * Reference tables used in the queries. */ @@ -125,11 +125,11 @@ export class JobDefinition { }, options: { baseName: "options", - type: "HistoricalJobOptions", + type: "ThreatHuntingJobOptions", }, queries: { baseName: "queries", - type: "Array", + type: "Array", required: true, }, referenceTables: { diff --git a/packages/datadog-api-client-v2/models/JobDefinitionFromRule.ts b/packages/datadog-api-client-v2/models/JobDefinitionFromRule.ts index 4ec07f7cd116..6aecc50486fd 100644 --- a/packages/datadog-api-client-v2/models/JobDefinitionFromRule.ts +++ b/packages/datadog-api-client-v2/models/JobDefinitionFromRule.ts @@ -7,7 +7,7 @@ import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Definition of a historical job based on a security monitoring rule. + * Definition of a threat hunting job based on a security monitoring rule. */ export class JobDefinitionFromRule { /** diff --git a/packages/datadog-api-client-v2/models/ListHistoricalJobsResponse.ts b/packages/datadog-api-client-v2/models/ListThreatHuntingJobsResponse.ts similarity index 67% rename from packages/datadog-api-client-v2/models/ListHistoricalJobsResponse.ts rename to packages/datadog-api-client-v2/models/ListThreatHuntingJobsResponse.ts index af5bbcb353c4..322ef2e18d3f 100644 --- a/packages/datadog-api-client-v2/models/ListHistoricalJobsResponse.ts +++ b/packages/datadog-api-client-v2/models/ListThreatHuntingJobsResponse.ts @@ -3,23 +3,23 @@ * This product includes software developed at Datadog (https://www.datadoghq.com/). * Copyright 2020-Present Datadog, Inc. */ -import { HistoricalJobListMeta } from "./HistoricalJobListMeta"; -import { HistoricalJobResponseData } from "./HistoricalJobResponseData"; +import { ThreatHuntingJobListMeta } from "./ThreatHuntingJobListMeta"; +import { ThreatHuntingJobResponseData } from "./ThreatHuntingJobResponseData"; import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * List of historical jobs. + * List of threat hunting jobs. */ -export class ListHistoricalJobsResponse { +export class ListThreatHuntingJobsResponse { /** - * Array containing the list of historical jobs. + * Array containing the list of threat hunting jobs. */ - "data"?: Array; + "data"?: Array; /** * Metadata about the list of jobs. */ - "meta"?: HistoricalJobListMeta; + "meta"?: ThreatHuntingJobListMeta; /** * A container for additional, undeclared properties. @@ -39,11 +39,11 @@ export class ListHistoricalJobsResponse { static readonly attributeTypeMap: AttributeTypeMap = { data: { baseName: "data", - type: "Array", + type: "Array", }, meta: { baseName: "meta", - type: "HistoricalJobListMeta", + type: "ThreatHuntingJobListMeta", }, additionalProperties: { baseName: "additionalProperties", @@ -55,7 +55,7 @@ export class ListHistoricalJobsResponse { * @ignore */ static getAttributeTypeMap(): AttributeTypeMap { - return ListHistoricalJobsResponse.attributeTypeMap; + return ListThreatHuntingJobsResponse.attributeTypeMap; } public constructor() {} diff --git a/packages/datadog-api-client-v2/models/ObjectSerializer.ts b/packages/datadog-api-client-v2/models/ObjectSerializer.ts index e6932296f1cd..f144407d7ac8 100644 --- a/packages/datadog-api-client-v2/models/ObjectSerializer.ts +++ b/packages/datadog-api-client-v2/models/ObjectSerializer.ts @@ -994,12 +994,6 @@ import { HTTPToken } from "./HTTPToken"; import { HTTPTokenAuth } from "./HTTPTokenAuth"; import { HTTPTokenAuthUpdate } from "./HTTPTokenAuthUpdate"; import { HTTPTokenUpdate } from "./HTTPTokenUpdate"; -import { HistoricalJobListMeta } from "./HistoricalJobListMeta"; -import { HistoricalJobOptions } from "./HistoricalJobOptions"; -import { HistoricalJobQuery } from "./HistoricalJobQuery"; -import { HistoricalJobResponse } from "./HistoricalJobResponse"; -import { HistoricalJobResponseAttributes } from "./HistoricalJobResponseAttributes"; -import { HistoricalJobResponseData } from "./HistoricalJobResponseData"; import { HourlyUsage } from "./HourlyUsage"; import { HourlyUsageAttributes } from "./HourlyUsageAttributes"; import { HourlyUsageMeasurement } from "./HourlyUsageMeasurement"; @@ -1243,7 +1237,6 @@ import { ListEntityCatalogResponseLinks } from "./ListEntityCatalogResponseLinks import { ListFindingsMeta } from "./ListFindingsMeta"; import { ListFindingsPage } from "./ListFindingsPage"; import { ListFindingsResponse } from "./ListFindingsResponse"; -import { ListHistoricalJobsResponse } from "./ListHistoricalJobsResponse"; import { ListKindCatalogResponse } from "./ListKindCatalogResponse"; import { ListPipelinesResponse } from "./ListPipelinesResponse"; import { ListPipelinesResponseMeta } from "./ListPipelinesResponseMeta"; @@ -1256,6 +1249,7 @@ import { ListRulesResponseLinks } from "./ListRulesResponseLinks"; import { ListTagsResponse } from "./ListTagsResponse"; import { ListTagsResponseData } from "./ListTagsResponseData"; import { ListTagsResponseDataAttributes } from "./ListTagsResponseDataAttributes"; +import { ListThreatHuntingJobsResponse } from "./ListThreatHuntingJobsResponse"; import { ListVulnerabilitiesResponse } from "./ListVulnerabilitiesResponse"; import { ListVulnerableAssetsResponse } from "./ListVulnerableAssetsResponse"; import { Log } from "./Log"; @@ -1934,9 +1928,9 @@ import { RumRetentionFiltersOrderData } from "./RumRetentionFiltersOrderData"; import { RumRetentionFiltersOrderRequest } from "./RumRetentionFiltersOrderRequest"; import { RumRetentionFiltersOrderResponse } from "./RumRetentionFiltersOrderResponse"; import { RumRetentionFiltersResponse } from "./RumRetentionFiltersResponse"; -import { RunHistoricalJobRequest } from "./RunHistoricalJobRequest"; -import { RunHistoricalJobRequestAttributes } from "./RunHistoricalJobRequestAttributes"; -import { RunHistoricalJobRequestData } from "./RunHistoricalJobRequestData"; +import { RunThreatHuntingJobRequest } from "./RunThreatHuntingJobRequest"; +import { RunThreatHuntingJobRequestAttributes } from "./RunThreatHuntingJobRequestAttributes"; +import { RunThreatHuntingJobRequestData } from "./RunThreatHuntingJobRequestData"; import { SAMLAssertionAttribute } from "./SAMLAssertionAttribute"; import { SAMLAssertionAttributeAttributes } from "./SAMLAssertionAttributeAttributes"; import { SBOM } from "./SBOM"; @@ -2337,6 +2331,12 @@ import { TeamsResponse } from "./TeamsResponse"; import { TeamsResponseLinks } from "./TeamsResponseLinks"; import { TeamsResponseMeta } from "./TeamsResponseMeta"; import { TeamsResponseMetaPagination } from "./TeamsResponseMetaPagination"; +import { ThreatHuntingJobListMeta } from "./ThreatHuntingJobListMeta"; +import { ThreatHuntingJobOptions } from "./ThreatHuntingJobOptions"; +import { ThreatHuntingJobQuery } from "./ThreatHuntingJobQuery"; +import { ThreatHuntingJobResponse } from "./ThreatHuntingJobResponse"; +import { ThreatHuntingJobResponseAttributes } from "./ThreatHuntingJobResponseAttributes"; +import { ThreatHuntingJobResponseData } from "./ThreatHuntingJobResponseData"; import { TimeRestriction } from "./TimeRestriction"; import { TimeRestrictions } from "./TimeRestrictions"; import { TimelineCell } from "./TimelineCell"; @@ -3036,7 +3036,6 @@ const enumsMap: { [key: string]: any[] } = { GreyNoiseIntegrationType: ["GreyNoise"], HTTPIntegrationType: ["HTTP"], HTTPTokenAuthType: ["HTTPTokenAuth"], - HistoricalJobDataType: ["historicalDetectionsJob"], HourlyUsageType: [ "app_sec_host_count", "observability_pipelines_bytes_processed", @@ -3667,7 +3666,7 @@ const enumsMap: { [key: string]: any[] } = { "vital", ], RumRetentionFilterType: ["retention_filters"], - RunHistoricalJobRequestDataType: ["historicalDetectionsJobCreate"], + RunThreatHuntingJobRequestDataType: ["historicalDetectionsJobCreate"], SAMLAssertionAttributesType: ["saml_assertion_attributes"], SBOMComponentLicenseType: [ "network_strong_copyleft", @@ -3964,6 +3963,7 @@ const enumsMap: { [key: string]: any[] } = { "team_links", "user_team_permissions", ], + ThreatHuntingJobDataType: ["historicalDetectionsJob"], TimelineCellAuthorUserType: ["USER"], TimelineCellResourceType: ["timeline_cell"], TimelineCellType: ["COMMENT"], @@ -5255,12 +5255,6 @@ const typeMap: { [index: string]: any } = { HTTPTokenAuth: HTTPTokenAuth, HTTPTokenAuthUpdate: HTTPTokenAuthUpdate, HTTPTokenUpdate: HTTPTokenUpdate, - HistoricalJobListMeta: HistoricalJobListMeta, - HistoricalJobOptions: HistoricalJobOptions, - HistoricalJobQuery: HistoricalJobQuery, - HistoricalJobResponse: HistoricalJobResponse, - HistoricalJobResponseAttributes: HistoricalJobResponseAttributes, - HistoricalJobResponseData: HistoricalJobResponseData, HourlyUsage: HourlyUsage, HourlyUsageAttributes: HourlyUsageAttributes, HourlyUsageMeasurement: HourlyUsageMeasurement, @@ -5529,7 +5523,6 @@ const typeMap: { [index: string]: any } = { ListFindingsMeta: ListFindingsMeta, ListFindingsPage: ListFindingsPage, ListFindingsResponse: ListFindingsResponse, - ListHistoricalJobsResponse: ListHistoricalJobsResponse, ListKindCatalogResponse: ListKindCatalogResponse, ListPipelinesResponse: ListPipelinesResponse, ListPipelinesResponseMeta: ListPipelinesResponseMeta, @@ -5542,6 +5535,7 @@ const typeMap: { [index: string]: any } = { ListTagsResponse: ListTagsResponse, ListTagsResponseData: ListTagsResponseData, ListTagsResponseDataAttributes: ListTagsResponseDataAttributes, + ListThreatHuntingJobsResponse: ListThreatHuntingJobsResponse, ListVulnerabilitiesResponse: ListVulnerabilitiesResponse, ListVulnerableAssetsResponse: ListVulnerableAssetsResponse, Log: Log, @@ -6367,9 +6361,9 @@ const typeMap: { [index: string]: any } = { RumRetentionFiltersOrderRequest: RumRetentionFiltersOrderRequest, RumRetentionFiltersOrderResponse: RumRetentionFiltersOrderResponse, RumRetentionFiltersResponse: RumRetentionFiltersResponse, - RunHistoricalJobRequest: RunHistoricalJobRequest, - RunHistoricalJobRequestAttributes: RunHistoricalJobRequestAttributes, - RunHistoricalJobRequestData: RunHistoricalJobRequestData, + RunThreatHuntingJobRequest: RunThreatHuntingJobRequest, + RunThreatHuntingJobRequestAttributes: RunThreatHuntingJobRequestAttributes, + RunThreatHuntingJobRequestData: RunThreatHuntingJobRequestData, SAMLAssertionAttribute: SAMLAssertionAttribute, SAMLAssertionAttributeAttributes: SAMLAssertionAttributeAttributes, SBOM: SBOM, @@ -6861,6 +6855,12 @@ const typeMap: { [index: string]: any } = { TeamsResponseLinks: TeamsResponseLinks, TeamsResponseMeta: TeamsResponseMeta, TeamsResponseMetaPagination: TeamsResponseMetaPagination, + ThreatHuntingJobListMeta: ThreatHuntingJobListMeta, + ThreatHuntingJobOptions: ThreatHuntingJobOptions, + ThreatHuntingJobQuery: ThreatHuntingJobQuery, + ThreatHuntingJobResponse: ThreatHuntingJobResponse, + ThreatHuntingJobResponseAttributes: ThreatHuntingJobResponseAttributes, + ThreatHuntingJobResponseData: ThreatHuntingJobResponseData, TimeRestriction: TimeRestriction, TimeRestrictions: TimeRestrictions, TimelineCell: TimelineCell, diff --git a/packages/datadog-api-client-v2/models/RunHistoricalJobRequest.ts b/packages/datadog-api-client-v2/models/RunThreatHuntingJobRequest.ts similarity index 73% rename from packages/datadog-api-client-v2/models/RunHistoricalJobRequest.ts rename to packages/datadog-api-client-v2/models/RunThreatHuntingJobRequest.ts index f7c768fef170..6f424457b1ff 100644 --- a/packages/datadog-api-client-v2/models/RunHistoricalJobRequest.ts +++ b/packages/datadog-api-client-v2/models/RunThreatHuntingJobRequest.ts @@ -3,18 +3,18 @@ * This product includes software developed at Datadog (https://www.datadoghq.com/). * Copyright 2020-Present Datadog, Inc. */ -import { RunHistoricalJobRequestData } from "./RunHistoricalJobRequestData"; +import { RunThreatHuntingJobRequestData } from "./RunThreatHuntingJobRequestData"; import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Run a historical job request. + * Run a threat hunting job request. */ -export class RunHistoricalJobRequest { +export class RunThreatHuntingJobRequest { /** - * Data for running a historical job request. + * Data for running a threat hunting job request. */ - "data"?: RunHistoricalJobRequestData; + "data"?: RunThreatHuntingJobRequestData; /** * A container for additional, undeclared properties. @@ -34,7 +34,7 @@ export class RunHistoricalJobRequest { static readonly attributeTypeMap: AttributeTypeMap = { data: { baseName: "data", - type: "RunHistoricalJobRequestData", + type: "RunThreatHuntingJobRequestData", }, additionalProperties: { baseName: "additionalProperties", @@ -46,7 +46,7 @@ export class RunHistoricalJobRequest { * @ignore */ static getAttributeTypeMap(): AttributeTypeMap { - return RunHistoricalJobRequest.attributeTypeMap; + return RunThreatHuntingJobRequest.attributeTypeMap; } public constructor() {} diff --git a/packages/datadog-api-client-v2/models/RunHistoricalJobRequestAttributes.ts b/packages/datadog-api-client-v2/models/RunThreatHuntingJobRequestAttributes.ts similarity index 84% rename from packages/datadog-api-client-v2/models/RunHistoricalJobRequestAttributes.ts rename to packages/datadog-api-client-v2/models/RunThreatHuntingJobRequestAttributes.ts index 5951e4afa580..885981acbc32 100644 --- a/packages/datadog-api-client-v2/models/RunHistoricalJobRequestAttributes.ts +++ b/packages/datadog-api-client-v2/models/RunThreatHuntingJobRequestAttributes.ts @@ -9,11 +9,11 @@ import { JobDefinitionFromRule } from "./JobDefinitionFromRule"; import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Run a historical job request. + * Run a threat hunting job request. */ -export class RunHistoricalJobRequestAttributes { +export class RunThreatHuntingJobRequestAttributes { /** - * Definition of a historical job based on a security monitoring rule. + * Definition of a threat hunting job based on a security monitoring rule. */ "fromRule"?: JobDefinitionFromRule; /** @@ -21,7 +21,7 @@ export class RunHistoricalJobRequestAttributes { */ "id"?: string; /** - * Definition of a historical job. + * Definition of a threat hunting job. */ "jobDefinition"?: JobDefinition; @@ -63,7 +63,7 @@ export class RunHistoricalJobRequestAttributes { * @ignore */ static getAttributeTypeMap(): AttributeTypeMap { - return RunHistoricalJobRequestAttributes.attributeTypeMap; + return RunThreatHuntingJobRequestAttributes.attributeTypeMap; } public constructor() {} diff --git a/packages/datadog-api-client-v2/models/RunHistoricalJobRequestData.ts b/packages/datadog-api-client-v2/models/RunThreatHuntingJobRequestData.ts similarity index 64% rename from packages/datadog-api-client-v2/models/RunHistoricalJobRequestData.ts rename to packages/datadog-api-client-v2/models/RunThreatHuntingJobRequestData.ts index 661579ee9572..a66686e5d084 100644 --- a/packages/datadog-api-client-v2/models/RunHistoricalJobRequestData.ts +++ b/packages/datadog-api-client-v2/models/RunThreatHuntingJobRequestData.ts @@ -3,23 +3,23 @@ * This product includes software developed at Datadog (https://www.datadoghq.com/). * Copyright 2020-Present Datadog, Inc. */ -import { RunHistoricalJobRequestAttributes } from "./RunHistoricalJobRequestAttributes"; -import { RunHistoricalJobRequestDataType } from "./RunHistoricalJobRequestDataType"; +import { RunThreatHuntingJobRequestAttributes } from "./RunThreatHuntingJobRequestAttributes"; +import { RunThreatHuntingJobRequestDataType } from "./RunThreatHuntingJobRequestDataType"; import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Data for running a historical job request. + * Data for running a threat hunting job request. */ -export class RunHistoricalJobRequestData { +export class RunThreatHuntingJobRequestData { /** - * Run a historical job request. + * Run a threat hunting job request. */ - "attributes"?: RunHistoricalJobRequestAttributes; + "attributes"?: RunThreatHuntingJobRequestAttributes; /** * Type of data. */ - "type"?: RunHistoricalJobRequestDataType; + "type"?: RunThreatHuntingJobRequestDataType; /** * A container for additional, undeclared properties. @@ -39,11 +39,11 @@ export class RunHistoricalJobRequestData { static readonly attributeTypeMap: AttributeTypeMap = { attributes: { baseName: "attributes", - type: "RunHistoricalJobRequestAttributes", + type: "RunThreatHuntingJobRequestAttributes", }, type: { baseName: "type", - type: "RunHistoricalJobRequestDataType", + type: "RunThreatHuntingJobRequestDataType", }, additionalProperties: { baseName: "additionalProperties", @@ -55,7 +55,7 @@ export class RunHistoricalJobRequestData { * @ignore */ static getAttributeTypeMap(): AttributeTypeMap { - return RunHistoricalJobRequestData.attributeTypeMap; + return RunThreatHuntingJobRequestData.attributeTypeMap; } public constructor() {} diff --git a/packages/datadog-api-client-v2/models/RunHistoricalJobRequestDataType.ts b/packages/datadog-api-client-v2/models/RunThreatHuntingJobRequestDataType.ts similarity index 90% rename from packages/datadog-api-client-v2/models/RunHistoricalJobRequestDataType.ts rename to packages/datadog-api-client-v2/models/RunThreatHuntingJobRequestDataType.ts index 83bb2ce63e44..3e151b37c976 100644 --- a/packages/datadog-api-client-v2/models/RunHistoricalJobRequestDataType.ts +++ b/packages/datadog-api-client-v2/models/RunThreatHuntingJobRequestDataType.ts @@ -10,7 +10,7 @@ import { UnparsedObject } from "../../datadog-api-client-common/util"; * Type of data. */ -export type RunHistoricalJobRequestDataType = +export type RunThreatHuntingJobRequestDataType = | typeof HISTORICALDETECTIONSJOBCREATE | UnparsedObject; export const HISTORICALDETECTIONSJOBCREATE = "historicalDetectionsJobCreate"; diff --git a/packages/datadog-api-client-v2/models/HistoricalJobDataType.ts b/packages/datadog-api-client-v2/models/ThreatHuntingJobDataType.ts similarity index 92% rename from packages/datadog-api-client-v2/models/HistoricalJobDataType.ts rename to packages/datadog-api-client-v2/models/ThreatHuntingJobDataType.ts index 398cd3294ceb..6ff4ef7ddc00 100644 --- a/packages/datadog-api-client-v2/models/HistoricalJobDataType.ts +++ b/packages/datadog-api-client-v2/models/ThreatHuntingJobDataType.ts @@ -10,7 +10,7 @@ import { UnparsedObject } from "../../datadog-api-client-common/util"; * Type of payload. */ -export type HistoricalJobDataType = +export type ThreatHuntingJobDataType = | typeof HISTORICALDETECTIONSJOB | UnparsedObject; export const HISTORICALDETECTIONSJOB = "historicalDetectionsJob"; diff --git a/packages/datadog-api-client-v2/models/HistoricalJobListMeta.ts b/packages/datadog-api-client-v2/models/ThreatHuntingJobListMeta.ts similarity index 92% rename from packages/datadog-api-client-v2/models/HistoricalJobListMeta.ts rename to packages/datadog-api-client-v2/models/ThreatHuntingJobListMeta.ts index 158928b480de..4371bfbfe6ef 100644 --- a/packages/datadog-api-client-v2/models/HistoricalJobListMeta.ts +++ b/packages/datadog-api-client-v2/models/ThreatHuntingJobListMeta.ts @@ -9,7 +9,7 @@ import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** * Metadata about the list of jobs. */ -export class HistoricalJobListMeta { +export class ThreatHuntingJobListMeta { /** * Number of jobs in the list. */ @@ -46,7 +46,7 @@ export class HistoricalJobListMeta { * @ignore */ static getAttributeTypeMap(): AttributeTypeMap { - return HistoricalJobListMeta.attributeTypeMap; + return ThreatHuntingJobListMeta.attributeTypeMap; } public constructor() {} diff --git a/packages/datadog-api-client-v2/models/HistoricalJobOptions.ts b/packages/datadog-api-client-v2/models/ThreatHuntingJobOptions.ts similarity index 97% rename from packages/datadog-api-client-v2/models/HistoricalJobOptions.ts rename to packages/datadog-api-client-v2/models/ThreatHuntingJobOptions.ts index e5a31e2d8420..825d61c740a5 100644 --- a/packages/datadog-api-client-v2/models/HistoricalJobOptions.ts +++ b/packages/datadog-api-client-v2/models/ThreatHuntingJobOptions.ts @@ -17,7 +17,7 @@ import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** * Job options. */ -export class HistoricalJobOptions { +export class ThreatHuntingJobOptions { /** * The detection method. */ @@ -112,7 +112,7 @@ export class HistoricalJobOptions { * @ignore */ static getAttributeTypeMap(): AttributeTypeMap { - return HistoricalJobOptions.attributeTypeMap; + return ThreatHuntingJobOptions.attributeTypeMap; } public constructor() {} diff --git a/packages/datadog-api-client-v2/models/HistoricalJobQuery.ts b/packages/datadog-api-client-v2/models/ThreatHuntingJobQuery.ts similarity index 95% rename from packages/datadog-api-client-v2/models/HistoricalJobQuery.ts rename to packages/datadog-api-client-v2/models/ThreatHuntingJobQuery.ts index 7d584e0634c7..49a8caec4555 100644 --- a/packages/datadog-api-client-v2/models/HistoricalJobQuery.ts +++ b/packages/datadog-api-client-v2/models/ThreatHuntingJobQuery.ts @@ -9,9 +9,9 @@ import { SecurityMonitoringStandardDataSource } from "./SecurityMonitoringStanda import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Query for selecting logs analyzed by the historical job. + * Query for selecting logs analyzed by the threat hunting job. */ -export class HistoricalJobQuery { +export class ThreatHuntingJobQuery { /** * The aggregation type. */ @@ -103,7 +103,7 @@ export class HistoricalJobQuery { * @ignore */ static getAttributeTypeMap(): AttributeTypeMap { - return HistoricalJobQuery.attributeTypeMap; + return ThreatHuntingJobQuery.attributeTypeMap; } public constructor() {} diff --git a/packages/datadog-api-client-v2/models/HistoricalJobResponse.ts b/packages/datadog-api-client-v2/models/ThreatHuntingJobResponse.ts similarity index 75% rename from packages/datadog-api-client-v2/models/HistoricalJobResponse.ts rename to packages/datadog-api-client-v2/models/ThreatHuntingJobResponse.ts index 4ba8336784d0..0fbb0d5fbea5 100644 --- a/packages/datadog-api-client-v2/models/HistoricalJobResponse.ts +++ b/packages/datadog-api-client-v2/models/ThreatHuntingJobResponse.ts @@ -3,18 +3,18 @@ * This product includes software developed at Datadog (https://www.datadoghq.com/). * Copyright 2020-Present Datadog, Inc. */ -import { HistoricalJobResponseData } from "./HistoricalJobResponseData"; +import { ThreatHuntingJobResponseData } from "./ThreatHuntingJobResponseData"; import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Historical job response. + * Threat hunting job response. */ -export class HistoricalJobResponse { +export class ThreatHuntingJobResponse { /** - * Historical job response data. + * Threat hunting job response data. */ - "data"?: HistoricalJobResponseData; + "data"?: ThreatHuntingJobResponseData; /** * A container for additional, undeclared properties. @@ -34,7 +34,7 @@ export class HistoricalJobResponse { static readonly attributeTypeMap: AttributeTypeMap = { data: { baseName: "data", - type: "HistoricalJobResponseData", + type: "ThreatHuntingJobResponseData", }, additionalProperties: { baseName: "additionalProperties", @@ -46,7 +46,7 @@ export class HistoricalJobResponse { * @ignore */ static getAttributeTypeMap(): AttributeTypeMap { - return HistoricalJobResponse.attributeTypeMap; + return ThreatHuntingJobResponse.attributeTypeMap; } public constructor() {} diff --git a/packages/datadog-api-client-v2/models/HistoricalJobResponseAttributes.ts b/packages/datadog-api-client-v2/models/ThreatHuntingJobResponseAttributes.ts similarity index 92% rename from packages/datadog-api-client-v2/models/HistoricalJobResponseAttributes.ts rename to packages/datadog-api-client-v2/models/ThreatHuntingJobResponseAttributes.ts index 33d34438b23c..bbb969a33191 100644 --- a/packages/datadog-api-client-v2/models/HistoricalJobResponseAttributes.ts +++ b/packages/datadog-api-client-v2/models/ThreatHuntingJobResponseAttributes.ts @@ -8,9 +8,9 @@ import { JobDefinition } from "./JobDefinition"; import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Historical job attributes. + * Threat hunting job attributes. */ -export class HistoricalJobResponseAttributes { +export class ThreatHuntingJobResponseAttributes { /** * Time when the job was created. */ @@ -28,7 +28,7 @@ export class HistoricalJobResponseAttributes { */ "createdFromRuleId"?: string; /** - * Definition of a historical job. + * Definition of a threat hunting job. */ "jobDefinition"?: JobDefinition; /** @@ -102,7 +102,7 @@ export class HistoricalJobResponseAttributes { * @ignore */ static getAttributeTypeMap(): AttributeTypeMap { - return HistoricalJobResponseAttributes.attributeTypeMap; + return ThreatHuntingJobResponseAttributes.attributeTypeMap; } public constructor() {} diff --git a/packages/datadog-api-client-v2/models/HistoricalJobResponseData.ts b/packages/datadog-api-client-v2/models/ThreatHuntingJobResponseData.ts similarity index 69% rename from packages/datadog-api-client-v2/models/HistoricalJobResponseData.ts rename to packages/datadog-api-client-v2/models/ThreatHuntingJobResponseData.ts index d28c6e75d17d..510dd322a50c 100644 --- a/packages/datadog-api-client-v2/models/HistoricalJobResponseData.ts +++ b/packages/datadog-api-client-v2/models/ThreatHuntingJobResponseData.ts @@ -3,19 +3,19 @@ * This product includes software developed at Datadog (https://www.datadoghq.com/). * Copyright 2020-Present Datadog, Inc. */ -import { HistoricalJobDataType } from "./HistoricalJobDataType"; -import { HistoricalJobResponseAttributes } from "./HistoricalJobResponseAttributes"; +import { ThreatHuntingJobDataType } from "./ThreatHuntingJobDataType"; +import { ThreatHuntingJobResponseAttributes } from "./ThreatHuntingJobResponseAttributes"; import { AttributeTypeMap } from "../../datadog-api-client-common/util"; /** - * Historical job response data. + * Threat hunting job response data. */ -export class HistoricalJobResponseData { +export class ThreatHuntingJobResponseData { /** - * Historical job attributes. + * Threat hunting job attributes. */ - "attributes"?: HistoricalJobResponseAttributes; + "attributes"?: ThreatHuntingJobResponseAttributes; /** * ID of the job. */ @@ -23,7 +23,7 @@ export class HistoricalJobResponseData { /** * Type of payload. */ - "type"?: HistoricalJobDataType; + "type"?: ThreatHuntingJobDataType; /** * A container for additional, undeclared properties. @@ -43,7 +43,7 @@ export class HistoricalJobResponseData { static readonly attributeTypeMap: AttributeTypeMap = { attributes: { baseName: "attributes", - type: "HistoricalJobResponseAttributes", + type: "ThreatHuntingJobResponseAttributes", }, id: { baseName: "id", @@ -51,7 +51,7 @@ export class HistoricalJobResponseData { }, type: { baseName: "type", - type: "HistoricalJobDataType", + type: "ThreatHuntingJobDataType", }, additionalProperties: { baseName: "additionalProperties", @@ -63,7 +63,7 @@ export class HistoricalJobResponseData { * @ignore */ static getAttributeTypeMap(): AttributeTypeMap { - return HistoricalJobResponseData.attributeTypeMap; + return ThreatHuntingJobResponseData.attributeTypeMap; } public constructor() {}