diff --git a/.generated-info b/.generated-info index 2cf735c049..3d24cfa19f 100644 --- a/.generated-info +++ b/.generated-info @@ -1,4 +1,4 @@ { - "spec_repo_commit": "a6f5281", - "generated": "2025-08-06 17:43:25.644" + "spec_repo_commit": "2bbbc7d", + "generated": "2025-08-06 19:32:04.331" } diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index d200d681df..e31bfe34f9 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -26882,6 +26882,7 @@ components: - $ref: '#/components/schemas/ObservabilityPipelineSentinelOneDestination' - $ref: '#/components/schemas/ObservabilityPipelineOpenSearchDestination' - $ref: '#/components/schemas/ObservabilityPipelineAmazonOpenSearchDestination' + - $ref: '#/components/schemas/ObservabilityPipelineCrowdStrikeNextGenSiemDestination' ObservabilityPipelineConfigProcessorItem: description: A processor for the pipeline. oneOf: @@ -26919,6 +26920,78 @@ components: - $ref: '#/components/schemas/ObservabilityPipelineGooglePubSubSource' - $ref: '#/components/schemas/ObservabilityPipelineHttpClientSource' - $ref: '#/components/schemas/ObservabilityPipelineLogstashSource' + ObservabilityPipelineCrowdStrikeNextGenSiemDestination: + description: The `crowdstrike_next_gen_siem` destination forwards logs to CrowdStrike + Next Gen SIEM. + properties: + compression: + $ref: '#/components/schemas/ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompression' + encoding: + $ref: '#/components/schemas/ObservabilityPipelineCrowdStrikeNextGenSiemDestinationEncoding' + id: + description: The unique identifier for this component. + example: crowdstrike-ngsiem-destination + type: string + inputs: + description: A list of component IDs whose output is used as the `input` + for this component. + example: + - filter-processor + items: + type: string + type: array + tls: + $ref: '#/components/schemas/ObservabilityPipelineTls' + type: + $ref: '#/components/schemas/ObservabilityPipelineCrowdStrikeNextGenSiemDestinationType' + required: + - id + - type + - inputs + - encoding + type: object + ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompression: + description: Compression configuration for log events. + properties: + algorithm: + $ref: '#/components/schemas/ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompressionAlgorithm' + level: + description: Compression level. + example: 6 + format: int64 + type: integer + required: + - algorithm + type: object + ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompressionAlgorithm: + description: Compression algorithm for log events. + enum: + - gzip + - zlib + example: gzip + type: string + x-enum-varnames: + - GZIP + - ZLIB + ObservabilityPipelineCrowdStrikeNextGenSiemDestinationEncoding: + description: Encoding format for log events. + enum: + - json + - raw_message + example: json + type: string + x-enum-varnames: + - JSON + - RAW_MESSAGE + ObservabilityPipelineCrowdStrikeNextGenSiemDestinationType: + default: crowdstrike_next_gen_siem + description: The destination type. The value should always be `crowdstrike_next_gen_siem`. + enum: + - crowdstrike_next_gen_siem + example: crowdstrike_next_gen_siem + type: string + x-enum-varnames: + - CROWDSTRIKE_NEXT_GEN_SIEM ObservabilityPipelineData: description: "Contains the pipeline\u2019s ID, type, and configuration attributes." properties: diff --git a/docs/datadog_api_client.v2.model.rst b/docs/datadog_api_client.v2.model.rst index a1972b9342..4bb6b70262 100644 --- a/docs/datadog_api_client.v2.model.rst +++ b/docs/datadog_api_client.v2.model.rst @@ -11883,6 +11883,41 @@ datadog\_api\_client.v2.model.observability\_pipeline\_config\_source\_item modu :members: :show-inheritance: +datadog\_api\_client.v2.model.observability\_pipeline\_crowd\_strike\_next\_gen\_siem\_destination module +--------------------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.observability_pipeline_crowd_strike_next_gen_siem_destination + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.observability\_pipeline\_crowd\_strike\_next\_gen\_siem\_destination\_compression module +---------------------------------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.observability_pipeline_crowd_strike_next_gen_siem_destination_compression + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.observability\_pipeline\_crowd\_strike\_next\_gen\_siem\_destination\_compression\_algorithm module +--------------------------------------------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.observability_pipeline_crowd_strike_next_gen_siem_destination_compression_algorithm + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.observability\_pipeline\_crowd\_strike\_next\_gen\_siem\_destination\_encoding module +------------------------------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.observability_pipeline_crowd_strike_next_gen_siem_destination_encoding + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.observability\_pipeline\_crowd\_strike\_next\_gen\_siem\_destination\_type module +--------------------------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.observability_pipeline_crowd_strike_next_gen_siem_destination_type + :members: + :show-inheritance: + datadog\_api\_client.v2.model.observability\_pipeline\_data module ------------------------------------------------------------------ diff --git a/src/datadog_api_client/v2/model/observability_pipeline_config.py b/src/datadog_api_client/v2/model/observability_pipeline_config.py index 31d48480c4..e3f478a885 100644 --- a/src/datadog_api_client/v2/model/observability_pipeline_config.py +++ b/src/datadog_api_client/v2/model/observability_pipeline_config.py @@ -64,6 +64,9 @@ from datadog_api_client.v2.model.observability_pipeline_amazon_open_search_destination import ( ObservabilityPipelineAmazonOpenSearchDestination, ) + from datadog_api_client.v2.model.observability_pipeline_crowd_strike_next_gen_siem_destination import ( + ObservabilityPipelineCrowdStrikeNextGenSiemDestination, + ) from datadog_api_client.v2.model.observability_pipeline_filter_processor import ObservabilityPipelineFilterProcessor from datadog_api_client.v2.model.observability_pipeline_parse_json_processor import ( ObservabilityPipelineParseJSONProcessor, @@ -182,6 +185,7 @@ def __init__( ObservabilityPipelineSentinelOneDestination, ObservabilityPipelineOpenSearchDestination, ObservabilityPipelineAmazonOpenSearchDestination, + ObservabilityPipelineCrowdStrikeNextGenSiemDestination, ] ], sources: List[ diff --git a/src/datadog_api_client/v2/model/observability_pipeline_config_destination_item.py b/src/datadog_api_client/v2/model/observability_pipeline_config_destination_item.py index 553e9fdc6c..fc6212c45a 100644 --- a/src/datadog_api_client/v2/model/observability_pipeline_config_destination_item.py +++ b/src/datadog_api_client/v2/model/observability_pipeline_config_destination_item.py @@ -108,6 +108,9 @@ def __init__(self, **kwargs): :param log_type: The log type metadata associated with the Chronicle destination. :type log_type: str, optional + + :param compression: Compression configuration for log events. + :type compression: ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompression, optional """ super().__init__(kwargs) @@ -161,6 +164,9 @@ def _composed_schemas(_): from datadog_api_client.v2.model.observability_pipeline_amazon_open_search_destination import ( ObservabilityPipelineAmazonOpenSearchDestination, ) + from datadog_api_client.v2.model.observability_pipeline_crowd_strike_next_gen_siem_destination import ( + ObservabilityPipelineCrowdStrikeNextGenSiemDestination, + ) return { "oneOf": [ @@ -179,5 +185,6 @@ def _composed_schemas(_): ObservabilityPipelineSentinelOneDestination, ObservabilityPipelineOpenSearchDestination, ObservabilityPipelineAmazonOpenSearchDestination, + ObservabilityPipelineCrowdStrikeNextGenSiemDestination, ], } diff --git a/src/datadog_api_client/v2/model/observability_pipeline_crowd_strike_next_gen_siem_destination.py b/src/datadog_api_client/v2/model/observability_pipeline_crowd_strike_next_gen_siem_destination.py new file mode 100644 index 0000000000..d1dbc9facf --- /dev/null +++ b/src/datadog_api_client/v2/model/observability_pipeline_crowd_strike_next_gen_siem_destination.py @@ -0,0 +1,101 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.observability_pipeline_crowd_strike_next_gen_siem_destination_compression import ( + ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompression, + ) + from datadog_api_client.v2.model.observability_pipeline_crowd_strike_next_gen_siem_destination_encoding import ( + ObservabilityPipelineCrowdStrikeNextGenSiemDestinationEncoding, + ) + from datadog_api_client.v2.model.observability_pipeline_tls import ObservabilityPipelineTls + from datadog_api_client.v2.model.observability_pipeline_crowd_strike_next_gen_siem_destination_type import ( + ObservabilityPipelineCrowdStrikeNextGenSiemDestinationType, + ) + + +class ObservabilityPipelineCrowdStrikeNextGenSiemDestination(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.observability_pipeline_crowd_strike_next_gen_siem_destination_compression import ( + ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompression, + ) + from datadog_api_client.v2.model.observability_pipeline_crowd_strike_next_gen_siem_destination_encoding import ( + ObservabilityPipelineCrowdStrikeNextGenSiemDestinationEncoding, + ) + from datadog_api_client.v2.model.observability_pipeline_tls import ObservabilityPipelineTls + from datadog_api_client.v2.model.observability_pipeline_crowd_strike_next_gen_siem_destination_type import ( + ObservabilityPipelineCrowdStrikeNextGenSiemDestinationType, + ) + + return { + "compression": (ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompression,), + "encoding": (ObservabilityPipelineCrowdStrikeNextGenSiemDestinationEncoding,), + "id": (str,), + "inputs": ([str],), + "tls": (ObservabilityPipelineTls,), + "type": (ObservabilityPipelineCrowdStrikeNextGenSiemDestinationType,), + } + + attribute_map = { + "compression": "compression", + "encoding": "encoding", + "id": "id", + "inputs": "inputs", + "tls": "tls", + "type": "type", + } + + def __init__( + self_, + encoding: ObservabilityPipelineCrowdStrikeNextGenSiemDestinationEncoding, + id: str, + inputs: List[str], + type: ObservabilityPipelineCrowdStrikeNextGenSiemDestinationType, + compression: Union[ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompression, UnsetType] = unset, + tls: Union[ObservabilityPipelineTls, UnsetType] = unset, + **kwargs, + ): + """ + The ``crowdstrike_next_gen_siem`` destination forwards logs to CrowdStrike Next Gen SIEM. + + :param compression: Compression configuration for log events. + :type compression: ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompression, optional + + :param encoding: Encoding format for log events. + :type encoding: ObservabilityPipelineCrowdStrikeNextGenSiemDestinationEncoding + + :param id: The unique identifier for this component. + :type id: str + + :param inputs: A list of component IDs whose output is used as the ``input`` for this component. + :type inputs: [str] + + :param tls: Configuration for enabling TLS encryption between the pipeline component and external services. + :type tls: ObservabilityPipelineTls, optional + + :param type: The destination type. The value should always be ``crowdstrike_next_gen_siem``. + :type type: ObservabilityPipelineCrowdStrikeNextGenSiemDestinationType + """ + if compression is not unset: + kwargs["compression"] = compression + if tls is not unset: + kwargs["tls"] = tls + super().__init__(kwargs) + + self_.encoding = encoding + self_.id = id + self_.inputs = inputs + self_.type = type diff --git a/src/datadog_api_client/v2/model/observability_pipeline_crowd_strike_next_gen_siem_destination_compression.py b/src/datadog_api_client/v2/model/observability_pipeline_crowd_strike_next_gen_siem_destination_compression.py new file mode 100644 index 0000000000..011afe091f --- /dev/null +++ b/src/datadog_api_client/v2/model/observability_pipeline_crowd_strike_next_gen_siem_destination_compression.py @@ -0,0 +1,58 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.observability_pipeline_crowd_strike_next_gen_siem_destination_compression_algorithm import ( + ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompressionAlgorithm, + ) + + +class ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompression(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.observability_pipeline_crowd_strike_next_gen_siem_destination_compression_algorithm import ( + ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompressionAlgorithm, + ) + + return { + "algorithm": (ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompressionAlgorithm,), + "level": (int,), + } + + attribute_map = { + "algorithm": "algorithm", + "level": "level", + } + + def __init__( + self_, + algorithm: ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompressionAlgorithm, + level: Union[int, UnsetType] = unset, + **kwargs, + ): + """ + Compression configuration for log events. + + :param algorithm: Compression algorithm for log events. + :type algorithm: ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompressionAlgorithm + + :param level: Compression level. + :type level: int, optional + """ + if level is not unset: + kwargs["level"] = level + super().__init__(kwargs) + + self_.algorithm = algorithm diff --git a/src/datadog_api_client/v2/model/observability_pipeline_crowd_strike_next_gen_siem_destination_compression_algorithm.py b/src/datadog_api_client/v2/model/observability_pipeline_crowd_strike_next_gen_siem_destination_compression_algorithm.py new file mode 100644 index 0000000000..82506afe18 --- /dev/null +++ b/src/datadog_api_client/v2/model/observability_pipeline_crowd_strike_next_gen_siem_destination_compression_algorithm.py @@ -0,0 +1,42 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompressionAlgorithm(ModelSimple): + """ + Compression algorithm for log events. + + :param value: Must be one of ["gzip", "zlib"]. + :type value: str + """ + + allowed_values = { + "gzip", + "zlib", + } + GZIP: ClassVar["ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompressionAlgorithm"] + ZLIB: ClassVar["ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompressionAlgorithm"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompressionAlgorithm.GZIP = ( + ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompressionAlgorithm("gzip") +) +ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompressionAlgorithm.ZLIB = ( + ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompressionAlgorithm("zlib") +) diff --git a/src/datadog_api_client/v2/model/observability_pipeline_crowd_strike_next_gen_siem_destination_encoding.py b/src/datadog_api_client/v2/model/observability_pipeline_crowd_strike_next_gen_siem_destination_encoding.py new file mode 100644 index 0000000000..f162d1ac9f --- /dev/null +++ b/src/datadog_api_client/v2/model/observability_pipeline_crowd_strike_next_gen_siem_destination_encoding.py @@ -0,0 +1,42 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class ObservabilityPipelineCrowdStrikeNextGenSiemDestinationEncoding(ModelSimple): + """ + Encoding format for log events. + + :param value: Must be one of ["json", "raw_message"]. + :type value: str + """ + + allowed_values = { + "json", + "raw_message", + } + JSON: ClassVar["ObservabilityPipelineCrowdStrikeNextGenSiemDestinationEncoding"] + RAW_MESSAGE: ClassVar["ObservabilityPipelineCrowdStrikeNextGenSiemDestinationEncoding"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +ObservabilityPipelineCrowdStrikeNextGenSiemDestinationEncoding.JSON = ( + ObservabilityPipelineCrowdStrikeNextGenSiemDestinationEncoding("json") +) +ObservabilityPipelineCrowdStrikeNextGenSiemDestinationEncoding.RAW_MESSAGE = ( + ObservabilityPipelineCrowdStrikeNextGenSiemDestinationEncoding("raw_message") +) diff --git a/src/datadog_api_client/v2/model/observability_pipeline_crowd_strike_next_gen_siem_destination_type.py b/src/datadog_api_client/v2/model/observability_pipeline_crowd_strike_next_gen_siem_destination_type.py new file mode 100644 index 0000000000..3d84666dc2 --- /dev/null +++ b/src/datadog_api_client/v2/model/observability_pipeline_crowd_strike_next_gen_siem_destination_type.py @@ -0,0 +1,37 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class ObservabilityPipelineCrowdStrikeNextGenSiemDestinationType(ModelSimple): + """ + The destination type. The value should always be `crowdstrike_next_gen_siem`. + + :param value: If omitted defaults to "crowdstrike_next_gen_siem". Must be one of ["crowdstrike_next_gen_siem"]. + :type value: str + """ + + allowed_values = { + "crowdstrike_next_gen_siem", + } + CROWDSTRIKE_NEXT_GEN_SIEM: ClassVar["ObservabilityPipelineCrowdStrikeNextGenSiemDestinationType"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +ObservabilityPipelineCrowdStrikeNextGenSiemDestinationType.CROWDSTRIKE_NEXT_GEN_SIEM = ( + ObservabilityPipelineCrowdStrikeNextGenSiemDestinationType("crowdstrike_next_gen_siem") +) diff --git a/src/datadog_api_client/v2/models/__init__.py b/src/datadog_api_client/v2/models/__init__.py index c87e8e8199..af75442358 100644 --- a/src/datadog_api_client/v2/models/__init__.py +++ b/src/datadog_api_client/v2/models/__init__.py @@ -2182,6 +2182,21 @@ ObservabilityPipelineConfigProcessorItem, ) from datadog_api_client.v2.model.observability_pipeline_config_source_item import ObservabilityPipelineConfigSourceItem +from datadog_api_client.v2.model.observability_pipeline_crowd_strike_next_gen_siem_destination import ( + ObservabilityPipelineCrowdStrikeNextGenSiemDestination, +) +from datadog_api_client.v2.model.observability_pipeline_crowd_strike_next_gen_siem_destination_compression import ( + ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompression, +) +from datadog_api_client.v2.model.observability_pipeline_crowd_strike_next_gen_siem_destination_compression_algorithm import ( + ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompressionAlgorithm, +) +from datadog_api_client.v2.model.observability_pipeline_crowd_strike_next_gen_siem_destination_encoding import ( + ObservabilityPipelineCrowdStrikeNextGenSiemDestinationEncoding, +) +from datadog_api_client.v2.model.observability_pipeline_crowd_strike_next_gen_siem_destination_type import ( + ObservabilityPipelineCrowdStrikeNextGenSiemDestinationType, +) from datadog_api_client.v2.model.observability_pipeline_data import ObservabilityPipelineData from datadog_api_client.v2.model.observability_pipeline_data_attributes import ObservabilityPipelineDataAttributes from datadog_api_client.v2.model.observability_pipeline_datadog_agent_source import ( @@ -5514,6 +5529,11 @@ "ObservabilityPipelineConfigDestinationItem", "ObservabilityPipelineConfigProcessorItem", "ObservabilityPipelineConfigSourceItem", + "ObservabilityPipelineCrowdStrikeNextGenSiemDestination", + "ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompression", + "ObservabilityPipelineCrowdStrikeNextGenSiemDestinationCompressionAlgorithm", + "ObservabilityPipelineCrowdStrikeNextGenSiemDestinationEncoding", + "ObservabilityPipelineCrowdStrikeNextGenSiemDestinationType", "ObservabilityPipelineData", "ObservabilityPipelineDataAttributes", "ObservabilityPipelineDatadogAgentSource",