diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index cb3f6062e0..21b4b1eb3c 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -433,6 +433,13 @@ components: required: true schema: type: string + HistoricalSignalID: + description: The ID of the historical signal. + in: path + name: histsignal_id + required: true + schema: + type: string IncidentAttachmentFilterQueryParameter: description: Specifies which types of attachments are included in the response. explode: false @@ -745,6 +752,58 @@ components: required: true schema: type: string + QueryFilterFrom: + description: The minimum timestamp for requested security signals. + example: '2019-01-02T09:42:36.320Z' + in: query + name: filter[from] + required: false + schema: + format: date-time + type: string + QueryFilterSearch: + description: The search query for security signals. + example: security:attack status:high + in: query + name: filter[query] + required: false + schema: + type: string + QueryFilterTo: + description: The maximum timestamp for requested security signals. + example: '2019-01-03T09:42:36.320Z' + in: query + name: filter[to] + required: false + schema: + format: date-time + type: string + QueryPageCursor: + description: A list of results using the cursor provided in the previous query. + example: eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== + in: query + name: page[cursor] + required: false + schema: + type: string + QueryPageLimit: + description: The maximum number of security signals in the response. + example: 25 + in: query + name: page[limit] + required: false + schema: + default: 10 + format: int32 + maximum: 1000 + type: integer + QuerySort: + description: The order of the security signals in results. + in: query + name: sort + required: false + schema: + $ref: '#/components/schemas/SecurityMonitoringSignalsSort' RelationInclude: description: Include relationship data. explode: true @@ -65338,52 +65397,12 @@ paths: security signals.' operationId: ListSecurityMonitoringSignals parameters: - - description: The search query for security signals. - example: security:attack status:high - in: query - name: filter[query] - required: false - schema: - type: string - - description: The minimum timestamp for requested security signals. - example: '2019-01-02T09:42:36.320Z' - in: query - name: filter[from] - required: false - schema: - format: date-time - type: string - - description: The maximum timestamp for requested security signals. - example: '2019-01-03T09:42:36.320Z' - in: query - name: filter[to] - required: false - schema: - format: date-time - type: string - - description: The order of the security signals in results. - in: query - name: sort - required: false - schema: - $ref: '#/components/schemas/SecurityMonitoringSignalsSort' - - description: A list of results using the cursor provided in the previous query. - example: eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== - in: query - name: page[cursor] - required: false - schema: - type: string - - description: The maximum number of security signals in the response. - example: 25 - in: query - name: page[limit] - required: false - schema: - default: 10 - format: int32 - maximum: 1000 - type: integer + - $ref: '#/components/parameters/QueryFilterSearch' + - $ref: '#/components/parameters/QueryFilterFrom' + - $ref: '#/components/parameters/QueryFilterTo' + - $ref: '#/components/parameters/QuerySort' + - $ref: '#/components/parameters/QueryPageCursor' + - $ref: '#/components/parameters/QueryPageLimit' responses: '200': content: @@ -66664,6 +66683,123 @@ paths: permissions: - incident_settings_write x-unstable: '**Note**: This endpoint is deprecated.' + /api/v2/siem-historical-detections/histsignals: + get: + description: List hist signals. + operationId: ListSecurityMonitoringHistsignals + parameters: + - $ref: '#/components/parameters/QueryFilterSearch' + - $ref: '#/components/parameters/QueryFilterFrom' + - $ref: '#/components/parameters/QueryFilterTo' + - $ref: '#/components/parameters/QuerySort' + - $ref: '#/components/parameters/QueryPageCursor' + - $ref: '#/components/parameters/QueryPageLimit' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringSignalsListResponse' + description: OK + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_signals_read + summary: List hist signals + tags: + - Security Monitoring + x-permission: + operator: OR + permissions: + - security_monitoring_signals_read + x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. + + Please check the documentation regularly for updates.' + /api/v2/siem-historical-detections/histsignals/search: + get: + description: Search hist signals. + operationId: SearchSecurityMonitoringHistsignals + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringSignalListRequest' + required: false + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringSignalsListResponse' + description: OK + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_signals_read + summary: Search hist signals + tags: + - Security Monitoring + x-permission: + operator: OR + permissions: + - security_monitoring_signals_read + x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. + + Please check the documentation regularly for updates.' + /api/v2/siem-historical-detections/histsignals/{histsignal_id}: + get: + description: Get a hist signal's details. + operationId: GetSecurityMonitoringHistsignal + parameters: + - $ref: '#/components/parameters/HistoricalSignalID' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringSignalResponse' + description: OK + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_signals_read + summary: Get a hist signal's details + tags: + - Security Monitoring + x-permission: + operator: OR + permissions: + - security_monitoring_signals_read + x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. + + Please check the documentation regularly for updates.' /api/v2/siem-historical-detections/jobs: get: description: List historical jobs. @@ -66885,6 +67021,48 @@ paths: - security_monitoring_rules_write x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. + Please check the documentation regularly for updates.' + /api/v2/siem-historical-detections/jobs/{job_id}/histsignals: + get: + description: Get a job's hist signals. + operationId: GetSecurityMonitoringHistsignalsByJobId + parameters: + - $ref: '#/components/parameters/HistoricalJobID' + - $ref: '#/components/parameters/QueryFilterSearch' + - $ref: '#/components/parameters/QueryFilterFrom' + - $ref: '#/components/parameters/QueryFilterTo' + - $ref: '#/components/parameters/QuerySort' + - $ref: '#/components/parameters/QueryPageCursor' + - $ref: '#/components/parameters/QueryPageLimit' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringSignalsListResponse' + description: OK + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_signals_read + summary: Get a job's hist signals + tags: + - Security Monitoring + x-permission: + operator: OR + permissions: + - security_monitoring_signals_read + x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. + Please check the documentation regularly for updates.' /api/v2/slo/report: post: diff --git a/examples/v2/security-monitoring/GetSecurityMonitoringHistsignal.py b/examples/v2/security-monitoring/GetSecurityMonitoringHistsignal.py new file mode 100644 index 0000000000..8d41a0a274 --- /dev/null +++ b/examples/v2/security-monitoring/GetSecurityMonitoringHistsignal.py @@ -0,0 +1,16 @@ +""" +Get a hist signal's details returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi + +configuration = Configuration() +configuration.unstable_operations["get_security_monitoring_histsignal"] = True +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.get_security_monitoring_histsignal( + histsignal_id="histsignal_id", + ) + + print(response) diff --git a/examples/v2/security-monitoring/GetSecurityMonitoringHistsignalsByJobId.py b/examples/v2/security-monitoring/GetSecurityMonitoringHistsignalsByJobId.py new file mode 100644 index 0000000000..8c274457d9 --- /dev/null +++ b/examples/v2/security-monitoring/GetSecurityMonitoringHistsignalsByJobId.py @@ -0,0 +1,16 @@ +""" +Get a job's hist signals returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi + +configuration = Configuration() +configuration.unstable_operations["get_security_monitoring_histsignals_by_job_id"] = True +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.get_security_monitoring_histsignals_by_job_id( + job_id="job_id", + ) + + print(response) diff --git a/examples/v2/security-monitoring/ListSecurityMonitoringHistsignals.py b/examples/v2/security-monitoring/ListSecurityMonitoringHistsignals.py new file mode 100644 index 0000000000..f8de9165cc --- /dev/null +++ b/examples/v2/security-monitoring/ListSecurityMonitoringHistsignals.py @@ -0,0 +1,14 @@ +""" +List hist signals returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi + +configuration = Configuration() +configuration.unstable_operations["list_security_monitoring_histsignals"] = True +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.list_security_monitoring_histsignals() + + print(response) diff --git a/examples/v2/security-monitoring/SearchSecurityMonitoringHistsignals.py b/examples/v2/security-monitoring/SearchSecurityMonitoringHistsignals.py new file mode 100644 index 0000000000..b14ac41093 --- /dev/null +++ b/examples/v2/security-monitoring/SearchSecurityMonitoringHistsignals.py @@ -0,0 +1,37 @@ +""" +Search hist signals returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi +from datadog_api_client.v2.model.security_monitoring_signal_list_request import SecurityMonitoringSignalListRequest +from datadog_api_client.v2.model.security_monitoring_signal_list_request_filter import ( + SecurityMonitoringSignalListRequestFilter, +) +from datadog_api_client.v2.model.security_monitoring_signal_list_request_page import ( + SecurityMonitoringSignalListRequestPage, +) +from datadog_api_client.v2.model.security_monitoring_signals_sort import SecurityMonitoringSignalsSort +from datetime import datetime +from dateutil.tz import tzutc + +body = SecurityMonitoringSignalListRequest( + filter=SecurityMonitoringSignalListRequestFilter( + _from=datetime(2019, 1, 2, 9, 42, 36, 320000, tzinfo=tzutc()), + query="security:attack status:high", + to=datetime(2019, 1, 3, 9, 42, 36, 320000, tzinfo=tzutc()), + ), + page=SecurityMonitoringSignalListRequestPage( + cursor="eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ==", + limit=25, + ), + sort=SecurityMonitoringSignalsSort.TIMESTAMP_ASCENDING, +) + +configuration = Configuration() +configuration.unstable_operations["search_security_monitoring_histsignals"] = True +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.search_security_monitoring_histsignals(body=body) + + print(response) diff --git a/src/datadog_api_client/configuration.py b/src/datadog_api_client/configuration.py index 06f44f0d23..f815bc22b7 100644 --- a/src/datadog_api_client/configuration.py +++ b/src/datadog_api_client/configuration.py @@ -248,13 +248,17 @@ def __init__( "v2.get_historical_job": False, "v2.get_rule_version_history": False, "v2.get_sbom": False, + "v2.get_security_monitoring_histsignal": False, + "v2.get_security_monitoring_histsignals_by_job_id": False, "v2.list_assets_sbo_ms": False, "v2.list_findings": False, "v2.list_historical_jobs": False, + "v2.list_security_monitoring_histsignals": False, "v2.list_vulnerabilities": False, "v2.list_vulnerable_assets": False, "v2.mute_findings": False, "v2.run_historical_job": False, + "v2.search_security_monitoring_histsignals": False, "v2.create_dataset": False, "v2.delete_dataset": False, "v2.get_all_datasets": False, diff --git a/src/datadog_api_client/v2/api/security_monitoring_api.py b/src/datadog_api_client/v2/api/security_monitoring_api.py index 3a7e124064..afb2fd2330 100644 --- a/src/datadog_api_client/v2/api/security_monitoring_api.py +++ b/src/datadog_api_client/v2/api/security_monitoring_api.py @@ -772,6 +772,85 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._get_security_monitoring_histsignal_endpoint = _Endpoint( + settings={ + "response_type": (SecurityMonitoringSignalResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/siem-historical-detections/histsignals/{histsignal_id}", + "operation_id": "get_security_monitoring_histsignal", + "http_method": "GET", + "version": "v2", + }, + params_map={ + "histsignal_id": { + "required": True, + "openapi_types": (str,), + "attribute": "histsignal_id", + "location": "path", + }, + }, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + + self._get_security_monitoring_histsignals_by_job_id_endpoint = _Endpoint( + settings={ + "response_type": (SecurityMonitoringSignalsListResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/siem-historical-detections/jobs/{job_id}/histsignals", + "operation_id": "get_security_monitoring_histsignals_by_job_id", + "http_method": "GET", + "version": "v2", + }, + params_map={ + "job_id": { + "required": True, + "openapi_types": (str,), + "attribute": "job_id", + "location": "path", + }, + "filter_query": { + "openapi_types": (str,), + "attribute": "filter[query]", + "location": "query", + }, + "filter_from": { + "openapi_types": (datetime,), + "attribute": "filter[from]", + "location": "query", + }, + "filter_to": { + "openapi_types": (datetime,), + "attribute": "filter[to]", + "location": "query", + }, + "sort": { + "openapi_types": (SecurityMonitoringSignalsSort,), + "attribute": "sort", + "location": "query", + }, + "page_cursor": { + "openapi_types": (str,), + "attribute": "page[cursor]", + "location": "query", + }, + "page_limit": { + "validation": { + "inclusive_maximum": 1000, + }, + "openapi_types": (int,), + "attribute": "page[limit]", + "location": "query", + }, + }, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + self._get_security_monitoring_rule_endpoint = _Endpoint( settings={ "response_type": (SecurityMonitoringRuleResponse,), @@ -1175,6 +1254,56 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._list_security_monitoring_histsignals_endpoint = _Endpoint( + settings={ + "response_type": (SecurityMonitoringSignalsListResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/siem-historical-detections/histsignals", + "operation_id": "list_security_monitoring_histsignals", + "http_method": "GET", + "version": "v2", + }, + params_map={ + "filter_query": { + "openapi_types": (str,), + "attribute": "filter[query]", + "location": "query", + }, + "filter_from": { + "openapi_types": (datetime,), + "attribute": "filter[from]", + "location": "query", + }, + "filter_to": { + "openapi_types": (datetime,), + "attribute": "filter[to]", + "location": "query", + }, + "sort": { + "openapi_types": (SecurityMonitoringSignalsSort,), + "attribute": "sort", + "location": "query", + }, + "page_cursor": { + "openapi_types": (str,), + "attribute": "page[cursor]", + "location": "query", + }, + "page_limit": { + "validation": { + "inclusive_maximum": 1000, + }, + "openapi_types": (int,), + "attribute": "page[limit]", + "location": "query", + }, + }, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + self._list_security_monitoring_rules_endpoint = _Endpoint( settings={ "response_type": (SecurityMonitoringListRulesResponse,), @@ -1707,6 +1836,25 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._search_security_monitoring_histsignals_endpoint = _Endpoint( + settings={ + "response_type": (SecurityMonitoringSignalsListResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/siem-historical-detections/histsignals/search", + "operation_id": "search_security_monitoring_histsignals", + "http_method": "GET", + "version": "v2", + }, + params_map={ + "body": { + "openapi_types": (SecurityMonitoringSignalListRequest,), + "location": "body", + }, + }, + headers_map={"accept": ["application/json"], "content_type": ["application/json"]}, + api_client=api_client, + ) + self._search_security_monitoring_signals_endpoint = _Endpoint( settings={ "response_type": (SecurityMonitoringSignalsListResponse,), @@ -2487,6 +2635,77 @@ def get_security_filter( return self._get_security_filter_endpoint.call_with_http_info(**kwargs) + def get_security_monitoring_histsignal( + self, + histsignal_id: str, + ) -> SecurityMonitoringSignalResponse: + """Get a hist signal's details. + + Get a hist signal's details. + + :param histsignal_id: The ID of the historical signal. + :type histsignal_id: str + :rtype: SecurityMonitoringSignalResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["histsignal_id"] = histsignal_id + + return self._get_security_monitoring_histsignal_endpoint.call_with_http_info(**kwargs) + + def get_security_monitoring_histsignals_by_job_id( + self, + job_id: str, + *, + filter_query: Union[str, UnsetType] = unset, + filter_from: Union[datetime, UnsetType] = unset, + filter_to: Union[datetime, UnsetType] = unset, + sort: Union[SecurityMonitoringSignalsSort, UnsetType] = unset, + page_cursor: Union[str, UnsetType] = unset, + page_limit: Union[int, UnsetType] = unset, + ) -> SecurityMonitoringSignalsListResponse: + """Get a job's hist signals. + + Get a job's hist signals. + + :param job_id: The ID of the job. + :type job_id: str + :param filter_query: The search query for security signals. + :type filter_query: str, optional + :param filter_from: The minimum timestamp for requested security signals. + :type filter_from: datetime, optional + :param filter_to: The maximum timestamp for requested security signals. + :type filter_to: datetime, optional + :param sort: The order of the security signals in results. + :type sort: SecurityMonitoringSignalsSort, optional + :param page_cursor: A list of results using the cursor provided in the previous query. + :type page_cursor: str, optional + :param page_limit: The maximum number of security signals in the response. + :type page_limit: int, optional + :rtype: SecurityMonitoringSignalsListResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["job_id"] = job_id + + if filter_query is not unset: + kwargs["filter_query"] = filter_query + + if filter_from is not unset: + kwargs["filter_from"] = filter_from + + if filter_to is not unset: + kwargs["filter_to"] = filter_to + + if sort is not unset: + kwargs["sort"] = sort + + if page_cursor is not unset: + kwargs["page_cursor"] = page_cursor + + if page_limit is not unset: + kwargs["page_limit"] = page_limit + + return self._get_security_monitoring_histsignals_by_job_id_endpoint.call_with_http_info(**kwargs) + def get_security_monitoring_rule( self, rule_id: str, @@ -3019,6 +3238,55 @@ def list_security_filters( kwargs: Dict[str, Any] = {} return self._list_security_filters_endpoint.call_with_http_info(**kwargs) + def list_security_monitoring_histsignals( + self, + *, + filter_query: Union[str, UnsetType] = unset, + filter_from: Union[datetime, UnsetType] = unset, + filter_to: Union[datetime, UnsetType] = unset, + sort: Union[SecurityMonitoringSignalsSort, UnsetType] = unset, + page_cursor: Union[str, UnsetType] = unset, + page_limit: Union[int, UnsetType] = unset, + ) -> SecurityMonitoringSignalsListResponse: + """List hist signals. + + List hist signals. + + :param filter_query: The search query for security signals. + :type filter_query: str, optional + :param filter_from: The minimum timestamp for requested security signals. + :type filter_from: datetime, optional + :param filter_to: The maximum timestamp for requested security signals. + :type filter_to: datetime, optional + :param sort: The order of the security signals in results. + :type sort: SecurityMonitoringSignalsSort, optional + :param page_cursor: A list of results using the cursor provided in the previous query. + :type page_cursor: str, optional + :param page_limit: The maximum number of security signals in the response. + :type page_limit: int, optional + :rtype: SecurityMonitoringSignalsListResponse + """ + kwargs: Dict[str, Any] = {} + if filter_query is not unset: + kwargs["filter_query"] = filter_query + + if filter_from is not unset: + kwargs["filter_from"] = filter_from + + if filter_to is not unset: + kwargs["filter_to"] = filter_to + + if sort is not unset: + kwargs["sort"] = sort + + if page_cursor is not unset: + kwargs["page_cursor"] = page_cursor + + if page_limit is not unset: + kwargs["page_limit"] = page_limit + + return self._list_security_monitoring_histsignals_endpoint.call_with_http_info(**kwargs) + def list_security_monitoring_rules( self, *, @@ -3724,6 +3992,24 @@ def run_historical_job( return self._run_historical_job_endpoint.call_with_http_info(**kwargs) + def search_security_monitoring_histsignals( + self, + *, + body: Union[SecurityMonitoringSignalListRequest, UnsetType] = unset, + ) -> SecurityMonitoringSignalsListResponse: + """Search hist signals. + + Search hist signals. + + :type body: SecurityMonitoringSignalListRequest, optional + :rtype: SecurityMonitoringSignalsListResponse + """ + kwargs: Dict[str, Any] = {} + if body is not unset: + kwargs["body"] = body + + return self._search_security_monitoring_histsignals_endpoint.call_with_http_info(**kwargs) + def search_security_monitoring_signals( self, *, diff --git a/tests/v2/features/security_monitoring.feature b/tests/v2/features/security_monitoring.feature index 89424290ce..c06b0abac0 100644 --- a/tests/v2/features/security_monitoring.feature +++ b/tests/v2/features/security_monitoring.feature @@ -591,6 +591,30 @@ Feature: Security Monitoring Then the response status is 200 OK And the response "data.attributes.evaluation" is equal to "pass" + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Get a hist signal's details returns "Bad Request" response + Given operation "GetSecurityMonitoringHistsignal" enabled + And new "GetSecurityMonitoringHistsignal" request + And request contains "histsignal_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Get a hist signal's details returns "Not Found" response + Given operation "GetSecurityMonitoringHistsignal" enabled + And new "GetSecurityMonitoringHistsignal" request + And request contains "histsignal_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 404 Not Found + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Get a hist signal's details returns "OK" response + Given operation "GetSecurityMonitoringHistsignal" enabled + And new "GetSecurityMonitoringHistsignal" request + And request contains "histsignal_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 200 OK + @team:DataDog/k9-cloud-security-platform Scenario: Get a job's details returns "Bad Request" response Given operation "GetHistoricalJob" enabled @@ -617,6 +641,30 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Get a job's hist signals returns "Bad Request" response + Given operation "GetSecurityMonitoringHistsignalsByJobId" enabled + And new "GetSecurityMonitoringHistsignalsByJobId" request + And request contains "job_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Get a job's hist signals returns "Not Found" response + Given operation "GetSecurityMonitoringHistsignalsByJobId" enabled + And new "GetSecurityMonitoringHistsignalsByJobId" request + And request contains "job_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 404 Not Found + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Get a job's hist signals returns "OK" response + Given operation "GetSecurityMonitoringHistsignalsByJobId" enabled + And new "GetSecurityMonitoringHistsignalsByJobId" request + And request contains "job_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 200 OK + @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Get a list of security signals returns "Bad Request" response Given new "SearchSecurityMonitoringSignals" request @@ -942,6 +990,27 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: List hist signals returns "Bad Request" response + Given operation "ListSecurityMonitoringHistsignals" enabled + And new "ListSecurityMonitoringHistsignals" request + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: List hist signals returns "Not Found" response + Given operation "ListSecurityMonitoringHistsignals" enabled + And new "ListSecurityMonitoringHistsignals" request + When the request is sent + Then the response status is 404 Not Found + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: List hist signals returns "OK" response + Given operation "ListSecurityMonitoringHistsignals" enabled + And new "ListSecurityMonitoringHistsignals" request + When the request is sent + Then the response status is 200 OK + @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: List historical jobs returns "Bad Request" response Given operation "ListHistoricalJobs" enabled @@ -1186,6 +1255,30 @@ Feature: Security Monitoring When the request is sent Then the response status is 201 Status created + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Search hist signals returns "Bad Request" response + Given operation "SearchSecurityMonitoringHistsignals" enabled + And new "SearchSecurityMonitoringHistsignals" request + And body with value {"filter": {"from": "2019-01-02T09:42:36.320Z", "query": "security:attack status:high", "to": "2019-01-03T09:42:36.320Z"}, "page": {"cursor": "eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ==", "limit": 25}, "sort": "timestamp"} + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Search hist signals returns "Not Found" response + Given operation "SearchSecurityMonitoringHistsignals" enabled + And new "SearchSecurityMonitoringHistsignals" request + And body with value {"filter": {"from": "2019-01-02T09:42:36.320Z", "query": "security:attack status:high", "to": "2019-01-03T09:42:36.320Z"}, "page": {"cursor": "eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ==", "limit": 25}, "sort": "timestamp"} + When the request is sent + Then the response status is 404 Not Found + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Search hist signals returns "OK" response + Given operation "SearchSecurityMonitoringHistsignals" enabled + And new "SearchSecurityMonitoringHistsignals" request + And body with value {"filter": {"from": "2019-01-02T09:42:36.320Z", "query": "security:attack status:high", "to": "2019-01-03T09:42:36.320Z"}, "page": {"cursor": "eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ==", "limit": 25}, "sort": "timestamp"} + When the request is sent + Then the response status is 200 OK + @skip @team:DataDog/k9-cloud-security-platform Scenario: Test a rule returns "Bad Request" response Given new "TestSecurityMonitoringRule" request diff --git a/tests/v2/features/undo.json b/tests/v2/features/undo.json index 3ae6306bca..b3731714ef 100644 --- a/tests/v2/features/undo.json +++ b/tests/v2/features/undo.json @@ -3362,6 +3362,24 @@ "type": "idempotent" } }, + "ListSecurityMonitoringHistsignals": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "SearchSecurityMonitoringHistsignals": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "GetSecurityMonitoringHistsignal": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, "ListHistoricalJobs": { "tag": "Security Monitoring", "undo": { @@ -3398,6 +3416,12 @@ "type": "idempotent" } }, + "GetSecurityMonitoringHistsignalsByJobId": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, "CreateSLOReportJob": { "tag": "Service Level Objectives", "undo": {