diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index 59c7b8b08..be9a2271b 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -458,20 +458,6 @@ components: items: $ref: '#/components/schemas/GetIssueIncludeQueryParameterItem' type: array - HistoricalJobID: - description: The ID of the job. - in: path - name: job_id - required: true - schema: - type: string - HistoricalSignalID: - description: The ID of the historical signal. - in: path - name: histsignal_id - required: true - schema: - type: string IncidentAttachmentFilterQueryParameter: description: Specifies which types of attachments are included in the response. explode: false @@ -1091,6 +1077,20 @@ components: required: true schema: type: string + ThreatHuntingJobID: + description: The ID of the job. + in: path + name: job_id + required: true + schema: + type: string + ThreatHuntingSignalID: + description: The ID of the threat hunting signal. + in: path + name: histsignal_id + required: true + schema: + type: string UserID: description: The ID of the user. in: path @@ -11815,7 +11815,7 @@ components: - GZIP - DEFLATE ConvertJobResultsToSignalsAttributes: - description: Attributes for converting historical job results to signals. + description: Attributes for converting threat hunting job results to signals. properties: id: description: Request ID. @@ -11847,7 +11847,7 @@ components: - notifications type: object ConvertJobResultsToSignalsData: - description: Data for converting historical job results to signals. + description: Data for converting threat hunting job results to signals. properties: attributes: $ref: '#/components/schemas/ConvertJobResultsToSignalsAttributes' @@ -11862,7 +11862,7 @@ components: x-enum-varnames: - HISTORICALDETECTIONSJOBRESULTSIGNALCONVERSION ConvertJobResultsToSignalsRequest: - description: Request for converting historical job results to signals. + description: Request for converting threat hunting job results to signals. properties: data: $ref: '#/components/schemas/ConvertJobResultsToSignalsData' @@ -22191,130 +22191,6 @@ components: - type - value type: object - HistoricalJobDataType: - description: Type of payload. - enum: - - historicalDetectionsJob - type: string - x-enum-varnames: - - HISTORICALDETECTIONSJOB - HistoricalJobListMeta: - description: Metadata about the list of jobs. - properties: - totalCount: - description: Number of jobs in the list. - format: int32 - maximum: 2147483647 - type: integer - type: object - HistoricalJobOptions: - description: Job options. - properties: - detectionMethod: - $ref: '#/components/schemas/SecurityMonitoringRuleDetectionMethod' - evaluationWindow: - $ref: '#/components/schemas/SecurityMonitoringRuleEvaluationWindow' - impossibleTravelOptions: - $ref: '#/components/schemas/SecurityMonitoringRuleImpossibleTravelOptions' - keepAlive: - $ref: '#/components/schemas/SecurityMonitoringRuleKeepAlive' - maxSignalDuration: - $ref: '#/components/schemas/SecurityMonitoringRuleMaxSignalDuration' - newValueOptions: - $ref: '#/components/schemas/SecurityMonitoringRuleNewValueOptions' - sequenceDetectionOptions: - $ref: '#/components/schemas/SecurityMonitoringRuleSequenceDetectionOptions' - thirdPartyRuleOptions: - $ref: '#/components/schemas/SecurityMonitoringRuleThirdPartyOptions' - type: object - HistoricalJobQuery: - description: Query for selecting logs analyzed by the historical job. - properties: - aggregation: - $ref: '#/components/schemas/SecurityMonitoringRuleQueryAggregation' - dataSource: - $ref: '#/components/schemas/SecurityMonitoringStandardDataSource' - distinctFields: - description: Field for which the cardinality is measured. Sent as an array. - items: - description: Field. - type: string - type: array - groupByFields: - description: Fields to group by. - items: - description: Field. - type: string - type: array - hasOptionalGroupByFields: - default: false - description: When false, events without a group-by value are ignored by - the query. When true, events with missing group-by fields are processed - with `N/A`, replacing the missing values. - example: false - type: boolean - metrics: - description: Group of target fields to aggregate over when using the sum, - max, geo data, or new value aggregations. The sum, max, and geo data aggregations - only accept one value in this list, whereas the new value aggregation - accepts up to five values. - items: - description: Field. - type: string - type: array - name: - description: Name of the query. - type: string - query: - description: Query to run on logs. - example: a > 3 - type: string - type: object - HistoricalJobResponse: - description: Historical job response. - properties: - data: - $ref: '#/components/schemas/HistoricalJobResponseData' - type: object - HistoricalJobResponseAttributes: - description: Historical job attributes. - properties: - createdAt: - description: Time when the job was created. - type: string - createdByHandle: - description: The handle of the user who created the job. - type: string - createdByName: - description: The name of the user who created the job. - type: string - createdFromRuleId: - description: ID of the rule used to create the job (if it is created from - a rule). - type: string - jobDefinition: - $ref: '#/components/schemas/JobDefinition' - jobName: - description: Job name. - type: string - jobStatus: - description: Job status. - type: string - modifiedAt: - description: Last modification time of the job. - type: string - type: object - HistoricalJobResponseData: - description: Historical job response data. - properties: - attributes: - $ref: '#/components/schemas/HistoricalJobResponseAttributes' - id: - description: ID of the job. - type: string - type: - $ref: '#/components/schemas/HistoricalJobDataType' - type: object HourlyUsage: description: Hourly usage for a product family for an org. properties: @@ -26495,7 +26371,7 @@ components: type: string type: object JobCreateResponse: - description: Run a historical job response. + description: Run a threat hunting job response. properties: data: $ref: '#/components/schemas/JobCreateResponseData' @@ -26507,10 +26383,10 @@ components: description: ID of the created job. type: string type: - $ref: '#/components/schemas/HistoricalJobDataType' + $ref: '#/components/schemas/ThreatHuntingJobDataType' type: object JobDefinition: - description: Definition of a historical job. + description: Definition of a threat hunting job. properties: calculatedFields: description: Calculated fields. @@ -26549,11 +26425,11 @@ components: example: Excessive number of failed attempts. type: string options: - $ref: '#/components/schemas/HistoricalJobOptions' + $ref: '#/components/schemas/ThreatHuntingJobOptions' queries: description: Queries for selecting logs analyzed by the job. items: - $ref: '#/components/schemas/HistoricalJobQuery' + $ref: '#/components/schemas/ThreatHuntingJobQuery' type: array referenceTables: description: Reference tables used in the queries. @@ -26590,7 +26466,8 @@ components: - message type: object JobDefinitionFromRule: - description: Definition of a historical job based on a security monitoring rule. + description: Definition of a threat hunting job based on a security monitoring + rule. properties: from: description: Starting time of data analyzed by the job. @@ -27290,17 +27167,6 @@ components: - data - meta type: object - ListHistoricalJobsResponse: - description: List of historical jobs. - properties: - data: - description: Array containing the list of historical jobs. - items: - $ref: '#/components/schemas/HistoricalJobResponseData' - type: array - meta: - $ref: '#/components/schemas/HistoricalJobListMeta' - type: object ListKindCatalogResponse: description: List kind response. properties: @@ -27468,6 +27334,17 @@ components: - _NAME - USER_COUNT - _USER_COUNT + ListThreatHuntingJobsResponse: + description: List of threat hunting jobs. + properties: + data: + description: Array containing the list of threat hunting jobs. + items: + $ref: '#/components/schemas/ThreatHuntingJobResponseData' + type: array + meta: + $ref: '#/components/schemas/ThreatHuntingJobListMeta' + type: object ListVulnerabilitiesResponse: description: The expected response schema when listing vulnerabilities. properties: @@ -41523,14 +41400,18 @@ components: $ref: '#/components/schemas/RumRetentionFilterData' type: array type: object - RunHistoricalJobRequest: - description: Run a historical job request. + RunRetentionFilterName: + description: The name of a RUM retention filter. + example: Retention filter for session + type: string + RunThreatHuntingJobRequest: + description: Run a threat hunting job request. properties: data: - $ref: '#/components/schemas/RunHistoricalJobRequestData' + $ref: '#/components/schemas/RunThreatHuntingJobRequestData' type: object - RunHistoricalJobRequestAttributes: - description: Run a historical job request. + RunThreatHuntingJobRequestAttributes: + description: Run a threat hunting job request. properties: fromRule: $ref: '#/components/schemas/JobDefinitionFromRule' @@ -41540,25 +41421,21 @@ components: jobDefinition: $ref: '#/components/schemas/JobDefinition' type: object - RunHistoricalJobRequestData: - description: Data for running a historical job request. + RunThreatHuntingJobRequestData: + description: Data for running a threat hunting job request. properties: attributes: - $ref: '#/components/schemas/RunHistoricalJobRequestAttributes' + $ref: '#/components/schemas/RunThreatHuntingJobRequestAttributes' type: - $ref: '#/components/schemas/RunHistoricalJobRequestDataType' + $ref: '#/components/schemas/RunThreatHuntingJobRequestDataType' type: object - RunHistoricalJobRequestDataType: + RunThreatHuntingJobRequestDataType: description: Type of data. enum: - historicalDetectionsJobCreate type: string x-enum-varnames: - HISTORICALDETECTIONSJOBCREATE - RunRetentionFilterName: - description: The name of a RUM retention filter. - example: Retention filter for session - type: string SAMLAssertionAttribute: description: SAML assertion attribute. properties: @@ -50443,6 +50320,130 @@ components: description: Offset type. type: string type: object + ThreatHuntingJobDataType: + description: Type of payload. + enum: + - historicalDetectionsJob + type: string + x-enum-varnames: + - HISTORICALDETECTIONSJOB + ThreatHuntingJobListMeta: + description: Metadata about the list of jobs. + properties: + totalCount: + description: Number of jobs in the list. + format: int32 + maximum: 2147483647 + type: integer + type: object + ThreatHuntingJobOptions: + description: Job options. + properties: + detectionMethod: + $ref: '#/components/schemas/SecurityMonitoringRuleDetectionMethod' + evaluationWindow: + $ref: '#/components/schemas/SecurityMonitoringRuleEvaluationWindow' + impossibleTravelOptions: + $ref: '#/components/schemas/SecurityMonitoringRuleImpossibleTravelOptions' + keepAlive: + $ref: '#/components/schemas/SecurityMonitoringRuleKeepAlive' + maxSignalDuration: + $ref: '#/components/schemas/SecurityMonitoringRuleMaxSignalDuration' + newValueOptions: + $ref: '#/components/schemas/SecurityMonitoringRuleNewValueOptions' + sequenceDetectionOptions: + $ref: '#/components/schemas/SecurityMonitoringRuleSequenceDetectionOptions' + thirdPartyRuleOptions: + $ref: '#/components/schemas/SecurityMonitoringRuleThirdPartyOptions' + type: object + ThreatHuntingJobQuery: + description: Query for selecting logs analyzed by the threat hunting job. + properties: + aggregation: + $ref: '#/components/schemas/SecurityMonitoringRuleQueryAggregation' + dataSource: + $ref: '#/components/schemas/SecurityMonitoringStandardDataSource' + distinctFields: + description: Field for which the cardinality is measured. Sent as an array. + items: + description: Field. + type: string + type: array + groupByFields: + description: Fields to group by. + items: + description: Field. + type: string + type: array + hasOptionalGroupByFields: + default: false + description: When false, events without a group-by value are ignored by + the query. When true, events with missing group-by fields are processed + with `N/A`, replacing the missing values. + example: false + type: boolean + metrics: + description: Group of target fields to aggregate over when using the sum, + max, geo data, or new value aggregations. The sum, max, and geo data aggregations + only accept one value in this list, whereas the new value aggregation + accepts up to five values. + items: + description: Field. + type: string + type: array + name: + description: Name of the query. + type: string + query: + description: Query to run on logs. + example: a > 3 + type: string + type: object + ThreatHuntingJobResponse: + description: Threat hunting job response. + properties: + data: + $ref: '#/components/schemas/ThreatHuntingJobResponseData' + type: object + ThreatHuntingJobResponseAttributes: + description: Threat hunting job attributes. + properties: + createdAt: + description: Time when the job was created. + type: string + createdByHandle: + description: The handle of the user who created the job. + type: string + createdByName: + description: The name of the user who created the job. + type: string + createdFromRuleId: + description: ID of the rule used to create the job (if it is created from + a rule). + type: string + jobDefinition: + $ref: '#/components/schemas/JobDefinition' + jobName: + description: Job name. + type: string + jobStatus: + description: Job status. + type: string + modifiedAt: + description: Last modification time of the job. + type: string + type: object + ThreatHuntingJobResponseData: + description: Threat hunting job response data. + properties: + attributes: + $ref: '#/components/schemas/ThreatHuntingJobResponseAttributes' + id: + description: ID of the job. + type: string + type: + $ref: '#/components/schemas/ThreatHuntingJobDataType' + type: object TimeAggregation: description: 'Time aggregation period (in seconds) is used to aggregate the results of the notification rule evaluation. @@ -76493,7 +76494,7 @@ paths: permissions: - incident_settings_write x-unstable: '**Note**: This endpoint is deprecated.' - /api/v2/siem-historical-detections/histsignals: + /api/v2/siem-threat-hunting/histsignals: get: description: List hist signals. operationId: ListSecurityMonitoringHistsignals @@ -76534,7 +76535,7 @@ paths: x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' - /api/v2/siem-historical-detections/histsignals/search: + /api/v2/siem-threat-hunting/histsignals/search: get: description: Search hist signals. operationId: SearchSecurityMonitoringHistsignals @@ -76574,12 +76575,12 @@ paths: x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' - /api/v2/siem-historical-detections/histsignals/{histsignal_id}: + /api/v2/siem-threat-hunting/histsignals/{histsignal_id}: get: description: Get a hist signal's details. operationId: GetSecurityMonitoringHistsignal parameters: - - $ref: '#/components/parameters/HistoricalSignalID' + - $ref: '#/components/parameters/ThreatHuntingSignalID' responses: '200': content: @@ -76610,10 +76611,10 @@ paths: x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' - /api/v2/siem-historical-detections/jobs: + /api/v2/siem-threat-hunting/jobs: get: - description: List historical jobs. - operationId: ListHistoricalJobs + description: List threat hunting jobs. + operationId: ListThreatHuntingJobs parameters: - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' @@ -76636,7 +76637,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ListHistoricalJobsResponse' + $ref: '#/components/schemas/ListThreatHuntingJobsResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' @@ -76648,20 +76649,20 @@ paths: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] - summary: List historical jobs + summary: List threat hunting jobs tags: - Security Monitoring x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' post: - description: Run a historical job. - operationId: RunHistoricalJob + description: Run a threat hunting job. + operationId: RunThreatHuntingJob requestBody: content: application/json: schema: - $ref: '#/components/schemas/RunHistoricalJobRequest' + $ref: '#/components/schemas/RunThreatHuntingJobRequest' required: true responses: '201': @@ -76685,7 +76686,7 @@ paths: appKeyAuth: [] - AuthZ: - security_monitoring_rules_write - summary: Run a historical job + summary: Run a threat hunting job tags: - Security Monitoring x-codegen-request-body-name: body @@ -76696,7 +76697,7 @@ paths: x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' - /api/v2/siem-historical-detections/jobs/signal_convert: + /api/v2/siem-threat-hunting/jobs/signal_convert: post: description: Convert a job result to a signal. operationId: ConvertJobResultToSignal @@ -76730,12 +76731,12 @@ paths: x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' - /api/v2/siem-historical-detections/jobs/{job_id}: + /api/v2/siem-threat-hunting/jobs/{job_id}: delete: description: Delete an existing job. - operationId: DeleteHistoricalJob + operationId: DeleteThreatHuntingJob parameters: - - $ref: '#/components/parameters/HistoricalJobID' + - $ref: '#/components/parameters/ThreatHuntingJobID' responses: '204': description: OK @@ -76763,15 +76764,15 @@ paths: Please check the documentation regularly for updates.' get: description: Get a job's details. - operationId: GetHistoricalJob + operationId: GetThreatHuntingJob parameters: - - $ref: '#/components/parameters/HistoricalJobID' + - $ref: '#/components/parameters/ThreatHuntingJobID' responses: '200': content: application/json: schema: - $ref: '#/components/schemas/HistoricalJobResponse' + $ref: '#/components/schemas/ThreatHuntingJobResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' @@ -76796,12 +76797,12 @@ paths: x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' - /api/v2/siem-historical-detections/jobs/{job_id}/cancel: + /api/v2/siem-threat-hunting/jobs/{job_id}/cancel: patch: - description: Cancel a historical job. - operationId: CancelHistoricalJob + description: Cancel a threat hunting job. + operationId: CancelThreatHuntingJob parameters: - - $ref: '#/components/parameters/HistoricalJobID' + - $ref: '#/components/parameters/ThreatHuntingJobID' responses: '204': description: OK @@ -76822,7 +76823,7 @@ paths: appKeyAuth: [] - AuthZ: - security_monitoring_rules_write - summary: Cancel a historical job + summary: Cancel a threat hunting job tags: - Security Monitoring x-permission: @@ -76832,12 +76833,12 @@ paths: x-unstable: '**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.' - /api/v2/siem-historical-detections/jobs/{job_id}/histsignals: + /api/v2/siem-threat-hunting/jobs/{job_id}/histsignals: get: description: Get a job's hist signals. operationId: GetSecurityMonitoringHistsignalsByJobId parameters: - - $ref: '#/components/parameters/HistoricalJobID' + - $ref: '#/components/parameters/ThreatHuntingJobID' - $ref: '#/components/parameters/QueryFilterSearch' - $ref: '#/components/parameters/QueryFilterFrom' - $ref: '#/components/parameters/QueryFilterTo' diff --git a/examples/v2_security-monitoring_CancelThreatHuntingJob.rs b/examples/v2_security-monitoring_CancelThreatHuntingJob.rs new file mode 100644 index 000000000..6c7040068 --- /dev/null +++ b/examples/v2_security-monitoring_CancelThreatHuntingJob.rs @@ -0,0 +1,16 @@ +// Cancel a threat hunting job returns "OK" response +use datadog_api_client::datadog; +use datadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAPI; + +#[tokio::main] +async fn main() { + let mut configuration = datadog::Configuration::new(); + configuration.set_unstable_operation_enabled("v2.CancelThreatHuntingJob", true); + let api = SecurityMonitoringAPI::with_config(configuration); + let resp = api.cancel_threat_hunting_job("job_id".to_string()).await; + if let Ok(value) = resp { + println!("{:#?}", value); + } else { + println!("{:#?}", resp.unwrap_err()); + } +} diff --git a/examples/v2_security-monitoring_CancelHistoricalJob.rs b/examples/v2_security-monitoring_CancelThreatHuntingJob_1945505845.rs similarity index 55% rename from examples/v2_security-monitoring_CancelHistoricalJob.rs rename to examples/v2_security-monitoring_CancelThreatHuntingJob_1945505845.rs index 315f3054c..228224784 100644 --- a/examples/v2_security-monitoring_CancelHistoricalJob.rs +++ b/examples/v2_security-monitoring_CancelThreatHuntingJob_1945505845.rs @@ -4,14 +4,14 @@ use datadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAP #[tokio::main] async fn main() { - // there is a valid "historical_job" in the system - let historical_job_data_id = std::env::var("HISTORICAL_JOB_DATA_ID").unwrap(); + // there is a valid "threat_hunting_job" in the system + let threat_hunting_job_data_id = std::env::var("THREAT_HUNTING_JOB_DATA_ID").unwrap(); let mut configuration = datadog::Configuration::new(); - configuration.set_unstable_operation_enabled("v2.CancelHistoricalJob", true); - configuration.set_unstable_operation_enabled("v2.RunHistoricalJob", true); + configuration.set_unstable_operation_enabled("v2.CancelThreatHuntingJob", true); + configuration.set_unstable_operation_enabled("v2.RunThreatHuntingJob", true); let api = SecurityMonitoringAPI::with_config(configuration); let resp = api - .cancel_historical_job(historical_job_data_id.clone()) + .cancel_threat_hunting_job(threat_hunting_job_data_id.clone()) .await; if let Ok(value) = resp { println!("{:#?}", value); diff --git a/examples/v2_security-monitoring_DeleteHistoricalJob.rs b/examples/v2_security-monitoring_DeleteThreatHuntingJob.rs similarity index 74% rename from examples/v2_security-monitoring_DeleteHistoricalJob.rs rename to examples/v2_security-monitoring_DeleteThreatHuntingJob.rs index d5071447f..c5d52e04c 100644 --- a/examples/v2_security-monitoring_DeleteHistoricalJob.rs +++ b/examples/v2_security-monitoring_DeleteThreatHuntingJob.rs @@ -5,9 +5,9 @@ use datadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAP #[tokio::main] async fn main() { let mut configuration = datadog::Configuration::new(); - configuration.set_unstable_operation_enabled("v2.DeleteHistoricalJob", true); + configuration.set_unstable_operation_enabled("v2.DeleteThreatHuntingJob", true); let api = SecurityMonitoringAPI::with_config(configuration); - let resp = api.delete_historical_job("job_id".to_string()).await; + let resp = api.delete_threat_hunting_job("job_id".to_string()).await; if let Ok(value) = resp { println!("{:#?}", value); } else { diff --git a/examples/v2_security-monitoring_GetHistoricalJob.rs b/examples/v2_security-monitoring_GetThreatHuntingJob.rs similarity index 51% rename from examples/v2_security-monitoring_GetHistoricalJob.rs rename to examples/v2_security-monitoring_GetThreatHuntingJob.rs index 022f165d2..9acdcaf88 100644 --- a/examples/v2_security-monitoring_GetHistoricalJob.rs +++ b/examples/v2_security-monitoring_GetThreatHuntingJob.rs @@ -4,13 +4,15 @@ use datadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAP #[tokio::main] async fn main() { - // there is a valid "historical_job" in the system - let historical_job_data_id = std::env::var("HISTORICAL_JOB_DATA_ID").unwrap(); + // there is a valid "threat_hunting_job" in the system + let threat_hunting_job_data_id = std::env::var("THREAT_HUNTING_JOB_DATA_ID").unwrap(); let mut configuration = datadog::Configuration::new(); - configuration.set_unstable_operation_enabled("v2.GetHistoricalJob", true); - configuration.set_unstable_operation_enabled("v2.RunHistoricalJob", true); + configuration.set_unstable_operation_enabled("v2.GetThreatHuntingJob", true); + configuration.set_unstable_operation_enabled("v2.RunThreatHuntingJob", true); let api = SecurityMonitoringAPI::with_config(configuration); - let resp = api.get_historical_job(historical_job_data_id.clone()).await; + let resp = api + .get_threat_hunting_job(threat_hunting_job_data_id.clone()) + .await; if let Ok(value) = resp { println!("{:#?}", value); } else { diff --git a/examples/v2_security-monitoring_ListThreatHuntingJobs.rs b/examples/v2_security-monitoring_ListThreatHuntingJobs.rs new file mode 100644 index 000000000..7a96c2162 --- /dev/null +++ b/examples/v2_security-monitoring_ListThreatHuntingJobs.rs @@ -0,0 +1,19 @@ +// List threat hunting jobs returns "OK" response +use datadog_api_client::datadog; +use datadog_api_client::datadogV2::api_security_monitoring::ListThreatHuntingJobsOptionalParams; +use datadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAPI; + +#[tokio::main] +async fn main() { + let mut configuration = datadog::Configuration::new(); + configuration.set_unstable_operation_enabled("v2.ListThreatHuntingJobs", true); + let api = SecurityMonitoringAPI::with_config(configuration); + let resp = api + .list_threat_hunting_jobs(ListThreatHuntingJobsOptionalParams::default()) + .await; + if let Ok(value) = resp { + println!("{:#?}", value); + } else { + println!("{:#?}", resp.unwrap_err()); + } +} diff --git a/examples/v2_security-monitoring_ListHistoricalJobs.rs b/examples/v2_security-monitoring_ListThreatHuntingJobs_1365512061.rs similarity index 58% rename from examples/v2_security-monitoring_ListHistoricalJobs.rs rename to examples/v2_security-monitoring_ListThreatHuntingJobs_1365512061.rs index 5122fd3d0..e7074d8f7 100644 --- a/examples/v2_security-monitoring_ListHistoricalJobs.rs +++ b/examples/v2_security-monitoring_ListThreatHuntingJobs_1365512061.rs @@ -1,18 +1,18 @@ // List historical jobs returns "OK" response use datadog_api_client::datadog; -use datadog_api_client::datadogV2::api_security_monitoring::ListHistoricalJobsOptionalParams; +use datadog_api_client::datadogV2::api_security_monitoring::ListThreatHuntingJobsOptionalParams; use datadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAPI; #[tokio::main] async fn main() { - // there is a valid "historical_job" in the system + // there is a valid "threat_hunting_job" in the system let mut configuration = datadog::Configuration::new(); - configuration.set_unstable_operation_enabled("v2.ListHistoricalJobs", true); - configuration.set_unstable_operation_enabled("v2.RunHistoricalJob", true); + configuration.set_unstable_operation_enabled("v2.ListThreatHuntingJobs", true); + configuration.set_unstable_operation_enabled("v2.RunThreatHuntingJob", true); let api = SecurityMonitoringAPI::with_config(configuration); let resp = api - .list_historical_jobs( - ListHistoricalJobsOptionalParams::default().filter_query("id:string".to_string()), + .list_threat_hunting_jobs( + ListThreatHuntingJobsOptionalParams::default().filter_query("id:string".to_string()), ) .await; if let Ok(value) = resp { diff --git a/examples/v2_security-monitoring_RunHistoricalJob.rs b/examples/v2_security-monitoring_RunThreatHuntingJob.rs similarity index 70% rename from examples/v2_security-monitoring_RunHistoricalJob.rs rename to examples/v2_security-monitoring_RunThreatHuntingJob.rs index 575830af6..23b8dcf4a 100644 --- a/examples/v2_security-monitoring_RunHistoricalJob.rs +++ b/examples/v2_security-monitoring_RunThreatHuntingJob.rs @@ -1,26 +1,26 @@ -// Run a historical job returns "Status created" response +// Run a threat hunting job returns "Status created" response use datadog_api_client::datadog; use datadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAPI; -use datadog_api_client::datadogV2::model::HistoricalJobOptions; -use datadog_api_client::datadogV2::model::HistoricalJobQuery; use datadog_api_client::datadogV2::model::JobDefinition; -use datadog_api_client::datadogV2::model::RunHistoricalJobRequest; -use datadog_api_client::datadogV2::model::RunHistoricalJobRequestAttributes; -use datadog_api_client::datadogV2::model::RunHistoricalJobRequestData; -use datadog_api_client::datadogV2::model::RunHistoricalJobRequestDataType; +use datadog_api_client::datadogV2::model::RunThreatHuntingJobRequest; +use datadog_api_client::datadogV2::model::RunThreatHuntingJobRequestAttributes; +use datadog_api_client::datadogV2::model::RunThreatHuntingJobRequestData; +use datadog_api_client::datadogV2::model::RunThreatHuntingJobRequestDataType; use datadog_api_client::datadogV2::model::SecurityMonitoringRuleCaseCreate; use datadog_api_client::datadogV2::model::SecurityMonitoringRuleEvaluationWindow; use datadog_api_client::datadogV2::model::SecurityMonitoringRuleKeepAlive; use datadog_api_client::datadogV2::model::SecurityMonitoringRuleMaxSignalDuration; use datadog_api_client::datadogV2::model::SecurityMonitoringRuleQueryAggregation; use datadog_api_client::datadogV2::model::SecurityMonitoringRuleSeverity; +use datadog_api_client::datadogV2::model::ThreatHuntingJobOptions; +use datadog_api_client::datadogV2::model::ThreatHuntingJobQuery; #[tokio::main] async fn main() { - let body = RunHistoricalJobRequest::new().data( - RunHistoricalJobRequestData::new() + let body = RunThreatHuntingJobRequest::new().data( + RunThreatHuntingJobRequestData::new() .attributes( - RunHistoricalJobRequestAttributes::new().job_definition( + RunThreatHuntingJobRequestAttributes::new().job_definition( JobDefinition::new( vec![SecurityMonitoringRuleCaseCreate::new( SecurityMonitoringRuleSeverity::INFO, @@ -32,7 +32,7 @@ async fn main() { "main".to_string(), "A large number of failed login attempts.".to_string(), "Excessive number of failed attempts.".to_string(), - vec![HistoricalJobQuery::new() + vec![ThreatHuntingJobQuery::new() .aggregation(SecurityMonitoringRuleQueryAggregation::COUNT) .distinct_fields(vec![]) .group_by_fields(vec![]) @@ -40,7 +40,7 @@ async fn main() { 1730387532611, ) .options( - HistoricalJobOptions::new() + ThreatHuntingJobOptions::new() .evaluation_window( SecurityMonitoringRuleEvaluationWindow::FIFTEEN_MINUTES, ) @@ -51,12 +51,12 @@ async fn main() { .type_("log_detection".to_string()), ), ) - .type_(RunHistoricalJobRequestDataType::HISTORICALDETECTIONSJOBCREATE), + .type_(RunThreatHuntingJobRequestDataType::HISTORICALDETECTIONSJOBCREATE), ); let mut configuration = datadog::Configuration::new(); - configuration.set_unstable_operation_enabled("v2.RunHistoricalJob", true); + configuration.set_unstable_operation_enabled("v2.RunThreatHuntingJob", true); let api = SecurityMonitoringAPI::with_config(configuration); - let resp = api.run_historical_job(body).await; + let resp = api.run_threat_hunting_job(body).await; if let Ok(value) = resp { println!("{:#?}", value); } else { diff --git a/src/datadog/configuration.rs b/src/datadog/configuration.rs index ac51015af..7149ccf46 100644 --- a/src/datadog/configuration.rs +++ b/src/datadog/configuration.rs @@ -131,11 +131,10 @@ impl Default for Configuration { ("v2.get_open_api".to_owned(), false), ("v2.list_apis".to_owned(), false), ("v2.update_open_api".to_owned(), false), - ("v2.cancel_historical_job".to_owned(), false), + ("v2.cancel_threat_hunting_job".to_owned(), false), ("v2.convert_job_result_to_signal".to_owned(), false), - ("v2.delete_historical_job".to_owned(), false), + ("v2.delete_threat_hunting_job".to_owned(), false), ("v2.get_finding".to_owned(), false), - ("v2.get_historical_job".to_owned(), false), ("v2.get_rule_version_history".to_owned(), false), ("v2.get_sbom".to_owned(), false), ("v2.get_security_monitoring_histsignal".to_owned(), false), @@ -143,15 +142,16 @@ impl Default for Configuration { "v2.get_security_monitoring_histsignals_by_job_id".to_owned(), false, ), + ("v2.get_threat_hunting_job".to_owned(), false), ("v2.list_assets_sbo_ms".to_owned(), false), ("v2.list_findings".to_owned(), false), - ("v2.list_historical_jobs".to_owned(), false), ("v2.list_scanned_assets_metadata".to_owned(), false), ("v2.list_security_monitoring_histsignals".to_owned(), false), + ("v2.list_threat_hunting_jobs".to_owned(), false), ("v2.list_vulnerabilities".to_owned(), false), ("v2.list_vulnerable_assets".to_owned(), false), ("v2.mute_findings".to_owned(), false), - ("v2.run_historical_job".to_owned(), false), + ("v2.run_threat_hunting_job".to_owned(), false), ( "v2.search_security_monitoring_histsignals".to_owned(), false, diff --git a/src/datadogV2/api/api_security_monitoring.rs b/src/datadogV2/api/api_security_monitoring.rs index da866f2b1..b334db049 100644 --- a/src/datadogV2/api/api_security_monitoring.rs +++ b/src/datadogV2/api/api_security_monitoring.rs @@ -341,43 +341,6 @@ impl ListFindingsOptionalParams { } } -/// ListHistoricalJobsOptionalParams is a struct for passing parameters to the method [`SecurityMonitoringAPI::list_historical_jobs`] -#[non_exhaustive] -#[derive(Clone, Default, Debug)] -pub struct ListHistoricalJobsOptionalParams { - /// Size for a given page. The maximum allowed value is 100. - pub page_size: Option, - /// Specific page number to return. - pub page_number: Option, - /// The order of the jobs in results. - pub sort: Option, - /// Query used to filter items from the fetched list. - pub filter_query: Option, -} - -impl ListHistoricalJobsOptionalParams { - /// Size for a given page. The maximum allowed value is 100. - pub fn page_size(mut self, value: i64) -> Self { - self.page_size = Some(value); - self - } - /// Specific page number to return. - pub fn page_number(mut self, value: i64) -> Self { - self.page_number = Some(value); - self - } - /// The order of the jobs in results. - pub fn sort(mut self, value: String) -> Self { - self.sort = Some(value); - self - } - /// Query used to filter items from the fetched list. - pub fn filter_query(mut self, value: String) -> Self { - self.filter_query = Some(value); - self - } -} - /// ListScannedAssetsMetadataOptionalParams is a struct for passing parameters to the method [`SecurityMonitoringAPI::list_scanned_assets_metadata`] #[non_exhaustive] #[derive(Clone, Default, Debug)] @@ -570,6 +533,43 @@ impl ListSecurityMonitoringSuppressionsOptionalParams { } } +/// ListThreatHuntingJobsOptionalParams is a struct for passing parameters to the method [`SecurityMonitoringAPI::list_threat_hunting_jobs`] +#[non_exhaustive] +#[derive(Clone, Default, Debug)] +pub struct ListThreatHuntingJobsOptionalParams { + /// Size for a given page. The maximum allowed value is 100. + pub page_size: Option, + /// Specific page number to return. + pub page_number: Option, + /// The order of the jobs in results. + pub sort: Option, + /// Query used to filter items from the fetched list. + pub filter_query: Option, +} + +impl ListThreatHuntingJobsOptionalParams { + /// Size for a given page. The maximum allowed value is 100. + pub fn page_size(mut self, value: i64) -> Self { + self.page_size = Some(value); + self + } + /// Specific page number to return. + pub fn page_number(mut self, value: i64) -> Self { + self.page_number = Some(value); + self + } + /// The order of the jobs in results. + pub fn sort(mut self, value: String) -> Self { + self.sort = Some(value); + self + } + /// Query used to filter items from the fetched list. + pub fn filter_query(mut self, value: String) -> Self { + self.filter_query = Some(value); + self + } +} + /// ListVulnerabilitiesOptionalParams is a struct for passing parameters to the method [`SecurityMonitoringAPI::list_vulnerabilities`] #[non_exhaustive] #[derive(Clone, Default, Debug)] @@ -1047,10 +1047,10 @@ impl SearchSecurityMonitoringSignalsOptionalParams { } } -/// CancelHistoricalJobError is a struct for typed errors of method [`SecurityMonitoringAPI::cancel_historical_job`] +/// CancelThreatHuntingJobError is a struct for typed errors of method [`SecurityMonitoringAPI::cancel_threat_hunting_job`] #[derive(Debug, Clone, Serialize, Deserialize)] #[serde(untagged)] -pub enum CancelHistoricalJobError { +pub enum CancelThreatHuntingJobError { APIErrorResponse(crate::datadogV2::model::APIErrorResponse), UnknownValue(serde_json::Value), } @@ -1135,14 +1135,6 @@ pub enum DeleteCustomFrameworkError { UnknownValue(serde_json::Value), } -/// DeleteHistoricalJobError is a struct for typed errors of method [`SecurityMonitoringAPI::delete_historical_job`] -#[derive(Debug, Clone, Serialize, Deserialize)] -#[serde(untagged)] -pub enum DeleteHistoricalJobError { - APIErrorResponse(crate::datadogV2::model::APIErrorResponse), - UnknownValue(serde_json::Value), -} - /// DeleteSecurityFilterError is a struct for typed errors of method [`SecurityMonitoringAPI::delete_security_filter`] #[derive(Debug, Clone, Serialize, Deserialize)] #[serde(untagged)] @@ -1175,6 +1167,14 @@ pub enum DeleteSignalNotificationRuleError { UnknownValue(serde_json::Value), } +/// DeleteThreatHuntingJobError is a struct for typed errors of method [`SecurityMonitoringAPI::delete_threat_hunting_job`] +#[derive(Debug, Clone, Serialize, Deserialize)] +#[serde(untagged)] +pub enum DeleteThreatHuntingJobError { + APIErrorResponse(crate::datadogV2::model::APIErrorResponse), + UnknownValue(serde_json::Value), +} + /// DeleteVulnerabilityNotificationRuleError is a struct for typed errors of method [`SecurityMonitoringAPI::delete_vulnerability_notification_rule`] #[derive(Debug, Clone, Serialize, Deserialize)] #[serde(untagged)] @@ -1223,14 +1223,6 @@ pub enum GetFindingError { UnknownValue(serde_json::Value), } -/// GetHistoricalJobError is a struct for typed errors of method [`SecurityMonitoringAPI::get_historical_job`] -#[derive(Debug, Clone, Serialize, Deserialize)] -#[serde(untagged)] -pub enum GetHistoricalJobError { - APIErrorResponse(crate::datadogV2::model::APIErrorResponse), - UnknownValue(serde_json::Value), -} - /// GetResourceEvaluationFiltersError is a struct for typed errors of method [`SecurityMonitoringAPI::get_resource_evaluation_filters`] #[derive(Debug, Clone, Serialize, Deserialize)] #[serde(untagged)] @@ -1336,6 +1328,14 @@ pub enum GetSuppressionsAffectingRuleError { UnknownValue(serde_json::Value), } +/// GetThreatHuntingJobError is a struct for typed errors of method [`SecurityMonitoringAPI::get_threat_hunting_job`] +#[derive(Debug, Clone, Serialize, Deserialize)] +#[serde(untagged)] +pub enum GetThreatHuntingJobError { + APIErrorResponse(crate::datadogV2::model::APIErrorResponse), + UnknownValue(serde_json::Value), +} + /// GetVulnerabilityNotificationRuleError is a struct for typed errors of method [`SecurityMonitoringAPI::get_vulnerability_notification_rule`] #[derive(Debug, Clone, Serialize, Deserialize)] #[serde(untagged)] @@ -1369,14 +1369,6 @@ pub enum ListFindingsError { UnknownValue(serde_json::Value), } -/// ListHistoricalJobsError is a struct for typed errors of method [`SecurityMonitoringAPI::list_historical_jobs`] -#[derive(Debug, Clone, Serialize, Deserialize)] -#[serde(untagged)] -pub enum ListHistoricalJobsError { - APIErrorResponse(crate::datadogV2::model::APIErrorResponse), - UnknownValue(serde_json::Value), -} - /// ListScannedAssetsMetadataError is a struct for typed errors of method [`SecurityMonitoringAPI::list_scanned_assets_metadata`] #[derive(Debug, Clone, Serialize, Deserialize)] #[serde(untagged)] @@ -1426,6 +1418,14 @@ pub enum ListSecurityMonitoringSuppressionsError { UnknownValue(serde_json::Value), } +/// ListThreatHuntingJobsError is a struct for typed errors of method [`SecurityMonitoringAPI::list_threat_hunting_jobs`] +#[derive(Debug, Clone, Serialize, Deserialize)] +#[serde(untagged)] +pub enum ListThreatHuntingJobsError { + APIErrorResponse(crate::datadogV2::model::APIErrorResponse), + UnknownValue(serde_json::Value), +} + /// ListVulnerabilitiesError is a struct for typed errors of method [`SecurityMonitoringAPI::list_vulnerabilities`] #[derive(Debug, Clone, Serialize, Deserialize)] #[serde(untagged)] @@ -1470,10 +1470,10 @@ pub enum PatchVulnerabilityNotificationRuleError { UnknownValue(serde_json::Value), } -/// RunHistoricalJobError is a struct for typed errors of method [`SecurityMonitoringAPI::run_historical_job`] +/// RunThreatHuntingJobError is a struct for typed errors of method [`SecurityMonitoringAPI::run_threat_hunting_job`] #[derive(Debug, Clone, Serialize, Deserialize)] #[serde(untagged)] -pub enum RunHistoricalJobError { +pub enum RunThreatHuntingJobError { APIErrorResponse(crate::datadogV2::model::APIErrorResponse), UnknownValue(serde_json::Value), } @@ -1631,29 +1631,29 @@ impl SecurityMonitoringAPI { Self { config, client } } - /// Cancel a historical job. - pub async fn cancel_historical_job( + /// Cancel a threat hunting job. + pub async fn cancel_threat_hunting_job( &self, job_id: String, - ) -> Result<(), datadog::Error> { - match self.cancel_historical_job_with_http_info(job_id).await { + ) -> Result<(), datadog::Error> { + match self.cancel_threat_hunting_job_with_http_info(job_id).await { Ok(_) => Ok(()), Err(err) => Err(err), } } - /// Cancel a historical job. - pub async fn cancel_historical_job_with_http_info( + /// Cancel a threat hunting job. + pub async fn cancel_threat_hunting_job_with_http_info( &self, job_id: String, - ) -> Result, datadog::Error> { + ) -> Result, datadog::Error> { let local_configuration = &self.config; - let operation_id = "v2.cancel_historical_job"; + let operation_id = "v2.cancel_threat_hunting_job"; if local_configuration.is_unstable_operation_enabled(operation_id) { warn!("Using unstable operation {operation_id}"); } else { let local_error = datadog::UnstableOperationDisabledError { - msg: "Operation 'v2.cancel_historical_job' is not enabled".to_string(), + msg: "Operation 'v2.cancel_threat_hunting_job' is not enabled".to_string(), }; return Err(datadog::Error::UnstableOperationDisabledError(local_error)); } @@ -1661,7 +1661,7 @@ impl SecurityMonitoringAPI { let local_client = &self.client; let local_uri_str = format!( - "{}/api/v2/siem-historical-detections/jobs/{job_id}/cancel", + "{}/api/v2/siem-threat-hunting/jobs/{job_id}/cancel", local_configuration.get_operation_host(operation_id), job_id = datadog::urlencode(job_id) ); @@ -1716,7 +1716,7 @@ impl SecurityMonitoringAPI { entity: None, }) } else { - let local_entity: Option = + let local_entity: Option = serde_json::from_str(&local_content).ok(); let local_error = datadog::ResponseContent { status: local_status, @@ -1872,7 +1872,7 @@ impl SecurityMonitoringAPI { let local_client = &self.client; let local_uri_str = format!( - "{}/api/v2/siem-historical-detections/jobs/signal_convert", + "{}/api/v2/siem-threat-hunting/jobs/signal_convert", local_configuration.get_operation_host(operation_id) ); let mut local_req_builder = @@ -3201,39 +3201,34 @@ impl SecurityMonitoringAPI { } } - /// Delete an existing job. - pub async fn delete_historical_job( + /// Delete a specific security filter. + pub async fn delete_security_filter( &self, - job_id: String, - ) -> Result<(), datadog::Error> { - match self.delete_historical_job_with_http_info(job_id).await { + security_filter_id: String, + ) -> Result<(), datadog::Error> { + match self + .delete_security_filter_with_http_info(security_filter_id) + .await + { Ok(_) => Ok(()), Err(err) => Err(err), } } - /// Delete an existing job. - pub async fn delete_historical_job_with_http_info( + /// Delete a specific security filter. + pub async fn delete_security_filter_with_http_info( &self, - job_id: String, - ) -> Result, datadog::Error> { + security_filter_id: String, + ) -> Result, datadog::Error> { let local_configuration = &self.config; - let operation_id = "v2.delete_historical_job"; - if local_configuration.is_unstable_operation_enabled(operation_id) { - warn!("Using unstable operation {operation_id}"); - } else { - let local_error = datadog::UnstableOperationDisabledError { - msg: "Operation 'v2.delete_historical_job' is not enabled".to_string(), - }; - return Err(datadog::Error::UnstableOperationDisabledError(local_error)); - } + let operation_id = "v2.delete_security_filter"; let local_client = &self.client; let local_uri_str = format!( - "{}/api/v2/siem-historical-detections/jobs/{job_id}", + "{}/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}", local_configuration.get_operation_host(operation_id), - job_id = datadog::urlencode(job_id) + security_filter_id = datadog::urlencode(security_filter_id) ); let mut local_req_builder = local_client.request(reqwest::Method::DELETE, local_uri_str.as_str()); @@ -3286,7 +3281,7 @@ impl SecurityMonitoringAPI { entity: None, }) } else { - let local_entity: Option = + let local_entity: Option = serde_json::from_str(&local_content).ok(); let local_error = datadog::ResponseContent { status: local_status, @@ -3297,13 +3292,13 @@ impl SecurityMonitoringAPI { } } - /// Delete a specific security filter. - pub async fn delete_security_filter( + /// Delete an existing rule. Default rules cannot be deleted. + pub async fn delete_security_monitoring_rule( &self, - security_filter_id: String, - ) -> Result<(), datadog::Error> { + rule_id: String, + ) -> Result<(), datadog::Error> { match self - .delete_security_filter_with_http_info(security_filter_id) + .delete_security_monitoring_rule_with_http_info(rule_id) .await { Ok(_) => Ok(()), @@ -3311,20 +3306,21 @@ impl SecurityMonitoringAPI { } } - /// Delete a specific security filter. - pub async fn delete_security_filter_with_http_info( + /// Delete an existing rule. Default rules cannot be deleted. + pub async fn delete_security_monitoring_rule_with_http_info( &self, - security_filter_id: String, - ) -> Result, datadog::Error> { + rule_id: String, + ) -> Result, datadog::Error> + { let local_configuration = &self.config; - let operation_id = "v2.delete_security_filter"; + let operation_id = "v2.delete_security_monitoring_rule"; let local_client = &self.client; let local_uri_str = format!( - "{}/api/v2/security_monitoring/configuration/security_filters/{security_filter_id}", + "{}/api/v2/security_monitoring/rules/{rule_id}", local_configuration.get_operation_host(operation_id), - security_filter_id = datadog::urlencode(security_filter_id) + rule_id = datadog::urlencode(rule_id) ); let mut local_req_builder = local_client.request(reqwest::Method::DELETE, local_uri_str.as_str()); @@ -3377,7 +3373,7 @@ impl SecurityMonitoringAPI { entity: None, }) } else { - let local_entity: Option = + let local_entity: Option = serde_json::from_str(&local_content).ok(); let local_error = datadog::ResponseContent { status: local_status, @@ -3388,13 +3384,13 @@ impl SecurityMonitoringAPI { } } - /// Delete an existing rule. Default rules cannot be deleted. - pub async fn delete_security_monitoring_rule( + /// Delete a specific suppression rule. + pub async fn delete_security_monitoring_suppression( &self, - rule_id: String, - ) -> Result<(), datadog::Error> { + suppression_id: String, + ) -> Result<(), datadog::Error> { match self - .delete_security_monitoring_rule_with_http_info(rule_id) + .delete_security_monitoring_suppression_with_http_info(suppression_id) .await { Ok(_) => Ok(()), @@ -3402,21 +3398,23 @@ impl SecurityMonitoringAPI { } } - /// Delete an existing rule. Default rules cannot be deleted. - pub async fn delete_security_monitoring_rule_with_http_info( + /// Delete a specific suppression rule. + pub async fn delete_security_monitoring_suppression_with_http_info( &self, - rule_id: String, - ) -> Result, datadog::Error> - { + suppression_id: String, + ) -> Result< + datadog::ResponseContent<()>, + datadog::Error, + > { let local_configuration = &self.config; - let operation_id = "v2.delete_security_monitoring_rule"; + let operation_id = "v2.delete_security_monitoring_suppression"; let local_client = &self.client; let local_uri_str = format!( - "{}/api/v2/security_monitoring/rules/{rule_id}", + "{}/api/v2/security_monitoring/configuration/suppressions/{suppression_id}", local_configuration.get_operation_host(operation_id), - rule_id = datadog::urlencode(rule_id) + suppression_id = datadog::urlencode(suppression_id) ); let mut local_req_builder = local_client.request(reqwest::Method::DELETE, local_uri_str.as_str()); @@ -3469,7 +3467,7 @@ impl SecurityMonitoringAPI { entity: None, }) } else { - let local_entity: Option = + let local_entity: Option = serde_json::from_str(&local_content).ok(); let local_error = datadog::ResponseContent { status: local_status, @@ -3480,13 +3478,13 @@ impl SecurityMonitoringAPI { } } - /// Delete a specific suppression rule. - pub async fn delete_security_monitoring_suppression( + /// Delete a notification rule for security signals. + pub async fn delete_signal_notification_rule( &self, - suppression_id: String, - ) -> Result<(), datadog::Error> { + id: String, + ) -> Result<(), datadog::Error> { match self - .delete_security_monitoring_suppression_with_http_info(suppression_id) + .delete_signal_notification_rule_with_http_info(id) .await { Ok(_) => Ok(()), @@ -3494,23 +3492,21 @@ impl SecurityMonitoringAPI { } } - /// Delete a specific suppression rule. - pub async fn delete_security_monitoring_suppression_with_http_info( + /// Delete a notification rule for security signals. + pub async fn delete_signal_notification_rule_with_http_info( &self, - suppression_id: String, - ) -> Result< - datadog::ResponseContent<()>, - datadog::Error, - > { + id: String, + ) -> Result, datadog::Error> + { let local_configuration = &self.config; - let operation_id = "v2.delete_security_monitoring_suppression"; + let operation_id = "v2.delete_signal_notification_rule"; let local_client = &self.client; let local_uri_str = format!( - "{}/api/v2/security_monitoring/configuration/suppressions/{suppression_id}", + "{}/api/v2/security/signals/notification_rules/{id}", local_configuration.get_operation_host(operation_id), - suppression_id = datadog::urlencode(suppression_id) + id = datadog::urlencode(id) ); let mut local_req_builder = local_client.request(reqwest::Method::DELETE, local_uri_str.as_str()); @@ -3563,7 +3559,7 @@ impl SecurityMonitoringAPI { entity: None, }) } else { - let local_entity: Option = + let local_entity: Option = serde_json::from_str(&local_content).ok(); let local_error = datadog::ResponseContent { status: local_status, @@ -3574,35 +3570,39 @@ impl SecurityMonitoringAPI { } } - /// Delete a notification rule for security signals. - pub async fn delete_signal_notification_rule( + /// Delete an existing job. + pub async fn delete_threat_hunting_job( &self, - id: String, - ) -> Result<(), datadog::Error> { - match self - .delete_signal_notification_rule_with_http_info(id) - .await - { + job_id: String, + ) -> Result<(), datadog::Error> { + match self.delete_threat_hunting_job_with_http_info(job_id).await { Ok(_) => Ok(()), Err(err) => Err(err), } } - /// Delete a notification rule for security signals. - pub async fn delete_signal_notification_rule_with_http_info( + /// Delete an existing job. + pub async fn delete_threat_hunting_job_with_http_info( &self, - id: String, - ) -> Result, datadog::Error> - { + job_id: String, + ) -> Result, datadog::Error> { let local_configuration = &self.config; - let operation_id = "v2.delete_signal_notification_rule"; + let operation_id = "v2.delete_threat_hunting_job"; + if local_configuration.is_unstable_operation_enabled(operation_id) { + warn!("Using unstable operation {operation_id}"); + } else { + let local_error = datadog::UnstableOperationDisabledError { + msg: "Operation 'v2.delete_threat_hunting_job' is not enabled".to_string(), + }; + return Err(datadog::Error::UnstableOperationDisabledError(local_error)); + } let local_client = &self.client; let local_uri_str = format!( - "{}/api/v2/security/signals/notification_rules/{id}", + "{}/api/v2/siem-threat-hunting/jobs/{job_id}", local_configuration.get_operation_host(operation_id), - id = datadog::urlencode(id) + job_id = datadog::urlencode(job_id) ); let mut local_req_builder = local_client.request(reqwest::Method::DELETE, local_uri_str.as_str()); @@ -3655,7 +3655,7 @@ impl SecurityMonitoringAPI { entity: None, }) } else { - let local_entity: Option = + let local_entity: Option = serde_json::from_str(&local_content).ok(); let local_error = datadog::ResponseContent { status: local_status, @@ -4487,123 +4487,8 @@ impl SecurityMonitoringAPI { } } - /// Get a job's details. - pub async fn get_historical_job( - &self, - job_id: String, - ) -> Result> - { - match self.get_historical_job_with_http_info(job_id).await { - Ok(response_content) => { - if let Some(e) = response_content.entity { - Ok(e) - } else { - Err(datadog::Error::Serde(serde::de::Error::custom( - "response content was None", - ))) - } - } - Err(err) => Err(err), - } - } - - /// Get a job's details. - pub async fn get_historical_job_with_http_info( - &self, - job_id: String, - ) -> Result< - datadog::ResponseContent, - datadog::Error, - > { - let local_configuration = &self.config; - let operation_id = "v2.get_historical_job"; - if local_configuration.is_unstable_operation_enabled(operation_id) { - warn!("Using unstable operation {operation_id}"); - } else { - let local_error = datadog::UnstableOperationDisabledError { - msg: "Operation 'v2.get_historical_job' is not enabled".to_string(), - }; - return Err(datadog::Error::UnstableOperationDisabledError(local_error)); - } - - let local_client = &self.client; - - let local_uri_str = format!( - "{}/api/v2/siem-historical-detections/jobs/{job_id}", - local_configuration.get_operation_host(operation_id), - job_id = datadog::urlencode(job_id) - ); - let mut local_req_builder = - local_client.request(reqwest::Method::GET, local_uri_str.as_str()); - - // build headers - let mut headers = HeaderMap::new(); - headers.insert("Accept", HeaderValue::from_static("application/json")); - - // build user agent - match HeaderValue::from_str(local_configuration.user_agent.as_str()) { - Ok(user_agent) => headers.insert(reqwest::header::USER_AGENT, user_agent), - Err(e) => { - log::warn!("Failed to parse user agent header: {e}, falling back to default"); - headers.insert( - reqwest::header::USER_AGENT, - HeaderValue::from_static(datadog::DEFAULT_USER_AGENT.as_str()), - ) - } - }; - - // build auth - if let Some(local_key) = local_configuration.auth_keys.get("apiKeyAuth") { - headers.insert( - "DD-API-KEY", - HeaderValue::from_str(local_key.key.as_str()) - .expect("failed to parse DD-API-KEY header"), - ); - }; - if let Some(local_key) = local_configuration.auth_keys.get("appKeyAuth") { - headers.insert( - "DD-APPLICATION-KEY", - HeaderValue::from_str(local_key.key.as_str()) - .expect("failed to parse DD-APPLICATION-KEY header"), - ); - }; - - local_req_builder = local_req_builder.headers(headers); - let local_req = local_req_builder.build()?; - log::debug!("request content: {:?}", local_req.body()); - let local_resp = local_client.execute(local_req).await?; - - let local_status = local_resp.status(); - let local_content = local_resp.text().await?; - log::debug!("response content: {}", local_content); - - if !local_status.is_client_error() && !local_status.is_server_error() { - match serde_json::from_str::( - &local_content, - ) { - Ok(e) => { - return Ok(datadog::ResponseContent { - status: local_status, - content: local_content, - entity: Some(e), - }) - } - Err(e) => return Err(datadog::Error::Serde(e)), - }; - } else { - let local_entity: Option = - serde_json::from_str(&local_content).ok(); - let local_error = datadog::ResponseContent { - status: local_status, - content: local_content, - entity: local_entity, - }; - Err(datadog::Error::ResponseError(local_error)) - } - } - - /// List resource filters. - pub async fn get_resource_evaluation_filters( + /// List resource filters. + pub async fn get_resource_evaluation_filters( &self, params: GetResourceEvaluationFiltersOptionalParams, ) -> Result< @@ -5165,7 +5050,7 @@ impl SecurityMonitoringAPI { let local_client = &self.client; let local_uri_str = format!( - "{}/api/v2/siem-historical-detections/histsignals/{histsignal_id}", + "{}/api/v2/siem-threat-hunting/histsignals/{histsignal_id}", local_configuration.get_operation_host(operation_id), histsignal_id = datadog::urlencode(histsignal_id) ); @@ -5296,7 +5181,7 @@ impl SecurityMonitoringAPI { let local_client = &self.client; let local_uri_str = format!( - "{}/api/v2/siem-historical-detections/jobs/{job_id}/histsignals", + "{}/api/v2/siem-threat-hunting/jobs/{job_id}/histsignals", local_configuration.get_operation_host(operation_id), job_id = datadog::urlencode(job_id) ); @@ -6222,6 +6107,123 @@ impl SecurityMonitoringAPI { } } + /// Get a job's details. + pub async fn get_threat_hunting_job( + &self, + job_id: String, + ) -> Result< + crate::datadogV2::model::ThreatHuntingJobResponse, + datadog::Error, + > { + match self.get_threat_hunting_job_with_http_info(job_id).await { + Ok(response_content) => { + if let Some(e) = response_content.entity { + Ok(e) + } else { + Err(datadog::Error::Serde(serde::de::Error::custom( + "response content was None", + ))) + } + } + Err(err) => Err(err), + } + } + + /// Get a job's details. + pub async fn get_threat_hunting_job_with_http_info( + &self, + job_id: String, + ) -> Result< + datadog::ResponseContent, + datadog::Error, + > { + let local_configuration = &self.config; + let operation_id = "v2.get_threat_hunting_job"; + if local_configuration.is_unstable_operation_enabled(operation_id) { + warn!("Using unstable operation {operation_id}"); + } else { + let local_error = datadog::UnstableOperationDisabledError { + msg: "Operation 'v2.get_threat_hunting_job' is not enabled".to_string(), + }; + return Err(datadog::Error::UnstableOperationDisabledError(local_error)); + } + + let local_client = &self.client; + + let local_uri_str = format!( + "{}/api/v2/siem-threat-hunting/jobs/{job_id}", + local_configuration.get_operation_host(operation_id), + job_id = datadog::urlencode(job_id) + ); + let mut local_req_builder = + local_client.request(reqwest::Method::GET, local_uri_str.as_str()); + + // build headers + let mut headers = HeaderMap::new(); + headers.insert("Accept", HeaderValue::from_static("application/json")); + + // build user agent + match HeaderValue::from_str(local_configuration.user_agent.as_str()) { + Ok(user_agent) => headers.insert(reqwest::header::USER_AGENT, user_agent), + Err(e) => { + log::warn!("Failed to parse user agent header: {e}, falling back to default"); + headers.insert( + reqwest::header::USER_AGENT, + HeaderValue::from_static(datadog::DEFAULT_USER_AGENT.as_str()), + ) + } + }; + + // build auth + if let Some(local_key) = local_configuration.auth_keys.get("apiKeyAuth") { + headers.insert( + "DD-API-KEY", + HeaderValue::from_str(local_key.key.as_str()) + .expect("failed to parse DD-API-KEY header"), + ); + }; + if let Some(local_key) = local_configuration.auth_keys.get("appKeyAuth") { + headers.insert( + "DD-APPLICATION-KEY", + HeaderValue::from_str(local_key.key.as_str()) + .expect("failed to parse DD-APPLICATION-KEY header"), + ); + }; + + local_req_builder = local_req_builder.headers(headers); + let local_req = local_req_builder.build()?; + log::debug!("request content: {:?}", local_req.body()); + let local_resp = local_client.execute(local_req).await?; + + let local_status = local_resp.status(); + let local_content = local_resp.text().await?; + log::debug!("response content: {}", local_content); + + if !local_status.is_client_error() && !local_status.is_server_error() { + match serde_json::from_str::( + &local_content, + ) { + Ok(e) => { + return Ok(datadog::ResponseContent { + status: local_status, + content: local_content, + entity: Some(e), + }) + } + Err(e) => return Err(datadog::Error::Serde(e)), + }; + } else { + let local_entity: Option = + serde_json::from_str(&local_content).ok(); + let local_error = datadog::ResponseContent { + status: local_status, + content: local_content, + entity: local_entity, + }; + Err(datadog::Error::ResponseError(local_error)) + } + } + /// Get the details of a notification rule for security vulnerabilities. pub async fn get_vulnerability_notification_rule( &self, @@ -6942,145 +6944,6 @@ impl SecurityMonitoringAPI { } } - /// List historical jobs. - pub async fn list_historical_jobs( - &self, - params: ListHistoricalJobsOptionalParams, - ) -> Result< - crate::datadogV2::model::ListHistoricalJobsResponse, - datadog::Error, - > { - match self.list_historical_jobs_with_http_info(params).await { - Ok(response_content) => { - if let Some(e) = response_content.entity { - Ok(e) - } else { - Err(datadog::Error::Serde(serde::de::Error::custom( - "response content was None", - ))) - } - } - Err(err) => Err(err), - } - } - - /// List historical jobs. - pub async fn list_historical_jobs_with_http_info( - &self, - params: ListHistoricalJobsOptionalParams, - ) -> Result< - datadog::ResponseContent, - datadog::Error, - > { - let local_configuration = &self.config; - let operation_id = "v2.list_historical_jobs"; - if local_configuration.is_unstable_operation_enabled(operation_id) { - warn!("Using unstable operation {operation_id}"); - } else { - let local_error = datadog::UnstableOperationDisabledError { - msg: "Operation 'v2.list_historical_jobs' is not enabled".to_string(), - }; - return Err(datadog::Error::UnstableOperationDisabledError(local_error)); - } - - // unbox and build optional parameters - let page_size = params.page_size; - let page_number = params.page_number; - let sort = params.sort; - let filter_query = params.filter_query; - - let local_client = &self.client; - - let local_uri_str = format!( - "{}/api/v2/siem-historical-detections/jobs", - local_configuration.get_operation_host(operation_id) - ); - let mut local_req_builder = - local_client.request(reqwest::Method::GET, local_uri_str.as_str()); - - if let Some(ref local_query_param) = page_size { - local_req_builder = - local_req_builder.query(&[("page[size]", &local_query_param.to_string())]); - }; - if let Some(ref local_query_param) = page_number { - local_req_builder = - local_req_builder.query(&[("page[number]", &local_query_param.to_string())]); - }; - if let Some(ref local_query_param) = sort { - local_req_builder = - local_req_builder.query(&[("sort", &local_query_param.to_string())]); - }; - if let Some(ref local_query_param) = filter_query { - local_req_builder = - local_req_builder.query(&[("filter[query]", &local_query_param.to_string())]); - }; - - // build headers - let mut headers = HeaderMap::new(); - headers.insert("Accept", HeaderValue::from_static("application/json")); - - // build user agent - match HeaderValue::from_str(local_configuration.user_agent.as_str()) { - Ok(user_agent) => headers.insert(reqwest::header::USER_AGENT, user_agent), - Err(e) => { - log::warn!("Failed to parse user agent header: {e}, falling back to default"); - headers.insert( - reqwest::header::USER_AGENT, - HeaderValue::from_static(datadog::DEFAULT_USER_AGENT.as_str()), - ) - } - }; - - // build auth - if let Some(local_key) = local_configuration.auth_keys.get("apiKeyAuth") { - headers.insert( - "DD-API-KEY", - HeaderValue::from_str(local_key.key.as_str()) - .expect("failed to parse DD-API-KEY header"), - ); - }; - if let Some(local_key) = local_configuration.auth_keys.get("appKeyAuth") { - headers.insert( - "DD-APPLICATION-KEY", - HeaderValue::from_str(local_key.key.as_str()) - .expect("failed to parse DD-APPLICATION-KEY header"), - ); - }; - - local_req_builder = local_req_builder.headers(headers); - let local_req = local_req_builder.build()?; - log::debug!("request content: {:?}", local_req.body()); - let local_resp = local_client.execute(local_req).await?; - - let local_status = local_resp.status(); - let local_content = local_resp.text().await?; - log::debug!("response content: {}", local_content); - - if !local_status.is_client_error() && !local_status.is_server_error() { - match serde_json::from_str::( - &local_content, - ) { - Ok(e) => { - return Ok(datadog::ResponseContent { - status: local_status, - content: local_content, - entity: Some(e), - }) - } - Err(e) => return Err(datadog::Error::Serde(e)), - }; - } else { - let local_entity: Option = - serde_json::from_str(&local_content).ok(); - let local_error = datadog::ResponseContent { - status: local_status, - content: local_content, - entity: local_entity, - }; - Err(datadog::Error::ResponseError(local_error)) - } - } - /// Get a list of security scanned assets metadata for an organization. /// /// ### Pagination @@ -7483,7 +7346,7 @@ impl SecurityMonitoringAPI { let local_client = &self.client; let local_uri_str = format!( - "{}/api/v2/siem-historical-detections/histsignals", + "{}/api/v2/siem-threat-hunting/histsignals", local_configuration.get_operation_host(operation_id) ); let mut local_req_builder = @@ -8020,6 +7883,145 @@ impl SecurityMonitoringAPI { } } + /// List threat hunting jobs. + pub async fn list_threat_hunting_jobs( + &self, + params: ListThreatHuntingJobsOptionalParams, + ) -> Result< + crate::datadogV2::model::ListThreatHuntingJobsResponse, + datadog::Error, + > { + match self.list_threat_hunting_jobs_with_http_info(params).await { + Ok(response_content) => { + if let Some(e) = response_content.entity { + Ok(e) + } else { + Err(datadog::Error::Serde(serde::de::Error::custom( + "response content was None", + ))) + } + } + Err(err) => Err(err), + } + } + + /// List threat hunting jobs. + pub async fn list_threat_hunting_jobs_with_http_info( + &self, + params: ListThreatHuntingJobsOptionalParams, + ) -> Result< + datadog::ResponseContent, + datadog::Error, + > { + let local_configuration = &self.config; + let operation_id = "v2.list_threat_hunting_jobs"; + if local_configuration.is_unstable_operation_enabled(operation_id) { + warn!("Using unstable operation {operation_id}"); + } else { + let local_error = datadog::UnstableOperationDisabledError { + msg: "Operation 'v2.list_threat_hunting_jobs' is not enabled".to_string(), + }; + return Err(datadog::Error::UnstableOperationDisabledError(local_error)); + } + + // unbox and build optional parameters + let page_size = params.page_size; + let page_number = params.page_number; + let sort = params.sort; + let filter_query = params.filter_query; + + let local_client = &self.client; + + let local_uri_str = format!( + "{}/api/v2/siem-threat-hunting/jobs", + local_configuration.get_operation_host(operation_id) + ); + let mut local_req_builder = + local_client.request(reqwest::Method::GET, local_uri_str.as_str()); + + if let Some(ref local_query_param) = page_size { + local_req_builder = + local_req_builder.query(&[("page[size]", &local_query_param.to_string())]); + }; + if let Some(ref local_query_param) = page_number { + local_req_builder = + local_req_builder.query(&[("page[number]", &local_query_param.to_string())]); + }; + if let Some(ref local_query_param) = sort { + local_req_builder = + local_req_builder.query(&[("sort", &local_query_param.to_string())]); + }; + if let Some(ref local_query_param) = filter_query { + local_req_builder = + local_req_builder.query(&[("filter[query]", &local_query_param.to_string())]); + }; + + // build headers + let mut headers = HeaderMap::new(); + headers.insert("Accept", HeaderValue::from_static("application/json")); + + // build user agent + match HeaderValue::from_str(local_configuration.user_agent.as_str()) { + Ok(user_agent) => headers.insert(reqwest::header::USER_AGENT, user_agent), + Err(e) => { + log::warn!("Failed to parse user agent header: {e}, falling back to default"); + headers.insert( + reqwest::header::USER_AGENT, + HeaderValue::from_static(datadog::DEFAULT_USER_AGENT.as_str()), + ) + } + }; + + // build auth + if let Some(local_key) = local_configuration.auth_keys.get("apiKeyAuth") { + headers.insert( + "DD-API-KEY", + HeaderValue::from_str(local_key.key.as_str()) + .expect("failed to parse DD-API-KEY header"), + ); + }; + if let Some(local_key) = local_configuration.auth_keys.get("appKeyAuth") { + headers.insert( + "DD-APPLICATION-KEY", + HeaderValue::from_str(local_key.key.as_str()) + .expect("failed to parse DD-APPLICATION-KEY header"), + ); + }; + + local_req_builder = local_req_builder.headers(headers); + let local_req = local_req_builder.build()?; + log::debug!("request content: {:?}", local_req.body()); + let local_resp = local_client.execute(local_req).await?; + + let local_status = local_resp.status(); + let local_content = local_resp.text().await?; + log::debug!("response content: {}", local_content); + + if !local_status.is_client_error() && !local_status.is_server_error() { + match serde_json::from_str::( + &local_content, + ) { + Ok(e) => { + return Ok(datadog::ResponseContent { + status: local_status, + content: local_content, + entity: Some(e), + }) + } + Err(e) => return Err(datadog::Error::Serde(e)), + }; + } else { + let local_entity: Option = + serde_json::from_str(&local_content).ok(); + let local_error = datadog::ResponseContent { + status: local_status, + content: local_content, + entity: local_entity, + }; + Err(datadog::Error::ResponseError(local_error)) + } + } + /// Get a list of vulnerabilities. /// /// ### Pagination @@ -9290,13 +9292,13 @@ impl SecurityMonitoringAPI { } } - /// Run a historical job. - pub async fn run_historical_job( + /// Run a threat hunting job. + pub async fn run_threat_hunting_job( &self, - body: crate::datadogV2::model::RunHistoricalJobRequest, - ) -> Result> + body: crate::datadogV2::model::RunThreatHuntingJobRequest, + ) -> Result> { - match self.run_historical_job_with_http_info(body).await { + match self.run_threat_hunting_job_with_http_info(body).await { Ok(response_content) => { if let Some(e) = response_content.entity { Ok(e) @@ -9310,21 +9312,21 @@ impl SecurityMonitoringAPI { } } - /// Run a historical job. - pub async fn run_historical_job_with_http_info( + /// Run a threat hunting job. + pub async fn run_threat_hunting_job_with_http_info( &self, - body: crate::datadogV2::model::RunHistoricalJobRequest, + body: crate::datadogV2::model::RunThreatHuntingJobRequest, ) -> Result< datadog::ResponseContent, - datadog::Error, + datadog::Error, > { let local_configuration = &self.config; - let operation_id = "v2.run_historical_job"; + let operation_id = "v2.run_threat_hunting_job"; if local_configuration.is_unstable_operation_enabled(operation_id) { warn!("Using unstable operation {operation_id}"); } else { let local_error = datadog::UnstableOperationDisabledError { - msg: "Operation 'v2.run_historical_job' is not enabled".to_string(), + msg: "Operation 'v2.run_threat_hunting_job' is not enabled".to_string(), }; return Err(datadog::Error::UnstableOperationDisabledError(local_error)); } @@ -9332,7 +9334,7 @@ impl SecurityMonitoringAPI { let local_client = &self.client; let local_uri_str = format!( - "{}/api/v2/siem-historical-detections/jobs", + "{}/api/v2/siem-threat-hunting/jobs", local_configuration.get_operation_host(operation_id) ); let mut local_req_builder = @@ -9438,7 +9440,7 @@ impl SecurityMonitoringAPI { Err(e) => return Err(datadog::Error::Serde(e)), }; } else { - let local_entity: Option = + let local_entity: Option = serde_json::from_str(&local_content).ok(); let local_error = datadog::ResponseContent { status: local_status, @@ -9500,7 +9502,7 @@ impl SecurityMonitoringAPI { let local_client = &self.client; let local_uri_str = format!( - "{}/api/v2/siem-historical-detections/histsignals/search", + "{}/api/v2/siem-threat-hunting/histsignals/search", local_configuration.get_operation_host(operation_id) ); let mut local_req_builder = diff --git a/src/datadogV2/model/mod.rs b/src/datadogV2/model/mod.rs index 14eae9e72..4c01be1ab 100644 --- a/src/datadogV2/model/mod.rs +++ b/src/datadogV2/model/mod.rs @@ -5970,32 +5970,32 @@ pub mod model_incident_service_update_data; pub use self::model_incident_service_update_data::IncidentServiceUpdateData; pub mod model_incident_service_update_attributes; pub use self::model_incident_service_update_attributes::IncidentServiceUpdateAttributes; -pub mod model_list_historical_jobs_response; -pub use self::model_list_historical_jobs_response::ListHistoricalJobsResponse; -pub mod model_historical_job_response_data; -pub use self::model_historical_job_response_data::HistoricalJobResponseData; -pub mod model_historical_job_response_attributes; -pub use self::model_historical_job_response_attributes::HistoricalJobResponseAttributes; +pub mod model_list_threat_hunting_jobs_response; +pub use self::model_list_threat_hunting_jobs_response::ListThreatHuntingJobsResponse; +pub mod model_threat_hunting_job_response_data; +pub use self::model_threat_hunting_job_response_data::ThreatHuntingJobResponseData; +pub mod model_threat_hunting_job_response_attributes; +pub use self::model_threat_hunting_job_response_attributes::ThreatHuntingJobResponseAttributes; pub mod model_job_definition; pub use self::model_job_definition::JobDefinition; -pub mod model_historical_job_options; -pub use self::model_historical_job_options::HistoricalJobOptions; -pub mod model_historical_job_query; -pub use self::model_historical_job_query::HistoricalJobQuery; -pub mod model_historical_job_data_type; -pub use self::model_historical_job_data_type::HistoricalJobDataType; -pub mod model_historical_job_list_meta; -pub use self::model_historical_job_list_meta::HistoricalJobListMeta; -pub mod model_run_historical_job_request; -pub use self::model_run_historical_job_request::RunHistoricalJobRequest; -pub mod model_run_historical_job_request_data; -pub use self::model_run_historical_job_request_data::RunHistoricalJobRequestData; -pub mod model_run_historical_job_request_attributes; -pub use self::model_run_historical_job_request_attributes::RunHistoricalJobRequestAttributes; +pub mod model_threat_hunting_job_options; +pub use self::model_threat_hunting_job_options::ThreatHuntingJobOptions; +pub mod model_threat_hunting_job_query; +pub use self::model_threat_hunting_job_query::ThreatHuntingJobQuery; +pub mod model_threat_hunting_job_data_type; +pub use self::model_threat_hunting_job_data_type::ThreatHuntingJobDataType; +pub mod model_threat_hunting_job_list_meta; +pub use self::model_threat_hunting_job_list_meta::ThreatHuntingJobListMeta; +pub mod model_run_threat_hunting_job_request; +pub use self::model_run_threat_hunting_job_request::RunThreatHuntingJobRequest; +pub mod model_run_threat_hunting_job_request_data; +pub use self::model_run_threat_hunting_job_request_data::RunThreatHuntingJobRequestData; +pub mod model_run_threat_hunting_job_request_attributes; +pub use self::model_run_threat_hunting_job_request_attributes::RunThreatHuntingJobRequestAttributes; pub mod model_job_definition_from_rule; pub use self::model_job_definition_from_rule::JobDefinitionFromRule; -pub mod model_run_historical_job_request_data_type; -pub use self::model_run_historical_job_request_data_type::RunHistoricalJobRequestDataType; +pub mod model_run_threat_hunting_job_request_data_type; +pub use self::model_run_threat_hunting_job_request_data_type::RunThreatHuntingJobRequestDataType; pub mod model_job_create_response; pub use self::model_job_create_response::JobCreateResponse; pub mod model_job_create_response_data; @@ -6008,8 +6008,8 @@ pub mod model_convert_job_results_to_signals_attributes; pub use self::model_convert_job_results_to_signals_attributes::ConvertJobResultsToSignalsAttributes; pub mod model_convert_job_results_to_signals_data_type; pub use self::model_convert_job_results_to_signals_data_type::ConvertJobResultsToSignalsDataType; -pub mod model_historical_job_response; -pub use self::model_historical_job_response::HistoricalJobResponse; +pub mod model_threat_hunting_job_response; +pub use self::model_threat_hunting_job_response::ThreatHuntingJobResponse; pub mod model_slo_report_create_request; pub use self::model_slo_report_create_request::SloReportCreateRequest; pub mod model_slo_report_create_request_data; diff --git a/src/datadogV2/model/model_convert_job_results_to_signals_attributes.rs b/src/datadogV2/model/model_convert_job_results_to_signals_attributes.rs index 49c15c69a..0bbf3f2df 100644 --- a/src/datadogV2/model/model_convert_job_results_to_signals_attributes.rs +++ b/src/datadogV2/model/model_convert_job_results_to_signals_attributes.rs @@ -6,7 +6,7 @@ use serde::{Deserialize, Deserializer, Serialize}; use serde_with::skip_serializing_none; use std::fmt::{self, Formatter}; -/// Attributes for converting historical job results to signals. +/// Attributes for converting threat hunting job results to signals. #[non_exhaustive] #[skip_serializing_none] #[derive(Clone, Debug, PartialEq, Serialize)] diff --git a/src/datadogV2/model/model_convert_job_results_to_signals_data.rs b/src/datadogV2/model/model_convert_job_results_to_signals_data.rs index a5324c5d4..34f68ce1f 100644 --- a/src/datadogV2/model/model_convert_job_results_to_signals_data.rs +++ b/src/datadogV2/model/model_convert_job_results_to_signals_data.rs @@ -6,12 +6,12 @@ use serde::{Deserialize, Deserializer, Serialize}; use serde_with::skip_serializing_none; use std::fmt::{self, Formatter}; -/// Data for converting historical job results to signals. +/// Data for converting threat hunting job results to signals. #[non_exhaustive] #[skip_serializing_none] #[derive(Clone, Debug, PartialEq, Serialize)] pub struct ConvertJobResultsToSignalsData { - /// Attributes for converting historical job results to signals. + /// Attributes for converting threat hunting job results to signals. #[serde(rename = "attributes")] pub attributes: Option, /// Type of payload. diff --git a/src/datadogV2/model/model_convert_job_results_to_signals_request.rs b/src/datadogV2/model/model_convert_job_results_to_signals_request.rs index 9bce8e709..14e7d15ac 100644 --- a/src/datadogV2/model/model_convert_job_results_to_signals_request.rs +++ b/src/datadogV2/model/model_convert_job_results_to_signals_request.rs @@ -6,12 +6,12 @@ use serde::{Deserialize, Deserializer, Serialize}; use serde_with::skip_serializing_none; use std::fmt::{self, Formatter}; -/// Request for converting historical job results to signals. +/// Request for converting threat hunting job results to signals. #[non_exhaustive] #[skip_serializing_none] #[derive(Clone, Debug, PartialEq, Serialize)] pub struct ConvertJobResultsToSignalsRequest { - /// Data for converting historical job results to signals. + /// Data for converting threat hunting job results to signals. #[serde(rename = "data")] pub data: Option, #[serde(flatten)] diff --git a/src/datadogV2/model/model_job_create_response.rs b/src/datadogV2/model/model_job_create_response.rs index ec6c3bfa5..793322708 100644 --- a/src/datadogV2/model/model_job_create_response.rs +++ b/src/datadogV2/model/model_job_create_response.rs @@ -6,7 +6,7 @@ use serde::{Deserialize, Deserializer, Serialize}; use serde_with::skip_serializing_none; use std::fmt::{self, Formatter}; -/// Run a historical job response. +/// Run a threat hunting job response. #[non_exhaustive] #[skip_serializing_none] #[derive(Clone, Debug, PartialEq, Serialize)] diff --git a/src/datadogV2/model/model_job_create_response_data.rs b/src/datadogV2/model/model_job_create_response_data.rs index b29d95b26..62f59680a 100644 --- a/src/datadogV2/model/model_job_create_response_data.rs +++ b/src/datadogV2/model/model_job_create_response_data.rs @@ -16,7 +16,7 @@ pub struct JobCreateResponseData { pub id: Option, /// Type of payload. #[serde(rename = "type")] - pub type_: Option, + pub type_: Option, #[serde(flatten)] pub additional_properties: std::collections::BTreeMap, #[serde(skip)] @@ -39,7 +39,7 @@ impl JobCreateResponseData { self } - pub fn type_(mut self, value: crate::datadogV2::model::HistoricalJobDataType) -> Self { + pub fn type_(mut self, value: crate::datadogV2::model::ThreatHuntingJobDataType) -> Self { self.type_ = Some(value); self } @@ -77,7 +77,7 @@ impl<'de> Deserialize<'de> for JobCreateResponseData { M: MapAccess<'a>, { let mut id: Option = None; - let mut type_: Option = None; + let mut type_: Option = None; let mut additional_properties: std::collections::BTreeMap< String, serde_json::Value, @@ -99,7 +99,7 @@ impl<'de> Deserialize<'de> for JobCreateResponseData { type_ = Some(serde_json::from_value(v).map_err(M::Error::custom)?); if let Some(ref _type_) = type_ { match _type_ { - crate::datadogV2::model::HistoricalJobDataType::UnparsedObject(_type_) => { + crate::datadogV2::model::ThreatHuntingJobDataType::UnparsedObject(_type_) => { _unparsed = true; }, _ => {} diff --git a/src/datadogV2/model/model_job_definition.rs b/src/datadogV2/model/model_job_definition.rs index 018b6c21f..7346bfdbb 100644 --- a/src/datadogV2/model/model_job_definition.rs +++ b/src/datadogV2/model/model_job_definition.rs @@ -6,7 +6,7 @@ use serde::{Deserialize, Deserializer, Serialize}; use serde_with::skip_serializing_none; use std::fmt::{self, Formatter}; -/// Definition of a historical job. +/// Definition of a threat hunting job. #[non_exhaustive] #[skip_serializing_none] #[derive(Clone, Debug, PartialEq, Serialize)] @@ -34,10 +34,10 @@ pub struct JobDefinition { pub name: String, /// Job options. #[serde(rename = "options")] - pub options: Option, + pub options: Option, /// Queries for selecting logs analyzed by the job. #[serde(rename = "queries")] - pub queries: Vec, + pub queries: Vec, /// Reference tables used in the queries. #[serde(rename = "referenceTables")] pub reference_tables: Option>, @@ -68,7 +68,7 @@ impl JobDefinition { index: String, message: String, name: String, - queries: Vec, + queries: Vec, to: i64, ) -> JobDefinition { JobDefinition { @@ -104,7 +104,7 @@ impl JobDefinition { self } - pub fn options(mut self, value: crate::datadogV2::model::HistoricalJobOptions) -> Self { + pub fn options(mut self, value: crate::datadogV2::model::ThreatHuntingJobOptions) -> Self { self.options = Some(value); self } @@ -171,8 +171,8 @@ impl<'de> Deserialize<'de> for JobDefinition { let mut index: Option = None; let mut message: Option = None; let mut name: Option = None; - let mut options: Option = None; - let mut queries: Option> = None; + let mut options: Option = None; + let mut queries: Option> = None; let mut reference_tables: Option< Vec, > = None; diff --git a/src/datadogV2/model/model_job_definition_from_rule.rs b/src/datadogV2/model/model_job_definition_from_rule.rs index 8faba871a..17da9fa02 100644 --- a/src/datadogV2/model/model_job_definition_from_rule.rs +++ b/src/datadogV2/model/model_job_definition_from_rule.rs @@ -6,7 +6,7 @@ use serde::{Deserialize, Deserializer, Serialize}; use serde_with::skip_serializing_none; use std::fmt::{self, Formatter}; -/// Definition of a historical job based on a security monitoring rule. +/// Definition of a threat hunting job based on a security monitoring rule. #[non_exhaustive] #[skip_serializing_none] #[derive(Clone, Debug, PartialEq, Serialize)] diff --git a/src/datadogV2/model/model_list_historical_jobs_response.rs b/src/datadogV2/model/model_list_threat_hunting_jobs_response.rs similarity index 72% rename from src/datadogV2/model/model_list_historical_jobs_response.rs rename to src/datadogV2/model/model_list_threat_hunting_jobs_response.rs index 9ef6f84ac..b41f0f453 100644 --- a/src/datadogV2/model/model_list_historical_jobs_response.rs +++ b/src/datadogV2/model/model_list_threat_hunting_jobs_response.rs @@ -6,17 +6,17 @@ use serde::{Deserialize, Deserializer, Serialize}; use serde_with::skip_serializing_none; use std::fmt::{self, Formatter}; -/// List of historical jobs. +/// List of threat hunting jobs. #[non_exhaustive] #[skip_serializing_none] #[derive(Clone, Debug, PartialEq, Serialize)] -pub struct ListHistoricalJobsResponse { - /// Array containing the list of historical jobs. +pub struct ListThreatHuntingJobsResponse { + /// Array containing the list of threat hunting jobs. #[serde(rename = "data")] - pub data: Option>, + pub data: Option>, /// Metadata about the list of jobs. #[serde(rename = "meta")] - pub meta: Option, + pub meta: Option, #[serde(flatten)] pub additional_properties: std::collections::BTreeMap, #[serde(skip)] @@ -24,9 +24,9 @@ pub struct ListHistoricalJobsResponse { pub(crate) _unparsed: bool, } -impl ListHistoricalJobsResponse { - pub fn new() -> ListHistoricalJobsResponse { - ListHistoricalJobsResponse { +impl ListThreatHuntingJobsResponse { + pub fn new() -> ListThreatHuntingJobsResponse { + ListThreatHuntingJobsResponse { data: None, meta: None, additional_properties: std::collections::BTreeMap::new(), @@ -34,12 +34,15 @@ impl ListHistoricalJobsResponse { } } - pub fn data(mut self, value: Vec) -> Self { + pub fn data( + mut self, + value: Vec, + ) -> Self { self.data = Some(value); self } - pub fn meta(mut self, value: crate::datadogV2::model::HistoricalJobListMeta) -> Self { + pub fn meta(mut self, value: crate::datadogV2::model::ThreatHuntingJobListMeta) -> Self { self.meta = Some(value); self } @@ -53,20 +56,20 @@ impl ListHistoricalJobsResponse { } } -impl Default for ListHistoricalJobsResponse { +impl Default for ListThreatHuntingJobsResponse { fn default() -> Self { Self::new() } } -impl<'de> Deserialize<'de> for ListHistoricalJobsResponse { +impl<'de> Deserialize<'de> for ListThreatHuntingJobsResponse { fn deserialize(deserializer: D) -> Result where D: Deserializer<'de>, { - struct ListHistoricalJobsResponseVisitor; - impl<'a> Visitor<'a> for ListHistoricalJobsResponseVisitor { - type Value = ListHistoricalJobsResponse; + struct ListThreatHuntingJobsResponseVisitor; + impl<'a> Visitor<'a> for ListThreatHuntingJobsResponseVisitor { + type Value = ListThreatHuntingJobsResponse; fn expecting(&self, f: &mut Formatter<'_>) -> fmt::Result { f.write_str("a mapping") @@ -76,9 +79,9 @@ impl<'de> Deserialize<'de> for ListHistoricalJobsResponse { where M: MapAccess<'a>, { - let mut data: Option> = + let mut data: Option> = None; - let mut meta: Option = None; + let mut meta: Option = None; let mut additional_properties: std::collections::BTreeMap< String, serde_json::Value, @@ -107,7 +110,7 @@ impl<'de> Deserialize<'de> for ListHistoricalJobsResponse { } } - let content = ListHistoricalJobsResponse { + let content = ListThreatHuntingJobsResponse { data, meta, additional_properties, @@ -118,6 +121,6 @@ impl<'de> Deserialize<'de> for ListHistoricalJobsResponse { } } - deserializer.deserialize_any(ListHistoricalJobsResponseVisitor) + deserializer.deserialize_any(ListThreatHuntingJobsResponseVisitor) } } diff --git a/src/datadogV2/model/model_run_historical_job_request.rs b/src/datadogV2/model/model_run_threat_hunting_job_request.rs similarity index 75% rename from src/datadogV2/model/model_run_historical_job_request.rs rename to src/datadogV2/model/model_run_threat_hunting_job_request.rs index 7bf1ce658..1a450be74 100644 --- a/src/datadogV2/model/model_run_historical_job_request.rs +++ b/src/datadogV2/model/model_run_threat_hunting_job_request.rs @@ -6,14 +6,14 @@ use serde::{Deserialize, Deserializer, Serialize}; use serde_with::skip_serializing_none; use std::fmt::{self, Formatter}; -/// Run a historical job request. +/// Run a threat hunting job request. #[non_exhaustive] #[skip_serializing_none] #[derive(Clone, Debug, PartialEq, Serialize)] -pub struct RunHistoricalJobRequest { - /// Data for running a historical job request. +pub struct RunThreatHuntingJobRequest { + /// Data for running a threat hunting job request. #[serde(rename = "data")] - pub data: Option, + pub data: Option, #[serde(flatten)] pub additional_properties: std::collections::BTreeMap, #[serde(skip)] @@ -21,16 +21,16 @@ pub struct RunHistoricalJobRequest { pub(crate) _unparsed: bool, } -impl RunHistoricalJobRequest { - pub fn new() -> RunHistoricalJobRequest { - RunHistoricalJobRequest { +impl RunThreatHuntingJobRequest { + pub fn new() -> RunThreatHuntingJobRequest { + RunThreatHuntingJobRequest { data: None, additional_properties: std::collections::BTreeMap::new(), _unparsed: false, } } - pub fn data(mut self, value: crate::datadogV2::model::RunHistoricalJobRequestData) -> Self { + pub fn data(mut self, value: crate::datadogV2::model::RunThreatHuntingJobRequestData) -> Self { self.data = Some(value); self } @@ -44,20 +44,20 @@ impl RunHistoricalJobRequest { } } -impl Default for RunHistoricalJobRequest { +impl Default for RunThreatHuntingJobRequest { fn default() -> Self { Self::new() } } -impl<'de> Deserialize<'de> for RunHistoricalJobRequest { +impl<'de> Deserialize<'de> for RunThreatHuntingJobRequest { fn deserialize(deserializer: D) -> Result where D: Deserializer<'de>, { - struct RunHistoricalJobRequestVisitor; - impl<'a> Visitor<'a> for RunHistoricalJobRequestVisitor { - type Value = RunHistoricalJobRequest; + struct RunThreatHuntingJobRequestVisitor; + impl<'a> Visitor<'a> for RunThreatHuntingJobRequestVisitor { + type Value = RunThreatHuntingJobRequest; fn expecting(&self, f: &mut Formatter<'_>) -> fmt::Result { f.write_str("a mapping") @@ -67,7 +67,8 @@ impl<'de> Deserialize<'de> for RunHistoricalJobRequest { where M: MapAccess<'a>, { - let mut data: Option = None; + let mut data: Option = + None; let mut additional_properties: std::collections::BTreeMap< String, serde_json::Value, @@ -90,7 +91,7 @@ impl<'de> Deserialize<'de> for RunHistoricalJobRequest { } } - let content = RunHistoricalJobRequest { + let content = RunThreatHuntingJobRequest { data, additional_properties, _unparsed, @@ -100,6 +101,6 @@ impl<'de> Deserialize<'de> for RunHistoricalJobRequest { } } - deserializer.deserialize_any(RunHistoricalJobRequestVisitor) + deserializer.deserialize_any(RunThreatHuntingJobRequestVisitor) } } diff --git a/src/datadogV2/model/model_run_historical_job_request_attributes.rs b/src/datadogV2/model/model_run_threat_hunting_job_request_attributes.rs similarity index 83% rename from src/datadogV2/model/model_run_historical_job_request_attributes.rs rename to src/datadogV2/model/model_run_threat_hunting_job_request_attributes.rs index a14bea2a0..b52dad5d6 100644 --- a/src/datadogV2/model/model_run_historical_job_request_attributes.rs +++ b/src/datadogV2/model/model_run_threat_hunting_job_request_attributes.rs @@ -6,18 +6,18 @@ use serde::{Deserialize, Deserializer, Serialize}; use serde_with::skip_serializing_none; use std::fmt::{self, Formatter}; -/// Run a historical job request. +/// Run a threat hunting job request. #[non_exhaustive] #[skip_serializing_none] #[derive(Clone, Debug, PartialEq, Serialize)] -pub struct RunHistoricalJobRequestAttributes { - /// Definition of a historical job based on a security monitoring rule. +pub struct RunThreatHuntingJobRequestAttributes { + /// Definition of a threat hunting job based on a security monitoring rule. #[serde(rename = "fromRule")] pub from_rule: Option, /// Request ID. #[serde(rename = "id")] pub id: Option, - /// Definition of a historical job. + /// Definition of a threat hunting job. #[serde(rename = "jobDefinition")] pub job_definition: Option, #[serde(flatten)] @@ -27,9 +27,9 @@ pub struct RunHistoricalJobRequestAttributes { pub(crate) _unparsed: bool, } -impl RunHistoricalJobRequestAttributes { - pub fn new() -> RunHistoricalJobRequestAttributes { - RunHistoricalJobRequestAttributes { +impl RunThreatHuntingJobRequestAttributes { + pub fn new() -> RunThreatHuntingJobRequestAttributes { + RunThreatHuntingJobRequestAttributes { from_rule: None, id: None, job_definition: None, @@ -62,20 +62,20 @@ impl RunHistoricalJobRequestAttributes { } } -impl Default for RunHistoricalJobRequestAttributes { +impl Default for RunThreatHuntingJobRequestAttributes { fn default() -> Self { Self::new() } } -impl<'de> Deserialize<'de> for RunHistoricalJobRequestAttributes { +impl<'de> Deserialize<'de> for RunThreatHuntingJobRequestAttributes { fn deserialize(deserializer: D) -> Result where D: Deserializer<'de>, { - struct RunHistoricalJobRequestAttributesVisitor; - impl<'a> Visitor<'a> for RunHistoricalJobRequestAttributesVisitor { - type Value = RunHistoricalJobRequestAttributes; + struct RunThreatHuntingJobRequestAttributesVisitor; + impl<'a> Visitor<'a> for RunThreatHuntingJobRequestAttributesVisitor { + type Value = RunThreatHuntingJobRequestAttributes; fn expecting(&self, f: &mut Formatter<'_>) -> fmt::Result { f.write_str("a mapping") @@ -123,7 +123,7 @@ impl<'de> Deserialize<'de> for RunHistoricalJobRequestAttributes { } } - let content = RunHistoricalJobRequestAttributes { + let content = RunThreatHuntingJobRequestAttributes { from_rule, id, job_definition, @@ -135,6 +135,6 @@ impl<'de> Deserialize<'de> for RunHistoricalJobRequestAttributes { } } - deserializer.deserialize_any(RunHistoricalJobRequestAttributesVisitor) + deserializer.deserialize_any(RunThreatHuntingJobRequestAttributesVisitor) } } diff --git a/src/datadogV2/model/model_run_historical_job_request_data.rs b/src/datadogV2/model/model_run_threat_hunting_job_request_data.rs similarity index 75% rename from src/datadogV2/model/model_run_historical_job_request_data.rs rename to src/datadogV2/model/model_run_threat_hunting_job_request_data.rs index 2a160dd97..530b96826 100644 --- a/src/datadogV2/model/model_run_historical_job_request_data.rs +++ b/src/datadogV2/model/model_run_threat_hunting_job_request_data.rs @@ -6,17 +6,17 @@ use serde::{Deserialize, Deserializer, Serialize}; use serde_with::skip_serializing_none; use std::fmt::{self, Formatter}; -/// Data for running a historical job request. +/// Data for running a threat hunting job request. #[non_exhaustive] #[skip_serializing_none] #[derive(Clone, Debug, PartialEq, Serialize)] -pub struct RunHistoricalJobRequestData { - /// Run a historical job request. +pub struct RunThreatHuntingJobRequestData { + /// Run a threat hunting job request. #[serde(rename = "attributes")] - pub attributes: Option, + pub attributes: Option, /// Type of data. #[serde(rename = "type")] - pub type_: Option, + pub type_: Option, #[serde(flatten)] pub additional_properties: std::collections::BTreeMap, #[serde(skip)] @@ -24,9 +24,9 @@ pub struct RunHistoricalJobRequestData { pub(crate) _unparsed: bool, } -impl RunHistoricalJobRequestData { - pub fn new() -> RunHistoricalJobRequestData { - RunHistoricalJobRequestData { +impl RunThreatHuntingJobRequestData { + pub fn new() -> RunThreatHuntingJobRequestData { + RunThreatHuntingJobRequestData { attributes: None, type_: None, additional_properties: std::collections::BTreeMap::new(), @@ -36,7 +36,7 @@ impl RunHistoricalJobRequestData { pub fn attributes( mut self, - value: crate::datadogV2::model::RunHistoricalJobRequestAttributes, + value: crate::datadogV2::model::RunThreatHuntingJobRequestAttributes, ) -> Self { self.attributes = Some(value); self @@ -44,7 +44,7 @@ impl RunHistoricalJobRequestData { pub fn type_( mut self, - value: crate::datadogV2::model::RunHistoricalJobRequestDataType, + value: crate::datadogV2::model::RunThreatHuntingJobRequestDataType, ) -> Self { self.type_ = Some(value); self @@ -59,20 +59,20 @@ impl RunHistoricalJobRequestData { } } -impl Default for RunHistoricalJobRequestData { +impl Default for RunThreatHuntingJobRequestData { fn default() -> Self { Self::new() } } -impl<'de> Deserialize<'de> for RunHistoricalJobRequestData { +impl<'de> Deserialize<'de> for RunThreatHuntingJobRequestData { fn deserialize(deserializer: D) -> Result where D: Deserializer<'de>, { - struct RunHistoricalJobRequestDataVisitor; - impl<'a> Visitor<'a> for RunHistoricalJobRequestDataVisitor { - type Value = RunHistoricalJobRequestData; + struct RunThreatHuntingJobRequestDataVisitor; + impl<'a> Visitor<'a> for RunThreatHuntingJobRequestDataVisitor { + type Value = RunThreatHuntingJobRequestData; fn expecting(&self, f: &mut Formatter<'_>) -> fmt::Result { f.write_str("a mapping") @@ -83,9 +83,9 @@ impl<'de> Deserialize<'de> for RunHistoricalJobRequestData { M: MapAccess<'a>, { let mut attributes: Option< - crate::datadogV2::model::RunHistoricalJobRequestAttributes, + crate::datadogV2::model::RunThreatHuntingJobRequestAttributes, > = None; - let mut type_: Option = + let mut type_: Option = None; let mut additional_properties: std::collections::BTreeMap< String, @@ -108,7 +108,7 @@ impl<'de> Deserialize<'de> for RunHistoricalJobRequestData { type_ = Some(serde_json::from_value(v).map_err(M::Error::custom)?); if let Some(ref _type_) = type_ { match _type_ { - crate::datadogV2::model::RunHistoricalJobRequestDataType::UnparsedObject(_type_) => { + crate::datadogV2::model::RunThreatHuntingJobRequestDataType::UnparsedObject(_type_) => { _unparsed = true; }, _ => {} @@ -123,7 +123,7 @@ impl<'de> Deserialize<'de> for RunHistoricalJobRequestData { } } - let content = RunHistoricalJobRequestData { + let content = RunThreatHuntingJobRequestData { attributes, type_, additional_properties, @@ -134,6 +134,6 @@ impl<'de> Deserialize<'de> for RunHistoricalJobRequestData { } } - deserializer.deserialize_any(RunHistoricalJobRequestDataVisitor) + deserializer.deserialize_any(RunThreatHuntingJobRequestDataVisitor) } } diff --git a/src/datadogV2/model/model_run_historical_job_request_data_type.rs b/src/datadogV2/model/model_run_threat_hunting_job_request_data_type.rs similarity index 86% rename from src/datadogV2/model/model_run_historical_job_request_data_type.rs rename to src/datadogV2/model/model_run_threat_hunting_job_request_data_type.rs index 886d602d6..7d22924ce 100644 --- a/src/datadogV2/model/model_run_historical_job_request_data_type.rs +++ b/src/datadogV2/model/model_run_threat_hunting_job_request_data_type.rs @@ -6,12 +6,12 @@ use serde::{Deserialize, Deserializer, Serialize, Serializer}; #[non_exhaustive] #[derive(Clone, Debug, Eq, PartialEq)] -pub enum RunHistoricalJobRequestDataType { +pub enum RunThreatHuntingJobRequestDataType { HISTORICALDETECTIONSJOBCREATE, UnparsedObject(crate::datadog::UnparsedObject), } -impl ToString for RunHistoricalJobRequestDataType { +impl ToString for RunThreatHuntingJobRequestDataType { fn to_string(&self) -> String { match self { Self::HISTORICALDETECTIONSJOBCREATE => String::from("historicalDetectionsJobCreate"), @@ -20,7 +20,7 @@ impl ToString for RunHistoricalJobRequestDataType { } } -impl Serialize for RunHistoricalJobRequestDataType { +impl Serialize for RunThreatHuntingJobRequestDataType { fn serialize(&self, serializer: S) -> Result where S: Serializer, @@ -32,7 +32,7 @@ impl Serialize for RunHistoricalJobRequestDataType { } } -impl<'de> Deserialize<'de> for RunHistoricalJobRequestDataType { +impl<'de> Deserialize<'de> for RunThreatHuntingJobRequestDataType { fn deserialize(deserializer: D) -> Result where D: Deserializer<'de>, diff --git a/src/datadogV2/model/model_historical_job_data_type.rs b/src/datadogV2/model/model_threat_hunting_job_data_type.rs similarity index 88% rename from src/datadogV2/model/model_historical_job_data_type.rs rename to src/datadogV2/model/model_threat_hunting_job_data_type.rs index e373b47a0..e276f0c8c 100644 --- a/src/datadogV2/model/model_historical_job_data_type.rs +++ b/src/datadogV2/model/model_threat_hunting_job_data_type.rs @@ -6,12 +6,12 @@ use serde::{Deserialize, Deserializer, Serialize, Serializer}; #[non_exhaustive] #[derive(Clone, Debug, Eq, PartialEq)] -pub enum HistoricalJobDataType { +pub enum ThreatHuntingJobDataType { HISTORICALDETECTIONSJOB, UnparsedObject(crate::datadog::UnparsedObject), } -impl ToString for HistoricalJobDataType { +impl ToString for ThreatHuntingJobDataType { fn to_string(&self) -> String { match self { Self::HISTORICALDETECTIONSJOB => String::from("historicalDetectionsJob"), @@ -20,7 +20,7 @@ impl ToString for HistoricalJobDataType { } } -impl Serialize for HistoricalJobDataType { +impl Serialize for ThreatHuntingJobDataType { fn serialize(&self, serializer: S) -> Result where S: Serializer, @@ -32,7 +32,7 @@ impl Serialize for HistoricalJobDataType { } } -impl<'de> Deserialize<'de> for HistoricalJobDataType { +impl<'de> Deserialize<'de> for ThreatHuntingJobDataType { fn deserialize(deserializer: D) -> Result where D: Deserializer<'de>, diff --git a/src/datadogV2/model/model_historical_job_list_meta.rs b/src/datadogV2/model/model_threat_hunting_job_list_meta.rs similarity index 84% rename from src/datadogV2/model/model_historical_job_list_meta.rs rename to src/datadogV2/model/model_threat_hunting_job_list_meta.rs index 57c873477..01860ebaa 100644 --- a/src/datadogV2/model/model_historical_job_list_meta.rs +++ b/src/datadogV2/model/model_threat_hunting_job_list_meta.rs @@ -10,7 +10,7 @@ use std::fmt::{self, Formatter}; #[non_exhaustive] #[skip_serializing_none] #[derive(Clone, Debug, PartialEq, Serialize)] -pub struct HistoricalJobListMeta { +pub struct ThreatHuntingJobListMeta { /// Number of jobs in the list. #[serde(rename = "totalCount")] pub total_count: Option, @@ -21,9 +21,9 @@ pub struct HistoricalJobListMeta { pub(crate) _unparsed: bool, } -impl HistoricalJobListMeta { - pub fn new() -> HistoricalJobListMeta { - HistoricalJobListMeta { +impl ThreatHuntingJobListMeta { + pub fn new() -> ThreatHuntingJobListMeta { + ThreatHuntingJobListMeta { total_count: None, additional_properties: std::collections::BTreeMap::new(), _unparsed: false, @@ -44,20 +44,20 @@ impl HistoricalJobListMeta { } } -impl Default for HistoricalJobListMeta { +impl Default for ThreatHuntingJobListMeta { fn default() -> Self { Self::new() } } -impl<'de> Deserialize<'de> for HistoricalJobListMeta { +impl<'de> Deserialize<'de> for ThreatHuntingJobListMeta { fn deserialize(deserializer: D) -> Result where D: Deserializer<'de>, { - struct HistoricalJobListMetaVisitor; - impl<'a> Visitor<'a> for HistoricalJobListMetaVisitor { - type Value = HistoricalJobListMeta; + struct ThreatHuntingJobListMetaVisitor; + impl<'a> Visitor<'a> for ThreatHuntingJobListMetaVisitor { + type Value = ThreatHuntingJobListMeta; fn expecting(&self, f: &mut Formatter<'_>) -> fmt::Result { f.write_str("a mapping") @@ -91,7 +91,7 @@ impl<'de> Deserialize<'de> for HistoricalJobListMeta { } } - let content = HistoricalJobListMeta { + let content = ThreatHuntingJobListMeta { total_count, additional_properties, _unparsed, @@ -101,6 +101,6 @@ impl<'de> Deserialize<'de> for HistoricalJobListMeta { } } - deserializer.deserialize_any(HistoricalJobListMetaVisitor) + deserializer.deserialize_any(ThreatHuntingJobListMetaVisitor) } } diff --git a/src/datadogV2/model/model_historical_job_options.rs b/src/datadogV2/model/model_threat_hunting_job_options.rs similarity index 95% rename from src/datadogV2/model/model_historical_job_options.rs rename to src/datadogV2/model/model_threat_hunting_job_options.rs index 13905deb7..68de94ec6 100644 --- a/src/datadogV2/model/model_historical_job_options.rs +++ b/src/datadogV2/model/model_threat_hunting_job_options.rs @@ -10,7 +10,7 @@ use std::fmt::{self, Formatter}; #[non_exhaustive] #[skip_serializing_none] #[derive(Clone, Debug, PartialEq, Serialize)] -pub struct HistoricalJobOptions { +pub struct ThreatHuntingJobOptions { /// The detection method. #[serde(rename = "detectionMethod")] pub detection_method: Option, @@ -49,9 +49,9 @@ pub struct HistoricalJobOptions { pub(crate) _unparsed: bool, } -impl HistoricalJobOptions { - pub fn new() -> HistoricalJobOptions { - HistoricalJobOptions { +impl ThreatHuntingJobOptions { + pub fn new() -> ThreatHuntingJobOptions { + ThreatHuntingJobOptions { detection_method: None, evaluation_window: None, impossible_travel_options: None, @@ -138,20 +138,20 @@ impl HistoricalJobOptions { } } -impl Default for HistoricalJobOptions { +impl Default for ThreatHuntingJobOptions { fn default() -> Self { Self::new() } } -impl<'de> Deserialize<'de> for HistoricalJobOptions { +impl<'de> Deserialize<'de> for ThreatHuntingJobOptions { fn deserialize(deserializer: D) -> Result where D: Deserializer<'de>, { - struct HistoricalJobOptionsVisitor; - impl<'a> Visitor<'a> for HistoricalJobOptionsVisitor { - type Value = HistoricalJobOptions; + struct ThreatHuntingJobOptionsVisitor; + impl<'a> Visitor<'a> for ThreatHuntingJobOptionsVisitor { + type Value = ThreatHuntingJobOptions; fn expecting(&self, f: &mut Formatter<'_>) -> fmt::Result { f.write_str("a mapping") @@ -288,7 +288,7 @@ impl<'de> Deserialize<'de> for HistoricalJobOptions { } } - let content = HistoricalJobOptions { + let content = ThreatHuntingJobOptions { detection_method, evaluation_window, impossible_travel_options, @@ -305,6 +305,6 @@ impl<'de> Deserialize<'de> for HistoricalJobOptions { } } - deserializer.deserialize_any(HistoricalJobOptionsVisitor) + deserializer.deserialize_any(ThreatHuntingJobOptionsVisitor) } } diff --git a/src/datadogV2/model/model_historical_job_query.rs b/src/datadogV2/model/model_threat_hunting_job_query.rs similarity index 94% rename from src/datadogV2/model/model_historical_job_query.rs rename to src/datadogV2/model/model_threat_hunting_job_query.rs index 6319dc957..bcaedaa75 100644 --- a/src/datadogV2/model/model_historical_job_query.rs +++ b/src/datadogV2/model/model_threat_hunting_job_query.rs @@ -6,11 +6,11 @@ use serde::{Deserialize, Deserializer, Serialize}; use serde_with::skip_serializing_none; use std::fmt::{self, Formatter}; -/// Query for selecting logs analyzed by the historical job. +/// Query for selecting logs analyzed by the threat hunting job. #[non_exhaustive] #[skip_serializing_none] #[derive(Clone, Debug, PartialEq, Serialize)] -pub struct HistoricalJobQuery { +pub struct ThreatHuntingJobQuery { /// The aggregation type. #[serde(rename = "aggregation")] pub aggregation: Option, @@ -42,9 +42,9 @@ pub struct HistoricalJobQuery { pub(crate) _unparsed: bool, } -impl HistoricalJobQuery { - pub fn new() -> HistoricalJobQuery { - HistoricalJobQuery { +impl ThreatHuntingJobQuery { + pub fn new() -> ThreatHuntingJobQuery { + ThreatHuntingJobQuery { aggregation: None, data_source: None, distinct_fields: None, @@ -113,20 +113,20 @@ impl HistoricalJobQuery { } } -impl Default for HistoricalJobQuery { +impl Default for ThreatHuntingJobQuery { fn default() -> Self { Self::new() } } -impl<'de> Deserialize<'de> for HistoricalJobQuery { +impl<'de> Deserialize<'de> for ThreatHuntingJobQuery { fn deserialize(deserializer: D) -> Result where D: Deserializer<'de>, { - struct HistoricalJobQueryVisitor; - impl<'a> Visitor<'a> for HistoricalJobQueryVisitor { - type Value = HistoricalJobQuery; + struct ThreatHuntingJobQueryVisitor; + impl<'a> Visitor<'a> for ThreatHuntingJobQueryVisitor { + type Value = ThreatHuntingJobQuery; fn expecting(&self, f: &mut Formatter<'_>) -> fmt::Result { f.write_str("a mapping") @@ -233,7 +233,7 @@ impl<'de> Deserialize<'de> for HistoricalJobQuery { } } - let content = HistoricalJobQuery { + let content = ThreatHuntingJobQuery { aggregation, data_source, distinct_fields, @@ -250,6 +250,6 @@ impl<'de> Deserialize<'de> for HistoricalJobQuery { } } - deserializer.deserialize_any(HistoricalJobQueryVisitor) + deserializer.deserialize_any(ThreatHuntingJobQueryVisitor) } } diff --git a/src/datadogV2/model/model_historical_job_response.rs b/src/datadogV2/model/model_threat_hunting_job_response.rs similarity index 74% rename from src/datadogV2/model/model_historical_job_response.rs rename to src/datadogV2/model/model_threat_hunting_job_response.rs index e2db2a88b..eb85bd5a9 100644 --- a/src/datadogV2/model/model_historical_job_response.rs +++ b/src/datadogV2/model/model_threat_hunting_job_response.rs @@ -6,14 +6,14 @@ use serde::{Deserialize, Deserializer, Serialize}; use serde_with::skip_serializing_none; use std::fmt::{self, Formatter}; -/// Historical job response. +/// Threat hunting job response. #[non_exhaustive] #[skip_serializing_none] #[derive(Clone, Debug, PartialEq, Serialize)] -pub struct HistoricalJobResponse { - /// Historical job response data. +pub struct ThreatHuntingJobResponse { + /// Threat hunting job response data. #[serde(rename = "data")] - pub data: Option, + pub data: Option, #[serde(flatten)] pub additional_properties: std::collections::BTreeMap, #[serde(skip)] @@ -21,16 +21,16 @@ pub struct HistoricalJobResponse { pub(crate) _unparsed: bool, } -impl HistoricalJobResponse { - pub fn new() -> HistoricalJobResponse { - HistoricalJobResponse { +impl ThreatHuntingJobResponse { + pub fn new() -> ThreatHuntingJobResponse { + ThreatHuntingJobResponse { data: None, additional_properties: std::collections::BTreeMap::new(), _unparsed: false, } } - pub fn data(mut self, value: crate::datadogV2::model::HistoricalJobResponseData) -> Self { + pub fn data(mut self, value: crate::datadogV2::model::ThreatHuntingJobResponseData) -> Self { self.data = Some(value); self } @@ -44,20 +44,20 @@ impl HistoricalJobResponse { } } -impl Default for HistoricalJobResponse { +impl Default for ThreatHuntingJobResponse { fn default() -> Self { Self::new() } } -impl<'de> Deserialize<'de> for HistoricalJobResponse { +impl<'de> Deserialize<'de> for ThreatHuntingJobResponse { fn deserialize(deserializer: D) -> Result where D: Deserializer<'de>, { - struct HistoricalJobResponseVisitor; - impl<'a> Visitor<'a> for HistoricalJobResponseVisitor { - type Value = HistoricalJobResponse; + struct ThreatHuntingJobResponseVisitor; + impl<'a> Visitor<'a> for ThreatHuntingJobResponseVisitor { + type Value = ThreatHuntingJobResponse; fn expecting(&self, f: &mut Formatter<'_>) -> fmt::Result { f.write_str("a mapping") @@ -67,7 +67,7 @@ impl<'de> Deserialize<'de> for HistoricalJobResponse { where M: MapAccess<'a>, { - let mut data: Option = None; + let mut data: Option = None; let mut additional_properties: std::collections::BTreeMap< String, serde_json::Value, @@ -90,7 +90,7 @@ impl<'de> Deserialize<'de> for HistoricalJobResponse { } } - let content = HistoricalJobResponse { + let content = ThreatHuntingJobResponse { data, additional_properties, _unparsed, @@ -100,6 +100,6 @@ impl<'de> Deserialize<'de> for HistoricalJobResponse { } } - deserializer.deserialize_any(HistoricalJobResponseVisitor) + deserializer.deserialize_any(ThreatHuntingJobResponseVisitor) } } diff --git a/src/datadogV2/model/model_historical_job_response_attributes.rs b/src/datadogV2/model/model_threat_hunting_job_response_attributes.rs similarity index 91% rename from src/datadogV2/model/model_historical_job_response_attributes.rs rename to src/datadogV2/model/model_threat_hunting_job_response_attributes.rs index 933b5c8b3..adcde39cc 100644 --- a/src/datadogV2/model/model_historical_job_response_attributes.rs +++ b/src/datadogV2/model/model_threat_hunting_job_response_attributes.rs @@ -6,11 +6,11 @@ use serde::{Deserialize, Deserializer, Serialize}; use serde_with::skip_serializing_none; use std::fmt::{self, Formatter}; -/// Historical job attributes. +/// Threat hunting job attributes. #[non_exhaustive] #[skip_serializing_none] #[derive(Clone, Debug, PartialEq, Serialize)] -pub struct HistoricalJobResponseAttributes { +pub struct ThreatHuntingJobResponseAttributes { /// Time when the job was created. #[serde(rename = "createdAt")] pub created_at: Option, @@ -23,7 +23,7 @@ pub struct HistoricalJobResponseAttributes { /// ID of the rule used to create the job (if it is created from a rule). #[serde(rename = "createdFromRuleId")] pub created_from_rule_id: Option, - /// Definition of a historical job. + /// Definition of a threat hunting job. #[serde(rename = "jobDefinition")] pub job_definition: Option, /// Job name. @@ -42,9 +42,9 @@ pub struct HistoricalJobResponseAttributes { pub(crate) _unparsed: bool, } -impl HistoricalJobResponseAttributes { - pub fn new() -> HistoricalJobResponseAttributes { - HistoricalJobResponseAttributes { +impl ThreatHuntingJobResponseAttributes { + pub fn new() -> ThreatHuntingJobResponseAttributes { + ThreatHuntingJobResponseAttributes { created_at: None, created_by_handle: None, created_by_name: None, @@ -107,20 +107,20 @@ impl HistoricalJobResponseAttributes { } } -impl Default for HistoricalJobResponseAttributes { +impl Default for ThreatHuntingJobResponseAttributes { fn default() -> Self { Self::new() } } -impl<'de> Deserialize<'de> for HistoricalJobResponseAttributes { +impl<'de> Deserialize<'de> for ThreatHuntingJobResponseAttributes { fn deserialize(deserializer: D) -> Result where D: Deserializer<'de>, { - struct HistoricalJobResponseAttributesVisitor; - impl<'a> Visitor<'a> for HistoricalJobResponseAttributesVisitor { - type Value = HistoricalJobResponseAttributes; + struct ThreatHuntingJobResponseAttributesVisitor; + impl<'a> Visitor<'a> for ThreatHuntingJobResponseAttributesVisitor { + type Value = ThreatHuntingJobResponseAttributes; fn expecting(&self, f: &mut Formatter<'_>) -> fmt::Result { f.write_str("a mapping") @@ -207,7 +207,7 @@ impl<'de> Deserialize<'de> for HistoricalJobResponseAttributes { } } - let content = HistoricalJobResponseAttributes { + let content = ThreatHuntingJobResponseAttributes { created_at, created_by_handle, created_by_name, @@ -224,6 +224,6 @@ impl<'de> Deserialize<'de> for HistoricalJobResponseAttributes { } } - deserializer.deserialize_any(HistoricalJobResponseAttributesVisitor) + deserializer.deserialize_any(ThreatHuntingJobResponseAttributesVisitor) } } diff --git a/src/datadogV2/model/model_historical_job_response_data.rs b/src/datadogV2/model/model_threat_hunting_job_response_data.rs similarity index 76% rename from src/datadogV2/model/model_historical_job_response_data.rs rename to src/datadogV2/model/model_threat_hunting_job_response_data.rs index 5b8dd8127..267b1acbb 100644 --- a/src/datadogV2/model/model_historical_job_response_data.rs +++ b/src/datadogV2/model/model_threat_hunting_job_response_data.rs @@ -6,20 +6,20 @@ use serde::{Deserialize, Deserializer, Serialize}; use serde_with::skip_serializing_none; use std::fmt::{self, Formatter}; -/// Historical job response data. +/// Threat hunting job response data. #[non_exhaustive] #[skip_serializing_none] #[derive(Clone, Debug, PartialEq, Serialize)] -pub struct HistoricalJobResponseData { - /// Historical job attributes. +pub struct ThreatHuntingJobResponseData { + /// Threat hunting job attributes. #[serde(rename = "attributes")] - pub attributes: Option, + pub attributes: Option, /// ID of the job. #[serde(rename = "id")] pub id: Option, /// Type of payload. #[serde(rename = "type")] - pub type_: Option, + pub type_: Option, #[serde(flatten)] pub additional_properties: std::collections::BTreeMap, #[serde(skip)] @@ -27,9 +27,9 @@ pub struct HistoricalJobResponseData { pub(crate) _unparsed: bool, } -impl HistoricalJobResponseData { - pub fn new() -> HistoricalJobResponseData { - HistoricalJobResponseData { +impl ThreatHuntingJobResponseData { + pub fn new() -> ThreatHuntingJobResponseData { + ThreatHuntingJobResponseData { attributes: None, id: None, type_: None, @@ -40,7 +40,7 @@ impl HistoricalJobResponseData { pub fn attributes( mut self, - value: crate::datadogV2::model::HistoricalJobResponseAttributes, + value: crate::datadogV2::model::ThreatHuntingJobResponseAttributes, ) -> Self { self.attributes = Some(value); self @@ -51,7 +51,7 @@ impl HistoricalJobResponseData { self } - pub fn type_(mut self, value: crate::datadogV2::model::HistoricalJobDataType) -> Self { + pub fn type_(mut self, value: crate::datadogV2::model::ThreatHuntingJobDataType) -> Self { self.type_ = Some(value); self } @@ -65,20 +65,20 @@ impl HistoricalJobResponseData { } } -impl Default for HistoricalJobResponseData { +impl Default for ThreatHuntingJobResponseData { fn default() -> Self { Self::new() } } -impl<'de> Deserialize<'de> for HistoricalJobResponseData { +impl<'de> Deserialize<'de> for ThreatHuntingJobResponseData { fn deserialize(deserializer: D) -> Result where D: Deserializer<'de>, { - struct HistoricalJobResponseDataVisitor; - impl<'a> Visitor<'a> for HistoricalJobResponseDataVisitor { - type Value = HistoricalJobResponseData; + struct ThreatHuntingJobResponseDataVisitor; + impl<'a> Visitor<'a> for ThreatHuntingJobResponseDataVisitor { + type Value = ThreatHuntingJobResponseData; fn expecting(&self, f: &mut Formatter<'_>) -> fmt::Result { f.write_str("a mapping") @@ -89,10 +89,10 @@ impl<'de> Deserialize<'de> for HistoricalJobResponseData { M: MapAccess<'a>, { let mut attributes: Option< - crate::datadogV2::model::HistoricalJobResponseAttributes, + crate::datadogV2::model::ThreatHuntingJobResponseAttributes, > = None; let mut id: Option = None; - let mut type_: Option = None; + let mut type_: Option = None; let mut additional_properties: std::collections::BTreeMap< String, serde_json::Value, @@ -120,7 +120,7 @@ impl<'de> Deserialize<'de> for HistoricalJobResponseData { type_ = Some(serde_json::from_value(v).map_err(M::Error::custom)?); if let Some(ref _type_) = type_ { match _type_ { - crate::datadogV2::model::HistoricalJobDataType::UnparsedObject(_type_) => { + crate::datadogV2::model::ThreatHuntingJobDataType::UnparsedObject(_type_) => { _unparsed = true; }, _ => {} @@ -135,7 +135,7 @@ impl<'de> Deserialize<'de> for HistoricalJobResponseData { } } - let content = HistoricalJobResponseData { + let content = ThreatHuntingJobResponseData { attributes, id, type_, @@ -147,6 +147,6 @@ impl<'de> Deserialize<'de> for HistoricalJobResponseData { } } - deserializer.deserialize_any(HistoricalJobResponseDataVisitor) + deserializer.deserialize_any(ThreatHuntingJobResponseDataVisitor) } } diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-Bad-Request-response.frozen b/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-Bad-Request-response.frozen index bf92f15d9..633b88ea1 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-Bad-Request-response.frozen +++ b/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-Bad-Request-response.frozen @@ -1 +1 @@ -2024-11-08T09:54:38.539Z \ No newline at end of file +2025-10-24T14:24:00.041Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-Bad-Request-response.json b/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-Bad-Request-response.json index 3651f51d0..76265e06a 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-Bad-Request-response.json +++ b/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-Bad-Request-response.json @@ -9,7 +9,7 @@ ] }, "method": "patch", - "uri": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/inva-lid/cancel" + "uri": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/inva-lid/cancel" }, "response": { "body": { @@ -26,7 +26,7 @@ "message": "Bad Request" } }, - "recorded_at": "Fri, 08 Nov 2024 09:54:38 GMT" + "recorded_at": "Fri, 24 Oct 2025 14:24:00 GMT" } ], "recorded_with": "VCR 6.0.0" diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-Not-Found-response.frozen b/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-Not-Found-response.frozen index 8bf8faeef..213014e1d 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-Not-Found-response.frozen +++ b/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-Not-Found-response.frozen @@ -1 +1 @@ -2024-11-08T09:54:39.006Z \ No newline at end of file +2025-10-24T14:24:00.856Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-Not-Found-response.json b/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-Not-Found-response.json index 6b2e8bff1..b63adf7f9 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-Not-Found-response.json +++ b/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-Not-Found-response.json @@ -9,11 +9,11 @@ ] }, "method": "patch", - "uri": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93/cancel" + "uri": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93/cancel" }, "response": { "body": { - "string": "{\"errors\":[{\"status\":\"404\",\"title\":\"Not Found\",\"detail\":\"Job 8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93 was not found.\"}]}", + "string": "{\"errors\":[{\"status\":\"404\",\"detail\":\"Not Found\"}]}", "encoding": null }, "headers": { @@ -26,7 +26,7 @@ "message": "Not Found" } }, - "recorded_at": "Fri, 08 Nov 2024 09:54:39 GMT" + "recorded_at": "Fri, 24 Oct 2025 14:24:00 GMT" } ], "recorded_with": "VCR 6.0.0" diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-OK-response.frozen b/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-OK-response.frozen index 8eee63f58..9b9326abb 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-OK-response.frozen +++ b/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-OK-response.frozen @@ -1 +1 @@ -2024-11-08T09:54:39.082Z \ No newline at end of file +2025-10-24T14:24:00.975Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-OK-response.json b/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-OK-response.json index 87b983ab7..54a0df55b 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-OK-response.json +++ b/tests/scenarios/cassettes/v2/security_monitoring/Cancel-a-historical-job-returns-OK-response.json @@ -15,11 +15,11 @@ ] }, "method": "post", - "uri": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs" + "uri": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs" }, "response": { "body": { - "string": "{\"data\":{\"id\":\"e332b07e-d573-45fa-b2df-9a1bcc27f17e\",\"type\":\"historicalDetectionsJob\"}}", + "string": "{\"data\":{\"id\":\"cafe565c-106b-486e-ad21-a712656723b4\",\"type\":\"historicalDetectionsJob\"}}", "encoding": null }, "headers": { @@ -32,7 +32,7 @@ "message": "Created" } }, - "recorded_at": "Fri, 08 Nov 2024 09:54:39 GMT" + "recorded_at": "Fri, 24 Oct 2025 14:24:00 GMT" }, { "request": { @@ -43,7 +43,7 @@ ] }, "method": "patch", - "uri": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/e332b07e-d573-45fa-b2df-9a1bcc27f17e/cancel" + "uri": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/cafe565c-106b-486e-ad21-a712656723b4/cancel" }, "response": { "body": { @@ -56,7 +56,7 @@ "message": "No Content" } }, - "recorded_at": "Fri, 08 Nov 2024 09:54:39 GMT" + "recorded_at": "Fri, 24 Oct 2025 14:24:00 GMT" } ], "recorded_with": "VCR 6.0.0" diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Convert-a-job-result-to-a-signal-returns-Bad-Request-response.frozen b/tests/scenarios/cassettes/v2/security_monitoring/Convert-a-job-result-to-a-signal-returns-Bad-Request-response.frozen index b819957f3..ba1f583e5 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Convert-a-job-result-to-a-signal-returns-Bad-Request-response.frozen +++ b/tests/scenarios/cassettes/v2/security_monitoring/Convert-a-job-result-to-a-signal-returns-Bad-Request-response.frozen @@ -1 +1 @@ -2024-11-08T09:54:39.280Z \ No newline at end of file +2025-10-24T14:24:01.235Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Convert-a-job-result-to-a-signal-returns-Bad-Request-response.json b/tests/scenarios/cassettes/v2/security_monitoring/Convert-a-job-result-to-a-signal-returns-Bad-Request-response.json index 72506ae87..2da3b2a58 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Convert-a-job-result-to-a-signal-returns-Bad-Request-response.json +++ b/tests/scenarios/cassettes/v2/security_monitoring/Convert-a-job-result-to-a-signal-returns-Bad-Request-response.json @@ -15,7 +15,7 @@ ] }, "method": "post", - "uri": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/signal_convert" + "uri": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/signal_convert" }, "response": { "body": { @@ -32,7 +32,7 @@ "message": "Bad Request" } }, - "recorded_at": "Fri, 08 Nov 2024 09:54:39 GMT" + "recorded_at": "Fri, 24 Oct 2025 14:24:01 GMT" } ], "recorded_with": "VCR 6.0.0" diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Delete-an-existing-job-returns-Bad-Request-response.frozen b/tests/scenarios/cassettes/v2/security_monitoring/Delete-an-existing-job-returns-Bad-Request-response.frozen index 553556ed2..cf2f32dfa 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Delete-an-existing-job-returns-Bad-Request-response.frozen +++ b/tests/scenarios/cassettes/v2/security_monitoring/Delete-an-existing-job-returns-Bad-Request-response.frozen @@ -1 +1 @@ -2024-11-08T09:54:39.371Z \ No newline at end of file +2025-10-24T14:24:01.339Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Delete-an-existing-job-returns-Bad-Request-response.json b/tests/scenarios/cassettes/v2/security_monitoring/Delete-an-existing-job-returns-Bad-Request-response.json index f011b2a02..a65d874ac 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Delete-an-existing-job-returns-Bad-Request-response.json +++ b/tests/scenarios/cassettes/v2/security_monitoring/Delete-an-existing-job-returns-Bad-Request-response.json @@ -9,7 +9,7 @@ ] }, "method": "delete", - "uri": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/inva-lid" + "uri": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/inva-lid" }, "response": { "body": { @@ -26,7 +26,7 @@ "message": "Bad Request" } }, - "recorded_at": "Fri, 08 Nov 2024 09:54:39 GMT" + "recorded_at": "Fri, 24 Oct 2025 14:24:01 GMT" } ], "recorded_with": "VCR 6.0.0" diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Delete-an-existing-job-returns-Not-Found-response.frozen b/tests/scenarios/cassettes/v2/security_monitoring/Delete-an-existing-job-returns-Not-Found-response.frozen index e02fd6acb..68a6b0aca 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Delete-an-existing-job-returns-Not-Found-response.frozen +++ b/tests/scenarios/cassettes/v2/security_monitoring/Delete-an-existing-job-returns-Not-Found-response.frozen @@ -1 +1 @@ -2024-11-08T09:54:39.455Z \ No newline at end of file +2025-10-24T14:24:01.428Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Delete-an-existing-job-returns-Not-Found-response.json b/tests/scenarios/cassettes/v2/security_monitoring/Delete-an-existing-job-returns-Not-Found-response.json index 0b2943a71..1e41aa4b4 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Delete-an-existing-job-returns-Not-Found-response.json +++ b/tests/scenarios/cassettes/v2/security_monitoring/Delete-an-existing-job-returns-Not-Found-response.json @@ -9,11 +9,11 @@ ] }, "method": "delete", - "uri": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" + "uri": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" }, "response": { "body": { - "string": "{\"errors\":[{\"status\":\"404\",\"title\":\"Not Found\",\"detail\":\"Job 8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93 was not found.\"}]}", + "string": "{\"errors\":[{\"status\":\"404\",\"detail\":\"Not Found\"}]}", "encoding": null }, "headers": { @@ -26,7 +26,7 @@ "message": "Not Found" } }, - "recorded_at": "Fri, 08 Nov 2024 09:54:39 GMT" + "recorded_at": "Fri, 24 Oct 2025 14:24:01 GMT" } ], "recorded_with": "VCR 6.0.0" diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-Bad-Request-response.frozen b/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-Bad-Request-response.frozen index 14e960348..fa7eb2eaf 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-Bad-Request-response.frozen +++ b/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-Bad-Request-response.frozen @@ -1 +1 @@ -2024-11-08T09:54:39.538Z \ No newline at end of file +2025-10-24T14:24:01.540Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-Bad-Request-response.json b/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-Bad-Request-response.json index 6807cd351..d680b266f 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-Bad-Request-response.json +++ b/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-Bad-Request-response.json @@ -9,7 +9,7 @@ ] }, "method": "get", - "uri": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/inva-lid" + "uri": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/inva-lid" }, "response": { "body": { @@ -26,7 +26,7 @@ "message": "Bad Request" } }, - "recorded_at": "Fri, 08 Nov 2024 09:54:39 GMT" + "recorded_at": "Fri, 24 Oct 2025 14:24:01 GMT" } ], "recorded_with": "VCR 6.0.0" diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-Not-Found-response.frozen b/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-Not-Found-response.frozen index 5cc9a16c8..8b7389cc8 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-Not-Found-response.frozen +++ b/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-Not-Found-response.frozen @@ -1 +1 @@ -2024-11-08T09:54:39.611Z \ No newline at end of file +2025-10-24T14:24:01.618Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-Not-Found-response.json b/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-Not-Found-response.json index 22ba7e805..b0c20c188 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-Not-Found-response.json +++ b/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-Not-Found-response.json @@ -9,7 +9,7 @@ ] }, "method": "get", - "uri": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" + "uri": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" }, "response": { "body": { @@ -26,7 +26,7 @@ "message": "Not Found" } }, - "recorded_at": "Fri, 08 Nov 2024 09:54:39 GMT" + "recorded_at": "Fri, 24 Oct 2025 14:24:01 GMT" } ], "recorded_with": "VCR 6.0.0" diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-OK-response.frozen b/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-OK-response.frozen index 34c6fa068..6994ed270 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-OK-response.frozen +++ b/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-OK-response.frozen @@ -1 +1 @@ -2024-12-18T17:02:38.823Z \ No newline at end of file +2025-10-24T14:24:01.707Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-OK-response.json b/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-OK-response.json index 879d07d8f..a7a9f76ac 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-OK-response.json +++ b/tests/scenarios/cassettes/v2/security_monitoring/Get-a-job-s-details-returns-OK-response.json @@ -15,11 +15,11 @@ ] }, "method": "post", - "uri": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs" + "uri": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs" }, "response": { "body": { - "string": "{\"data\":{\"id\":\"fa90e7ac-998d-4bf4-9d32-2e831a1e9479\",\"type\":\"historicalDetectionsJob\"}}", + "string": "{\"data\":{\"id\":\"071b3516-4072-44d9-9288-d4adaa1db921\",\"type\":\"historicalDetectionsJob\"}}", "encoding": null }, "headers": { @@ -32,7 +32,7 @@ "message": "Created" } }, - "recorded_at": "Wed, 18 Dec 2024 17:02:38 GMT" + "recorded_at": "Fri, 24 Oct 2025 14:24:01 GMT" }, { "request": { @@ -43,11 +43,11 @@ ] }, "method": "get", - "uri": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/fa90e7ac-998d-4bf4-9d32-2e831a1e9479" + "uri": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs/071b3516-4072-44d9-9288-d4adaa1db921" }, "response": { "body": { - "string": "{\"data\":{\"id\":\"fa90e7ac-998d-4bf4-9d32-2e831a1e9479\",\"type\":\"historicalDetectionsJob\",\"attributes\":{\"createdAt\":\"2024-12-18 17:02:39.551791+00\",\"createdByHandle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"createdByName\":\"CI Account\",\"jobDefinition\":{\"from\":1730387522611,\"to\":1730387532611,\"index\":\"main\",\"name\":\"Excessive number of failed attempts.\",\"cases\":[{\"name\":\"Condition 1\",\"status\":\"info\",\"notifications\":[],\"condition\":\"a \\u003e 1\"}],\"queries\":[{\"query\":\"source:non_existing_src_weekend\",\"groupByFields\":[],\"hasOptionalGroupByFields\":false,\"distinctFields\":[],\"aggregation\":\"count\",\"name\":\"\"}],\"options\":{\"evaluationWindow\":900,\"detectionMethod\":\"threshold\",\"maxSignalDuration\":86400,\"keepAlive\":3600},\"message\":\"A large number of failed login attempts.\",\"tags\":[],\"type\":\"log_detection\"},\"jobName\":\"Excessive number of failed attempts.\",\"jobStatus\":\"pending\",\"modifiedAt\":\"2024-12-18 17:02:39.551791+00\"}}}", + "string": "{\"data\":{\"id\":\"071b3516-4072-44d9-9288-d4adaa1db921\",\"type\":\"historicalDetectionsJob\",\"attributes\":{\"createdAt\":\"2025-10-24 14:24:02.057923+00\",\"createdByHandle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"createdByName\":\"CI Account\",\"jobDefinition\":{\"from\":1730387522611,\"to\":1730387532611,\"index\":\"main\",\"name\":\"Excessive number of failed attempts.\",\"cases\":[{\"name\":\"Condition 1\",\"status\":\"info\",\"notifications\":[],\"condition\":\"a \\u003e 1\"}],\"queries\":[{\"query\":\"source:non_existing_src_weekend\",\"groupByFields\":[],\"hasOptionalGroupByFields\":false,\"distinctFields\":[],\"aggregation\":\"count\",\"name\":\"\",\"dataSource\":\"logs\"}],\"options\":{\"evaluationWindow\":900,\"detectionMethod\":\"threshold\",\"maxSignalDuration\":86400,\"keepAlive\":3600},\"message\":\"A large number of failed login attempts.\",\"tags\":[],\"type\":\"log_detection\"},\"jobName\":\"Excessive number of failed attempts.\",\"jobStatus\":\"pending\",\"modifiedAt\":\"2025-10-24 14:24:02.057923+00\"}}}", "encoding": null }, "headers": { @@ -60,7 +60,7 @@ "message": "OK" } }, - "recorded_at": "Wed, 18 Dec 2024 17:02:38 GMT" + "recorded_at": "Fri, 24 Oct 2025 14:24:01 GMT" } ], "recorded_with": "VCR 6.0.0" diff --git a/tests/scenarios/cassettes/v2/security_monitoring/List-historical-jobs-returns-OK-response.frozen b/tests/scenarios/cassettes/v2/security_monitoring/List-historical-jobs-returns-OK-response.frozen index b139681f6..2c0d4ff4e 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/List-historical-jobs-returns-OK-response.frozen +++ b/tests/scenarios/cassettes/v2/security_monitoring/List-historical-jobs-returns-OK-response.frozen @@ -1 +1 @@ -2024-12-18T17:02:39.880Z \ No newline at end of file +2025-10-24T14:24:02.188Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/v2/security_monitoring/List-historical-jobs-returns-OK-response.json b/tests/scenarios/cassettes/v2/security_monitoring/List-historical-jobs-returns-OK-response.json index 3d498a2df..231947960 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/List-historical-jobs-returns-OK-response.json +++ b/tests/scenarios/cassettes/v2/security_monitoring/List-historical-jobs-returns-OK-response.json @@ -15,11 +15,11 @@ ] }, "method": "post", - "uri": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs" + "uri": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs" }, "response": { "body": { - "string": "{\"data\":{\"id\":\"7b16f110-0ce9-46cd-9dad-b658ced2ac50\",\"type\":\"historicalDetectionsJob\"}}", + "string": "{\"data\":{\"id\":\"e935c6c8-ba76-4ebf-8770-bb772a5ec1ed\",\"type\":\"historicalDetectionsJob\"}}", "encoding": null }, "headers": { @@ -32,7 +32,7 @@ "message": "Created" } }, - "recorded_at": "Wed, 18 Dec 2024 17:02:39 GMT" + "recorded_at": "Fri, 24 Oct 2025 14:24:02 GMT" }, { "request": { @@ -43,11 +43,11 @@ ] }, "method": "get", - "uri": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs?filter%5Bquery%5D=id%3A7b16f110-0ce9-46cd-9dad-b658ced2ac50" + "uri": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs?filter%5Bquery%5D=id%3Ae935c6c8-ba76-4ebf-8770-bb772a5ec1ed" }, "response": { "body": { - "string": "{\"data\":[{\"id\":\"7b16f110-0ce9-46cd-9dad-b658ced2ac50\",\"type\":\"historicalDetectionsJob\",\"attributes\":{\"createdAt\":\"2024-12-18 17:02:40.144396+00\",\"createdByHandle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"createdByName\":\"CI Account\",\"jobDefinition\":{\"from\":1730387522611,\"to\":1730387532611,\"index\":\"main\",\"name\":\"Excessive number of failed attempts.\",\"cases\":[{\"name\":\"Condition 1\",\"status\":\"info\",\"notifications\":[],\"condition\":\"a \\u003e 1\"}],\"queries\":[{\"query\":\"source:non_existing_src_weekend\",\"groupByFields\":[],\"hasOptionalGroupByFields\":false,\"distinctFields\":[],\"aggregation\":\"count\",\"name\":\"\"}],\"options\":{\"evaluationWindow\":900,\"detectionMethod\":\"threshold\",\"maxSignalDuration\":86400,\"keepAlive\":3600},\"message\":\"A large number of failed login attempts.\",\"tags\":[],\"type\":\"log_detection\"},\"jobName\":\"Excessive number of failed attempts.\",\"jobStatus\":\"pending\",\"modifiedAt\":\"2024-12-18 17:02:40.144396+00\"}}],\"meta\":{\"totalCount\":1}}", + "string": "{\"data\":[{\"id\":\"e935c6c8-ba76-4ebf-8770-bb772a5ec1ed\",\"type\":\"historicalDetectionsJob\",\"attributes\":{\"createdAt\":\"2025-10-24 14:24:02.256887+00\",\"createdByHandle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"createdByName\":\"CI Account\",\"jobDefinition\":{\"from\":1730387522611,\"to\":1730387532611,\"index\":\"main\",\"name\":\"Excessive number of failed attempts.\",\"cases\":[{\"name\":\"Condition 1\",\"status\":\"info\",\"notifications\":[],\"condition\":\"a \\u003e 1\"}],\"queries\":[{\"query\":\"source:non_existing_src_weekend\",\"groupByFields\":[],\"hasOptionalGroupByFields\":false,\"distinctFields\":[],\"aggregation\":\"count\",\"name\":\"\",\"dataSource\":\"logs\"}],\"options\":{\"evaluationWindow\":900,\"detectionMethod\":\"threshold\",\"maxSignalDuration\":86400,\"keepAlive\":3600},\"message\":\"A large number of failed login attempts.\",\"tags\":[],\"type\":\"log_detection\"},\"jobName\":\"Excessive number of failed attempts.\",\"jobStatus\":\"pending\",\"modifiedAt\":\"2025-10-24 14:24:02.256887+00\"}}],\"meta\":{\"totalCount\":1}}", "encoding": null }, "headers": { @@ -60,7 +60,7 @@ "message": "OK" } }, - "recorded_at": "Wed, 18 Dec 2024 17:02:39 GMT" + "recorded_at": "Fri, 24 Oct 2025 14:24:02 GMT" } ], "recorded_with": "VCR 6.0.0" diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Run-a-historical-job-returns-Bad-Request-response.frozen b/tests/scenarios/cassettes/v2/security_monitoring/Run-a-historical-job-returns-Bad-Request-response.frozen deleted file mode 100644 index 9720094d0..000000000 --- a/tests/scenarios/cassettes/v2/security_monitoring/Run-a-historical-job-returns-Bad-Request-response.frozen +++ /dev/null @@ -1 +0,0 @@ -2024-11-08T09:54:40.114Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Run-a-historical-job-returns-Not-Found-response.frozen b/tests/scenarios/cassettes/v2/security_monitoring/Run-a-historical-job-returns-Not-Found-response.frozen deleted file mode 100644 index 376ccf5d3..000000000 --- a/tests/scenarios/cassettes/v2/security_monitoring/Run-a-historical-job-returns-Not-Found-response.frozen +++ /dev/null @@ -1 +0,0 @@ -2025-06-26T16:57:47.524Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Run-a-historical-job-returns-Status-created-response.frozen b/tests/scenarios/cassettes/v2/security_monitoring/Run-a-historical-job-returns-Status-created-response.frozen deleted file mode 100644 index 3e9fdecb9..000000000 --- a/tests/scenarios/cassettes/v2/security_monitoring/Run-a-historical-job-returns-Status-created-response.frozen +++ /dev/null @@ -1 +0,0 @@ -2024-11-08T09:54:40.272Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Run-a-threat-hunting-job-returns-Bad-Request-response.frozen b/tests/scenarios/cassettes/v2/security_monitoring/Run-a-threat-hunting-job-returns-Bad-Request-response.frozen new file mode 100644 index 000000000..3776cfacf --- /dev/null +++ b/tests/scenarios/cassettes/v2/security_monitoring/Run-a-threat-hunting-job-returns-Bad-Request-response.frozen @@ -0,0 +1 @@ +2025-10-24T14:24:02.385Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Run-a-historical-job-returns-Bad-Request-response.json b/tests/scenarios/cassettes/v2/security_monitoring/Run-a-threat-hunting-job-returns-Bad-Request-response.json similarity index 91% rename from tests/scenarios/cassettes/v2/security_monitoring/Run-a-historical-job-returns-Bad-Request-response.json rename to tests/scenarios/cassettes/v2/security_monitoring/Run-a-threat-hunting-job-returns-Bad-Request-response.json index 7b3b476cc..94074209b 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Run-a-historical-job-returns-Bad-Request-response.json +++ b/tests/scenarios/cassettes/v2/security_monitoring/Run-a-threat-hunting-job-returns-Bad-Request-response.json @@ -15,7 +15,7 @@ ] }, "method": "post", - "uri": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs" + "uri": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs" }, "response": { "body": { @@ -32,7 +32,7 @@ "message": "Bad Request" } }, - "recorded_at": "Fri, 08 Nov 2024 09:54:40 GMT" + "recorded_at": "Fri, 24 Oct 2025 14:24:02 GMT" } ], "recorded_with": "VCR 6.0.0" diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Run-a-threat-hunting-job-returns-Not-Found-response.frozen b/tests/scenarios/cassettes/v2/security_monitoring/Run-a-threat-hunting-job-returns-Not-Found-response.frozen new file mode 100644 index 000000000..9cda11fb1 --- /dev/null +++ b/tests/scenarios/cassettes/v2/security_monitoring/Run-a-threat-hunting-job-returns-Not-Found-response.frozen @@ -0,0 +1 @@ +2025-10-24T14:24:02.486Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Run-a-historical-job-returns-Not-Found-response.json b/tests/scenarios/cassettes/v2/security_monitoring/Run-a-threat-hunting-job-returns-Not-Found-response.json similarity index 87% rename from tests/scenarios/cassettes/v2/security_monitoring/Run-a-historical-job-returns-Not-Found-response.json rename to tests/scenarios/cassettes/v2/security_monitoring/Run-a-threat-hunting-job-returns-Not-Found-response.json index bc52fb7d1..35ea208bf 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Run-a-historical-job-returns-Not-Found-response.json +++ b/tests/scenarios/cassettes/v2/security_monitoring/Run-a-threat-hunting-job-returns-Not-Found-response.json @@ -15,7 +15,7 @@ ] }, "method": "post", - "uri": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs" + "uri": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs" }, "response": { "body": { @@ -32,7 +32,7 @@ "message": "Not Found" } }, - "recorded_at": "Thu, 26 Jun 2025 16:57:47 GMT" + "recorded_at": "Fri, 24 Oct 2025 14:24:02 GMT" } ], "recorded_with": "VCR 6.0.0" diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Run-a-threat-hunting-job-returns-Status-created-response.frozen b/tests/scenarios/cassettes/v2/security_monitoring/Run-a-threat-hunting-job-returns-Status-created-response.frozen new file mode 100644 index 000000000..f914d8b24 --- /dev/null +++ b/tests/scenarios/cassettes/v2/security_monitoring/Run-a-threat-hunting-job-returns-Status-created-response.frozen @@ -0,0 +1 @@ +2025-10-24T14:24:02.570Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Run-a-historical-job-returns-Status-created-response.json b/tests/scenarios/cassettes/v2/security_monitoring/Run-a-threat-hunting-job-returns-Status-created-response.json similarity index 83% rename from tests/scenarios/cassettes/v2/security_monitoring/Run-a-historical-job-returns-Status-created-response.json rename to tests/scenarios/cassettes/v2/security_monitoring/Run-a-threat-hunting-job-returns-Status-created-response.json index 36cd4ac78..366c5dbfe 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Run-a-historical-job-returns-Status-created-response.json +++ b/tests/scenarios/cassettes/v2/security_monitoring/Run-a-threat-hunting-job-returns-Status-created-response.json @@ -15,11 +15,11 @@ ] }, "method": "post", - "uri": "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs" + "uri": "https://api.datadoghq.com/api/v2/siem-threat-hunting/jobs" }, "response": { "body": { - "string": "{\"data\":{\"id\":\"6f4c9c40-782b-4d14-900f-65ccc02389db\",\"type\":\"historicalDetectionsJob\"}}", + "string": "{\"data\":{\"id\":\"6ff7a8ce-a0d1-4ea3-8cc9-e9c52cda0d24\",\"type\":\"historicalDetectionsJob\"}}", "encoding": null }, "headers": { @@ -32,7 +32,7 @@ "message": "Created" } }, - "recorded_at": "Fri, 08 Nov 2024 09:54:40 GMT" + "recorded_at": "Fri, 24 Oct 2025 14:24:02 GMT" } ], "recorded_with": "VCR 6.0.0" diff --git a/tests/scenarios/features/v2/given.json b/tests/scenarios/features/v2/given.json index a4ab9c24b..7c9df160a 100644 --- a/tests/scenarios/features/v2/given.json +++ b/tests/scenarios/features/v2/given.json @@ -1086,10 +1086,10 @@ "value": "{\n \"data\": {\n \"type\": \"historicalDetectionsJobCreate\",\n \"attributes\": {\n \"jobDefinition\": {\n \"type\": \"log_detection\",\n \"name\": \"Excessive number of failed attempts.\",\n \"queries\": [\n {\n \"query\": \"source:non_existing_src_weekend\",\n \"aggregation\": \"count\",\n \"groupByFields\": [],\n \"distinctFields\": []\n }\n ],\n \"cases\": [\n {\n \"name\": \"Condition 1\",\n \"status\": \"info\",\n \"notifications\": [],\n \"condition\": \"a > 1\"\n }\n ],\n \"options\": {\n \"keepAlive\": 3600,\n \"maxSignalDuration\": 86400,\n \"evaluationWindow\": 900\n },\n \"message\": \"A large number of failed login attempts.\",\n \"tags\": [],\n \"from\": 1730387522611,\n \"to\": 1730387532611,\n \"index\": \"main\"\n }\n }\n }\n}" } ], - "step": "there is a valid \"historical_job\" in the system", - "key": "historical_job", + "step": "there is a valid \"threat_hunting_job\" in the system", + "key": "threat_hunting_job", "tag": "Security Monitoring", - "operationId": "RunHistoricalJob" + "operationId": "RunThreatHuntingJob" }, { "parameters": [ diff --git a/tests/scenarios/features/v2/security_monitoring.feature b/tests/scenarios/features/v2/security_monitoring.feature index 8e5e22baa..703fc3e46 100644 --- a/tests/scenarios/features/v2/security_monitoring.feature +++ b/tests/scenarios/features/v2/security_monitoring.feature @@ -11,38 +11,62 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Cancel a historical job returns "Bad Request" response - Given operation "CancelHistoricalJob" enabled - And new "CancelHistoricalJob" request + Given operation "CancelThreatHuntingJob" enabled + And new "CancelThreatHuntingJob" request And request contains "job_id" parameter with value "inva-lid" When the request is sent Then the response status is 400 Bad Request - @generated @skip @team:DataDog/k9-cloud-security-platform - Scenario: Cancel a historical job returns "Conflict" response - Given operation "CancelHistoricalJob" enabled - And new "CancelHistoricalJob" request - And request contains "job_id" parameter from "REPLACE.ME" - When the request is sent - Then the response status is 409 Conflict - @team:DataDog/k9-cloud-security-platform Scenario: Cancel a historical job returns "Not Found" response - Given operation "CancelHistoricalJob" enabled - And new "CancelHistoricalJob" request + Given operation "CancelThreatHuntingJob" enabled + And new "CancelThreatHuntingJob" request And request contains "job_id" parameter with value "8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" When the request is sent Then the response status is 404 Not Found @team:DataDog/k9-cloud-security-platform Scenario: Cancel a historical job returns "OK" response - Given operation "CancelHistoricalJob" enabled - And operation "RunHistoricalJob" enabled - And new "CancelHistoricalJob" request - And there is a valid "historical_job" in the system - And request contains "job_id" parameter from "historical_job.data.id" + Given operation "CancelThreatHuntingJob" enabled + And operation "RunThreatHuntingJob" enabled + And new "CancelThreatHuntingJob" request + And there is a valid "threat_hunting_job" in the system + And request contains "job_id" parameter from "threat_hunting_job.data.id" When the request is sent Then the response status is 204 No Content + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Cancel a threat hunting job returns "Bad Request" response + Given operation "CancelThreatHuntingJob" enabled + And new "CancelThreatHuntingJob" request + And request contains "job_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Cancel a threat hunting job returns "Conflict" response + Given operation "CancelThreatHuntingJob" enabled + And new "CancelThreatHuntingJob" request + And request contains "job_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 409 Conflict + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Cancel a threat hunting job returns "Not Found" response + Given operation "CancelThreatHuntingJob" enabled + And new "CancelThreatHuntingJob" request + And request contains "job_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 404 Not Found + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Cancel a threat hunting job returns "OK" response + Given operation "CancelThreatHuntingJob" enabled + And new "CancelThreatHuntingJob" request + And request contains "job_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 204 OK + @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Change the related incidents of a security signal returns "Bad Request" response Given new "EditSecurityMonitoringSignalIncidents" request @@ -477,32 +501,32 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Delete an existing job returns "Bad Request" response - Given operation "DeleteHistoricalJob" enabled - And new "DeleteHistoricalJob" request + Given operation "DeleteThreatHuntingJob" enabled + And new "DeleteThreatHuntingJob" request And request contains "job_id" parameter with value "inva-lid" When the request is sent Then the response status is 400 Bad Request @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Delete an existing job returns "Conflict" response - Given operation "DeleteHistoricalJob" enabled - And new "DeleteHistoricalJob" request + Given operation "DeleteThreatHuntingJob" enabled + And new "DeleteThreatHuntingJob" request And request contains "job_id" parameter from "REPLACE.ME" When the request is sent Then the response status is 409 Conflict @team:DataDog/k9-cloud-security-platform Scenario: Delete an existing job returns "Not Found" response - Given operation "DeleteHistoricalJob" enabled - And new "DeleteHistoricalJob" request + Given operation "DeleteThreatHuntingJob" enabled + And new "DeleteThreatHuntingJob" request And request contains "job_id" parameter with value "8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" When the request is sent Then the response status is 404 Not Found @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Delete an existing job returns "OK" response - Given operation "DeleteHistoricalJob" enabled - And new "DeleteHistoricalJob" request + Given operation "DeleteThreatHuntingJob" enabled + And new "DeleteThreatHuntingJob" request And request contains "job_id" parameter from "REPLACE.ME" When the request is sent Then the response status is 204 OK @@ -627,27 +651,27 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Get a job's details returns "Bad Request" response - Given operation "GetHistoricalJob" enabled - And new "GetHistoricalJob" request + Given operation "GetThreatHuntingJob" enabled + And new "GetThreatHuntingJob" request And request contains "job_id" parameter with value "inva-lid" When the request is sent Then the response status is 400 Bad Request @team:DataDog/k9-cloud-security-platform Scenario: Get a job's details returns "Not Found" response - Given operation "GetHistoricalJob" enabled - And new "GetHistoricalJob" request + Given operation "GetThreatHuntingJob" enabled + And new "GetThreatHuntingJob" request And request contains "job_id" parameter with value "8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" When the request is sent Then the response status is 404 Not Found @team:DataDog/k9-cloud-security-platform Scenario: Get a job's details returns "OK" response - Given operation "GetHistoricalJob" enabled - And operation "RunHistoricalJob" enabled - And new "GetHistoricalJob" request - And there is a valid "historical_job" in the system - And request contains "job_id" parameter from "historical_job.data.id" + Given operation "GetThreatHuntingJob" enabled + And operation "RunThreatHuntingJob" enabled + And new "GetThreatHuntingJob" request + And there is a valid "threat_hunting_job" in the system + And request contains "job_id" parameter from "threat_hunting_job.data.id" When the request is sent Then the response status is 200 OK @@ -1021,20 +1045,13 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK - @generated @skip @team:DataDog/k9-cloud-security-platform - Scenario: List historical jobs returns "Bad Request" response - Given operation "ListHistoricalJobs" enabled - And new "ListHistoricalJobs" request - When the request is sent - Then the response status is 400 Bad Request - @team:DataDog/k9-cloud-security-platform Scenario: List historical jobs returns "OK" response - Given operation "ListHistoricalJobs" enabled - And operation "RunHistoricalJob" enabled - And new "ListHistoricalJobs" request - And there is a valid "historical_job" in the system - And request contains "filter[query]" parameter with value "id:{{historical_job.data.id}}" + Given operation "ListThreatHuntingJobs" enabled + And operation "RunThreatHuntingJob" enabled + And new "ListThreatHuntingJobs" request + And there is a valid "threat_hunting_job" in the system + And request contains "filter[query]" parameter with value "id:{{threat_hunting_job.data.id}}" When the request is sent Then the response status is 200 OK @@ -1088,6 +1105,20 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: List threat hunting jobs returns "Bad Request" response + Given operation "ListThreatHuntingJobs" enabled + And new "ListThreatHuntingJobs" request + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: List threat hunting jobs returns "OK" response + Given operation "ListThreatHuntingJobs" enabled + And new "ListThreatHuntingJobs" request + When the request is sent + Then the response status is 200 OK + @generated @skip @team:DataDog/asm-vm Scenario: List vulnerabilities returns "Bad request: The server cannot process the request due to invalid syntax in the request." response Given operation "ListVulnerabilities" enabled @@ -1265,25 +1296,25 @@ Feature: Security Monitoring Then the response status is 422 The server cannot process the request because it contains invalid data. @team:DataDog/k9-cloud-security-platform - Scenario: Run a historical job returns "Bad Request" response - Given operation "RunHistoricalJob" enabled - And new "RunHistoricalJob" request + Scenario: Run a threat hunting job returns "Bad Request" response + Given operation "RunThreatHuntingJob" enabled + And new "RunThreatHuntingJob" request And body with value {"data":{"type":"historicalDetectionsJobCreate","attributes":{"jobDefinition":{"type":"log_detection","name":"Excessive number of failed attempts.","queries":[{"query":"source:non_existing_src_weekend","aggregation":"count","groupByFields":[],"distinctFields":[]}],"cases":[{"name":"Condition 1","status":"info","notifications":[],"condition":"a > 1"}],"options":{"keepAlive":3600,"maxSignalDuration":86400,"evaluationWindow":900},"message":"A large number of failed login attempts.","tags":[],"from":1730387522611,"to":1730391122611,"index":"non_existing_index"}}}} When the request is sent Then the response status is 400 Bad Request @team:DataDog/k9-cloud-security-platform - Scenario: Run a historical job returns "Not Found" response - Given operation "RunHistoricalJob" enabled - And new "RunHistoricalJob" request + Scenario: Run a threat hunting job returns "Not Found" response + Given operation "RunThreatHuntingJob" enabled + And new "RunThreatHuntingJob" request And body with value {"data": { "type": "historicalDetectionsJobCreate", "attributes": {"fromRule": {"from": 1730201035064, "id": "non-existng", "index": "main", "notifications": [], "to": 1730204635115}}}} When the request is sent Then the response status is 404 Not Found @team:DataDog/k9-cloud-security-platform - Scenario: Run a historical job returns "Status created" response - Given operation "RunHistoricalJob" enabled - And new "RunHistoricalJob" request + Scenario: Run a threat hunting job returns "Status created" response + Given operation "RunThreatHuntingJob" enabled + And new "RunThreatHuntingJob" request And body with value {"data":{"type":"historicalDetectionsJobCreate","attributes":{"jobDefinition":{"type":"log_detection","name":"Excessive number of failed attempts.","queries":[{"query":"source:non_existing_src_weekend","aggregation":"count","groupByFields":[],"distinctFields":[]}],"cases":[{"name":"Condition 1","status":"info","notifications":[],"condition":"a > 1"}],"options":{"keepAlive":3600,"maxSignalDuration":86400,"evaluationWindow":900},"message":"A large number of failed login attempts.","tags":[],"from":1730387522611,"to":1730387532611,"index":"main"}}}} When the request is sent Then the response status is 201 Status created diff --git a/tests/scenarios/features/v2/undo.json b/tests/scenarios/features/v2/undo.json index 5f2144f5f..eb1380ab6 100644 --- a/tests/scenarios/features/v2/undo.json +++ b/tests/scenarios/features/v2/undo.json @@ -3909,13 +3909,13 @@ "type": "safe" } }, - "ListHistoricalJobs": { + "ListThreatHuntingJobs": { "tag": "Security Monitoring", "undo": { "type": "safe" } }, - "RunHistoricalJob": { + "RunThreatHuntingJob": { "tag": "Security Monitoring", "undo": { "type": "idempotent" @@ -3927,19 +3927,19 @@ "type": "idempotent" } }, - "DeleteHistoricalJob": { + "DeleteThreatHuntingJob": { "tag": "Security Monitoring", "undo": { "type": "idempotent" } }, - "GetHistoricalJob": { + "GetThreatHuntingJob": { "tag": "Security Monitoring", "undo": { "type": "safe" } }, - "CancelHistoricalJob": { + "CancelThreatHuntingJob": { "tag": "Security Monitoring", "undo": { "type": "idempotent" diff --git a/tests/scenarios/function_mappings.rs b/tests/scenarios/function_mappings.rs index fb19d788d..baca98d96 100644 --- a/tests/scenarios/function_mappings.rs +++ b/tests/scenarios/function_mappings.rs @@ -2519,26 +2519,29 @@ pub fn collect_function_calls(world: &mut DatadogWorld) { "v2.GetSecurityMonitoringHistsignal".into(), test_v2_get_security_monitoring_histsignal, ); - world - .function_mappings - .insert("v2.ListHistoricalJobs".into(), test_v2_list_historical_jobs); - world - .function_mappings - .insert("v2.RunHistoricalJob".into(), test_v2_run_historical_job); + world.function_mappings.insert( + "v2.ListThreatHuntingJobs".into(), + test_v2_list_threat_hunting_jobs, + ); + world.function_mappings.insert( + "v2.RunThreatHuntingJob".into(), + test_v2_run_threat_hunting_job, + ); world.function_mappings.insert( "v2.ConvertJobResultToSignal".into(), test_v2_convert_job_result_to_signal, ); world.function_mappings.insert( - "v2.DeleteHistoricalJob".into(), - test_v2_delete_historical_job, + "v2.DeleteThreatHuntingJob".into(), + test_v2_delete_threat_hunting_job, ); - world - .function_mappings - .insert("v2.GetHistoricalJob".into(), test_v2_get_historical_job); world.function_mappings.insert( - "v2.CancelHistoricalJob".into(), - test_v2_cancel_historical_job, + "v2.GetThreatHuntingJob".into(), + test_v2_get_threat_hunting_job, + ); + world.function_mappings.insert( + "v2.CancelThreatHuntingJob".into(), + test_v2_cancel_threat_hunting_job, ); world.function_mappings.insert( "v2.GetSecurityMonitoringHistsignalsByJobId".into(), @@ -18118,7 +18121,10 @@ fn test_v2_get_security_monitoring_histsignal( world.response.code = response.status.as_u16(); } -fn test_v2_list_historical_jobs(world: &mut DatadogWorld, _parameters: &HashMap) { +fn test_v2_list_threat_hunting_jobs( + world: &mut DatadogWorld, + _parameters: &HashMap, +) { let api = world .api_instances .v2_api_security_monitoring @@ -18137,12 +18143,12 @@ fn test_v2_list_historical_jobs(world: &mut DatadogWorld, _parameters: &HashMap< .get("filter[query]") .and_then(|param| Some(serde_json::from_value(param.clone()).unwrap())); let mut params = - datadogV2::api_security_monitoring::ListHistoricalJobsOptionalParams::default(); + datadogV2::api_security_monitoring::ListThreatHuntingJobsOptionalParams::default(); params.page_size = page_size; params.page_number = page_number; params.sort = sort; params.filter_query = filter_query; - let response = match block_on(api.list_historical_jobs_with_http_info(params)) { + let response = match block_on(api.list_threat_hunting_jobs_with_http_info(params)) { Ok(response) => response, Err(error) => { return match error { @@ -18160,14 +18166,14 @@ fn test_v2_list_historical_jobs(world: &mut DatadogWorld, _parameters: &HashMap< world.response.code = response.status.as_u16(); } -fn test_v2_run_historical_job(world: &mut DatadogWorld, _parameters: &HashMap) { +fn test_v2_run_threat_hunting_job(world: &mut DatadogWorld, _parameters: &HashMap) { let api = world .api_instances .v2_api_security_monitoring .as_ref() .expect("api instance not found"); let body = serde_json::from_value(_parameters.get("body").unwrap().clone()).unwrap(); - let response = match block_on(api.run_historical_job_with_http_info(body)) { + let response = match block_on(api.run_threat_hunting_job_with_http_info(body)) { Ok(response) => response, Err(error) => { return match error { @@ -18213,14 +18219,17 @@ fn test_v2_convert_job_result_to_signal( world.response.code = response.status.as_u16(); } -fn test_v2_delete_historical_job(world: &mut DatadogWorld, _parameters: &HashMap) { +fn test_v2_delete_threat_hunting_job( + world: &mut DatadogWorld, + _parameters: &HashMap, +) { let api = world .api_instances .v2_api_security_monitoring .as_ref() .expect("api instance not found"); let job_id = serde_json::from_value(_parameters.get("job_id").unwrap().clone()).unwrap(); - let response = match block_on(api.delete_historical_job_with_http_info(job_id)) { + let response = match block_on(api.delete_threat_hunting_job_with_http_info(job_id)) { Ok(response) => response, Err(error) => { return match error { @@ -18238,14 +18247,14 @@ fn test_v2_delete_historical_job(world: &mut DatadogWorld, _parameters: &HashMap world.response.code = response.status.as_u16(); } -fn test_v2_get_historical_job(world: &mut DatadogWorld, _parameters: &HashMap) { +fn test_v2_get_threat_hunting_job(world: &mut DatadogWorld, _parameters: &HashMap) { let api = world .api_instances .v2_api_security_monitoring .as_ref() .expect("api instance not found"); let job_id = serde_json::from_value(_parameters.get("job_id").unwrap().clone()).unwrap(); - let response = match block_on(api.get_historical_job_with_http_info(job_id)) { + let response = match block_on(api.get_threat_hunting_job_with_http_info(job_id)) { Ok(response) => response, Err(error) => { return match error { @@ -18263,14 +18272,17 @@ fn test_v2_get_historical_job(world: &mut DatadogWorld, _parameters: &HashMap) { +fn test_v2_cancel_threat_hunting_job( + world: &mut DatadogWorld, + _parameters: &HashMap, +) { let api = world .api_instances .v2_api_security_monitoring .as_ref() .expect("api instance not found"); let job_id = serde_json::from_value(_parameters.get("job_id").unwrap().clone()).unwrap(); - let response = match block_on(api.cancel_historical_job_with_http_info(job_id)) { + let response = match block_on(api.cancel_threat_hunting_job_with_http_info(job_id)) { Ok(response) => response, Err(error) => { return match error {