DataDog
diff --git a/‎.apigentools-info
Lines changed: 4 additions & 4 deletions b/‎.apigentools-info
Lines changed: 4 additions & 4 deletions
diff --git a/‎.generator/schemas/v2/openapi.yaml
Lines changed: 23 additions & 3 deletions b/‎.generator/schemas/v2/openapi.yaml
Lines changed: 23 additions & 3 deletions
diff --git a/‎cassettes/v2/Security-Monitoring_1187227211/Create-a-suppression-rule-returns-OK-response_1135731355/frozen.json
Lines changed: 1 addition & 1 deletion b/‎cassettes/v2/Security-Monitoring_1187227211/Create-a-suppression-rule-returns-OK-response_1135731355/frozen.json
Lines changed: 1 addition & 1 deletion
diff --git a/‎cassettes/v2/Security-Monitoring_1187227211/Create-a-suppression-rule-returns-OK-response_1135731355/recording.har
Lines changed: 11 additions & 11 deletions b/‎cassettes/v2/Security-Monitoring_1187227211/Create-a-suppression-rule-returns-OK-response_1135731355/recording.har
Lines changed: 11 additions & 11 deletions
diff --git a/‎cassettes/v2/Security-Monitoring_1187227211/Create-a-suppression-rule-with-an-exclusion-query-returns-OK-response_3158025700/frozen.json
Lines changed: 1 addition & 0 deletions b/‎cassettes/v2/Security-Monitoring_1187227211/Create-a-suppression-rule-with-an-exclusion-query-returns-OK-response_3158025700/frozen.json
Lines changed: 1 addition & 0 deletions
diff --git a/‎cassettes/v2/Security-Monitoring_1187227211/Create-a-suppression-rule-with-an-exclusion-query-returns-OK-response_3158025700/recording.har
Lines changed: 109 additions & 0 deletions b/‎cassettes/v2/Security-Monitoring_1187227211/Create-a-suppression-rule-with-an-exclusion-query-returns-OK-response_3158025700/recording.har
Lines changed: 109 additions & 0 deletions
diff --git a/‎cassettes/v2/Security-Monitoring_1187227211/Get-a-suppression-rule-returns-OK-response_1191933161/frozen.json
Lines changed: 1 addition & 1 deletion b/‎cassettes/v2/Security-Monitoring_1187227211/Get-a-suppression-rule-returns-OK-response_1191933161/frozen.json
Lines changed: 1 addition & 1 deletion
diff --git a/‎cassettes/v2/Security-Monitoring_1187227211/Get-a-suppression-rule-returns-OK-response_1191933161/recording.har
Lines changed: 18 additions & 18 deletions b/‎cassettes/v2/Security-Monitoring_1187227211/Get-a-suppression-rule-returns-OK-response_1191933161/recording.har
Lines changed: 18 additions & 18 deletions
diff --git a/‎cassettes/v2/Security-Monitoring_1187227211/Update-a-suppression-rule-returns-OK-response_550028888/frozen.json
Lines changed: 1 addition & 1 deletion b/‎cassettes/v2/Security-Monitoring_1187227211/Update-a-suppression-rule-returns-OK-response_550028888/frozen.json
Lines changed: 1 addition & 1 deletion
@@ -4,13 +4,13 @@
     "spec_versions": {
         "v1": {
             "apigentools_version": "1.6.6",
-            "regenerated": "2024-04-09 18:06:02.298382",
-            "spec_repo_commit": "fc718bc2"
+            "regenerated": "2024-04-10 15:00:54.233406",
+            "spec_repo_commit": "7e61ac0f"
         },
         "v2": {
             "apigentools_version": "1.6.6",
-            "regenerated": "2024-04-09 18:06:02.315520",
-            "spec_repo_commit": "fc718bc2"
+            "regenerated": "2024-04-10 15:00:54.253458",
+            "spec_repo_commit": "7e61ac0f"
         }
     }
 }
@@ -18282,6 +18282,13 @@ components:
           type: integer
         creator:
           $ref: '#/components/schemas/SecurityMonitoringUser'
+        data_exclusion_query:
+          description: An exclusion query on the input data of the security rules,
+            which could be logs, Agent events, or other types of data based on the
+            security rule. Events matching this query are ignored by any detection
+            rules referenced in the suppression rule.
+          example: source:cloudtrail account_id:12345
+          type: string
         description:
           description: A description for the suppression rule.
           example: This rule suppresses low-severity signals in staging environments.
@@ -18330,6 +18337,13 @@ components:
       description: Object containing the attributes of the suppression rule to be
         created.
       properties:
+        data_exclusion_query:
+          description: An exclusion query on the input data of the security rules,
+            which could be logs, Agent events, or other types of data based on the
+            security rule. Events matching this query are ignored by any detection
+            rules referenced in the suppression rule.
+          example: source:cloudtrail account_id:12345
+          type: string
         description:
           description: A description for the suppression rule.
           example: This rule suppresses low-severity signals in staging environments.
@@ -18355,15 +18369,14 @@ components:
           type: string
         suppression_query:
           description: The suppression query of the suppression rule. If a signal
-            matches this query, it is suppressed and is not triggered . Same syntax
-            as the queries to search signals in the signal explorer.
+            matches this query, it is suppressed and is not triggered. It uses the
+            same syntax as the queries to search signals in the Signals Explorer.
           example: env:staging status:low
           type: string
       required:
       - name
       - enabled
       - rule_query
-      - suppression_query
       type: object
     SecurityMonitoringSuppressionCreateData:
       description: Object for a single suppression rule.
@@ -18407,6 +18420,13 @@ components:
     SecurityMonitoringSuppressionUpdateAttributes:
       description: The suppression rule properties to be updated.
       properties:
+        data_exclusion_query:
+          description: An exclusion query on the input data of the security rules,
+            which could be logs, Agent events, or other types of data based on the
+            security rule. Events matching this query are ignored by any detection
+            rules referenced in the suppression rule.
+          example: source:cloudtrail account_id:12345
+          type: string
         description:
           description: A description for the suppression rule.
           example: This rule suppresses low-severity signals in staging environments.
 
@@ -1 +1 @@
-"2024-01-11T10:06:23.179Z"
+"2024-04-08T09:56:58.589Z"
@@ -8,7 +8,7 @@
     },
     "entries": [
       {
-        "_id": "06dec73058ad7ecc2764224c70dc8bb1",
+        "_id": "a9dfe34962b8765226958539d321adc0",
         "_order": 0,
         "cache": {},
         "request": {
@@ -32,17 +32,17 @@
           "postData": {
             "mimeType": "application/json",
             "params": [],
-            "text": "{\"data\":{\"attributes\":{\"description\":\"This rule suppresses low-severity signals in staging environments.\",\"enabled\":true,\"expiration_date\":1703187336000,\"name\":\"Test-Create_a_suppression_rule_returns_OK_response-1704967583\",\"rule_query\":\"type:log_detection source:cloudtrail\",\"suppression_query\":\"env:staging status:low\"},\"type\":\"suppressions\"}}"
+            "text": "{\"data\":{\"attributes\":{\"description\":\"This rule suppresses low-severity signals in staging environments.\",\"enabled\":true,\"expiration_date\":1703187336000,\"name\":\"Test-Create_a_suppression_rule_returns_OK_response-1712570218\",\"rule_query\":\"type:log_detection source:cloudtrail\",\"suppression_query\":\"env:staging status:low\"},\"type\":\"suppressions\"}}"
           },
           "queryString": [],
           "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions"
         },
         "response": {
-          "bodySize": 543,
+          "bodySize": 594,
           "content": {
             "mimeType": "application/json",
-            "size": 543,
-            "text": "{\"data\":{\"id\":\"5sx-nhj-htc\",\"attributes\":{\"name\":\"Test-Create_a_suppression_rule_returns_OK_response-1704967583\",\"enabled\":true,\"description\":\"This rule suppresses low-severity signals in staging environments.\",\"rule_query\":\"type:log_detection source:cloudtrail\",\"suppression_query\":\"env:staging status:low\",\"expiration_date\":1703187336000,\"version\":1,\"creation_date\":1704967583506,\"update_date\":1704967583506,\"creator\":{\"name\":null,\"handle\":\"[email protected]\"},\"updater\":{\"name\":null,\"handle\":\"[email protected]\"}},\"type\":\"suppressions\"}}\n"
+            "size": 594,
+            "text": "{\"data\":{\"id\":\"mu8-qje-pys\",\"attributes\":{\"name\":\"Test-Create_a_suppression_rule_returns_OK_response-1712570218\",\"enabled\":true,\"description\":\"This rule suppresses low-severity signals in staging environments.\",\"rule_query\":\"type:log_detection source:cloudtrail\",\"suppression_query\":\"env:staging status:low\",\"log_exclusion_query\":\"\",\"data_exclusion_query\":\"\",\"expiration_date\":1703187336000,\"version\":1,\"creation_date\":1712570219298,\"update_date\":1712570219298,\"creator\":{\"name\":null,\"handle\":\"[email protected]\"},\"updater\":{\"name\":null,\"handle\":\"[email protected]\"}},\"type\":\"suppressions\"}}\n"
           },
           "cookies": [],
           "headers": [
@@ -57,11 +57,11 @@
           "status": 200,
           "statusText": "OK"
         },
-        "startedDateTime": "2024-01-11T10:06:23.183Z",
-        "time": 351
+        "startedDateTime": "2024-04-08T09:56:58.592Z",
+        "time": 832
       },
       {
-        "_id": "2d5046a8e77bef3b254426e42b43a7aa",
+        "_id": "4a92fd5ba337ac2347c574b1bfdf06e6",
         "_order": 0,
         "cache": {},
         "request": {
@@ -78,7 +78,7 @@
           "httpVersion": "HTTP/1.1",
           "method": "DELETE",
           "queryString": [],
-          "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/5sx-nhj-htc"
+          "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/mu8-qje-pys"
         },
         "response": {
           "bodySize": 0,
@@ -99,8 +99,8 @@
           "status": 204,
           "statusText": "No Content"
         },
-        "startedDateTime": "2024-01-11T10:06:23.548Z",
-        "time": 353
+        "startedDateTime": "2024-04-08T09:56:59.431Z",
+        "time": 2379
       }
     ],
     "pages": [],
 
@@ -0,0 +1 @@
+"2024-04-08T09:57:01.815Z"
@@ -0,0 +1,109 @@
+{
+  "log": {
+    "_recordingName": "Security Monitoring/Create a suppression rule with an exclusion query returns \"OK\" response",
+    "creator": {
+      "comment": "persister:fs",
+      "name": "Polly.JS",
+      "version": "6.0.5"
+    },
+    "entries": [
+      {
+        "_id": "f761e438cef476d0b59fe66684b8d331",
+        "_order": 0,
+        "cache": {},
+        "request": {
+          "bodySize": 366,
+          "cookies": [],
+          "headers": [
+            {
+              "_fromType": "array",
+              "name": "accept",
+              "value": "application/json"
+            },
+            {
+              "_fromType": "array",
+              "name": "content-type",
+              "value": "application/json"
+            }
+          ],
+          "headersSize": 616,
+          "httpVersion": "HTTP/1.1",
+          "method": "POST",
+          "postData": {
+            "mimeType": "application/json",
+            "params": [],
+            "text": "{\"data\":{\"attributes\":{\"data_exclusion_query\":\"account_id:12345\",\"description\":\"This rule suppresses low-severity signals in staging environments.\",\"enabled\":true,\"expiration_date\":1703187336000,\"name\":\"Test-Create_a_suppression_rule_with_an_exclusion_query_returns_OK_response-1712570221\",\"rule_query\":\"type:log_detection source:cloudtrail\"},\"type\":\"suppressions\"}}"
+          },
+          "queryString": [],
+          "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions"
+        },
+        "response": {
+          "bodySize": 628,
+          "content": {
+            "mimeType": "application/json",
+            "size": 628,
+            "text": "{\"data\":{\"id\":\"2dj-cxs-dg6\",\"attributes\":{\"name\":\"Test-Create_a_suppression_rule_with_an_exclusion_query_returns_OK_response-1712570221\",\"enabled\":true,\"description\":\"This rule suppresses low-severity signals in staging environments.\",\"rule_query\":\"type:log_detection source:cloudtrail\",\"suppression_query\":\"\",\"log_exclusion_query\":\"account_id:12345\",\"data_exclusion_query\":\"account_id:12345\",\"expiration_date\":1703187336000,\"version\":1,\"creation_date\":1712570222285,\"update_date\":1712570222285,\"creator\":{\"name\":null,\"handle\":\"[email protected]\"},\"updater\":{\"name\":null,\"handle\":\"[email protected]\"}},\"type\":\"suppressions\"}}\n"
+          },
+          "cookies": [],
+          "headers": [
+            {
+              "name": "content-type",
+              "value": "application/json"
+            }
+          ],
+          "headersSize": 654,
+          "httpVersion": "HTTP/1.1",
+          "redirectURL": "",
+          "status": 200,
+          "statusText": "OK"
+        },
+        "startedDateTime": "2024-04-08T09:57:01.818Z",
+        "time": 494
+      },
+      {
+        "_id": "c8824d37b2ff1bcd4ce75db594e55a3d",
+        "_order": 0,
+        "cache": {},
+        "request": {
+          "bodySize": 0,
+          "cookies": [],
+          "headers": [
+            {
+              "_fromType": "array",
+              "name": "accept",
+              "value": "*/*"
+            }
+          ],
+          "headersSize": 564,
+          "httpVersion": "HTTP/1.1",
+          "method": "DELETE",
+          "queryString": [],
+          "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/2dj-cxs-dg6"
+        },
+        "response": {
+          "bodySize": 0,
+          "content": {
+            "mimeType": "text/html; charset=utf-8",
+            "size": 0
+          },
+          "cookies": [],
+          "headers": [
+            {
+              "name": "content-type",
+              "value": "text/html; charset=utf-8"
+            }
+          ],
+          "headersSize": 641,
+          "httpVersion": "HTTP/1.1",
+          "redirectURL": "",
+          "status": 204,
+          "statusText": "No Content"
+        },
+        "startedDateTime": "2024-04-08T09:57:02.321Z",
+        "time": 619
+      }
+    ],
+    "pages": [],
+    "version": "1.2"
+  }
+}
@@ -1 +1 @@
-"2024-01-11T10:06:31.876Z"
+"2024-04-08T09:57:31.186Z"
@@ -8,7 +8,7 @@
     },
     "entries": [
       {
-        "_id": "50e8bc48db893343e42b8cd91d6f7efd",
+        "_id": "70e7f137fe190c5a29b70b2c57525341",
         "_order": 0,
         "cache": {},
         "request": {
@@ -32,17 +32,17 @@
           "postData": {
             "mimeType": "application/json",
             "params": [],
-            "text": "{\"data\":{\"attributes\":{\"description\":\"Test-Get_a_suppression_rule_returns_OK_response-1704967591\",\"enabled\":true,\"name\":\"Test-Get_a_suppression_rule_returns_OK_response-1704967591\",\"rule_query\":\"source:cloudtrail\",\"suppression_query\":\"env:test\"},\"type\":\"suppressions\"}}"
+            "text": "{\"data\":{\"attributes\":{\"description\":\"Test-Get_a_suppression_rule_returns_OK_response-1712570251\",\"enabled\":true,\"name\":\"Test-Get_a_suppression_rule_returns_OK_response-1712570251\",\"rule_query\":\"source:cloudtrail\",\"suppression_query\":\"env:test\"},\"type\":\"suppressions\"}}"
           },
           "queryString": [],
           "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions"
         },
         "response": {
-          "bodySize": 467,
+          "bodySize": 518,
           "content": {
             "mimeType": "application/json",
-            "size": 467,
-            "text": "{\"data\":{\"id\":\"vac-d9u-mmr\",\"attributes\":{\"name\":\"Test-Get_a_suppression_rule_returns_OK_response-1704967591\",\"enabled\":true,\"description\":\"Test-Get_a_suppression_rule_returns_OK_response-1704967591\",\"rule_query\":\"source:cloudtrail\",\"suppression_query\":\"env:test\",\"version\":1,\"creation_date\":1704967592204,\"update_date\":1704967592204,\"creator\":{\"name\":null,\"handle\":\"[email protected]\"},\"updater\":{\"name\":null,\"handle\":\"[email protected]\"}},\"type\":\"suppressions\"}}\n"
+            "size": 518,
+            "text": "{\"data\":{\"id\":\"zrh-zwa-bgu\",\"attributes\":{\"name\":\"Test-Get_a_suppression_rule_returns_OK_response-1712570251\",\"enabled\":true,\"description\":\"Test-Get_a_suppression_rule_returns_OK_response-1712570251\",\"rule_query\":\"source:cloudtrail\",\"suppression_query\":\"env:test\",\"log_exclusion_query\":\"\",\"data_exclusion_query\":\"\",\"version\":1,\"creation_date\":1712570252683,\"update_date\":1712570252683,\"creator\":{\"name\":null,\"handle\":\"[email protected]\"},\"updater\":{\"name\":null,\"handle\":\"[email protected]\"}},\"type\":\"suppressions\"}}\n"
           },
           "cookies": [],
           "headers": [
@@ -57,11 +57,11 @@
           "status": 200,
           "statusText": "OK"
         },
-        "startedDateTime": "2024-01-11T10:06:31.882Z",
-        "time": 351
+        "startedDateTime": "2024-04-08T09:57:31.192Z",
+        "time": 1504
       },
       {
-        "_id": "c6a4d879042823d3f1738d8ea1756d4d",
+        "_id": "c16b2d816d76c171a4df4c49a64dffa0",
         "_order": 0,
         "cache": {},
         "request": {
@@ -78,14 +78,14 @@
           "httpVersion": "HTTP/1.1",
           "method": "GET",
           "queryString": [],
-          "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/vac-d9u-mmr"
+          "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/zrh-zwa-bgu"
         },
         "response": {
-          "bodySize": 467,
+          "bodySize": 518,
           "content": {
             "mimeType": "application/json",
-            "size": 467,
-            "text": "{\"data\":{\"id\":\"vac-d9u-mmr\",\"attributes\":{\"name\":\"Test-Get_a_suppression_rule_returns_OK_response-1704967591\",\"enabled\":true,\"description\":\"Test-Get_a_suppression_rule_returns_OK_response-1704967591\",\"rule_query\":\"source:cloudtrail\",\"suppression_query\":\"env:test\",\"version\":1,\"creation_date\":1704967592204,\"update_date\":1704967592204,\"creator\":{\"name\":null,\"handle\":\"[email protected]\"},\"updater\":{\"name\":null,\"handle\":\"[email protected]\"}},\"type\":\"suppressions\"}}\n"
+            "size": 518,
+            "text": "{\"data\":{\"id\":\"zrh-zwa-bgu\",\"attributes\":{\"name\":\"Test-Get_a_suppression_rule_returns_OK_response-1712570251\",\"enabled\":true,\"description\":\"Test-Get_a_suppression_rule_returns_OK_response-1712570251\",\"rule_query\":\"source:cloudtrail\",\"suppression_query\":\"env:test\",\"log_exclusion_query\":\"\",\"data_exclusion_query\":\"\",\"version\":1,\"creation_date\":1712570252683,\"update_date\":1712570252683,\"creator\":{\"name\":null,\"handle\":\"[email protected]\"},\"updater\":{\"name\":null,\"handle\":\"[email protected]\"}},\"type\":\"suppressions\"}}\n"
           },
           "cookies": [],
           "headers": [
@@ -100,11 +100,11 @@
           "status": 200,
           "statusText": "OK"
         },
-        "startedDateTime": "2024-01-11T10:06:32.242Z",
-        "time": 335
+        "startedDateTime": "2024-04-08T09:57:32.705Z",
+        "time": 499
       },
       {
-        "_id": "e4715e193992be164df30b501939f0a5",
+        "_id": "3146ff65246e3b67bf0cc41e1d553817",
         "_order": 0,
         "cache": {},
         "request": {
@@ -121,7 +121,7 @@
           "httpVersion": "HTTP/1.1",
           "method": "DELETE",
           "queryString": [],
-          "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/vac-d9u-mmr"
+          "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/zrh-zwa-bgu"
         },
         "response": {
           "bodySize": 0,
@@ -142,8 +142,8 @@
           "status": 204,
           "statusText": "No Content"
         },
-        "startedDateTime": "2024-01-11T10:06:32.585Z",
-        "time": 361
+        "startedDateTime": "2024-04-08T09:57:33.213Z",
+        "time": 508
       }
     ],
     "pages": [],
 
@@ -1 +1 @@
-"2024-01-11T10:06:37.000Z"
+"2024-04-08T09:57:43.431Z"
Original file line number	Diff line number	Diff line change
`@@ -4,13 +4,13 @@`
`4`	`4`	`"spec_versions": {`
`5`	`5`	`"v1": {`
`6`	`6`	`"apigentools_version": "1.6.6",`
`7`		`- "regenerated": "2024-04-09 18:06:02.298382",`
`8`		`- "spec_repo_commit": "fc718bc2"`
	`7`	`+ "regenerated": "2024-04-10 15:00:54.233406",`
	`8`	`+ "spec_repo_commit": "7e61ac0f"`
`9`	`9`	`},`
`10`	`10`	`"v2": {`
`11`	`11`	`"apigentools_version": "1.6.6",`
`12`		`- "regenerated": "2024-04-09 18:06:02.315520",`
`13`		`- "spec_repo_commit": "fc718bc2"`
	`12`	`+ "regenerated": "2024-04-10 15:00:54.253458",`
	`13`	`+ "spec_repo_commit": "7e61ac0f"`
`14`	`14`	`}`
`15`	`15`	`}`
`16`	`16`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-"2024-01-11T10:06:23.179Z"`
	`1`	`+"2024-04-08T09:56:58.589Z"`
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-"2024-01-11T10:06:31.876Z"`
	`1`	`+"2024-04-08T09:57:31.186Z"`
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-"2024-01-11T10:06:37.000Z"`
	`1`	`+"2024-04-08T09:57:43.431Z"`