diff --git a/.apigentools-info b/.apigentools-info index eb18ec5858..dbfbf16c0d 100644 --- a/.apigentools-info +++ b/.apigentools-info @@ -4,13 +4,13 @@ "spec_versions": { "v1": { "apigentools_version": "1.6.6", - "regenerated": "2024-09-04 14:47:52.517444", - "spec_repo_commit": "b31c228b" + "regenerated": "2024-09-04 15:23:38.044155", + "spec_repo_commit": "fe4f848e" }, "v2": { "apigentools_version": "1.6.6", - "regenerated": "2024-09-04 14:47:52.534363", - "spec_repo_commit": "b31c228b" + "regenerated": "2024-09-04 15:23:38.061137", + "spec_repo_commit": "fe4f848e" } } } \ No newline at end of file diff --git a/examples/v2/security-monitoring/CreateSecurityMonitoringRule_3367706049.py b/examples/v2/security-monitoring/CreateSecurityMonitoringRule_3367706049.py index 5a2e0c1155..f34cd9dcb9 100644 --- a/examples/v2/security-monitoring/CreateSecurityMonitoringRule_3367706049.py +++ b/examples/v2/security-monitoring/CreateSecurityMonitoringRule_3367706049.py @@ -45,7 +45,7 @@ options=SecurityMonitoringRuleOptions( detection_method=SecurityMonitoringRuleDetectionMethod.THIRD_PARTY, keep_alive=SecurityMonitoringRuleKeepAlive.ZERO_MINUTES, - max_signal_duration=SecurityMonitoringRuleMaxSignalDuration.ZERO_MINUTES, + max_signal_duration=SecurityMonitoringRuleMaxSignalDuration.TEN_MINUTES, third_party_rule_options=SecurityMonitoringRuleThirdPartyOptions( default_status=SecurityMonitoringRuleSeverity.INFO, root_queries=[ diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_detection_rule_with_detection_method_third_party_returns_ok_response.frozen b/tests/v2/cassettes/test_scenarios/test_create_a_detection_rule_with_detection_method_third_party_returns_ok_response.frozen index 5c83b7474c..8c0df213d2 100644 --- a/tests/v2/cassettes/test_scenarios/test_create_a_detection_rule_with_detection_method_third_party_returns_ok_response.frozen +++ b/tests/v2/cassettes/test_scenarios/test_create_a_detection_rule_with_detection_method_third_party_returns_ok_response.frozen @@ -1 +1 @@ -2024-05-10T16:34:29.476Z \ No newline at end of file +2024-09-04T13:32:10.858Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_detection_rule_with_detection_method_third_party_returns_ok_response.yaml b/tests/v2/cassettes/test_scenarios/test_create_a_detection_rule_with_detection_method_third_party_returns_ok_response.yaml index 34b291ddcd..5f8db7c5c8 100644 --- a/tests/v2/cassettes/test_scenarios/test_create_a_detection_rule_with_detection_method_third_party_returns_ok_response.yaml +++ b/tests/v2/cassettes/test_scenarios/test_create_a_detection_rule_with_detection_method_third_party_returns_ok_response.yaml @@ -1,6 +1,6 @@ interactions: - request: - body: '{"cases":[],"isEnabled":true,"message":"This is a third party rule","name":"Test-Create_a_detection_rule_with_detection_method_third_party_returns_OK_response-1715358869","options":{"detectionMethod":"third_party","keepAlive":0,"maxSignalDuration":0,"thirdPartyRuleOptions":{"defaultStatus":"info","rootQueries":[{"groupByFields":["instance-id"],"query":"source:guardduty + body: '{"cases":[],"isEnabled":true,"message":"This is a third party rule","name":"Test-Create_a_detection_rule_with_detection_method_third_party_returns_OK_response-1725456730","options":{"detectionMethod":"third_party","keepAlive":0,"maxSignalDuration":600,"thirdPartyRuleOptions":{"defaultStatus":"info","rootQueries":[{"groupByFields":["instance-id"],"query":"source:guardduty @details.alertType:*EC2*"},{"groupByFields":[],"query":"source:guardduty"}]}},"queries":[],"thirdPartyCases":[{"name":"high","query":"status:error","status":"high"},{"name":"low","query":"status:info","status":"low"}],"type":"log_detection"}' headers: accept: @@ -11,7 +11,7 @@ interactions: uri: https://api.datadoghq.com/api/v2/security_monitoring/rules response: body: - string: '{"id":"uys-ie9-xgd","version":1,"name":"Test-Create_a_detection_rule_with_detection_method_third_party_returns_OK_response-1715358869","createdAt":1715358869757,"creationAuthorId":1445416,"isDefault":false,"isPartner":false,"isEnabled":true,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"status:error","groupByFields":[],"hasOptionalGroupByFields":false,"distinctFields":[],"aggregation":"none","name":""},{"query":"status:info","groupByFields":[],"hasOptionalGroupByFields":false,"distinctFields":[],"aggregation":"none","name":""}],"options":{"keepAlive":0,"maxSignalDuration":0,"detectionMethod":"third_party","evaluationWindow":0,"thirdPartyRuleOptions":{"defaultStatus":"info","defaultNotifications":[],"rootQueries":[{"query":"source:guardduty + string: '{"id":"rvf-kfc-pxh","version":1,"name":"Test-Create_a_detection_rule_with_detection_method_third_party_returns_OK_response-1725456730","createdAt":1725456731210,"creationAuthorId":1445416,"isDefault":false,"isPartner":false,"isEnabled":true,"isBeta":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"status:error","groupByFields":[],"hasOptionalGroupByFields":false,"distinctFields":[],"aggregation":"none","name":""},{"query":"status:info","groupByFields":[],"hasOptionalGroupByFields":false,"distinctFields":[],"aggregation":"none","name":""}],"options":{"keepAlive":0,"maxSignalDuration":600,"detectionMethod":"third_party","evaluationWindow":0,"thirdPartyRuleOptions":{"defaultStatus":"info","defaultNotifications":[],"rootQueries":[{"query":"source:guardduty @details.alertType:*EC2*","groupByFields":["instance-id"]},{"query":"source:guardduty","groupByFields":[]}]}},"cases":[{"name":"high","status":"high","notifications":[]},{"name":"low","status":"low","notifications":[]}],"message":"This is a third party rule","tags":[],"hasExtendedTitle":false,"type":"log_detection","filters":[],"thirdPartyCases":[{"name":"high","status":"high","notifications":[],"query":"status:error"},{"name":"low","status":"low","notifications":[],"query":"status:info"}]} @@ -28,7 +28,7 @@ interactions: accept: - '*/*' method: DELETE - uri: https://api.datadoghq.com/api/v2/security_monitoring/rules/uys-ie9-xgd + uri: https://api.datadoghq.com/api/v2/security_monitoring/rules/rvf-kfc-pxh response: body: string: '' diff --git a/tests/v2/features/security_monitoring.feature b/tests/v2/features/security_monitoring.feature index 803f105679..dc66166540 100644 --- a/tests/v2/features/security_monitoring.feature +++ b/tests/v2/features/security_monitoring.feature @@ -133,7 +133,7 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Create a detection rule with detection method 'third_party' returns "OK" response Given new "CreateSecurityMonitoringRule" request - And body with value {"name":"{{ unique }}","type":"log_detection","isEnabled":true,"thirdPartyCases":[{"query":"status:error","name":"high","status":"high"},{"query":"status:info","name":"low","status":"low"}],"queries":[],"cases":[],"message":"This is a third party rule","options":{"detectionMethod":"third_party","keepAlive":0,"maxSignalDuration":0,"thirdPartyRuleOptions":{"defaultStatus":"info","rootQueries":[{"query":"source:guardduty @details.alertType:*EC2*", "groupByFields":["instance-id"]},{"query":"source:guardduty", "groupByFields":[]}]}}} + And body with value {"name":"{{ unique }}","type":"log_detection","isEnabled":true,"thirdPartyCases":[{"query":"status:error","name":"high","status":"high"},{"query":"status:info","name":"low","status":"low"}],"queries":[],"cases":[],"message":"This is a third party rule","options":{"detectionMethod":"third_party","keepAlive":0,"maxSignalDuration":600,"thirdPartyRuleOptions":{"defaultStatus":"info","rootQueries":[{"query":"source:guardduty @details.alertType:*EC2*", "groupByFields":["instance-id"]},{"query":"source:guardduty", "groupByFields":[]}]}}} When the request is sent Then the response status is 200 OK And the response "name" is equal to "{{ unique }}"