From ddf9f44ef2046468ee4626991546ebdd42fb7f60 Mon Sep 17 00:00:00 2001 From: "api-clients-generation-pipeline[bot]" <54105614+api-clients-generation-pipeline[bot]@users.noreply.github.com> Date: Fri, 21 Oct 2022 14:39:44 +0000 Subject: [PATCH] Deprecate metric field of Security Monitoring Rules (#1723) Co-authored-by: ci.datadog-api-spec --- .apigentools-info | 8 +++---- .generator/schemas/v2/openapi.yaml | 18 +++++++------- ...l_security_monitoring_signal_rule_query.go | 2 +- ...y_monitoring_signal_rule_response_query.go | 2 +- ...security_monitoring_standard_rule_query.go | 10 +++++--- ...n_rule_returns_Bad_Request_response.freeze | 2 +- ...ion_rule_returns_Bad_Request_response.yaml | 2 +- ..._detection_rule_returns_OK_response.freeze | 2 +- ..._a_detection_rule_returns_OK_response.yaml | 8 +++---- ...possible_travel_returns_OK_response.freeze | 2 +- ...impossible_travel_returns_OK_response.yaml | 6 ++--- ...nal_correlation_returns_OK_response.freeze | 2 +- ...ignal_correlation_returns_OK_response.yaml | 24 +++++++++---------- ...rkload_security_returns_OK_response.freeze | 2 +- ...workload_security_returns_OK_response.yaml | 8 +++---- ...security_filter_returns_OK_response.freeze | 2 +- ...a_security_filter_returns_OK_response.yaml | 8 +++---- ..._filter_returns_No_Content_response.freeze | 2 +- ...ty_filter_returns_No_Content_response.yaml | 12 +++++----- ...n_existing_rule_returns_OK_response.freeze | 2 +- ..._an_existing_rule_returns_OK_response.yaml | 12 +++++----- ...security_filter_returns_OK_response.freeze | 2 +- ...a_security_filter_returns_OK_response.yaml | 14 +++++------ ...ecurity_filters_returns_OK_response.freeze | 2 +- ..._security_filters_returns_OK_response.yaml | 5 +++- ...security_filter_returns_OK_response.freeze | 2 +- ...a_security_filter_returns_OK_response.yaml | 14 +++++------ tests/scenarios/features/v2/given.json | 4 ++-- 28 files changed, 94 insertions(+), 85 deletions(-) diff --git a/.apigentools-info b/.apigentools-info index 94bdd155dfe..54206698e24 100644 --- a/.apigentools-info +++ b/.apigentools-info @@ -4,13 +4,13 @@ "spec_versions": { "v1": { "apigentools_version": "1.6.4", - "regenerated": "2022-10-14 14:06:52.995839", - "spec_repo_commit": "7eb6ca7a" + "regenerated": "2022-10-20 09:07:43.391926", + "spec_repo_commit": "148c906a" }, "v2": { "apigentools_version": "1.6.4", - "regenerated": "2022-10-14 14:06:53.009989", - "spec_repo_commit": "7eb6ca7a" + "regenerated": "2022-10-20 09:07:43.404402", + "spec_repo_commit": "148c906a" } } } \ No newline at end of file diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index 3b4ca5011ca..1e313cd8b59 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -8174,8 +8174,7 @@ components: maximum: 9 type: integer metrics: - description: Group of target fields to aggregate over when using the new - value aggregations. + description: Group of target fields to aggregate over. items: description: Field. type: string @@ -8278,8 +8277,7 @@ components: example: d3f-ru1-e1d type: string metrics: - description: Group of target fields to aggregate over when using the new - value aggregations. + description: Group of target fields to aggregate over. items: description: Field. type: string @@ -8533,13 +8531,17 @@ components: type: string type: array metric: - description: 'The target field to aggregate over when using the sum or max + deprecated: true + description: '(Deprecated) The target field to aggregate over when using + the sum or max - aggregations.' + aggregations. `metrics` field should be used instead.' type: string metrics: - description: Group of target fields to aggregate over when using the new - value aggregations. + description: Group of target fields to aggregate over when using the sum, + max, geo data, or new value aggregations. The sum, max, and geo data aggregations + only accept one value in this list, whereas the new value aggregation + accepts up to five values. items: description: Field. type: string diff --git a/api/datadogV2/model_security_monitoring_signal_rule_query.go b/api/datadogV2/model_security_monitoring_signal_rule_query.go index fe3a7588131..1296c10ffbc 100644 --- a/api/datadogV2/model_security_monitoring_signal_rule_query.go +++ b/api/datadogV2/model_security_monitoring_signal_rule_query.go @@ -17,7 +17,7 @@ type SecurityMonitoringSignalRuleQuery struct { CorrelatedByFields []string `json:"correlatedByFields,omitempty"` // Index of the rule query used to retrieve the correlated field. CorrelatedQueryIndex *int32 `json:"correlatedQueryIndex,omitempty"` - // Group of target fields to aggregate over when using the new value aggregations. + // Group of target fields to aggregate over. Metrics []string `json:"metrics,omitempty"` // Name of the query. Name *string `json:"name,omitempty"` diff --git a/api/datadogV2/model_security_monitoring_signal_rule_response_query.go b/api/datadogV2/model_security_monitoring_signal_rule_response_query.go index 90f578a7556..0351e5e0758 100644 --- a/api/datadogV2/model_security_monitoring_signal_rule_response_query.go +++ b/api/datadogV2/model_security_monitoring_signal_rule_response_query.go @@ -18,7 +18,7 @@ type SecurityMonitoringSignalRuleResponseQuery struct { CorrelatedQueryIndex *int32 `json:"correlatedQueryIndex,omitempty"` // Default Rule ID to match on signals. DefaultRuleId *string `json:"defaultRuleId,omitempty"` - // Group of target fields to aggregate over when using the new value aggregations. + // Group of target fields to aggregate over. Metrics []string `json:"metrics,omitempty"` // Name of the query. Name *string `json:"name,omitempty"` diff --git a/api/datadogV2/model_security_monitoring_standard_rule_query.go b/api/datadogV2/model_security_monitoring_standard_rule_query.go index 4fbd5904509..b3a619c540d 100644 --- a/api/datadogV2/model_security_monitoring_standard_rule_query.go +++ b/api/datadogV2/model_security_monitoring_standard_rule_query.go @@ -17,10 +17,11 @@ type SecurityMonitoringStandardRuleQuery struct { DistinctFields []string `json:"distinctFields,omitempty"` // Fields to group by. GroupByFields []string `json:"groupByFields,omitempty"` - // The target field to aggregate over when using the sum or max - // aggregations. + // (Deprecated) The target field to aggregate over when using the sum or max + // aggregations. `metrics` field should be used instead. + // Deprecated Metric *string `json:"metric,omitempty"` - // Group of target fields to aggregate over when using the new value aggregations. + // Group of target fields to aggregate over when using the sum, max, geo data, or new value aggregations. The sum, max, and geo data aggregations only accept one value in this list, whereas the new value aggregation accepts up to five values. Metrics []string `json:"metrics,omitempty"` // Name of the query. Name *string `json:"name,omitempty"` @@ -134,6 +135,7 @@ func (o *SecurityMonitoringStandardRuleQuery) SetGroupByFields(v []string) { } // GetMetric returns the Metric field value if set, zero value otherwise. +// Deprecated func (o *SecurityMonitoringStandardRuleQuery) GetMetric() string { if o == nil || o.Metric == nil { var ret string @@ -144,6 +146,7 @@ func (o *SecurityMonitoringStandardRuleQuery) GetMetric() string { // GetMetricOk returns a tuple with the Metric field value if set, nil otherwise // and a boolean to check if the value has been set. +// Deprecated func (o *SecurityMonitoringStandardRuleQuery) GetMetricOk() (*string, bool) { if o == nil || o.Metric == nil { return nil, false @@ -157,6 +160,7 @@ func (o *SecurityMonitoringStandardRuleQuery) HasMetric() bool { } // SetMetric gets a reference to the given string and assigns it to the Metric field. +// Deprecated func (o *SecurityMonitoringStandardRuleQuery) SetMetric(v string) { o.Metric = &v } diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_returns_Bad_Request_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_returns_Bad_Request_response.freeze index 28124b68f4c..c016c3ffff7 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_returns_Bad_Request_response.freeze +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_returns_Bad_Request_response.freeze @@ -1 +1 @@ -2022-09-27T13:06:48.381Z \ No newline at end of file +2022-10-19T13:36:33.262Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_returns_Bad_Request_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_returns_Bad_Request_response.yaml index af9e17faacb..57fd6c44edf 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_returns_Bad_Request_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_returns_Bad_Request_response.yaml @@ -1,7 +1,7 @@ interactions: - request: body: | - {"cases":[{"status":"info"}],"isEnabled":true,"message":"Test rule","name":"Test-Create_a_detection_rule_returns_Bad_Request_response-1664284008","options":{},"queries":[{"query":""}],"tags":[]} + {"cases":[{"status":"info"}],"isEnabled":true,"message":"Test rule","name":"Test-Create_a_detection_rule_returns_Bad_Request_response-1666186593","options":{},"queries":[{"query":""}],"tags":[]} form: {} headers: Accept: diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_returns_OK_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_returns_OK_response.freeze index 60e1c17e7d9..53a744bf9ab 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_returns_OK_response.freeze +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_returns_OK_response.freeze @@ -1 +1 @@ -2022-09-27T13:06:48.898Z \ No newline at end of file +2022-10-19T13:36:33.666Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_returns_OK_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_returns_OK_response.yaml index 79d3a61647e..6f355c5f4ac 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_returns_OK_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_returns_OK_response.yaml @@ -1,7 +1,7 @@ interactions: - request: body: | - {"cases":[{"condition":"a \u003e 0","name":"","notifications":[],"status":"info"}],"filters":[],"isEnabled":true,"message":"Test rule","name":"Test-Create_a_detection_rule_returns_OK_response-1664284008","options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"count","distinctFields":[],"groupByFields":[],"metric":"","query":"@test:true"}],"tags":[],"type":"log_detection"} + {"cases":[{"condition":"a \u003e 0","name":"","notifications":[],"status":"info"}],"filters":[],"isEnabled":true,"message":"Test rule","name":"Test-Create_a_detection_rule_returns_OK_response-1666186593","options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"count","distinctFields":[],"groupByFields":[],"metric":"","query":"@test:true"}],"tags":[],"type":"log_detection"} form: {} headers: Accept: @@ -12,8 +12,8 @@ interactions: url: https://api.datadoghq.com/api/v2/security_monitoring/rules response: body: '{"creationAuthorId":1445416,"tags":[],"isEnabled":true,"hasExtendedTitle":false,"message":"Test - rule","options":{"detectionMethod":"threshold","evaluationWindow":900,"maxSignalDuration":86400,"keepAlive":3600},"version":1,"createdAt":1664284009174,"filters":[],"queries":[{"query":"@test:true","groupByFields":[],"aggregation":"count","name":"","distinctFields":[]}],"isDeleted":false,"cases":[{"status":"info","notifications":[],"name":"","condition":"a - > 0"}],"type":"log_detection","id":"dam-cha-bya","isDefault":false,"name":"Test-Create_a_detection_rule_returns_OK_response-1664284008"} + rule","options":{"detectionMethod":"threshold","evaluationWindow":900,"maxSignalDuration":86400,"keepAlive":3600},"version":1,"createdAt":1666186594041,"filters":[],"queries":[{"query":"@test:true","groupByFields":[],"aggregation":"count","name":"","distinctFields":[]}],"isDeleted":false,"cases":[{"status":"info","notifications":[],"name":"","condition":"a + > 0"}],"type":"log_detection","id":"2zr-mrk-aq9","isDefault":false,"name":"Test-Create_a_detection_rule_returns_OK_response-1666186593"} ' code: 200 @@ -29,7 +29,7 @@ interactions: Accept: - '*/*' method: DELETE - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/dam-cha-bya + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/2zr-mrk-aq9 response: body: '' code: 204 diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_impossible_travel_returns_OK_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_impossible_travel_returns_OK_response.freeze index 5540800be8c..b62603a7d0a 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_impossible_travel_returns_OK_response.freeze +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_impossible_travel_returns_OK_response.freeze @@ -1 +1 @@ -2022-09-27T13:06:50.436Z \ No newline at end of file +2022-10-19T13:36:34.442Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_impossible_travel_returns_OK_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_impossible_travel_returns_OK_response.yaml index ea7572c4773..888321a749d 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_impossible_travel_returns_OK_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_impossible_travel_returns_OK_response.yaml @@ -1,7 +1,7 @@ interactions: - request: body: | - {"cases":[{"name":"","notifications":[],"status":"info"}],"filters":[],"hasExtendedTitle":true,"isEnabled":true,"message":"test","name":"Test-Create_a_detection_rule_with_type_impossible_travel_returns_OK_response-1664284010","options":{"detectionMethod":"impossible_travel","evaluationWindow":900,"impossibleTravelOptions":{"baselineUserLocations":false},"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"geo_data","distinctFields":[],"groupByFields":["@usr.id"],"metric":"@network.client.geoip","query":"*"}],"tags":[],"type":"log_detection"} + {"cases":[{"name":"","notifications":[],"status":"info"}],"filters":[],"hasExtendedTitle":true,"isEnabled":true,"message":"test","name":"Test-Create_a_detection_rule_with_type_impossible_travel_returns_OK_response-1666186594","options":{"detectionMethod":"impossible_travel","evaluationWindow":900,"impossibleTravelOptions":{"baselineUserLocations":false},"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"geo_data","distinctFields":[],"groupByFields":["@usr.id"],"metric":"@network.client.geoip","query":"*"}],"tags":[],"type":"log_detection"} form: {} headers: Accept: @@ -11,7 +11,7 @@ interactions: method: POST url: https://api.datadoghq.com/api/v2/security_monitoring/rules response: - body: '{"creationAuthorId":1445416,"tags":[],"isEnabled":true,"hasExtendedTitle":true,"message":"test","options":{"impossibleTravelOptions":{"baselineUserLocations":false},"detectionMethod":"impossible_travel","evaluationWindow":900,"maxSignalDuration":86400,"keepAlive":3600},"version":1,"createdAt":1664284010816,"filters":[],"queries":[{"distinctFields":[],"name":"","metric":"@network.client.geoip","aggregation":"geo_data","metrics":["@network.client.geoip"],"groupByFields":["@usr.id"],"query":"*"}],"isDeleted":false,"cases":[{"status":"info","notifications":[],"name":""}],"type":"log_detection","id":"iat-ydc-4mz","isDefault":false,"name":"Test-Create_a_detection_rule_with_type_impossible_travel_returns_OK_response-1664284010"} + body: '{"creationAuthorId":1445416,"tags":[],"isEnabled":true,"hasExtendedTitle":true,"message":"test","options":{"impossibleTravelOptions":{"baselineUserLocations":false},"detectionMethod":"impossible_travel","evaluationWindow":900,"maxSignalDuration":86400,"keepAlive":3600},"version":1,"createdAt":1666186594819,"filters":[],"queries":[{"distinctFields":[],"name":"","metric":"@network.client.geoip","aggregation":"geo_data","metrics":["@network.client.geoip"],"groupByFields":["@usr.id"],"query":"*"}],"isDeleted":false,"cases":[{"status":"info","notifications":[],"name":""}],"type":"log_detection","id":"hrr-a7c-wzl","isDefault":false,"name":"Test-Create_a_detection_rule_with_type_impossible_travel_returns_OK_response-1666186594"} ' code: 200 @@ -27,7 +27,7 @@ interactions: Accept: - '*/*' method: DELETE - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/iat-ydc-4mz + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/hrr-a7c-wzl response: body: '' code: 204 diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_signal_correlation_returns_OK_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_signal_correlation_returns_OK_response.freeze index 8a8bf521c04..3fd3b07c931 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_signal_correlation_returns_OK_response.freeze +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_signal_correlation_returns_OK_response.freeze @@ -1 +1 @@ -2022-09-27T13:06:51.398Z \ No newline at end of file +2022-10-19T13:36:35.608Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_signal_correlation_returns_OK_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_signal_correlation_returns_OK_response.yaml index 29f0fa39aac..cdd1a551ce6 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_signal_correlation_returns_OK_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_signal_correlation_returns_OK_response.yaml @@ -1,7 +1,7 @@ interactions: - request: body: | - {"cases":[{"condition":"a \u003e 0","name":"","notifications":[],"status":"info"}],"filters":[],"isEnabled":true,"message":"Test rule","name":"Test-Create_a_detection_rule_with_type_signal_correlation_returns_OK_response-1664284011","options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"count","distinctFields":[],"groupByFields":[],"metric":"","query":"@test:true"}],"tags":[],"type":"log_detection"} + {"cases":[{"condition":"a \u003e 0","name":"","notifications":[],"status":"info"}],"filters":[],"isEnabled":true,"message":"Test rule","name":"Test-Create_a_detection_rule_with_type_signal_correlation_returns_OK_response-1666186595","options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"count","distinctFields":[],"groupByFields":[],"metrics":[],"query":"@test:true"}],"tags":[],"type":"log_detection"} form: {} headers: Accept: @@ -12,8 +12,8 @@ interactions: url: https://api.datadoghq.com/api/v2/security_monitoring/rules response: body: '{"creationAuthorId":1445416,"tags":[],"isEnabled":true,"hasExtendedTitle":false,"message":"Test - rule","options":{"detectionMethod":"threshold","evaluationWindow":900,"maxSignalDuration":86400,"keepAlive":3600},"version":1,"createdAt":1664284011737,"filters":[],"queries":[{"query":"@test:true","groupByFields":[],"aggregation":"count","name":"","distinctFields":[]}],"isDeleted":false,"cases":[{"status":"info","notifications":[],"name":"","condition":"a - > 0"}],"type":"log_detection","id":"bvi-e5q-fw2","isDefault":false,"name":"Test-Create_a_detection_rule_with_type_signal_correlation_returns_OK_response-1664284011"} + rule","options":{"detectionMethod":"threshold","evaluationWindow":900,"maxSignalDuration":86400,"keepAlive":3600},"version":1,"createdAt":1666186595990,"filters":[],"queries":[{"query":"@test:true","groupByFields":[],"aggregation":"count","name":"","distinctFields":[]}],"isDeleted":false,"cases":[{"status":"info","notifications":[],"name":"","condition":"a + > 0"}],"type":"log_detection","id":"jkf-59u-hro","isDefault":false,"name":"Test-Create_a_detection_rule_with_type_signal_correlation_returns_OK_response-1666186595"} ' code: 200 @@ -24,7 +24,7 @@ interactions: status: 200 OK - request: body: | - {"cases":[{"condition":"a \u003e 0","name":"","notifications":[],"status":"info"}],"filters":[],"isEnabled":true,"message":"Test rule Bis","name":"Test-Create_a_detection_rule_with_type_signal_correlation_returns_OK_response-1664284011_bis","options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"count","distinctFields":[],"groupByFields":[],"metric":"","query":"@test:false"}],"tags":[],"type":"log_detection"} + {"cases":[{"condition":"a \u003e 0","name":"","notifications":[],"status":"info"}],"filters":[],"isEnabled":true,"message":"Test rule Bis","name":"Test-Create_a_detection_rule_with_type_signal_correlation_returns_OK_response-1666186595_bis","options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"count","distinctFields":[],"groupByFields":[],"metrics":[],"query":"@test:false"}],"tags":[],"type":"log_detection"} form: {} headers: Accept: @@ -35,8 +35,8 @@ interactions: url: https://api.datadoghq.com/api/v2/security_monitoring/rules response: body: '{"creationAuthorId":1445416,"tags":[],"isEnabled":true,"hasExtendedTitle":false,"message":"Test - rule Bis","options":{"detectionMethod":"threshold","evaluationWindow":900,"maxSignalDuration":86400,"keepAlive":3600},"version":1,"createdAt":1664284012131,"filters":[],"queries":[{"query":"@test:false","groupByFields":[],"aggregation":"count","name":"","distinctFields":[]}],"isDeleted":false,"cases":[{"status":"info","notifications":[],"name":"","condition":"a - > 0"}],"type":"log_detection","id":"iik-vtr-194","isDefault":false,"name":"Test-Create_a_detection_rule_with_type_signal_correlation_returns_OK_response-1664284011_bis"} + rule Bis","options":{"detectionMethod":"threshold","evaluationWindow":900,"maxSignalDuration":86400,"keepAlive":3600},"version":1,"createdAt":1666186596355,"filters":[],"queries":[{"query":"@test:false","groupByFields":[],"aggregation":"count","name":"","distinctFields":[]}],"isDeleted":false,"cases":[{"status":"info","notifications":[],"name":"","condition":"a + > 0"}],"type":"log_detection","id":"kmj-xjs-f9o","isDefault":false,"name":"Test-Create_a_detection_rule_with_type_signal_correlation_returns_OK_response-1666186595_bis"} ' code: 200 @@ -47,7 +47,7 @@ interactions: status: 200 OK - request: body: | - {"cases":[{"condition":"a \u003e 0 \u0026\u0026 b \u003e 0","name":"","notifications":[],"status":"info"}],"filters":[],"isEnabled":true,"message":"Test signal correlation rule","name":"Test-Create_a_detection_rule_with_type_signal_correlation_returns_OK_response-1664284011_signal_rule","options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"event_count","correlatedByFields":["host"],"correlatedQueryIndex":1,"ruleId":"bvi-e5q-fw2"},{"aggregation":"event_count","correlatedByFields":["host"],"ruleId":"iik-vtr-194"}],"tags":[],"type":"signal_correlation"} + {"cases":[{"condition":"a \u003e 0 \u0026\u0026 b \u003e 0","name":"","notifications":[],"status":"info"}],"filters":[],"isEnabled":true,"message":"Test signal correlation rule","name":"Test-Create_a_detection_rule_with_type_signal_correlation_returns_OK_response-1666186595_signal_rule","options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"event_count","correlatedByFields":["host"],"correlatedQueryIndex":1,"ruleId":"jkf-59u-hro"},{"aggregation":"event_count","correlatedByFields":["host"],"ruleId":"kmj-xjs-f9o"}],"tags":[],"type":"signal_correlation"} form: {} headers: Accept: @@ -58,8 +58,8 @@ interactions: url: https://api.datadoghq.com/api/v2/security_monitoring/rules response: body: '{"creationAuthorId":1445416,"tags":[],"isEnabled":true,"hasExtendedTitle":false,"message":"Test - signal correlation rule","options":{"detectionMethod":"threshold","evaluationWindow":900,"maxSignalDuration":86400,"keepAlive":3600},"version":1,"createdAt":1664284012602,"filters":[],"queries":[{"distinctFields":[],"correlatedByFields":["host"],"name":"","ruleId":"bvi-e5q-fw2","aggregation":"event_count","groupByFields":[],"correlatedQueryIndex":1},{"distinctFields":[],"correlatedByFields":["host"],"name":"","ruleId":"iik-vtr-194","aggregation":"event_count","groupByFields":[]}],"isDeleted":false,"cases":[{"status":"info","notifications":[],"name":"","condition":"a - > 0 && b > 0"}],"type":"signal_correlation","id":"l1e-bel-iqm","isDefault":false,"name":"Test-Create_a_detection_rule_with_type_signal_correlation_returns_OK_response-1664284011_signal_rule"} + signal correlation rule","options":{"detectionMethod":"threshold","evaluationWindow":900,"maxSignalDuration":86400,"keepAlive":3600},"version":1,"createdAt":1666186596743,"filters":[],"queries":[{"distinctFields":[],"correlatedByFields":["host"],"name":"","ruleId":"jkf-59u-hro","aggregation":"event_count","groupByFields":[],"correlatedQueryIndex":1},{"distinctFields":[],"correlatedByFields":["host"],"name":"","ruleId":"kmj-xjs-f9o","aggregation":"event_count","groupByFields":[]}],"isDeleted":false,"cases":[{"status":"info","notifications":[],"name":"","condition":"a + > 0 && b > 0"}],"type":"signal_correlation","id":"gk5-nwf-mfq","isDefault":false,"name":"Test-Create_a_detection_rule_with_type_signal_correlation_returns_OK_response-1666186595_signal_rule"} ' code: 200 @@ -75,7 +75,7 @@ interactions: Accept: - '*/*' method: DELETE - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/l1e-bel-iqm + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/gk5-nwf-mfq response: body: '' code: 204 @@ -89,7 +89,7 @@ interactions: Accept: - '*/*' method: DELETE - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/iik-vtr-194 + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/kmj-xjs-f9o response: body: '' code: 204 @@ -103,7 +103,7 @@ interactions: Accept: - '*/*' method: DELETE - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/bvi-e5q-fw2 + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/jkf-59u-hro response: body: '' code: 204 diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_workload_security_returns_OK_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_workload_security_returns_OK_response.freeze index 587ed80e8a4..5030f99e10a 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_workload_security_returns_OK_response.freeze +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_workload_security_returns_OK_response.freeze @@ -1 +1 @@ -2022-09-27T13:06:53.927Z \ No newline at end of file +2022-10-19T13:36:37.930Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_workload_security_returns_OK_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_workload_security_returns_OK_response.yaml index df42b92661c..5afded2d0b9 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_workload_security_returns_OK_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_detection_rule_with_type_workload_security_returns_OK_response.yaml @@ -1,7 +1,7 @@ interactions: - request: body: | - {"cases":[{"condition":"a \u003e 0","name":"","notifications":[],"status":"info"}],"filters":[],"isEnabled":true,"message":"Test rule","name":"Test-Create_a_detection_rule_with_type_workload_security_returns_OK_response-1664284013","options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"count","distinctFields":[],"groupByFields":[],"metric":"","query":"@test:true"}],"tags":[],"type":"workload_security"} + {"cases":[{"condition":"a \u003e 0","name":"","notifications":[],"status":"info"}],"filters":[],"isEnabled":true,"message":"Test rule","name":"Test-Create_a_detection_rule_with_type_workload_security_returns_OK_response-1666186597","options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"count","distinctFields":[],"groupByFields":[],"metric":"","query":"@test:true"}],"tags":[],"type":"workload_security"} form: {} headers: Accept: @@ -12,8 +12,8 @@ interactions: url: https://api.datadoghq.com/api/v2/security_monitoring/rules response: body: '{"creationAuthorId":1445416,"tags":[],"isEnabled":true,"hasExtendedTitle":false,"message":"Test - rule","options":{"detectionMethod":"threshold","evaluationWindow":900,"maxSignalDuration":86400,"keepAlive":3600},"version":1,"createdAt":1664284014204,"filters":[],"queries":[{"query":"@test:true","groupByFields":[],"aggregation":"count","name":"","distinctFields":[]}],"isDeleted":false,"cases":[{"status":"info","notifications":[],"name":"","condition":"a - > 0"}],"type":"workload_security","id":"puf-f1v-a1o","isDefault":false,"name":"Test-Create_a_detection_rule_with_type_workload_security_returns_OK_response-1664284013"} + rule","options":{"detectionMethod":"threshold","evaluationWindow":900,"maxSignalDuration":86400,"keepAlive":3600},"version":1,"createdAt":1666186598320,"filters":[],"queries":[{"query":"@test:true","groupByFields":[],"aggregation":"count","name":"","distinctFields":[]}],"isDeleted":false,"cases":[{"status":"info","notifications":[],"name":"","condition":"a + > 0"}],"type":"workload_security","id":"qcx-gg3-5ut","isDefault":false,"name":"Test-Create_a_detection_rule_with_type_workload_security_returns_OK_response-1666186597"} ' code: 200 @@ -29,7 +29,7 @@ interactions: Accept: - '*/*' method: DELETE - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/puf-f1v-a1o + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/qcx-gg3-5ut response: body: '' code: 204 diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_security_filter_returns_OK_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_security_filter_returns_OK_response.freeze index b52954e1a0e..0224620eb0f 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_security_filter_returns_OK_response.freeze +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_security_filter_returns_OK_response.freeze @@ -1 +1 @@ -2022-09-27T13:06:55.640Z \ No newline at end of file +2022-10-19T13:36:39.971Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_security_filter_returns_OK_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_security_filter_returns_OK_response.yaml index 63c9d318a06..90014339737 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_security_filter_returns_OK_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_security_filter_returns_OK_response.yaml @@ -1,7 +1,7 @@ interactions: - request: body: | - {"data":{"attributes":{"exclusion_filters":[{"name":"Exclude staging","query":"source:staging"}],"filtered_data_type":"logs","is_enabled":true,"name":"Test-Create_a_security_filter_returns_OK_response-1664284015","query":"service:TestCreateasecurityfilterreturnsOKresponse1664284015"},"type":"security_filters"}} + {"data":{"attributes":{"exclusion_filters":[{"name":"Exclude staging","query":"source:staging"}],"filtered_data_type":"logs","is_enabled":true,"name":"Test-Create_a_security_filter_returns_OK_response-1666186599","query":"service:TestCreateasecurityfilterreturnsOKresponse1666186599"},"type":"security_filters"}} form: {} headers: Accept: @@ -11,8 +11,8 @@ interactions: method: POST url: https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters response: - body: '{"data":{"attributes":{"is_enabled":true,"name":"Test-Create_a_security_filter_returns_OK_response-1664284015","filtered_data_type":"logs","exclusion_filters":[{"query":"source:staging","name":"Exclude - staging"}],"version":1,"query":"service:TestCreateasecurityfilterreturnsOKresponse1664284015","is_builtin":false},"type":"security_filters","id":"pde-qfs-vdh"}} + body: '{"data":{"attributes":{"is_enabled":true,"name":"Test-Create_a_security_filter_returns_OK_response-1666186599","filtered_data_type":"logs","exclusion_filters":[{"query":"source:staging","name":"Exclude + staging"}],"version":1,"query":"service:TestCreateasecurityfilterreturnsOKresponse1666186599","is_builtin":false},"type":"security_filters","id":"n8l-koa-vuo"}} ' code: 200 @@ -28,7 +28,7 @@ interactions: Accept: - '*/*' method: DELETE - url: https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/pde-qfs-vdh + url: https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/n8l-koa-vuo response: body: '' code: 204 diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_a_security_filter_returns_No_Content_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_a_security_filter_returns_No_Content_response.freeze index 3291b7a6b81..77b3a796e7f 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_a_security_filter_returns_No_Content_response.freeze +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_a_security_filter_returns_No_Content_response.freeze @@ -1 +1 @@ -2022-09-27T13:06:56.591Z \ No newline at end of file +2022-10-19T13:36:40.856Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_a_security_filter_returns_No_Content_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_a_security_filter_returns_No_Content_response.yaml index c021afb779c..c69f241f640 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_a_security_filter_returns_No_Content_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_a_security_filter_returns_No_Content_response.yaml @@ -1,7 +1,7 @@ interactions: - request: body: | - {"data":{"attributes":{"exclusion_filters":[{"name":"Exclude logs from staging","query":"source:staging"}],"filtered_data_type":"logs","is_enabled":true,"name":"Test-Delete_a_security_filter_returns_No_Content_response-1664284016","query":"service:TestDeleteasecurityfilterreturnsNoContentresponse1664284016"},"type":"security_filters"}} + {"data":{"attributes":{"exclusion_filters":[{"name":"Exclude logs from staging","query":"source:staging"}],"filtered_data_type":"logs","is_enabled":true,"name":"Test-Delete_a_security_filter_returns_No_Content_response-1666186600","query":"service:TestDeleteasecurityfilterreturnsNoContentresponse1666186600"},"type":"security_filters"}} form: {} headers: Accept: @@ -11,8 +11,8 @@ interactions: method: POST url: https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters response: - body: '{"data":{"attributes":{"is_enabled":true,"name":"Test-Delete_a_security_filter_returns_No_Content_response-1664284016","filtered_data_type":"logs","exclusion_filters":[{"query":"source:staging","name":"Exclude - logs from staging"}],"version":1,"query":"service:TestDeleteasecurityfilterreturnsNoContentresponse1664284016","is_builtin":false},"type":"security_filters","id":"d9w-8nc-bzo"}} + body: '{"data":{"attributes":{"is_enabled":true,"name":"Test-Delete_a_security_filter_returns_No_Content_response-1666186600","filtered_data_type":"logs","exclusion_filters":[{"query":"source:staging","name":"Exclude + logs from staging"}],"version":1,"query":"service:TestDeleteasecurityfilterreturnsNoContentresponse1666186600","is_builtin":false},"type":"security_filters","id":"874-kvc-vus"}} ' code: 200 @@ -28,7 +28,7 @@ interactions: Accept: - '*/*' method: DELETE - url: https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/d9w-8nc-bzo + url: https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/874-kvc-vus response: body: '' code: 204 @@ -44,9 +44,9 @@ interactions: Accept: - '*/*' method: DELETE - url: https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/d9w-8nc-bzo + url: https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/874-kvc-vus response: - body: '{"errors":["not_found(Security filter with id ''d9w-8nc-bzo'' not found)"]} + body: '{"errors":["not_found(Security filter with id ''874-kvc-vus'' not found)"]} ' code: 404 diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_rule_returns_OK_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_rule_returns_OK_response.freeze index e73a174a345..9afea07c4a3 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_rule_returns_OK_response.freeze +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_rule_returns_OK_response.freeze @@ -1 +1 @@ -2022-09-27T13:06:57.917Z \ No newline at end of file +2022-10-19T13:36:43.008Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_rule_returns_OK_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_rule_returns_OK_response.yaml index 46c766909aa..fddee226556 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_rule_returns_OK_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Delete_an_existing_rule_returns_OK_response.yaml @@ -1,7 +1,7 @@ interactions: - request: body: | - {"cases":[{"condition":"a \u003e 0","name":"","notifications":[],"status":"info"}],"filters":[],"isEnabled":true,"message":"Test rule","name":"Test-Delete_an_existing_rule_returns_OK_response-1664284017","options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"count","distinctFields":[],"groupByFields":[],"metric":"","query":"@test:true"}],"tags":[],"type":"log_detection"} + {"cases":[{"condition":"a \u003e 0","name":"","notifications":[],"status":"info"}],"filters":[],"isEnabled":true,"message":"Test rule","name":"Test-Delete_an_existing_rule_returns_OK_response-1666186603","options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"count","distinctFields":[],"groupByFields":[],"metrics":[],"query":"@test:true"}],"tags":[],"type":"log_detection"} form: {} headers: Accept: @@ -12,8 +12,8 @@ interactions: url: https://api.datadoghq.com/api/v2/security_monitoring/rules response: body: '{"creationAuthorId":1445416,"tags":[],"isEnabled":true,"hasExtendedTitle":false,"message":"Test - rule","options":{"detectionMethod":"threshold","evaluationWindow":900,"maxSignalDuration":86400,"keepAlive":3600},"version":1,"createdAt":1664284018198,"filters":[],"queries":[{"query":"@test:true","groupByFields":[],"aggregation":"count","name":"","distinctFields":[]}],"isDeleted":false,"cases":[{"status":"info","notifications":[],"name":"","condition":"a - > 0"}],"type":"log_detection","id":"glg-ejh-8oy","isDefault":false,"name":"Test-Delete_an_existing_rule_returns_OK_response-1664284017"} + rule","options":{"detectionMethod":"threshold","evaluationWindow":900,"maxSignalDuration":86400,"keepAlive":3600},"version":1,"createdAt":1666186603386,"filters":[],"queries":[{"query":"@test:true","groupByFields":[],"aggregation":"count","name":"","distinctFields":[]}],"isDeleted":false,"cases":[{"status":"info","notifications":[],"name":"","condition":"a + > 0"}],"type":"log_detection","id":"fn5-38d-3q5","isDefault":false,"name":"Test-Delete_an_existing_rule_returns_OK_response-1666186603"} ' code: 200 @@ -29,7 +29,7 @@ interactions: Accept: - '*/*' method: DELETE - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/glg-ejh-8oy + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/fn5-38d-3q5 response: body: '' code: 204 @@ -43,9 +43,9 @@ interactions: Accept: - '*/*' method: DELETE - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/glg-ejh-8oy + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/fn5-38d-3q5 response: - body: '{"errors":["Threat detection rule not found: glg-ejh-8oy"]} + body: '{"errors":["Threat detection rule not found: fn5-38d-3q5"]} ' code: 404 diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_security_filter_returns_OK_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_security_filter_returns_OK_response.freeze index 7df7dcf67ec..921f7a05268 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_security_filter_returns_OK_response.freeze +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_security_filter_returns_OK_response.freeze @@ -1 +1 @@ -2022-09-27T13:06:59.124Z \ No newline at end of file +2022-10-19T13:36:44.183Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_security_filter_returns_OK_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_security_filter_returns_OK_response.yaml index 649e16183eb..ca76693b16b 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_security_filter_returns_OK_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_security_filter_returns_OK_response.yaml @@ -1,7 +1,7 @@ interactions: - request: body: | - {"data":{"attributes":{"exclusion_filters":[{"name":"Exclude logs from staging","query":"source:staging"}],"filtered_data_type":"logs","is_enabled":true,"name":"Test-Get_a_security_filter_returns_OK_response-1664284019","query":"service:TestGetasecurityfilterreturnsOKresponse1664284019"},"type":"security_filters"}} + {"data":{"attributes":{"exclusion_filters":[{"name":"Exclude logs from staging","query":"source:staging"}],"filtered_data_type":"logs","is_enabled":true,"name":"Test-Get_a_security_filter_returns_OK_response-1666186604","query":"service:TestGetasecurityfilterreturnsOKresponse1666186604"},"type":"security_filters"}} form: {} headers: Accept: @@ -11,8 +11,8 @@ interactions: method: POST url: https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters response: - body: '{"data":{"attributes":{"is_enabled":true,"name":"Test-Get_a_security_filter_returns_OK_response-1664284019","filtered_data_type":"logs","exclusion_filters":[{"query":"source:staging","name":"Exclude - logs from staging"}],"version":1,"query":"service:TestGetasecurityfilterreturnsOKresponse1664284019","is_builtin":false},"type":"security_filters","id":"iy5-coy-b9b"}} + body: '{"data":{"attributes":{"is_enabled":true,"name":"Test-Get_a_security_filter_returns_OK_response-1666186604","filtered_data_type":"logs","exclusion_filters":[{"query":"source:staging","name":"Exclude + logs from staging"}],"version":1,"query":"service:TestGetasecurityfilterreturnsOKresponse1666186604","is_builtin":false},"type":"security_filters","id":"z3t-ier-scu"}} ' code: 200 @@ -28,10 +28,10 @@ interactions: Accept: - application/json method: GET - url: https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/iy5-coy-b9b + url: https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/z3t-ier-scu response: - body: '{"data":{"attributes":{"is_enabled":true,"name":"Test-Get_a_security_filter_returns_OK_response-1664284019","filtered_data_type":"logs","exclusion_filters":[{"query":"source:staging","name":"Exclude - logs from staging"}],"version":1,"query":"service:TestGetasecurityfilterreturnsOKresponse1664284019","is_builtin":false},"type":"security_filters","id":"iy5-coy-b9b"}} + body: '{"data":{"attributes":{"is_enabled":true,"name":"Test-Get_a_security_filter_returns_OK_response-1666186604","filtered_data_type":"logs","exclusion_filters":[{"query":"source:staging","name":"Exclude + logs from staging"}],"version":1,"query":"service:TestGetasecurityfilterreturnsOKresponse1666186604","is_builtin":false},"type":"security_filters","id":"z3t-ier-scu"}} ' code: 200 @@ -47,7 +47,7 @@ interactions: Accept: - '*/*' method: DELETE - url: https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/iy5-coy-b9b + url: https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/z3t-ier-scu response: body: '' code: 204 diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_all_security_filters_returns_OK_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_all_security_filters_returns_OK_response.freeze index ec10591849f..c0db1b85beb 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_all_security_filters_returns_OK_response.freeze +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_all_security_filters_returns_OK_response.freeze @@ -1 +1 @@ -2022-09-27T13:07:00.301Z \ No newline at end of file +2022-10-19T13:36:45.346Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_all_security_filters_returns_OK_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_all_security_filters_returns_OK_response.yaml index 85013fa7b7f..262f394e012 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_all_security_filters_returns_OK_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_all_security_filters_returns_OK_response.yaml @@ -213,7 +213,10 @@ interactions: not really match much","name":"first"},{"query":"neither does it","name":"second"}],"version":1,"query":"first query","is_builtin":false},"type":"security_filters","id":"vld-ebm-edf"},{"attributes":{"is_enabled":true,"name":"Example-Update_a_security_filter_returns_OK_response_1658636349","filtered_data_type":"logs","exclusion_filters":[],"version":2,"query":"service:ExampleUpdateasecurityfilterreturnsOKresponse1658636349","is_builtin":false},"type":"security_filters","id":"jtg-flq-isg"},{"attributes":{"is_enabled":true,"name":"Example-Update_a_security_filter_returns_OK_response_1658909949","filtered_data_type":"logs","exclusion_filters":[],"version":2,"query":"service:ExampleUpdateasecurityfilterreturnsOKresponse1658909949","is_builtin":false},"type":"security_filters","id":"ris-e5s-nkj"},{"attributes":{"is_enabled":true,"name":"Example-Create_a_security_filter_returns_OK_response_1659140350","filtered_data_type":"logs","exclusion_filters":[{"query":"source:staging","name":"Exclude staging"}],"version":1,"query":"service:ExampleCreateasecurityfilterreturnsOKresponse1659140350","is_builtin":false},"type":"security_filters","id":"r6l-kum-ywz"},{"attributes":{"is_enabled":true,"name":"Example-Get_a_security_filter_returns_OK_response_1660119548","filtered_data_type":"logs","exclusion_filters":[{"query":"source:staging","name":"Exclude - logs from staging"}],"version":1,"query":"service:ExampleGetasecurityfilterreturnsOKresponse1660119548","is_builtin":false},"type":"security_filters","id":"hsr-zqx-uwu"}]} + logs from staging"}],"version":1,"query":"service:ExampleGetasecurityfilterreturnsOKresponse1660119548","is_builtin":false},"type":"security_filters","id":"hsr-zqx-uwu"},{"attributes":{"is_enabled":true,"name":"Example-Create_a_security_filter_returns_OK_response","filtered_data_type":"logs","exclusion_filters":[{"query":"source:staging","name":"Exclude + staging"}],"version":1,"query":"service:ExampleCreateasecurityfilterreturnsOKresponse","is_builtin":false},"type":"security_filters","id":"iyq-8lx-1f0"},{"attributes":{"is_enabled":true,"name":"Example-Create_a_security_filter_returns_OK_response_1665706600","filtered_data_type":"logs","exclusion_filters":[{"query":"source:staging","name":"Exclude + staging"}],"version":1,"query":"service:ExampleCreateasecurityfilterreturnsOKresponse1665706600","is_builtin":false},"type":"security_filters","id":"e1j-wwy-1zw"},{"attributes":{"is_enabled":true,"name":"Example-Get_a_security_filter_returns_OK_response_1665706784","filtered_data_type":"logs","exclusion_filters":[{"query":"source:staging","name":"Exclude + logs from staging"}],"version":1,"query":"service:ExampleGetasecurityfilterreturnsOKresponse1665706784","is_builtin":false},"type":"security_filters","id":"bu9-ba3-dbk"}]} ' code: 200 diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Update_a_security_filter_returns_OK_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Update_a_security_filter_returns_OK_response.freeze index 37791ed42aa..202f65148ba 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Update_a_security_filter_returns_OK_response.freeze +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Update_a_security_filter_returns_OK_response.freeze @@ -1 +1 @@ -2022-09-27T13:07:00.937Z \ No newline at end of file +2022-10-19T13:36:46.006Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Update_a_security_filter_returns_OK_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Update_a_security_filter_returns_OK_response.yaml index 5f2fafe8af5..ed83d68eecf 100644 --- a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Update_a_security_filter_returns_OK_response.yaml +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Update_a_security_filter_returns_OK_response.yaml @@ -1,7 +1,7 @@ interactions: - request: body: | - {"data":{"attributes":{"exclusion_filters":[{"name":"Exclude logs from staging","query":"source:staging"}],"filtered_data_type":"logs","is_enabled":true,"name":"Test-Update_a_security_filter_returns_OK_response-1664284020","query":"service:TestUpdateasecurityfilterreturnsOKresponse1664284020"},"type":"security_filters"}} + {"data":{"attributes":{"exclusion_filters":[{"name":"Exclude logs from staging","query":"source:staging"}],"filtered_data_type":"logs","is_enabled":true,"name":"Test-Update_a_security_filter_returns_OK_response-1666186606","query":"service:TestUpdateasecurityfilterreturnsOKresponse1666186606"},"type":"security_filters"}} form: {} headers: Accept: @@ -11,8 +11,8 @@ interactions: method: POST url: https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters response: - body: '{"data":{"attributes":{"is_enabled":true,"name":"Test-Update_a_security_filter_returns_OK_response-1664284020","filtered_data_type":"logs","exclusion_filters":[{"query":"source:staging","name":"Exclude - logs from staging"}],"version":1,"query":"service:TestUpdateasecurityfilterreturnsOKresponse1664284020","is_builtin":false},"type":"security_filters","id":"bdb-ssn-uzt"}} + body: '{"data":{"attributes":{"is_enabled":true,"name":"Test-Update_a_security_filter_returns_OK_response-1666186606","filtered_data_type":"logs","exclusion_filters":[{"query":"source:staging","name":"Exclude + logs from staging"}],"version":1,"query":"service:TestUpdateasecurityfilterreturnsOKresponse1666186606","is_builtin":false},"type":"security_filters","id":"dtb-n4z-x9c"}} ' code: 200 @@ -23,7 +23,7 @@ interactions: status: 200 OK - request: body: | - {"data":{"attributes":{"exclusion_filters":[],"filtered_data_type":"logs","is_enabled":true,"name":"Test-Update_a_security_filter_returns_OK_response-1664284020","query":"service:TestUpdateasecurityfilterreturnsOKresponse1664284020","version":1},"type":"security_filters"}} + {"data":{"attributes":{"exclusion_filters":[],"filtered_data_type":"logs","is_enabled":true,"name":"Test-Update_a_security_filter_returns_OK_response-1666186606","query":"service:TestUpdateasecurityfilterreturnsOKresponse1666186606","version":1},"type":"security_filters"}} form: {} headers: Accept: @@ -31,9 +31,9 @@ interactions: Content-Type: - application/json method: PATCH - url: https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/bdb-ssn-uzt + url: https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/dtb-n4z-x9c response: - body: '{"data":{"attributes":{"is_enabled":true,"name":"Test-Update_a_security_filter_returns_OK_response-1664284020","filtered_data_type":"logs","exclusion_filters":[],"version":2,"query":"service:TestUpdateasecurityfilterreturnsOKresponse1664284020","is_builtin":false},"type":"security_filters","id":"bdb-ssn-uzt"}} + body: '{"data":{"attributes":{"is_enabled":true,"name":"Test-Update_a_security_filter_returns_OK_response-1666186606","filtered_data_type":"logs","exclusion_filters":[],"version":2,"query":"service:TestUpdateasecurityfilterreturnsOKresponse1666186606","is_builtin":false},"type":"security_filters","id":"dtb-n4z-x9c"}} ' code: 200 @@ -49,7 +49,7 @@ interactions: Accept: - '*/*' method: DELETE - url: https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/bdb-ssn-uzt + url: https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/dtb-n4z-x9c response: body: '' code: 204 diff --git a/tests/scenarios/features/v2/given.json b/tests/scenarios/features/v2/given.json index 05124c081d1..105688da2e1 100644 --- a/tests/scenarios/features/v2/given.json +++ b/tests/scenarios/features/v2/given.json @@ -238,7 +238,7 @@ "parameters": [ { "name": "body", - "value": "{\n \"name\": \"{{ unique }}\",\n \"queries\": [{\n \"query\": \"@test:true\",\n \"aggregation\": \"count\",\n \"groupByFields\": [],\n \"distinctFields\": [],\n \"metric\": \"\"\n }],\n \"filters\": [],\n \"cases\": [{\n \"name\": \"\",\n \"status\": \"info\",\n \"condition\": \"a > 0\",\n \"notifications\": []\n }],\n \"options\": {\n \"evaluationWindow\": 900,\n \"keepAlive\": 3600,\n \"maxSignalDuration\": 86400\n },\n \"message\": \"Test rule\",\n \"tags\": [],\n \"isEnabled\": true,\n \"type\": \"log_detection\"\n}" + "value": "{\n \"name\": \"{{ unique }}\",\n \"queries\": [{\n \"query\": \"@test:true\",\n \"aggregation\": \"count\",\n \"groupByFields\": [],\n \"distinctFields\": [],\n \"metrics\": []\n }],\n \"filters\": [],\n \"cases\": [{\n \"name\": \"\",\n \"status\": \"info\",\n \"condition\": \"a > 0\",\n \"notifications\": []\n }],\n \"options\": {\n \"evaluationWindow\": 900,\n \"keepAlive\": 3600,\n \"maxSignalDuration\": 86400\n },\n \"message\": \"Test rule\",\n \"tags\": [],\n \"isEnabled\": true,\n \"type\": \"log_detection\"\n}" } ], "step": "there is a valid \"security_rule\" in the system", @@ -250,7 +250,7 @@ "parameters": [ { "name": "body", - "value": "{\n \"name\": \"{{ unique }}_bis\",\n \"queries\": [{\n \"query\": \"@test:false\",\n \"aggregation\": \"count\",\n \"groupByFields\": [],\n \"distinctFields\": [],\n \"metric\": \"\"\n }],\n \"filters\": [],\n \"cases\": [{\n \"name\": \"\",\n \"status\": \"info\",\n \"condition\": \"a > 0\",\n \"notifications\": []\n }],\n \"options\": {\n \"evaluationWindow\": 900,\n \"keepAlive\": 3600,\n \"maxSignalDuration\": 86400\n },\n \"message\": \"Test rule Bis\",\n \"tags\": [],\n \"isEnabled\": true,\n \"type\": \"log_detection\"\n}" + "value": "{\n \"name\": \"{{ unique }}_bis\",\n \"queries\": [{\n \"query\": \"@test:false\",\n \"aggregation\": \"count\",\n \"groupByFields\": [],\n \"distinctFields\": [],\n \"metrics\": []\n }],\n \"filters\": [],\n \"cases\": [{\n \"name\": \"\",\n \"status\": \"info\",\n \"condition\": \"a > 0\",\n \"notifications\": []\n }],\n \"options\": {\n \"evaluationWindow\": 900,\n \"keepAlive\": 3600,\n \"maxSignalDuration\": 86400\n },\n \"message\": \"Test rule Bis\",\n \"tags\": [],\n \"isEnabled\": true,\n \"type\": \"log_detection\"\n}" } ], "step": "there is a valid \"security_rule_bis\" in the system",