components: callbacks: {} examples: {} headers: {} links: {} parameters: APIKeyCategoryParameter: description: Filter API keys by category. in: query name: filter[category] required: false schema: type: string APIKeyFilterCreatedAtEndParameter: description: Only include API keys created on or before the specified date. in: query name: filter[created_at][end] required: false schema: example: '2020-11-24T18:46:21+00:00' type: string x-merge-override: format: false APIKeyFilterCreatedAtStartParameter: description: Only include API keys created on or after the specified date. in: query name: filter[created_at][start] required: false schema: example: '2020-11-24T18:46:21+00:00' type: string x-merge-override: format: false APIKeyFilterModifiedAtEndParameter: description: Only include API keys modified on or before the specified date. in: query name: filter[modified_at][end] required: false schema: example: '2020-11-24T18:46:21+00:00' type: string x-merge-override: format: false APIKeyFilterModifiedAtStartParameter: description: Only include API keys modified on or after the specified date. in: query name: filter[modified_at][start] required: false schema: example: '2020-11-24T18:46:21+00:00' type: string x-merge-override: format: false APIKeyFilterParameter: description: Filter API keys by the specified string. in: query name: filter required: false schema: type: string APIKeyId: description: The ID of the API key. in: path name: api_key_id required: true schema: type: string APIKeyIncludeParameter: description: >- Comma separated list of resource paths for related resources to include in the response. Supported resource paths are `created_by` and `modified_by`. in: query name: include required: false schema: example: created_by,modified_by type: string APIKeyReadConfigReadEnabledParameter: description: Filter API keys by remote config read enabled status. in: query name: filter[remote_config_read_enabled] required: false schema: type: boolean APIKeysSortParameter: description: |- API key attribute used to sort results. Sort order is ascending by default. In order to specify a descending sort, prefix the attribute with a minus sign. in: query name: sort required: false schema: $ref: '#/components/schemas/APIKeysSort' AWSAccountConfigIDPathParameter: description: >- Unique Datadog ID of the AWS Account Integration Config. To get the config ID for an account, use the [List all AWS integrations](https://docs.datadoghq.com/api/latest/aws-integration/#list-all-aws-integrations) endpoint and query by AWS Account ID. in: path name: aws_account_config_id required: true schema: type: string ApplicationKeyFilterCreatedAtEndParameter: description: Only include application keys created on or before the specified date. in: query name: filter[created_at][end] required: false schema: example: '2020-11-24T18:46:21+00:00' type: string x-merge-override: format: false ApplicationKeyFilterCreatedAtStartParameter: description: Only include application keys created on or after the specified date. in: query name: filter[created_at][start] required: false schema: example: '2020-11-24T18:46:21+00:00' type: string x-merge-override: format: false ApplicationKeyFilterParameter: description: Filter application keys by the specified string. in: query name: filter required: false schema: type: string ApplicationKeyID: description: The ID of the application key. in: path name: app_key_id required: true schema: type: string ApplicationKeyIncludeParameter: description: >- Resource path for related resources to include in the response. Only `owned_by` is supported. in: query name: include required: false schema: example: owned_by type: string ApplicationKeysSortParameter: description: |- Application key attribute used to sort results. Sort order is ascending by default. In order to specify a descending sort, prefix the attribute with a minus sign. in: query name: sort required: false schema: $ref: '#/components/schemas/ApplicationKeysSort' ApplicationSecurityWafCustomRuleIDParam: description: The ID of the custom rule. example: 3b5-v82-ns6 in: path name: custom_rule_id required: true schema: type: string ApplicationSecurityWafExclusionFilterID: description: The identifier of the WAF exclusion filter. example: 3b5-v82-ns6 in: path name: exclusion_filter_id required: true schema: type: string ArchiveID: description: The ID of the archive. in: path name: archive_id required: true schema: type: string AuthNMappingID: description: The UUID of the AuthN Mapping. in: path name: authn_mapping_id required: true schema: type: string AwsAccountId: description: The ID of an AWS account. example: '123456789012' in: path name: account_id required: true schema: type: string BudgetID: description: Budget id. in: path name: budget_id required: true schema: type: string CaseIDPathParameter: description: Case's UUID or key example: f98a5a5b-e0ff-45d4-b2f5-afe6e74de504 in: path name: case_id required: true schema: type: string CaseSortableFieldParameter: description: Specify which field to sort in: query name: sort[field] required: false schema: $ref: '#/components/schemas/CaseSortableField' CloudAccountID: description: Cloud Account id. in: path name: cloud_account_id required: true schema: type: string CloudWorkloadSecurityAgentRuleID: description: The ID of the Agent rule example: 3b5-v82-ns6 in: path name: agent_rule_id required: true schema: type: string CloudWorkloadSecurityPathAgentPolicyID: description: The ID of the Agent policy example: 6517fcc1-cec7-4394-a655-8d6e9d085255 in: path name: policy_id required: true schema: type: string CloudWorkloadSecurityQueryAgentPolicyID: description: The ID of the Agent policy example: 6517fcc1-cec7-4394-a655-8d6e9d085255 in: query name: policy_id required: false schema: type: string ConfluentAccountID: description: Confluent Account ID. in: path name: account_id required: true schema: type: string ConfluentResourceID: description: Confluent Account Resource ID. in: path name: resource_id required: true schema: type: string ConnectionId: description: The ID of the action connection in: path name: connection_id required: true schema: type: string CustomDestinationId: description: The ID of the custom destination. in: path name: custom_destination_id required: true schema: type: string CustomFrameworkHandle: description: The framework handle in: path name: handle required: true schema: type: string CustomFrameworkVersion: description: The framework version in: path name: version required: true schema: type: string EntityID: description: UUID or Entity Ref. in: path name: entity_id required: true schema: example: service:myservice type: string FastlyAccountID: description: Fastly Account id. in: path name: account_id required: true schema: type: string FastlyServiceID: description: Fastly Service ID. in: path name: service_id required: true schema: type: string FileID: description: File ID. in: path name: file_id required: true schema: type: string FilterByExcludeSnapshot: description: Filter entities by excluding snapshotted entities. in: query name: filter[exclude_snapshot] required: false schema: type: string FilterByID: description: Filter entities by UUID. explode: true in: query name: filter[id] required: false schema: type: string FilterByKind: description: Filter entities by kind. explode: true in: query name: filter[kind] required: false schema: type: string FilterByName: description: Filter entities by name. explode: true in: query name: filter[name] required: false schema: type: string FilterByOwner: description: Filter entities by owner. explode: true in: query name: filter[owner] required: false schema: type: string FilterByRef: description: Filter entities by reference example: service:shopping-cart explode: true in: query name: filter[ref] required: false schema: type: string FilterByRelationType: description: Filter entities by relation type. explode: true in: query name: filter[relation][type] required: false schema: $ref: '#/components/schemas/RelationType' FilterRelationByFromRef: description: Filter relations by the reference of the first entity in the relation. example: service:shopping-cart explode: true in: query name: filter[from_ref] required: false schema: type: string FilterRelationByToRef: description: Filter relations by the reference of the second entity in the relation. example: service:shopping-cart explode: true in: query name: filter[to_ref] required: false schema: type: string FilterRelationByType: description: Filter relations by type. explode: true in: query name: filter[type] required: false schema: $ref: '#/components/schemas/RelationType' GCPSTSServiceAccountID: description: Your GCP STS enabled service account's unique ID. in: path name: account_id required: true schema: type: string HistoricalJobID: description: The ID of the job. in: path name: job_id required: true schema: type: string IncidentAttachmentFilterQueryParameter: description: Specifies which types of attachments are included in the response. explode: false in: query name: filter[attachment_type] required: false schema: items: $ref: '#/components/schemas/IncidentAttachmentAttachmentType' type: array IncidentAttachmentIncludeQueryParameter: description: Specifies which types of related objects are included in the response. explode: false in: query name: include required: false schema: items: $ref: '#/components/schemas/IncidentAttachmentRelatedObject' type: array IncidentIDPathParameter: description: The UUID of the incident. in: path name: incident_id required: true schema: type: string IncidentIncludeQueryParameter: description: >- Specifies which types of related objects should be included in the response. explode: false in: query name: include required: false schema: items: $ref: '#/components/schemas/IncidentRelatedObject' type: array IncidentIntegrationMetadataIDPathParameter: description: The UUID of the incident integration metadata. in: path name: integration_metadata_id required: true schema: type: string IncidentSearchIncludeQueryParameter: description: >- Specifies which types of related objects should be included in the response. in: query name: include required: false schema: $ref: '#/components/schemas/IncidentRelatedObject' IncidentSearchQueryQueryParameter: description: >- Specifies which incidents should be returned. The query can contain any number of incident facets joined by `ANDs`, along with multiple values for each of those facets joined by `OR`s. For example: `state:active AND severity:(SEV-2 OR SEV-1)`. explode: false in: query name: query required: true schema: type: string IncidentSearchSortQueryParameter: description: Specifies the order of returned incidents. explode: false in: query name: sort required: false schema: $ref: '#/components/schemas/IncidentSearchSortOrder' IncidentServiceIDPathParameter: description: The ID of the incident service. in: path name: service_id required: true schema: type: string IncidentServiceIncludeQueryParameter: description: >- Specifies which types of related objects should be included in the response. in: query name: include required: false schema: $ref: '#/components/schemas/IncidentRelatedObject' IncidentServiceSearchQueryParameter: description: A search query that filters services by name. in: query name: filter required: false schema: example: ExampleServiceName type: string IncidentTeamIDPathParameter: description: The ID of the incident team. in: path name: team_id required: true schema: type: string IncidentTeamIncludeQueryParameter: description: >- Specifies which types of related objects should be included in the response. in: query name: include required: false schema: $ref: '#/components/schemas/IncidentRelatedObject' IncidentTeamSearchQueryParameter: description: A search query that filters teams by name. in: query name: filter required: false schema: example: ExampleTeamName type: string IncidentTodoIDPathParameter: description: The UUID of the incident todo. in: path name: todo_id required: true schema: type: string IncidentTypeIDPathParameter: description: The UUID of the incident type. in: path name: incident_type_id required: true schema: type: string IncidentTypeIncludeDeletedParameter: description: Include deleted incident types in the response. in: query name: include_deleted schema: default: false type: boolean Include: description: Include relationship data. explode: true in: query name: include required: false schema: $ref: '#/components/schemas/IncludeType' InstanceId: description: The ID of the workflow instance. in: path name: instance_id required: true schema: type: string MetricID: description: The name of the log-based metric. in: path name: metric_id required: true schema: type: string MetricName: description: The name of the metric. example: dist.http.endpoint.request in: path name: metric_name required: true schema: type: string MicrosoftTeamsChannelNamePathParameter: description: Your channel name. in: path name: channel_name required: true schema: type: string MicrosoftTeamsHandleNameQueryParameter: description: Your tenant-based handle name. in: query name: name required: false schema: type: string MicrosoftTeamsTeamNamePathParameter: description: Your team name. in: path name: team_name required: true schema: type: string MicrosoftTeamsTenantBasedHandleIDPathParameter: description: Your tenant-based handle id. in: path name: handle_id required: true schema: type: string MicrosoftTeamsTenantIDQueryParameter: description: Your tenant id. in: query name: tenant_id required: false schema: type: string MicrosoftTeamsTenantNamePathParameter: description: Your tenant name. in: path name: tenant_name required: true schema: type: string MicrosoftTeamsWorkflowsWebhookHandleIDPathParameter: description: Your Workflows webhook handle id. in: path name: handle_id required: true schema: type: string MicrosoftTeamsWorkflowsWebhookHandleNameQueryParameter: description: Your Workflows webhook handle name. in: query name: name required: false schema: type: string OnDemandTaskId: description: The UUID of the task. example: 6d09294c-9ad9-42fd-a759-a0c1599b4828 in: path name: task_id required: true schema: type: string OpsgenieServiceIDPathParameter: description: The UUID of the service. in: path name: integration_service_id required: true schema: type: string OrgConfigName: description: The name of an Org Config. in: path name: org_config_name required: true schema: example: monitor_timezone type: string PageNumber: description: Specific page number to return. in: query name: page[number] required: false schema: default: 0 example: 0 format: int64 type: integer PageOffset: description: Specific offset to use as the beginning of the returned page. in: query name: page[offset] required: false schema: default: 0 example: 0 format: int64 type: integer PageSize: description: Size for a given page. The maximum allowed value is 100. in: query name: page[size] required: false schema: default: 10 example: 10 format: int64 type: integer ProjectIDPathParameter: description: Project UUID example: e555e290-ed65-49bd-ae18-8acbfcf18db7 in: path name: project_id required: true schema: type: string RelationInclude: description: Include relationship data. explode: true in: query name: include required: false schema: $ref: '#/components/schemas/RelationIncludeType' ReportID: description: The ID of the report job. in: path name: report_id required: true schema: type: string ResourceFilterAccountID: description: >- Filter resource filters by cloud provider account ID. This parameter is only valid when provider is specified. in: query name: account_id required: false schema: type: string ResourceFilterProvider: description: Filter resource filters by cloud provider (e.g. aws, gcp, azure). in: query name: cloud_provider required: false schema: type: string ResourceID: description: >- Identifier, formatted as `type:id`. Supported types: `connection`, `dashboard`, `integration-account`, `integration-service`, `integration-webhook`, `notebook`, `reference-table`, `security-rule`, `slo`, `workflow`, `app-builder-app`, `connection`, `connection-group`, `rum-application`. example: dashboard:abc-def-ghi in: path name: resource_id required: true schema: type: string RestrictionQueryID: description: The ID of the restriction query. in: path name: restriction_query_id required: true schema: type: string RestrictionQueryRoleID: description: The ID of the role. in: path name: role_id required: true schema: type: string RestrictionQueryUserID: description: The ID of the user. in: path name: user_id required: true schema: type: string RetentionFilterIdParam: description: The ID of the retention filter. in: path name: filter_id required: true schema: type: string RoleID: description: The unique identifier of the role. in: path name: role_id required: true schema: type: string RuleId: description: The ID of the rule. in: path name: rule_id required: true schema: type: string RumApplicationIDParameter: description: RUM application ID. in: path name: app_id required: true schema: type: string RumMetricIDParameter: description: The name of the rum-based metric. in: path name: metric_id required: true schema: type: string RumRetentionFilterIDParameter: description: Retention filter ID. in: path name: rf_id required: true schema: type: string SchemaVersion: description: The schema version desired in the response. in: query name: schema_version required: false schema: $ref: '#/components/schemas/ServiceDefinitionSchemaVersions' SecurityFilterID: description: The ID of the security filter. in: path name: security_filter_id required: true schema: type: string SecurityMonitoringRuleID: description: The ID of the rule. in: path name: rule_id required: true schema: type: string SecurityMonitoringSuppressionID: description: The ID of the suppression rule in: path name: suppression_id required: true schema: type: string SensitiveDataScannerGroupID: description: The ID of a group of rules. in: path name: group_id required: true schema: type: string SensitiveDataScannerRuleID: description: The ID of the rule. in: path name: rule_id required: true schema: type: string ServiceAccountID: description: The ID of the service account. in: path name: service_account_id required: true schema: example: 00000000-0000-1234-0000-000000000000 type: string ServiceName: description: The name of the service. in: path name: service_name required: true schema: example: my-service type: string SignalID: description: The ID of the signal. in: path name: signal_id required: true schema: type: string SkipCache: description: Skip cache for resource filters. in: query name: skip_cache required: false schema: type: boolean SpansMetricIDParameter: description: The name of the span-based metric. in: path name: metric_id required: true schema: type: string UserID: description: The ID of the user. in: path name: user_id required: true schema: example: 00000000-0000-9999-0000-000000000000 type: string WorkflowId: description: The ID of the workflow. in: path name: workflow_id required: true schema: type: string requestBodies: {} responses: BadRequestResponse: content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request ConcurrentModificationResponse: content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Concurrent Modification ConflictResponse: content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Conflict FindingsBadRequestResponse: content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: >- Bad Request: The server cannot process the request due to invalid syntax in the request. FindingsForbiddenResponse: content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: 'Forbidden: Access denied' FindingsNotFoundResponse: content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: 'Not Found: The requested finding cannot be found.' FindingsTooManyRequestsResponse: content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: 'Too many requests: The rate limit set by the API has been exceeded.' ForbiddenResponse: content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden NotAuthorizedResponse: content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Authorized NotFoundResponse: content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found NotificationRulesList: content: application/json: schema: properties: data: items: $ref: '#/components/schemas/NotificationRule' type: array type: object description: The list of notification rules. PreconditionFailedResponse: content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Failed Precondition SpansBadRequestResponse: content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad Request. SpansForbiddenResponse: content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: 'Forbidden: Access denied.' SpansTooManyRequestsResponse: content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: 'Too many requests: The rate limit set by the API has been exceeded.' SpansUnprocessableEntityResponse: content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Unprocessable Entity. TooManyRequestsResponse: content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too many requests UnauthorizedResponse: content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Unauthorized UnprocessableEntityResponse: content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: The server cannot process the request because it contains invalid data. schemas: APIErrorResponse: description: API error response. properties: errors: description: A list of errors. example: - Bad Request items: description: A list of items. example: Bad Request type: string type: array required: - errors type: object APIKeyCreateAttributes: description: Attributes used to create an API Key. properties: category: description: The APIKeyCreateAttributes category. type: string example: example_value name: description: Name of the API key. example: API Key for submitting metrics type: string remote_config_read_enabled: description: The APIKeyCreateAttributes remote_config_read_enabled. type: boolean example: true required: - name type: object APIKeyCreateData: description: Object used to create an API key. properties: attributes: $ref: '#/components/schemas/APIKeyCreateAttributes' type: $ref: '#/components/schemas/APIKeysType' required: - attributes - type type: object x-merge-override: required: false APIKeyCreateRequest: description: Request used to create an API key. properties: data: $ref: '#/components/schemas/APIKeyCreateData' required: - data type: object APIKeyRelationships: description: Resources related to the API key. properties: created_by: $ref: '#/components/schemas/RelationshipToUser' modified_by: $ref: '#/components/schemas/NullableRelationshipToUser' type: object APIKeyResponse: description: Response for retrieving an API key. properties: data: $ref: '#/components/schemas/FullAPIKey' included: description: Array of objects related to the API key. items: $ref: '#/components/schemas/APIKeyResponseIncludedItem' type: array x-merge-override: items: false type: object APIKeyResponseIncludedItem: description: An object related to an API key. oneOf: - $ref: '#/components/schemas/User' - $ref: '#/components/schemas/LeakedKey' APIKeyUpdateAttributes: description: Attributes used to update an API Key. properties: category: description: The APIKeyUpdateAttributes category. type: string example: example_value name: description: Name of the API key. example: API Key for submitting metrics type: string remote_config_read_enabled: description: The APIKeyUpdateAttributes remote_config_read_enabled. type: boolean example: true required: - name type: object APIKeyUpdateData: description: Object used to update an API key. properties: attributes: $ref: '#/components/schemas/APIKeyUpdateAttributes' id: description: ID of the API key. example: 00112233-4455-6677-8899-aabbccddeeff type: string type: $ref: '#/components/schemas/APIKeysType' required: - attributes - id - type type: object x-merge-override: required: false APIKeyUpdateRequest: description: Request used to update an API key. properties: data: $ref: '#/components/schemas/APIKeyUpdateData' required: - data type: object APIKeysResponse: description: Response for a list of API keys. properties: data: description: Array of API keys. items: $ref: '#/components/schemas/PartialAPIKey' type: array included: description: Array of objects related to the API key. items: $ref: '#/components/schemas/APIKeyResponseIncludedItem' type: array x-merge-override: items: false meta: $ref: '#/components/schemas/APIKeysResponseMeta' type: object APIKeysResponseMeta: description: Additional information related to api keys response. properties: max_allowed: description: Max allowed number of API keys. format: int64 type: integer example: 42 page: $ref: '#/components/schemas/APIKeysResponseMetaPage' type: object APIKeysResponseMetaPage: description: Additional information related to the API keys response. properties: total_filtered_count: description: Total filtered application key count. format: int64 type: integer example: 42 type: object APIKeysSort: default: name description: Sorting options enum: - created_at - '-created_at' - last4 - '-last4' - modified_at - '-modified_at' - name - '-name' type: string x-enum-varnames: - CREATED_AT_ASCENDING - CREATED_AT_DESCENDING - LAST4_ASCENDING - LAST4_DESCENDING - MODIFIED_AT_ASCENDING - MODIFIED_AT_DESCENDING - NAME_ASCENDING - NAME_DESCENDING APIKeysType: default: api_keys description: API Keys resource type. enum: - api_keys example: api_keys type: string x-enum-varnames: - API_KEYS APITrigger: description: Trigger a workflow from an API request. The workflow must be published. properties: rateLimit: $ref: '#/components/schemas/TriggerRateLimit' type: object APITriggerWrapper: description: Schema for an API-based trigger. properties: apiTrigger: $ref: '#/components/schemas/APITrigger' startStepNames: $ref: '#/components/schemas/StartStepNames' required: - apiTrigger type: object AWSAccountConfigID: description: >- Unique Datadog ID of the AWS Account Integration Config. To get the config ID for an account, use the [List all AWS integrations](https://docs.datadoghq.com/api/latest/aws-integration/#list-all-aws-integrations) endpoint and query by AWS Account ID. example: 00000000-abcd-0001-0000-000000000000 type: string AWSAccountCreateRequest: description: AWS Account Create Request body. properties: data: $ref: '#/components/schemas/AWSAccountCreateRequestData' required: - data type: object AWSAccountCreateRequestAttributes: description: The AWS Account Integration Config to be created. properties: account_tags: $ref: '#/components/schemas/AWSAccountTags' auth_config: $ref: '#/components/schemas/AWSAuthConfig' aws_account_id: $ref: '#/components/schemas/AWSAccountID' aws_partition: $ref: '#/components/schemas/AWSAccountPartition' aws_regions: $ref: '#/components/schemas/AWSRegions' logs_config: $ref: '#/components/schemas/AWSLogsConfig' metrics_config: $ref: '#/components/schemas/AWSMetricsConfig' resources_config: $ref: '#/components/schemas/AWSResourcesConfig' traces_config: $ref: '#/components/schemas/AWSTracesConfig' required: - aws_account_id - aws_partition - auth_config type: object AWSAccountCreateRequestData: description: AWS Account Create Request data. properties: attributes: $ref: '#/components/schemas/AWSAccountCreateRequestAttributes' type: $ref: '#/components/schemas/AWSAccountType' required: - attributes - type type: object AWSAccountID: description: AWS Account ID. example: '123456789012' type: string AWSAccountPartition: description: >- AWS partition your AWS account is scoped to. Defaults to `aws`. See [Partitions](https://docs.aws.amazon.com/whitepapers/latest/aws-fault-isolation-boundaries/partitions.html) in the AWS documentation for more information. enum: - aws - aws-cn - aws-us-gov example: aws type: string x-enum-varnames: - AWS - AWS_CN - AWS_US_GOV AWSAccountResponse: description: AWS Account response body. properties: data: $ref: '#/components/schemas/AWSAccountResponseData' required: - data type: object AWSAccountResponseAttributes: description: AWS Account response attributes. properties: account_tags: $ref: '#/components/schemas/AWSAccountTags' auth_config: $ref: '#/components/schemas/AWSAuthConfig' aws_account_id: $ref: '#/components/schemas/AWSAccountID' aws_partition: $ref: '#/components/schemas/AWSAccountPartition' aws_regions: $ref: '#/components/schemas/AWSRegions' created_at: description: Timestamp of when the account integration was created. format: date-time readOnly: true type: string example: example_value logs_config: $ref: '#/components/schemas/AWSLogsConfig' metrics_config: $ref: '#/components/schemas/AWSMetricsConfig' modified_at: description: Timestamp of when the account integration was updated. format: date-time readOnly: true type: string example: example_value resources_config: $ref: '#/components/schemas/AWSResourcesConfig' traces_config: $ref: '#/components/schemas/AWSTracesConfig' required: - aws_account_id type: object AWSAccountResponseData: description: AWS Account response data. properties: attributes: $ref: '#/components/schemas/AWSAccountResponseAttributes' id: $ref: '#/components/schemas/AWSAccountConfigID' type: $ref: '#/components/schemas/AWSAccountType' required: - id - type type: object AWSAccountTags: description: >- Tags to apply to all hosts and metrics reporting for this account. Defaults to `[]`. items: description: Tag in the form `key:value`. example: env:prod type: string nullable: true type: array AWSAccountType: default: account description: AWS Account resource type. enum: - account example: account type: string x-enum-varnames: - ACCOUNT AWSAccountUpdateRequest: description: AWS Account Update Request body. properties: data: $ref: '#/components/schemas/AWSAccountUpdateRequestData' required: - data type: object AWSAccountUpdateRequestAttributes: description: The AWS Account Integration Config to be updated. properties: account_tags: $ref: '#/components/schemas/AWSAccountTags' auth_config: $ref: '#/components/schemas/AWSAuthConfig' aws_account_id: $ref: '#/components/schemas/AWSAccountID' aws_partition: $ref: '#/components/schemas/AWSAccountPartition' aws_regions: $ref: '#/components/schemas/AWSRegions' logs_config: $ref: '#/components/schemas/AWSLogsConfig' metrics_config: $ref: '#/components/schemas/AWSMetricsConfig' resources_config: $ref: '#/components/schemas/AWSResourcesConfig' traces_config: $ref: '#/components/schemas/AWSTracesConfig' required: - aws_account_id type: object AWSAccountUpdateRequestData: description: AWS Account Update Request data. properties: attributes: $ref: '#/components/schemas/AWSAccountUpdateRequestAttributes' id: $ref: '#/components/schemas/AWSAccountConfigID' type: $ref: '#/components/schemas/AWSAccountType' required: - attributes - type type: object AWSAccountsResponse: description: AWS Accounts response body. properties: data: description: List of AWS Account Integration Configs. items: $ref: '#/components/schemas/AWSAccountResponseData' type: array required: - data type: object AWSAssumeRole: description: The definition of `AWSAssumeRole` object. properties: account_id: description: AWS account the connection is created for example: '111222333444' pattern: ^\d{12}$ type: string external_id: description: >- External ID used to scope which connection can be used to assume the role example: 33a1011635c44b38a064cf14e82e1d8f readOnly: true type: string principal_id: description: AWS account that will assume the role example: '123456789012' readOnly: true type: string role: description: Role to assume example: my-role type: string type: $ref: '#/components/schemas/AWSAssumeRoleType' required: - type - account_id - role type: object AWSAssumeRoleType: description: The definition of `AWSAssumeRoleType` object. enum: - AWSAssumeRole example: AWSAssumeRole type: string x-enum-varnames: - AWSASSUMEROLE AWSAssumeRoleUpdate: description: The definition of `AWSAssumeRoleUpdate` object. properties: account_id: description: AWS account the connection is created for example: '111222333444' pattern: ^\d{12}$ type: string generate_new_external_id: description: The `AWSAssumeRoleUpdate` `generate_new_external_id`. type: boolean example: true role: description: Role to assume example: my-role type: string type: $ref: '#/components/schemas/AWSAssumeRoleType' required: - type type: object AWSAuthConfig: description: AWS Authentication config. oneOf: - $ref: '#/components/schemas/AWSAuthConfigKeys' - $ref: '#/components/schemas/AWSAuthConfigRole' AWSAuthConfigKeys: description: >- AWS Authentication config to integrate your account using an access key pair. properties: access_key_id: description: AWS Access Key ID. example: AKIAIOSFODNN7EXAMPLE type: string secret_access_key: description: AWS Secret Access Key. example: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY minLength: 1 type: string writeOnly: true required: - access_key_id type: object AWSAuthConfigRole: description: AWS Authentication config to integrate your account using an IAM role. properties: external_id: description: AWS IAM External ID for associated role. type: string example: abc-123-def role_name: description: AWS IAM Role name. example: DatadogIntegrationRole maxLength: 576 minLength: 1 type: string required: - role_name type: object AWSCredentials: description: The definition of `AWSCredentials` object. oneOf: - $ref: '#/components/schemas/AWSAssumeRole' AWSCredentialsUpdate: description: The definition of `AWSCredentialsUpdate` object. oneOf: - $ref: '#/components/schemas/AWSAssumeRoleUpdate' AWSIntegration: description: The definition of `AWSIntegration` object. properties: credentials: $ref: '#/components/schemas/AWSCredentials' type: $ref: '#/components/schemas/AWSIntegrationType' required: - type - credentials type: object AWSIntegrationType: description: The definition of `AWSIntegrationType` object. enum: - AWS example: AWS type: string x-enum-varnames: - AWS AWSIntegrationUpdate: description: The definition of `AWSIntegrationUpdate` object. properties: credentials: $ref: '#/components/schemas/AWSCredentialsUpdate' type: $ref: '#/components/schemas/AWSIntegrationType' required: - type type: object AWSLambdaForwarderConfig: description: >- Log Autosubscription configuration for Datadog Forwarder Lambda functions. Automatically set up triggers for existing and new logs for some services, ensuring no logs from new resources are missed and saving time spent on manual configuration. properties: lambdas: description: >- List of Datadog Lambda Log Forwarder ARNs in your AWS account. Defaults to `[]`. items: example: >- arn:aws:lambda:us-east-1:123456789012:function:DatadogLambdaLogForwarder type: string type: array sources: description: >- List of service IDs set to enable automatic log collection. Discover the list of available services with the [Get list of AWS log ready services](https://docs.datadoghq.com/api/latest/aws-logs-integration/#get-list-of-aws-log-ready-services) endpoint. items: example: s3 type: string type: array type: object AWSLogsConfig: description: AWS Logs Collection config. properties: lambda_forwarder: $ref: '#/components/schemas/AWSLambdaForwarderConfig' type: object AWSLogsServicesResponse: description: AWS Logs Services response body properties: data: $ref: '#/components/schemas/AWSLogsServicesResponseData' required: - data type: object AWSLogsServicesResponseAttributes: description: AWS Logs Services response body properties: logs_services: description: List of AWS services that can send logs to Datadog example: - s3 items: example: s3 type: string type: array required: - logs_services type: object AWSLogsServicesResponseData: description: AWS Logs Services response body properties: attributes: $ref: '#/components/schemas/AWSLogsServicesResponseAttributes' id: default: logs_services description: The `AWSLogsServicesResponseData` `id`. example: logs_services type: string type: $ref: '#/components/schemas/AWSLogsServicesResponseDataType' required: - id - type type: object AWSLogsServicesResponseDataType: default: logs_services description: The `AWSLogsServicesResponseData` `type`. enum: - logs_services example: logs_services type: string x-enum-varnames: - LOGS_SERVICES AWSMetricsConfig: description: AWS Metrics Collection config. properties: automute_enabled: description: Enable EC2 automute for AWS metrics. Defaults to `true`. example: true type: boolean collect_cloudwatch_alarms: description: Enable CloudWatch alarms collection. Defaults to `false`. example: false type: boolean collect_custom_metrics: description: Enable custom metrics collection. Defaults to `false`. example: false type: boolean enabled: description: Enable AWS metrics collection. Defaults to `true`. example: true type: boolean namespace_filters: $ref: '#/components/schemas/AWSNamespaceFilters' tag_filters: description: AWS Metrics collection tag filters list. Defaults to `[]`. items: $ref: '#/components/schemas/AWSNamespaceTagFilter' type: array type: object AWSNamespaceFilters: description: AWS Metrics namespace filters. Defaults to `exclude_only`. oneOf: - $ref: '#/components/schemas/AWSNamespaceFiltersExcludeOnly' - $ref: '#/components/schemas/AWSNamespaceFiltersIncludeOnly' AWSNamespaceFiltersExcludeOnly: description: >- Exclude only these namespaces from metrics collection. Defaults to `["AWS/SQS", "AWS/ElasticMapReduce"]`. `AWS/SQS` and `AWS/ElasticMapReduce` are excluded by default to reduce your AWS CloudWatch costs from `GetMetricData` API calls. properties: exclude_only: description: >- Exclude only these namespaces from metrics collection. Defaults to `["AWS/SQS", "AWS/ElasticMapReduce"]`. `AWS/SQS` and `AWS/ElasticMapReduce` are excluded by default to reduce your AWS CloudWatch costs from `GetMetricData` API calls. example: - AWS/SQS - AWS/ElasticMapReduce items: example: AWS/SQS type: string type: array required: - exclude_only type: object AWSNamespaceFiltersIncludeOnly: description: Include only these namespaces. properties: include_only: description: Include only these namespaces. example: - AWS/EC2 items: example: AWS/EC2 type: string type: array required: - include_only type: object AWSNamespaceTagFilter: description: >- AWS Metrics Collection tag filters list. Defaults to `[]`. The array of custom AWS resource tags (in the form `key:value`) defines a filter that Datadog uses when collecting metrics from a specified service. Wildcards, such as `?` (match a single character) and `*` (match multiple characters), and exclusion using `!` before the tag are supported. For EC2, only hosts that match one of the defined tags will be imported into Datadog. The rest will be ignored. For example, `env:production,instance-type:c?.*,!region:us-east-1`. properties: namespace: description: >- The AWS service for which the tag filters defined in `tags` will be applied. example: AWS/EC2 type: string tags: description: >- The AWS resource tags to filter on for the service specified by `namespace`. items: description: Tag in the form `key:value`. example: datadog:true type: string nullable: true type: array type: object AWSNamespacesResponse: description: AWS Namespaces response body. properties: data: $ref: '#/components/schemas/AWSNamespacesResponseData' required: - data type: object AWSNamespacesResponseAttributes: description: AWS Namespaces response attributes. properties: namespaces: description: AWS CloudWatch namespace. example: - AWS/ApiGateway items: example: AWS/ApiGateway type: string type: array required: - namespaces type: object AWSNamespacesResponseData: description: AWS Namespaces response data. properties: attributes: $ref: '#/components/schemas/AWSNamespacesResponseAttributes' id: default: namespaces description: The `AWSNamespacesResponseData` `id`. example: namespaces type: string type: $ref: '#/components/schemas/AWSNamespacesResponseDataType' required: - id - type type: object AWSNamespacesResponseDataType: default: namespaces description: The `AWSNamespacesResponseData` `type`. enum: - namespaces example: namespaces type: string x-enum-varnames: - NAMESPACES AWSNewExternalIDResponse: description: AWS External ID response body. properties: data: $ref: '#/components/schemas/AWSNewExternalIDResponseData' required: - data type: object AWSNewExternalIDResponseAttributes: description: AWS External ID response body. properties: external_id: description: AWS IAM External ID for associated role. example: acb8f6b8a844443dbb726d07dcb1a870 type: string required: - external_id type: object AWSNewExternalIDResponseData: description: AWS External ID response body. properties: attributes: $ref: '#/components/schemas/AWSNewExternalIDResponseAttributes' id: default: external_id description: The `AWSNewExternalIDResponseData` `id`. example: external_id type: string type: $ref: '#/components/schemas/AWSNewExternalIDResponseDataType' required: - id - type type: object AWSNewExternalIDResponseDataType: default: external_id description: The `AWSNewExternalIDResponseData` `type`. enum: - external_id example: external_id type: string x-enum-varnames: - EXTERNAL_ID AWSRegions: description: AWS Regions to collect data from. Defaults to `include_all`. oneOf: - $ref: '#/components/schemas/AWSRegionsIncludeAll' - $ref: '#/components/schemas/AWSRegionsIncludeOnly' AWSRegionsIncludeAll: description: Include all regions. Defaults to `true`. properties: include_all: description: Include all regions. example: true type: boolean required: - include_all type: object AWSRegionsIncludeOnly: description: Include only these regions. properties: include_only: description: Include only these regions. example: - us-east-1 items: example: us-east-1 type: string type: array required: - include_only type: object AWSResourcesConfig: description: AWS Resources Collection config. properties: cloud_security_posture_management_collection: description: >- Enable Cloud Security Management to scan AWS resources for vulnerabilities, misconfigurations, identity risks, and compliance violations. Defaults to `false`. Requires `extended_collection` to be set to `true`. example: false type: boolean extended_collection: description: >- Whether Datadog collects additional attributes and configuration information about the resources in your AWS account. Defaults to `true`. Required for `cloud_security_posture_management_collection`. example: true type: boolean type: object AWSTracesConfig: description: AWS Traces Collection config. properties: xray_services: $ref: '#/components/schemas/XRayServicesList' type: object AccountFilteringConfig: description: The account filtering configuration. properties: excluded_accounts: description: >- The AWS account IDs to be excluded from your billing dataset. This field is used when `include_new_accounts` is `true`. example: - '123456789123' - '123456789143' items: type: string type: array include_new_accounts: description: >- Whether or not to automatically include new member accounts by default in your billing dataset. example: true type: boolean included_accounts: description: >- The AWS account IDs to be included in your billing dataset. This field is used when `include_new_accounts` is `false`. example: - '123456789123' - '123456789143' items: type: string type: array type: object ActionConnectionAttributes: description: The definition of `ActionConnectionAttributes` object. properties: integration: $ref: '#/components/schemas/ActionConnectionIntegration' name: description: Name of the connection example: My AWS Connection type: string required: - name - integration type: object ActionConnectionAttributesUpdate: description: The definition of `ActionConnectionAttributesUpdate` object. properties: integration: $ref: '#/components/schemas/ActionConnectionIntegrationUpdate' name: description: Name of the connection example: My AWS Connection type: string type: object ActionConnectionData: description: Data related to the connection. properties: attributes: $ref: '#/components/schemas/ActionConnectionAttributes' id: description: The connection identifier readOnly: true type: string example: abc-123-def type: $ref: '#/components/schemas/ActionConnectionDataType' required: - type - attributes type: object ActionConnectionDataType: description: The definition of `ActionConnectionDataType` object. enum: - action_connection example: action_connection type: string x-enum-varnames: - ACTION_CONNECTION ActionConnectionDataUpdate: description: Data related to the connection update. properties: attributes: $ref: '#/components/schemas/ActionConnectionAttributesUpdate' type: $ref: '#/components/schemas/ActionConnectionDataType' required: - type - attributes type: object ActionConnectionIntegration: description: The definition of `ActionConnectionIntegration` object. oneOf: - $ref: '#/components/schemas/AWSIntegration' - $ref: '#/components/schemas/HTTPIntegration' ActionConnectionIntegrationUpdate: description: The definition of `ActionConnectionIntegrationUpdate` object. oneOf: - $ref: '#/components/schemas/AWSIntegrationUpdate' - $ref: '#/components/schemas/HTTPIntegrationUpdate' ActionQuery: description: >- An action query. This query type is used to trigger an action, such as sending a HTTP request. properties: events: description: Events to listen for downstream of the action query. items: $ref: '#/components/schemas/AppBuilderEvent' type: array id: description: The ID of the action query. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 format: uuid type: string name: description: >- A unique identifier for this action query. This name is also used to access the query's result throughout the app. example: fetchPendingOrders type: string properties: $ref: '#/components/schemas/ActionQueryProperties' type: $ref: '#/components/schemas/ActionQueryType' required: - id - name - type - properties type: object ActionQueryCondition: description: >- Whether to run this query. If specified, the query will only run if this condition evaluates to `true` in JavaScript and all other conditions are also met. oneOf: - type: boolean - example: ${true} type: string ActionQueryDebounceInMs: description: >- The minimum time in milliseconds that must pass before the query can be triggered again. This is useful for preventing accidental double-clicks from triggering the query multiple times. oneOf: - example: 310.5 format: double type: number - description: >- If this is a string, it must be a valid JavaScript expression that evaluates to a number. example: ${1000} type: string ActionQueryMockedOutputs: description: >- The mocked outputs of the action query. This is useful for testing the app without actually running the action. oneOf: - type: string - $ref: '#/components/schemas/ActionQueryMockedOutputsObject' ActionQueryMockedOutputsEnabled: description: Whether to enable the mocked outputs for testing. oneOf: - type: boolean - description: >- If this is a string, it must be a valid JavaScript expression that evaluates to a boolean. example: ${true} type: string ActionQueryMockedOutputsObject: description: The mocked outputs of the action query. properties: enabled: $ref: '#/components/schemas/ActionQueryMockedOutputsEnabled' outputs: description: The mocked outputs of the action query, serialized as JSON. example: '{"status": "success"}' type: string required: - enabled type: object ActionQueryOnlyTriggerManually: description: >- Determines when this query is executed. If set to `false`, the query will run when the app loads and whenever any query arguments change. If set to `true`, the query will only run when manually triggered from elsewhere in the app. oneOf: - type: boolean - description: >- If this is a string, it must be a valid JavaScript expression that evaluates to a boolean. example: ${true} type: string ActionQueryPollingIntervalInMs: description: >- If specified, the app will poll the query at the specified interval in milliseconds. The minimum polling interval is 15 seconds. The query will only poll when the app's browser tab is active. oneOf: - example: 30000 format: double minimum: 15000 type: number - description: >- If this is a string, it must be a valid JavaScript expression that evaluates to a number. example: ${15000} type: string ActionQueryProperties: description: The properties of the action query. properties: condition: $ref: '#/components/schemas/ActionQueryCondition' debounceInMs: $ref: '#/components/schemas/ActionQueryDebounceInMs' mockedOutputs: $ref: '#/components/schemas/ActionQueryMockedOutputs' onlyTriggerManually: $ref: '#/components/schemas/ActionQueryOnlyTriggerManually' outputs: description: >- The post-query transformation function, which is a JavaScript function that changes the query's `.outputs` property after the query's execution. example: ${((outputs) => {return outputs.body.data})(self.rawOutputs)} type: string pollingIntervalInMs: $ref: '#/components/schemas/ActionQueryPollingIntervalInMs' requiresConfirmation: $ref: '#/components/schemas/ActionQueryRequiresConfirmation' showToastOnError: $ref: '#/components/schemas/ActionQueryShowToastOnError' spec: $ref: '#/components/schemas/ActionQuerySpec' required: - spec type: object ActionQueryRequiresConfirmation: description: Whether to prompt the user to confirm this query before it runs. oneOf: - type: boolean - description: >- If this is a string, it must be a valid JavaScript expression that evaluates to a boolean. example: ${true} type: string ActionQueryShowToastOnError: description: Whether to display a toast to the user when the query returns an error. oneOf: - type: boolean - description: >- If this is a string, it must be a valid JavaScript expression that evaluates to a boolean. example: ${true} type: string ActionQuerySpec: description: The definition of the action query. oneOf: - type: string - $ref: '#/components/schemas/ActionQuerySpecObject' ActionQuerySpecConnectionGroup: description: The connection group to use for an action query. properties: id: description: The ID of the connection group. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 format: uuid type: string tags: description: The tags of the connection group. items: type: string type: array type: object ActionQuerySpecInput: additionalProperties: {} description: >- The inputs to the action query. See the [Actions Catalog](https://docs.datadoghq.com/actions/actions_catalog/) for more detail on each action and its inputs. type: object ActionQuerySpecInputs: description: >- The inputs to the action query. These are the values that are passed to the action when it is triggered. oneOf: - type: string - $ref: '#/components/schemas/ActionQuerySpecInput' ActionQuerySpecObject: description: The action query spec object. properties: connectionGroup: $ref: '#/components/schemas/ActionQuerySpecConnectionGroup' connectionId: description: The ID of the custom connection to use for this action query. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 type: string fqn: description: The fully qualified name of the action type. example: com.datadoghq.http.request type: string inputs: $ref: '#/components/schemas/ActionQuerySpecInputs' required: - fqn type: object ActionQueryType: default: action description: The action query type. enum: - action example: action type: string x-enum-varnames: - ACTION ActiveBillingDimensionsAttributes: description: List of active billing dimensions. properties: month: description: >- Datetime in ISO-8601 format, UTC, precise to hour: `[YYYY-MM-DDThh]`. format: date-time type: string example: example_value values: description: >- List of active billing dimensions. Example: `[infra_host, apm_host, serverless_infra]`. items: description: A given billing dimension in a list. example: infra_host type: string type: array type: object ActiveBillingDimensionsBody: description: Active billing dimensions data. properties: attributes: $ref: '#/components/schemas/ActiveBillingDimensionsAttributes' id: description: Unique ID of the response. type: string example: abc-123-def type: $ref: '#/components/schemas/ActiveBillingDimensionsType' type: object ActiveBillingDimensionsResponse: description: Active billing dimensions response. properties: data: $ref: '#/components/schemas/ActiveBillingDimensionsBody' type: object ActiveBillingDimensionsType: default: billing_dimensions description: Type of active billing dimensions data. enum: - billing_dimensions type: string x-enum-varnames: - BILLING_DIMENSIONS Advisory: description: Advisory. properties: base_severity: description: Advisory base severity. example: Critical type: string id: description: Advisory id. example: GHSA-4wrc-f8pq-fpqp type: string severity: description: Advisory Datadog severity. example: Medium type: string required: - id - base_severity type: object Annotation: description: >- A list of annotations used in the workflow. These are like sticky notes for your workflow! properties: display: $ref: '#/components/schemas/AnnotationDisplay' id: description: The `Annotation` `id`. example: '' type: string markdownTextAnnotation: $ref: '#/components/schemas/AnnotationMarkdownTextAnnotation' required: - id - display - markdownTextAnnotation type: object AnnotationDisplay: description: The definition of `AnnotationDisplay` object. properties: bounds: $ref: '#/components/schemas/AnnotationDisplayBounds' type: object AnnotationDisplayBounds: description: The definition of `AnnotationDisplayBounds` object. properties: height: description: The `bounds` `height`. format: double type: number example: 95.5 width: description: The `bounds` `width`. format: double type: number example: 95.5 x: description: The `bounds` `x`. format: double type: number example: 95.5 'y': description: The `bounds` `y`. format: double type: number example: 95.5 type: object AnnotationMarkdownTextAnnotation: description: The definition of `AnnotationMarkdownTextAnnotation` object. properties: text: description: The `markdownTextAnnotation` `text`. type: string example: example_value type: object ApiID: description: API identifier. example: 90646597-5fdb-4a17-a240-647003f8c028 format: uuid type: string ApmRetentionFilterType: default: apm_retention_filter description: The type of the resource. enum: - apm_retention_filter example: apm_retention_filter type: string x-enum-varnames: - apm_retention_filter AppBuilderEvent: additionalProperties: {} description: An event on a UI component that triggers a response or action in an app. properties: name: $ref: '#/components/schemas/AppBuilderEventName' type: $ref: '#/components/schemas/AppBuilderEventType' type: object AppBuilderEventName: description: The triggering action for the event. enum: - pageChange - tableRowClick - _tableRowButtonClick - change - submit - click - toggleOpen - close - open - executionFinished example: click type: string x-enum-varnames: - PAGECHANGE - TABLEROWCLICK - TABLEROWBUTTONCLICK - CHANGE - SUBMIT - CLICK - TOGGLEOPEN - CLOSE - OPEN - EXECUTIONFINISHED AppBuilderEventType: description: The response to the event. enum: - custom - setComponentState - triggerQuery - openModal - closeModal - openUrl - downloadFile - setStateVariableValue example: triggerQuery type: string x-enum-varnames: - CUSTOM - SETCOMPONENTSTATE - TRIGGERQUERY - OPENMODAL - CLOSEMODAL - OPENURL - DOWNLOADFILE - SETSTATEVARIABLEVALUE AppDefinitionType: default: appDefinitions description: The app definition type. enum: - appDefinitions example: appDefinitions type: string x-enum-varnames: - APPDEFINITIONS AppDeploymentType: default: deployment description: The deployment type. enum: - deployment example: deployment type: string x-enum-varnames: - DEPLOYMENT AppMeta: description: Metadata of an app. properties: created_at: description: Timestamp of when the app was created. format: date-time type: string example: example_value deleted_at: description: Timestamp of when the app was deleted. format: date-time type: string example: example_value org_id: description: The Datadog organization ID that owns the app. format: int64 type: integer example: 42 updated_at: description: Timestamp of when the app was last updated. format: date-time type: string example: '2026-04-17T12:00:00Z' updated_since_deployment: description: >- Whether the app was updated since it was last published. Published apps are pinned to a specific version and do not automatically update when the app is updated. type: boolean example: true user_id: description: The ID of the user who created the app. format: int64 type: integer example: 42 user_name: description: The name (or email address) of the user who created the app. type: string example: Example Monitor user_uuid: description: The UUID of the user who created the app. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 format: uuid type: string version: description: >- The version number of the app. This starts at 1 and increments with each update. format: int64 type: integer example: 42 type: object AppRelationship: description: The app's publication relationship and custom connections. properties: connections: description: Array of custom connections used by the app. items: $ref: '#/components/schemas/CustomConnection' type: array deployment: $ref: '#/components/schemas/DeploymentRelationship' type: object AppTriggerWrapper: description: Schema for an App-based trigger. properties: appTrigger: description: Trigger a workflow from an App. type: object startStepNames: $ref: '#/components/schemas/StartStepNames' required: - appTrigger type: object ApplicationKeyCreateAttributes: description: Attributes used to create an application Key. properties: name: description: Name of the application key. example: Application Key for managing dashboards type: string scopes: description: Array of scopes to grant the application key. example: - dashboards_read - dashboards_write - dashboards_public_share items: description: Name of scope. type: string nullable: true type: array required: - name type: object x-merge-override: properties: false ApplicationKeyCreateData: description: Object used to create an application key. properties: attributes: $ref: '#/components/schemas/ApplicationKeyCreateAttributes' type: $ref: '#/components/schemas/ApplicationKeysType' required: - attributes - type type: object x-merge-override: required: false ApplicationKeyCreateRequest: description: Request used to create an application key. properties: data: $ref: '#/components/schemas/ApplicationKeyCreateData' required: - data type: object ApplicationKeyRelationships: description: Resources related to the application key. properties: owned_by: $ref: '#/components/schemas/RelationshipToUser' type: object x-merge-override: properties: false ApplicationKeyResponse: description: Response for retrieving an application key. properties: data: $ref: '#/components/schemas/FullApplicationKey' included: description: Array of objects related to the application key. items: $ref: '#/components/schemas/ApplicationKeyResponseIncludedItem' type: array type: object ApplicationKeyResponseIncludedItem: description: An object related to an application key. oneOf: - $ref: '#/components/schemas/User' - $ref: '#/components/schemas/Role' - $ref: '#/components/schemas/LeakedKey' ApplicationKeyResponseMeta: description: Additional information related to the application key response. properties: max_allowed_per_user: description: Max allowed number of application keys per user. format: int64 type: integer example: 42 page: $ref: '#/components/schemas/ApplicationKeyResponseMetaPage' type: object ApplicationKeyResponseMetaPage: description: Additional information related to the application key response. properties: total_filtered_count: description: Total filtered application key count. format: int64 type: integer example: 42 type: object ApplicationKeyUpdateAttributes: description: Attributes used to update an application Key. properties: name: description: Name of the application key. example: Application Key for managing dashboards type: string scopes: description: Array of scopes to grant the application key. example: - dashboards_read - dashboards_write - dashboards_public_share items: description: Name of scope. type: string nullable: true type: array type: object x-merge-override: properties: false ApplicationKeyUpdateData: description: Object used to update an application key. properties: attributes: $ref: '#/components/schemas/ApplicationKeyUpdateAttributes' id: description: ID of the application key. example: 00112233-4455-6677-8899-aabbccddeeff type: string type: $ref: '#/components/schemas/ApplicationKeysType' required: - attributes - id - type type: object x-merge-override: required: false ApplicationKeyUpdateRequest: description: Request used to update an application key. properties: data: $ref: '#/components/schemas/ApplicationKeyUpdateData' required: - data type: object ApplicationKeysSort: default: name description: Sorting options enum: - created_at - '-created_at' - last4 - '-last4' - name - '-name' type: string x-enum-varnames: - CREATED_AT_ASCENDING - CREATED_AT_DESCENDING - LAST4_ASCENDING - LAST4_DESCENDING - NAME_ASCENDING - NAME_DESCENDING ApplicationKeysType: default: application_keys description: Application Keys resource type. enum: - application_keys example: application_keys type: string x-enum-varnames: - APPLICATION_KEYS ApplicationSecurityWafCustomRuleAction: description: The definition of `ApplicationSecurityWafCustomRuleAction` object. properties: action: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleActionAction' parameters: $ref: >- #/components/schemas/ApplicationSecurityWafCustomRuleActionParameters type: object ApplicationSecurityWafCustomRuleActionAction: default: block_request description: >- Override the default action to take when the WAF custom rule would block. enum: - redirect_request - block_request example: block_request type: string x-enum-varnames: - REDIRECT_REQUEST - BLOCK_REQUEST ApplicationSecurityWafCustomRuleActionParameters: description: >- The definition of `ApplicationSecurityWafCustomRuleActionParameters` object. properties: location: description: The location to redirect to when the WAF custom rule triggers. example: /blocking type: string status_code: default: 403 description: The status code to return when the WAF custom rule triggers. example: 403 format: int64 type: integer type: object ApplicationSecurityWafCustomRuleAttributes: description: A WAF custom rule. properties: action: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleAction' blocking: description: Indicates whether the WAF custom rule will block the request. example: false type: boolean conditions: description: >- Conditions for which the WAF Custom Rule will triggers, all conditions needs to match in order for the WAF rule to trigger. items: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleCondition' type: array enabled: description: Indicates whether the WAF custom rule is enabled. example: false type: boolean metadata: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleMetadata' name: description: The Name of the WAF custom rule. example: Block request from bad useragent type: string path_glob: description: The path glob for the WAF custom rule. example: /api/search/* type: string scope: description: The scope of the WAF custom rule. items: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleScope' type: array tags: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleTags' required: - enabled - blocking - name - tags - conditions type: object ApplicationSecurityWafCustomRuleCondition: description: One condition of the WAF Custom Rule. properties: operator: $ref: >- #/components/schemas/ApplicationSecurityWafCustomRuleConditionOperator parameters: $ref: >- #/components/schemas/ApplicationSecurityWafCustomRuleConditionParameters required: - operator - parameters type: object ApplicationSecurityWafCustomRuleConditionInput: description: Input from the request on which the condition should apply. properties: address: $ref: >- #/components/schemas/ApplicationSecurityWafCustomRuleConditionInputAddress key_path: description: Specific path for the input. items: type: string type: array required: - address type: object ApplicationSecurityWafCustomRuleConditionInputAddress: description: Input from the request on which the condition should apply. enum: - server.db.statement - server.io.fs.file - server.io.net.url - server.sys.shell.cmd - server.request.method - server.request.uri.raw - server.request.path_params - server.request.query - server.request.headers.no_cookies - server.request.cookies - server.request.trailers - server.request.body - server.response.status - server.response.headers.no_cookies - server.response.trailers - grpc.server.request.metadata - grpc.server.request.message - grpc.server.method - graphql.server.all_resolvers - usr.id - http.client_ip example: server.db.statement type: string x-enum-varnames: - SERVER_DB_STATEMENT - SERVER_IO_FS_FILE - SERVER_IO_NET_URL - SERVER_SYS_SHELL_CMD - SERVER_REQUEST_METHOD - SERVER_REQUEST_URI_RAW - SERVER_REQUEST_PATH_PARAMS - SERVER_REQUEST_QUERY - SERVER_REQUEST_HEADERS_NO_COOKIES - SERVER_REQUEST_COOKIES - SERVER_REQUEST_TRAILERS - SERVER_REQUEST_BODY - SERVER_RESPONSE_STATUS - SERVER_RESPONSE_HEADERS_NO_COOKIES - SERVER_RESPONSE_TRAILERS - GRPC_SERVER_REQUEST_METADATA - GRPC_SERVER_REQUEST_MESSAGE - GRPC_SERVER_METHOD - GRAPHQL_SERVER_ALL_RESOLVERS - USR_ID - HTTP_CLIENT_IP ApplicationSecurityWafCustomRuleConditionOperator: description: Operator to use for the WAF Condition. enum: - match_regex - '!match_regex' - phrase_match - '!phrase_match' - is_xss - is_sqli - exact_match - '!exact_match' - ip_match - '!ip_match' - capture_data example: match_regex type: string x-enum-varnames: - MATCH_REGEX - NOT_MATCH_REGEX - PHRASE_MATCH - NOT_PHRASE_MATCH - IS_XSS - IS_SQLI - EXACT_MATCH - NOT_EXACT_MATCH - IP_MATCH - NOT_IP_MATCH - CAPTURE_DATA ApplicationSecurityWafCustomRuleConditionOptions: description: Options for the operator of this condition. properties: case_sensitive: default: false description: Evaluate the value as case sensitive. type: boolean example: true min_length: default: 0 description: >- Only evaluate this condition if the value has a minimum amount of characters. format: int64 type: integer example: 42 type: object ApplicationSecurityWafCustomRuleConditionParameters: description: The scope of the WAF custom rule. properties: data: description: >- Identifier of a list of data from the denylist. Can only be used as substitution from the list parameter. example: blocked_users type: string inputs: description: >- List of inputs on which at least one should match with the given operator. items: $ref: >- #/components/schemas/ApplicationSecurityWafCustomRuleConditionInput type: array list: description: >- List of value to use with the condition. Only used with the phrase_match, !phrase_match, exact_match and !exact_match operator. items: type: string type: array options: $ref: >- #/components/schemas/ApplicationSecurityWafCustomRuleConditionOptions regex: description: >- Regex to use with the condition. Only used with match_regex and !match_regex operator. example: path.* type: string value: description: >- Store the captured value in the specified tag name. Only used with the capture_data operator. example: custom_tag type: string required: - inputs type: object ApplicationSecurityWafCustomRuleCreateAttributes: description: Create a new WAF custom rule. properties: action: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleAction' blocking: description: Indicates whether the WAF custom rule will block the request. example: false type: boolean conditions: description: >- Conditions for which the WAF Custom Rule will triggers, all conditions needs to match in order for the WAF rule to trigger items: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleCondition' type: array enabled: description: Indicates whether the WAF custom rule is enabled. example: false type: boolean name: description: The Name of the WAF custom rule. example: Block request from a bad useragent type: string path_glob: description: The path glob for the WAF custom rule. example: /api/search/* type: string scope: description: The scope of the WAF custom rule. items: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleScope' type: array tags: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleTags' required: - enabled - blocking - name - tags - conditions type: object ApplicationSecurityWafCustomRuleCreateData: description: Object for a single WAF custom rule. properties: attributes: $ref: >- #/components/schemas/ApplicationSecurityWafCustomRuleCreateAttributes type: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleType' required: - attributes - type type: object ApplicationSecurityWafCustomRuleCreateRequest: description: Request object that includes the custom rule to create. properties: data: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleCreateData' required: - data type: object ApplicationSecurityWafCustomRuleData: description: Object for a single WAF custom rule. properties: attributes: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleAttributes' id: description: The ID of the custom rule. example: 2857c47d-1e3a-4300-8b2f-dc24089c084b readOnly: true type: string type: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleType' type: object ApplicationSecurityWafCustomRuleListResponse: description: Response object that includes a list of WAF custom rules. properties: data: description: The WAF custom rule data. items: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleData' type: array type: object ApplicationSecurityWafCustomRuleMetadata: description: Metadata associated with the WAF Custom Rule. properties: added_at: description: The date and time the WAF custom rule was created. example: '2021-01-01T00:00:00Z' format: date-time type: string added_by: description: The handle of the user who created the WAF custom rule. example: john.doe@datadoghq.com type: string added_by_name: description: The name of the user who created the WAF custom rule. example: John Doe type: string modified_at: description: The date and time the WAF custom rule was last updated. example: '2021-01-01T00:00:00Z' format: date-time type: string modified_by: description: The handle of the user who last updated the WAF custom rule. example: john.doe@datadoghq.com type: string modified_by_name: description: The name of the user who last updated the WAF custom rule. example: John Doe type: string readOnly: true type: object ApplicationSecurityWafCustomRuleResponse: description: Response object that includes a single WAF custom rule. properties: data: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleData' type: object ApplicationSecurityWafCustomRuleScope: description: The scope of the WAF custom rule. properties: env: description: The environment scope for the WAF custom rule. example: prod type: string service: description: The service scope for the WAF custom rule. example: billing-service type: string required: - service - env type: object ApplicationSecurityWafCustomRuleTags: additionalProperties: type: string description: >- Tags associated with the WAF Custom Rule. The concatenation of category and type will form the security activity field associated with the traces. maxProperties: 32 properties: category: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleTagsCategory' type: description: >- The type of the WAF rule, associated with the category will form the security activity. example: users.login.success type: string required: - category - type type: object ApplicationSecurityWafCustomRuleTagsCategory: description: >- The category of the WAF Rule, can be either `business_logic`, `attack_attempt` or `security_response`. enum: - attack_attempt - business_logic - security_response example: business_logic type: string x-enum-varnames: - ATTACK_ATTEMPT - BUSINESS_LOGIC - SECURITY_RESPONSE ApplicationSecurityWafCustomRuleType: default: custom_rule description: The type of the resource. The value should always be `custom_rule`. enum: - custom_rule example: custom_rule type: string x-enum-varnames: - CUSTOM_RULE ApplicationSecurityWafCustomRuleUpdateAttributes: description: Update a WAF custom rule. properties: action: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleAction' blocking: description: Indicates whether the WAF custom rule will block the request. example: false type: boolean conditions: description: >- Conditions for which the WAF Custom Rule will triggers, all conditions needs to match in order for the WAF rule to trigger. items: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleCondition' type: array enabled: description: Indicates whether the WAF custom rule is enabled. example: false type: boolean name: description: The Name of the WAF custom rule. example: Block request from bad useragent type: string path_glob: description: The path glob for the WAF custom rule. example: /api/search/* type: string scope: description: The scope of the WAF custom rule. items: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleScope' type: array tags: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleTags' required: - enabled - blocking - name - tags - conditions type: object ApplicationSecurityWafCustomRuleUpdateData: description: Object for a single WAF Custom Rule. properties: attributes: $ref: >- #/components/schemas/ApplicationSecurityWafCustomRuleUpdateAttributes type: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleType' required: - attributes - type type: object ApplicationSecurityWafCustomRuleUpdateRequest: description: Request object that includes the Custom Rule to update. properties: data: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleUpdateData' required: - data type: object ApplicationSecurityWafExclusionFilterAttributes: description: Attributes describing a WAF exclusion filter. properties: description: description: A description for the exclusion filter. example: Exclude false positives on a path type: string enabled: description: Indicates whether the exclusion filter is enabled. example: true type: boolean event_query: description: >- The event query matched by the legacy exclusion filter. Cannot be created nor updated. type: string example: avg:system.cpu.user{*} ip_list: description: >- The client IP addresses matched by the exclusion filter (CIDR notation is supported). items: example: 198.51.100.72 type: string type: array metadata: $ref: '#/components/schemas/ApplicationSecurityWafExclusionFilterMetadata' on_match: $ref: '#/components/schemas/ApplicationSecurityWafExclusionFilterOnMatch' parameters: description: >- A list of parameters matched by the exclusion filter in the HTTP query string and HTTP request body. Nested parameters can be matched by joining fields with a dot character. items: example: list.search.query type: string type: array path_glob: description: The HTTP path glob expression matched by the exclusion filter. example: /accounts/* type: string rules_target: description: The WAF rules targeted by the exclusion filter. items: $ref: >- #/components/schemas/ApplicationSecurityWafExclusionFilterRulesTarget type: array scope: description: The services where the exclusion filter is deployed. items: $ref: '#/components/schemas/ApplicationSecurityWafExclusionFilterScope' type: array search_query: description: >- Generated event search query for traces matching the exclusion filter. readOnly: true type: string example: avg:system.cpu.user{*} type: object ApplicationSecurityWafExclusionFilterCreateAttributes: description: Attributes for creating a WAF exclusion filter. properties: description: description: A description for the exclusion filter. example: Exclude false positives on a path type: string enabled: description: Indicates whether the exclusion filter is enabled. example: true type: boolean ip_list: description: >- The client IP addresses matched by the exclusion filter (CIDR notation is supported). items: example: 198.51.100.72 type: string type: array on_match: $ref: '#/components/schemas/ApplicationSecurityWafExclusionFilterOnMatch' parameters: description: >- A list of parameters matched by the exclusion filter in the HTTP query string and HTTP request body. Nested parameters can be matched by joining fields with a dot character. items: example: list.search.query type: string type: array path_glob: description: The HTTP path glob expression matched by the exclusion filter. example: /accounts/* type: string rules_target: description: The WAF rules targeted by the exclusion filter. items: $ref: >- #/components/schemas/ApplicationSecurityWafExclusionFilterRulesTarget type: array scope: description: The services where the exclusion filter is deployed. items: $ref: '#/components/schemas/ApplicationSecurityWafExclusionFilterScope' type: array required: - description - enabled type: object ApplicationSecurityWafExclusionFilterCreateData: description: Object for creating a single WAF exclusion filter. properties: attributes: $ref: >- #/components/schemas/ApplicationSecurityWafExclusionFilterCreateAttributes type: $ref: '#/components/schemas/ApplicationSecurityWafExclusionFilterType' required: - attributes - type type: object ApplicationSecurityWafExclusionFilterCreateRequest: description: Request object for creating a single WAF exclusion filter. properties: data: $ref: '#/components/schemas/ApplicationSecurityWafExclusionFilterCreateData' required: - data type: object ApplicationSecurityWafExclusionFilterID: description: The identifier of the WAF exclusion filter. example: 3dd-0uc-h1s readOnly: true type: string ApplicationSecurityWafExclusionFilterMetadata: description: Extra information about the exclusion filter. properties: added_at: description: The creation date of the exclusion filter. format: date-time type: string example: example_value added_by: description: The handle of the user who created the exclusion filter. type: string example: example_value added_by_name: description: The name of the user who created the exclusion filter. type: string example: Example Monitor modified_at: description: The last modification date of the exclusion filter. format: date-time type: string example: example_value modified_by: description: The handle of the user who last modified the exclusion filter. type: string example: example_value modified_by_name: description: The name of the user who last modified the exclusion filter. type: string example: Example Monitor readOnly: true type: object ApplicationSecurityWafExclusionFilterOnMatch: description: >- The action taken when the exclusion filter matches. When set to `monitor`, security traces are emitted but the requests are not blocked. By default, security traces are not emitted and the requests are not blocked. enum: - monitor type: string x-enum-varnames: - MONITOR ApplicationSecurityWafExclusionFilterResource: description: A JSON:API resource for an WAF exclusion filter. properties: attributes: $ref: '#/components/schemas/ApplicationSecurityWafExclusionFilterAttributes' id: $ref: '#/components/schemas/ApplicationSecurityWafExclusionFilterID' type: $ref: '#/components/schemas/ApplicationSecurityWafExclusionFilterType' type: object ApplicationSecurityWafExclusionFilterResponse: description: Response object for a single WAF exclusion filter. properties: data: $ref: '#/components/schemas/ApplicationSecurityWafExclusionFilterResource' type: object ApplicationSecurityWafExclusionFilterRulesTarget: description: Target WAF rules based either on an identifier or tags. properties: rule_id: description: Target a single WAF rule based on its identifier. example: dog-913-009 type: string tags: $ref: >- #/components/schemas/ApplicationSecurityWafExclusionFilterRulesTargetTags type: object ApplicationSecurityWafExclusionFilterRulesTargetTags: additionalProperties: type: string description: Target multiple WAF rules based on their tags. properties: category: description: The category of the targeted WAF rules. example: attack_attempt type: string type: description: The type of the targeted WAF rules. example: lfi type: string type: object ApplicationSecurityWafExclusionFilterScope: description: Deploy on services based on their environment and/or service name. properties: env: description: Deploy on this environment. example: www type: string service: description: Deploy on this service. example: prod type: string type: object ApplicationSecurityWafExclusionFilterType: default: exclusion_filter description: Type of the resource. The value should always be `exclusion_filter`. enum: - exclusion_filter example: exclusion_filter type: string x-enum-varnames: - EXCLUSION_FILTER ApplicationSecurityWafExclusionFilterUpdateAttributes: description: Attributes for updating a WAF exclusion filter. properties: description: description: A description for the exclusion filter. example: Exclude false positives on a path type: string enabled: description: Indicates whether the exclusion filter is enabled. example: true type: boolean ip_list: description: >- The client IP addresses matched by the exclusion filter (CIDR notation is supported). items: example: 198.51.100.72 type: string type: array on_match: $ref: '#/components/schemas/ApplicationSecurityWafExclusionFilterOnMatch' parameters: description: >- A list of parameters matched by the exclusion filter in the HTTP query string and HTTP request body. Nested parameters can be matched by joining fields with a dot character. items: example: list.search.query type: string type: array path_glob: description: The HTTP path glob expression matched by the exclusion filter. example: /accounts/* type: string rules_target: description: The WAF rules targeted by the exclusion filter. items: $ref: >- #/components/schemas/ApplicationSecurityWafExclusionFilterRulesTarget type: array scope: description: The services where the exclusion filter is deployed. items: $ref: '#/components/schemas/ApplicationSecurityWafExclusionFilterScope' type: array required: - description - enabled type: object ApplicationSecurityWafExclusionFilterUpdateData: description: Object for updating a single WAF exclusion filter. properties: attributes: $ref: >- #/components/schemas/ApplicationSecurityWafExclusionFilterUpdateAttributes type: $ref: '#/components/schemas/ApplicationSecurityWafExclusionFilterType' required: - attributes - type type: object ApplicationSecurityWafExclusionFilterUpdateRequest: description: Request object for updating a single WAF exclusion filter. properties: data: $ref: '#/components/schemas/ApplicationSecurityWafExclusionFilterUpdateData' required: - data type: object ApplicationSecurityWafExclusionFiltersResponse: description: Response object for multiple WAF exclusion filters. properties: data: description: A list of WAF exclusion filters. items: $ref: '#/components/schemas/ApplicationSecurityWafExclusionFilterResource' type: array type: object AppsSortField: description: The field and direction to sort apps by enum: - name - created_at - updated_at - user_name - '-name' - '-created_at' - '-updated_at' - '-user_name' example: '-created_at' type: string x-enum-varnames: - NAME - CREATED_AT - UPDATED_AT - USER_NAME - NAME_DESC - CREATED_AT_DESC - UPDATED_AT_DESC - USER_NAME_DESC Asset: description: A single vulnerable asset properties: attributes: $ref: '#/components/schemas/AssetAttributes' id: description: The unique ID for this asset. example: Repository|github.com/DataDog/datadog-agent.git type: string type: $ref: '#/components/schemas/AssetEntityType' required: - id - type - attributes type: object AssetAttributes: description: The JSON:API attributes of the asset. properties: arch: description: Asset architecture. example: arm64 type: string environments: description: List of environments where the asset is deployed. example: - staging items: example: staging type: string type: array name: description: Asset name. example: github.com/DataDog/datadog-agent.git type: string operating_system: $ref: '#/components/schemas/AssetOperatingSystem' risks: $ref: '#/components/schemas/AssetRisks' type: $ref: '#/components/schemas/AssetType' version: $ref: '#/components/schemas/AssetVersion' required: - name - type - risks - environments type: object AssetEntityType: description: The JSON:API type. enum: - assets example: assets type: string x-enum-varnames: - ASSETS AssetOperatingSystem: description: Asset operating system. properties: description: description: Operating system version. example: '24.04' type: string name: description: Operating system name. example: ubuntu type: string required: - name type: object AssetRisks: description: Asset risks. properties: has_access_to_sensitive_data: description: Whether the asset has access to sensitive data or not. example: false type: boolean has_privileged_access: description: Whether the asset has privileged access or not. example: false type: boolean in_production: description: Whether the asset is in production or not. example: false type: boolean is_publicly_accessible: description: Whether the asset is publicly accessible or not. example: false type: boolean under_attack: description: Whether the asset is under attack or not. example: false type: boolean required: - in_production type: object AssetType: description: The asset type enum: - Repository - Service - Host - HostImage - Image example: Repository type: string x-enum-varnames: - REPOSITORY - SERVICE - HOST - HOSTIMAGE - IMAGE AssetVersion: description: Asset version. properties: first: description: Asset first version. example: _latest type: string last: description: Asset last version. example: _latest type: string type: object AuditLogsEvent: description: >- Object description of an Audit Logs event after it is processed and stored by Datadog. properties: attributes: $ref: '#/components/schemas/AuditLogsEventAttributes' id: description: Unique ID of the event. example: AAAAAWgN8Xwgr1vKDQAAAABBV2dOOFh3ZzZobm1mWXJFYTR0OA type: string type: $ref: '#/components/schemas/AuditLogsEventType' type: object AuditLogsEventAttributes: description: JSON object containing all event attributes and their associated values. properties: attributes: additionalProperties: {} description: JSON object of attributes from Audit Logs events. example: customAttribute: 123 duration: 2345 type: object message: description: Message of the event. type: string example: CPU usage is high on {{host.name}} service: description: >- Name of the application or service generating Audit Logs events. This name is used to correlate Audit Logs to APM, so make sure you specify the same value when you use both products. example: web-app type: string tags: description: Array of tags associated with your event. example: - team:A items: description: Tag associated with your event. type: string type: array timestamp: description: Timestamp of your event. example: '2019-01-02T09:42:36.320Z' format: date-time type: string type: object AuditLogsEventType: default: audit description: Type of the event. enum: - audit example: audit type: string x-enum-varnames: - Audit AuditLogsEventsResponse: description: >- Response object with all events matching the request and pagination information. properties: data: description: Array of events matching the request. items: $ref: '#/components/schemas/AuditLogsEvent' type: array links: $ref: '#/components/schemas/AuditLogsResponseLinks' meta: $ref: '#/components/schemas/AuditLogsResponseMetadata' type: object AuditLogsQueryFilter: description: Search and filter query settings. properties: from: default: now-15m description: >- Minimum time for the requested events. Supports date, math, and regular timestamps (in milliseconds). example: now-15m type: string query: default: '*' description: Search query following the Audit Logs search syntax. example: '@type:session AND @session.type:user' type: string to: default: now description: >- Maximum time for the requested events. Supports date, math, and regular timestamps (in milliseconds). example: now type: string type: object AuditLogsQueryOptions: description: >- Global query options that are used during the query. Note: Specify either timezone or time offset, not both. Otherwise, the query fails. properties: time_offset: description: Time offset (in seconds) to apply to the query. format: int64 type: integer example: 42 timezone: default: UTC description: >- The timezone can be specified as GMT, UTC, an offset from UTC (like UTC+1), or as a Timezone Database identifier (like America/New_York). example: GMT type: string type: object AuditLogsQueryPageOptions: description: Paging attributes for listing events. properties: cursor: description: List following results with a cursor provided in the previous query. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string limit: default: 10 description: Maximum number of events in the response. example: 25 format: int32 maximum: 1000 type: integer type: object AuditLogsResponseLinks: description: Links attributes. properties: next: description: >- Link for the next set of results. Note that the request can also be made using the POST endpoint. example: >- https://app.datadoghq.com/api/v2/audit/event?filter[query]=foo&page[cursor]=eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string type: object AuditLogsResponseMetadata: description: The metadata associated with a request. properties: elapsed: description: Time elapsed in milliseconds. example: 132 format: int64 type: integer page: $ref: '#/components/schemas/AuditLogsResponsePage' request_id: description: The identifier of the request. example: MWlFUjVaWGZTTTZPYzM0VXp1OXU2d3xLSVpEMjZKQ0VKUTI0dEYtM3RSOFVR type: string status: $ref: '#/components/schemas/AuditLogsResponseStatus' warnings: description: >- A list of warnings (non-fatal errors) encountered. Partial results may return if warnings are present in the response. items: $ref: '#/components/schemas/AuditLogsWarning' type: array type: object AuditLogsResponsePage: description: Paging attributes. properties: after: description: >- The cursor to use to get the next results, if any. To make the next request, use the same parameters with the addition of `page[cursor]`. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string type: object AuditLogsResponseStatus: description: The status of the response. enum: - done - timeout example: done type: string x-enum-varnames: - DONE - TIMEOUT AuditLogsSearchEventsRequest: description: The request for a Audit Logs events list. properties: filter: $ref: '#/components/schemas/AuditLogsQueryFilter' options: $ref: '#/components/schemas/AuditLogsQueryOptions' page: $ref: '#/components/schemas/AuditLogsQueryPageOptions' sort: $ref: '#/components/schemas/AuditLogsSort' type: object AuditLogsSort: description: Sort parameters when querying events. enum: - timestamp - '-timestamp' type: string x-enum-varnames: - TIMESTAMP_ASCENDING - TIMESTAMP_DESCENDING AuditLogsWarning: description: Warning message indicating something that went wrong with the query. properties: code: description: Unique code for this type of warning. example: unknown_index type: string detail: description: Detailed explanation of this specific warning. example: 'indexes: foo, bar' type: string title: description: Short human-readable summary of the warning. example: >- One or several indexes are missing or invalid, results hold data from the other indexes type: string type: object AuthNMapping: description: The AuthN Mapping object returned by API. properties: attributes: $ref: '#/components/schemas/AuthNMappingAttributes' id: description: ID of the AuthN Mapping. example: 3653d3c6-0c75-11ea-ad28-fb5701eabc7d type: string relationships: $ref: '#/components/schemas/AuthNMappingRelationships' type: $ref: '#/components/schemas/AuthNMappingsType' required: - id - type type: object x-merge-override: required: false AuthNMappingAttributes: description: Attributes of AuthN Mapping. properties: attribute_key: description: >- Key portion of a key/value pair of the attribute sent from the Identity Provider. example: member-of type: string attribute_value: description: >- Value portion of a key/value pair of the attribute sent from the Identity Provider. example: Development type: string created_at: description: Creation time of the AuthN Mapping. format: date-time readOnly: true type: string example: example_value modified_at: description: Time of last AuthN Mapping modification. format: date-time readOnly: true type: string example: example_value saml_assertion_attribute_id: description: The ID of the SAML assertion attribute. example: '0' type: string type: object AuthNMappingCreateAttributes: description: Key/Value pair of attributes used for create request. properties: attribute_key: description: >- Key portion of a key/value pair of the attribute sent from the Identity Provider. example: member-of type: string attribute_value: description: >- Value portion of a key/value pair of the attribute sent from the Identity Provider. example: Development type: string type: object AuthNMappingCreateData: description: Data for creating an AuthN Mapping. properties: attributes: $ref: '#/components/schemas/AuthNMappingCreateAttributes' relationships: $ref: '#/components/schemas/AuthNMappingCreateRelationships' type: $ref: '#/components/schemas/AuthNMappingsType' required: - type type: object AuthNMappingCreateRelationships: description: Relationship of AuthN Mapping create object to a Role or Team. oneOf: - $ref: '#/components/schemas/AuthNMappingRelationshipToRole' - $ref: '#/components/schemas/AuthNMappingRelationshipToTeam' AuthNMappingCreateRequest: description: Request for creating an AuthN Mapping. properties: data: $ref: '#/components/schemas/AuthNMappingCreateData' required: - data type: object AuthNMappingIncluded: description: Included data in the AuthN Mapping response. oneOf: - $ref: '#/components/schemas/SAMLAssertionAttribute' - $ref: '#/components/schemas/Role' - $ref: '#/components/schemas/AuthNMappingTeam' AuthNMappingRelationshipToRole: description: Relationship of AuthN Mapping to a Role. properties: role: $ref: '#/components/schemas/RelationshipToRole' required: - role type: object AuthNMappingRelationshipToTeam: description: Relationship of AuthN Mapping to a Team. properties: team: $ref: '#/components/schemas/RelationshipToTeam' required: - team type: object AuthNMappingRelationships: description: All relationships associated with AuthN Mapping. properties: role: $ref: '#/components/schemas/RelationshipToRole' saml_assertion_attribute: $ref: '#/components/schemas/RelationshipToSAMLAssertionAttribute' team: $ref: '#/components/schemas/RelationshipToTeam' type: object AuthNMappingResourceType: description: The type of resource being mapped to. enum: - role - team type: string x-enum-varnames: - ROLE - TEAM AuthNMappingResponse: description: AuthN Mapping response from the API. properties: data: $ref: '#/components/schemas/AuthNMapping' included: description: Included data in the AuthN Mapping response. items: $ref: '#/components/schemas/AuthNMappingIncluded' type: array type: object AuthNMappingTeam: description: Team. properties: attributes: $ref: '#/components/schemas/AuthNMappingTeamAttributes' id: description: The ID of the Team. example: f9bb8444-af7f-11ec-ac2c-da7ad0900001 type: string type: $ref: '#/components/schemas/TeamType' type: object AuthNMappingTeamAttributes: description: Team attributes. properties: avatar: description: >- Unicode representation of the avatar for the team, limited to a single grapheme example: 🥑 nullable: true type: string banner: description: Banner selection for the team format: int64 nullable: true type: integer example: 42 handle: description: The team's identifier example: example-team maxLength: 195 type: string link_count: description: The number of links belonging to the team format: int32 maximum: 2147483647 readOnly: true type: integer example: 42 name: description: The name of the team example: Example Team maxLength: 200 type: string summary: description: A brief summary of the team, derived from the `description` maxLength: 120 nullable: true type: string example: example_value user_count: description: The number of users belonging to the team format: int32 maximum: 2147483647 readOnly: true type: integer example: 42 type: object AuthNMappingUpdateAttributes: description: Key/Value pair of attributes used for update request. properties: attribute_key: description: >- Key portion of a key/value pair of the attribute sent from the Identity Provider. example: member-of type: string attribute_value: description: >- Value portion of a key/value pair of the attribute sent from the Identity Provider. example: Development type: string type: object AuthNMappingUpdateData: description: Data for updating an AuthN Mapping. properties: attributes: $ref: '#/components/schemas/AuthNMappingUpdateAttributes' id: description: ID of the AuthN Mapping. example: 3653d3c6-0c75-11ea-ad28-fb5701eabc7d type: string relationships: $ref: '#/components/schemas/AuthNMappingUpdateRelationships' type: $ref: '#/components/schemas/AuthNMappingsType' required: - id - type type: object AuthNMappingUpdateRelationships: description: Relationship of AuthN Mapping update object to a Role or Team. oneOf: - $ref: '#/components/schemas/AuthNMappingRelationshipToRole' - $ref: '#/components/schemas/AuthNMappingRelationshipToTeam' AuthNMappingUpdateRequest: description: Request to update an AuthN Mapping. properties: data: $ref: '#/components/schemas/AuthNMappingUpdateData' required: - data type: object AuthNMappingsResponse: description: Array of AuthN Mappings response. properties: data: description: Array of returned AuthN Mappings. items: $ref: '#/components/schemas/AuthNMapping' type: array included: description: Included data in the AuthN Mapping response. items: $ref: '#/components/schemas/AuthNMappingIncluded' type: array meta: $ref: '#/components/schemas/ResponseMetaAttributes' type: object AuthNMappingsSort: description: Sorting options for AuthN Mappings. enum: - created_at - '-created_at' - role_id - '-role_id' - saml_assertion_attribute_id - '-saml_assertion_attribute_id' - role.name - '-role.name' - saml_assertion_attribute.attribute_key - '-saml_assertion_attribute.attribute_key' - saml_assertion_attribute.attribute_value - '-saml_assertion_attribute.attribute_value' type: string x-enum-varnames: - CREATED_AT_ASCENDING - CREATED_AT_DESCENDING - ROLE_ID_ASCENDING - ROLE_ID_DESCENDING - SAML_ASSERTION_ATTRIBUTE_ID_ASCENDING - SAML_ASSERTION_ATTRIBUTE_ID_DESCENDING - ROLE_NAME_ASCENDING - ROLE_NAME_DESCENDING - SAML_ASSERTION_ATTRIBUTE_KEY_ASCENDING - SAML_ASSERTION_ATTRIBUTE_KEY_DESCENDING - SAML_ASSERTION_ATTRIBUTE_VALUE_ASCENDING - SAML_ASSERTION_ATTRIBUTE_VALUE_DESCENDING AuthNMappingsType: default: authn_mappings description: AuthN Mappings resource type. enum: - authn_mappings example: authn_mappings type: string x-enum-varnames: - AUTHN_MAPPINGS AwsAccountId: description: The ID of the AWS account. example: '123456789012' type: string AwsCURConfig: description: AWS CUR config. properties: attributes: $ref: '#/components/schemas/AwsCURConfigAttributes' id: description: The ID of the AWS CUR config. format: int64 type: integer example: 42 type: $ref: '#/components/schemas/AwsCURConfigType' required: - attributes - type type: object x-merge-override: required: false AwsCURConfigAttributes: description: Attributes for An AWS CUR config. properties: account_filters: $ref: '#/components/schemas/AccountFilteringConfig' account_id: description: The AWS account ID. example: '123456789123' type: string bucket_name: description: The AWS bucket name used to store the Cost and Usage Report. example: dd-cost-bucket type: string bucket_region: description: The region the bucket is located in. example: us-east-1 type: string created_at: description: The timestamp when the AWS CUR config was created. pattern: ^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d{6}$ type: string x-merge-override: format: false example: example_value error_messages: description: The error messages for the AWS CUR config. items: type: string type: array months: deprecated: true description: The number of months the report has been backfilled. format: int32 maximum: 36 type: integer example: 42 report_name: description: The name of the Cost and Usage Report. example: dd-report-name type: string report_prefix: description: The report prefix used for the Cost and Usage Report. example: dd-report-prefix type: string status: description: The status of the AWS CUR. example: active type: string status_updated_at: description: The timestamp when the AWS CUR config status was updated. pattern: ^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d{6}$ type: string x-merge-override: format: false example: OK updated_at: description: The timestamp when the AWS CUR config status was updated. pattern: ^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d{6}$ type: string x-merge-override: format: false example: '2026-04-17T12:00:00Z' required: - account_id - bucket_name - bucket_region - report_name - report_prefix - status type: object x-merge-override: required: false AwsCURConfigPatchData: description: AWS CUR config Patch data. properties: attributes: $ref: '#/components/schemas/AwsCURConfigPatchRequestAttributes' type: $ref: '#/components/schemas/AwsCURConfigPatchRequestType' required: - attributes - type type: object x-merge-override: required: false AwsCURConfigPatchRequest: description: AWS CUR config Patch Request. properties: data: $ref: '#/components/schemas/AwsCURConfigPatchData' required: - data type: object AwsCURConfigPatchRequestAttributes: description: Attributes for AWS CUR config Patch Request. properties: account_filters: $ref: '#/components/schemas/AccountFilteringConfig' is_enabled: description: Whether or not the Cloud Cost Management account is enabled. example: true type: boolean type: object AwsCURConfigPatchRequestType: default: aws_cur_config_patch_request description: Type of AWS CUR config Patch Request. enum: - aws_cur_config_patch_request example: aws_cur_config_patch_request type: string x-enum-varnames: - AWS_CUR_CONFIG_PATCH_REQUEST AwsCURConfigPostData: description: AWS CUR config Post data. properties: attributes: $ref: '#/components/schemas/AwsCURConfigPostRequestAttributes' type: $ref: '#/components/schemas/AwsCURConfigPostRequestType' required: - attributes - type type: object AwsCURConfigPostRequest: description: AWS CUR config Post Request. properties: data: $ref: '#/components/schemas/AwsCURConfigPostData' required: - data type: object AwsCURConfigPostRequestAttributes: description: Attributes for AWS CUR config Post Request. properties: account_filters: $ref: '#/components/schemas/AccountFilteringConfig' account_id: description: The AWS account ID. example: '123456789123' type: string bucket_name: description: The AWS bucket name used to store the Cost and Usage Report. example: dd-cost-bucket type: string bucket_region: description: The region the bucket is located in. example: us-east-1 type: string is_enabled: description: Whether or not the Cloud Cost Management account is enabled. type: boolean example: true months: description: The month of the report. format: int32 maximum: 36 type: integer example: 42 report_name: description: The name of the Cost and Usage Report. example: dd-report-name type: string report_prefix: description: The report prefix used for the Cost and Usage Report. example: dd-report-prefix type: string required: - account_id - bucket_name - report_name - report_prefix type: object AwsCURConfigPostRequestType: default: aws_cur_config_post_request description: Type of AWS CUR config Post Request. enum: - aws_cur_config_post_request example: aws_cur_config_post_request type: string x-enum-varnames: - AWS_CUR_CONFIG_POST_REQUEST AwsCURConfigResponse: description: Response of AWS CUR config. properties: data: $ref: '#/components/schemas/AwsCURConfig' type: object AwsCURConfigType: default: aws_cur_config description: Type of AWS CUR config. enum: - aws_cur_config example: aws_cur_config type: string x-enum-varnames: - AWS_CUR_CONFIG AwsCURConfigsResponse: description: List of AWS CUR configs. properties: data: description: An AWS CUR config. items: $ref: '#/components/schemas/AwsCURConfig' type: array type: object AwsOnDemandAttributes: description: Attributes for the AWS on demand task. properties: arn: description: The arn of the resource to scan. example: arn:aws:ec2:us-east-1:727000456123:instance/i-0eabb50529b67a1ba type: string assigned_at: description: >- Specifies the assignment timestamp if the task has been already assigned to a scanner. example: '2025-02-11T18:25:04.550564Z' type: string created_at: description: The task submission timestamp. example: '2025-02-11T18:13:24.576915Z' type: string status: description: >- Indicates the status of the task. QUEUED: the task has been submitted successfully and the resource has not been assigned to a scanner yet. ASSIGNED: the task has been assigned. ABORTED: the scan has been aborted after a period of time due to technical reasons, such as resource not found, insufficient permissions, or the absence of a configured scanner. example: QUEUED type: string type: object AwsOnDemandCreateAttributes: description: Attributes for the AWS on demand task. properties: arn: description: >- The arn of the resource to scan. Agentless supports the scan of EC2 instances, lambda functions, AMI, ECR, RDS and S3 buckets. example: arn:aws:ec2:us-east-1:727000456123:instance/i-0eabb50529b67a1ba type: string required: - arn type: object AwsOnDemandCreateData: description: Object for a single AWS on demand task. properties: attributes: $ref: '#/components/schemas/AwsOnDemandCreateAttributes' type: $ref: '#/components/schemas/AwsOnDemandType' required: - type - attributes type: object AwsOnDemandCreateRequest: description: Request object that includes the on demand task to submit. properties: data: $ref: '#/components/schemas/AwsOnDemandCreateData' required: - data type: object AwsOnDemandData: description: Single AWS on demand task. properties: attributes: $ref: '#/components/schemas/AwsOnDemandAttributes' id: description: The UUID of the task. example: 6d09294c-9ad9-42fd-a759-a0c1599b4828 type: string type: $ref: '#/components/schemas/AwsOnDemandType' type: object AwsOnDemandListResponse: description: Response object that includes a list of AWS on demand tasks. properties: data: description: A list of on demand tasks. items: $ref: '#/components/schemas/AwsOnDemandData' type: array type: object AwsOnDemandResponse: description: Response object that includes an AWS on demand task. properties: data: $ref: '#/components/schemas/AwsOnDemandData' type: object AwsOnDemandType: default: aws_resource description: >- The type of the on demand task. The value should always be `aws_resource`. enum: - aws_resource example: aws_resource type: string x-enum-varnames: - AWS_RESOURCE AwsScanOptionsAttributes: description: Attributes for the AWS scan options. properties: lambda: description: Indicates if scanning of Lambda functions is enabled. example: true type: boolean sensitive_data: description: Indicates if scanning for sensitive data is enabled. example: false type: boolean vuln_containers_os: description: Indicates if scanning for vulnerabilities in containers is enabled. example: true type: boolean vuln_host_os: description: Indicates if scanning for vulnerabilities in hosts is enabled. example: true type: boolean type: object AwsScanOptionsCreateAttributes: description: Attributes for the AWS scan options to create. properties: lambda: description: Indicates if scanning of Lambda functions is enabled. example: true type: boolean sensitive_data: description: Indicates if scanning for sensitive data is enabled. example: false type: boolean vuln_containers_os: description: Indicates if scanning for vulnerabilities in containers is enabled. example: true type: boolean vuln_host_os: description: Indicates if scanning for vulnerabilities in hosts is enabled. example: true type: boolean required: - lambda - sensitive_data - vuln_containers_os - vuln_host_os type: object AwsScanOptionsCreateData: description: Object for the scan options of a single AWS account. properties: attributes: $ref: '#/components/schemas/AwsScanOptionsCreateAttributes' id: $ref: '#/components/schemas/AwsAccountId' type: $ref: '#/components/schemas/AwsScanOptionsType' required: - id - type - attributes type: object AwsScanOptionsCreateRequest: description: Request object that includes the scan options to create. properties: data: $ref: '#/components/schemas/AwsScanOptionsCreateData' required: - data type: object AwsScanOptionsData: description: Single AWS Scan Options entry. properties: attributes: $ref: '#/components/schemas/AwsScanOptionsAttributes' id: description: The ID of the AWS account. example: '184366314700' type: string type: $ref: '#/components/schemas/AwsScanOptionsType' type: object AwsScanOptionsListResponse: description: Response object that includes a list of AWS scan options. properties: data: description: A list of AWS scan options. items: $ref: '#/components/schemas/AwsScanOptionsData' type: array type: object AwsScanOptionsResponse: description: Response object that includes the scan options of an AWS account. properties: data: $ref: '#/components/schemas/AwsScanOptionsData' type: object AwsScanOptionsType: default: aws_scan_options description: The type of the resource. The value should always be `aws_scan_options`. enum: - aws_scan_options example: aws_scan_options type: string x-enum-varnames: - AWS_SCAN_OPTIONS AwsScanOptionsUpdateAttributes: description: Attributes for the AWS scan options to update. properties: lambda: description: Indicates if scanning of Lambda functions is enabled. example: true type: boolean sensitive_data: description: Indicates if scanning for sensitive data is enabled. example: false type: boolean vuln_containers_os: description: Indicates if scanning for vulnerabilities in containers is enabled. example: true type: boolean vuln_host_os: description: Indicates if scanning for vulnerabilities in hosts is enabled. example: true type: boolean type: object AwsScanOptionsUpdateData: description: Object for the scan options of a single AWS account. properties: attributes: $ref: '#/components/schemas/AwsScanOptionsUpdateAttributes' id: $ref: '#/components/schemas/AwsAccountId' type: $ref: '#/components/schemas/AwsScanOptionsType' required: - id - type - attributes type: object AwsScanOptionsUpdateRequest: description: Request object that includes the scan options to update. properties: data: $ref: '#/components/schemas/AwsScanOptionsUpdateData' required: - data type: object AzureStorageDestination: description: >- The `azure_storage` destination forwards logs to an Azure Blob Storage container. properties: blob_prefix: description: Optional prefix for blobs written to the container. example: logs/ type: string container_name: description: The name of the Azure Blob Storage container to store logs in. example: my-log-container type: string id: description: The unique identifier for this component. example: azure-storage-destination type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - processor-id items: type: string type: array type: $ref: '#/components/schemas/AzureStorageDestinationType' required: - id - type - inputs - container_name type: object AzureStorageDestinationType: default: azure_storage description: The destination type. The value should always be `azure_storage`. enum: - azure_storage example: azure_storage type: string x-enum-varnames: - AZURE_STORAGE AzureUCConfig: description: Azure config. properties: account_id: description: The tenant ID of the azure account. example: 1234abcd-1234-abcd-1234-1234abcd1234 type: string client_id: description: The client ID of the Azure account. example: 1234abcd-1234-abcd-1234-1234abcd1234 type: string created_at: description: The timestamp when the Azure config was created. pattern: ^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d{6}$ type: string x-merge-override: format: false example: example_value dataset_type: description: The dataset type of the Azure config. example: actual type: string error_messages: description: The error messages for the Azure config. items: type: string type: array export_name: description: The name of the configured Azure Export. example: dd-actual-export type: string export_path: description: The path where the Azure Export is saved. example: dd-export-path type: string id: description: The ID of the Azure config. format: int64 type: integer example: 42 months: deprecated: true description: The number of months the report has been backfilled. format: int32 maximum: 36 type: integer example: 42 scope: description: The scope of your observed subscription. example: /subscriptions/1234abcd-1234-abcd-1234-1234abcd1234 type: string status: description: The status of the Azure config. example: active type: string status_updated_at: description: The timestamp when the Azure config status was last updated. pattern: ^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d{6}$ type: string x-merge-override: format: false example: OK storage_account: description: The name of the storage account where the Azure Export is saved. example: dd-storage-account type: string storage_container: description: The name of the storage container where the Azure Export is saved. example: dd-storage-container type: string updated_at: description: The timestamp when the Azure config was last updated. pattern: ^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d{6}$ type: string x-merge-override: format: false example: '2026-04-17T12:00:00Z' required: - account_id - client_id - dataset_type - export_name - export_path - scope - status - storage_account - storage_container type: object x-merge-override: required: false AzureUCConfigPair: description: Azure config pair. properties: attributes: $ref: '#/components/schemas/AzureUCConfigPairAttributes' id: description: The ID of Cloud Cost Management account. format: int64 type: integer example: 42 type: $ref: '#/components/schemas/AzureUCConfigPairType' required: - attributes - type type: object x-merge-override: required: false AzureUCConfigPairAttributes: description: Attributes for Azure config pair. properties: configs: description: An Azure config. items: $ref: '#/components/schemas/AzureUCConfig' type: array id: description: The ID of the Azure config pair. format: int64 type: integer example: 42 required: - configs type: object x-merge-override: properties: false AzureUCConfigPairType: default: azure_uc_configs description: Type of Azure config pair. enum: - azure_uc_configs example: azure_uc_configs type: string x-enum-varnames: - AZURE_UC_CONFIGS AzureUCConfigPairsResponse: description: Response of Azure config pair. properties: data: $ref: '#/components/schemas/AzureUCConfigPair' type: object AzureUCConfigPatchData: description: Azure config Patch data. properties: attributes: $ref: '#/components/schemas/AzureUCConfigPatchRequestAttributes' type: $ref: '#/components/schemas/AzureUCConfigPatchRequestType' required: - attributes - type type: object AzureUCConfigPatchRequest: description: Azure config Patch Request. properties: data: $ref: '#/components/schemas/AzureUCConfigPatchData' required: - data type: object AzureUCConfigPatchRequestAttributes: description: Attributes for Azure config Patch Request. properties: is_enabled: description: Whether or not the Cloud Cost Management account is enabled. example: true type: boolean required: - is_enabled type: object AzureUCConfigPatchRequestType: default: azure_uc_config_patch_request description: Type of Azure config Patch Request. enum: - azure_uc_config_patch_request example: azure_uc_config_patch_request type: string x-enum-varnames: - AZURE_UC_CONFIG_PATCH_REQUEST AzureUCConfigPostData: description: Azure config Post data. properties: attributes: $ref: '#/components/schemas/AzureUCConfigPostRequestAttributes' type: $ref: '#/components/schemas/AzureUCConfigPostRequestType' required: - attributes - type type: object AzureUCConfigPostRequest: description: Azure config Post Request. properties: data: $ref: '#/components/schemas/AzureUCConfigPostData' required: - data type: object AzureUCConfigPostRequestAttributes: description: Attributes for Azure config Post Request. properties: account_id: description: The tenant ID of the azure account. example: 1234abcd-1234-abcd-1234-1234abcd1234 type: string actual_bill_config: $ref: '#/components/schemas/BillConfig' amortized_bill_config: $ref: '#/components/schemas/BillConfig' client_id: description: The client ID of the azure account. example: 1234abcd-1234-abcd-1234-1234abcd1234 type: string is_enabled: description: Whether or not the Cloud Cost Management account is enabled. type: boolean example: true scope: description: The scope of your observed subscription. example: /subscriptions/1234abcd-1234-abcd-1234-1234abcd1234 type: string required: - account_id - actual_bill_config - amortized_bill_config - client_id - scope type: object AzureUCConfigPostRequestType: default: azure_uc_config_post_request description: Type of Azure config Post Request. enum: - azure_uc_config_post_request example: azure_uc_config_post_request type: string x-enum-varnames: - AZURE_UC_CONFIG_POST_REQUEST AzureUCConfigsResponse: description: List of Azure accounts with configs. properties: data: description: An Azure config pair. items: $ref: '#/components/schemas/AzureUCConfigPair' type: array type: object BillConfig: description: Bill config. properties: export_name: description: The name of the configured Azure Export. example: dd-actual-export type: string export_path: description: The path where the Azure Export is saved. example: dd-export-path type: string storage_account: description: The name of the storage account where the Azure Export is saved. example: dd-storage-account type: string storage_container: description: The name of the storage container where the Azure Export is saved. example: dd-storage-container type: string required: - export_name - export_path - storage_account - storage_container type: object BillingDimensionsMappingBody: description: Billing dimensions mapping data. items: $ref: '#/components/schemas/BillingDimensionsMappingBodyItem' type: array BillingDimensionsMappingBodyItem: description: The mapping data for each billing dimension. properties: attributes: $ref: '#/components/schemas/BillingDimensionsMappingBodyItemAttributes' id: description: ID of the billing dimension. type: string example: abc-123-def type: $ref: '#/components/schemas/ActiveBillingDimensionsType' type: object BillingDimensionsMappingBodyItemAttributes: description: Mapping of billing dimensions to endpoint keys. properties: endpoints: description: >- List of supported endpoints with their keys mapped to the billing_dimension. items: $ref: >- #/components/schemas/BillingDimensionsMappingBodyItemAttributesEndpointsItems type: array in_app_label: description: Label used for the billing dimension in the Plan & Usage charts. example: APM Hosts type: string timestamp: description: >- Month in ISO-8601 format, UTC, and precise to the second: `[YYYY-MM-DDThh:mm:ss]`. format: date-time type: string example: '2026-04-17T12:00:00Z' type: object BillingDimensionsMappingBodyItemAttributesEndpointsItems: description: An endpoint's keys mapped to the billing_dimension. properties: id: description: The URL for the endpoint. example: api/v1/usage/billable-summary type: string keys: description: The billing dimension. example: - apm_host_top99p - apm_host_sum items: example: apm_host_top99p type: string type: array status: $ref: >- #/components/schemas/BillingDimensionsMappingBodyItemAttributesEndpointsItemsStatus type: object BillingDimensionsMappingBodyItemAttributesEndpointsItemsStatus: description: Denotes whether mapping keys were available for this endpoint. enum: - OK - NOT_FOUND type: string x-enum-varnames: - OK - NOT_FOUND BillingDimensionsMappingResponse: description: Billing dimensions mapping response. properties: data: $ref: '#/components/schemas/BillingDimensionsMappingBody' type: object Budget: description: A budget. properties: attributes: $ref: '#/components/schemas/BudgetAttributes' id: description: The id of the budget. type: string example: abc-123-def type: description: The type of the object, must be `budget`. type: string example: metric alert type: object BudgetArray: description: An array of budgets. example: data: - attributes: created_at: 1741011342772 created_by: user1 end_month: 202502 metrics_query: aws.cost.amortized{service:ec2} by {service} name: my budget org_id: 123 start_month: 202501 total_amount: 1000 updated_at: 1741011342772 updated_by: user2 id: 00000000-0a0a-0a0a-aaa0-00000000000a type: budget properties: data: description: The `BudgetArray` `data`. items: $ref: '#/components/schemas/Budget' type: array type: object BudgetAttributes: description: The attributes of a budget. properties: created_at: description: The timestamp when the budget was created. example: 1738258683590 format: int64 type: integer created_by: description: The id of the user that created the budget. example: 00000000-0a0a-0a0a-aaa0-00000000000a type: string end_month: description: The month when the budget ends. example: 202502 format: int64 type: integer entries: description: The entries of the budget. items: $ref: '#/components/schemas/BudgetEntry' type: array metrics_query: description: The cost query used to track against the budget. example: aws.cost.amortized{service:ec2} by {service} type: string name: description: The name of the budget. example: my budget type: string org_id: description: The id of the org the budget belongs to. example: 123 format: int64 type: integer start_month: description: The month when the budget starts. example: 202501 format: int64 type: integer total_amount: description: The sum of all budget entries' amounts. example: 1000 format: double type: number updated_at: description: The timestamp when the budget was last updated. example: 1738258683590 format: int64 type: integer updated_by: description: The id of the user that created the budget. example: 00000000-0a0a-0a0a-aaa0-00000000000a type: string type: object BudgetEntry: description: The entry of a budget. properties: amount: description: The `amount` of the budget entry. example: 500 format: double type: number month: description: The `month` of the budget entry. example: 202501 format: int64 type: integer tag_filters: description: The `tag_filters` of the budget entry. items: $ref: '#/components/schemas/TagFilter' type: array type: object BudgetWithEntries: description: The definition of the `BudgetWithEntries` object. properties: data: $ref: '#/components/schemas/BudgetWithEntriesData' type: object BudgetWithEntriesData: description: A budget and all its entries. properties: attributes: $ref: '#/components/schemas/BudgetAttributes' id: description: The `BudgetWithEntriesData` `id`. example: 00000000-0a0a-0a0a-aaa0-00000000000a type: string type: description: The type of the object, must be `budget`. type: string example: metric alert type: object BulkMuteFindingsRequest: description: The new bulk mute finding request. properties: data: $ref: '#/components/schemas/BulkMuteFindingsRequestData' required: - data type: object BulkMuteFindingsRequestAttributes: additionalProperties: false description: The mute properties to be updated. properties: mute: $ref: '#/components/schemas/BulkMuteFindingsRequestProperties' required: - mute type: object BulkMuteFindingsRequestData: description: Data object containing the new bulk mute properties of the finding. properties: attributes: $ref: '#/components/schemas/BulkMuteFindingsRequestAttributes' id: description: UUID to identify the request example: dbe5f567-192b-4404-b908-29b70e1c9f76 type: string meta: $ref: '#/components/schemas/BulkMuteFindingsRequestMeta' type: $ref: '#/components/schemas/FindingType' required: - id - type - attributes - meta type: object BulkMuteFindingsRequestMeta: description: Meta object containing the findings to be updated. properties: findings: description: Array of findings. items: $ref: '#/components/schemas/BulkMuteFindingsRequestMetaFindings' type: array type: object BulkMuteFindingsRequestMetaFindings: description: Finding object containing the finding information. properties: finding_id: $ref: '#/components/schemas/FindingID' type: object BulkMuteFindingsRequestProperties: additionalProperties: false description: Object containing the new mute properties of the findings. properties: description: description: >- Additional information about the reason why those findings are muted or unmuted. This field has a maximum limit of 280 characters. type: string example: example_value expiration_date: description: > The expiration date of the mute or unmute action (Unix ms). It must be set to a value greater than the current timestamp. If this field is not provided, the finding will be muted or unmuted indefinitely, which is equivalent to setting the expiration date to 9999999999999. example: 1778721573794 format: int64 type: integer muted: description: Whether those findings should be muted or unmuted. example: true type: boolean reason: $ref: '#/components/schemas/FindingMuteReason' required: - muted - reason type: object BulkMuteFindingsResponse: description: The expected response schema. properties: data: $ref: '#/components/schemas/BulkMuteFindingsResponseData' required: - data type: object BulkMuteFindingsResponseData: description: Data object containing the ID of the request that was updated. properties: id: description: UUID used to identify the request example: 93bfeb70-af47-424d-908a-948d3f08e37f type: string type: $ref: '#/components/schemas/FindingType' type: object CIAppAggregateBucketValue: description: A bucket value, can either be a timeseries or a single value. oneOf: - $ref: '#/components/schemas/CIAppAggregateBucketValueSingleString' - $ref: '#/components/schemas/CIAppAggregateBucketValueSingleNumber' - $ref: '#/components/schemas/CIAppAggregateBucketValueTimeseries' CIAppAggregateBucketValueSingleNumber: description: A single number value. format: double type: number CIAppAggregateBucketValueSingleString: description: A single string value. type: string CIAppAggregateBucketValueTimeseries: description: A timeseries array. items: $ref: '#/components/schemas/CIAppAggregateBucketValueTimeseriesPoint' type: array x-generate-alias-as-model: true CIAppAggregateBucketValueTimeseriesPoint: description: A timeseries point. properties: time: description: The time value for this point. example: '2020-06-08T11:55:00.123Z' format: date-time type: string value: description: The value for this point. example: 19 format: double type: number type: object CIAppAggregateSort: description: >- A sort rule. The `aggregation` field is required when `type` is `measure`. example: aggregation: count order: asc properties: aggregation: $ref: '#/components/schemas/CIAppAggregationFunction' metric: description: The metric to sort by (only used for `type=measure`). example: '@duration' type: string order: $ref: '#/components/schemas/CIAppSortOrder' type: $ref: '#/components/schemas/CIAppAggregateSortType' type: object CIAppAggregateSortType: default: alphabetical description: The type of sorting algorithm. enum: - alphabetical - measure type: string x-enum-varnames: - ALPHABETICAL - MEASURE CIAppAggregationFunction: description: An aggregation function. enum: - count - cardinality - pc75 - pc90 - pc95 - pc98 - pc99 - sum - min - max - avg - median - latest - earliest - most_frequent - delta example: pc90 type: string x-enum-varnames: - COUNT - CARDINALITY - PERCENTILE_75 - PERCENTILE_90 - PERCENTILE_95 - PERCENTILE_98 - PERCENTILE_99 - SUM - MIN - MAX - AVG - MEDIAN - LATEST - EARLIEST - MOST_FREQUENT - DELTA CIAppCIError: description: Contains information of the CI error. nullable: true properties: domain: $ref: '#/components/schemas/CIAppCIErrorDomain' message: description: Error message. maxLength: 5000 nullable: true type: string example: CPU usage is high on {{host.name}} stack: description: The stack trace of the reported errors. nullable: true type: string example: example_value type: description: Short description of the error type. maxLength: 100 nullable: true type: string example: metric alert type: object CIAppCIErrorDomain: description: >- Error category used to differentiate between issues related to the developer or provider environments. enum: - provider - user - unknown type: string x-enum-varnames: - PROVIDER - USER - UNKNOWN CIAppCompute: description: A compute rule to compute metrics or timeseries. properties: aggregation: $ref: '#/components/schemas/CIAppAggregationFunction' interval: description: |- The time buckets' size (only used for type=timeseries) Defaults to a resolution of 150 points. example: 5m type: string metric: description: The metric to use. example: '@duration' type: string type: $ref: '#/components/schemas/CIAppComputeType' required: - aggregation type: object CIAppComputeType: default: total description: The type of compute. enum: - timeseries - total type: string x-enum-varnames: - TIMESERIES - TOTAL CIAppComputes: additionalProperties: $ref: '#/components/schemas/CIAppAggregateBucketValue' description: >- A map of the metric name to value for regular compute, or a list of values for a timeseries. type: object CIAppCreatePipelineEventRequest: description: Request object. properties: data: $ref: '#/components/schemas/CIAppCreatePipelineEventRequestData' type: object CIAppCreatePipelineEventRequestAttributes: description: Attributes of the pipeline event to create. properties: env: description: The Datadog environment. type: string example: example_value provider_name: description: The name of the CI provider. By default, this is "custom". type: string example: abc-123-def resource: $ref: >- #/components/schemas/CIAppCreatePipelineEventRequestAttributesResource service: description: >- If the CI provider is SaaS, use this to differentiate between instances. type: string example: example_value required: - resource type: object CIAppCreatePipelineEventRequestAttributesResource: description: Details of the CI pipeline event. example: Details TBD oneOf: - $ref: '#/components/schemas/CIAppPipelineEventPipeline' - $ref: '#/components/schemas/CIAppPipelineEventStage' - $ref: '#/components/schemas/CIAppPipelineEventJob' - $ref: '#/components/schemas/CIAppPipelineEventStep' CIAppCreatePipelineEventRequestData: description: Data of the pipeline event to create. properties: attributes: $ref: '#/components/schemas/CIAppCreatePipelineEventRequestAttributes' type: $ref: '#/components/schemas/CIAppCreatePipelineEventRequestDataType' type: object CIAppCreatePipelineEventRequestDataType: default: cipipeline_resource_request description: Type of the event. enum: - cipipeline_resource_request example: cipipeline_resource_request type: string x-enum-varnames: - CIPIPELINE_RESOURCE_REQUEST CIAppEventAttributes: description: JSON object containing all event attributes and their associated values. properties: attributes: additionalProperties: {} description: JSON object of attributes from CI Visibility test events. example: customAttribute: 123 duration: 2345 type: object tags: $ref: '#/components/schemas/TagsEventAttribute' test_level: $ref: '#/components/schemas/CIAppTestLevel' type: object CIAppGitInfo: description: >- If pipelines are triggered due to actions to a Git repository, then all payloads must contain this. Note that either `tag` or `branch` has to be provided, but not both. nullable: true properties: author_email: description: The commit author email. example: author@example.com type: string author_name: description: The commit author name. example: John Doe nullable: true type: string author_time: description: The commit author timestamp in RFC3339 format. example: '2023-05-31T15:30:00Z' nullable: true type: string branch: description: The branch name (if a tag use the tag parameter). example: feature-1 nullable: true type: string commit_time: description: The commit timestamp in RFC3339 format. example: '2023-05-31T15:30:00Z' nullable: true type: string committer_email: description: The committer email. example: committer@example.com nullable: true type: string committer_name: description: The committer name. nullable: true type: string example: Example Monitor default_branch: description: The Git repository's default branch. example: main nullable: true type: string message: description: The commit message. example: Instrumenting tests with CI Visibility. nullable: true type: string repository_url: description: The URL of the repository. example: https://github.com/username/repository type: string sha: description: The git commit SHA. example: da39a3ee5e6b4b0d3255bfef95601890afd80709 pattern: ^[a-fA-F0-9]{40}$ type: string tag: description: The tag name (if a branch use the branch parameter). example: v1.0.0 nullable: true type: string required: - repository_url - sha - author_email type: object CIAppGroupByHistogram: description: >- Used to perform a histogram computation (only for measure facets). At most, 100 buckets are allowed, the number of buckets is `(max - min)/interval`. properties: interval: description: The bin size of the histogram buckets. example: 10 format: double type: number max: description: |- The maximum value for the measure used in the histogram (values greater than this one are filtered out). example: 100 format: double type: number min: description: |- The minimum value for the measure used in the histogram (values smaller than this one are filtered out). example: 50 format: double type: number required: - interval - min - max type: object CIAppGroupByMissing: description: The value to use for logs that don't have the facet used to group-by. oneOf: - $ref: '#/components/schemas/CIAppGroupByMissingString' - $ref: '#/components/schemas/CIAppGroupByMissingNumber' CIAppGroupByMissingNumber: description: The missing value to use if there is a number valued facet. format: double type: number CIAppGroupByMissingString: description: The missing value to use if there is a string valued facet. type: string CIAppGroupByTotal: default: false description: >- A resulting object to put the given computes in over all the matching records. oneOf: - $ref: '#/components/schemas/CIAppGroupByTotalBoolean' - $ref: '#/components/schemas/CIAppGroupByTotalString' - $ref: '#/components/schemas/CIAppGroupByTotalNumber' CIAppGroupByTotalBoolean: description: If set to true, creates an additional bucket labeled "$facet_total". type: boolean CIAppGroupByTotalNumber: description: A number to use as the key value for the total bucket. format: double type: number CIAppGroupByTotalString: description: A string to use as the key value for the total bucket. type: string CIAppHostInfo: description: >- Contains information of the host running the pipeline, stage, job, or step. nullable: true properties: hostname: description: FQDN of the host. example: www.example.com type: string labels: description: A list of labels used to select or identify the node. example: - ubuntu-18.04 - n2.large items: type: string type: array name: description: Name for the host. type: string example: Example Monitor workspace: description: The path where the code is checked out. example: /home/workspace/code/my-repo type: string type: object CIAppPipelineEvent: description: >- Object description of a pipeline event after being processed and stored by Datadog. properties: attributes: $ref: '#/components/schemas/CIAppPipelineEventAttributes' id: description: Unique ID of the event. example: AAAAAWgN8Xwgr1vKDQAAAABBV2dOOFh3ZzZobm1mWXJFYTR0OA type: string type: $ref: '#/components/schemas/CIAppPipelineEventTypeName' type: object CIAppPipelineEventAttributes: description: JSON object containing all event attributes and their associated values. properties: attributes: additionalProperties: {} description: JSON object of attributes from CI Visibility pipeline events. example: customAttribute: 123 duration: 2345 type: object ci_level: $ref: '#/components/schemas/CIAppPipelineLevel' tags: $ref: '#/components/schemas/TagsEventAttribute' type: object CIAppPipelineEventFinishedPipeline: description: Details of a finished pipeline. properties: end: description: >- Time when the pipeline run finished. It cannot be older than 18 hours in the past from the current time. The time format must be RFC3339. example: '2023-05-31T15:30:00Z' format: date-time type: string error: $ref: '#/components/schemas/CIAppCIError' git: $ref: '#/components/schemas/CIAppGitInfo' is_manual: description: Whether or not the pipeline was triggered manually by the user. example: false nullable: true type: boolean is_resumed: description: Whether or not the pipeline was resumed after being blocked. example: false nullable: true type: boolean level: $ref: '#/components/schemas/CIAppPipelineEventPipelineLevel' metrics: $ref: '#/components/schemas/CIAppPipelineEventMetrics' name: description: >- Name of the pipeline. All pipeline runs for the builds should have the same name. example: Deploy to AWS type: string node: $ref: '#/components/schemas/CIAppHostInfo' parameters: $ref: '#/components/schemas/CIAppPipelineEventParameters' parent_pipeline: $ref: '#/components/schemas/CIAppPipelineEventParentPipeline' partial_retry: description: >- Whether or not the pipeline was a partial retry of a previous attempt. A partial retry is one which only runs a subset of the original jobs. example: false type: boolean pipeline_id: description: >- Any ID used in the provider to identify the pipeline run even if it is not unique across retries. If the `pipeline_id` is unique, then both `unique_id` and `pipeline_id` can be set to the same value. example: '#023' type: string previous_attempt: $ref: '#/components/schemas/CIAppPipelineEventPreviousPipeline' queue_time: description: The queue time in milliseconds, if applicable. example: 1004 format: int64 minimum: 0 nullable: true type: integer start: description: >- Time when the pipeline run started (it should not include any queue time). The time format must be RFC3339. example: '2023-05-31T15:30:00Z' format: date-time type: string status: $ref: '#/components/schemas/CIAppPipelineEventPipelineStatus' tags: $ref: '#/components/schemas/CIAppPipelineEventTags' unique_id: description: >- UUID of the pipeline run. The ID has to be unique across retries and pipelines, including partial retries. example: 3eacb6f3-ff04-4e10-8a9c-46e6d054024a type: string url: description: The URL to look at the pipeline in the CI provider UI. example: https://my-ci-provider.example/pipelines/my-pipeline/run/1 type: string required: - level - unique_id - name - url - start - end - status - partial_retry type: object CIAppPipelineEventInProgressPipeline: description: Details of a running pipeline. properties: error: $ref: '#/components/schemas/CIAppCIError' git: $ref: '#/components/schemas/CIAppGitInfo' is_manual: description: Whether or not the pipeline was triggered manually by the user. example: false nullable: true type: boolean is_resumed: description: Whether or not the pipeline was resumed after being blocked. example: false nullable: true type: boolean level: $ref: '#/components/schemas/CIAppPipelineEventPipelineLevel' metrics: $ref: '#/components/schemas/CIAppPipelineEventMetrics' name: description: >- Name of the pipeline. All pipeline runs for the builds should have the same name. example: Deploy to AWS type: string node: $ref: '#/components/schemas/CIAppHostInfo' parameters: $ref: '#/components/schemas/CIAppPipelineEventParameters' parent_pipeline: $ref: '#/components/schemas/CIAppPipelineEventParentPipeline' partial_retry: description: >- Whether or not the pipeline was a partial retry of a previous attempt. A partial retry is one which only runs a subset of the original jobs. example: false type: boolean pipeline_id: description: >- Any ID used in the provider to identify the pipeline run even if it is not unique across retries. If the `pipeline_id` is unique, then both `unique_id` and `pipeline_id` can be set to the same value. example: '#023' type: string previous_attempt: $ref: '#/components/schemas/CIAppPipelineEventPreviousPipeline' queue_time: description: The queue time in milliseconds, if applicable. example: 1004 format: int64 minimum: 0 nullable: true type: integer start: description: >- Time when the pipeline run started (it should not include any queue time). The time format must be RFC3339. example: '2023-05-31T15:30:00Z' format: date-time type: string status: $ref: '#/components/schemas/CIAppPipelineEventPipelineInProgressStatus' tags: $ref: '#/components/schemas/CIAppPipelineEventTags' unique_id: description: >- UUID of the pipeline run. The ID has to be the same as the finished pipeline. example: 3eacb6f3-ff04-4e10-8a9c-46e6d054024a type: string url: description: The URL to look at the pipeline in the CI provider UI. example: https://my-ci-provider.example/pipelines/my-pipeline/run/1 type: string required: - level - unique_id - name - url - start - status - partial_retry type: object CIAppPipelineEventJob: description: Details of a CI job. properties: dependencies: description: A list of job IDs that this job depends on. example: - f7e6a006-a029-46c3-b0cc-742c9d7d363b - c8a69849-3c3b-4721-8b33-3e8ec2df1ebe items: description: A list of job IDs. type: string nullable: true type: array end: description: Time when the job run finished. The time format must be RFC3339. example: '2023-05-31T15:30:00Z' format: date-time type: string error: $ref: '#/components/schemas/CIAppCIError' git: $ref: '#/components/schemas/CIAppGitInfo' id: description: >- The UUID for the job. It has to be unique within each pipeline execution. example: c865bad4-de82-44b8-ade7-2c987528eb54 type: string level: $ref: '#/components/schemas/CIAppPipelineEventJobLevel' metrics: $ref: '#/components/schemas/CIAppPipelineEventMetrics' name: description: The name for the job. example: test type: string node: $ref: '#/components/schemas/CIAppHostInfo' parameters: $ref: '#/components/schemas/CIAppPipelineEventParameters' pipeline_name: description: The parent pipeline name. example: Build type: string pipeline_unique_id: description: The parent pipeline UUID. example: 76b572af-a078-42b2-a08a-cc28f98b944f type: string queue_time: description: The queue time in milliseconds, if applicable. example: 1004 format: int64 minimum: 0 nullable: true type: integer stage_id: description: The parent stage UUID (if applicable). nullable: true type: string example: abc-123-def stage_name: description: The parent stage name (if applicable). nullable: true type: string example: Example Monitor start: description: >- Time when the job run instance started (it should not include any queue time). The time format must be RFC3339. example: '2023-05-31T15:30:00Z' format: date-time type: string status: $ref: '#/components/schemas/CIAppPipelineEventJobStatus' tags: $ref: '#/components/schemas/CIAppPipelineEventTags' url: description: The URL to look at the job in the CI provider UI. example: https://ci-platform.com/job/your-job-name/build/123 type: string required: - level - id - name - pipeline_unique_id - pipeline_name - start - end - status - url type: object CIAppPipelineEventJobLevel: default: job description: Used to distinguish between pipelines, stages, jobs, and steps. enum: - job example: job type: string x-enum-varnames: - JOB CIAppPipelineEventJobStatus: description: The final status of the job. enum: - success - error - canceled - skipped example: success type: string x-enum-varnames: - SUCCESS - ERROR - CANCELED - SKIPPED CIAppPipelineEventMetrics: description: >- A list of user-defined metrics. The metrics must follow the `key:value` pattern and the value must be numeric. example: - bundle_size:370 - build_time:50021 items: description: Metrics in the form of `key:value`. The value needs to be numeric. type: string nullable: true type: array CIAppPipelineEventParameters: additionalProperties: type: string description: >- A map of key-value parameters or environment variables that were defined for the pipeline. example: LOG_LEVEL: debug nullable: true type: object CIAppPipelineEventParentPipeline: description: >- If the pipeline is triggered as child of another pipeline, this should contain the details of the parent pipeline. nullable: true properties: id: description: UUID of a pipeline. example: 93bfeb70-af47-424d-908a-948d3f08e37f type: string url: description: The URL to look at the pipeline in the CI provider UI. example: https://ci-platform.com/pipelines/123456789 type: string required: - id type: object CIAppPipelineEventPipeline: description: Details of the top level pipeline, build, or workflow of your CI. oneOf: - $ref: '#/components/schemas/CIAppPipelineEventFinishedPipeline' - $ref: '#/components/schemas/CIAppPipelineEventInProgressPipeline' CIAppPipelineEventPipelineInProgressStatus: description: The in progress status of the pipeline. enum: - running example: running type: string x-enum-varnames: - RUNNING CIAppPipelineEventPipelineLevel: default: pipeline description: Used to distinguish between pipelines, stages, jobs, and steps. enum: - pipeline example: pipeline type: string x-enum-varnames: - PIPELINE CIAppPipelineEventPipelineStatus: description: The final status of the pipeline. enum: - success - error - canceled - skipped - blocked example: success type: string x-enum-varnames: - SUCCESS - ERROR - CANCELED - SKIPPED - BLOCKED CIAppPipelineEventPreviousPipeline: description: >- If the pipeline is a retry, this should contain the details of the previous attempt. nullable: true properties: id: description: UUID of a pipeline. example: 93bfeb70-af47-424d-908a-948d3f08e37f type: string url: description: The URL to look at the pipeline in the CI provider UI. example: https://ci-platform.com/pipelines/123456789 type: string required: - id type: object CIAppPipelineEventStage: description: Details of a CI stage. properties: dependencies: description: A list of stage IDs that this stage depends on. example: - f7e6a006-a029-46c3-b0cc-742c9d7d363b - c8a69849-3c3b-4721-8b33-3e8ec2df1ebe items: description: A list of stage IDs. type: string nullable: true type: array end: description: Time when the stage run finished. The time format must be RFC3339. example: '2023-05-31T15:30:00Z' format: date-time type: string error: $ref: '#/components/schemas/CIAppCIError' git: $ref: '#/components/schemas/CIAppGitInfo' id: description: >- UUID for the stage. It has to be unique at least in the pipeline scope. example: 562bdbbb-7cab-48c8-851c-b24ca14628bf type: string level: $ref: '#/components/schemas/CIAppPipelineEventStageLevel' metrics: $ref: '#/components/schemas/CIAppPipelineEventMetrics' name: description: The name for the stage. example: build type: string node: $ref: '#/components/schemas/CIAppHostInfo' parameters: $ref: '#/components/schemas/CIAppPipelineEventParameters' pipeline_name: description: The parent pipeline name. example: Build type: string pipeline_unique_id: description: The parent pipeline UUID. example: 76b572af-a078-42b2-a08a-cc28f98b944f type: string queue_time: description: The queue time in milliseconds, if applicable. example: 1004 format: int64 minimum: 0 nullable: true type: integer start: description: >- Time when the stage run started (it should not include any queue time). The time format must be RFC3339. example: '2023-05-31T15:30:00Z' format: date-time type: string status: $ref: '#/components/schemas/CIAppPipelineEventStageStatus' tags: $ref: '#/components/schemas/CIAppPipelineEventTags' required: - level - id - name - pipeline_unique_id - pipeline_name - start - end - status type: object CIAppPipelineEventStageLevel: default: stage description: Used to distinguish between pipelines, stages, jobs and steps. enum: - stage example: stage type: string x-enum-varnames: - STAGE CIAppPipelineEventStageStatus: description: The final status of the stage. enum: - success - error - canceled - skipped example: success type: string x-enum-varnames: - SUCCESS - ERROR - CANCELED - SKIPPED CIAppPipelineEventStep: description: Details of a CI step. properties: end: description: Time when the step run finished. The time format must be RFC3339. example: '2023-05-31T15:30:00Z' format: date-time type: string error: $ref: '#/components/schemas/CIAppCIError' git: $ref: '#/components/schemas/CIAppGitInfo' id: description: >- UUID for the step. It has to be unique within each pipeline execution. example: c2d517a8-4f3a-4b41-b4ae-69df0c864c79 type: string job_id: description: The parent job UUID (if applicable). nullable: true type: string example: abc-123-def job_name: description: The parent job name (if applicable). nullable: true type: string example: Example Monitor level: $ref: '#/components/schemas/CIAppPipelineEventStepLevel' metrics: $ref: '#/components/schemas/CIAppPipelineEventMetrics' name: description: The name for the step. example: test-server type: string node: $ref: '#/components/schemas/CIAppHostInfo' parameters: $ref: '#/components/schemas/CIAppPipelineEventParameters' pipeline_name: description: The parent pipeline name. example: Build type: string pipeline_unique_id: description: The parent pipeline UUID. example: 76b572af-a078-42b2-a08a-cc28f98b944f type: string stage_id: description: The parent stage UUID (if applicable). nullable: true type: string example: abc-123-def stage_name: description: The parent stage name (if applicable). nullable: true type: string example: Example Monitor start: description: Time when the step run started. The time format must be RFC3339. example: '2023-05-31T15:30:00Z' format: date-time type: string status: $ref: '#/components/schemas/CIAppPipelineEventStepStatus' tags: $ref: '#/components/schemas/CIAppPipelineEventTags' url: description: The URL to look at the step in the CI provider UI. nullable: true type: string example: https://app.datadoghq.com required: - level - id - name - pipeline_unique_id - pipeline_name - start - end - status type: object CIAppPipelineEventStepLevel: default: step description: Used to distinguish between pipelines, stages, jobs and steps. enum: - step example: step type: string x-enum-varnames: - STEP CIAppPipelineEventStepStatus: description: The final status of the step. enum: - success - error example: success type: string x-enum-varnames: - SUCCESS - ERROR CIAppPipelineEventTags: description: >- A list of user-defined tags. The tags must follow the `key:value` pattern. example: - team:backend - type:deployment items: description: Tags in the form of `key:value`. type: string nullable: true type: array CIAppPipelineEventTypeName: description: Type of the event. enum: - cipipeline example: cipipeline type: string x-enum-varnames: - CIPIPELINE CIAppPipelineEventsRequest: description: The request for a pipelines search. properties: filter: $ref: '#/components/schemas/CIAppPipelinesQueryFilter' options: $ref: '#/components/schemas/CIAppQueryOptions' page: $ref: '#/components/schemas/CIAppQueryPageOptions' sort: $ref: '#/components/schemas/CIAppSort' type: object CIAppPipelineEventsResponse: description: >- Response object with all pipeline events matching the request and pagination information. properties: data: description: Array of events matching the request. items: $ref: '#/components/schemas/CIAppPipelineEvent' type: array links: $ref: '#/components/schemas/CIAppResponseLinks' meta: $ref: '#/components/schemas/CIAppResponseMetadataWithPagination' type: object CIAppPipelineLevel: description: Pipeline execution level. enum: - pipeline - stage - job - step - custom example: pipeline type: string x-enum-varnames: - PIPELINE - STAGE - JOB - STEP - CUSTOM CIAppPipelinesAggregateRequest: description: >- The object sent with the request to retrieve aggregation buckets of pipeline events from your organization. properties: compute: description: >- The list of metrics or timeseries to compute for the retrieved buckets. items: $ref: '#/components/schemas/CIAppCompute' type: array filter: $ref: '#/components/schemas/CIAppPipelinesQueryFilter' group_by: description: The rules for the group-by. items: $ref: '#/components/schemas/CIAppPipelinesGroupBy' type: array options: $ref: '#/components/schemas/CIAppQueryOptions' type: object CIAppPipelinesAggregationBucketsResponse: description: The query results. properties: buckets: description: The list of matching buckets, one item per bucket. items: $ref: '#/components/schemas/CIAppPipelinesBucketResponse' type: array type: object CIAppPipelinesAnalyticsAggregateResponse: description: The response object for the pipeline events aggregate API endpoint. properties: data: $ref: '#/components/schemas/CIAppPipelinesAggregationBucketsResponse' links: $ref: '#/components/schemas/CIAppResponseLinks' meta: $ref: '#/components/schemas/CIAppResponseMetadata' type: object CIAppPipelinesBucketResponse: description: Bucket values. properties: by: additionalProperties: description: The values for each group-by. description: The key-value pairs for each group-by. example: '@ci.provider.name': gitlab '@ci.status': success type: object computes: $ref: '#/components/schemas/CIAppComputes' type: object CIAppPipelinesGroupBy: description: A group-by rule. properties: facet: description: The name of the facet to use (required). example: '@ci.status' type: string histogram: $ref: '#/components/schemas/CIAppGroupByHistogram' limit: default: 10 description: The maximum buckets to return for this group-by. format: int64 type: integer example: 42 missing: $ref: '#/components/schemas/CIAppGroupByMissing' sort: $ref: '#/components/schemas/CIAppAggregateSort' total: $ref: '#/components/schemas/CIAppGroupByTotal' required: - facet type: object CIAppPipelinesQueryFilter: description: The search and filter query settings. properties: from: default: now-15m description: >- The minimum time for the requested events; supports date, math, and regular timestamps (in milliseconds). example: now-15m type: string query: default: '*' description: The search query following the CI Visibility Explorer search syntax. example: '@ci.provider.name:github AND @ci.status:error' type: string to: default: now description: >- The maximum time for the requested events, supports date, math, and regular timestamps (in milliseconds). example: now type: string type: object CIAppQueryOptions: description: >- Global query options that are used during the query. Only supply timezone or time offset, not both. Otherwise, the query fails. properties: time_offset: description: The time offset (in seconds) to apply to the query. format: int64 type: integer example: 42 timezone: default: UTC description: >- The timezone can be specified as GMT, UTC, an offset from UTC (like UTC+1), or as a Timezone Database identifier (like America/New_York). example: GMT type: string type: object CIAppQueryPageOptions: description: Paging attributes for listing events. properties: cursor: description: List following results with a cursor provided in the previous query. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string limit: default: 10 description: Maximum number of events in the response. example: 25 format: int32 maximum: 1000 type: integer type: object CIAppResponseLinks: description: Links attributes. properties: next: description: >- Link for the next set of results. The request can also be made using the POST endpoint. example: >- https://app.datadoghq.com/api/v2/ci/tests/events?filter[query]=foo&page[cursor]=eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string type: object CIAppResponseMetadata: description: The metadata associated with a request. properties: elapsed: description: The time elapsed in milliseconds. example: 132 format: int64 type: integer request_id: description: The identifier of the request. example: MWlFUjVaWGZTTTZPYzM0VXp1OXU2d3xLSVpEMjZKQ0VKUTI0dEYtM3RSOFVR type: string status: $ref: '#/components/schemas/CIAppResponseStatus' warnings: description: >- A list of warnings (non-fatal errors) encountered. Partial results may return if warnings are present in the response. items: $ref: '#/components/schemas/CIAppWarning' type: array type: object CIAppResponseMetadataWithPagination: description: The metadata associated with a request. properties: elapsed: description: The time elapsed in milliseconds. example: 132 format: int64 type: integer page: $ref: '#/components/schemas/CIAppResponsePage' request_id: description: The identifier of the request. example: MWlFUjVaWGZTTTZPYzM0VXp1OXU2d3xLSVpEMjZKQ0VKUTI0dEYtM3RSOFVR type: string status: $ref: '#/components/schemas/CIAppResponseStatus' warnings: description: >- A list of warnings (non-fatal errors) encountered. Partial results may return if warnings are present in the response. items: $ref: '#/components/schemas/CIAppWarning' type: array type: object CIAppResponsePage: description: Paging attributes. properties: after: description: >- The cursor to use to get the next results, if any. To make the next request, use the same parameters with the addition of `page[cursor]`. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string type: object CIAppResponseStatus: description: The status of the response. enum: - done - timeout example: done type: string x-enum-varnames: - DONE - TIMEOUT CIAppSort: description: Sort parameters when querying events. enum: - timestamp - '-timestamp' type: string x-enum-varnames: - TIMESTAMP_ASCENDING - TIMESTAMP_DESCENDING CIAppSortOrder: description: The order to use, ascending or descending. enum: - asc - desc example: asc type: string x-enum-varnames: - ASCENDING - DESCENDING CIAppTestEvent: description: >- Object description of test event after being processed and stored by Datadog. properties: attributes: $ref: '#/components/schemas/CIAppEventAttributes' id: description: Unique ID of the event. example: AAAAAWgN8Xwgr1vKDQAAAABBV2dOOFh3ZzZobm1mWXJFYTR0OA type: string type: $ref: '#/components/schemas/CIAppTestEventTypeName' type: object CIAppTestEventTypeName: description: Type of the event. enum: - citest example: citest type: string x-enum-varnames: - CITEST CIAppTestEventsRequest: description: The request for a tests search. properties: filter: $ref: '#/components/schemas/CIAppTestsQueryFilter' options: $ref: '#/components/schemas/CIAppQueryOptions' page: $ref: '#/components/schemas/CIAppQueryPageOptions' sort: $ref: '#/components/schemas/CIAppSort' type: object CIAppTestEventsResponse: description: >- Response object with all test events matching the request and pagination information. properties: data: description: Array of events matching the request. items: $ref: '#/components/schemas/CIAppTestEvent' type: array links: $ref: '#/components/schemas/CIAppResponseLinks' meta: $ref: '#/components/schemas/CIAppResponseMetadataWithPagination' type: object CIAppTestLevel: description: Test run level. enum: - session - module - suite - test example: test type: string x-enum-varnames: - SESSION - MODULE - SUITE - TEST CIAppTestsAggregateRequest: description: >- The object sent with the request to retrieve aggregation buckets of test events from your organization. properties: compute: description: >- The list of metrics or timeseries to compute for the retrieved buckets. items: $ref: '#/components/schemas/CIAppCompute' type: array filter: $ref: '#/components/schemas/CIAppTestsQueryFilter' group_by: description: The rules for the group-by. items: $ref: '#/components/schemas/CIAppTestsGroupBy' type: array options: $ref: '#/components/schemas/CIAppQueryOptions' type: object CIAppTestsAggregationBucketsResponse: description: The query results. properties: buckets: description: The list of matching buckets, one item per bucket. items: $ref: '#/components/schemas/CIAppTestsBucketResponse' type: array type: object CIAppTestsAnalyticsAggregateResponse: description: The response object for the test events aggregate API endpoint. properties: data: $ref: '#/components/schemas/CIAppTestsAggregationBucketsResponse' links: $ref: '#/components/schemas/CIAppResponseLinks' meta: $ref: '#/components/schemas/CIAppResponseMetadataWithPagination' type: object CIAppTestsBucketResponse: description: Bucket values. properties: by: additionalProperties: description: The values for each group-by. description: The key-value pairs for each group-by. example: '@test.service': web-ui-tests '@test.status': skip type: object computes: $ref: '#/components/schemas/CIAppComputes' type: object CIAppTestsGroupBy: description: A group-by rule. properties: facet: description: The name of the facet to use (required). example: '@test.service' type: string histogram: $ref: '#/components/schemas/CIAppGroupByHistogram' limit: default: 10 description: The maximum buckets to return for this group-by. format: int64 type: integer example: 42 missing: $ref: '#/components/schemas/CIAppGroupByMissing' sort: $ref: '#/components/schemas/CIAppAggregateSort' total: $ref: '#/components/schemas/CIAppGroupByTotal' required: - facet type: object CIAppTestsQueryFilter: description: The search and filter query settings. properties: from: default: now-15m description: >- The minimum time for the requested events; supports date, math, and regular timestamps (in milliseconds). example: now-15m type: string query: default: '*' description: The search query following the CI Visibility Explorer search syntax. example: '@test.service:web-ui-tests AND @test.status:fail' type: string to: default: now description: >- The maximum time for the requested events, supports date, math, and regular timestamps (in milliseconds). example: now type: string type: object CIAppWarning: description: A warning message indicating something that went wrong with the query. properties: code: description: A unique code for this type of warning. example: unknown_index type: string detail: description: A detailed explanation of this specific warning. example: 'indexes: foo, bar' type: string title: description: A short human-readable summary of the warning. example: >- One or several indexes are missing or invalid, results hold data from the other indexes type: string type: object CSMAgentsMetadata: description: Metadata related to the paginated response. properties: page_index: description: The index of the current page in the paginated results. example: 0 format: int64 type: integer page_size: description: The number of items per page in the paginated results. example: 10 format: int64 type: integer total_filtered: description: Total number of items that match the filter criteria. example: 128697 format: int64 type: integer type: object CSMAgentsType: default: datadog_agent description: The type of the resource. The value should always be `datadog_agent`. enum: - datadog_agent example: datadog_agent type: string x-enum-varnames: - DATADOG_AGENT CVSS: description: Vulnerability severity. properties: score: description: Vulnerability severity score. example: 4.5 format: double type: number severity: $ref: '#/components/schemas/VulnerabilitySeverity' vector: description: Vulnerability CVSS vector. example: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H type: string required: - score - severity - vector type: object CalculatedField: description: Calculated field. properties: expression: description: Expression. example: '@request_end_timestamp - @request_start_timestamp' type: string name: description: Field name. example: response_time type: string required: - name - expression type: object Case: description: A case properties: attributes: $ref: '#/components/schemas/CaseAttributes' id: description: Case's identifier example: aeadc05e-98a8-11ec-ac2c-da7ad0900001 type: string relationships: $ref: '#/components/schemas/CaseRelationships' type: $ref: '#/components/schemas/CaseResourceType' required: - id - type - attributes type: object Case3rdPartyTicketStatus: default: IN_PROGRESS description: Case status enum: - IN_PROGRESS - COMPLETED - FAILED example: COMPLETED readOnly: true type: string x-enum-varnames: - IN_PROGRESS - COMPLETED - FAILED CaseAssign: description: Case assign properties: attributes: $ref: '#/components/schemas/CaseAssignAttributes' type: $ref: '#/components/schemas/CaseResourceType' required: - attributes - type type: object CaseAssignAttributes: description: Case assign attributes properties: assignee_id: description: Assignee's UUID example: f98a5a5b-e0ff-45d4-b2f5-afe6e74de504 type: string required: - assignee_id type: object CaseAssignRequest: description: Case assign request properties: data: $ref: '#/components/schemas/CaseAssign' required: - data type: object CaseAttributes: description: Case attributes properties: archived_at: description: Timestamp of when the case was archived format: date-time nullable: true readOnly: true type: string example: example_value closed_at: description: Timestamp of when the case was closed format: date-time nullable: true readOnly: true type: string example: example_value created_at: description: Timestamp of when the case was created format: date-time readOnly: true type: string example: example_value description: description: Description type: string example: example_value jira_issue: $ref: '#/components/schemas/JiraIssue' key: description: Key example: CASEM-4523 type: string modified_at: description: Timestamp of when the case was last modified format: date-time nullable: true readOnly: true type: string example: example_value priority: $ref: '#/components/schemas/CasePriority' service_now_ticket: $ref: '#/components/schemas/ServiceNowTicket' status: $ref: '#/components/schemas/CaseStatus' title: description: Title example: Memory leak investigation on API type: string type: $ref: '#/components/schemas/CaseType' type: object CaseCreate: description: Case creation data properties: attributes: $ref: '#/components/schemas/CaseCreateAttributes' relationships: $ref: '#/components/schemas/CaseCreateRelationships' type: $ref: '#/components/schemas/CaseResourceType' required: - attributes - type type: object CaseCreateAttributes: description: Case creation attributes properties: description: description: Description type: string example: example_value priority: $ref: '#/components/schemas/CasePriority' title: description: Title example: Security breach investigation type: string type: $ref: '#/components/schemas/CaseType' required: - title - type type: object CaseCreateRelationships: description: Relationships formed with the case on creation properties: assignee: $ref: '#/components/schemas/NullableUserRelationship' project: $ref: '#/components/schemas/ProjectRelationship' required: - project type: object CaseCreateRequest: description: Case create request properties: data: $ref: '#/components/schemas/CaseCreate' required: - data type: object CaseEmpty: description: Case empty request data properties: type: $ref: '#/components/schemas/CaseResourceType' required: - type type: object CaseEmptyRequest: description: Case empty request properties: data: $ref: '#/components/schemas/CaseEmpty' required: - data type: object CasePriority: default: NOT_DEFINED description: Case priority enum: - NOT_DEFINED - P1 - P2 - P3 - P4 - P5 example: NOT_DEFINED type: string x-enum-varnames: - NOT_DEFINED - P1 - P2 - P3 - P4 - P5 CaseRelationships: description: Resources related to a case properties: assignee: $ref: '#/components/schemas/NullableUserRelationship' created_by: $ref: '#/components/schemas/NullableUserRelationship' modified_by: $ref: '#/components/schemas/NullableUserRelationship' project: $ref: '#/components/schemas/ProjectRelationship' type: object CaseResourceType: default: case description: Case resource type enum: - case example: case type: string x-enum-varnames: - CASE CaseResponse: description: Case response properties: data: $ref: '#/components/schemas/Case' type: object CaseSortableField: description: Case field that can be sorted on enum: - created_at - priority - status example: created_at type: string x-enum-varnames: - CREATED_AT - PRIORITY - STATUS CaseStatus: description: Case status enum: - OPEN - IN_PROGRESS - CLOSED example: OPEN type: string x-enum-varnames: - OPEN - IN_PROGRESS - CLOSED CaseTrigger: description: >- Trigger a workflow from a Case. For automatic triggering a handle must be configured and the workflow must be published. properties: rateLimit: $ref: '#/components/schemas/TriggerRateLimit' type: object CaseTriggerWrapper: description: Schema for a Case-based trigger. properties: caseTrigger: $ref: '#/components/schemas/CaseTrigger' startStepNames: $ref: '#/components/schemas/StartStepNames' required: - caseTrigger type: object CaseType: description: Case type enum: - STANDARD example: STANDARD type: string x-enum-varnames: - STANDARD CaseUpdatePriority: description: Case priority status properties: attributes: $ref: '#/components/schemas/CaseUpdatePriorityAttributes' type: $ref: '#/components/schemas/CaseResourceType' required: - attributes - type type: object CaseUpdatePriorityAttributes: description: Case update priority attributes properties: priority: $ref: '#/components/schemas/CasePriority' required: - priority type: object CaseUpdatePriorityRequest: description: Case update priority request properties: data: $ref: '#/components/schemas/CaseUpdatePriority' required: - data type: object CaseUpdateStatus: description: Case update status properties: attributes: $ref: '#/components/schemas/CaseUpdateStatusAttributes' type: $ref: '#/components/schemas/CaseResourceType' required: - attributes - type type: object CaseUpdateStatusAttributes: description: Case update status attributes properties: status: $ref: '#/components/schemas/CaseStatus' required: - status type: object CaseUpdateStatusRequest: description: Case update status request properties: data: $ref: '#/components/schemas/CaseUpdateStatus' required: - data type: object CasesResponse: description: Response with cases properties: data: description: Cases response data items: $ref: '#/components/schemas/Case' type: array meta: $ref: '#/components/schemas/CasesResponseMeta' type: object CasesResponseMeta: description: Cases response metadata properties: page: $ref: '#/components/schemas/CasesResponseMetaPagination' type: object CasesResponseMetaPagination: description: Pagination metadata properties: current: description: Current page number format: int64 type: integer example: 42 size: description: Number of cases in current page format: int64 type: integer example: 42 total: description: Total number of pages format: int64 type: integer example: 42 type: object ChangeEventCustomAttributes: description: Object representing custom change event attributes. properties: author: $ref: '#/components/schemas/ChangeEventCustomAttributesAuthor' change_metadata: additionalProperties: {} description: >- Free form object with information related to the `change` event. Can be arbitrarily nested and contain any valid JSON. example: dd: team: datadog_team user_email: datadog@datadog.com user_id: datadog_user_id user_name: datadog_username resource_link: datadog.com/feature/fallback_payments_test type: object changed_resource: $ref: '#/components/schemas/ChangeEventCustomAttributesChangedResource' impacted_resources: description: >- A list of resources impacted by this change. It is recommended to provide an impacted resource to display the change event at the right location. Only resources of type `service` are supported. example: - name: payments_api type: service items: $ref: >- #/components/schemas/ChangeEventCustomAttributesImpactedResourcesItems type: array new_value: additionalProperties: {} description: Free form object to track new value of the changed resource. example: enabled: true percentage: 50% rule: datacenter: devcycle.us1.prod type: object prev_value: additionalProperties: {} description: Free form object to track previous value of the changed resource. example: enabled: true percentage: 10% rule: datacenter: devcycle.us1.prod type: object required: - changed_resource type: object ChangeEventCustomAttributesAuthor: description: >- Object representing the entity which made the change. Optional field but if provided should include `type` and `name`. properties: name: description: Author's name. Limited to 128 characters. example: datadog@datadog.com maxLength: 128 type: string type: $ref: '#/components/schemas/ChangeEventCustomAttributesAuthorType' required: - name - type type: object ChangeEventCustomAttributesAuthorType: description: Author's type. enum: - user - system example: user type: string x-enum-varnames: - USER - SYSTEM ChangeEventCustomAttributesChangedResource: description: Object representing a uniquely identified resource. properties: name: description: Resource's name. example: fallback_payments_test type: string type: $ref: '#/components/schemas/ChangeEventCustomAttributesChangedResourceType' required: - type - name type: object ChangeEventCustomAttributesChangedResourceType: description: Resource's type. enum: - feature_flag - configuration example: feature_flag type: string x-enum-varnames: - FEATURE_FLAG - CONFIGURATION ChangeEventCustomAttributesImpactedResourcesItems: description: >- Object representing a uniquely identified resource. Only the resource type `service` is supported. properties: name: description: Resource's name. example: payments_api type: string type: $ref: >- #/components/schemas/ChangeEventCustomAttributesImpactedResourcesItemsType required: - type - name type: object ChangeEventCustomAttributesImpactedResourcesItemsType: description: Resource's type. enum: - service example: service type: string x-enum-varnames: - SERVICE ChangeEventTriggerWrapper: description: Schema for a Change Event-based trigger. properties: changeEventTrigger: description: Trigger a workflow from a Change Event. type: object startStepNames: $ref: '#/components/schemas/StartStepNames' required: - changeEventTrigger type: object ChargebackBreakdown: description: Charges breakdown. properties: charge_type: description: The type of charge for a particular product. example: on_demand type: string cost: description: >- The cost for a particular product and charge type during a given month. format: double type: number example: 95.5 product_name: description: The product for which cost is being reported. example: infra_host type: string type: object CloudConfigurationComplianceRuleOptions: additionalProperties: {} description: > Options for cloud_configuration rules. Fields `resourceType` and `regoRule` are mandatory when managing custom `cloud_configuration` rules. properties: complexRule: description: > Whether the rule is a complex one. Must be set to true if `regoRule.resourceTypes` contains more than one item. Defaults to false. type: boolean example: true regoRule: $ref: '#/components/schemas/CloudConfigurationRegoRule' resourceType: description: > Main resource type to be checked by the rule. It should be specified again in `regoRule.resourceTypes`. example: aws_acm type: string type: object CloudConfigurationRegoRule: description: Rule details. properties: policy: description: >- The policy written in `rego`, see: https://www.openpolicyagent.org/docs/latest/policy-language/ example: | package datadog import data.datadog.output as dd_output import future.keywords.contains import future.keywords.if import future.keywords.in eval(resource) = "skip" if { # Logic that evaluates to true if the resource should be skipped true } else = "pass" { # Logic that evaluates to true if the resource is compliant true } else = "fail" { # Logic that evaluates to true if the resource is not compliant true } # This part remains unchanged for all rules results contains result if { some resource in input.resources[input.main_resource_type] result := dd_output.format(resource, eval(resource)) } type: string resourceTypes: description: >- List of resource types that will be evaluated upon. Must have at least one element. example: - gcp_iam_service_account - gcp_iam_policy items: type: string type: array required: - policy - resourceTypes type: object CloudConfigurationRuleCaseCreate: description: Description of signals. properties: notifications: description: Notification targets for each rule case. items: description: Notification. type: string type: array status: $ref: '#/components/schemas/SecurityMonitoringRuleSeverity' required: - status type: object CloudConfigurationRuleComplianceSignalOptions: description: >- How to generate compliance signals. Useful for cloud_configuration rules only. properties: defaultActivationStatus: description: The default activation status. nullable: true type: boolean example: true defaultGroupByFields: description: The default group by fields. items: type: string nullable: true type: array userActivationStatus: description: Whether signals will be sent. nullable: true type: boolean example: true userGroupByFields: description: Fields to use to group findings by when sending signals. items: type: string nullable: true type: array type: object CloudConfigurationRuleCreatePayload: description: Create a new cloud configuration rule. properties: cases: description: > Description of generated findings and signals (severity and channels to be notified in case of a signal). Must contain exactly one item. items: $ref: '#/components/schemas/CloudConfigurationRuleCaseCreate' type: array complianceSignalOptions: $ref: '#/components/schemas/CloudConfigurationRuleComplianceSignalOptions' filters: description: >- Additional queries to filter matched events before they are processed. items: $ref: '#/components/schemas/SecurityMonitoringFilter' type: array isEnabled: description: Whether the rule is enabled. example: true type: boolean message: description: Message in markdown format for generated findings and signals. example: | #Description Explanation of the rule. #Remediation How to fix the security issue. type: string name: description: The name of the rule. example: My security monitoring rule. type: string options: $ref: '#/components/schemas/CloudConfigurationRuleOptions' tags: description: Tags for generated findings and signals. example: - env:prod - team:security items: description: Tag. type: string type: array type: $ref: '#/components/schemas/CloudConfigurationRuleType' required: - name - isEnabled - options - complianceSignalOptions - cases - message type: object CloudConfigurationRuleOptions: description: Options on cloud configuration rules. properties: complianceRuleOptions: $ref: '#/components/schemas/CloudConfigurationComplianceRuleOptions' required: - complianceRuleOptions type: object CloudConfigurationRulePayload: description: The payload of a cloud configuration rule. properties: cases: description: > Description of generated findings and signals (severity and channels to be notified in case of a signal). Must contain exactly one item. items: $ref: '#/components/schemas/CloudConfigurationRuleCaseCreate' type: array complianceSignalOptions: $ref: '#/components/schemas/CloudConfigurationRuleComplianceSignalOptions' filters: description: >- Additional queries to filter matched events before they are processed. items: $ref: '#/components/schemas/SecurityMonitoringFilter' type: array isEnabled: description: Whether the rule is enabled. example: true type: boolean message: description: Message in markdown format for generated findings and signals. example: | #Description Explanation of the rule. #Remediation How to fix the security issue. type: string name: description: The name of the rule. example: My security monitoring rule. type: string options: $ref: '#/components/schemas/CloudConfigurationRuleOptions' tags: description: Tags for generated findings and signals. example: - env:prod - team:security items: description: Tag. type: string type: array type: $ref: '#/components/schemas/CloudConfigurationRuleType' required: - name - isEnabled - options - complianceSignalOptions - cases - message type: object CloudConfigurationRuleType: description: The rule type. enum: - cloud_configuration type: string x-enum-varnames: - CLOUD_CONFIGURATION CloudWorkloadSecurityAgentPoliciesListResponse: description: Response object that includes a list of Agent policies properties: data: description: A list of Agent policy objects items: $ref: '#/components/schemas/CloudWorkloadSecurityAgentPolicyData' type: array type: object CloudWorkloadSecurityAgentPolicyAttributes: description: A Cloud Workload Security Agent policy returned by the API properties: blockingRulesCount: description: The number of rules with the blocking feature in this policy example: 100 format: int32 maximum: 2147483647 type: integer datadogManaged: description: Whether the policy is managed by Datadog example: false type: boolean description: description: The description of the policy example: My agent policy type: string disabledRulesCount: description: The number of rules that are disabled in this policy example: 100 format: int32 maximum: 2147483647 type: integer enabled: description: Whether the Agent policy is enabled example: true type: boolean hostTags: description: The host tags defining where this policy is deployed items: type: string type: array hostTagsLists: description: >- The host tags defining where this policy is deployed, the inner values are linked with AND, the outer values are linked with OR items: items: type: string type: array type: array monitoringRulesCount: description: The number of rules in the monitoring state in this policy example: 100 format: int32 maximum: 2147483647 type: integer name: description: The name of the policy example: my_agent_policy type: string policyVersion: description: The version of the policy example: '1' type: string priority: description: The priority of the policy example: 10 format: int64 type: integer ruleCount: description: The number of rules in this policy example: 100 format: int32 maximum: 2147483647 type: integer updateDate: description: Timestamp in milliseconds when the policy was last updated example: 1624366480320 format: int64 type: integer updatedAt: description: When the policy was last updated, timestamp in milliseconds example: 1624366480320 format: int64 type: integer updater: $ref: >- #/components/schemas/CloudWorkloadSecurityAgentPolicyUpdaterAttributes type: object CloudWorkloadSecurityAgentPolicyCreateAttributes: description: Create a new Cloud Workload Security Agent policy properties: description: description: The description of the policy example: My agent policy type: string enabled: description: Whether the policy is enabled example: true type: boolean hostTags: description: The host tags defining where this policy is deployed items: type: string type: array hostTagsLists: description: >- The host tags defining where this policy is deployed, the inner values are linked with AND, the outer values are linked with OR items: items: type: string type: array type: array name: description: The name of the policy example: my_agent_policy type: string required: - name type: object CloudWorkloadSecurityAgentPolicyCreateData: description: Object for a single Agent rule properties: attributes: $ref: >- #/components/schemas/CloudWorkloadSecurityAgentPolicyCreateAttributes type: $ref: '#/components/schemas/CloudWorkloadSecurityAgentPolicyType' required: - attributes - type type: object CloudWorkloadSecurityAgentPolicyCreateRequest: description: Request object that includes the Agent policy to create properties: data: $ref: '#/components/schemas/CloudWorkloadSecurityAgentPolicyCreateData' required: - data type: object CloudWorkloadSecurityAgentPolicyData: description: Object for a single Agent policy properties: attributes: $ref: '#/components/schemas/CloudWorkloadSecurityAgentPolicyAttributes' id: description: The ID of the Agent policy example: 6517fcc1-cec7-4394-a655-8d6e9d085255 type: string type: $ref: '#/components/schemas/CloudWorkloadSecurityAgentPolicyType' type: object CloudWorkloadSecurityAgentPolicyID: description: The ID of the Agent policy example: 6517fcc1-cec7-4394-a655-8d6e9d085255 type: string CloudWorkloadSecurityAgentPolicyResponse: description: Response object that includes an Agent policy properties: data: $ref: '#/components/schemas/CloudWorkloadSecurityAgentPolicyData' type: object CloudWorkloadSecurityAgentPolicyType: default: policy description: The type of the resource, must always be `policy` enum: - policy example: policy type: string x-enum-varnames: - POLICY CloudWorkloadSecurityAgentPolicyUpdateAttributes: description: Update an existing Cloud Workload Security Agent policy properties: description: description: The description of the policy example: My agent policy type: string enabled: description: Whether the policy is enabled example: true type: boolean hostTags: description: The host tags defining where this policy is deployed items: type: string type: array hostTagsLists: description: >- The host tags defining where this policy is deployed, the inner values are linked with AND, the outer values are linked with OR items: items: type: string type: array type: array name: description: The name of the policy example: my_agent_policy type: string type: object CloudWorkloadSecurityAgentPolicyUpdateData: description: Object for a single Agent policy properties: attributes: $ref: >- #/components/schemas/CloudWorkloadSecurityAgentPolicyUpdateAttributes id: $ref: '#/components/schemas/CloudWorkloadSecurityAgentPolicyID' type: $ref: '#/components/schemas/CloudWorkloadSecurityAgentPolicyType' required: - attributes - type type: object CloudWorkloadSecurityAgentPolicyUpdateRequest: description: >- Request object that includes the Agent policy with the attributes to update properties: data: $ref: '#/components/schemas/CloudWorkloadSecurityAgentPolicyUpdateData' required: - data type: object CloudWorkloadSecurityAgentPolicyUpdaterAttributes: description: The attributes of the user who last updated the policy properties: handle: description: The handle of the user example: datadog.user@example.com type: string name: description: The name of the user example: Datadog User nullable: true type: string type: object CloudWorkloadSecurityAgentRuleAction: description: The action the rule can perform if triggered properties: filter: description: SECL expression used to target the container to apply the action on type: string example: example_value kill: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleKill' metadata: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleActionMetadata' set: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleActionSet' type: object CloudWorkloadSecurityAgentRuleActionMetadata: description: The metadata action applied on the scope matching the rule properties: image_tag: description: The image tag of the metadata action type: string example: env:production service: description: The service of the metadata action type: string example: example_value short_image: description: The short image of the metadata action type: string example: example_value type: object CloudWorkloadSecurityAgentRuleActionSet: description: The set action applied on the scope matching the rule properties: append: description: Whether the value should be appended to the field type: boolean example: true field: description: The field of the set action type: string example: example_value name: description: The name of the set action type: string example: Example Monitor scope: description: The scope of the set action type: string example: example_value size: description: The size of the set action format: int64 type: integer example: 42 ttl: description: The time to live of the set action format: int64 type: integer example: 42 value: description: The value of the set action type: string example: example_value type: object CloudWorkloadSecurityAgentRuleActions: description: The array of actions the rule can perform if triggered items: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleAction' nullable: true type: array CloudWorkloadSecurityAgentRuleAttributes: description: A Cloud Workload Security Agent rule returned by the API properties: actions: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleActions' agentConstraint: description: The version of the Agent type: string example: example_value blocking: description: The blocking policies that the rule belongs to items: type: string type: array category: description: The category of the Agent rule example: Process Activity type: string creationAuthorUuId: description: The ID of the user who created the rule example: e51c9744-d158-11ec-ad23-da7ad0900002 type: string creationDate: description: When the Agent rule was created, timestamp in milliseconds example: 1624366480320 format: int64 type: integer creator: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleCreatorAttributes' defaultRule: description: Whether the rule is included by default example: false type: boolean description: description: The description of the Agent rule example: My Agent rule type: string disabled: description: The disabled policies that the rule belongs to items: type: string type: array enabled: description: Whether the Agent rule is enabled example: true type: boolean expression: description: The SECL expression of the Agent rule example: exec.file.name == "sh" type: string filters: description: The platforms the Agent rule is supported on items: type: string type: array monitoring: description: The monitoring policies that the rule belongs to items: type: string type: array name: description: The name of the Agent rule example: my_agent_rule type: string product_tags: description: The list of product tags associated with the rule items: type: string type: array updateAuthorUuId: description: The ID of the user who updated the rule example: e51c9744-d158-11ec-ad23-da7ad0900002 type: string updateDate: description: Timestamp in milliseconds when the Agent rule was last updated example: 1624366480320 format: int64 type: integer updatedAt: description: When the Agent rule was last updated, timestamp in milliseconds example: 1624366480320 format: int64 type: integer updater: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleUpdaterAttributes' version: description: The version of the Agent rule example: 23 format: int64 type: integer type: object CloudWorkloadSecurityAgentRuleCreateAttributes: description: Create a new Cloud Workload Security Agent rule. properties: actions: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleActions' blocking: description: The blocking policies that the rule belongs to items: type: string type: array description: description: The description of the Agent rule. example: My Agent rule type: string disabled: description: The disabled policies that the rule belongs to items: type: string type: array enabled: description: Whether the Agent rule is enabled example: true type: boolean expression: description: The SECL expression of the Agent rule. example: exec.file.name == "sh" type: string filters: description: The platforms the Agent rule is supported on items: type: string type: array monitoring: description: The monitoring policies that the rule belongs to items: type: string type: array name: description: The name of the Agent rule. example: my_agent_rule type: string policy_id: description: The ID of the policy where the Agent rule is saved example: a8c8e364-6556-434d-b798-a4c23de29c0b type: string product_tags: description: The list of product tags associated with the rule items: type: string type: array required: - name - expression type: object CloudWorkloadSecurityAgentRuleCreateData: description: Object for a single Agent rule properties: attributes: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleCreateAttributes' type: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleType' required: - attributes - type type: object CloudWorkloadSecurityAgentRuleCreateRequest: description: Request object that includes the Agent rule to create properties: data: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleCreateData' required: - data type: object CloudWorkloadSecurityAgentRuleCreatorAttributes: description: The attributes of the user who created the Agent rule properties: handle: description: The handle of the user example: datadog.user@example.com type: string name: description: The name of the user example: Datadog User nullable: true type: string type: object CloudWorkloadSecurityAgentRuleData: description: Object for a single Agent rule properties: attributes: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleAttributes' id: description: The ID of the Agent rule example: 3dd-0uc-h1s type: string type: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleType' type: object CloudWorkloadSecurityAgentRuleID: description: The ID of the Agent rule example: 3dd-0uc-h1s type: string CloudWorkloadSecurityAgentRuleKill: description: Kill system call applied on the container matching the rule properties: signal: description: Supported signals for the kill system call type: string example: example_value type: object CloudWorkloadSecurityAgentRuleResponse: description: Response object that includes an Agent rule properties: data: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleData' type: object CloudWorkloadSecurityAgentRuleType: default: agent_rule description: The type of the resource, must always be `agent_rule` enum: - agent_rule example: agent_rule type: string x-enum-varnames: - AGENT_RULE CloudWorkloadSecurityAgentRuleUpdateAttributes: description: Update an existing Cloud Workload Security Agent rule properties: actions: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleActions' blocking: description: The blocking policies that the rule belongs to items: type: string type: array description: description: The description of the Agent rule example: My Agent rule type: string disabled: description: The disabled policies that the rule belongs to items: type: string type: array enabled: description: Whether the Agent rule is enabled example: true type: boolean expression: description: The SECL expression of the Agent rule example: exec.file.name == "sh" type: string monitoring: description: The monitoring policies that the rule belongs to items: type: string type: array policy_id: description: The ID of the policy where the Agent rule is saved example: a8c8e364-6556-434d-b798-a4c23de29c0b type: string product_tags: description: The list of product tags associated with the rule items: type: string type: array type: object CloudWorkloadSecurityAgentRuleUpdateData: description: Object for a single Agent rule properties: attributes: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleUpdateAttributes' id: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleID' type: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleType' required: - attributes - type type: object CloudWorkloadSecurityAgentRuleUpdateRequest: description: >- Request object that includes the Agent rule with the attributes to update properties: data: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleUpdateData' required: - data type: object CloudWorkloadSecurityAgentRuleUpdaterAttributes: description: The attributes of the user who last updated the Agent rule properties: handle: description: The handle of the user example: datadog.user@example.com type: string name: description: The name of the user example: Datadog User nullable: true type: string type: object CloudWorkloadSecurityAgentRulesListResponse: description: Response object that includes a list of Agent rule properties: data: description: A list of Agent rules objects items: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleData' type: array type: object CloudflareAccountCreateRequest: description: Payload schema when adding a Cloudflare account. properties: data: $ref: '#/components/schemas/CloudflareAccountCreateRequestData' required: - data type: object CloudflareAccountCreateRequestAttributes: description: Attributes object for creating a Cloudflare account. properties: api_key: description: The API key (or token) for the Cloudflare account. example: a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 type: string email: description: >- The email associated with the Cloudflare account. If an API key is provided (and not a token), this field is also required. example: test-email@example.com type: string name: description: The name of the Cloudflare account. example: test-name type: string resources: description: >- An allowlist of resources to restrict pulling metrics for including `'web', 'dns', 'lb' (load balancer), 'worker'`. example: - web - dns - lb - worker items: type: string type: array zones: description: An allowlist of zones to restrict pulling metrics for. example: - zone_id_1 - zone_id_2 items: type: string type: array required: - api_key - name type: object CloudflareAccountCreateRequestData: description: Data object for creating a Cloudflare account. properties: attributes: $ref: '#/components/schemas/CloudflareAccountCreateRequestAttributes' type: $ref: '#/components/schemas/CloudflareAccountType' required: - attributes - type type: object CloudflareAccountResponse: description: The expected response schema when getting a Cloudflare account. properties: data: $ref: '#/components/schemas/CloudflareAccountResponseData' type: object CloudflareAccountResponseAttributes: description: Attributes object of a Cloudflare account. properties: email: description: The email associated with the Cloudflare account. example: test-email@example.com type: string name: description: The name of the Cloudflare account. example: test-name type: string resources: description: >- An allowlist of resources, such as `web`, `dns`, `lb` (load balancer), `worker`, that restricts pulling metrics from those resources. example: - web - dns - lb - worker items: type: string type: array zones: description: An allowlist of zones to restrict pulling metrics for. example: - zone_id_1 - zone_id_2 items: type: string type: array required: - name type: object CloudflareAccountResponseData: description: Data object of a Cloudflare account. properties: attributes: $ref: '#/components/schemas/CloudflareAccountResponseAttributes' id: description: The ID of the Cloudflare account, a hash of the account name. example: c1a8e059bfd1e911cf10b626340c9a54 type: string type: $ref: '#/components/schemas/CloudflareAccountType' required: - attributes - id - type type: object x-merge-override: required: false CloudflareAccountType: default: cloudflare-accounts description: The JSON:API type for this API. Should always be `cloudflare-accounts`. enum: - cloudflare-accounts example: cloudflare-accounts type: string x-enum-varnames: - CLOUDFLARE_ACCOUNTS CloudflareAccountUpdateRequest: description: Payload schema when updating a Cloudflare account. properties: data: $ref: '#/components/schemas/CloudflareAccountUpdateRequestData' required: - data type: object CloudflareAccountUpdateRequestAttributes: description: Attributes object for updating a Cloudflare account. properties: api_key: description: The API key of the Cloudflare account. example: a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 type: string email: description: >- The email associated with the Cloudflare account. If an API key is provided (and not a token), this field is also required. example: test-email@example.com type: string name: description: The name of the Cloudflare account. type: string example: Example Monitor resources: description: >- An allowlist of resources to restrict pulling metrics for including `'web', 'dns', 'lb' (load balancer), 'worker'`. example: - web - dns - lb - worker items: type: string type: array zones: description: An allowlist of zones to restrict pulling metrics for. example: - zone_id_1 - zone_id_2 items: type: string type: array required: - api_key type: object x-merge-override: required: false CloudflareAccountUpdateRequestData: description: Data object for updating a Cloudflare account. properties: attributes: $ref: '#/components/schemas/CloudflareAccountUpdateRequestAttributes' type: $ref: '#/components/schemas/CloudflareAccountType' type: object x-merge-override: required: false CloudflareAccountsResponse: description: The expected response schema when getting Cloudflare accounts. properties: data: description: The JSON:API data schema. items: $ref: '#/components/schemas/CloudflareAccountResponseData' type: array type: object CodeLocation: description: Code vulnerability location. properties: file_path: description: Vulnerability location file path. example: src/Class.java:100 type: string location: description: Vulnerability extracted location. example: com.example.Class:100 type: string method: description: Vulnerability location method. example: FooBar type: string required: - location type: object CompletionCondition: description: The definition of `CompletionCondition` object. properties: operand1: description: The `CompletionCondition` `operand1`. example: example_value operand2: description: The `CompletionCondition` `operand2`. example: example_value operator: $ref: '#/components/schemas/CompletionConditionOperator' required: - operand1 - operator type: object CompletionConditionOperator: description: The definition of `CompletionConditionOperator` object. enum: - OPERATOR_EQUAL - OPERATOR_NOT_EQUAL - OPERATOR_GREATER_THAN - OPERATOR_LESS_THAN - OPERATOR_GREATER_THAN_OR_EQUAL_TO - OPERATOR_LESS_THAN_OR_EQUAL_TO - OPERATOR_CONTAINS - OPERATOR_DOES_NOT_CONTAIN - OPERATOR_IS_NULL - OPERATOR_IS_NOT_NULL - OPERATOR_IS_EMPTY - OPERATOR_IS_NOT_EMPTY example: OPERATOR_EQUAL type: string x-enum-varnames: - OPERATOR_EQUAL - OPERATOR_NOT_EQUAL - OPERATOR_GREATER_THAN - OPERATOR_LESS_THAN - OPERATOR_GREATER_THAN_OR_EQUAL_TO - OPERATOR_LESS_THAN_OR_EQUAL_TO - OPERATOR_CONTAINS - OPERATOR_DOES_NOT_CONTAIN - OPERATOR_IS_NULL - OPERATOR_IS_NOT_NULL - OPERATOR_IS_EMPTY - OPERATOR_IS_NOT_EMPTY CompletionGate: description: Used to create conditions before running subsequent actions. properties: completionCondition: $ref: '#/components/schemas/CompletionCondition' retryStrategy: $ref: '#/components/schemas/RetryStrategy' required: - completionCondition - retryStrategy type: object Component: description: >- [Definition of a UI component in the app](https://docs.datadoghq.com/service_management/app_builder/components/) properties: events: description: Events to listen for on the UI component. items: $ref: '#/components/schemas/AppBuilderEvent' type: array id: description: >- The ID of the UI component. This property is deprecated; use `name` to identify individual components instead. nullable: true type: string example: abc-123-def name: description: >- A unique identifier for this UI component. This name is also visible in the app editor. example: '' type: string properties: $ref: '#/components/schemas/ComponentProperties' type: $ref: '#/components/schemas/ComponentType' required: - name - type - properties type: object ComponentGrid: description: >- A grid component. The grid component is the root canvas for an app and contains all other components. properties: events: description: Events to listen for on the grid component. items: $ref: '#/components/schemas/AppBuilderEvent' type: array id: description: >- The ID of the grid component. This property is deprecated; use `name` to identify individual components instead. type: string example: abc-123-def name: description: >- A unique identifier for this grid component. This name is also visible in the app editor. example: '' type: string properties: $ref: '#/components/schemas/ComponentGridProperties' type: $ref: '#/components/schemas/ComponentGridType' required: - name - type - properties type: object ComponentGridProperties: description: Properties of a grid component. properties: backgroundColor: default: default description: The background color of the grid. type: string example: example_value children: description: The child components of the grid. items: $ref: '#/components/schemas/Component' type: array isVisible: $ref: '#/components/schemas/ComponentGridPropertiesIsVisible' type: object ComponentGridPropertiesIsVisible: description: >- Whether the grid component and its children are visible. If a string, it must be a valid JavaScript expression that evaluates to a boolean. oneOf: - type: string - default: true type: boolean ComponentGridType: default: grid description: The grid component type. enum: - grid example: grid type: string x-enum-varnames: - GRID ComponentProperties: additionalProperties: {} description: >- Properties of a UI component. Different component types can have their own additional unique properties. See the [components documentation](https://docs.datadoghq.com/service_management/app_builder/components/) for more detail on each component type and its properties. properties: children: description: The child components of the UI component. items: $ref: '#/components/schemas/Component' type: array isVisible: $ref: '#/components/schemas/ComponentPropertiesIsVisible' type: object ComponentPropertiesIsVisible: description: >- Whether the UI component is visible. If this is a string, it must be a valid JavaScript expression that evaluates to a boolean. oneOf: - type: boolean - description: >- If this is a string, it must be a valid JavaScript expression that evaluates to a boolean. example: ${true} type: string ComponentType: description: The UI component type. enum: - table - textInput - textArea - button - text - select - modal - schemaForm - checkbox - tabs - vegaChart - radioButtons - numberInput - fileInput - jsonInput - gridCell - dateRangePicker - search - container - calloutValue example: text type: string x-enum-varnames: - TABLE - TEXTINPUT - TEXTAREA - BUTTON - TEXT - SELECT - MODAL - SCHEMAFORM - CHECKBOX - TABS - VEGACHART - RADIOBUTTONS - NUMBERINPUT - FILEINPUT - JSONINPUT - GRIDCELL - DATERANGEPICKER - SEARCH - CONTAINER - CALLOUTVALUE ConfluentAccountCreateRequest: description: Payload schema when adding a Confluent account. properties: data: $ref: '#/components/schemas/ConfluentAccountCreateRequestData' required: - data type: object ConfluentAccountCreateRequestAttributes: description: Attributes associated with the account creation request. properties: api_key: description: The API key associated with your Confluent account. example: TESTAPIKEY123 type: string api_secret: description: The API secret associated with your Confluent account. example: test-api-secret-123 type: string resources: description: A list of Confluent resources associated with the Confluent account. items: $ref: '#/components/schemas/ConfluentAccountResourceAttributes' type: array tags: description: >- A list of strings representing tags. Can be a single key, or key-value pairs separated by a colon. example: - myTag - myTag2:myValue items: type: string type: array required: - api_key - api_secret type: object ConfluentAccountCreateRequestData: description: The data body for adding a Confluent account. properties: attributes: $ref: '#/components/schemas/ConfluentAccountCreateRequestAttributes' type: $ref: '#/components/schemas/ConfluentAccountType' required: - attributes - type type: object ConfluentAccountResourceAttributes: description: Attributes object for updating a Confluent resource. properties: enable_custom_metrics: default: false description: >- Enable the `custom.consumer_lag_offset` metric, which contains extra metric tags. example: false type: boolean id: description: The ID associated with a Confluent resource. example: resource-id-123 type: string resource_type: description: >- The resource type of the Resource. Can be `kafka`, `connector`, `ksql`, or `schema_registry`. example: kafka type: string tags: description: >- A list of strings representing tags. Can be a single key, or key-value pairs separated by a colon. example: - myTag - myTag2:myValue items: type: string type: array required: - resource_type type: object x-merge-override: required: false ConfluentAccountResponse: description: The expected response schema when getting a Confluent account. properties: data: $ref: '#/components/schemas/ConfluentAccountResponseData' type: object ConfluentAccountResponseAttributes: description: The attributes of a Confluent account. properties: api_key: description: The API key associated with your Confluent account. example: TESTAPIKEY123 type: string resources: description: A list of Confluent resources associated with the Confluent account. items: $ref: '#/components/schemas/ConfluentResourceResponseAttributes' type: array tags: description: >- A list of strings representing tags. Can be a single key, or key-value pairs separated by a colon. example: - myTag - myTag2:myValue items: type: string type: array required: - api_key type: object ConfluentAccountResponseData: description: An API key and API secret pair that represents a Confluent account. properties: attributes: $ref: '#/components/schemas/ConfluentAccountResponseAttributes' id: description: A randomly generated ID associated with a Confluent account. example: account_id_abc123 type: string type: $ref: '#/components/schemas/ConfluentAccountType' required: - attributes - id - type type: object x-merge-override: required: false ConfluentAccountType: default: confluent-cloud-accounts description: >- The JSON:API type for this API. Should always be `confluent-cloud-accounts`. enum: - confluent-cloud-accounts example: confluent-cloud-accounts type: string x-enum-varnames: - CONFLUENT_CLOUD_ACCOUNTS ConfluentAccountUpdateRequest: description: The JSON:API request for updating a Confluent account. properties: data: $ref: '#/components/schemas/ConfluentAccountUpdateRequestData' required: - data type: object ConfluentAccountUpdateRequestAttributes: description: Attributes object for updating a Confluent account. properties: api_key: description: The API key associated with your Confluent account. example: TESTAPIKEY123 type: string api_secret: description: The API secret associated with your Confluent account. example: test-api-secret-123 type: string tags: description: >- A list of strings representing tags. Can be a single key, or key-value pairs separated by a colon. example: - myTag - myTag2:myValue items: type: string type: array required: - api_key - api_secret type: object ConfluentAccountUpdateRequestData: description: Data object for updating a Confluent account. properties: attributes: $ref: '#/components/schemas/ConfluentAccountUpdateRequestAttributes' type: $ref: '#/components/schemas/ConfluentAccountType' required: - attributes - type type: object ConfluentAccountsResponse: description: Confluent account returned by the API. properties: data: description: The Confluent account. items: $ref: '#/components/schemas/ConfluentAccountResponseData' type: array type: object ConfluentResourceRequest: description: The JSON:API request for updating a Confluent resource. properties: data: $ref: '#/components/schemas/ConfluentResourceRequestData' required: - data type: object ConfluentResourceRequestAttributes: description: Attributes object for updating a Confluent resource. properties: enable_custom_metrics: default: false description: >- Enable the `custom.consumer_lag_offset` metric, which contains extra metric tags. example: false type: boolean resource_type: description: >- The resource type of the Resource. Can be `kafka`, `connector`, `ksql`, or `schema_registry`. example: kafka type: string tags: description: >- A list of strings representing tags. Can be a single key, or key-value pairs separated by a colon. example: - myTag - myTag2:myValue items: type: string type: array required: - resource_type type: object ConfluentResourceRequestData: description: JSON:API request for updating a Confluent resource. properties: attributes: $ref: '#/components/schemas/ConfluentResourceRequestAttributes' id: description: The ID associated with a Confluent resource. example: resource-id-123 type: string type: $ref: '#/components/schemas/ConfluentResourceType' required: - attributes - type - id type: object x-merge-override: required: false ConfluentResourceResponse: description: Response schema when interacting with a Confluent resource. properties: data: $ref: '#/components/schemas/ConfluentResourceResponseData' type: object ConfluentResourceResponseAttributes: description: Model representation of a Confluent Cloud resource. properties: enable_custom_metrics: default: false description: >- Enable the `custom.consumer_lag_offset` metric, which contains extra metric tags. example: false type: boolean id: description: The ID associated with the Confluent resource. example: resource_id_abc123 type: string resource_type: description: >- The resource type of the Resource. Can be `kafka`, `connector`, `ksql`, or `schema_registry`. example: kafka type: string tags: description: >- A list of strings representing tags. Can be a single key, or key-value pairs separated by a colon. example: - myTag - myTag2:myValue items: type: string type: array required: - resource_type type: object x-merge-override: required: false ConfluentResourceResponseData: description: Confluent Cloud resource data. properties: attributes: $ref: '#/components/schemas/ConfluentResourceResponseAttributes' id: description: The ID associated with the Confluent resource. example: resource_id_abc123 type: string type: $ref: '#/components/schemas/ConfluentResourceType' required: - attributes - type - id type: object x-merge-override: required: false ConfluentResourceType: default: confluent-cloud-resources description: The JSON:API type for this request. enum: - confluent-cloud-resources example: confluent-cloud-resources type: string x-enum-varnames: - CONFLUENT_CLOUD_RESOURCES ConfluentResourcesResponse: description: Response schema when interacting with a list of Confluent resources. properties: data: description: The JSON:API data attribute. items: $ref: '#/components/schemas/ConfluentResourceResponseData' type: array type: object Connection: description: The definition of `Connection` object. properties: connectionId: description: The `Connection` `connectionId`. example: '' type: string label: description: The `Connection` `label`. example: '' type: string required: - connectionId - label type: object ConnectionEnv: description: A list of connections or connection groups used in the workflow. properties: connectionGroups: description: The `ConnectionEnv` `connectionGroups`. items: $ref: '#/components/schemas/ConnectionGroup' type: array connections: description: The `ConnectionEnv` `connections`. items: $ref: '#/components/schemas/Connection' type: array env: $ref: '#/components/schemas/ConnectionEnvEnv' required: - env type: object ConnectionEnvEnv: description: The definition of `ConnectionEnvEnv` object. enum: - default example: default type: string x-enum-varnames: - DEFAULT ConnectionGroup: description: The definition of `ConnectionGroup` object. properties: connectionGroupId: description: The `ConnectionGroup` `connectionGroupId`. example: '' type: string label: description: The `ConnectionGroup` `label`. example: '' type: string tags: description: The `ConnectionGroup` `tags`. example: - '' items: type: string type: array required: - connectionGroupId - label - tags type: object Container: description: Container object. properties: attributes: $ref: '#/components/schemas/ContainerAttributes' id: description: Container ID. type: string example: abc-123-def type: $ref: '#/components/schemas/ContainerType' type: object ContainerAttributes: description: Attributes for a container. properties: container_id: description: The ID of the container. type: string example: abc-123-def created_at: description: Time the container was created. type: string example: example_value host: description: Hostname of the host running the container. type: string example: example_value image_digest: description: Digest of the compressed image manifest. nullable: true type: string example: example_value image_name: description: Name of the associated container image. type: string example: Example Monitor image_tags: description: List of image tags associated with the container image. items: type: string nullable: true type: array name: description: Name of the container. type: string example: Example Monitor started_at: description: Time the container was started. type: string example: example_value state: description: State of the container. This depends on the container runtime. type: string example: example_value tags: description: List of tags associated with the container. items: type: string type: array type: object ContainerGroup: description: Container group object. properties: attributes: $ref: '#/components/schemas/ContainerGroupAttributes' id: description: Container Group ID. type: string example: abc-123-def relationships: $ref: '#/components/schemas/ContainerGroupRelationships' type: $ref: '#/components/schemas/ContainerGroupType' type: object ContainerGroupAttributes: description: Attributes for a container group. properties: count: description: Number of containers in the group. format: int64 type: integer example: 42 tags: description: Tags from the group name parsed in key/value format. type: object type: object ContainerGroupRelationships: description: Relationships to containers inside a container group. properties: containers: $ref: '#/components/schemas/ContainerGroupRelationshipsLink' type: object ContainerGroupRelationshipsData: description: Links data. items: description: A link data. type: string type: array ContainerGroupRelationshipsLink: description: Relationships to Containers inside a Container Group. properties: data: $ref: '#/components/schemas/ContainerGroupRelationshipsData' links: $ref: '#/components/schemas/ContainerGroupRelationshipsLinks' type: object ContainerGroupRelationshipsLinks: description: Links attributes. properties: related: description: Link to related containers. type: string example: example_value type: object ContainerGroupType: default: container_group description: Type of container group. enum: - container_group example: container_group type: string x-enum-varnames: - CONTAINER_GROUP ContainerImage: description: Container Image object. properties: attributes: $ref: '#/components/schemas/ContainerImageAttributes' id: description: Container Image ID. type: string example: abc-123-def type: $ref: '#/components/schemas/ContainerImageType' type: object ContainerImageAttributes: description: Attributes for a Container Image. properties: container_count: description: Number of containers running the image. format: int64 type: integer example: 42 image_flavors: description: |- List of platform-specific images associated with the image record. The list contains more than 1 entry for multi-architecture images. items: $ref: '#/components/schemas/ContainerImageFlavor' type: array image_tags: description: List of image tags associated with the Container Image. items: description: An image tag associated with the Container Image. type: string type: array images_built_at: description: |- List of build times associated with the Container Image. The list contains more than 1 entry for multi-architecture images. items: description: Time the platform-specific Container Image was built. type: string type: array name: description: Name of the Container Image. type: string example: Example Monitor os_architectures: description: >- List of Operating System architectures supported by the Container Image. items: description: Operating System architecture supported by the Container Image. example: amd64 type: string type: array os_names: description: List of Operating System names supported by the Container Image. items: description: Operating System supported by the Container Image. example: linux type: string type: array os_versions: description: List of Operating System versions supported by the Container Image. items: description: Operating System version supported by the Container Image. type: string type: array published_at: description: Time the image was pushed to the container registry. type: string example: example_value registry: description: Registry the Container Image was pushed to. type: string example: example_value repo_digest: description: Digest of the compressed image manifest. type: string example: example_value repository: description: Repository where the Container Image is stored in. type: string example: example_value short_image: description: Short version of the Container Image name. type: string example: example_value sizes: description: >- List of size for each platform-specific image associated with the image record. The list contains more than 1 entry for multi-architecture images. items: description: Size of the platform-specific Container Image. format: int64 type: integer type: array sources: description: List of sources where the Container Image was collected from. items: description: Source where the Container Image was collected from. type: string type: array tags: description: List of tags associated with the Container Image. items: description: A tag associated with the Container Image. type: string type: array vulnerability_count: $ref: '#/components/schemas/ContainerImageVulnerabilities' type: object ContainerImageFlavor: description: Container Image breakdown by supported platform. properties: built_at: description: Time the platform-specific Container Image was built. type: string example: example_value os_architecture: description: Operating System architecture supported by the Container Image. type: string example: example_value os_name: description: Operating System name supported by the Container Image. type: string example: Example Monitor os_version: description: Operating System version supported by the Container Image. type: string example: example_value size: description: Size of the platform-specific Container Image. format: int64 type: integer example: 42 type: object ContainerImageGroup: description: Container Image Group object. properties: attributes: $ref: '#/components/schemas/ContainerImageGroupAttributes' id: description: Container Image Group ID. type: string example: abc-123-def relationships: $ref: '#/components/schemas/ContainerImageGroupRelationships' type: $ref: '#/components/schemas/ContainerImageGroupType' type: object ContainerImageGroupAttributes: description: Attributes for a Container Image Group. properties: count: description: Number of Container Images in the group. format: int64 type: integer example: 42 name: description: Name of the Container Image group. type: string example: Example Monitor tags: description: Tags from the group name parsed in key/value format. type: object type: object ContainerImageGroupImagesRelationshipsLink: description: Relationships to Container Images inside a Container Image Group. properties: data: $ref: '#/components/schemas/ContainerImageGroupRelationshipsData' links: $ref: '#/components/schemas/ContainerImageGroupRelationshipsLinks' type: object ContainerImageGroupRelationships: description: Relationships inside a Container Image Group. properties: container_images: $ref: '#/components/schemas/ContainerImageGroupImagesRelationshipsLink' type: object ContainerImageGroupRelationshipsData: description: Links data. items: description: A link data. type: string type: array ContainerImageGroupRelationshipsLinks: description: Links attributes. properties: related: description: Link to related Container Images. type: string example: example_value type: object ContainerImageGroupType: default: container_image_group description: Type of Container Image Group. enum: - container_image_group example: container_image_group type: string x-enum-varnames: - CONTAINER_IMAGE_GROUP ContainerImageItem: description: Possible Container Image models. oneOf: - $ref: '#/components/schemas/ContainerImage' - $ref: '#/components/schemas/ContainerImageGroup' ContainerImageMeta: description: Response metadata object. properties: pagination: $ref: '#/components/schemas/ContainerImageMetaPage' type: object ContainerImageMetaPage: description: Paging attributes. properties: cursor: description: The cursor used to get the current results, if any. type: string example: example_value limit: description: Number of results returned format: int32 maximum: 10000 minimum: 0 type: integer example: 42 next_cursor: description: The cursor used to get the next results, if any. type: string example: example_value prev_cursor: description: The cursor used to get the previous results, if any. nullable: true type: string example: example_value total: description: Total number of records that match the query. format: int64 type: integer example: 42 type: $ref: '#/components/schemas/ContainerImageMetaPageType' type: object ContainerImageMetaPageType: default: cursor_limit description: Type of Container Image pagination. enum: - cursor_limit example: cursor_limit type: string x-enum-varnames: - CURSOR_LIMIT ContainerImageType: default: container_image description: Type of Container Image. enum: - container_image example: container_image type: string x-enum-varnames: - CONTAINER_IMAGE ContainerImageVulnerabilities: description: Vulnerability counts associated with the Container Image. properties: asset_id: description: ID of the Container Image. type: string example: abc-123-def critical: description: Number of vulnerabilities with CVSS Critical severity. format: int64 type: integer example: 42 high: description: Number of vulnerabilities with CVSS High severity. format: int64 type: integer example: 42 low: description: Number of vulnerabilities with CVSS Low severity. format: int64 type: integer example: 42 medium: description: Number of vulnerabilities with CVSS Medium severity. format: int64 type: integer example: 42 none: description: Number of vulnerabilities with CVSS None severity. format: int64 type: integer example: 42 unknown: description: Number of vulnerabilities with an unknown CVSS severity. format: int64 type: integer example: 42 type: object ContainerImagesResponse: description: List of Container Images. properties: data: description: Array of Container Image objects. items: $ref: '#/components/schemas/ContainerImageItem' type: array links: $ref: '#/components/schemas/ContainerImagesResponseLinks' meta: $ref: '#/components/schemas/ContainerImageMeta' type: object ContainerImagesResponseLinks: description: Pagination links. properties: first: description: Link to the first page. type: string example: example_value last: description: Link to the last page. nullable: true type: string example: example_value next: description: Link to the next page. nullable: true type: string example: example_value prev: description: Link to previous page. nullable: true type: string example: example_value self: description: Link to current page. type: string example: example_value type: object ContainerItem: description: Possible Container models. oneOf: - $ref: '#/components/schemas/Container' - $ref: '#/components/schemas/ContainerGroup' ContainerMeta: description: Response metadata object. properties: pagination: $ref: '#/components/schemas/ContainerMetaPage' type: object ContainerMetaPage: description: Paging attributes. properties: cursor: description: The cursor used to get the current results, if any. type: string example: example_value limit: description: Number of results returned format: int32 maximum: 10000 minimum: 0 type: integer example: 42 next_cursor: description: The cursor used to get the next results, if any. type: string example: example_value prev_cursor: description: The cursor used to get the previous results, if any. nullable: true type: string example: example_value total: description: Total number of records that match the query. format: int64 type: integer example: 42 type: $ref: '#/components/schemas/ContainerMetaPageType' type: object ContainerMetaPageType: default: cursor_limit description: Type of Container pagination. enum: - cursor_limit example: cursor_limit type: string x-enum-varnames: - CURSOR_LIMIT ContainerType: default: container description: Type of container. enum: - container example: container type: string x-enum-varnames: - CONTAINER ContainersResponse: description: List of containers. properties: data: description: Array of Container objects. items: $ref: '#/components/schemas/ContainerItem' type: array links: $ref: '#/components/schemas/ContainersResponseLinks' meta: $ref: '#/components/schemas/ContainerMeta' type: object ContainersResponseLinks: description: Pagination links. properties: first: description: Link to the first page. type: string example: example_value last: description: Link to the last page. nullable: true type: string example: example_value next: description: Link to the next page. nullable: true type: string example: example_value prev: description: Link to previous page. nullable: true type: string example: example_value self: description: Link to current page. type: string example: example_value type: object ContentEncoding: description: HTTP header used to compress the media-type. enum: - identity - gzip - deflate type: string x-enum-varnames: - IDENTITY - GZIP - DEFLATE ConvertJobResultsToSignalsAttributes: description: Attributes for converting historical job results to signals. properties: id: description: Request ID. type: string example: abc-123-def jobResultIds: description: Job result IDs. example: - '' items: type: string type: array notifications: description: Notifications sent. example: - '' items: type: string type: array signalMessage: description: Message of generated signals. example: A large number of failed login attempts. type: string signalSeverity: $ref: '#/components/schemas/SecurityMonitoringRuleSeverity' required: - jobResultIds - signalSeverity - signalMessage - notifications type: object ConvertJobResultsToSignalsData: description: Data for converting historical job results to signals. properties: attributes: $ref: '#/components/schemas/ConvertJobResultsToSignalsAttributes' type: $ref: '#/components/schemas/ConvertJobResultsToSignalsDataType' type: object ConvertJobResultsToSignalsDataType: description: Type of payload. enum: - historicalDetectionsJobResultSignalConversion type: string x-enum-varnames: - HISTORICALDETECTIONSJOBRESULTSIGNALCONVERSION ConvertJobResultsToSignalsRequest: description: Request for converting historical job results to signals. properties: data: $ref: '#/components/schemas/ConvertJobResultsToSignalsData' type: object CostAttributionAggregates: description: An array of available aggregates. items: $ref: '#/components/schemas/CostAttributionAggregatesBody' type: array CostAttributionAggregatesBody: description: The object containing the aggregates. properties: agg_type: description: The aggregate type. example: sum type: string field: description: The field. example: infra_host_committed_cost type: string value: description: The value for a given field. format: double type: number example: 95.5 type: object CostAttributionTagNames: additionalProperties: description: >- A list of values that are associated with each tag key. - An empty list means the resource use wasn't tagged with the respective tag. - Multiple values means the respective tag was applied multiple times on the resource. - An `` value means the resource was tagged with the respective tag but did not have a value. items: description: A given tag in a list. example: datadog-integrations-lab type: string type: array description: >- Tag keys and values. A `null` value here means that the requested tag breakdown cannot be applied because it does not match the [tags configured for usage attribution](https://docs.datadoghq.com/account_management/billing/usage_attribution/#getting-started). In this scenario the API returns the total cost, not broken down by tags. nullable: true type: object CostAttributionType: default: cost_by_tag description: Type of cost attribution data. enum: - cost_by_tag example: cost_by_tag type: string x-enum-varnames: - COST_BY_TAG CostByOrg: description: Cost data. properties: attributes: $ref: '#/components/schemas/CostByOrgAttributes' id: description: Unique ID of the response. type: string example: abc-123-def type: $ref: '#/components/schemas/CostByOrgType' type: object CostByOrgAttributes: description: Cost attributes data. properties: account_name: description: The account name. type: string example: Example Monitor account_public_id: description: The account public ID. type: string example: abc-123-def charges: description: List of charges data reported for the requested month. items: $ref: '#/components/schemas/ChargebackBreakdown' type: array date: description: The month requested. format: date-time type: string example: '2026-04-17T12:00:00Z' org_name: description: The organization name. type: string example: Example Monitor public_id: description: The organization public ID. type: string example: abc-123-def region: description: The region of the Datadog instance that the organization belongs to. type: string example: example_value total_cost: description: The total cost of products for the month. format: double type: number example: 95.5 type: object CostByOrgResponse: description: Chargeback Summary response. properties: data: description: Response containing Chargeback Summary. items: $ref: '#/components/schemas/CostByOrg' type: array type: object CostByOrgType: default: cost_by_org description: Type of cost data. enum: - cost_by_org example: cost_by_org type: string x-enum-varnames: - COST_BY_ORG CreateActionConnectionRequest: description: Request used to create an action connection. properties: data: $ref: '#/components/schemas/ActionConnectionData' required: - data type: object CreateActionConnectionResponse: description: The response for a created connection properties: data: $ref: '#/components/schemas/ActionConnectionData' type: object CreateAppRequest: description: A request object for creating a new app. example: data: attributes: components: - events: [] name: grid0 properties: children: - events: [] name: gridCell0 properties: children: - events: [] name: calloutValue0 properties: isDisabled: false isLoading: false isVisible: true label: CPU Usage size: sm style: vivid_yellow unit: kB value: '42' type: calloutValue isVisible: 'true' layout: default: height: 8 width: 2 x: 0 'y': 0 type: gridCell type: grid description: This is a simple example app name: Example App queries: [] rootInstanceName: grid0 type: appDefinitions properties: data: $ref: '#/components/schemas/CreateAppRequestData' type: object CreateAppRequestData: description: The data object containing the app definition. properties: attributes: $ref: '#/components/schemas/CreateAppRequestDataAttributes' type: $ref: '#/components/schemas/AppDefinitionType' required: - type type: object CreateAppRequestDataAttributes: description: App definition attributes such as name, description, and components. properties: components: description: The UI components that make up the app. items: $ref: '#/components/schemas/ComponentGrid' type: array description: description: A human-readable description for the app. type: string example: example_value name: description: The name of the app. type: string example: Example Monitor queries: description: >- An array of queries, such as external actions and state variables, that the app uses. items: $ref: '#/components/schemas/Query' type: array rootInstanceName: description: >- The name of the root component of the app. This must be a `grid` component that contains all other components. type: string example: Example Monitor tags: description: A list of tags for the app, which can be used to filter apps. example: - service:webshop-backend - team:webshop items: description: An individual tag for the app. type: string type: array type: object CreateAppResponse: description: >- The response object after a new app is successfully created, with the app ID. properties: data: $ref: '#/components/schemas/CreateAppResponseData' type: object CreateAppResponseData: description: The data object containing the app ID. properties: id: description: The ID of the created app. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 format: uuid type: string type: $ref: '#/components/schemas/AppDefinitionType' required: - id - type type: object CreateCustomFrameworkRequest: description: Request object to create a custom framework. properties: data: $ref: '#/components/schemas/CustomFrameworkData' required: - data type: object CreateCustomFrameworkResponse: description: Response object to create a custom framework. properties: data: $ref: '#/components/schemas/FrameworkHandleAndVersionResponseData' required: - data type: object CreateNotificationRuleParameters: description: Body of the notification rule create request. properties: data: $ref: '#/components/schemas/CreateNotificationRuleParametersData' type: object CreateNotificationRuleParametersData: description: >- Data of the notification rule create request: the rule type, and the rule attributes. All fields are required. properties: attributes: $ref: '#/components/schemas/CreateNotificationRuleParametersDataAttributes' type: $ref: '#/components/schemas/NotificationRulesType' required: - attributes - type type: object CreateNotificationRuleParametersDataAttributes: description: Attributes of the notification rule create request. properties: enabled: $ref: '#/components/schemas/Enabled' name: $ref: '#/components/schemas/RuleName' selectors: $ref: '#/components/schemas/Selectors' targets: $ref: '#/components/schemas/Targets' time_aggregation: $ref: '#/components/schemas/TimeAggregation' required: - selectors - name - targets type: object CreateOpenAPIResponse: description: Response for `CreateOpenAPI` operation. properties: data: $ref: '#/components/schemas/CreateOpenAPIResponseData' type: object CreateOpenAPIResponseAttributes: description: Attributes for `CreateOpenAPI`. properties: failed_endpoints: description: List of endpoints which couldn't be parsed. items: $ref: '#/components/schemas/OpenAPIEndpoint' type: array type: object CreateOpenAPIResponseData: description: Data envelope for `CreateOpenAPIResponse`. properties: attributes: $ref: '#/components/schemas/CreateOpenAPIResponseAttributes' id: $ref: '#/components/schemas/ApiID' type: object CreatePageRequest: description: Full request to trigger an On-Call Page. example: data: attributes: description: Page details. tags: - service:test target: identifier: my-team type: team_handle title: Page title urgency: low type: pages properties: data: $ref: '#/components/schemas/CreatePageRequestData' type: object CreatePageRequestData: description: The main request body, including attributes and resource type. properties: attributes: $ref: '#/components/schemas/CreatePageRequestDataAttributes' type: $ref: '#/components/schemas/CreatePageRequestDataType' required: - type type: object CreatePageRequestDataAttributes: description: Details about the On-Call Page you want to create. properties: description: description: A short summary of the issue or context. type: string example: example_value tags: description: Tags to help categorize or filter the page. items: type: string type: array target: $ref: '#/components/schemas/CreatePageRequestDataAttributesTarget' title: description: The title of the page. example: 'Service: Test is down' type: string urgency: $ref: '#/components/schemas/PageUrgency' required: - target - title - urgency type: object CreatePageRequestDataAttributesTarget: description: Information about the target to notify (such as a team or user). properties: identifier: description: Identifier for the target (for example, team handle or user ID). type: string example: abc-123-def type: $ref: '#/components/schemas/OnCallPageTargetType' type: object CreatePageRequestDataType: default: pages description: The type of resource used when creating an On-Call Page. enum: - pages example: pages type: string x-enum-varnames: - PAGES CreatePageResponse: description: The full response object after creating a new On-Call Page. example: data: id: 15e74b8b-f865-48d0-bcc5-453323ed2c8f type: pages properties: data: $ref: '#/components/schemas/CreatePageResponseData' type: object CreatePageResponseData: description: The information returned after successfully creating a page. properties: id: description: The unique ID of the created page. type: string example: abc-123-def type: $ref: '#/components/schemas/CreatePageResponseDataType' required: - type type: object CreatePageResponseDataType: default: pages description: The type of resource used when creating an On-Call Page. enum: - pages example: pages type: string x-enum-varnames: - PAGES CreateRuleRequest: description: Scorecard create rule request. properties: data: $ref: '#/components/schemas/CreateRuleRequestData' type: object CreateRuleRequestData: description: Scorecard create rule request data. properties: attributes: $ref: '#/components/schemas/RuleAttributes' type: $ref: '#/components/schemas/RuleType' type: object CreateRuleResponse: description: Created rule in response. properties: data: $ref: '#/components/schemas/CreateRuleResponseData' type: object CreateRuleResponseData: description: Create rule response data. properties: attributes: $ref: '#/components/schemas/RuleAttributes' id: $ref: '#/components/schemas/RuleId' relationships: $ref: '#/components/schemas/RelationshipToRule' type: $ref: '#/components/schemas/RuleType' type: object CreateWorkflowRequest: description: A request object for creating a new workflow. example: data: attributes: description: A sample workflow. name: Example Workflow published: true spec: annotations: - display: bounds: height: 150 width: 300 x: -375 'y': -0.5 id: 99999999-9999-9999-9999-999999999999 markdownTextAnnotation: text: Example annotation. connectionEnvs: - connections: - connectionId: 11111111-1111-1111-1111-111111111111 label: INTEGRATION_DATADOG env: default handle: my-handle inputSchema: parameters: - defaultValue: default name: input type: STRING outputSchema: parameters: - name: output type: ARRAY_OBJECT value: '{{ Steps.Step1 }}' steps: - actionId: com.datadoghq.dd.monitor.listMonitors connectionLabel: INTEGRATION_DATADOG name: Step1 outboundEdges: - branchName: main nextStepName: Step2 parameters: - name: tags value: service:monitoring - actionId: com.datadoghq.core.noop name: Step2 triggers: - monitorTrigger: rateLimit: count: 1 interval: 3600s startStepNames: - Step1 - githubWebhookTrigger: {} startStepNames: - Step1 tags: - team:infra - service:monitoring - foo:bar type: workflows properties: data: $ref: '#/components/schemas/WorkflowData' required: - data type: object CreateWorkflowResponse: description: The response object after creating a new workflow. properties: data: $ref: '#/components/schemas/WorkflowData' required: - data type: object Creator: description: Creator of the object. properties: email: description: Email of the creator. type: string example: user@example.com handle: description: Handle of the creator. type: string example: example_value name: description: Name of the creator. nullable: true type: string example: Example Monitor type: object CsmAgentData: description: Single Agent Data. properties: attributes: $ref: '#/components/schemas/CsmAgentsAttributes' id: description: The ID of the Agent. example: fffffc5505f6a006fdf7cf5aae053653 type: string type: $ref: '#/components/schemas/CSMAgentsType' type: object CsmAgentsAttributes: description: A CSM Agent returned by the API. properties: agent_version: description: Version of the Datadog Agent. type: string example: example_value aws_fargate: description: AWS Fargate details. type: string example: example_value cluster_name: description: List of cluster names associated with the Agent. items: type: string type: array datadog_agent: description: Unique identifier for the Datadog Agent. type: string example: example_value ecs_fargate_task_arn: description: ARN of the ECS Fargate task. type: string example: example_value envs: description: List of environments associated with the Agent. items: type: string nullable: true type: array host_id: description: ID of the host. format: int64 type: integer example: 42 hostname: description: Name of the host. type: string example: Example Monitor install_method_installer_version: description: Version of the installer used for installing the Datadog Agent. type: string example: example_value install_method_tool: description: Tool used for installing the Datadog Agent. type: string example: example_value is_csm_vm_containers_enabled: description: Indicates if CSM VM Containers is enabled. nullable: true type: boolean example: true is_csm_vm_hosts_enabled: description: Indicates if CSM VM Hosts is enabled. nullable: true type: boolean example: true is_cspm_enabled: description: Indicates if CSPM is enabled. nullable: true type: boolean example: true is_cws_enabled: description: Indicates if CWS is enabled. nullable: true type: boolean example: true is_cws_remote_configuration_enabled: description: Indicates if CWS Remote Configuration is enabled. nullable: true type: boolean example: true is_remote_configuration_enabled: description: Indicates if Remote Configuration is enabled. nullable: true type: boolean example: true os: description: Operating system of the host. type: string example: example_value type: object CsmAgentsResponse: description: Response object that includes a list of CSM Agents. properties: data: description: A list of Agents. items: $ref: '#/components/schemas/CsmAgentData' type: array meta: $ref: '#/components/schemas/CSMAgentsMetadata' type: object CsmCloudAccountsCoverageAnalysisAttributes: description: CSM Cloud Accounts Coverage Analysis attributes. properties: aws_coverage: $ref: '#/components/schemas/CsmCoverageAnalysis' azure_coverage: $ref: '#/components/schemas/CsmCoverageAnalysis' gcp_coverage: $ref: '#/components/schemas/CsmCoverageAnalysis' org_id: description: The ID of your organization. example: 123456 format: int64 type: integer total_coverage: $ref: '#/components/schemas/CsmCoverageAnalysis' type: object CsmCloudAccountsCoverageAnalysisData: description: CSM Cloud Accounts Coverage Analysis data. properties: attributes: $ref: '#/components/schemas/CsmCloudAccountsCoverageAnalysisAttributes' id: description: The ID of your organization. example: 66b3c6b5-5c9a-457e-b1c3-f247ca23afa3 type: string type: default: get_cloud_accounts_coverage_analysis_response_public_v0 description: >- The type of the resource. The value should always be `get_cloud_accounts_coverage_analysis_response_public_v0`. example: get_cloud_accounts_coverage_analysis_response_public_v0 type: string type: object CsmCloudAccountsCoverageAnalysisResponse: description: CSM Cloud Accounts Coverage Analysis response. properties: data: $ref: '#/components/schemas/CsmCloudAccountsCoverageAnalysisData' type: object CsmCoverageAnalysis: description: CSM Coverage Analysis. properties: configured_resources_count: description: The number of fully configured resources. example: 8 format: int64 type: integer coverage: description: The coverage percentage. example: 0.8 format: double type: number partially_configured_resources_count: description: The number of partially configured resources. example: 0 format: int64 type: integer total_resources_count: description: The total number of resources. example: 10 format: int64 type: integer type: object CsmHostsAndContainersCoverageAnalysisAttributes: description: CSM Hosts and Containers Coverage Analysis attributes. properties: cspm_coverage: $ref: '#/components/schemas/CsmCoverageAnalysis' cws_coverage: $ref: '#/components/schemas/CsmCoverageAnalysis' org_id: description: The ID of your organization. example: 123456 format: int64 type: integer total_coverage: $ref: '#/components/schemas/CsmCoverageAnalysis' vm_coverage: $ref: '#/components/schemas/CsmCoverageAnalysis' type: object CsmHostsAndContainersCoverageAnalysisData: description: CSM Hosts and Containers Coverage Analysis data. properties: attributes: $ref: '#/components/schemas/CsmHostsAndContainersCoverageAnalysisAttributes' id: description: The ID of your organization. example: 66b3c6b5-5c9a-457e-b1c3-f247ca23afa3 type: string type: default: get_hosts_and_containers_coverage_analysis_response_public_v0 description: >- The type of the resource. The value should always be `get_hosts_and_containers_coverage_analysis_response_public_v0`. example: get_hosts_and_containers_coverage_analysis_response_public_v0 type: string type: object CsmHostsAndContainersCoverageAnalysisResponse: description: CSM Hosts and Containers Coverage Analysis response. properties: data: $ref: '#/components/schemas/CsmHostsAndContainersCoverageAnalysisData' type: object CsmServerlessCoverageAnalysisAttributes: description: CSM Serverless Resources Coverage Analysis attributes. properties: cws_coverage: $ref: '#/components/schemas/CsmCoverageAnalysis' org_id: description: The ID of your organization. example: 123456 format: int64 type: integer total_coverage: $ref: '#/components/schemas/CsmCoverageAnalysis' type: object CsmServerlessCoverageAnalysisData: description: CSM Serverless Resources Coverage Analysis data. properties: attributes: $ref: '#/components/schemas/CsmServerlessCoverageAnalysisAttributes' id: description: The ID of your organization. example: 66b3c6b5-5c9a-457e-b1c3-f247ca23afa3 type: string type: default: get_serverless_coverage_analysis_response_public_v0 description: >- The type of the resource. The value should always be `get_serverless_coverage_analysis_response_public_v0`. example: get_serverless_coverage_analysis_response_public_v0 type: string type: object CsmServerlessCoverageAnalysisResponse: description: CSM Serverless Resources Coverage Analysis response. properties: data: $ref: '#/components/schemas/CsmServerlessCoverageAnalysisData' type: object CustomConnection: description: A custom connection used by an app. properties: attributes: $ref: '#/components/schemas/CustomConnectionAttributes' id: description: The ID of the custom connection. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 format: uuid type: string type: $ref: '#/components/schemas/CustomConnectionType' type: object CustomConnectionAttributes: description: The custom connection attributes. properties: name: description: The name of the custom connection. type: string example: Example Monitor onPremRunner: $ref: '#/components/schemas/CustomConnectionAttributesOnPremRunner' type: object CustomConnectionAttributesOnPremRunner: description: >- Information about the Private Action Runner used by the custom connection, if the custom connection is associated with a Private Action Runner. properties: id: description: The Private Action Runner ID. type: string example: abc-123-def url: description: The URL of the Private Action Runner. type: string example: https://app.datadoghq.com type: object CustomConnectionType: default: custom_connections description: The custom connection type. enum: - custom_connections example: custom_connections type: string x-enum-varnames: - CUSTOM_CONNECTIONS CustomCostGetResponseMeta: description: Meta for the response from the Get Custom Costs endpoints. properties: version: description: Version of Custom Costs file type: string example: example_value type: object CustomCostListResponseMeta: description: Meta for the response from the List Custom Costs endpoints. properties: total_filtered_count: description: >- Number of Custom Costs files returned by the List Custom Costs endpoint format: int64 type: integer example: 42 version: description: Version of Custom Costs file type: string example: example_value type: object CustomCostUploadResponseMeta: description: Meta for the response from the Upload Custom Costs endpoints. properties: version: description: Version of Custom Costs file type: string example: example_value type: object CustomCostsFileGetResponse: description: Response for Get Custom Costs files. properties: data: $ref: '#/components/schemas/CustomCostsFileMetadataWithContentHighLevel' meta: $ref: '#/components/schemas/CustomCostGetResponseMeta' type: object CustomCostsFileLineItem: description: Line item details from a Custom Costs file. properties: BilledCost: description: Total cost in the cost file. example: 100.5 format: double type: number BillingCurrency: description: Currency used in the Custom Costs file. example: USD type: string ChargeDescription: description: Description for the line item cost. example: Monthly usage charge for my service type: string ChargePeriodEnd: description: End date of the usage charge. example: '2023-02-28' pattern: ^\d{4}-\d{2}-\d{2}$ type: string ChargePeriodStart: description: Start date of the usage charge. example: '2023-02-01' pattern: ^\d{4}-\d{2}-\d{2}$ type: string ProviderName: description: Name of the provider for the line item. type: string example: abc-123-def Tags: additionalProperties: type: string description: Additional tags for the line item. type: object type: object CustomCostsFileListResponse: description: Response for List Custom Costs files. properties: data: description: List of Custom Costs files. items: $ref: '#/components/schemas/CustomCostsFileMetadataHighLevel' type: array meta: $ref: '#/components/schemas/CustomCostListResponseMeta' type: object CustomCostsFileMetadata: description: Schema of a Custom Costs metadata. properties: billed_cost: description: Total cost in the cost file. example: 100.5 format: double type: number billing_currency: description: Currency used in the Custom Costs file. example: USD type: string charge_period: $ref: '#/components/schemas/CustomCostsFileUsageChargePeriod' name: description: Name of the Custom Costs file. example: my_file.json type: string provider_names: description: Providers contained in the Custom Costs file. items: description: Name of the provider. example: my_provider type: string type: array status: description: Status of the Custom Costs file. example: active type: string uploaded_at: description: >- Timestamp, in millisecond, of the upload time of the Custom Costs file. example: 1704067200000 format: double type: number uploaded_by: $ref: '#/components/schemas/CustomCostsUser' type: object CustomCostsFileMetadataHighLevel: description: JSON API format for a Custom Costs file. properties: attributes: $ref: '#/components/schemas/CustomCostsFileMetadata' id: description: ID of the Custom Costs metadata. type: string example: abc-123-def type: description: Type of the Custom Costs file metadata. type: string example: metric alert type: object CustomCostsFileMetadataWithContent: description: Schema of a cost file's metadata. properties: billed_cost: description: Total cost in the cost file. example: 100.5 format: double type: number billing_currency: description: Currency used in the Custom Costs file. example: USD type: string charge_period: $ref: '#/components/schemas/CustomCostsFileUsageChargePeriod' content: description: Detail of the line items from the Custom Costs file. items: $ref: '#/components/schemas/CustomCostsFileLineItem' type: array name: description: Name of the Custom Costs file. example: my_file.json type: string provider_names: description: Providers contained in the Custom Costs file. items: description: Name of a provider. example: my_provider type: string type: array status: description: Status of the Custom Costs file. example: active type: string uploaded_at: description: >- Timestamp in millisecond of the upload time of the Custom Costs file. example: 1704067200000 format: double type: number uploaded_by: $ref: '#/components/schemas/CustomCostsUser' type: object CustomCostsFileMetadataWithContentHighLevel: description: JSON API format of for a Custom Costs file with content. properties: attributes: $ref: '#/components/schemas/CustomCostsFileMetadataWithContent' id: description: ID of the Custom Costs metadata. type: string example: abc-123-def type: description: Type of the Custom Costs file metadata. type: string example: metric alert type: object CustomCostsFileUploadRequest: description: Request for uploading a Custom Costs file. items: $ref: '#/components/schemas/CustomCostsFileLineItem' type: array CustomCostsFileUploadResponse: description: Response for Uploaded Custom Costs files. properties: data: $ref: '#/components/schemas/CustomCostsFileMetadataHighLevel' meta: $ref: '#/components/schemas/CustomCostUploadResponseMeta' type: object CustomCostsFileUsageChargePeriod: description: Usage charge period of a Custom Costs file. properties: end: description: End of the usage of the Custom Costs file. example: 1706745600000 format: double type: number start: description: Start of the usage of the Custom Costs file. example: 1704067200000 format: double type: number type: object CustomCostsUser: description: Metadata of the user that has uploaded the Custom Costs file. properties: email: description: The name of the Custom Costs file. example: email.test@datadohq.com type: string icon: description: The name of the Custom Costs file. example: icon.png type: string name: description: Name of the user. example: Test User type: string type: object CustomDestinationAttributeTagsRestrictionListType: default: ALLOW_LIST description: >- How `forward_tags_restriction_list` parameter should be interpreted. If `ALLOW_LIST`, then only tags whose keys on the forwarded logs match the ones on the restriction list are forwarded. `BLOCK_LIST` works the opposite way. It does not forward the tags matching the ones on the list. enum: - ALLOW_LIST - BLOCK_LIST example: ALLOW_LIST type: string x-enum-varnames: - ALLOW_LIST - BLOCK_LIST CustomDestinationCreateRequest: description: The custom destination. properties: data: $ref: '#/components/schemas/CustomDestinationCreateRequestDefinition' type: object CustomDestinationCreateRequestAttributes: description: The attributes associated with the custom destination. properties: enabled: default: true description: >- Whether logs matching this custom destination should be forwarded or not. example: true type: boolean forward_tags: default: true description: Whether tags from the forwarded logs should be forwarded or not. example: true type: boolean forward_tags_restriction_list: default: [] description: >- List of [keys of tags](https://docs.datadoghq.com/getting_started/tagging/#define-tags) to be filtered. An empty list represents no restriction is in place and either all or no tags will be forwarded depending on `forward_tags_restriction_list_type` parameter. example: - datacenter - host items: description: >- The [key part of a tag](https://docs.datadoghq.com/getting_started/tagging/#define-tags). type: string maxItems: 10 minItems: 0 type: array forward_tags_restriction_list_type: $ref: >- #/components/schemas/CustomDestinationAttributeTagsRestrictionListType forwarder_destination: $ref: '#/components/schemas/CustomDestinationForwardDestination' name: description: The custom destination name. example: Nginx logs type: string query: default: '' description: >- The custom destination query and filter. Logs matching this query are forwarded to the destination. example: source:nginx type: string required: - name - forwarder_destination type: object CustomDestinationCreateRequestDefinition: description: The definition of a custom destination. properties: attributes: $ref: '#/components/schemas/CustomDestinationCreateRequestAttributes' type: $ref: '#/components/schemas/CustomDestinationType' required: - type - attributes type: object CustomDestinationElasticsearchDestinationAuth: description: Basic access authentication. properties: password: description: >- The password of the authentication. This field is not returned by the API. example: datadog-custom-destination-password type: string writeOnly: true username: description: >- The username of the authentication. This field is not returned by the API. example: datadog-custom-destination-username type: string writeOnly: true required: - username - password type: object CustomDestinationForwardDestination: description: A custom destination's location to forward logs. oneOf: - $ref: '#/components/schemas/CustomDestinationForwardDestinationHttp' - $ref: '#/components/schemas/CustomDestinationForwardDestinationSplunk' - $ref: >- #/components/schemas/CustomDestinationForwardDestinationElasticsearch CustomDestinationForwardDestinationElasticsearch: description: The Elasticsearch destination. properties: auth: $ref: '#/components/schemas/CustomDestinationElasticsearchDestinationAuth' endpoint: description: >- The destination for which logs will be forwarded to. Must have HTTPS scheme and forwarding back to Datadog is not allowed. example: https://example.com type: string index_name: description: >- Name of the Elasticsearch index (must follow [Elasticsearch's criteria](https://www.elastic.co/guide/en/elasticsearch/reference/8.11/indices-create-index.html#indices-create-api-path-params)). example: nginx-logs type: string index_rotation: description: >- Date pattern with US locale and UTC timezone to be appended to the index name after adding `-` (that is, `${index_name}-${indexPattern}`). You can customize the index rotation naming pattern by choosing one of these options: - Hourly: `yyyy-MM-dd-HH` (as an example, it would render: `2022-10-19-09`) - Daily: `yyyy-MM-dd` (as an example, it would render: `2022-10-19`) - Weekly: `yyyy-'W'ww` (as an example, it would render: `2022-W42`) - Monthly: `yyyy-MM` (as an example, it would render: `2022-10`) If this field is missing or is blank, it means that the index name will always be the same (that is, no rotation). example: yyyy-MM-dd type: string type: $ref: >- #/components/schemas/CustomDestinationForwardDestinationElasticsearchType required: - type - endpoint - auth - index_name type: object CustomDestinationForwardDestinationElasticsearchType: default: elasticsearch description: Type of the Elasticsearch destination. enum: - elasticsearch example: elasticsearch type: string x-enum-varnames: - ELASTICSEARCH CustomDestinationForwardDestinationHttp: description: The HTTP destination. properties: auth: $ref: '#/components/schemas/CustomDestinationHttpDestinationAuth' endpoint: description: >- The destination for which logs will be forwarded to. Must have HTTPS scheme and forwarding back to Datadog is not allowed. example: https://example.com type: string type: $ref: '#/components/schemas/CustomDestinationForwardDestinationHttpType' required: - type - endpoint - auth type: object CustomDestinationForwardDestinationHttpType: default: http description: Type of the HTTP destination. enum: - http example: http type: string x-enum-varnames: - HTTP CustomDestinationForwardDestinationSplunk: description: The Splunk HTTP Event Collector (HEC) destination. properties: access_token: description: >- Access token of the Splunk HTTP Event Collector. This field is not returned by the API. example: splunk_access_token type: string writeOnly: true endpoint: description: >- The destination for which logs will be forwarded to. Must have HTTPS scheme and forwarding back to Datadog is not allowed. example: https://example.com type: string type: $ref: '#/components/schemas/CustomDestinationForwardDestinationSplunkType' required: - type - endpoint - access_token type: object CustomDestinationForwardDestinationSplunkType: default: splunk_hec description: Type of the Splunk HTTP Event Collector (HEC) destination. enum: - splunk_hec example: splunk_hec type: string x-enum-varnames: - SPLUNK_HEC CustomDestinationHttpDestinationAuth: description: Authentication method of the HTTP requests. oneOf: - $ref: '#/components/schemas/CustomDestinationHttpDestinationAuthBasic' - $ref: >- #/components/schemas/CustomDestinationHttpDestinationAuthCustomHeader CustomDestinationHttpDestinationAuthBasic: description: Basic access authentication. properties: password: description: >- The password of the authentication. This field is not returned by the API. example: datadog-custom-destination-password type: string writeOnly: true type: $ref: '#/components/schemas/CustomDestinationHttpDestinationAuthBasicType' username: description: >- The username of the authentication. This field is not returned by the API. example: datadog-custom-destination-username type: string writeOnly: true required: - type - username - password type: object CustomDestinationHttpDestinationAuthBasicType: default: basic description: Type of the basic access authentication. enum: - basic example: basic type: string x-enum-varnames: - BASIC CustomDestinationHttpDestinationAuthCustomHeader: description: Custom header access authentication. properties: header_name: description: The header name of the authentication. example: CUSTOM-HEADER-NAME type: string header_value: description: >- The header value of the authentication. This field is not returned by the API. example: CUSTOM-HEADER-AUTHENTICATION-VALUE type: string writeOnly: true type: $ref: >- #/components/schemas/CustomDestinationHttpDestinationAuthCustomHeaderType required: - type - header_name - header_value type: object CustomDestinationHttpDestinationAuthCustomHeaderType: default: custom_header description: Type of the custom header access authentication. enum: - custom_header example: custom_header type: string x-enum-varnames: - CUSTOM_HEADER CustomDestinationResponse: description: The custom destination. properties: data: $ref: '#/components/schemas/CustomDestinationResponseDefinition' type: object CustomDestinationResponseAttributes: description: The attributes associated with the custom destination. properties: enabled: default: true description: >- Whether logs matching this custom destination should be forwarded or not. example: true type: boolean forward_tags: default: true description: Whether tags from the forwarded logs should be forwarded or not. example: true type: boolean forward_tags_restriction_list: default: [] description: >- List of [keys of tags](https://docs.datadoghq.com/getting_started/tagging/#define-tags) to be filtered. An empty list represents no restriction is in place and either all or no tags will be forwarded depending on `forward_tags_restriction_list_type` parameter. example: - datacenter - host items: description: >- The [key part of a tag](https://docs.datadoghq.com/getting_started/tagging/#define-tags). type: string maxItems: 10 minItems: 0 type: array forward_tags_restriction_list_type: $ref: >- #/components/schemas/CustomDestinationAttributeTagsRestrictionListType forwarder_destination: $ref: '#/components/schemas/CustomDestinationResponseForwardDestination' name: description: The custom destination name. example: Nginx logs type: string query: default: '' description: >- The custom destination query filter. Logs matching this query are forwarded to the destination. example: source:nginx type: string type: object CustomDestinationResponseDefinition: description: The definition of a custom destination. properties: attributes: $ref: '#/components/schemas/CustomDestinationResponseAttributes' id: description: The custom destination ID. example: be5d7a69-d0c8-4d4d-8ee8-bba292d98139 readOnly: true type: string type: $ref: '#/components/schemas/CustomDestinationType' type: object CustomDestinationResponseElasticsearchDestinationAuth: additionalProperties: description: Basic access authentication. description: Basic access authentication. type: object CustomDestinationResponseForwardDestination: description: A custom destination's location to forward logs. oneOf: - $ref: '#/components/schemas/CustomDestinationResponseForwardDestinationHttp' - $ref: >- #/components/schemas/CustomDestinationResponseForwardDestinationSplunk - $ref: >- #/components/schemas/CustomDestinationResponseForwardDestinationElasticsearch CustomDestinationResponseForwardDestinationElasticsearch: description: The Elasticsearch destination. properties: auth: $ref: >- #/components/schemas/CustomDestinationResponseElasticsearchDestinationAuth endpoint: description: >- The destination for which logs will be forwarded to. Must have HTTPS scheme and forwarding back to Datadog is not allowed. example: https://example.com type: string index_name: description: >- Name of the Elasticsearch index (must follow [Elasticsearch's criteria](https://www.elastic.co/guide/en/elasticsearch/reference/8.11/indices-create-index.html#indices-create-api-path-params)). example: nginx-logs type: string index_rotation: description: >- Date pattern with US locale and UTC timezone to be appended to the index name after adding `-` (that is, `${index_name}-${indexPattern}`). You can customize the index rotation naming pattern by choosing one of these options: - Hourly: `yyyy-MM-dd-HH` (as an example, it would render: `2022-10-19-09`) - Daily: `yyyy-MM-dd` (as an example, it would render: `2022-10-19`) - Weekly: `yyyy-'W'ww` (as an example, it would render: `2022-W42`) - Monthly: `yyyy-MM` (as an example, it would render: `2022-10`) If this field is missing or is blank, it means that the index name will always be the same (that is, no rotation). example: yyyy-MM-dd type: string type: $ref: >- #/components/schemas/CustomDestinationResponseForwardDestinationElasticsearchType required: - type - endpoint - auth - index_name type: object CustomDestinationResponseForwardDestinationElasticsearchType: default: elasticsearch description: Type of the Elasticsearch destination. enum: - elasticsearch example: elasticsearch type: string x-enum-varnames: - ELASTICSEARCH CustomDestinationResponseForwardDestinationHttp: description: The HTTP destination. properties: auth: $ref: '#/components/schemas/CustomDestinationResponseHttpDestinationAuth' endpoint: description: >- The destination for which logs will be forwarded to. Must have HTTPS scheme and forwarding back to Datadog is not allowed. example: https://example.com type: string type: $ref: >- #/components/schemas/CustomDestinationResponseForwardDestinationHttpType required: - type - endpoint - auth type: object CustomDestinationResponseForwardDestinationHttpType: default: http description: Type of the HTTP destination. enum: - http example: http type: string x-enum-varnames: - HTTP CustomDestinationResponseForwardDestinationSplunk: description: The Splunk HTTP Event Collector (HEC) destination. properties: endpoint: description: >- The destination for which logs will be forwarded to. Must have HTTPS scheme and forwarding back to Datadog is not allowed. example: https://example.com type: string type: $ref: >- #/components/schemas/CustomDestinationResponseForwardDestinationSplunkType required: - type - endpoint type: object CustomDestinationResponseForwardDestinationSplunkType: default: splunk_hec description: Type of the Splunk HTTP Event Collector (HEC) destination. enum: - splunk_hec example: splunk_hec type: string x-enum-varnames: - SPLUNK_HEC CustomDestinationResponseHttpDestinationAuth: description: Authentication method of the HTTP requests. oneOf: - $ref: >- #/components/schemas/CustomDestinationResponseHttpDestinationAuthBasic - $ref: >- #/components/schemas/CustomDestinationResponseHttpDestinationAuthCustomHeader CustomDestinationResponseHttpDestinationAuthBasic: description: Basic access authentication. properties: type: $ref: >- #/components/schemas/CustomDestinationResponseHttpDestinationAuthBasicType required: - type type: object CustomDestinationResponseHttpDestinationAuthBasicType: default: basic description: Type of the basic access authentication. enum: - basic example: basic type: string x-enum-varnames: - BASIC CustomDestinationResponseHttpDestinationAuthCustomHeader: description: Custom header access authentication. properties: header_name: description: The header name of the authentication. example: CUSTOM-HEADER-NAME type: string type: $ref: >- #/components/schemas/CustomDestinationResponseHttpDestinationAuthCustomHeaderType required: - type - header_name type: object CustomDestinationResponseHttpDestinationAuthCustomHeaderType: default: custom_header description: Type of the custom header access authentication. enum: - custom_header example: custom_header type: string x-enum-varnames: - CUSTOM_HEADER CustomDestinationType: default: custom_destination description: >- The type of the resource. The value should always be `custom_destination`. enum: - custom_destination example: custom_destination type: string x-enum-varnames: - CUSTOM_DESTINATION CustomDestinationUpdateRequest: description: The custom destination. properties: data: $ref: '#/components/schemas/CustomDestinationUpdateRequestDefinition' type: object CustomDestinationUpdateRequestAttributes: description: The attributes associated with the custom destination. properties: enabled: default: true description: >- Whether logs matching this custom destination should be forwarded or not. example: true type: boolean forward_tags: default: true description: Whether tags from the forwarded logs should be forwarded or not. example: true type: boolean forward_tags_restriction_list: default: [] description: >- List of [keys of tags](https://docs.datadoghq.com/getting_started/tagging/#define-tags) to be restricted from being forwarded. An empty list represents no restriction is in place and either all or no tags will be forwarded depending on `forward_tags_restriction_list_type` parameter. example: - datacenter - host items: description: >- The [key part of a tag](https://docs.datadoghq.com/getting_started/tagging/#define-tags). type: string maxItems: 10 minItems: 0 type: array forward_tags_restriction_list_type: $ref: >- #/components/schemas/CustomDestinationAttributeTagsRestrictionListType forwarder_destination: $ref: '#/components/schemas/CustomDestinationForwardDestination' name: description: The custom destination name. example: Nginx logs type: string query: default: '' description: >- The custom destination query and filter. Logs matching this query are forwarded to the destination. example: source:nginx type: string type: object CustomDestinationUpdateRequestDefinition: description: The definition of a custom destination. properties: attributes: $ref: '#/components/schemas/CustomDestinationUpdateRequestAttributes' id: description: The custom destination ID. example: be5d7a69-d0c8-4d4d-8ee8-bba292d98139 type: string type: $ref: '#/components/schemas/CustomDestinationType' required: - type - id type: object CustomDestinationsResponse: description: The available custom destinations. properties: data: description: A list of custom destinations. items: $ref: '#/components/schemas/CustomDestinationResponseDefinition' type: array type: object CustomFrameworkControl: description: Framework Control. properties: name: description: Control Name. example: A1.2 type: string rules_id: description: Rule IDs. example: - '["def-000-abc"]' items: type: string type: array required: - name - rules_id type: object CustomFrameworkData: description: Contains type and attributes for custom frameworks. properties: attributes: $ref: '#/components/schemas/CustomFrameworkDataAttributes' type: $ref: '#/components/schemas/CustomFrameworkType' required: - type - attributes type: object CustomFrameworkDataAttributes: description: Framework Data Attributes. properties: description: description: Framework Description type: string example: example_value handle: description: Framework Handle example: sec2 type: string icon_url: description: Framework Icon URL type: string example: https://app.datadoghq.com name: description: Framework Name example: security-framework type: string requirements: description: Framework Requirements items: $ref: '#/components/schemas/CustomFrameworkRequirement' type: array version: description: Framework Version example: '2' type: string required: - handle - version - name - requirements type: object CustomFrameworkDataHandleAndVersion: description: Framework Handle and Version. properties: handle: description: Framework Handle example: sec2 type: string version: description: Framework Version example: '2' type: string type: object CustomFrameworkMetadata: description: Metadata for custom frameworks. properties: attributes: $ref: '#/components/schemas/CustomFrameworkWithoutRequirements' id: description: The ID of the custom framework. example: handle-version type: string type: $ref: '#/components/schemas/CustomFrameworkType' type: object CustomFrameworkRequirement: description: Framework Requirement. properties: controls: description: Requirement Controls. items: $ref: '#/components/schemas/CustomFrameworkControl' type: array name: description: Requirement Name. example: criteria type: string required: - name - controls type: object CustomFrameworkType: default: custom_framework description: The type of the resource. The value must be `custom_framework`. enum: - custom_framework example: custom_framework type: string x-enum-varnames: - CUSTOM_FRAMEWORK CustomFrameworkWithoutRequirements: description: Framework without requirements. properties: description: description: Framework Description example: this is a security description type: string handle: description: Framework Handle example: sec2 type: string icon_url: description: Framework Icon URL example: https://example.com/icon.png type: string name: description: Framework Name example: security-framework type: string version: description: Framework Version example: '2' type: string required: - handle - version - name type: object DORADeploymentRequest: description: Request to create a DORA deployment event. properties: data: $ref: '#/components/schemas/DORADeploymentRequestData' required: - data type: object DORADeploymentRequestAttributes: description: Attributes to create a DORA deployment event. properties: env: description: Environment name to where the service was deployed. example: staging type: string finished_at: description: >- Unix timestamp when the deployment finished. It must be in nanoseconds, milliseconds, or seconds, and it should not be older than 1 hour. example: 1693491984000000000 format: int64 type: integer git: $ref: '#/components/schemas/DORAGitInfo' id: description: Deployment ID. type: string example: abc-123-def service: description: Service name. example: shopist type: string started_at: description: >- Unix timestamp when the deployment started. It must be in nanoseconds, milliseconds, or seconds. example: 1693491974000000000 format: int64 type: integer team: description: >- Name of the team owning the deployed service. If not provided, this is automatically populated with the team associated with the service in the Service Catalog. example: backend type: string version: description: >- Version to correlate with [APM Deployment Tracking](https://docs.datadoghq.com/tracing/services/deployment_tracking/). example: v1.12.07 type: string required: - service - started_at - finished_at type: object DORADeploymentRequestData: description: The JSON:API data. properties: attributes: $ref: '#/components/schemas/DORADeploymentRequestAttributes' required: - attributes type: object DORADeploymentResponse: description: Response after receiving a DORA deployment event. properties: data: $ref: '#/components/schemas/DORADeploymentResponseData' required: - data type: object DORADeploymentResponseData: description: The JSON:API data. properties: id: description: The ID of the received DORA deployment event. example: 4242fcdd31586083 type: string type: $ref: '#/components/schemas/DORADeploymentType' required: - id type: object DORADeploymentType: default: dora_deployment description: JSON:API type for DORA deployment events. enum: - dora_deployment example: dora_deployment type: string x-enum-varnames: - DORA_DEPLOYMENT DORAEvent: description: A DORA event. properties: attributes: description: The attributes of the event. type: object id: description: The ID of the event. type: string example: abc-123-def type: description: The type of the event. type: string example: metric alert type: object DORAFetchResponse: description: Response for the DORA fetch endpoints. properties: data: $ref: '#/components/schemas/DORAEvent' type: object DORAGitInfo: description: Git info for DORA Metrics events. properties: commit_sha: $ref: '#/components/schemas/GitCommitSHA' repository_url: $ref: '#/components/schemas/GitRepositoryURL' required: - repository_url - commit_sha type: object DORAIncidentRequest: description: Request to create a DORA incident event. properties: data: $ref: '#/components/schemas/DORAIncidentRequestData' required: - data type: object DORAIncidentRequestAttributes: description: Attributes to create a DORA incident event. properties: env: description: Environment name that was impacted by the incident. example: staging type: string finished_at: description: >- Unix timestamp when the incident finished. It must be in nanoseconds, milliseconds, or seconds, and it should not be older than 1 hour. example: 1693491984000000000 format: int64 type: integer git: $ref: '#/components/schemas/DORAGitInfo' id: description: >- Incident ID. Must have at least 16 characters. Required to update a previously sent incident. type: string example: abc-123-def name: description: Incident name. example: Webserver is down failing all requests. type: string services: description: >- Service names impacted by the incident. If possible, use names registered in the Service Catalog. Required when the team field is not provided. example: - shopist items: type: string type: array severity: description: Incident severity. example: High type: string started_at: description: >- Unix timestamp when the incident started. It must be in nanoseconds, milliseconds, or seconds. example: 1693491974000000000 format: int64 type: integer team: description: >- Name of the team owning the services impacted. If possible, use team handles registered in Datadog. Required when the services field is not provided. example: backend type: string version: description: >- Version to correlate with [APM Deployment Tracking](https://docs.datadoghq.com/tracing/services/deployment_tracking/). example: v1.12.07 type: string required: - started_at type: object DORAIncidentRequestData: description: The JSON:API data. properties: attributes: $ref: '#/components/schemas/DORAIncidentRequestAttributes' required: - attributes type: object DORAIncidentResponse: description: Response after receiving a DORA incident event. properties: data: $ref: '#/components/schemas/DORAIncidentResponseData' required: - data type: object DORAIncidentResponseData: description: Response after receiving a DORA incident event. properties: id: description: The ID of the received DORA incident event. example: 4242fcdd31586083 type: string type: $ref: '#/components/schemas/DORAIncidentType' required: - id type: object DORAIncidentType: default: dora_incident description: JSON:API type for DORA incident events. enum: - dora_incident example: dora_incident type: string x-enum-varnames: - DORA_INCIDENT DORAListDeploymentsRequest: description: Request to get a list of deployments. properties: data: $ref: '#/components/schemas/DORAListDeploymentsRequestData' required: - data type: object DORAListDeploymentsRequestAttributes: description: Attributes to get a list of deployments. properties: from: description: Minimum timestamp for requested events. format: date-time type: string example: example_value limit: default: 10 description: Maximum number of events in the response. format: int32 maximum: 1000 type: integer example: 42 query: description: Search query with event platform syntax. type: string example: avg:system.cpu.user{*} sort: description: Sort order (prefixed with `-` for descending). type: string example: example_value to: description: Maximum timestamp for requested events. format: date-time type: string example: example_value type: object DORAListDeploymentsRequestData: description: The JSON:API data. properties: attributes: $ref: '#/components/schemas/DORAListDeploymentsRequestAttributes' type: $ref: '#/components/schemas/DORAListDeploymentsRequestDataType' required: - attributes type: object DORAListDeploymentsRequestDataType: description: The definition of `DORAListDeploymentsRequestDataType` object. enum: - dora_deployments_list_request type: string x-enum-varnames: - DORA_DEPLOYMENTS_LIST_REQUEST DORAListFailuresRequest: description: Request to get a list of failures. properties: data: $ref: '#/components/schemas/DORAListFailuresRequestData' required: - data type: object DORAListFailuresRequestAttributes: description: Attributes to get a list of failures. properties: from: description: Minimum timestamp for requested events. format: date-time type: string example: example_value limit: default: 10 description: Maximum number of events in the response. format: int32 maximum: 1000 type: integer example: 42 query: description: Search query with event platform syntax. type: string example: avg:system.cpu.user{*} sort: description: Sort order (prefixed with `-` for descending). type: string example: example_value to: description: Maximum timestamp for requested events. format: date-time type: string example: example_value type: object DORAListFailuresRequestData: description: The JSON:API data. properties: attributes: $ref: '#/components/schemas/DORAListFailuresRequestAttributes' type: $ref: '#/components/schemas/DORAListFailuresRequestDataType' required: - attributes type: object DORAListFailuresRequestDataType: description: The definition of `DORAListFailuresRequestDataType` object. enum: - dora_failures_list_request type: string x-enum-varnames: - DORA_FAILURES_LIST_REQUEST DORAListResponse: description: Response for the DORA list endpoints. properties: data: description: The list of DORA events. items: $ref: '#/components/schemas/DORAEvent' type: array type: object DashboardListAddItemsRequest: description: Request containing a list of dashboards to add. properties: dashboards: description: List of dashboards to add the dashboard list. items: $ref: '#/components/schemas/DashboardListItemRequest' type: array type: object DashboardListAddItemsResponse: description: Response containing a list of added dashboards. properties: added_dashboards_to_list: description: List of dashboards added to the dashboard list. items: $ref: '#/components/schemas/DashboardListItemResponse' type: array type: object DashboardListDeleteItemsRequest: description: Request containing a list of dashboards to delete. properties: dashboards: description: List of dashboards to delete from the dashboard list. items: $ref: '#/components/schemas/DashboardListItemRequest' type: array type: object DashboardListDeleteItemsResponse: description: Response containing a list of deleted dashboards. properties: deleted_dashboards_from_list: description: List of dashboards deleted from the dashboard list. items: $ref: '#/components/schemas/DashboardListItemResponse' type: array type: object DashboardListItem: description: A dashboard within a list. properties: author: $ref: '#/components/schemas/Creator' created: description: Date of creation of the dashboard. format: date-time readOnly: true type: string example: example_value icon: description: URL to the icon of the dashboard. nullable: true readOnly: true type: string example: example_value id: description: ID of the dashboard. example: q5j-nti-fv6 type: string integration_id: description: The short name of the integration. nullable: true readOnly: true type: string example: abc-123-def is_favorite: description: Whether or not the dashboard is in the favorites. readOnly: true type: boolean example: true is_read_only: description: Whether or not the dashboard is read only. readOnly: true type: boolean example: true is_shared: description: Whether the dashboard is publicly shared or not. readOnly: true type: boolean example: true modified: description: Date of last edition of the dashboard. format: date-time readOnly: true type: string example: example_value popularity: description: Popularity of the dashboard. format: int32 maximum: 5 readOnly: true type: integer example: 42 tags: description: List of team names representing ownership of a dashboard. items: description: The name of a Datadog team, formatted as `team:` type: string maxItems: 5 nullable: true readOnly: true type: array title: description: Title of the dashboard. readOnly: true type: string example: Example Monitor type: $ref: '#/components/schemas/DashboardType' url: description: URL path to the dashboard. readOnly: true type: string example: https://app.datadoghq.com required: - type - id type: object DashboardListItemRequest: description: A dashboard within a list. properties: id: description: ID of the dashboard. example: q5j-nti-fv6 type: string type: $ref: '#/components/schemas/DashboardType' required: - type - id type: object DashboardListItemResponse: description: A dashboard within a list. properties: id: description: ID of the dashboard. example: q5j-nti-fv6 readOnly: true type: string type: $ref: '#/components/schemas/DashboardType' required: - type - id type: object DashboardListItems: description: Dashboards within a list. properties: dashboards: description: List of dashboards in the dashboard list. example: [] items: $ref: '#/components/schemas/DashboardListItem' type: array total: description: Number of dashboards in the dashboard list. format: int64 readOnly: true type: integer example: 42 required: - dashboards type: object DashboardListUpdateItemsRequest: description: Request containing the list of dashboards to update to. properties: dashboards: description: List of dashboards to update the dashboard list to. items: $ref: '#/components/schemas/DashboardListItemRequest' type: array type: object DashboardListUpdateItemsResponse: description: Response containing a list of updated dashboards. properties: dashboards: description: List of dashboards in the dashboard list. items: $ref: '#/components/schemas/DashboardListItemResponse' type: array type: object DashboardTriggerWrapper: description: Schema for a Dashboard-based trigger. properties: dashboardTrigger: description: Trigger a workflow from a Dashboard. type: object startStepNames: $ref: '#/components/schemas/StartStepNames' required: - dashboardTrigger type: object DashboardType: description: The type of the dashboard. enum: - custom_timeboard - custom_screenboard - integration_screenboard - integration_timeboard - host_timeboard example: host_timeboard type: string x-enum-varnames: - CUSTOM_TIMEBOARD - CUSTOM_SCREENBOARD - INTEGRATION_SCREENBOARD - INTEGRATION_TIMEBOARD - HOST_TIMEBOARD DataRelationshipsTeams: description: Associates teams with this schedule in a data structure. properties: data: description: An array of team references for this schedule. items: $ref: '#/components/schemas/DataRelationshipsTeamsDataItems' type: array type: object DataRelationshipsTeamsDataItems: description: >- Relates a team to this schedule, identified by `id` and `type` (must be `teams`). properties: id: description: The unique identifier of the team in this relationship. example: 00000000-da3a-0000-0000-000000000000 type: string type: $ref: '#/components/schemas/DataRelationshipsTeamsDataItemsType' required: - type - id type: object DataRelationshipsTeamsDataItemsType: default: teams description: Teams resource type. enum: - teams example: teams type: string x-enum-varnames: - TEAMS DataScalarColumn: description: A column containing the numerical results for a formula or query. properties: meta: $ref: '#/components/schemas/ScalarMeta' name: description: The name referencing the formula or query for this column. example: a type: string type: $ref: '#/components/schemas/ScalarColumnTypeNumber' values: description: The array of numerical values for one formula or query. example: - 0.5 items: description: An individual value for a given column and group-by. example: 0.5 format: double nullable: true type: number type: array type: object DataTransform: description: >- A data transformer, which is custom JavaScript code that executes and transforms data when its inputs change. properties: id: description: The ID of the data transformer. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 format: uuid type: string name: description: >- A unique identifier for this data transformer. This name is also used to access the transformer's result throughout the app. example: combineTwoOrders type: string properties: $ref: '#/components/schemas/DataTransformProperties' type: $ref: '#/components/schemas/DataTransformType' required: - id - name - type - properties type: object DataTransformProperties: description: The properties of the data transformer. properties: outputs: description: A JavaScript function that returns the transformed data. example: |- ${(() => {return { allItems: [...fetchOrder1.outputs.items, ...fetchOrder2.outputs.items], }})()} type: string type: object DataTransformType: default: dataTransform description: The data transform type. enum: - dataTransform example: dataTransform type: string x-enum-varnames: - DATATRANSFORM DatabaseMonitoringTriggerWrapper: description: Schema for a Database Monitoring-based trigger. properties: databaseMonitoringTrigger: description: Trigger a workflow from Database Monitoring. type: object startStepNames: $ref: '#/components/schemas/StartStepNames' required: - databaseMonitoringTrigger type: object Date: description: Date as Unix timestamp in milliseconds. example: 1722439510282 format: int64 type: integer DeleteAppResponse: description: The response object after an app is successfully deleted. properties: data: $ref: '#/components/schemas/DeleteAppResponseData' type: object DeleteAppResponseData: description: The definition of `DeleteAppResponseData` object. properties: id: description: The ID of the deleted app. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 format: uuid type: string type: $ref: '#/components/schemas/AppDefinitionType' required: - id - type type: object DeleteAppsRequest: description: A request object for deleting multiple apps by ID. example: data: - id: aea2ed17-b45f-40d0-ba59-c86b7972c901 type: appDefinitions - id: f69bb8be-6168-4fe7-a30d-370256b6504a type: appDefinitions - id: ab1ed73e-13ad-4426-b0df-a0ff8876a088 type: appDefinitions properties: data: description: An array of objects containing the IDs of the apps to delete. items: $ref: '#/components/schemas/DeleteAppsRequestDataItems' type: array type: object DeleteAppsRequestDataItems: description: An object containing the ID of an app to delete. properties: id: description: The ID of the app to delete. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 format: uuid type: string type: $ref: '#/components/schemas/AppDefinitionType' required: - id - type type: object DeleteAppsResponse: description: The response object after multiple apps are successfully deleted. properties: data: description: An array of objects containing the IDs of the deleted apps. items: $ref: '#/components/schemas/DeleteAppsResponseDataItems' type: array type: object DeleteAppsResponseDataItems: description: An object containing the ID of a deleted app. properties: id: description: The ID of the deleted app. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 format: uuid type: string type: $ref: '#/components/schemas/AppDefinitionType' required: - id - type type: object DeleteCustomFrameworkResponse: description: Response object to delete a custom framework. properties: data: $ref: '#/components/schemas/CustomFrameworkMetadata' required: - data type: object DependencyLocation: description: Static library vulnerability location. properties: column_end: description: Location column end. example: 140 format: int64 type: integer column_start: description: Location column start. example: 5 format: int64 type: integer file_name: description: Location file name. example: src/go.mod type: string line_end: description: Location line end. example: 10 format: int64 type: integer line_start: description: Location line start. example: 1 format: int64 type: integer required: - file_name - line_start - line_end - column_start - column_end type: object Deployment: description: The version of the app that was published. properties: attributes: $ref: '#/components/schemas/DeploymentAttributes' id: description: The deployment ID. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 format: uuid type: string meta: $ref: '#/components/schemas/DeploymentMetadata' type: $ref: '#/components/schemas/AppDeploymentType' type: object DeploymentAttributes: description: The attributes object containing the version ID of the published app. properties: app_version_id: description: >- The version ID of the app that was published. For an unpublished app, this is always the nil UUID (`00000000-0000-0000-0000-000000000000`). example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 format: uuid type: string type: object DeploymentMetadata: description: Metadata object containing the publication creation information. properties: created_at: description: Timestamp of when the app was published. format: date-time type: string example: example_value user_id: description: The ID of the user who published the app. format: int64 type: integer example: 42 user_name: description: The name (or email address) of the user who published the app. type: string example: Example Monitor user_uuid: description: The UUID of the user who published the app. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 format: uuid type: string type: object DeploymentRelationship: description: Information pointing to the app's publication status. properties: data: $ref: '#/components/schemas/DeploymentRelationshipData' meta: $ref: '#/components/schemas/DeploymentMetadata' type: object DeploymentRelationshipData: description: Data object containing the deployment ID. properties: id: description: The deployment ID. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 format: uuid type: string type: $ref: '#/components/schemas/AppDeploymentType' type: object DetailedFinding: description: A single finding with with message and resource configuration. properties: attributes: $ref: '#/components/schemas/DetailedFindingAttributes' id: $ref: '#/components/schemas/FindingID' type: $ref: '#/components/schemas/DetailedFindingType' type: object DetailedFindingAttributes: description: The JSON:API attributes of the detailed finding. properties: evaluation: $ref: '#/components/schemas/FindingEvaluation' evaluation_changed_at: $ref: '#/components/schemas/FindingEvaluationChangedAt' message: description: The remediation message for this finding. example: >- ## Remediation ### From the console 1. Go to Storage Account 2. For each Storage Account, navigate to Data Protection 3. Select Set soft delete enabled and enter the number of days to retain soft deleted data. type: string mute: $ref: '#/components/schemas/FindingMute' resource: $ref: '#/components/schemas/FindingResource' resource_configuration: description: The resource configuration for this finding. type: object resource_discovery_date: $ref: '#/components/schemas/FindingResourceDiscoveryDate' resource_type: $ref: '#/components/schemas/FindingResourceType' rule: $ref: '#/components/schemas/FindingRule' status: $ref: '#/components/schemas/FindingStatus' tags: $ref: '#/components/schemas/FindingTags' type: object DetailedFindingType: default: detailed_finding description: >- The JSON:API type for findings that have the message and resource configuration. enum: - detailed_finding example: detailed_finding type: string x-enum-varnames: - DETAILED_FINDING DeviceAttributes: description: The device attributes properties: description: description: The device description example: a device monitored with NDM type: string device_type: description: The device type example: other type: string integration: description: The device integration example: snmp type: string interface_statuses: $ref: '#/components/schemas/DeviceAttributesInterfaceStatuses' ip_address: description: The device IP address example: 1.2.3.4 type: string location: description: The device location example: paris type: string model: description: The device model example: xx-123 type: string name: description: The device name example: example device type: string os_hostname: description: The device OS hostname type: string example: Example Monitor os_name: description: The device OS name example: example OS type: string os_version: description: The device OS version example: 1.0.2 type: string ping_status: description: The device ping status example: unmonitored type: string product_name: description: The device product name example: example device type: string serial_number: description: The device serial number example: X12345 type: string status: description: The device SNMP status example: ok type: string subnet: description: The device subnet example: 1.2.3.4/24 type: string sys_object_id: description: The device `sys_object_id` example: 1.3.6.1.4.1.99999 type: string tags: description: The list of device tags example: - device_ip:1.2.3.4 - device_id:example:1.2.3.4 items: type: string type: array vendor: description: The device vendor example: example vendor type: string version: description: The device version example: 1.2.3 type: string type: object DeviceAttributesInterfaceStatuses: description: Count of the device interfaces by status example: down: 1 'off': 2 up: 12 warning: 5 properties: down: description: The number of interfaces that are down format: int64 type: integer example: 42 'off': description: The number of interfaces that are off format: int64 type: integer example: 42 up: description: The number of interfaces that are up format: int64 type: integer example: 42 warning: description: The number of interfaces that are in a warning state format: int64 type: integer example: 42 type: object DevicesListData: description: The devices list data properties: attributes: $ref: '#/components/schemas/DeviceAttributes' id: description: The device ID example: example:1.2.3.4 type: string type: description: The type of the resource. The value should always be device. type: string example: metric alert type: object DomainAllowlist: description: The email domain allowlist for an org. properties: attributes: $ref: '#/components/schemas/DomainAllowlistAttributes' id: description: The unique identifier of the org. nullable: true type: string example: abc-123-def type: $ref: '#/components/schemas/DomainAllowlistType' required: - type type: object DomainAllowlistAttributes: description: The details of the email domain allowlist. properties: domains: description: The list of domains in the email domain allowlist. items: type: string type: array enabled: description: Whether the email domain allowlist is enabled for the org. type: boolean example: true type: object x-ignore-duplicate-object: true DomainAllowlistRequest: description: Request containing the desired email domain allowlist configuration. properties: data: $ref: '#/components/schemas/DomainAllowlist' required: - data type: object DomainAllowlistResponse: description: Response containing information about the email domain allowlist. properties: data: $ref: '#/components/schemas/DomainAllowlistResponseData' type: object DomainAllowlistResponseData: description: The email domain allowlist response for an org. properties: attributes: $ref: '#/components/schemas/DomainAllowlistResponseDataAttributes' id: description: The unique identifier of the org. nullable: true type: string example: abc-123-def type: $ref: '#/components/schemas/DomainAllowlistType' required: - type type: object DomainAllowlistResponseDataAttributes: description: The details of the email domain allowlist. properties: domains: description: The list of domains in the email domain allowlist. items: type: string type: array enabled: description: Whether the email domain allowlist is enabled for the org. type: boolean example: true type: object x-ignore-duplicate-object: true DomainAllowlistType: default: domain_allowlist description: Email domain allowlist allowlist type. enum: - domain_allowlist example: domain_allowlist type: string x-enum-varnames: - DOMAIN_ALLOWLIST DowntimeCreateRequest: description: Request for creating a downtime. properties: data: $ref: '#/components/schemas/DowntimeCreateRequestData' required: - data type: object DowntimeCreateRequestAttributes: description: Downtime details. properties: display_timezone: $ref: '#/components/schemas/DowntimeDisplayTimezone' message: $ref: '#/components/schemas/DowntimeMessage' monitor_identifier: $ref: '#/components/schemas/DowntimeMonitorIdentifier' mute_first_recovery_notification: $ref: '#/components/schemas/DowntimeMuteFirstRecoveryNotification' notify_end_states: $ref: '#/components/schemas/DowntimeNotifyEndStates' notify_end_types: $ref: '#/components/schemas/DowntimeNotifyEndTypes' schedule: $ref: '#/components/schemas/DowntimeScheduleCreateRequest' scope: $ref: '#/components/schemas/DowntimeScope' required: - scope - monitor_identifier type: object DowntimeCreateRequestData: description: Object to create a downtime. properties: attributes: $ref: '#/components/schemas/DowntimeCreateRequestAttributes' type: $ref: '#/components/schemas/DowntimeResourceType' required: - type - attributes type: object DowntimeDisplayTimezone: default: UTC description: >- The timezone in which to display the downtime's start and end times in Datadog applications. This is not used as an offset for scheduling. example: America/New_York nullable: true type: string DowntimeIncludedMonitorType: default: monitors description: Monitor resource type. enum: - monitors example: monitors type: string x-enum-varnames: - MONITORS DowntimeMessage: description: >- A message to include with notifications for this downtime. Email notifications can be sent to specific users by using the same `@username` notation as events. example: Message about the downtime nullable: true type: string DowntimeMeta: description: Pagination metadata returned by the API. properties: page: $ref: '#/components/schemas/DowntimeMetaPage' type: object DowntimeMetaPage: description: Object containing the total filtered count. properties: total_filtered_count: description: Total count of elements matched by the filter. format: int64 type: integer example: 42 type: object DowntimeMonitorIdentifier: description: Monitor identifier for the downtime. oneOf: - $ref: '#/components/schemas/DowntimeMonitorIdentifierId' - $ref: '#/components/schemas/DowntimeMonitorIdentifierTags' DowntimeMonitorIdentifierId: additionalProperties: {} description: Object of the monitor identifier. properties: monitor_id: description: ID of the monitor to prevent notifications. example: 123 format: int64 type: integer required: - monitor_id type: object DowntimeMonitorIdentifierTags: additionalProperties: {} description: Object of the monitor tags. properties: monitor_tags: description: >- A list of monitor tags. For example, tags that are applied directly to monitors, not tags that are used in monitor queries (which are filtered by the scope parameter), to which the downtime applies. The resulting downtime applies to monitors that match **all** provided monitor tags. Setting `monitor_tags` to `[*]` configures the downtime to mute all monitors for the given scope. example: - service:postgres - team:frontend items: description: A list of monitor tags. example: service:postgres type: string minItems: 1 type: array required: - monitor_tags type: object DowntimeMonitorIncludedAttributes: description: Attributes of the monitor identified by the downtime. properties: name: description: The name of the monitor identified by the downtime. example: A monitor name type: string type: object DowntimeMonitorIncludedItem: description: Information about the monitor identified by the downtime. properties: attributes: $ref: '#/components/schemas/DowntimeMonitorIncludedAttributes' id: description: ID of the monitor identified by the downtime. example: 12345 format: int64 type: integer type: $ref: '#/components/schemas/DowntimeIncludedMonitorType' type: object DowntimeMuteFirstRecoveryNotification: description: If the first recovery notification during a downtime should be muted. example: false type: boolean DowntimeNotifyEndStateActions: description: >- Action that will trigger a monitor notification if the downtime is in the `notify_end_types` state. enum: - canceled - expired example: canceled type: string x-enum-varnames: - CANCELED - EXPIRED DowntimeNotifyEndStateTypes: description: >- State that will trigger a monitor notification when the `notify_end_types` action occurs. enum: - alert - no data - warn example: alert type: string x-enum-varnames: - ALERT - NO_DATA - WARN DowntimeNotifyEndStates: description: >- States that will trigger a monitor notification when the `notify_end_types` action occurs. example: - alert - warn items: $ref: '#/components/schemas/DowntimeNotifyEndStateTypes' type: array DowntimeNotifyEndTypes: description: >- Actions that will trigger a monitor notification if the downtime is in the `notify_end_types` state. example: - canceled - expired items: $ref: '#/components/schemas/DowntimeNotifyEndStateActions' type: array DowntimeRelationships: description: All relationships associated with downtime. properties: created_by: $ref: '#/components/schemas/DowntimeRelationshipsCreatedBy' monitor: $ref: '#/components/schemas/DowntimeRelationshipsMonitor' type: object DowntimeRelationshipsCreatedBy: description: The user who created the downtime. properties: data: $ref: '#/components/schemas/DowntimeRelationshipsCreatedByData' type: object DowntimeRelationshipsCreatedByData: description: Data for the user who created the downtime. nullable: true properties: id: description: User ID of the downtime creator. example: 00000000-0000-1234-0000-000000000000 type: string type: $ref: '#/components/schemas/UsersType' type: object DowntimeRelationshipsMonitor: description: The monitor identified by the downtime. properties: data: $ref: '#/components/schemas/DowntimeRelationshipsMonitorData' type: object DowntimeRelationshipsMonitorData: description: Data for the monitor. nullable: true properties: id: description: Monitor ID of the downtime. example: '12345' type: string type: $ref: '#/components/schemas/DowntimeIncludedMonitorType' type: object DowntimeResourceType: default: downtime description: Downtime resource type. enum: - downtime example: downtime type: string x-enum-varnames: - DOWNTIME DowntimeResponse: description: |- Downtiming gives you greater control over monitor notifications by allowing you to globally exclude scopes from alerting. Downtime settings, which can be scheduled with start and end times, prevent all alerting related to specified Datadog tags. properties: data: $ref: '#/components/schemas/DowntimeResponseData' included: description: Array of objects related to the downtime that the user requested. items: $ref: '#/components/schemas/DowntimeResponseIncludedItem' type: array type: object DowntimeResponseAttributes: description: Downtime details. properties: canceled: description: Time that the downtime was canceled. example: 2020-01-02T03:04:05.282979+0000 format: date-time nullable: true type: string created: description: Creation time of the downtime. example: 2020-01-02T03:04:05.282979+0000 format: date-time type: string display_timezone: $ref: '#/components/schemas/DowntimeDisplayTimezone' message: $ref: '#/components/schemas/DowntimeMessage' modified: description: Time that the downtime was last modified. example: 2020-01-02T03:04:05.282979+0000 format: date-time type: string monitor_identifier: $ref: '#/components/schemas/DowntimeMonitorIdentifier' mute_first_recovery_notification: $ref: '#/components/schemas/DowntimeMuteFirstRecoveryNotification' notify_end_states: $ref: '#/components/schemas/DowntimeNotifyEndStates' notify_end_types: $ref: '#/components/schemas/DowntimeNotifyEndTypes' schedule: $ref: '#/components/schemas/DowntimeScheduleResponse' scope: $ref: '#/components/schemas/DowntimeScope' status: $ref: '#/components/schemas/DowntimeStatus' type: object DowntimeResponseData: description: Downtime data. properties: attributes: $ref: '#/components/schemas/DowntimeResponseAttributes' id: description: The downtime ID. example: 00000000-0000-1234-0000-000000000000 type: string relationships: $ref: '#/components/schemas/DowntimeRelationships' type: $ref: '#/components/schemas/DowntimeResourceType' type: object DowntimeResponseIncludedItem: description: An object related to a downtime. oneOf: - $ref: '#/components/schemas/User' - $ref: '#/components/schemas/DowntimeMonitorIncludedItem' DowntimeScheduleCreateRequest: description: Schedule for the downtime. oneOf: - $ref: '#/components/schemas/DowntimeScheduleRecurrencesCreateRequest' - $ref: '#/components/schemas/DowntimeScheduleOneTimeCreateUpdateRequest' DowntimeScheduleCurrentDowntimeResponse: description: >- The most recent actual start and end dates for a recurring downtime. For a canceled downtime, this is the previously occurring downtime. For active downtimes, this is the ongoing downtime, and for scheduled downtimes it is the upcoming downtime. properties: end: description: The end of the current downtime. example: '2020-01-02T03:04:00.000Z' format: date-time nullable: true type: string start: description: The start of the current downtime. example: '2020-01-02T03:04:00.000Z' format: date-time type: string type: object DowntimeScheduleOneTimeCreateUpdateRequest: additionalProperties: false description: A one-time downtime definition. properties: end: description: >- ISO-8601 Datetime to end the downtime. Must include a UTC offset of zero. If not provided, the downtime continues forever. example: '2020-01-02T03:04:00.000Z' format: date-time nullable: true type: string start: description: >- ISO-8601 Datetime to start the downtime. Must include a UTC offset of zero. If not provided, the downtime starts the moment it is created. example: '2020-01-02T03:04:00.000Z' format: date-time nullable: true type: string type: object DowntimeScheduleOneTimeResponse: description: A one-time downtime definition. properties: end: description: ISO-8601 Datetime to end the downtime. example: '2020-01-02T03:04:00.000Z' format: date-time nullable: true type: string start: description: ISO-8601 Datetime to start the downtime. example: '2020-01-02T03:04:00.000Z' format: date-time type: string required: - start type: object DowntimeScheduleRecurrenceCreateUpdateRequest: additionalProperties: {} description: An object defining the recurrence of the downtime. properties: duration: $ref: '#/components/schemas/DowntimeScheduleRecurrenceDuration' rrule: $ref: '#/components/schemas/DowntimeScheduleRecurrenceRrule' start: description: >- ISO-8601 Datetime to start the downtime. Must not include a UTC offset. If not provided, the downtime starts the moment it is created. example: 2020-01-02T03:04 nullable: true type: string required: - duration - rrule type: object DowntimeScheduleRecurrenceDuration: description: >- The length of the downtime. Must begin with an integer and end with one of 'm', 'h', d', or 'w'. example: 123d type: string DowntimeScheduleRecurrenceResponse: description: An RRULE-based recurring downtime. properties: duration: $ref: '#/components/schemas/DowntimeScheduleRecurrenceDuration' rrule: $ref: '#/components/schemas/DowntimeScheduleRecurrenceRrule' start: description: >- ISO-8601 Datetime to start the downtime. Must not include a UTC offset. If not provided, the downtime starts the moment it is created. example: 2020-01-02T03:04 type: string type: object DowntimeScheduleRecurrenceRrule: description: >- The `RRULE` standard for defining recurring events. For example, to have a recurring event on the first day of each month, set the type to `rrule` and set the `FREQ` to `MONTHLY` and `BYMONTHDAY` to `1`. Most common `rrule` options from the [iCalendar Spec](https://tools.ietf.org/html/rfc5545) are supported. **Note**: Attributes specifying the duration in `RRULE` are not supported (for example, `DTSTART`, `DTEND`, `DURATION`). More examples available in this [downtime guide](https://docs.datadoghq.com/monitors/guide/suppress-alert-with-downtimes/?tab=api). example: FREQ=MONTHLY;BYSETPOS=3;BYDAY=WE;INTERVAL=1 type: string DowntimeScheduleRecurrencesCreateRequest: description: A recurring downtime schedule definition. properties: recurrences: description: A list of downtime recurrences. items: $ref: '#/components/schemas/DowntimeScheduleRecurrenceCreateUpdateRequest' type: array timezone: default: UTC description: The timezone in which to schedule the downtime. example: America/New_York type: string required: - recurrences type: object DowntimeScheduleRecurrencesResponse: description: A recurring downtime schedule definition. properties: current_downtime: $ref: '#/components/schemas/DowntimeScheduleCurrentDowntimeResponse' recurrences: description: A list of downtime recurrences. items: $ref: '#/components/schemas/DowntimeScheduleRecurrenceResponse' maxItems: 5 minItems: 1 type: array timezone: default: UTC description: >- The timezone in which to schedule the downtime. This affects recurring start and end dates. Must match `display_timezone`. example: America/New_York type: string required: - recurrences type: object DowntimeScheduleRecurrencesUpdateRequest: additionalProperties: false description: A recurring downtime schedule definition. properties: recurrences: description: A list of downtime recurrences. items: $ref: '#/components/schemas/DowntimeScheduleRecurrenceCreateUpdateRequest' type: array timezone: default: UTC description: The timezone in which to schedule the downtime. example: America/New_York type: string type: object DowntimeScheduleResponse: description: >- The schedule that defines when the monitor starts, stops, and recurs. There are two types of schedules: one-time and recurring. Recurring schedules may have up to five RRULE-based recurrences. If no schedules are provided, the downtime will begin immediately and never end. oneOf: - $ref: '#/components/schemas/DowntimeScheduleRecurrencesResponse' - $ref: '#/components/schemas/DowntimeScheduleOneTimeResponse' DowntimeScheduleUpdateRequest: description: Schedule for the downtime. oneOf: - $ref: '#/components/schemas/DowntimeScheduleRecurrencesUpdateRequest' - $ref: '#/components/schemas/DowntimeScheduleOneTimeCreateUpdateRequest' DowntimeScope: description: >- The scope to which the downtime applies. Must follow the [common search syntax](https://docs.datadoghq.com/logs/explorer/search_syntax/). example: env:(staging OR prod) AND datacenter:us-east-1 type: string DowntimeStatus: description: The current status of the downtime. enum: - active - canceled - ended - scheduled example: active type: string x-enum-varnames: - ACTIVE - CANCELED - ENDED - SCHEDULED DowntimeUpdateRequest: description: Request for editing a downtime. properties: data: $ref: '#/components/schemas/DowntimeUpdateRequestData' required: - data type: object DowntimeUpdateRequestAttributes: description: Attributes of the downtime to update. properties: display_timezone: $ref: '#/components/schemas/DowntimeDisplayTimezone' message: $ref: '#/components/schemas/DowntimeMessage' monitor_identifier: $ref: '#/components/schemas/DowntimeMonitorIdentifier' mute_first_recovery_notification: $ref: '#/components/schemas/DowntimeMuteFirstRecoveryNotification' notify_end_states: $ref: '#/components/schemas/DowntimeNotifyEndStates' notify_end_types: $ref: '#/components/schemas/DowntimeNotifyEndTypes' schedule: $ref: '#/components/schemas/DowntimeScheduleUpdateRequest' scope: $ref: '#/components/schemas/DowntimeScope' type: object DowntimeUpdateRequestData: description: Object to update a downtime. properties: attributes: $ref: '#/components/schemas/DowntimeUpdateRequestAttributes' id: description: ID of this downtime. example: 00000000-0000-1234-0000-000000000000 type: string type: $ref: '#/components/schemas/DowntimeResourceType' required: - id - type - attributes type: object EPSS: description: Vulnerability EPSS severity. properties: score: description: Vulnerability EPSS severity score. example: 0.2 format: double type: number severity: $ref: '#/components/schemas/VulnerabilitySeverity' required: - score - severity type: object EmailTypeType: description: The type of email. enum: - work type: string x-enum-varnames: - WORK Enabled: description: Field used to enable or disable the rule. example: true type: boolean EntityAttributes: description: Entity attributes. properties: apiVersion: description: The API version. type: string example: example_value description: description: The description. type: string example: example_value displayName: description: The display name. type: string example: Example Monitor kind: description: The kind. type: string example: example_value name: description: The name. type: string example: Example Monitor namespace: description: The namespace. type: string example: Example Monitor owner: description: The owner. type: string example: example_value tags: description: The tags. items: type: string type: array type: object EntityData: description: Entity data. properties: attributes: $ref: '#/components/schemas/EntityAttributes' id: description: Entity ID. type: string example: abc-123-def meta: $ref: '#/components/schemas/EntityMeta' relationships: $ref: '#/components/schemas/EntityRelationships' type: description: Entity. type: string example: metric alert type: object EntityMeta: description: Entity metadata. properties: createdAt: description: The creation time. type: string example: example_value ingestionSource: description: The ingestion source. type: string example: example_value modifiedAt: description: The modification time. type: string example: example_value origin: description: The origin. type: string example: example_value type: object EntityRaw: description: Entity definition in raw JSON or YAML representation. example: | apiVersion: v3 kind: service metadata: name: myservice type: string EntityRelationships: description: Entity relationships. properties: incidents: $ref: '#/components/schemas/EntityToIncidents' oncall: $ref: '#/components/schemas/EntityToOncalls' rawSchema: $ref: '#/components/schemas/EntityToRawSchema' relatedEntities: $ref: '#/components/schemas/EntityToRelatedEntities' schema: $ref: '#/components/schemas/EntityToSchema' type: object EntityResponseData: description: List of entity data. items: $ref: '#/components/schemas/EntityData' type: array EntityResponseIncludedIncident: description: Included incident. properties: attributes: $ref: '#/components/schemas/EntityResponseIncludedRelatedIncidentAttributes' id: description: Incident ID. type: string example: abc-123-def type: $ref: '#/components/schemas/EntityResponseIncludedIncidentType' type: object EntityResponseIncludedIncidentType: description: Incident description. enum: - incident type: string x-enum-varnames: - INCIDENT EntityResponseIncludedOncall: description: Included oncall. properties: attributes: $ref: '#/components/schemas/EntityResponseIncludedRelatedOncallAttributes' id: description: Oncall ID. type: string example: abc-123-def type: $ref: '#/components/schemas/EntityResponseIncludedOncallType' type: object EntityResponseIncludedOncallType: description: Oncall type. enum: - oncall type: string x-enum-varnames: - ONCALL EntityResponseIncludedRawSchema: description: Included raw schema. properties: attributes: $ref: '#/components/schemas/EntityResponseIncludedRawSchemaAttributes' id: description: Raw schema ID. type: string example: abc-123-def type: $ref: '#/components/schemas/EntityResponseIncludedRawSchemaType' type: object EntityResponseIncludedRawSchemaAttributes: description: Included raw schema attributes. properties: rawSchema: description: Schema from user input in base64 encoding. type: string example: example_value type: object EntityResponseIncludedRawSchemaType: description: Raw schema type. enum: - rawSchema type: string x-enum-varnames: - RAW_SCHEMA EntityResponseIncludedRelatedEntity: description: Included related entity. properties: attributes: $ref: '#/components/schemas/EntityResponseIncludedRelatedEntityAttributes' id: description: Entity UUID. type: string example: abc-123-def meta: $ref: '#/components/schemas/EntityResponseIncludedRelatedEntityMeta' type: $ref: '#/components/schemas/EntityResponseIncludedRelatedEntityType' type: object EntityResponseIncludedRelatedEntityAttributes: description: Related entity attributes. properties: kind: description: Entity kind. type: string example: example_value name: description: Entity name. type: string example: Example Monitor namespace: description: Entity namespace. type: string example: Example Monitor type: description: Entity relation type to the associated entity. type: string example: metric alert type: object EntityResponseIncludedRelatedEntityMeta: description: Included related entity meta. properties: createdAt: description: Entity creation time. format: date-time type: string example: example_value defined_by: description: Entity relation defined by. type: string example: example_value modifiedAt: description: Entity modification time. format: date-time type: string example: example_value source: description: Entity relation source. type: string example: example_value type: object EntityResponseIncludedRelatedEntityType: description: Related entity. enum: - relatedEntity type: string x-enum-varnames: - RELATED_ENTITY EntityResponseIncludedRelatedIncidentAttributes: description: Incident attributes. properties: createdAt: description: Incident creation time. format: date-time type: string example: example_value htmlURL: description: Incident URL. type: string example: https://app.datadoghq.com provider: description: Incident provider. type: string example: abc-123-def status: description: Incident status. type: string example: OK title: description: Incident title. type: string example: Example Monitor type: object EntityResponseIncludedRelatedOncallAttributes: description: Included related oncall attributes. properties: escalations: $ref: '#/components/schemas/EntityResponseIncludedRelatedOncallEscalations' provider: description: Oncall provider. type: string example: abc-123-def type: object EntityResponseIncludedRelatedOncallEscalationItem: description: Oncall escalation. properties: email: description: Oncall email. type: string example: user@example.com escalationLevel: description: Oncall level. format: int64 type: integer example: 42 name: description: Oncall name. type: string example: Example Monitor type: object EntityResponseIncludedRelatedOncallEscalations: description: Oncall escalations. items: $ref: '#/components/schemas/EntityResponseIncludedRelatedOncallEscalationItem' type: array EntityResponseIncludedSchema: description: Included detail entity schema. properties: attributes: $ref: '#/components/schemas/EntityResponseIncludedSchemaAttributes' id: description: Entity ID. type: string example: abc-123-def type: $ref: '#/components/schemas/EntityResponseIncludedSchemaType' type: object EntityResponseIncludedSchemaAttributes: description: Included schema. properties: schema: $ref: '#/components/schemas/EntityV3' type: object EntityResponseIncludedSchemaType: description: Schema type. enum: - schema type: string x-enum-varnames: - SCHEMA EntityResponseMeta: description: Entity metadata. properties: count: description: Total entities count. format: int64 type: integer example: 42 includeCount: description: Total included data count. format: int64 type: integer example: 42 type: object EntityToIncidents: description: Entity to incidents relationship. properties: data: $ref: '#/components/schemas/RelationshipArray' type: object EntityToOncalls: description: Entity to oncalls relationship. properties: data: $ref: '#/components/schemas/RelationshipArray' type: object EntityToRawSchema: description: Entity to raw schema relationship. properties: data: $ref: '#/components/schemas/RelationshipItem' type: object EntityToRelatedEntities: description: Entity to related entities relationship. properties: data: $ref: '#/components/schemas/RelationshipArray' type: object EntityToSchema: description: Entity to detail schema relationship. properties: data: $ref: '#/components/schemas/RelationshipItem' type: object EntityV3: description: Entity schema v3. oneOf: - $ref: '#/components/schemas/EntityV3Service' - $ref: '#/components/schemas/EntityV3Datastore' - $ref: '#/components/schemas/EntityV3Queue' - $ref: '#/components/schemas/EntityV3System' - $ref: '#/components/schemas/EntityV3API' EntityV3API: additionalProperties: false description: Schema for API entities. properties: apiVersion: $ref: '#/components/schemas/EntityV3APIVersion' datadog: $ref: '#/components/schemas/EntityV3APIDatadog' extensions: additionalProperties: {} description: >- Custom extensions. This is the free-formed field to send client-side metadata. No Datadog features are affected by this field. type: object x-ignore-duplicate-object: true integrations: $ref: '#/components/schemas/EntityV3Integrations' kind: $ref: '#/components/schemas/EntityV3APIKind' metadata: $ref: '#/components/schemas/EntityV3Metadata' spec: $ref: '#/components/schemas/EntityV3APISpec' required: - apiVersion - kind - metadata type: object EntityV3APIDatadog: additionalProperties: false description: Datadog product integrations for the API entity. properties: codeLocations: $ref: '#/components/schemas/EntityV3DatadogCodeLocations' events: $ref: '#/components/schemas/EntityV3DatadogEvents' logs: $ref: '#/components/schemas/EntityV3DatadogLogs' performanceData: $ref: '#/components/schemas/EntityV3DatadogPerformance' pipelines: $ref: '#/components/schemas/EntityV3DatadogPipelines' type: object EntityV3APIKind: description: The definition of Entity V3 API Kind object. enum: - api example: api type: string x-enum-varnames: - API EntityV3APISpec: additionalProperties: false description: The definition of Entity V3 API Spec object. properties: implementedBy: description: Services which implemented the API. items: type: string type: array interface: $ref: '#/components/schemas/EntityV3APISpecInterface' lifecycle: description: The lifecycle state of the component. minLength: 1 type: string example: example_value tier: description: The importance of the component. minLength: 1 type: string example: example_value type: description: The type of API. type: string example: metric alert type: object EntityV3APISpecInterface: additionalProperties: false description: The API definition. oneOf: - $ref: '#/components/schemas/EntityV3APISpecInterfaceFileRef' - $ref: '#/components/schemas/EntityV3APISpecInterfaceDefinition' EntityV3APISpecInterfaceDefinition: additionalProperties: false description: The definition of `EntityV3APISpecInterfaceDefinition` object. properties: definition: description: The API definition. type: object type: object EntityV3APISpecInterfaceFileRef: additionalProperties: false description: The definition of `EntityV3APISpecInterfaceFileRef` object. properties: fileRef: description: The reference to the API definition file. type: string example: example_value type: object EntityV3APIVersion: description: >- The schema version of entity type. The field is known as schema-version in the previous version. enum: - v3 example: v3 type: string x-enum-varnames: - V3 EntityV3DatadogCodeLocationItem: additionalProperties: false description: Code location item. properties: paths: description: The paths (glob) to the source code of the service. items: type: string type: array repositoryURL: description: The repository path of the source code of the entity. type: string example: https://app.datadoghq.com type: object EntityV3DatadogCodeLocations: additionalProperties: false description: Schema for mapping source code locations to an entity. items: $ref: '#/components/schemas/EntityV3DatadogCodeLocationItem' type: array EntityV3DatadogEventItem: additionalProperties: false description: Events association item. properties: name: description: The name of the query. type: string example: Example Monitor query: description: The query to run. type: string example: avg:system.cpu.user{*} type: object EntityV3DatadogEvents: additionalProperties: false description: Events associations. items: $ref: '#/components/schemas/EntityV3DatadogEventItem' type: array EntityV3DatadogIntegrationOpsgenie: additionalProperties: false description: An Opsgenie integration schema. properties: region: description: The region for the Opsgenie integration. minLength: 1 type: string example: example_value serviceURL: description: The service URL for the Opsgenie integration. example: https://www.opsgenie.com/service/shopping-cart minLength: 1 type: string required: - serviceURL type: object EntityV3DatadogIntegrationPagerduty: additionalProperties: false description: A PagerDuty integration schema. properties: serviceURL: description: The service URL for the PagerDuty integration. example: https://www.pagerduty.com/service-directory/Pshopping-cart minLength: 1 type: string required: - serviceURL type: object EntityV3DatadogLogItem: additionalProperties: false description: Log association item. properties: name: description: The name of the query. type: string example: Example Monitor query: description: The query to run. type: string example: avg:system.cpu.user{*} type: object EntityV3DatadogLogs: additionalProperties: false description: Logs association. items: $ref: '#/components/schemas/EntityV3DatadogLogItem' type: array EntityV3DatadogPerformance: additionalProperties: false description: Performance stats association. properties: tags: description: >- A list of APM entity tags that associates the APM Stats data with the entity. items: type: string type: array type: object EntityV3DatadogPipelines: additionalProperties: false description: CI Pipelines association. properties: fingerprints: description: >- A list of CI Fingerprints that associate CI Pipelines with the entity. items: type: string type: array type: object EntityV3Datastore: additionalProperties: false description: Schema for datastore entities. properties: apiVersion: $ref: '#/components/schemas/EntityV3APIVersion' datadog: $ref: '#/components/schemas/EntityV3DatastoreDatadog' extensions: additionalProperties: {} description: >- Custom extensions. This is the free-formed field to send client side metadata. No Datadog features are affected by this field. type: object x-ignore-duplicate-object: true integrations: $ref: '#/components/schemas/EntityV3Integrations' kind: $ref: '#/components/schemas/EntityV3DatastoreKind' metadata: $ref: '#/components/schemas/EntityV3Metadata' spec: $ref: '#/components/schemas/EntityV3DatastoreSpec' required: - apiVersion - kind - metadata type: object EntityV3DatastoreDatadog: additionalProperties: false description: Datadog product integrations for the datastore entity. properties: events: $ref: '#/components/schemas/EntityV3DatadogEvents' logs: $ref: '#/components/schemas/EntityV3DatadogLogs' performanceData: $ref: '#/components/schemas/EntityV3DatadogPerformance' type: object x-ignore-duplicate-object: true EntityV3DatastoreKind: description: The definition of Entity V3 Datastore Kind object. enum: - datastore example: datastore type: string x-enum-varnames: - DATASTORE EntityV3DatastoreSpec: additionalProperties: false description: The definition of Entity V3 Datastore Spec object. properties: componentOf: description: A list of components the datastore is a part of items: type: string type: array lifecycle: description: The lifecycle state of the datastore. minLength: 1 type: string example: example_value tier: description: The importance of the datastore. minLength: 1 type: string example: example_value type: description: The type of datastore. type: string example: metric alert type: object EntityV3Integrations: additionalProperties: false description: A base schema for defining third-party integrations. properties: opsgenie: $ref: '#/components/schemas/EntityV3DatadogIntegrationOpsgenie' pagerduty: $ref: '#/components/schemas/EntityV3DatadogIntegrationPagerduty' type: object EntityV3Metadata: additionalProperties: false description: The definition of Entity V3 Metadata object. properties: additionalOwners: additionalProperties: false description: The additional owners of the entity, usually a team. items: $ref: '#/components/schemas/EntityV3MetadataAdditionalOwnersItems' type: array contacts: additionalProperties: false description: A list of contacts for the entity. items: $ref: '#/components/schemas/EntityV3MetadataContactsItems' type: array description: description: >- Short description of the entity. The UI can leverage the description for display. type: string example: example_value displayName: description: >- User friendly name of the entity. The UI can leverage the display name for display. type: string example: Example Monitor id: description: >- A read-only globally unique identifier for the entity generated by Datadog. User supplied values are ignored. example: 4b163705-23c0-4573-b2fb-f6cea2163fcb minLength: 1 type: string inheritFrom: description: The entity reference from which to inherit metadata example: application:default/myapp type: string links: additionalProperties: false description: A list of links for the entity. items: $ref: '#/components/schemas/EntityV3MetadataLinksItems' type: array managed: additionalProperties: {} description: >- A read-only set of Datadog managed attributes generated by Datadog. User supplied values are ignored. type: object name: description: Unique name given to an entity under the kind/namespace. example: myService minLength: 1 type: string namespace: description: >- Namespace is a part of unique identifier. It has a default value of 'default'. example: default minLength: 1 type: string owner: description: The owner of the entity, usually a team. type: string example: example_value tags: description: A set of custom tags. example: - this:tag - that:tag items: type: string type: array required: - name type: object EntityV3MetadataAdditionalOwnersItems: description: The definition of Entity V3 Metadata Additional Owners Items object. properties: name: description: Team name. example: '' type: string type: description: Team type. type: string example: metric alert required: - name type: object EntityV3MetadataContactsItems: additionalProperties: false description: The definition of Entity V3 Metadata Contacts Items object. properties: contact: description: Contact value. example: https://slack/ type: string name: description: Contact name. minLength: 2 type: string example: Example Monitor type: description: Contact type. example: slack type: string required: - type - contact type: object EntityV3MetadataLinksItems: additionalProperties: false description: The definition of Entity V3 Metadata Links Items object. properties: name: description: Link name. example: mylink type: string provider: description: Link provider. type: string example: abc-123-def type: default: other description: Link type. example: link type: string url: description: Link URL. example: https://mylink type: string required: - name - type - url type: object EntityV3Queue: additionalProperties: false description: Schema for queue entities. properties: apiVersion: $ref: '#/components/schemas/EntityV3APIVersion' datadog: $ref: '#/components/schemas/EntityV3QueueDatadog' extensions: additionalProperties: {} description: >- Custom extensions. This is the free-formed field to send client-side metadata. No Datadog features are affected by this field. type: object x-ignore-duplicate-object: true integrations: $ref: '#/components/schemas/EntityV3Integrations' kind: $ref: '#/components/schemas/EntityV3QueueKind' metadata: $ref: '#/components/schemas/EntityV3Metadata' spec: $ref: '#/components/schemas/EntityV3QueueSpec' required: - apiVersion - kind - metadata type: object EntityV3QueueDatadog: additionalProperties: false description: Datadog product integrations for the datastore entity. properties: events: $ref: '#/components/schemas/EntityV3DatadogEvents' logs: $ref: '#/components/schemas/EntityV3DatadogLogs' performanceData: $ref: '#/components/schemas/EntityV3DatadogPerformance' type: object x-ignore-duplicate-object: true EntityV3QueueKind: description: The definition of Entity V3 Queue Kind object. enum: - queue example: queue type: string x-enum-varnames: - QUEUE EntityV3QueueSpec: additionalProperties: false description: The definition of Entity V3 Queue Spec object. properties: componentOf: description: A list of components the queue is a part of items: type: string type: array lifecycle: description: The lifecycle state of the queue. minLength: 1 type: string example: example_value tier: description: The importance of the queue. minLength: 1 type: string example: example_value type: description: The type of queue. type: string example: metric alert type: object EntityV3Service: additionalProperties: false description: Schema for service entities. properties: apiVersion: $ref: '#/components/schemas/EntityV3APIVersion' datadog: $ref: '#/components/schemas/EntityV3ServiceDatadog' extensions: additionalProperties: {} description: >- Custom extensions. This is the free-formed field to send client-side metadata. No Datadog features are affected by this field. type: object x-ignore-duplicate-object: true integrations: $ref: '#/components/schemas/EntityV3Integrations' kind: $ref: '#/components/schemas/EntityV3ServiceKind' metadata: $ref: '#/components/schemas/EntityV3Metadata' spec: $ref: '#/components/schemas/EntityV3ServiceSpec' required: - apiVersion - kind - metadata type: object EntityV3ServiceDatadog: additionalProperties: false description: Datadog product integrations for the service entity. properties: codeLocations: $ref: '#/components/schemas/EntityV3DatadogCodeLocations' events: $ref: '#/components/schemas/EntityV3DatadogEvents' logs: $ref: '#/components/schemas/EntityV3DatadogLogs' performanceData: $ref: '#/components/schemas/EntityV3DatadogPerformance' pipelines: $ref: '#/components/schemas/EntityV3DatadogPipelines' type: object EntityV3ServiceKind: description: The definition of Entity V3 Service Kind object. enum: - service example: service type: string x-enum-varnames: - SERVICE EntityV3ServiceSpec: additionalProperties: false description: The definition of Entity V3 Service Spec object. properties: componentOf: description: A list of components the service is a part of items: type: string type: array dependsOn: description: A list of components the service depends on. items: type: string type: array languages: description: The service's programming language. items: type: string type: array lifecycle: description: The lifecycle state of the component. minLength: 1 type: string example: example_value tier: description: The importance of the component. minLength: 1 type: string example: example_value type: description: The type of service. type: string example: metric alert type: object EntityV3System: additionalProperties: false description: Schema for system entities. properties: apiVersion: $ref: '#/components/schemas/EntityV3APIVersion' datadog: $ref: '#/components/schemas/EntityV3SystemDatadog' extensions: additionalProperties: {} description: >- Custom extensions. This is the free-formed field to send client-side metadata. No Datadog features are affected by this field. type: object x-ignore-duplicate-object: true integrations: $ref: '#/components/schemas/EntityV3Integrations' kind: $ref: '#/components/schemas/EntityV3SystemKind' metadata: $ref: '#/components/schemas/EntityV3Metadata' spec: $ref: '#/components/schemas/EntityV3SystemSpec' required: - apiVersion - kind - metadata type: object EntityV3SystemDatadog: additionalProperties: false description: Datadog product integrations for the service entity. properties: events: $ref: '#/components/schemas/EntityV3DatadogEvents' logs: $ref: '#/components/schemas/EntityV3DatadogLogs' performanceData: $ref: '#/components/schemas/EntityV3DatadogPerformance' pipelines: $ref: '#/components/schemas/EntityV3DatadogPipelines' type: object EntityV3SystemKind: description: The definition of Entity V3 System Kind object. enum: - system example: system type: string x-enum-varnames: - SYSTEM EntityV3SystemSpec: additionalProperties: false description: The definition of Entity V3 System Spec object. properties: components: description: A list of components belongs to the system. items: type: string type: array lifecycle: description: The lifecycle state of the component. minLength: 1 type: string example: example_value tier: description: An entity reference to the owner of the component. minLength: 1 type: string example: example_value type: object ErrorHandler: description: Used to handle errors in an action. properties: fallbackStepName: description: The `ErrorHandler` `fallbackStepName`. example: '' type: string retryStrategy: $ref: '#/components/schemas/RetryStrategy' required: - retryStrategy - fallbackStepName type: object Escalation: description: Represents an escalation policy step. properties: id: description: Unique identifier of the escalation step. type: string example: abc-123-def relationships: $ref: '#/components/schemas/EscalationRelationships' type: $ref: '#/components/schemas/EscalationType' required: - type type: object EscalationPolicy: description: >- Represents a complete escalation policy response, including policy data and optionally included related resources. example: data: attributes: name: Escalation Policy 1 resolve_page_on_policy_end: true retries: 2 id: 00000000-aba1-0000-0000-000000000000 relationships: steps: data: - id: 00000000-aba1-0000-0000-000000000000 type: steps teams: data: - id: 00000000-da3a-0000-0000-000000000000 type: teams type: policies included: - attributes: avatar: '' description: Team 1 description handle: team1 name: Team 1 id: 00000000-da3a-0000-0000-000000000000 type: teams - attributes: assignment: default escalate_after_seconds: 3600 id: 00000000-aba1-0000-0000-000000000000 relationships: targets: data: - id: 00000000-aba1-0000-0000-000000000000 type: users - id: 00000000-aba2-0000-0000-000000000000 type: schedules - id: 00000000-aba3-0000-0000-000000000000 type: teams type: steps - id: 00000000-aba1-0000-0000-000000000000 type: users - id: 00000000-aba2-0000-0000-000000000000 type: schedules - id: 00000000-aba3-0000-0000-000000000000 type: teams properties: data: $ref: '#/components/schemas/EscalationPolicyData' included: description: >- Provides any included related resources, such as steps or targets, returned with the policy. items: $ref: '#/components/schemas/EscalationPolicyIncluded' type: array type: object EscalationPolicyCreateRequest: description: >- Represents a request to create a new escalation policy, including the policy data. example: data: attributes: name: Escalation Policy 1 resolve_page_on_policy_end: true retries: 2 steps: - assignment: default escalate_after_seconds: 3600 targets: - id: 00000000-aba1-0000-0000-000000000000 type: users - id: 00000000-aba2-0000-0000-000000000000 type: schedules - id: 00000000-aba3-0000-0000-000000000000 type: teams - assignment: round-robin escalate_after_seconds: 3600 targets: - id: 00000000-aba1-0000-0000-000000000000 type: users - id: 00000000-abb1-0000-0000-000000000000 type: users relationships: teams: data: - id: 00000000-da3a-0000-0000-000000000000 type: teams type: policies properties: data: $ref: '#/components/schemas/EscalationPolicyCreateRequestData' required: - data type: object EscalationPolicyCreateRequestData: description: >- Represents the data for creating an escalation policy, including its attributes, relationships, and resource type. properties: attributes: $ref: '#/components/schemas/EscalationPolicyCreateRequestDataAttributes' relationships: $ref: '#/components/schemas/EscalationPolicyCreateRequestDataRelationships' type: $ref: '#/components/schemas/EscalationPolicyCreateRequestDataType' required: - type - attributes type: object EscalationPolicyCreateRequestDataAttributes: description: >- Defines the attributes for creating an escalation policy, including its description, name, resolution behavior, retries, and steps. properties: name: description: Specifies the name for the new escalation policy. example: On-Call Escalation Policy type: string resolve_page_on_policy_end: description: >- Indicates whether the page is automatically resolved when the policy ends. type: boolean example: true retries: description: >- Specifies how many times the escalation sequence is retried if there is no response. format: int64 type: integer example: 42 steps: description: >- A list of escalation steps, each defining assignment, escalation timeout, and targets for the new policy. items: $ref: >- #/components/schemas/EscalationPolicyCreateRequestDataAttributesStepsItems type: array required: - name - steps type: object EscalationPolicyCreateRequestDataAttributesStepsItems: description: >- Defines a single escalation step within an escalation policy creation request. Contains assignment strategy, escalation timeout, and a list of targets. properties: assignment: $ref: '#/components/schemas/EscalationPolicyStepAttributesAssignment' escalate_after_seconds: description: Defines how many seconds to wait before escalating to the next step. example: 3600 format: int64 type: integer targets: description: Specifies the collection of escalation targets for this step. example: - users items: $ref: '#/components/schemas/EscalationPolicyStepTarget' type: array required: - targets type: object EscalationPolicyCreateRequestDataRelationships: description: >- Represents relationships in an escalation policy creation request, including references to teams. properties: teams: $ref: '#/components/schemas/DataRelationshipsTeams' type: object EscalationPolicyCreateRequestDataType: default: policies description: Indicates that the resource is of type `policies`. enum: - policies example: policies type: string x-enum-varnames: - POLICIES EscalationPolicyData: description: >- Represents the data for a single escalation policy, including its attributes, ID, relationships, and resource type. properties: attributes: $ref: '#/components/schemas/EscalationPolicyDataAttributes' id: description: Specifies the unique identifier of the escalation policy. example: ab000000-0000-0000-0000-000000000000 type: string relationships: $ref: '#/components/schemas/EscalationPolicyDataRelationships' type: $ref: '#/components/schemas/EscalationPolicyDataType' required: - type type: object EscalationPolicyDataAttributes: description: >- Defines the main attributes of an escalation policy, such as its name and behavior on policy end. properties: name: description: Specifies the name of the escalation policy. example: On-Call Escalation Policy type: string resolve_page_on_policy_end: description: >- Indicates whether the page is automatically resolved when the policy ends. type: boolean example: true retries: description: >- Specifies how many times the escalation sequence is retried if there is no response. format: int64 type: integer example: 42 required: - name type: object EscalationPolicyDataRelationships: description: >- Represents the relationships for an escalation policy, including references to steps and teams. properties: steps: $ref: '#/components/schemas/EscalationPolicyDataRelationshipsSteps' teams: $ref: '#/components/schemas/DataRelationshipsTeams' required: - steps type: object EscalationPolicyDataRelationshipsSteps: description: >- Defines the relationship to a collection of steps within an escalation policy. Contains an array of step data references. properties: data: description: >- An array of references to the steps defined in this escalation policy. items: $ref: >- #/components/schemas/EscalationPolicyDataRelationshipsStepsDataItems type: array type: object EscalationPolicyDataRelationshipsStepsDataItems: description: >- Defines a relationship to a single step within an escalation policy. Contains the step's `id` and `type`. properties: id: description: Specifies the unique identifier for the step resource. example: 00000000-aba1-0000-0000-000000000000 type: string type: $ref: >- #/components/schemas/EscalationPolicyDataRelationshipsStepsDataItemsType required: - type - id type: object EscalationPolicyDataRelationshipsStepsDataItemsType: default: steps description: Indicates that the resource is of type `steps`. enum: - steps example: steps type: string x-enum-varnames: - STEPS EscalationPolicyDataType: default: policies description: Indicates that the resource is of type `policies`. enum: - policies example: policies type: string x-enum-varnames: - POLICIES EscalationPolicyIncluded: description: >- Represents included related resources when retrieving an escalation policy, such as teams, steps, or targets. oneOf: - $ref: '#/components/schemas/TeamReference' - $ref: '#/components/schemas/EscalationPolicyStep' - $ref: '#/components/schemas/EscalationPolicyUser' - $ref: '#/components/schemas/ScheduleData' EscalationPolicyStep: description: >- Represents a single step in an escalation policy, including its attributes, relationships, and resource type. properties: attributes: $ref: '#/components/schemas/EscalationPolicyStepAttributes' id: description: Specifies the unique identifier of this escalation policy step. type: string example: abc-123-def relationships: $ref: '#/components/schemas/EscalationPolicyStepRelationships' type: $ref: '#/components/schemas/EscalationPolicyStepType' required: - type type: object EscalationPolicyStepAttributes: description: >- Defines attributes for an escalation policy step, such as assignment strategy and escalation timeout. properties: assignment: $ref: '#/components/schemas/EscalationPolicyStepAttributesAssignment' escalate_after_seconds: description: >- Specifies how many seconds to wait before escalating to the next step. format: int64 type: integer example: 42 type: object EscalationPolicyStepAttributesAssignment: description: >- Specifies how this escalation step will assign targets (example `default` or `round-robin`). enum: - default - round-robin type: string x-enum-varnames: - DEFAULT - ROUND_ROBIN EscalationPolicyStepRelationships: description: Represents the relationship of an escalation policy step to its targets. properties: targets: $ref: '#/components/schemas/EscalationTargets' type: object EscalationPolicyStepTarget: description: >- Defines a single escalation target within a step for an escalation policy creation request. Contains `id` and `type`. properties: id: description: Specifies the unique identifier for this target. example: 00000000-aba1-0000-0000-000000000000 type: string type: $ref: '#/components/schemas/EscalationPolicyStepTargetType' type: object EscalationPolicyStepTargetType: description: >- Specifies the type of escalation target (example `users`, `schedules`, or `teams`). enum: - users - schedules - teams example: users type: string x-enum-varnames: - USERS - SCHEDULES - TEAMS EscalationPolicyStepType: default: steps description: Indicates that the resource is of type `steps`. enum: - steps example: steps type: string x-enum-varnames: - STEPS EscalationPolicyUpdateRequest: description: >- Represents a request to update an existing escalation policy, including the updated policy data. example: data: attributes: name: Escalation Policy 1 resolve_page_on_policy_end: false retries: 2 steps: - assignment: default escalate_after_seconds: 3600 id: 00000000-aba1-0000-0000-000000000000 targets: - id: 00000000-aba1-0000-0000-000000000000 type: users - id: 00000000-aba2-0000-0000-000000000000 type: schedules id: a3000000-0000-0000-0000-000000000000 relationships: teams: data: - id: 00000000-da3a-0000-0000-000000000000 type: teams type: policies properties: data: $ref: '#/components/schemas/EscalationPolicyUpdateRequestData' required: - data type: object EscalationPolicyUpdateRequestData: description: >- Represents the data for updating an existing escalation policy, including its ID, attributes, relationships, and resource type. properties: attributes: $ref: '#/components/schemas/EscalationPolicyUpdateRequestDataAttributes' id: description: >- Specifies the unique identifier of the escalation policy being updated. example: 00000000-aba1-0000-0000-000000000000 type: string relationships: $ref: '#/components/schemas/EscalationPolicyUpdateRequestDataRelationships' type: $ref: '#/components/schemas/EscalationPolicyUpdateRequestDataType' required: - type - id - attributes type: object EscalationPolicyUpdateRequestDataAttributes: description: >- Defines the attributes that can be updated for an escalation policy, such as description, name, resolution behavior, retries, and steps. properties: name: description: Specifies the name of the escalation policy. example: On-Call Escalation Policy type: string resolve_page_on_policy_end: description: >- Indicates whether the page is automatically resolved when the policy ends. type: boolean example: true retries: description: >- Specifies how many times the escalation sequence is retried if there is no response. format: int64 type: integer example: 42 steps: description: >- A list of escalation steps, each defining assignment, escalation timeout, and targets. items: $ref: >- #/components/schemas/EscalationPolicyUpdateRequestDataAttributesStepsItems type: array required: - name - steps type: object EscalationPolicyUpdateRequestDataAttributesStepsItems: description: >- Defines a single escalation step within an escalation policy update request. Contains assignment strategy, escalation timeout, an optional step ID, and a list of targets. properties: assignment: $ref: '#/components/schemas/EscalationPolicyStepAttributesAssignment' escalate_after_seconds: description: Defines how many seconds to wait before escalating to the next step. example: 3600 format: int64 type: integer id: description: Specifies the unique identifier of this step. example: 00000000-aba1-0000-0000-000000000000 type: string targets: description: Specifies the collection of escalation targets for this step. items: $ref: '#/components/schemas/EscalationPolicyStepTarget' type: array required: - targets type: object EscalationPolicyUpdateRequestDataRelationships: description: >- Represents relationships in an escalation policy update request, including references to teams. properties: teams: $ref: '#/components/schemas/DataRelationshipsTeams' type: object EscalationPolicyUpdateRequestDataType: default: policies description: Indicates that the resource is of type `policies`. enum: - policies example: policies type: string x-enum-varnames: - POLICIES EscalationPolicyUser: description: >- Represents a user object in the context of an escalation policy, including their `id`, type, and basic attributes. properties: attributes: $ref: '#/components/schemas/EscalationPolicyUserAttributes' id: description: The unique user identifier. type: string example: abc-123-def type: $ref: '#/components/schemas/EscalationPolicyUserType' required: - type type: object EscalationPolicyUserAttributes: description: >- Provides basic user information for an escalation policy, including a name and email address. properties: email: description: The user's email address. example: jane.doe@example.com type: string name: description: The user's name. example: Jane Doe type: string status: $ref: '#/components/schemas/UserAttributesStatus' type: object EscalationPolicyUserType: default: users description: Users resource type. enum: - users example: users type: string x-enum-varnames: - USERS EscalationRelationships: description: >- Contains the relationships of an escalation object, including its responders. properties: responders: $ref: '#/components/schemas/EscalationRelationshipsResponders' type: object EscalationRelationshipsResponders: description: Lists the users involved in a specific step of the escalation policy. properties: data: description: >- Array of user references assigned as responders for this escalation step. items: $ref: '#/components/schemas/EscalationRelationshipsRespondersDataItems' type: array type: object EscalationRelationshipsRespondersDataItems: description: Represents a user assigned to an escalation step. properties: id: description: Unique identifier of the user assigned to the escalation step. example: '' type: string type: $ref: '#/components/schemas/EscalationRelationshipsRespondersDataItemsType' required: - type - id type: object EscalationRelationshipsRespondersDataItemsType: default: users description: >- Represents the resource type for users assigned as responders in an escalation step. enum: - users example: users type: string x-enum-varnames: - USERS EscalationTarget: description: Represents an escalation target, which can be a team, user, or schedule. oneOf: - $ref: '#/components/schemas/TeamTarget' - $ref: '#/components/schemas/UserTarget' - $ref: '#/components/schemas/ScheduleTarget' EscalationTargets: description: A list of escalation targets for a step properties: data: description: The `EscalationTargets` `data`. items: $ref: '#/components/schemas/EscalationTarget' type: array type: object EscalationType: default: escalation_policy_steps description: >- Represents the resource type for individual steps in an escalation policy used during incident response. enum: - escalation_policy_steps example: escalation_policy_steps type: string x-enum-varnames: - ESCALATION_POLICY_STEPS Event: description: The metadata associated with a request. properties: id: description: Event ID. example: '6509751066204996294' type: string name: description: The event name. type: string example: Example Monitor source_id: description: Event source ID. example: 36 format: int64 type: integer type: description: Event type. example: error_tracking_alert type: string type: object EventAttributes: description: Object description of attributes from your event. properties: aggregation_key: description: Aggregation key of the event. type: string example: example_value date_happened: description: >- POSIX timestamp of the event. Must be sent as an integer (no quotation marks). Limited to events no older than 18 hours. format: int64 type: integer example: 42 device_name: description: A device name. type: string example: Example Monitor duration: description: >- The duration between the triggering of the event and its recovery in nanoseconds. format: int64 type: integer example: 42 event_object: description: The event title. example: Did you hear the news today? type: string evt: $ref: '#/components/schemas/Event' hostname: description: |- Host name to associate with the event. Any tags associated with the host are also applied to this event. type: string example: Example Monitor monitor: $ref: '#/components/schemas/MonitorType' monitor_groups: description: List of groups referred to in the event. items: description: Group referred to in the event. type: string nullable: true type: array monitor_id: description: >- ID of the monitor that triggered the event. When an event isn't related to a monitor, this field is empty. format: int64 nullable: true type: integer example: 42 priority: $ref: '#/components/schemas/EventPriority' related_event_id: description: Related event ID. format: int64 type: integer example: 42 service: description: Service that triggered the event. example: datadog-api type: string source_type_name: description: >- The type of event being posted. For example, `nagios`, `hudson`, `jenkins`, `my_apps`, `chef`, `puppet`, `git` or `bitbucket`. The list of standard source attribute values is [available here](https://docs.datadoghq.com/integrations/faq/list-of-api-source-attribute-value). type: string example: Example Monitor sourcecategory: description: >- Identifier for the source of the event, such as a monitor alert, an externally-submitted event, or an integration. type: string example: example_value status: $ref: '#/components/schemas/EventStatusType' tags: description: A list of tags to apply to the event. example: - environment:test items: description: A tag. type: string type: array timestamp: description: POSIX timestamp of your event in milliseconds. example: 1652274265000 format: int64 type: integer title: description: The event title. example: Oh boy! type: string type: object EventCategory: description: >- Event category to identify the type of event. Only the value `change` is supported. Support for other categories are coming. please reach out to datadog support if you're interested. enum: - change example: change type: string x-enum-varnames: - CHANGE EventCreateRequest: description: Object representing an event creation request. properties: attributes: $ref: '#/components/schemas/EventPayload' type: $ref: '#/components/schemas/EventCreateRequestType' type: object EventCreateRequestPayload: description: Payload for creating an event. properties: data: $ref: '#/components/schemas/EventCreateRequest' type: object EventCreateRequestType: description: Entity type. enum: - event example: event type: string x-enum-varnames: - EVENT EventCreateResponse: description: Object containing an event response. properties: attributes: $ref: '#/components/schemas/EventCreateResponseAttributes' type: description: Event type example: event type: string type: object EventCreateResponseAttributes: description: >- JSON object containing all events attributes and their associated values. properties: attributes: $ref: '#/components/schemas/EventCreateResponseAttributesAttributes' type: object EventCreateResponseAttributesAttributes: description: JSON object of attributes from your events. properties: evt: $ref: '#/components/schemas/EventCreateResponseAttributesAttributesEvt' type: object EventCreateResponseAttributesAttributesEvt: description: JSON object of event system attributes. properties: id: description: Event id type: string example: abc-123-def type: object EventCreateResponsePayload: description: Response containing information about created event. properties: data: $ref: '#/components/schemas/EventCreateResponse' type: object EventPayload: description: Event attributes. properties: aggregation_key: description: >- An arbitrary string to use for aggregation when correlating events. Limited to 100 characters. maxLength: 100 type: string example: example_value attributes: $ref: '#/components/schemas/EventPayloadAttributes' category: $ref: '#/components/schemas/EventCategory' message: description: The body of the event. Limited to 4000 characters. example: payment_processed feature flag has been enabled maxLength: 4000 type: string tags: description: >- A list of tags to apply to the event. Refer to [Tags docs](https://docs.datadoghq.com/getting_started/tagging/). example: - env:test items: description: A tag. type: string type: array timestamp: description: >- Timestamp when the event occurred. Must follow [ISO 8601](https://www.iso.org/iso-8601-date-and-time-format.html) format. For example `"2017-01-15T01:30:15.010000Z"`. Defaults to the timestamp of receipt. Limited to values no older than 18 hours. type: string example: '2026-04-17T12:00:00Z' title: description: The event title. Limited to 500 characters. example: payment_processed feature flag updated maxLength: 500 type: string required: - title - category - attributes type: object EventPayloadAttributes: description: >- JSON object for custom attributes. Schema are different per each event category. oneOf: - $ref: '#/components/schemas/ChangeEventCustomAttributes' EventPriority: description: The priority of the event's monitor. For example, `normal` or `low`. enum: - normal - low example: normal nullable: true type: string x-enum-varnames: - NORMAL - LOW EventResponse: description: >- The object description of an event after being processed and stored by Datadog. properties: attributes: $ref: '#/components/schemas/EventResponseAttributes' id: description: the unique ID of the event. example: AAAAAWgN8Xwgr1vKDQAAAABBV2dOOFh3ZzZobm1mWXJFYTR0OA type: string type: $ref: '#/components/schemas/EventType' type: object EventResponseAttributes: description: The object description of an event response attribute. properties: attributes: $ref: '#/components/schemas/EventAttributes' message: description: The message of the event. type: string example: CPU usage is high on {{host.name}} tags: description: An array of tags associated with the event. example: - team:A items: description: The tag associated with the event. type: string type: array timestamp: description: The timestamp of the event. example: '2019-01-02T09:42:36.320Z' format: date-time type: string type: object EventStatusType: description: |- If an alert event is enabled, its status is one of the following: `failure`, `error`, `warning`, `info`, `success`, `user_update`, `recommendation`, or `snapshot`. enum: - failure - error - warning - info - success - user_update - recommendation - snapshot example: info type: string x-enum-varnames: - FAILURE - ERROR - WARNING - INFO - SUCCESS - USER_UPDATE - RECOMMENDATION - SNAPSHOT EventType: default: event description: Type of the event. enum: - event example: event type: string x-enum-varnames: - EVENT EventsAggregation: default: count description: The type of aggregation that can be performed on events-based queries. enum: - count - cardinality - pc75 - pc90 - pc95 - pc98 - pc99 - sum - min - max - avg example: count type: string x-enum-varnames: - COUNT - CARDINALITY - PC75 - PC90 - PC95 - PC98 - PC99 - SUM - MIN - MAX - AVG EventsCompute: description: The instructions for what to compute for this query. properties: aggregation: $ref: '#/components/schemas/EventsAggregation' interval: description: Interval for compute in milliseconds. example: 60000 format: int64 type: integer metric: description: The "measure" attribute on which to perform the computation. type: string example: example_value required: - aggregation type: object EventsDataSource: default: logs description: A data source that is powered by the Events Platform. enum: - logs - rum example: logs type: string x-enum-varnames: - LOGS - RUM EventsGroupBy: description: A dimension on which to split a query's results. properties: facet: description: The facet by which to split groups. example: '@error.type' type: string limit: default: 10 description: >- The maximum buckets to return for this group by. Note: at most 10000 buckets are allowed. If grouping by multiple facets, the product of limits must not exceed 10000. example: 10 format: int32 maximum: 10000 type: integer sort: $ref: '#/components/schemas/EventsGroupBySort' required: - facet type: object EventsGroupBySort: description: The dimension by which to sort a query's results. properties: aggregation: $ref: '#/components/schemas/EventsAggregation' metric: description: >- The metric's calculated value which should be used to define the sort order of a query's results. example: '@duration' type: string order: $ref: '#/components/schemas/QuerySortOrder' type: $ref: '#/components/schemas/EventsSortType' required: - aggregation type: object EventsListRequest: description: >- The object sent with the request to retrieve a list of events from your organization. properties: filter: $ref: '#/components/schemas/EventsQueryFilter' options: $ref: '#/components/schemas/EventsQueryOptions' page: $ref: '#/components/schemas/EventsRequestPage' sort: $ref: '#/components/schemas/EventsSort' type: object EventsListResponse: description: >- The response object with all events matching the request and pagination information. properties: data: description: An array of events matching the request. items: $ref: '#/components/schemas/EventResponse' type: array links: $ref: '#/components/schemas/EventsListResponseLinks' meta: $ref: '#/components/schemas/EventsResponseMetadata' type: object EventsListResponseLinks: description: Links attributes. properties: next: description: >- Link for the next set of results. Note that the request can also be made using the POST endpoint. example: >- https://app.datadoghq.com/api/v2/events?filter[query]=foo&page[cursor]=eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string type: object EventsQueryFilter: description: The search and filter query settings. properties: from: default: now-15m description: >- The minimum time for the requested events. Supports date math and regular timestamps in milliseconds. example: now-15m type: string query: default: '*' description: The search query following the event search syntax. example: service:web* AND @http.status_code:[200 TO 299] type: string to: default: now description: >- The maximum time for the requested events. Supports date math and regular timestamps in milliseconds. example: now type: string type: object EventsQueryGroupBys: description: The list of facets on which to split results. items: $ref: '#/components/schemas/EventsGroupBy' type: array EventsQueryOptions: description: >- The global query options that are used. Either provide a timezone or a time offset but not both, otherwise the query fails. properties: timeOffset: description: The time offset to apply to the query in seconds. format: int64 type: integer example: 42 timezone: default: UTC description: >- The timezone can be specified as GMT, UTC, an offset from UTC (like UTC+1), or as a Timezone Database identifier (like America/New_York). example: GMT type: string type: object EventsRequestPage: description: Pagination settings. properties: cursor: description: The returned paging point to use to get the next results. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string limit: default: 10 description: The maximum number of logs in the response. example: 25 format: int32 maximum: 1000 type: integer type: object EventsResponseMetadata: description: The metadata associated with a request. properties: elapsed: description: The time elapsed in milliseconds. example: 132 format: int64 type: integer page: $ref: '#/components/schemas/EventsResponseMetadataPage' request_id: description: The identifier of the request. example: MWlFUjVaWGZTTTZPYzM0VXp1OXU2d3xLSVpEMjZKQ0VKUTI0dEYtM3RSOFVR type: string status: description: The request status. example: done type: string warnings: description: >- A list of warnings (non-fatal errors) encountered. Partial results might be returned if warnings are present in the response. items: $ref: '#/components/schemas/EventsWarning' type: array type: object EventsResponseMetadataPage: description: Pagination attributes. properties: after: description: >- The cursor to use to get the next results, if any. To make the next request, use the same parameters with the addition of the `page[cursor]`. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string type: object EventsScalarQuery: description: An individual scalar events query. properties: compute: $ref: '#/components/schemas/EventsCompute' data_source: $ref: '#/components/schemas/EventsDataSource' group_by: $ref: '#/components/schemas/EventsQueryGroupBys' indexes: description: The indexes in which to search. example: - main items: description: The unique index name. example: main type: string type: array name: description: The variable name for use in formulas. type: string example: Example Monitor search: $ref: '#/components/schemas/EventsSearch' required: - data_source - compute type: object EventsSearch: description: Configuration of the search/filter for an events query. properties: query: description: The search/filter string for an events query. example: status:warn service:foo type: string type: object EventsSort: description: The sort parameters when querying events. enum: - timestamp - '-timestamp' type: string x-enum-varnames: - TIMESTAMP_ASCENDING - TIMESTAMP_DESCENDING EventsSortType: description: The type of sort to use on the calculated value. enum: - alphabetical - measure type: string x-enum-varnames: - ALPHABETICAL - MEASURE EventsTimeseriesQuery: description: An individual timeseries events query. properties: compute: $ref: '#/components/schemas/EventsCompute' data_source: $ref: '#/components/schemas/EventsDataSource' group_by: $ref: '#/components/schemas/EventsQueryGroupBys' indexes: description: The indexes in which to search. example: - main items: description: The unique index name. example: main type: string type: array name: description: The variable name for use in formulas. type: string example: Example Monitor search: $ref: '#/components/schemas/EventsSearch' required: - data_source - compute type: object EventsWarning: description: A warning message indicating something is wrong with the query. properties: code: description: A unique code for this type of warning. example: unknown_index type: string detail: description: A detailed explanation of this specific warning. example: 'indexes: foo, bar' type: string title: description: A short human-readable summary of the warning. example: >- One or several indexes are missing or invalid. Results hold data from the other indexes. type: string type: object ExternalUser: description: Definition of a user. properties: active: description: A Boolean value indicating the User's administrative status. type: boolean example: true emails: description: Email addresses for the user. items: $ref: '#/components/schemas/ExternalUserEmailType' type: array id: description: The identifier of the resource. Not required when creating a user. type: string example: abc-123-def meta: $ref: '#/components/schemas/ExternalUserMeta' name: $ref: '#/components/schemas/ExternalUserNameType' schemas: description: User JSON Schemas. example: - urn:ietf:params:scim:schemas:core:2.0:User items: type: string type: array title: description: The user's title. type: string example: Example Monitor userName: description: Unique identifier for the User. type: string example: Example Monitor type: object ExternalUserEmailType: description: Email address for the user. properties: primary: description: Boolean indicating if this email is the primary email address. type: boolean example: true type: $ref: '#/components/schemas/EmailTypeType' value: description: Email addresses for the user. type: string example: example_value type: object ExternalUserGroup: description: Definition of a group. properties: displayName: description: A human-readable name for the group. type: string example: Example Monitor externalId: description: >- An identifier for the resource as defined by the provisioning client. type: string example: abc-123-def id: description: The identifier of the resource. Not required when creating a group. type: string example: abc-123-def members: description: Members of the group. items: $ref: '#/components/schemas/ExternalUserGroupMembersItems' type: array meta: $ref: '#/components/schemas/ExternalUserGroupMeta' schemas: description: Input JSON Schemas. example: - urn:ietf:params:scim:schemas:core:2.0:Group items: type: string type: array type: object ExternalUserGroupMembersItems: description: The definition of a member belonging to a group. properties: $ref: description: >- The URI corresponding to a SCIM resource that is a member of this group. example: >- https://app.datadoghq.com/api/scim/v2/Users/429ebce5-8ed3-4da9-9f1e-662f2dbc2fe6 type: string display: description: A human-readable name for the group member. example: John Doe type: string type: description: A label indicating the type of resource. example: User type: string value: description: The identifier of the member of this group. example: 429ebce5-8ed3-4da9-9f1e-662f2dbc2fe6 type: string type: object ExternalUserGroupMeta: description: Metadata associated with a group. properties: created: description: The date and time the group was created. example: '2024-10-17T12:53:35.793Z' format: date-time type: string lastModified: description: The date and time the group was last changed. example: '2024-10-19T12:53:35.793Z' format: date-time type: string location: description: URL identifying the resource. example: >- https://app.datadoghq.com/api/scim/v2/Groups/429ebce5-8ed3-4da9-9f1e-662f2dbc2fe6 type: string resourceType: description: Type of resource. example: Group type: string type: object ExternalUserGroupPatchRequest: description: Request object for patching a group. properties: Operations: description: A list of update operations to be performed on a group. items: $ref: '#/components/schemas/ExternalUserGroupPatchRequestOperationsItems' type: array schemas: description: Input JSON Schemas example: - urn:ietf:params:scim:api:messages:2.0:PatchOp items: type: string type: array type: object ExternalUserGroupPatchRequestOperationsItems: description: The definition of an individual patch operation in a patch request. properties: op: $ref: '#/components/schemas/ExternalUserGroupPatchRequestOperationsItemsOp' path: description: An attribute path describing the target of the operation. example: members type: string value: description: >- JSON element containing the target values required to apply the patch operation. example: |- { "displayName": "Real new group", "id": "80df3a9b-24f5-4ebf-9ba0-714455453621" } type: object ExternalUserGroupPatchRequestOperationsItemsOp: description: The operation to be performed. enum: - add - replace - remove type: string x-enum-varnames: - ADD - REPLACE - REMOVE ExternalUserMeta: description: Metadata associated with a user. properties: created: description: The date and time the user was created. example: '2024-10-17T12:53:35.793Z' format: date-time type: string lastModified: description: The date and time the user was last changed. example: '2024-10-19T12:53:35.793Z' format: date-time type: string location: description: URL identifying the resource. example: >- https://app.datadoghq.com/api/scim/v2/Users/13a95654-b76d-478d-8636-157a7e461d7c type: string resourceType: description: Type of resource. example: User type: string type: object ExternalUserNameType: description: The components of user's real name properties: formatted: description: >- The full name, including all middle names, titles, and suffixes as appropriate, formatted for display. type: string example: example_value type: object ExternalUserPatchRequest: description: Request object for patching a user. properties: Operations: description: A list of update operations to be performed on a user. items: $ref: '#/components/schemas/ExternalUserPatchRequestOperationsItems' type: array schemas: description: Input JSON Schemas example: - urn:ietf:params:scim:api:messages:2.0:PatchOp items: type: string type: array type: object ExternalUserPatchRequestOperationsItems: description: The definition of an individual patch operation in a patch request. properties: op: $ref: '#/components/schemas/ExternalUserPatchRequestOperationsItemsOp' path: description: An attribute path describing the target of the operation. example: title type: string value: description: New value to use for the patch operation. example: example_value type: object ExternalUserPatchRequestOperationsItemsOp: description: The operation to be performed. enum: - add - replace type: string x-enum-varnames: - ADD - REPLACE FastlyAccounResponseAttributes: description: Attributes object of a Fastly account. properties: name: description: The name of the Fastly account. example: test-name type: string services: description: A list of services belonging to the parent account. items: $ref: '#/components/schemas/FastlyService' type: array required: - name type: object FastlyAccountCreateRequest: description: Payload schema when adding a Fastly account. properties: data: $ref: '#/components/schemas/FastlyAccountCreateRequestData' required: - data type: object FastlyAccountCreateRequestAttributes: description: Attributes object for creating a Fastly account. properties: api_key: description: The API key for the Fastly account. example: ABCDEFG123 type: string name: description: The name of the Fastly account. example: test-name type: string services: description: A list of services belonging to the parent account. items: $ref: '#/components/schemas/FastlyService' type: array required: - api_key - name type: object FastlyAccountCreateRequestData: description: Data object for creating a Fastly account. properties: attributes: $ref: '#/components/schemas/FastlyAccountCreateRequestAttributes' type: $ref: '#/components/schemas/FastlyAccountType' required: - attributes - type type: object FastlyAccountResponse: description: The expected response schema when getting a Fastly account. properties: data: $ref: '#/components/schemas/FastlyAccountResponseData' type: object FastlyAccountResponseData: description: Data object of a Fastly account. properties: attributes: $ref: '#/components/schemas/FastlyAccounResponseAttributes' id: description: The ID of the Fastly account, a hash of the account name. example: abc123 type: string type: $ref: '#/components/schemas/FastlyAccountType' required: - attributes - id - type type: object x-merge-override: required: false FastlyAccountType: default: fastly-accounts description: The JSON:API type for this API. Should always be `fastly-accounts`. enum: - fastly-accounts example: fastly-accounts type: string x-enum-varnames: - FASTLY_ACCOUNTS FastlyAccountUpdateRequest: description: Payload schema when updating a Fastly account. properties: data: $ref: '#/components/schemas/FastlyAccountUpdateRequestData' required: - data type: object FastlyAccountUpdateRequestAttributes: description: Attributes object for updating a Fastly account. properties: api_key: description: The API key of the Fastly account. example: ABCDEFG123 type: string name: description: The name of the Fastly account. type: string example: Example Monitor type: object x-merge-override: required: false FastlyAccountUpdateRequestData: description: Data object for updating a Fastly account. properties: attributes: $ref: '#/components/schemas/FastlyAccountUpdateRequestAttributes' type: $ref: '#/components/schemas/FastlyAccountType' type: object x-merge-override: required: false FastlyAccountsResponse: description: The expected response schema when getting Fastly accounts. properties: data: description: The JSON:API data schema. items: $ref: '#/components/schemas/FastlyAccountResponseData' type: array type: object FastlyService: description: The schema representation of a Fastly service. properties: id: description: The ID of the Fastly service example: 6abc7de6893AbcDe9fghIj type: string tags: description: A list of tags for the Fastly service. example: - myTag - myTag2:myValue items: type: string type: array required: - id type: object FastlyServiceAttributes: description: Attributes object for Fastly service requests. properties: tags: description: A list of tags for the Fastly service. example: - myTag - myTag2:myValue items: type: string type: array type: object FastlyServiceData: description: Data object for Fastly service requests. properties: attributes: $ref: '#/components/schemas/FastlyServiceAttributes' id: description: The ID of the Fastly service. example: abc123 type: string type: $ref: '#/components/schemas/FastlyServiceType' required: - id - type type: object FastlyServiceRequest: description: Payload schema for Fastly service requests. properties: data: $ref: '#/components/schemas/FastlyServiceData' required: - data type: object FastlyServiceResponse: description: The expected response schema when getting a Fastly service. properties: data: $ref: '#/components/schemas/FastlyServiceData' type: object FastlyServiceType: default: fastly-services description: The JSON:API type for this API. Should always be `fastly-services`. enum: - fastly-services example: fastly-services type: string x-enum-varnames: - FASTLY_SERVICES FastlyServicesResponse: description: The expected response schema when getting Fastly services. properties: data: description: The JSON:API data schema. items: $ref: '#/components/schemas/FastlyServiceData' type: array type: object Finding: description: A single finding without the message and resource configuration. properties: attributes: $ref: '#/components/schemas/FindingAttributes' id: $ref: '#/components/schemas/FindingID' type: $ref: '#/components/schemas/FindingType' type: object FindingAttributes: description: The JSON:API attributes of the finding. properties: evaluation: $ref: '#/components/schemas/FindingEvaluation' evaluation_changed_at: $ref: '#/components/schemas/FindingEvaluationChangedAt' mute: $ref: '#/components/schemas/FindingMute' resource: $ref: '#/components/schemas/FindingResource' resource_discovery_date: $ref: '#/components/schemas/FindingResourceDiscoveryDate' resource_type: $ref: '#/components/schemas/FindingResourceType' rule: $ref: '#/components/schemas/FindingRule' status: $ref: '#/components/schemas/FindingStatus' tags: $ref: '#/components/schemas/FindingTags' vulnerability_type: $ref: '#/components/schemas/FindingVulnerabilityType' type: object FindingEvaluation: description: The evaluation of the finding. enum: - pass - fail example: pass type: string x-enum-varnames: - PASS - FAIL FindingEvaluationChangedAt: description: The date on which the evaluation for this finding changed (Unix ms). example: 1678721573794 format: int64 minimum: 1 type: integer FindingID: description: The unique ID for this finding. example: ZGVmLTAwcC1pZXJ-aS0wZjhjNjMyZDNmMzRlZTgzNw== type: string FindingMute: additionalProperties: false description: Information about the mute status of this finding. properties: description: description: >- Additional information about the reason why this finding is muted or unmuted. example: To be resolved later type: string expiration_date: description: The expiration date of the mute or unmute action (Unix ms). example: 1778721573794 format: int64 type: integer muted: description: Whether this finding is muted or unmuted. example: true type: boolean reason: $ref: '#/components/schemas/FindingMuteReason' start_date: description: The start of the mute period. example: 1678721573794 format: int64 type: integer uuid: description: The ID of the user who muted or unmuted this finding. example: e51c9744-d158-11ec-ad23-da7ad0900002 type: string type: object FindingMuteReason: description: The reason why this finding is muted or unmuted. enum: - PENDING_FIX - FALSE_POSITIVE - ACCEPTED_RISK - NO_PENDING_FIX - HUMAN_ERROR - NO_LONGER_ACCEPTED_RISK - OTHER example: ACCEPTED_RISK type: string x-enum-varnames: - PENDING_FIX - FALSE_POSITIVE - ACCEPTED_RISK - NO_PENDING_FIX - HUMAN_ERROR - NO_LONGER_ACCEPTED_RISK - OTHER FindingResource: description: The resource name of this finding. example: my_resource_name type: string FindingResourceDiscoveryDate: description: The date on which the resource was discovered (Unix ms). example: 1678721573794 format: int64 minimum: 1 type: integer FindingResourceType: description: The resource type of this finding. example: azure_storage_account type: string FindingRule: additionalProperties: false description: The rule that triggered this finding. properties: id: description: The ID of the rule that triggered this finding. example: dv2-jzf-41i type: string name: description: The name of the rule that triggered this finding. example: Soft delete is enabled for Azure Storage type: string type: object FindingStatus: description: The status of the finding. enum: - critical - high - medium - low - info example: critical type: string x-enum-varnames: - CRITICAL - HIGH - MEDIUM - LOW - INFO FindingTags: description: The tags associated with this finding. example: - cloud_provider:aws - myTag:myValue items: description: The list of tags. type: string type: array FindingType: default: finding description: The JSON:API type for findings. enum: - finding example: finding type: string x-enum-varnames: - FINDING FindingVulnerabilityType: description: The vulnerability type of the finding. enum: - misconfiguration - attack_path - identity_risk - api_security example: misconfiguration type: string x-enum-varnames: - MISCONFIGURATION - ATTACK_PATH - IDENTITY_RISK - API_SECURITY FormulaLimit: description: >- Message for specifying limits to the number of values returned by a query. This limit is only for scalar queries and has no effect on timeseries queries. properties: count: description: The number of results to which to limit. example: 10 format: int32 maximum: 2147483647 type: integer order: $ref: '#/components/schemas/QuerySortOrder' type: object FrameworkHandleAndVersionResponseData: description: Contains type and attributes for custom frameworks. properties: attributes: $ref: '#/components/schemas/CustomFrameworkDataHandleAndVersion' id: description: The ID of the custom framework. example: handle-version type: string type: $ref: '#/components/schemas/CustomFrameworkType' required: - id - type - attributes type: object FullAPIKey: description: Datadog API key. properties: attributes: $ref: '#/components/schemas/FullAPIKeyAttributes' id: description: ID of the API key. type: string example: abc-123-def relationships: $ref: '#/components/schemas/APIKeyRelationships' type: $ref: '#/components/schemas/APIKeysType' type: object x-merge-override: required: false FullAPIKeyAttributes: description: Attributes of a full API key. properties: category: description: The category of the API key. type: string example: example_value created_at: description: Creation date of the API key. example: '2020-11-23T10:00:00.000Z' format: date-time readOnly: true type: string key: description: The API key. readOnly: true type: string x-secret: true example: example_value last4: description: The last four characters of the API key. example: abcd maxLength: 4 minLength: 4 readOnly: true type: string x-secret: true modified_at: description: Date the API key was last modified. example: '2020-11-23T10:00:00.000Z' format: date-time readOnly: true type: string name: description: Name of the API key. example: API Key for submitting metrics type: string remote_config_read_enabled: description: The remote config read enabled status. type: boolean example: true type: object FullApplicationKey: description: Datadog application key. properties: attributes: $ref: '#/components/schemas/FullApplicationKeyAttributes' id: description: ID of the application key. type: string example: abc-123-def relationships: $ref: '#/components/schemas/ApplicationKeyRelationships' type: $ref: '#/components/schemas/ApplicationKeysType' type: object x-merge-override: required: false FullApplicationKeyAttributes: description: Attributes of a full application key. properties: created_at: description: Creation date of the application key. example: '2020-11-23T10:00:00.000Z' format: date-time readOnly: true type: string key: description: The application key. readOnly: true type: string x-secret: true example: example_value last4: description: The last four characters of the application key. example: abcd maxLength: 4 minLength: 4 readOnly: true type: string x-secret: true name: description: Name of the application key. example: Application Key for managing dashboards type: string scopes: description: Array of scopes to grant the application key. example: - dashboards_read - dashboards_write - dashboards_public_share items: description: Name of scope. type: string nullable: true type: array type: object x-merge-override: properties: false FullCustomFrameworkData: description: Contains type and attributes for custom frameworks. properties: attributes: $ref: '#/components/schemas/FullCustomFrameworkDataAttributes' id: description: The ID of the custom framework. example: handle-version type: string type: $ref: '#/components/schemas/CustomFrameworkType' required: - id - type - attributes type: object FullCustomFrameworkDataAttributes: description: Full Framework Data Attributes. properties: handle: description: Framework Handle example: sec2 type: string icon_url: description: Framework Icon URL example: https://example.com/icon.png type: string name: description: Framework Name example: security-framework type: string requirements: description: Framework Requirements items: $ref: '#/components/schemas/CustomFrameworkRequirement' type: array version: description: Framework Version example: '2' type: string required: - handle - version - name - requirements type: object GCPMetricNamespaceConfig: description: Configuration for a GCP metric namespace. properties: disabled: default: false description: >- When disabled, Datadog does not collect metrics that are related to this GCP metric namespace. example: true type: boolean id: description: The id of the GCP metric namespace. example: aiplatform type: string type: object GCPSTSDelegateAccount: description: Datadog principal service account info. properties: attributes: $ref: '#/components/schemas/GCPSTSDelegateAccountAttributes' id: description: The ID of the delegate service account. example: >- ddgci-1a19n28hb1a812221893@datadog-gci-sts-us5-prod.iam.gserviceaccount.com type: string type: $ref: '#/components/schemas/GCPSTSDelegateAccountType' type: object GCPSTSDelegateAccountAttributes: description: Your delegate account attributes. properties: delegate_account_email: description: Your organization's Datadog principal email address. example: >- ddgci-1a19n28hb1a812221893@datadog-gci-sts-us5-prod.iam.gserviceaccount.com type: string type: object GCPSTSDelegateAccountResponse: description: Your delegate service account response data. properties: data: $ref: '#/components/schemas/GCPSTSDelegateAccount' type: object GCPSTSDelegateAccountType: default: gcp_sts_delegate description: The type of account. enum: - gcp_sts_delegate example: gcp_sts_delegate type: string x-enum-varnames: - GCP_STS_DELEGATE GCPSTSServiceAccount: description: Info on your service account. properties: attributes: $ref: '#/components/schemas/GCPSTSServiceAccountAttributes' id: description: Your service account's unique ID. example: d291291f-12c2-22g4-j290-123456678897 type: string meta: $ref: '#/components/schemas/GCPServiceAccountMeta' type: $ref: '#/components/schemas/GCPServiceAccountType' type: object x-merge-override: required: false GCPSTSServiceAccountAttributes: description: Attributes associated with your service account. properties: account_tags: description: >- Tags to be associated with GCP metrics and service checks from your account. items: description: Account Level Tag type: string type: array automute: description: Silence monitors for expected GCE instance shutdowns. type: boolean example: true client_email: description: Your service account email address. example: datadog-service-account@test-project.iam.gserviceaccount.com type: string cloud_run_revision_filters: description: >- List of filters to limit the Cloud Run revisions that are pulled into Datadog by using tags. Only Cloud Run revision resources that apply to specified filters are imported into Datadog. example: - $KEY:$VALUE items: description: Cloud Run Filters type: string type: array host_filters: description: Your Host Filters. items: description: Host Filters type: string type: array is_cspm_enabled: description: >- When enabled, Datadog will activate the Cloud Security Monitoring product for this service account. Note: This requires resource_collection_enabled to be set to true. type: boolean example: true is_per_project_quota_enabled: default: false description: >- When enabled, Datadog applies the `X-Goog-User-Project` header, attributing Google Cloud billing and quota usage to the project being monitored rather than the default service account project. example: true type: boolean is_resource_change_collection_enabled: default: false description: >- When enabled, Datadog scans for all resource change data in your Google Cloud environment. example: true type: boolean is_security_command_center_enabled: default: false description: >- When enabled, Datadog will attempt to collect Security Command Center Findings. Note: This requires additional permissions on the service account. example: true type: boolean metric_namespace_configs: description: Configurations for GCP metric namespaces. example: - disabled: true id: aiplatform items: $ref: '#/components/schemas/GCPMetricNamespaceConfig' type: array resource_collection_enabled: description: >- When enabled, Datadog scans for all resources in your GCP environment. type: boolean example: true type: object x-merge-override: required: false GCPSTSServiceAccountCreateRequest: description: Data on your newly generated service account. properties: data: $ref: '#/components/schemas/GCPSTSServiceAccountData' type: object x-merge-override: required: false GCPSTSServiceAccountData: description: Additional metadata on your generated service account. properties: attributes: $ref: '#/components/schemas/GCPSTSServiceAccountAttributes' type: $ref: '#/components/schemas/GCPServiceAccountType' type: object x-merge-override: required: false GCPSTSServiceAccountResponse: description: The account creation response. properties: data: $ref: '#/components/schemas/GCPSTSServiceAccount' type: object GCPSTSServiceAccountUpdateRequest: description: Service account info. properties: data: $ref: '#/components/schemas/GCPSTSServiceAccountUpdateRequestData' type: object GCPSTSServiceAccountUpdateRequestData: description: Data on your service account. properties: attributes: $ref: '#/components/schemas/GCPSTSServiceAccountAttributes' id: description: Your service account's unique ID. example: d291291f-12c2-22g4-j290-123456678897 type: string type: $ref: '#/components/schemas/GCPServiceAccountType' type: object GCPSTSServiceAccountsResponse: description: Object containing all your STS enabled accounts. properties: data: description: Array of GCP STS enabled service accounts. items: $ref: '#/components/schemas/GCPSTSServiceAccount' type: array type: object GCPServiceAccountMeta: description: Additional information related to your service account. properties: accessible_projects: description: The current list of projects accessible from your service account. items: description: List of GCP projects. type: string type: array type: object GCPServiceAccountType: default: gcp_service_account description: The type of account. enum: - gcp_service_account example: gcp_service_account type: string x-enum-varnames: - GCP_SERVICE_ACCOUNT GetActionConnectionResponse: description: The response for found connection properties: data: $ref: '#/components/schemas/ActionConnectionData' type: object GetAppResponse: description: The full app definition response object. properties: data: $ref: '#/components/schemas/GetAppResponseData' included: description: Data on the version of the app that was published. items: $ref: '#/components/schemas/Deployment' type: array meta: $ref: '#/components/schemas/AppMeta' relationship: $ref: '#/components/schemas/AppRelationship' type: object GetAppResponseData: description: The data object containing the app definition. properties: attributes: $ref: '#/components/schemas/GetAppResponseDataAttributes' id: description: The ID of the app. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 format: uuid type: string type: $ref: '#/components/schemas/AppDefinitionType' required: - id - type - attributes type: object GetAppResponseDataAttributes: description: >- The app definition attributes, such as name, description, and components. properties: components: description: The UI components that make up the app. items: $ref: '#/components/schemas/ComponentGrid' type: array description: description: A human-readable description for the app. type: string example: example_value favorite: description: Whether the app is marked as a favorite by the current user. type: boolean example: true name: description: The name of the app. type: string example: Example Monitor queries: description: >- An array of queries, such as external actions and state variables, that the app uses. items: $ref: '#/components/schemas/Query' type: array rootInstanceName: description: >- The name of the root component of the app. This must be a `grid` component that contains all other components. type: string example: Example Monitor tags: description: A list of tags for the app, which can be used to filter apps. example: - service:webshop-backend - team:webshop items: description: An individual tag for the app. type: string type: array type: object GetCustomFrameworkResponse: description: Response object to get a custom framework. properties: data: $ref: '#/components/schemas/FullCustomFrameworkData' required: - data type: object GetDeviceAttributes: description: The device attributes properties: description: description: A description of the device. example: a device monitored with NDM type: string device_type: description: The type of the device. example: other type: string integration: description: The integration of the device. example: snmp type: string ip_address: description: The IP address of the device. example: 1.2.3.4 type: string location: description: The location of the device. example: paris type: string model: description: The model of the device. example: xx-123 type: string name: description: The name of the device. example: example device type: string os_hostname: description: The operating system hostname of the device. example: 1.0.2 type: string os_name: description: The operating system name of the device. example: example OS type: string os_version: description: The operating system version of the device. example: 1.0.2 type: string ping_status: description: The ping status of the device. example: unmonitored type: string product_name: description: The product name of the device. example: example device type: string serial_number: description: The serial number of the device. example: X12345 type: string status: description: The status of the device. example: ok type: string subnet: description: The subnet of the device. example: 1.2.3.4/24 type: string sys_object_id: description: The device `sys_object_id`. example: 1.3.6.1.4.1.99999 type: string tags: description: A list of tags associated with the device. example: - device_ip:1.2.3.4 - device_id:example:1.2.3.4 items: type: string type: array vendor: description: The vendor of the device. example: example vendor type: string version: description: The version of the device. example: 1.2.3 type: string type: object GetDeviceData: description: Get device response data. properties: attributes: $ref: '#/components/schemas/GetDeviceAttributes' id: description: The device ID example: example:1.2.3.4 type: string type: description: The type of the resource. The value should always be device. type: string example: metric alert type: object GetDeviceResponse: description: The `GetDevice` operation's response. properties: data: $ref: '#/components/schemas/GetDeviceData' type: object GetFindingResponse: description: The expected response schema when getting a finding. properties: data: $ref: '#/components/schemas/DetailedFinding' required: - data type: object GetInterfacesData: description: The interfaces list data properties: attributes: $ref: '#/components/schemas/InterfaceAttributes' id: description: The interface ID example: example:1.2.3.4:99 type: string type: description: The type of the resource. The value should always be interface. type: string example: metric alert type: object GetInterfacesResponse: description: The `GetInterfaces` operation's response. properties: data: description: Get Interfaces response items: $ref: '#/components/schemas/GetInterfacesData' type: array type: object GetResourceEvaluationFiltersResponse: description: The definition of `GetResourceEvaluationFiltersResponse` object. properties: data: $ref: '#/components/schemas/GetResourceEvaluationFiltersResponseData' required: - data type: object GetResourceEvaluationFiltersResponseData: description: The definition of `GetResourceFilterResponseData` object. properties: attributes: $ref: '#/components/schemas/ResourceFilterAttributes' id: description: The `data` `id`. example: csm_resource_filter type: string type: $ref: '#/components/schemas/ResourceFilterRequestType' type: object GetRuleVersionHistoryData: description: Data for the rule version history. properties: attributes: $ref: '#/components/schemas/RuleVersionHistory' id: description: ID of the rule. type: string example: abc-123-def type: $ref: '#/components/schemas/GetRuleVersionHistoryDataType' type: object GetRuleVersionHistoryDataType: description: Type of data. enum: - GetRuleVersionHistoryResponse type: string x-enum-varnames: - GETRULEVERSIONHISTORYRESPONSE GetRuleVersionHistoryResponse: description: Response for getting the rule version history. properties: data: $ref: '#/components/schemas/GetRuleVersionHistoryData' type: object GetSBOMResponse: description: The expected response schema when getting an SBOM. properties: data: $ref: '#/components/schemas/SBOM' required: - data type: object GetTeamMembershipsSort: description: Specifies the order of returned team memberships enum: - manager_name - '-manager_name' - name - '-name' - handle - '-handle' - email - '-email' type: string x-enum-varnames: - MANAGER_NAME - _MANAGER_NAME - NAME - _NAME - HANDLE - _HANDLE - EMAIL - _EMAIL GetWorkflowResponse: description: The response object after getting a workflow. properties: data: $ref: '#/components/schemas/WorkflowData' type: object GitCommitSHA: description: Git Commit SHA. example: 66adc9350f2cc9b250b69abddab733dd55e1a588 pattern: ^[a-fA-F0-9]{40,}$ type: string GitRepositoryURL: description: Git Repository URL example: https://github.com/organization/example-repository type: string GithubWebhookTrigger: description: >- Trigger a workflow from a GitHub webhook. To trigger a workflow from GitHub, you must set a `webhookSecret`. In your GitHub Webhook Settings, set the Payload URL to "base_url"/api/v2/workflows/"workflow_id"/webhook?orgId="org_id", select application/json for the content type, and be highly recommend enabling SSL verification for security. The workflow must be published. properties: rateLimit: $ref: '#/components/schemas/TriggerRateLimit' type: object GithubWebhookTriggerWrapper: description: Schema for a GitHub webhook-based trigger. properties: githubWebhookTrigger: $ref: '#/components/schemas/GithubWebhookTrigger' startStepNames: $ref: '#/components/schemas/StartStepNames' required: - githubWebhookTrigger type: object GroupScalarColumn: description: A column containing the tag keys and values in a group. properties: name: description: The name of the tag key or group. example: env type: string type: $ref: '#/components/schemas/ScalarColumnTypeGroup' values: description: >- The array of tag values for each group found for the results of the formulas or queries. example: - - production - - staging items: description: An individual tag value for a given group column. items: description: One tag value within a values array. example: production type: string type: array type: array type: object GroupTags: description: List of tags that apply to a single response value. items: description: A single tag that applies to a single response value. example: env:production type: string type: array HTTPBody: description: The definition of `HTTPBody` object. properties: content: description: Serialized body content example: '{"some-json": "with-value"}' type: string content_type: description: Content type of the body example: application/json type: string type: object HTTPCIAppError: description: List of errors. properties: detail: description: Error message. example: Malformed payload type: string status: description: Error code. example: '400' type: string title: description: Error title. example: Bad Request type: string type: object HTTPCIAppErrors: description: Errors occurred. properties: errors: description: Structured errors. items: $ref: '#/components/schemas/HTTPCIAppError' type: array type: object HTTPCredentials: description: The definition of `HTTPCredentials` object. oneOf: - $ref: '#/components/schemas/HTTPTokenAuth' HTTPCredentialsUpdate: description: The definition of `HTTPCredentialsUpdate` object. oneOf: - $ref: '#/components/schemas/HTTPTokenAuthUpdate' HTTPHeader: description: The definition of `HTTPHeader` object. properties: name: description: The `HTTPHeader` `name`. example: MyHttpHeader pattern: ^[A-Za-z][A-Za-z\\d\\-\\_]*$ type: string value: description: The `HTTPHeader` `value`. example: Some header value type: string required: - name - value type: object HTTPHeaderUpdate: description: The definition of `HTTPHeaderUpdate` object. properties: deleted: description: Should the header be deleted. type: boolean example: true name: description: The `HTTPHeaderUpdate` `name`. example: MyHttpHeader pattern: ^[A-Za-z][A-Za-z\\d\\-\\_]*$ type: string value: description: The `HTTPHeaderUpdate` `value`. example: Updated Header Value type: string required: - name type: object HTTPIntegration: description: The definition of `HTTPIntegration` object. properties: base_url: description: Base HTTP url for the integration example: http://datadoghq.com type: string credentials: $ref: '#/components/schemas/HTTPCredentials' type: $ref: '#/components/schemas/HTTPIntegrationType' required: - type - base_url - credentials type: object HTTPIntegrationType: description: The definition of `HTTPIntegrationType` object. enum: - HTTP example: HTTP type: string x-enum-varnames: - HTTP HTTPIntegrationUpdate: description: The definition of `HTTPIntegrationUpdate` object. properties: base_url: description: Base HTTP url for the integration example: http://datadoghq.com type: string credentials: $ref: '#/components/schemas/HTTPCredentialsUpdate' type: $ref: '#/components/schemas/HTTPIntegrationType' required: - type type: object HTTPLog: description: Structured log message. items: $ref: '#/components/schemas/HTTPLogItem' type: array HTTPLogError: description: List of errors. properties: detail: description: Error message. example: Malformed payload type: string status: description: Error code. example: '400' type: string title: description: Error title. example: Bad Request type: string type: object HTTPLogErrors: description: Invalid query performed. properties: errors: description: Structured errors. items: $ref: '#/components/schemas/HTTPLogError' type: array type: object HTTPLogItem: additionalProperties: description: Additional log attributes. description: Logs that are sent over HTTP. properties: ddsource: description: >- The integration name associated with your log: the technology from which the log originated. When it matches an integration name, Datadog automatically installs the corresponding parsers and facets. See [reserved attributes](https://docs.datadoghq.com/logs/log_configuration/attributes_naming_convention/#reserved-attributes). example: nginx type: string ddtags: description: Tags associated with your logs. example: env:staging,version:5.1 type: string hostname: description: The name of the originating host of the log. example: i-012345678 type: string message: description: >- The message [reserved attribute](https://docs.datadoghq.com/logs/log_configuration/attributes_naming_convention/#reserved-attributes) of your log. By default, Datadog ingests the value of the message attribute as the body of the log entry. That value is then highlighted and displayed in the Logstream, where it is indexed for full text search. example: 2019-11-19T14:37:58,995 INFO [process.name][20081] Hello World type: string service: description: >- The name of the application or service generating the log events. It is used to switch from Logs to APM, so make sure you define the same value when you use both products. See [reserved attributes](https://docs.datadoghq.com/logs/log_configuration/attributes_naming_convention/#reserved-attributes). example: payment type: string required: - message type: object HTTPToken: description: The definition of `HTTPToken` object. properties: name: description: The `HTTPToken` `name`. example: MyToken pattern: ^[A-Za-z][A-Za-z\\d]*$ type: string type: $ref: '#/components/schemas/TokenType' value: description: The `HTTPToken` `value`. example: Some Token Value type: string required: - name - value - type type: object HTTPTokenAuth: description: The definition of `HTTPTokenAuth` object. properties: body: $ref: '#/components/schemas/HTTPBody' headers: description: The `HTTPTokenAuth` `headers`. items: $ref: '#/components/schemas/HTTPHeader' type: array tokens: description: The `HTTPTokenAuth` `tokens`. items: $ref: '#/components/schemas/HTTPToken' type: array type: $ref: '#/components/schemas/HTTPTokenAuthType' url_parameters: description: The `HTTPTokenAuth` `url_parameters`. items: $ref: '#/components/schemas/UrlParam' type: array required: - type type: object HTTPTokenAuthType: description: The definition of `HTTPTokenAuthType` object. enum: - HTTPTokenAuth example: HTTPTokenAuth type: string x-enum-varnames: - HTTPTOKENAUTH HTTPTokenAuthUpdate: description: The definition of `HTTPTokenAuthUpdate` object. properties: body: $ref: '#/components/schemas/HTTPBody' headers: description: The `HTTPTokenAuthUpdate` `headers`. items: $ref: '#/components/schemas/HTTPHeaderUpdate' type: array tokens: description: The `HTTPTokenAuthUpdate` `tokens`. items: $ref: '#/components/schemas/HTTPTokenUpdate' type: array type: $ref: '#/components/schemas/HTTPTokenAuthType' url_parameters: description: The `HTTPTokenAuthUpdate` `url_parameters`. items: $ref: '#/components/schemas/UrlParamUpdate' type: array required: - type type: object HTTPTokenUpdate: description: The definition of `HTTPTokenUpdate` object. properties: deleted: description: Should the header be deleted. type: boolean example: true name: description: The `HTTPToken` `name`. example: MyToken pattern: ^[A-Za-z][A-Za-z\\d]*$ type: string type: $ref: '#/components/schemas/TokenType' value: description: The `HTTPToken` `value`. example: Some Token Value type: string required: - name - type - value type: object HistoricalJobDataType: description: Type of payload. enum: - historicalDetectionsJob type: string x-enum-varnames: - HISTORICALDETECTIONSJOB HistoricalJobListMeta: description: Metadata about the list of jobs. properties: totalCount: description: Number of jobs in the list. format: int32 maximum: 2147483647 type: integer example: 42 type: object HistoricalJobOptions: description: Job options. properties: detectionMethod: $ref: '#/components/schemas/SecurityMonitoringRuleDetectionMethod' evaluationWindow: $ref: '#/components/schemas/SecurityMonitoringRuleEvaluationWindow' impossibleTravelOptions: $ref: '#/components/schemas/SecurityMonitoringRuleImpossibleTravelOptions' keepAlive: $ref: '#/components/schemas/SecurityMonitoringRuleKeepAlive' maxSignalDuration: $ref: '#/components/schemas/SecurityMonitoringRuleMaxSignalDuration' newValueOptions: $ref: '#/components/schemas/SecurityMonitoringRuleNewValueOptions' thirdPartyRuleOptions: $ref: '#/components/schemas/SecurityMonitoringRuleThirdPartyOptions' type: object HistoricalJobQuery: description: Query for selecting logs analyzed by the historical job. properties: aggregation: $ref: '#/components/schemas/SecurityMonitoringRuleQueryAggregation' dataSource: $ref: '#/components/schemas/SecurityMonitoringStandardDataSource' distinctFields: description: Field for which the cardinality is measured. Sent as an array. items: description: Field. type: string type: array groupByFields: description: Fields to group by. items: description: Field. type: string type: array hasOptionalGroupByFields: description: >- When false, events without a group-by value are ignored by the query. When true, events with missing group-by fields are processed with `N/A`, replacing the missing values. example: false readOnly: true type: boolean metrics: description: >- Group of target fields to aggregate over when using the sum, max, geo data, or new value aggregations. The sum, max, and geo data aggregations only accept one value in this list, whereas the new value aggregation accepts up to five values. items: description: Field. type: string type: array name: description: Name of the query. type: string example: Example Monitor query: description: Query to run on logs. example: a > 3 type: string type: object HistoricalJobResponse: description: Historical job response. properties: data: $ref: '#/components/schemas/HistoricalJobResponseData' type: object HistoricalJobResponseAttributes: description: Historical job attributes. properties: createdAt: description: Time when the job was created. type: string example: example_value createdByHandle: description: The handle of the user who created the job. type: string example: example_value createdByName: description: The name of the user who created the job. type: string example: Example Monitor createdFromRuleId: description: >- ID of the rule used to create the job (if it is created from a rule). type: string example: abc-123-def jobDefinition: $ref: '#/components/schemas/JobDefinition' jobName: description: Job name. type: string example: Example Monitor jobStatus: description: Job status. type: string example: OK modifiedAt: description: Last modification time of the job. type: string example: example_value type: object HistoricalJobResponseData: description: Historical job response data. properties: attributes: $ref: '#/components/schemas/HistoricalJobResponseAttributes' id: description: ID of the job. type: string example: abc-123-def type: $ref: '#/components/schemas/HistoricalJobDataType' type: object HourlyUsage: description: Hourly usage for a product family for an org. properties: attributes: $ref: '#/components/schemas/HourlyUsageAttributes' id: description: Unique ID of the response. type: string example: abc-123-def type: $ref: '#/components/schemas/UsageTimeSeriesType' type: object HourlyUsageAttributes: description: >- Attributes of hourly usage for a product family for an org for a time period. properties: account_name: description: The account name. type: string example: Example Monitor account_public_id: description: The account public ID. type: string example: abc-123-def measurements: description: >- List of the measured usage values for the product family for the org for the time period. items: $ref: '#/components/schemas/HourlyUsageMeasurement' type: array org_name: description: The organization name. type: string example: Example Monitor product_family: description: The product for which usage is being reported. type: string example: example_value public_id: description: The organization public ID. type: string example: abc-123-def region: description: The region of the Datadog instance that the organization belongs to. type: string example: example_value timestamp: description: Datetime in ISO-8601 format, UTC. The hour for the usage. format: date-time type: string example: '2026-04-17T12:00:00Z' type: object HourlyUsageMeasurement: description: Usage amount for a given usage type. properties: usage_type: description: Type of usage. type: string example: metric alert value: description: >- Contains the number measured for the given usage_type during the hour. format: int64 nullable: true type: integer example: 42 type: object HourlyUsageMetadata: description: The object containing document metadata. properties: pagination: $ref: '#/components/schemas/HourlyUsagePagination' type: object HourlyUsagePagination: description: The metadata for the current pagination. properties: next_record_id: description: >- The cursor to get the next results (if any). To make the next request, use the same parameters and add `next_record_id`. nullable: true type: string example: abc-123-def type: object HourlyUsageResponse: description: Hourly usage response. properties: data: description: Response containing hourly usage. items: $ref: '#/components/schemas/HourlyUsage' type: array meta: $ref: '#/components/schemas/HourlyUsageMetadata' type: object HourlyUsageType: description: Usage type that is being measured. enum: - app_sec_host_count - observability_pipelines_bytes_processed - lambda_traced_invocations_count example: observability_pipelines_bytes_processed type: string x-enum-varnames: - APP_SEC_HOST_COUNT - OBSERVABILITY_PIPELINES_BYTES_PROCESSSED - LAMBDA_TRACED_INVOCATIONS_COUNT ID: description: The ID of a notification rule. example: aaa-bbb-ccc type: string IPAllowlistAttributes: description: Attributes of the IP allowlist. properties: enabled: description: Whether the IP allowlist logic is enabled or not. type: boolean example: true entries: description: Array of entries in the IP allowlist. items: $ref: '#/components/schemas/IPAllowlistEntry' type: array type: object IPAllowlistData: description: IP allowlist data. properties: attributes: $ref: '#/components/schemas/IPAllowlistAttributes' id: description: The unique identifier of the org. type: string example: abc-123-def type: $ref: '#/components/schemas/IPAllowlistType' required: - type type: object IPAllowlistEntry: description: IP allowlist entry object. properties: data: $ref: '#/components/schemas/IPAllowlistEntryData' required: - data type: object IPAllowlistEntryAttributes: description: Attributes of the IP allowlist entry. properties: cidr_block: description: The CIDR block describing the IP range of the entry. type: string example: abc-123-def created_at: description: Creation time of the entry. format: date-time readOnly: true type: string example: example_value modified_at: description: Time of last entry modification. format: date-time readOnly: true type: string example: example_value note: description: A note describing the IP allowlist entry. type: string example: example_value type: object IPAllowlistEntryData: description: Data of the IP allowlist entry object. properties: attributes: $ref: '#/components/schemas/IPAllowlistEntryAttributes' id: description: The unique identifier of the IP allowlist entry. type: string example: abc-123-def type: $ref: '#/components/schemas/IPAllowlistEntryType' required: - type type: object IPAllowlistEntryType: default: ip_allowlist_entry description: IP allowlist Entry type. enum: - ip_allowlist_entry example: ip_allowlist_entry type: string x-enum-varnames: - IP_ALLOWLIST_ENTRY IPAllowlistResponse: description: Response containing information about the IP allowlist. properties: data: $ref: '#/components/schemas/IPAllowlistData' type: object IPAllowlistType: default: ip_allowlist description: IP allowlist type. enum: - ip_allowlist example: ip_allowlist type: string x-enum-varnames: - IP_ALLOWLIST IPAllowlistUpdateRequest: description: Update the IP allowlist. properties: data: $ref: '#/components/schemas/IPAllowlistData' required: - data type: object IdPMetadataFormData: description: The form data submitted to upload IdP metadata properties: idp_file: description: The IdP metadata XML file format: binary type: string x-mimetype: application/xml example: abc-123-def type: object IncidentAttachmentAttachmentType: description: The type of the incident attachment attributes. enum: - link - postmortem example: link type: string x-enum-varnames: - LINK - POSTMORTEM IncidentAttachmentAttributes: description: The attributes object for an attachment. oneOf: - $ref: '#/components/schemas/IncidentAttachmentPostmortemAttributes' - $ref: '#/components/schemas/IncidentAttachmentLinkAttributes' IncidentAttachmentData: description: A single incident attachment. example: attributes: attachment: documentUrl: '' title: Postmortem IR-123 attachment_type: postmortem id: 00000000-abcd-0002-0000-000000000000 relationships: last_modified_by_user: data: id: 00000000-0000-0000-cccc-000000000000 type: users type: incident_attachments properties: attributes: $ref: '#/components/schemas/IncidentAttachmentAttributes' id: description: A unique identifier that represents the incident attachment. example: 00000000-abcd-0001-0000-000000000000 type: string relationships: $ref: '#/components/schemas/IncidentAttachmentRelationships' type: $ref: '#/components/schemas/IncidentAttachmentType' required: - type - attributes - id - relationships type: object IncidentAttachmentLinkAttachmentType: default: link description: The type of link attachment attributes. enum: - link example: link type: string x-enum-varnames: - LINK IncidentAttachmentLinkAttributes: description: The attributes object for a link attachment. properties: attachment: $ref: >- #/components/schemas/IncidentAttachmentLinkAttributesAttachmentObject attachment_type: $ref: '#/components/schemas/IncidentAttachmentLinkAttachmentType' modified: description: Timestamp when the incident attachment link was last modified. format: date-time readOnly: true type: string example: example_value required: - attachment_type - attachment type: object IncidentAttachmentLinkAttributesAttachmentObject: description: The link attachment. properties: documentUrl: description: The URL of this link attachment. example: https://www.example.com/webstore-failure-runbook type: string title: description: The title of this link attachment. example: Runbook for webstore service failures type: string required: - documentUrl - title type: object IncidentAttachmentPostmortemAttachmentType: default: postmortem description: The type of postmortem attachment attributes. enum: - postmortem example: postmortem type: string x-enum-varnames: - POSTMORTEM IncidentAttachmentPostmortemAttributes: description: The attributes object for a postmortem attachment. properties: attachment: $ref: >- #/components/schemas/IncidentAttachmentsPostmortemAttributesAttachmentObject attachment_type: $ref: '#/components/schemas/IncidentAttachmentPostmortemAttachmentType' required: - attachment_type - attachment type: object IncidentAttachmentRelatedObject: description: The object related to an incident attachment. enum: - users type: string x-enum-varnames: - USERS IncidentAttachmentRelationships: description: The incident attachment's relationships. properties: last_modified_by_user: $ref: '#/components/schemas/RelationshipToUser' type: object IncidentAttachmentType: default: incident_attachments description: The incident attachment resource type. enum: - incident_attachments example: incident_attachments type: string x-enum-varnames: - INCIDENT_ATTACHMENTS IncidentAttachmentUpdateAttributes: description: Incident attachment attributes. oneOf: - $ref: '#/components/schemas/IncidentAttachmentPostmortemAttributes' - $ref: '#/components/schemas/IncidentAttachmentLinkAttributes' IncidentAttachmentUpdateData: description: A single incident attachment. properties: attributes: $ref: '#/components/schemas/IncidentAttachmentUpdateAttributes' id: description: A unique identifier that represents the incident attachment. example: 00000000-abcd-0001-0000-000000000000 type: string type: $ref: '#/components/schemas/IncidentAttachmentType' required: - type type: object IncidentAttachmentUpdateRequest: description: The update request for an incident's attachments. properties: data: description: >- An array of incident attachments. An attachment object without an "id" key indicates that you want to create that attachment. An attachment object without an "attributes" key indicates that you want to delete that attachment. An attachment object with both the "id" key and a populated "attributes" object indicates that you want to update that attachment. example: - attributes: attachment: documentUrl: https://app.datadoghq.com/notebook/123 title: Postmortem IR-123 attachment_type: postmortem id: 00000000-abcd-0002-0000-000000000000 type: incident_attachments - attributes: attachment: documentUrl: https://www.example.com/webstore-failure-runbook title: Runbook for webstore service failures attachment_type: link type: incident_attachments - id: 00000000-abcd-0003-0000-000000000000 type: incident_attachments items: $ref: '#/components/schemas/IncidentAttachmentUpdateData' type: array required: - data type: object IncidentAttachmentUpdateResponse: description: >- The response object containing the created or updated incident attachments. properties: data: description: >- An array of incident attachments. Only the attachments that were created or updated by the request are returned. example: - attributes: attachment: documentUrl: '' title: Postmortem IR-123 attachment_type: postmortem id: 00000000-abcd-0002-0000-000000000000 relationships: last_modified_by_user: data: id: 00000000-0000-0000-cccc-000000000000 type: users type: incident_attachments items: $ref: '#/components/schemas/IncidentAttachmentData' type: array included: description: Included related resources that the user requested. items: $ref: '#/components/schemas/IncidentAttachmentsResponseIncludedItem' type: array required: - data type: object IncidentAttachmentsPostmortemAttributesAttachmentObject: description: The postmortem attachment. properties: documentUrl: description: The URL of this notebook attachment. example: https://app.datadoghq.com/notebook/123 type: string title: description: The title of this postmortem attachment. example: Postmortem IR-123 type: string required: - documentUrl - title type: object IncidentAttachmentsResponse: description: The response object containing an incident's attachments. properties: data: description: An array of incident attachments. example: - attributes: attachment: documentUrl: '' title: Postmortem IR-123 attachment_type: postmortem id: 00000000-abcd-0002-0000-000000000000 relationships: last_modified_by_user: data: id: 00000000-0000-0000-cccc-000000000000 type: users type: incident_attachments items: $ref: '#/components/schemas/IncidentAttachmentData' type: array included: description: Included related resources that the user requested. items: $ref: '#/components/schemas/IncidentAttachmentsResponseIncludedItem' type: array required: - data type: object IncidentAttachmentsResponseIncludedItem: description: An object related to an attachment that is included in the response. oneOf: - $ref: '#/components/schemas/User' IncidentCreateAttributes: description: The incident's attributes for a create request. properties: customer_impact_scope: description: >- Required if `customer_impacted:"true"`. A summary of the impact customers experienced during the incident. example: Example customer impact scope type: string customer_impacted: description: A flag indicating whether the incident caused customer impact. example: false type: boolean fields: additionalProperties: $ref: '#/components/schemas/IncidentFieldAttributes' description: >- A condensed view of the user-defined fields for which to create initial selections. example: severity: type: dropdown value: SEV-5 type: object incident_type_uuid: description: >- A unique identifier that represents an incident type. The default incident type will be used if this property is not provided. example: 00000000-0000-0000-0000-000000000000 type: string initial_cells: description: >- An array of initial timeline cells to be placed at the beginning of the incident timeline. items: $ref: '#/components/schemas/IncidentTimelineCellCreateAttributes' type: array notification_handles: description: >- Notification handles that will be notified of the incident at creation. example: - display_name: Jane Doe handle: '@user@email.com' - display_name: Slack Channel handle: '@slack-channel' - display_name: Incident Workflow handle: '@workflow-from-incident' items: $ref: '#/components/schemas/IncidentNotificationHandle' type: array title: description: The title of the incident, which summarizes what happened. example: A test incident title type: string required: - title - customer_impacted type: object IncidentCreateData: description: Incident data for a create request. properties: attributes: $ref: '#/components/schemas/IncidentCreateAttributes' relationships: $ref: '#/components/schemas/IncidentCreateRelationships' type: $ref: '#/components/schemas/IncidentType' required: - type - attributes type: object x-merge-override: required: false IncidentCreateRelationships: description: >- The relationships the incident will have with other resources once created. properties: commander_user: $ref: '#/components/schemas/NullableRelationshipToUser' required: - commander_user type: object IncidentCreateRequest: description: Create request for an incident. properties: data: $ref: '#/components/schemas/IncidentCreateData' required: - data type: object IncidentFieldAttributes: description: >- Dynamic fields for which selections can be made, with field names as keys. oneOf: - $ref: '#/components/schemas/IncidentFieldAttributesSingleValue' - $ref: '#/components/schemas/IncidentFieldAttributesMultipleValue' IncidentFieldAttributesMultipleValue: description: A field with potentially multiple values selected. properties: type: $ref: '#/components/schemas/IncidentFieldAttributesValueType' value: description: The multiple values selected for this field. example: - '1.0' - '1.1' items: description: A value which has been selected for the parent field. example: '1.1' type: string nullable: true type: array type: object IncidentFieldAttributesSingleValue: description: A field with a single value selected. properties: type: $ref: '#/components/schemas/IncidentFieldAttributesSingleValueType' value: description: The single value selected for this field. example: SEV-1 nullable: true type: string type: object IncidentFieldAttributesSingleValueType: default: dropdown description: Type of the single value field definitions. enum: - dropdown - textbox example: dropdown type: string x-enum-varnames: - DROPDOWN - TEXTBOX IncidentFieldAttributesValueType: default: multiselect description: Type of the multiple value field definitions. enum: - multiselect - textarray - metrictag - autocomplete example: multiselect type: string x-enum-varnames: - MULTISELECT - TEXTARRAY - METRICTAG - AUTOCOMPLETE IncidentImpactsType: description: The incident impacts type. enum: - incident_impacts example: incident_impacts type: string x-enum-varnames: - INCIDENT_IMPACTS IncidentIntegrationMetadataAttributes: description: Incident integration metadata's attributes for a create request. properties: created: description: Timestamp when the incident todo was created. format: date-time readOnly: true type: string example: example_value incident_id: description: UUID of the incident this integration metadata is connected to. example: 00000000-aaaa-0000-0000-000000000000 type: string integration_type: description: >- A number indicating the type of integration this metadata is for. 1 indicates Slack; 8 indicates Jira. example: 1 format: int32 maximum: 9 type: integer metadata: $ref: '#/components/schemas/IncidentIntegrationMetadataMetadata' modified: description: Timestamp when the incident todo was last modified. format: date-time readOnly: true type: string example: example_value status: description: >- A number indicating the status of this integration metadata. 0 indicates unknown; 1 indicates pending; 2 indicates complete; 3 indicates manually created; 4 indicates manually updated; 5 indicates failed. format: int32 maximum: 5 type: integer example: 42 required: - integration_type - metadata type: object IncidentIntegrationMetadataCreateData: description: Incident integration metadata data for a create request. properties: attributes: $ref: '#/components/schemas/IncidentIntegrationMetadataAttributes' type: $ref: '#/components/schemas/IncidentIntegrationMetadataType' required: - type - attributes type: object IncidentIntegrationMetadataCreateRequest: description: Create request for an incident integration metadata. properties: data: $ref: '#/components/schemas/IncidentIntegrationMetadataCreateData' required: - data type: object IncidentIntegrationMetadataListResponse: description: Response with a list of incident integration metadata. properties: data: description: An array of incident integration metadata. items: $ref: '#/components/schemas/IncidentIntegrationMetadataResponseData' type: array included: description: Included related resources that the user requested. items: $ref: >- #/components/schemas/IncidentIntegrationMetadataResponseIncludedItem readOnly: true type: array meta: $ref: '#/components/schemas/IncidentResponseMeta' required: - data type: object IncidentIntegrationMetadataMetadata: description: Incident integration metadata's metadata attribute. oneOf: - $ref: '#/components/schemas/SlackIntegrationMetadata' - $ref: '#/components/schemas/JiraIntegrationMetadata' - $ref: '#/components/schemas/MSTeamsIntegrationMetadata' IncidentIntegrationMetadataPatchData: description: Incident integration metadata data for a patch request. properties: attributes: $ref: '#/components/schemas/IncidentIntegrationMetadataAttributes' type: $ref: '#/components/schemas/IncidentIntegrationMetadataType' required: - type - attributes type: object IncidentIntegrationMetadataPatchRequest: description: Patch request for an incident integration metadata. properties: data: $ref: '#/components/schemas/IncidentIntegrationMetadataPatchData' required: - data type: object IncidentIntegrationMetadataResponse: description: Response with an incident integration metadata. properties: data: $ref: '#/components/schemas/IncidentIntegrationMetadataResponseData' included: description: Included related resources that the user requested. items: $ref: >- #/components/schemas/IncidentIntegrationMetadataResponseIncludedItem readOnly: true type: array required: - data type: object IncidentIntegrationMetadataResponseData: description: Incident integration metadata from a response. properties: attributes: $ref: '#/components/schemas/IncidentIntegrationMetadataAttributes' id: description: The incident integration metadata's ID. example: 00000000-0000-0000-1234-000000000000 type: string relationships: $ref: '#/components/schemas/IncidentIntegrationRelationships' type: $ref: '#/components/schemas/IncidentIntegrationMetadataType' required: - id - type type: object IncidentIntegrationMetadataResponseIncludedItem: description: >- An object related to an incident integration metadata that is included in the response. oneOf: - $ref: '#/components/schemas/User' IncidentIntegrationMetadataType: default: incident_integrations description: Integration metadata resource type. enum: - incident_integrations example: incident_integrations type: string x-enum-varnames: - INCIDENT_INTEGRATIONS IncidentIntegrationRelationships: description: The incident's integration relationships from a response. properties: created_by_user: $ref: '#/components/schemas/RelationshipToUser' last_modified_by_user: $ref: '#/components/schemas/RelationshipToUser' type: object IncidentNonDatadogCreator: description: Incident's non Datadog creator. nullable: true properties: image_48_px: description: Non Datadog creator `48px` image. type: string example: example_value name: description: Non Datadog creator name. type: string example: Example Monitor type: object IncidentNotificationHandle: description: A notification handle that will be notified at incident creation. properties: display_name: description: The name of the notified handle. example: Jane Doe type: string handle: description: >- The handle used for the notification. This includes an email address, Slack channel, or workflow. example: '@test.user@test.com' type: string type: object IncidentPostmortemType: default: incident_postmortems description: Incident postmortem resource type. enum: - incident_postmortems example: incident_postmortems type: string x-enum-varnames: - INCIDENT_POSTMORTEMS IncidentRelatedObject: description: Object related to an incident. enum: - users - attachments type: string x-enum-varnames: - USERS - ATTACHMENTS IncidentRespondersType: description: The incident responders type. enum: - incident_responders example: incident_responders type: string x-enum-varnames: - INCIDENT_RESPONDERS IncidentResponse: description: Response with an incident. properties: data: $ref: '#/components/schemas/IncidentResponseData' included: description: Included related resources that the user requested. items: $ref: '#/components/schemas/IncidentResponseIncludedItem' readOnly: true type: array required: - data type: object IncidentResponseAttributes: description: The incident's attributes from a response. properties: archived: description: Timestamp of when the incident was archived. format: date-time nullable: true readOnly: true type: string example: example_value case_id: description: The incident case id. format: int64 nullable: true type: integer example: 42 created: description: Timestamp when the incident was created. format: date-time readOnly: true type: string example: example_value customer_impact_duration: description: >- Length of the incident's customer impact in seconds. Equals the difference between `customer_impact_start` and `customer_impact_end`. format: int64 readOnly: true type: integer example: 42 customer_impact_end: description: Timestamp when customers were no longer impacted by the incident. format: date-time nullable: true type: string example: example_value customer_impact_scope: description: A summary of the impact customers experienced during the incident. example: An example customer impact scope nullable: true type: string customer_impact_start: description: Timestamp when customers began being impacted by the incident. format: date-time nullable: true type: string example: example_value customer_impacted: description: A flag indicating whether the incident caused customer impact. example: false type: boolean detected: description: Timestamp when the incident was detected. format: date-time nullable: true type: string example: example_value fields: additionalProperties: $ref: '#/components/schemas/IncidentFieldAttributes' description: A condensed view of the user-defined fields attached to incidents. example: severity: type: dropdown value: SEV-5 type: object incident_type_uuid: description: A unique identifier that represents an incident type. example: 00000000-0000-0000-0000-000000000000 type: string modified: description: Timestamp when the incident was last modified. format: date-time readOnly: true type: string example: example_value non_datadog_creator: $ref: '#/components/schemas/IncidentNonDatadogCreator' notification_handles: description: >- Notification handles that will be notified of the incident during update. example: - display_name: Jane Doe handle: '@user@email.com' - display_name: Slack Channel handle: '@slack-channel' - display_name: Incident Workflow handle: '@workflow-from-incident' items: $ref: '#/components/schemas/IncidentNotificationHandle' nullable: true type: array public_id: description: The monotonically increasing integer ID for the incident. example: 1 format: int64 type: integer resolved: description: >- Timestamp when the incident's state was last changed from active or stable to resolved or completed. format: date-time nullable: true type: string example: example_value severity: $ref: '#/components/schemas/IncidentSeverity' state: description: The state incident. nullable: true type: string example: example_value time_to_detect: description: >- The amount of time in seconds to detect the incident. Equals the difference between `customer_impact_start` and `detected`. format: int64 readOnly: true type: integer example: 42 time_to_internal_response: description: >- The amount of time in seconds to call incident after detection. Equals the difference of `detected` and `created`. format: int64 readOnly: true type: integer example: 42 time_to_repair: description: >- The amount of time in seconds to resolve customer impact after detecting the issue. Equals the difference between `customer_impact_end` and `detected`. format: int64 readOnly: true type: integer example: 42 time_to_resolve: description: >- The amount of time in seconds to resolve the incident after it was created. Equals the difference between `created` and `resolved`. format: int64 readOnly: true type: integer example: 42 title: description: The title of the incident, which summarizes what happened. example: A test incident title type: string visibility: description: The incident visibility status. nullable: true type: string example: example_value required: - title type: object IncidentResponseData: description: Incident data from a response. properties: attributes: $ref: '#/components/schemas/IncidentResponseAttributes' id: description: The incident's ID. example: 00000000-0000-0000-1234-000000000000 type: string relationships: $ref: '#/components/schemas/IncidentResponseRelationships' type: $ref: '#/components/schemas/IncidentType' required: - id - type type: object x-merge-override: required: false IncidentResponseIncludedItem: description: An object related to an incident that is included in the response. oneOf: - $ref: '#/components/schemas/IncidentUserData' - $ref: '#/components/schemas/IncidentAttachmentData' IncidentResponseMeta: description: The metadata object containing pagination metadata. properties: pagination: $ref: '#/components/schemas/IncidentResponseMetaPagination' readOnly: true type: object IncidentResponseMetaPagination: description: Pagination properties. properties: next_offset: description: >- The index of the first element in the next page of results. Equal to page size added to the current offset. example: 1000 format: int64 type: integer offset: description: The index of the first element in the results. example: 10 format: int64 type: integer size: description: Maximum size of pages to return. example: 1000 format: int64 type: integer type: object IncidentResponseRelationships: description: The incident's relationships from a response. properties: attachments: $ref: '#/components/schemas/RelationshipToIncidentAttachment' commander_user: $ref: '#/components/schemas/NullableRelationshipToUser' created_by_user: $ref: '#/components/schemas/RelationshipToUser' impacts: $ref: '#/components/schemas/RelationshipToIncidentImpacts' integrations: $ref: '#/components/schemas/RelationshipToIncidentIntegrationMetadatas' last_modified_by_user: $ref: '#/components/schemas/RelationshipToUser' responders: $ref: '#/components/schemas/RelationshipToIncidentResponders' user_defined_fields: $ref: '#/components/schemas/RelationshipToIncidentUserDefinedFields' type: object IncidentSearchResponse: description: Response with incidents and facets. properties: data: $ref: '#/components/schemas/IncidentSearchResponseData' included: description: Included related resources that the user requested. items: $ref: '#/components/schemas/IncidentResponseIncludedItem' readOnly: true type: array meta: $ref: '#/components/schemas/IncidentSearchResponseMeta' required: - data type: object IncidentSearchResponseAttributes: description: Attributes returned by an incident search. properties: facets: $ref: '#/components/schemas/IncidentSearchResponseFacetsData' incidents: description: Incidents returned by the search. items: $ref: '#/components/schemas/IncidentSearchResponseIncidentsData' type: array total: description: Number of incidents returned by the search. example: 10 format: int32 maximum: 2147483647 type: integer required: - facets - incidents - total type: object IncidentSearchResponseData: description: Data returned by an incident search. properties: attributes: $ref: '#/components/schemas/IncidentSearchResponseAttributes' type: $ref: '#/components/schemas/IncidentSearchResultsType' type: object IncidentSearchResponseFacetCount: description: Count of the facet value appearing in search results. example: 5 format: int32 maximum: 2147483647 type: integer IncidentSearchResponseFacetsData: description: Facet data for incidents returned by a search query. properties: commander: description: Facet data for incident commander users. items: $ref: '#/components/schemas/IncidentSearchResponseUserFacetData' type: array created_by: description: Facet data for incident creator users. items: $ref: '#/components/schemas/IncidentSearchResponseUserFacetData' type: array fields: description: Facet data for incident property fields. items: $ref: '#/components/schemas/IncidentSearchResponsePropertyFieldFacetData' type: array impact: description: Facet data for incident impact attributes. items: $ref: '#/components/schemas/IncidentSearchResponseFieldFacetData' type: array last_modified_by: description: Facet data for incident last modified by users. items: $ref: '#/components/schemas/IncidentSearchResponseUserFacetData' type: array postmortem: description: Facet data for incident postmortem existence. items: $ref: '#/components/schemas/IncidentSearchResponseFieldFacetData' type: array responder: description: Facet data for incident responder users. items: $ref: '#/components/schemas/IncidentSearchResponseUserFacetData' type: array severity: description: Facet data for incident severity attributes. items: $ref: '#/components/schemas/IncidentSearchResponseFieldFacetData' type: array state: description: Facet data for incident state attributes. items: $ref: '#/components/schemas/IncidentSearchResponseFieldFacetData' type: array time_to_repair: description: Facet data for incident time to repair metrics. items: $ref: '#/components/schemas/IncidentSearchResponseNumericFacetData' type: array time_to_resolve: description: Facet data for incident time to resolve metrics. items: $ref: '#/components/schemas/IncidentSearchResponseNumericFacetData' type: array type: object IncidentSearchResponseFieldFacetData: description: >- Facet value and number of occurrences for a property field of an incident. properties: count: $ref: '#/components/schemas/IncidentSearchResponseFacetCount' name: description: The facet value appearing in search results. example: SEV-2 type: string type: object IncidentSearchResponseIncidentsData: description: Incident returned by the search. properties: data: $ref: '#/components/schemas/IncidentResponseData' required: - data type: object IncidentSearchResponseMeta: description: The metadata object containing pagination metadata. properties: pagination: $ref: '#/components/schemas/IncidentResponseMetaPagination' readOnly: true type: object IncidentSearchResponseNumericFacetData: description: Facet data numeric attributes of an incident. properties: aggregates: $ref: >- #/components/schemas/IncidentSearchResponseNumericFacetDataAggregates name: description: Name of the incident property field. example: time_to_repair type: string required: - name - aggregates type: object IncidentSearchResponseNumericFacetDataAggregates: description: Aggregate information for numeric incident data. properties: max: description: Maximum value of the numeric aggregates. example: 1234 format: double nullable: true type: number min: description: Minimum value of the numeric aggregates. example: 20 format: double nullable: true type: number type: object IncidentSearchResponsePropertyFieldFacetData: description: Facet data for the incident property fields. properties: aggregates: $ref: >- #/components/schemas/IncidentSearchResponseNumericFacetDataAggregates facets: description: Facet data for the property field of an incident. items: $ref: '#/components/schemas/IncidentSearchResponseFieldFacetData' type: array name: description: Name of the incident property field. example: Severity type: string required: - facets - name type: object IncidentSearchResponseUserFacetData: description: Facet data for user attributes of an incident. properties: count: $ref: '#/components/schemas/IncidentSearchResponseFacetCount' email: description: Email of the user. example: datadog.user@example.com type: string handle: description: Handle of the user. example: '@datadog.user@example.com' type: string name: description: Name of the user. example: Datadog User type: string uuid: description: ID of the user. example: 773b045d-ccf8-4808-bd3b-955ef6a8c940 type: string type: object IncidentSearchResultsType: default: incidents_search_results description: Incident search result type. enum: - incidents_search_results example: incidents_search_results type: string x-enum-varnames: - INCIDENTS_SEARCH_RESULTS IncidentSearchSortOrder: description: The ways searched incidents can be sorted. enum: - created - '-created' type: string x-enum-varnames: - CREATED_ASCENDING - CREATED_DESCENDING IncidentServiceCreateAttributes: description: The incident service's attributes for a create request. properties: name: description: Name of the incident service. example: an example service name type: string required: - name type: object IncidentServiceCreateData: description: Incident Service payload for create requests. properties: attributes: $ref: '#/components/schemas/IncidentServiceCreateAttributes' relationships: $ref: '#/components/schemas/IncidentServiceRelationships' type: $ref: '#/components/schemas/IncidentServiceType' required: - type type: object IncidentServiceCreateRequest: description: Create request with an incident service payload. properties: data: $ref: '#/components/schemas/IncidentServiceCreateData' required: - data type: object IncidentServiceIncludedItems: description: >- An object related to an incident service which is present in the included payload. oneOf: - $ref: '#/components/schemas/User' IncidentServiceRelationships: description: The incident service's relationships. properties: created_by: $ref: '#/components/schemas/RelationshipToUser' last_modified_by: $ref: '#/components/schemas/RelationshipToUser' readOnly: true type: object IncidentServiceResponse: description: Response with an incident service payload. properties: data: $ref: '#/components/schemas/IncidentServiceResponseData' included: description: Included objects from relationships. items: $ref: '#/components/schemas/IncidentServiceIncludedItems' readOnly: true type: array required: - data type: object IncidentServiceResponseAttributes: description: The incident service's attributes from a response. properties: created: description: Timestamp of when the incident service was created. format: date-time readOnly: true type: string example: example_value modified: description: Timestamp of when the incident service was modified. format: date-time readOnly: true type: string example: example_value name: description: Name of the incident service. example: service name type: string type: object IncidentServiceResponseData: description: Incident Service data from responses. properties: attributes: $ref: '#/components/schemas/IncidentServiceResponseAttributes' id: description: The incident service's ID. example: 00000000-0000-0000-0000-000000000000 type: string relationships: $ref: '#/components/schemas/IncidentServiceRelationships' type: $ref: '#/components/schemas/IncidentServiceType' required: - id - type type: object IncidentServiceType: default: services description: Incident service resource type. enum: - services example: services type: string x-enum-varnames: - SERVICES IncidentServiceUpdateAttributes: description: The incident service's attributes for an update request. properties: name: description: Name of the incident service. example: an example service name type: string required: - name type: object IncidentServiceUpdateData: description: Incident Service payload for update requests. properties: attributes: $ref: '#/components/schemas/IncidentServiceUpdateAttributes' id: description: The incident service's ID. example: 00000000-0000-0000-0000-000000000000 type: string relationships: $ref: '#/components/schemas/IncidentServiceRelationships' type: $ref: '#/components/schemas/IncidentServiceType' required: - type type: object IncidentServiceUpdateRequest: description: Update request with an incident service payload. properties: data: $ref: '#/components/schemas/IncidentServiceUpdateData' required: - data type: object IncidentServicesResponse: description: Response with a list of incident service payloads. properties: data: description: An array of incident services. example: - id: 00000000-0000-0000-0000-000000000000 type: services items: $ref: '#/components/schemas/IncidentServiceResponseData' type: array included: description: Included related resources which the user requested. items: $ref: '#/components/schemas/IncidentServiceIncludedItems' readOnly: true type: array meta: $ref: '#/components/schemas/IncidentResponseMeta' required: - data type: object IncidentSeverity: description: The incident severity. enum: - UNKNOWN - SEV-0 - SEV-1 - SEV-2 - SEV-3 - SEV-4 - SEV-5 example: UNKNOWN type: string x-enum-varnames: - UNKNOWN - SEV_0 - SEV_1 - SEV_2 - SEV_3 - SEV_4 - SEV_5 IncidentTeamCreateAttributes: description: The incident team's attributes for a create request. properties: name: description: Name of the incident team. example: team name type: string required: - name type: object IncidentTeamCreateData: description: Incident Team data for a create request. properties: attributes: $ref: '#/components/schemas/IncidentTeamCreateAttributes' relationships: $ref: '#/components/schemas/IncidentTeamRelationships' type: $ref: '#/components/schemas/IncidentTeamType' required: - type type: object IncidentTeamCreateRequest: description: Create request with an incident team payload. properties: data: $ref: '#/components/schemas/IncidentTeamCreateData' required: - data type: object IncidentTeamIncludedItems: description: >- An object related to an incident team which is present in the included payload. oneOf: - $ref: '#/components/schemas/User' IncidentTeamRelationships: description: The incident team's relationships. properties: created_by: $ref: '#/components/schemas/RelationshipToUser' last_modified_by: $ref: '#/components/schemas/RelationshipToUser' readOnly: true type: object IncidentTeamResponse: description: Response with an incident team payload. properties: data: $ref: '#/components/schemas/IncidentTeamResponseData' included: description: Included objects from relationships. items: $ref: '#/components/schemas/IncidentTeamIncludedItems' readOnly: true type: array required: - data type: object IncidentTeamResponseAttributes: description: The incident team's attributes from a response. properties: created: description: Timestamp of when the incident team was created. format: date-time readOnly: true type: string example: example_value modified: description: Timestamp of when the incident team was modified. format: date-time readOnly: true type: string example: example_value name: description: Name of the incident team. example: team name type: string type: object IncidentTeamResponseData: description: Incident Team data from a response. properties: attributes: $ref: '#/components/schemas/IncidentTeamResponseAttributes' id: description: The incident team's ID. example: 00000000-7ea3-0000-000a-000000000000 type: string relationships: $ref: '#/components/schemas/IncidentTeamRelationships' type: $ref: '#/components/schemas/IncidentTeamType' type: object IncidentTeamType: default: teams description: Incident Team resource type. enum: - teams example: teams type: string x-enum-varnames: - TEAMS IncidentTeamUpdateAttributes: description: The incident team's attributes for an update request. properties: name: description: Name of the incident team. example: team name type: string required: - name type: object IncidentTeamUpdateData: description: Incident Team data for an update request. properties: attributes: $ref: '#/components/schemas/IncidentTeamUpdateAttributes' id: description: The incident team's ID. example: 00000000-7ea3-0000-0001-000000000000 type: string relationships: $ref: '#/components/schemas/IncidentTeamRelationships' type: $ref: '#/components/schemas/IncidentTeamType' required: - type type: object IncidentTeamUpdateRequest: description: Update request with an incident team payload. properties: data: $ref: '#/components/schemas/IncidentTeamUpdateData' required: - data type: object IncidentTeamsResponse: description: Response with a list of incident team payloads. properties: data: description: An array of incident teams. example: - attributes: name: team name id: 00000000-7ea3-0000-0000-000000000000 type: teams items: $ref: '#/components/schemas/IncidentTeamResponseData' type: array included: description: Included related resources which the user requested. items: $ref: '#/components/schemas/IncidentTeamIncludedItems' readOnly: true type: array meta: $ref: '#/components/schemas/IncidentResponseMeta' required: - data type: object IncidentTimelineCellCreateAttributes: description: The timeline cell's attributes for a create request. oneOf: - $ref: '#/components/schemas/IncidentTimelineCellMarkdownCreateAttributes' IncidentTimelineCellMarkdownContentType: default: markdown description: Type of the Markdown timeline cell. enum: - markdown example: markdown type: string x-enum-varnames: - MARKDOWN IncidentTimelineCellMarkdownCreateAttributes: description: Timeline cell data for Markdown timeline cells for a create request. properties: cell_type: $ref: '#/components/schemas/IncidentTimelineCellMarkdownContentType' content: $ref: >- #/components/schemas/IncidentTimelineCellMarkdownCreateAttributesContent important: default: false description: >- A flag indicating whether the timeline cell is important and should be highlighted. example: false type: boolean required: - content - cell_type type: object IncidentTimelineCellMarkdownCreateAttributesContent: description: The Markdown timeline cell contents. properties: content: description: The Markdown content of the cell. example: An example timeline cell message. nullable: false type: string type: object IncidentTodoAnonymousAssignee: description: Anonymous assignee entity. properties: icon: description: URL for assignee's icon. example: https://a.slack-edge.com/80588/img/slackbot_48.png type: string id: description: Anonymous assignee's ID. example: USLACKBOT type: string name: description: Assignee's name. example: Slackbot type: string source: $ref: '#/components/schemas/IncidentTodoAnonymousAssigneeSource' required: - id - icon - name - source type: object IncidentTodoAnonymousAssigneeSource: default: slack description: The source of the anonymous assignee. enum: - slack - microsoft_teams example: slack type: string x-enum-varnames: - SLACK - MICROSOFT_TEAMS IncidentTodoAssignee: description: A todo assignee. example: '@test.user@test.com' oneOf: - $ref: '#/components/schemas/IncidentTodoAssigneeHandle' - $ref: '#/components/schemas/IncidentTodoAnonymousAssignee' IncidentTodoAssigneeArray: description: Array of todo assignees. example: - '@test.user@test.com' items: $ref: '#/components/schemas/IncidentTodoAssignee' type: array IncidentTodoAssigneeHandle: description: Assignee's @-handle. example: '@test.user@test.com' type: string IncidentTodoAttributes: description: Incident todo's attributes. properties: assignees: $ref: '#/components/schemas/IncidentTodoAssigneeArray' completed: description: Timestamp when the todo was completed. example: '2023-03-06T22:00:00.000000+00:00' nullable: true type: string content: description: The follow-up task's content. example: Restore lost data. type: string created: description: Timestamp when the incident todo was created. format: date-time readOnly: true type: string example: example_value due_date: description: Timestamp when the todo should be completed by. example: '2023-07-10T05:00:00.000000+00:00' nullable: true type: string incident_id: description: UUID of the incident this todo is connected to. example: 00000000-aaaa-0000-0000-000000000000 type: string modified: description: Timestamp when the incident todo was last modified. format: date-time readOnly: true type: string example: example_value required: - content - assignees type: object IncidentTodoCreateData: description: Incident todo data for a create request. properties: attributes: $ref: '#/components/schemas/IncidentTodoAttributes' type: $ref: '#/components/schemas/IncidentTodoType' required: - type - attributes type: object IncidentTodoCreateRequest: description: Create request for an incident todo. properties: data: $ref: '#/components/schemas/IncidentTodoCreateData' required: - data type: object IncidentTodoListResponse: description: Response with a list of incident todos. properties: data: description: An array of incident todos. items: $ref: '#/components/schemas/IncidentTodoResponseData' type: array included: description: Included related resources that the user requested. items: $ref: '#/components/schemas/IncidentTodoResponseIncludedItem' readOnly: true type: array meta: $ref: '#/components/schemas/IncidentResponseMeta' required: - data type: object IncidentTodoPatchData: description: Incident todo data for a patch request. properties: attributes: $ref: '#/components/schemas/IncidentTodoAttributes' type: $ref: '#/components/schemas/IncidentTodoType' required: - type - attributes type: object IncidentTodoPatchRequest: description: Patch request for an incident todo. properties: data: $ref: '#/components/schemas/IncidentTodoPatchData' required: - data type: object IncidentTodoRelationships: description: The incident's relationships from a response. properties: created_by_user: $ref: '#/components/schemas/RelationshipToUser' last_modified_by_user: $ref: '#/components/schemas/RelationshipToUser' type: object IncidentTodoResponse: description: Response with an incident todo. properties: data: $ref: '#/components/schemas/IncidentTodoResponseData' included: description: Included related resources that the user requested. items: $ref: '#/components/schemas/IncidentTodoResponseIncludedItem' readOnly: true type: array required: - data type: object IncidentTodoResponseData: description: Incident todo response data. properties: attributes: $ref: '#/components/schemas/IncidentTodoAttributes' id: description: The incident todo's ID. example: 00000000-0000-0000-1234-000000000000 type: string relationships: $ref: '#/components/schemas/IncidentTodoRelationships' type: $ref: '#/components/schemas/IncidentTodoType' required: - id - type type: object IncidentTodoResponseIncludedItem: description: An object related to an incident todo that is included in the response. oneOf: - $ref: '#/components/schemas/User' IncidentTodoType: default: incident_todos description: Todo resource type. enum: - incident_todos example: incident_todos type: string x-enum-varnames: - INCIDENT_TODOS IncidentTrigger: description: >- Trigger a workflow from an Incident. For automatic triggering a handle must be configured and the workflow must be published. properties: rateLimit: $ref: '#/components/schemas/TriggerRateLimit' type: object IncidentTriggerWrapper: description: Schema for an Incident-based trigger. properties: incidentTrigger: $ref: '#/components/schemas/IncidentTrigger' startStepNames: $ref: '#/components/schemas/StartStepNames' required: - incidentTrigger type: object IncidentType: default: incidents description: Incident resource type. enum: - incidents example: incidents type: string x-enum-varnames: - INCIDENTS IncidentTypeAttributes: description: Incident type's attributes. properties: createdAt: description: Timestamp when the incident type was created. format: date-time readOnly: true type: string example: example_value createdBy: description: >- A unique identifier that represents the user that created the incident type. example: 00000000-0000-0000-0000-000000000000 readOnly: true type: string description: description: Text that describes the incident type. example: >- Any incidents that harm (or have the potential to) the confidentiality, integrity, or availability of our data. type: string is_default: default: false description: >- If true, this incident type will be used as the default incident type if a type is not specified during the creation of incident resources. example: false type: boolean lastModifiedBy: description: >- A unique identifier that represents the user that last modified the incident type. example: 00000000-0000-0000-0000-000000000000 readOnly: true type: string modifiedAt: description: Timestamp when the incident type was last modified. format: date-time readOnly: true type: string example: example_value name: description: The name of the incident type. example: Security Incident type: string prefix: description: >- The string that will be prepended to the incident title across the Datadog app. example: IR readOnly: true type: string required: - name type: object IncidentTypeCreateData: description: Incident type data for a create request. properties: attributes: $ref: '#/components/schemas/IncidentTypeAttributes' type: $ref: '#/components/schemas/IncidentTypeType' required: - type - attributes type: object IncidentTypeCreateRequest: description: Create request for an incident type. properties: data: $ref: '#/components/schemas/IncidentTypeCreateData' required: - data type: object IncidentTypeListResponse: description: Response with a list of incident types. properties: data: description: An array of incident type objects. items: $ref: '#/components/schemas/IncidentTypeObject' type: array required: - data type: object IncidentTypeObject: description: Incident type response data. properties: attributes: $ref: '#/components/schemas/IncidentTypeAttributes' id: description: The incident type's ID. example: 00000000-0000-0000-0000-000000000000 type: string type: $ref: '#/components/schemas/IncidentTypeType' required: - id - type type: object IncidentTypePatchData: description: Incident type data for a patch request. properties: attributes: $ref: '#/components/schemas/IncidentTypeUpdateAttributes' id: description: The incident type's ID. example: 00000000-0000-0000-0000-000000000000 type: string type: $ref: '#/components/schemas/IncidentTypeType' required: - id - type - attributes type: object IncidentTypePatchRequest: description: Patch request for an incident type. properties: data: $ref: '#/components/schemas/IncidentTypePatchData' required: - data type: object IncidentTypeResponse: description: Incident type response data. properties: data: $ref: '#/components/schemas/IncidentTypeObject' required: - data type: object IncidentTypeType: default: incident_types description: Incident type resource type. enum: - incident_types example: incident_types type: string x-enum-varnames: - INCIDENT_TYPES IncidentTypeUpdateAttributes: description: Incident type's attributes for updates. properties: createdAt: description: Timestamp when the incident type was created. format: date-time readOnly: true type: string example: example_value createdBy: description: >- A unique identifier that represents the user that created the incident type. example: 00000000-0000-0000-0000-000000000000 readOnly: true type: string description: description: Text that describes the incident type. example: >- Any incidents that harm (or have the potential to) the confidentiality, integrity, or availability of our data. Note: This will notify the security team. type: string is_default: description: >- When true, this incident type will be used as the default type when an incident type is not specified. example: false type: boolean lastModifiedBy: description: >- A unique identifier that represents the user that last modified the incident type. example: 00000000-0000-0000-0000-000000000000 readOnly: true type: string modifiedAt: description: Timestamp when the incident type was last modified. format: date-time readOnly: true type: string example: example_value name: description: The name of the incident type. example: Security Incident type: string prefix: description: >- The string that will be prepended to the incident title across the Datadog app. example: IR readOnly: true type: string type: object IncidentUpdateAttributes: description: The incident's attributes for an update request. properties: customer_impact_end: description: Timestamp when customers were no longer impacted by the incident. format: date-time nullable: true type: string example: example_value customer_impact_scope: description: A summary of the impact customers experienced during the incident. example: Example customer impact scope type: string customer_impact_start: description: Timestamp when customers began being impacted by the incident. format: date-time nullable: true type: string example: example_value customer_impacted: description: A flag indicating whether the incident caused customer impact. example: false type: boolean detected: description: Timestamp when the incident was detected. format: date-time nullable: true type: string example: example_value fields: additionalProperties: $ref: '#/components/schemas/IncidentFieldAttributes' description: >- A condensed view of the user-defined fields for which to update selections. example: severity: type: dropdown value: SEV-5 type: object notification_handles: description: >- Notification handles that will be notified of the incident during update. example: - display_name: Jane Doe handle: '@user@email.com' - display_name: Slack Channel handle: '@slack-channel' - display_name: Incident Workflow handle: '@workflow-from-incident' items: $ref: '#/components/schemas/IncidentNotificationHandle' type: array title: description: The title of the incident, which summarizes what happened. example: A test incident title type: string type: object IncidentUpdateData: description: Incident data for an update request. properties: attributes: $ref: '#/components/schemas/IncidentUpdateAttributes' id: description: The incident's ID. example: 00000000-0000-0000-4567-000000000000 type: string relationships: $ref: '#/components/schemas/IncidentUpdateRelationships' type: $ref: '#/components/schemas/IncidentType' required: - id - type type: object IncidentUpdateRelationships: description: The incident's relationships for an update request. properties: commander_user: $ref: '#/components/schemas/NullableRelationshipToUser' integrations: $ref: '#/components/schemas/RelationshipToIncidentIntegrationMetadatas' postmortem: $ref: '#/components/schemas/RelationshipToIncidentPostmortem' type: object IncidentUpdateRequest: description: Update request for an incident. properties: data: $ref: '#/components/schemas/IncidentUpdateData' required: - data type: object IncidentUserAttributes: description: Attributes of user object returned by the API. properties: email: description: Email of the user. type: string example: user@example.com handle: description: Handle of the user. type: string example: example_value icon: description: URL of the user's icon. type: string example: example_value name: description: Name of the user. nullable: true type: string example: Example Monitor uuid: description: UUID of the user. type: string example: abc-123-def type: object IncidentUserData: description: User object returned by the API. properties: attributes: $ref: '#/components/schemas/IncidentUserAttributes' id: description: ID of the user. type: string example: abc-123-def type: $ref: '#/components/schemas/UsersType' type: object IncidentUserDefinedFieldType: description: The incident user defined fields type. enum: - user_defined_field example: user_defined_field type: string x-enum-varnames: - USER_DEFINED_FIELD IncidentsResponse: description: Response with a list of incidents. properties: data: description: An array of incidents. example: - attributes: created: '2020-04-21T15:34:08.627205+00:00' creation_idempotency_key: customer_impact_duration: 0 customer_impact_end: customer_impact_scope: customer_impact_start: customer_impacted: false detected: '2020-04-14T00:00:00+00:00' incident_type_uuid: 00000000-0000-0000-0000-000000000001 modified: '2020-09-17T14:16:58.696424+00:00' public_id: 1 resolved: severity: SEV-1 time_to_detect: 0 time_to_internal_response: 0 time_to_repair: 0 time_to_resolve: 0 title: Example Incident id: 00000000-aaaa-0000-0000-000000000000 relationships: attachments: data: - id: 00000000-9999-0000-0000-000000000000 type: incident_attachments - id: 00000000-1234-0000-0000-000000000000 type: incident_attachments commander_user: data: id: 00000000-0000-0000-cccc-000000000000 type: users created_by_user: data: id: 00000000-0000-0000-cccc-000000000000 type: users integrations: data: - id: 00000000-0000-0000-4444-000000000000 type: incident_integrations - id: 00000000-0000-0000-5555-000000000000 type: incident_integrations last_modified_by_user: data: id: 00000000-0000-0000-cccc-000000000000 type: users type: incidents - attributes: created: '2020-04-21T15:34:08.627205+00:00' creation_idempotency_key: customer_impact_duration: 0 customer_impact_end: customer_impact_scope: customer_impact_start: customer_impacted: false detected: '2020-04-14T00:00:00+00:00' incident_type_uuid: 00000000-0000-0000-0000-000000000002 modified: '2020-09-17T14:16:58.696424+00:00' public_id: 2 resolved: severity: SEV-5 time_to_detect: 0 time_to_internal_response: 0 time_to_repair: 0 time_to_resolve: 0 title: Example Incident 2 id: 00000000-1111-0000-0000-000000000000 relationships: attachments: data: - id: 00000000-9999-0000-0000-000000000000 type: incident_attachments commander_user: data: id: 00000000-aaaa-0000-0000-000000000000 type: users created_by_user: data: id: 00000000-aaaa-0000-0000-000000000000 type: users integrations: data: - id: 00000000-0000-0000-0001-000000000000 type: incident_integrations - id: 00000000-0000-0000-0002-000000000000 type: incident_integrations last_modified_by_user: data: id: 00000000-aaaa-0000-0000-000000000000 type: users type: incidents items: $ref: '#/components/schemas/IncidentResponseData' type: array included: description: Included related resources that the user requested. items: $ref: '#/components/schemas/IncidentResponseIncludedItem' readOnly: true type: array meta: $ref: '#/components/schemas/IncidentResponseMeta' required: - data type: object IncludeType: description: Supported include types. enum: - schema - raw_schema - oncall - incident - relation type: string x-enum-varnames: - SCHEMA - RAW_SCHEMA - ONCALL - INCIDENT - RELATION InputSchema: description: >- A list of input parameters for the workflow. These can be used as dynamic runtime values in your workflow. properties: parameters: description: The `InputSchema` `parameters`. items: $ref: '#/components/schemas/InputSchemaParameters' type: array type: object InputSchemaParameters: description: The definition of `InputSchemaParameters` object. properties: defaultValue: description: The `InputSchemaParameters` `defaultValue`. example: example_value description: description: The `InputSchemaParameters` `description`. type: string example: example_value label: description: The `InputSchemaParameters` `label`. type: string example: example_value name: description: The `InputSchemaParameters` `name`. example: '' type: string type: $ref: '#/components/schemas/InputSchemaParametersType' required: - name - type type: object InputSchemaParametersType: description: The definition of `InputSchemaParametersType` object. enum: - STRING - NUMBER - BOOLEAN - OBJECT - ARRAY_STRING - ARRAY_NUMBER - ARRAY_BOOLEAN - ARRAY_OBJECT example: STRING type: string x-enum-varnames: - STRING - NUMBER - BOOLEAN - OBJECT - ARRAY_STRING - ARRAY_NUMBER - ARRAY_BOOLEAN - ARRAY_OBJECT IntakePayloadAccepted: description: The payload accepted for intake. properties: errors: description: A list of errors. items: description: An empty error list. type: string type: array type: object InterfaceAttributes: description: The interface attributes properties: alias: description: The interface alias example: interface_0 type: string description: description: The interface description example: a network interface type: string index: description: The interface index example: 0 format: int64 type: integer ip_addresses: description: The interface IP addresses example: - 1.1.1.1 - 1.1.1.2 items: type: string type: array mac_address: description: The interface MAC address example: '00:00:00:00:00:00' type: string name: description: The interface name example: if0 type: string status: $ref: '#/components/schemas/InterfaceAttributesStatus' type: object InterfaceAttributesStatus: description: The interface status enum: - up - down - warning - 'off' example: up type: string x-enum-varnames: - UP - DOWN - WARNING - 'OFF' JSONAPIErrorItem: description: API error response body properties: detail: description: >- A human-readable explanation specific to this occurrence of the error. example: Missing required attribute in body type: string meta: additionalProperties: {} description: Non-standard meta-information about the error type: object source: $ref: '#/components/schemas/JSONAPIErrorItemSource' status: description: Status code of the response. example: '400' type: string title: description: Short human-readable summary of the error. example: Bad Request type: string type: object JSONAPIErrorItemSource: description: References to the source of the error. properties: header: description: >- A string indicating the name of a single request header which caused the error. example: Authorization type: string parameter: description: A string indicating which URI query parameter caused the error. example: limit type: string pointer: description: >- A JSON pointer to the value in the request document that caused the error. example: /data/attributes/title type: string type: object JSONAPIErrorResponse: description: API error response. properties: errors: description: A list of errors. items: $ref: '#/components/schemas/JSONAPIErrorItem' type: array required: - errors type: object JiraIntegrationMetadata: description: Incident integration metadata for the Jira integration. properties: issues: description: Array of Jira issues in this integration metadata. example: [] items: $ref: '#/components/schemas/JiraIntegrationMetadataIssuesItem' type: array required: - issues type: object JiraIntegrationMetadataIssuesItem: description: Item in the Jira integration metadata issue array. properties: account: description: URL of issue's Jira account. example: https://example.atlassian.net type: string issue_key: description: Jira issue's issue key. example: PROJ-123 type: string issuetype_id: description: Jira issue's issue type. example: '1000' type: string project_key: description: Jira issue's project keys. example: PROJ type: string redirect_url: description: URL redirecting to the Jira issue. example: https://example.atlassian.net/browse/PROJ-123 type: string required: - project_key - account type: object JiraIssue: description: Jira issue attached to case nullable: true properties: result: $ref: '#/components/schemas/JiraIssueResult' status: $ref: '#/components/schemas/Case3rdPartyTicketStatus' readOnly: true type: object JiraIssueResult: description: Jira issue information properties: issue_id: description: Jira issue ID type: string example: abc-123-def issue_key: description: Jira issue key type: string example: example_value issue_url: description: Jira issue URL type: string example: https://app.datadoghq.com project_key: description: Jira project key type: string example: example_value type: object JobCreateResponse: description: Run a historical job response. properties: data: $ref: '#/components/schemas/JobCreateResponseData' type: object JobCreateResponseData: description: The definition of `JobCreateResponseData` object. properties: id: description: ID of the created job. type: string example: abc-123-def type: $ref: '#/components/schemas/HistoricalJobDataType' type: object JobDefinition: description: Definition of a historical job. properties: calculatedFields: description: Calculated fields. items: $ref: '#/components/schemas/CalculatedField' type: array cases: description: Cases used for generating job results. items: $ref: '#/components/schemas/SecurityMonitoringRuleCaseCreate' type: array from: description: Starting time of data analyzed by the job. example: 1729843470000 format: int64 type: integer groupSignalsBy: description: >- Additional grouping to perform on top of the existing groups in the query section. Must be a subset of the existing groups. example: - service items: description: Field to group by. type: string type: array index: description: Index used to load the data. example: cloud_siem type: string message: description: Message for generated results. example: A large number of failed login attempts. type: string name: description: Job name. example: Excessive number of failed attempts. type: string options: $ref: '#/components/schemas/HistoricalJobOptions' queries: description: Queries for selecting logs analyzed by the job. items: $ref: '#/components/schemas/HistoricalJobQuery' type: array referenceTables: description: Reference tables used in the queries. items: $ref: '#/components/schemas/SecurityMonitoringReferenceTable' type: array tags: description: Tags for generated signals. items: type: string type: array thirdPartyCases: description: >- Cases for generating results from third-party detection method. Only available for third-party detection method. example: [] items: $ref: '#/components/schemas/SecurityMonitoringThirdPartyRuleCaseCreate' type: array to: description: Ending time of data analyzed by the job. example: 1729847070000 format: int64 type: integer type: description: Job type. type: string example: metric alert required: - from - to - index - name - cases - queries - message type: object JobDefinitionFromRule: description: Definition of a historical job based on a security monitoring rule. properties: caseIndex: description: Index of the rule case applied by the job. example: 0 format: int32 maximum: 9 type: integer from: description: Starting time of data analyzed by the job. example: 1729843470000 format: int64 type: integer id: description: ID of the detection rule used to create the job. example: abc-def-ghi type: string index: description: Index used to load the data. example: cloud_siem type: string notifications: description: Notifications sent when the job is completed. example: - '@sns-cloudtrail-results' items: type: string type: array to: description: Ending time of data analyzed by the job. example: 1729847070000 format: int64 type: integer required: - id - from - to - index - caseIndex type: object Layer: description: >- Encapsulates a layer resource, holding attributes like rotation details, plus relationships to the members covering that layer. properties: attributes: $ref: '#/components/schemas/LayerAttributes' id: description: A unique identifier for this layer. type: string example: abc-123-def relationships: $ref: '#/components/schemas/LayerRelationships' type: $ref: '#/components/schemas/LayerType' required: - type type: object LayerAttributes: description: >- Describes key properties of a Layer, including rotation details, name, start/end times, and any restrictions. properties: effective_date: description: When the layer becomes active (ISO 8601). format: date-time type: string example: '2026-04-17T12:00:00Z' end_date: description: When the layer ceases to be active (ISO 8601). format: date-time type: string example: '2026-04-17T12:00:00Z' interval: $ref: '#/components/schemas/LayerAttributesInterval' name: description: The name of this layer. example: Weekend Layer type: string restrictions: description: >- An optional list of time restrictions for when this layer is in effect. items: $ref: '#/components/schemas/TimeRestriction' type: array rotation_start: description: The date/time when the rotation starts (ISO 8601). format: date-time type: string example: example_value type: object LayerAttributesInterval: description: >- Defines how often the rotation repeats, using a combination of days and optional seconds. properties: days: description: The number of days in each rotation cycle. example: 1 format: int32 maximum: 400 type: integer seconds: description: Any additional seconds for the rotation cycle (up to 30 days). example: 300 format: int64 maximum: 2592000 type: integer type: object LayerRelationships: description: >- Holds references to objects related to the Layer entity, such as its members. properties: members: $ref: '#/components/schemas/LayerRelationshipsMembers' type: object LayerRelationshipsMembers: description: >- Holds an array of references to the members of a Layer, each containing member IDs. properties: data: description: The list of members who belong to this layer. items: $ref: '#/components/schemas/LayerRelationshipsMembersDataItems' type: array type: object LayerRelationshipsMembersDataItems: description: >- Represents a single member object in a layer's `members` array, referencing a unique Datadog user ID. properties: id: description: The unique user ID of the layer member. example: 00000000-0000-0000-0000-000000000002 type: string type: $ref: '#/components/schemas/LayerRelationshipsMembersDataItemsType' required: - type - id type: object LayerRelationshipsMembersDataItemsType: default: members description: Members resource type. enum: - members example: members type: string x-enum-varnames: - MEMBERS LayerType: default: layers description: Layers resource type. enum: - layers example: layers type: string x-enum-varnames: - LAYERS LeakedKey: description: The definition of LeakedKey object. properties: attributes: $ref: '#/components/schemas/LeakedKeyAttributes' id: description: The LeakedKey id. example: id type: string type: $ref: '#/components/schemas/LeakedKeyType' required: - attributes - id - type type: object LeakedKeyAttributes: description: The definition of LeakedKeyAttributes object. properties: date: description: The LeakedKeyAttributes date. example: '2017-07-21T17:32:28Z' format: date-time type: string leak_source: description: The LeakedKeyAttributes leak_source. type: string example: example_value required: - date type: object LeakedKeyType: default: leaked_keys description: The definition of LeakedKeyType object. enum: - leaked_keys example: leaked_keys type: string x-enum-varnames: - LEAKED_KEYS Library: description: Vulnerability library. properties: name: description: Vulnerability library name. example: linux-aws-5.15 type: string version: description: Vulnerability library version. example: 5.15.0 type: string required: - name type: object Links: description: The JSON:API links related to pagination. properties: first: description: First page link. example: >- https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Bnumber%5D=1&page%5Btoken%5D=b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4 type: string last: description: Last page link. example: >- https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Bnumber%5D=15&page%5Btoken%5D=b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4 type: string next: description: Next page link. example: >- https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Bnumber%5D=16&page%5Btoken%5D=b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4 type: string previous: description: Previous page link. example: >- https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Bnumber%5D=14&page%5Btoken%5D=b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4 type: string self: description: Request link. example: >- https://api.datadoghq.com/api/v2/security/vulnerabilities?filter%5Btool%5D=Infra type: string required: - self - first - last type: object ListAPIsResponse: description: Response for `ListAPIs`. properties: data: description: List of API items. items: $ref: '#/components/schemas/ListAPIsResponseData' type: array meta: $ref: '#/components/schemas/ListAPIsResponseMeta' type: object ListAPIsResponseData: description: Data envelope for `ListAPIsResponse`. properties: attributes: $ref: '#/components/schemas/ListAPIsResponseDataAttributes' id: $ref: '#/components/schemas/ApiID' type: object ListAPIsResponseDataAttributes: description: Attributes for `ListAPIsResponseData`. properties: name: description: API name. example: Payments API type: string type: object ListAPIsResponseMeta: description: Metadata for `ListAPIsResponse`. properties: pagination: $ref: '#/components/schemas/ListAPIsResponseMetaPagination' type: object ListAPIsResponseMetaPagination: description: Pagination metadata information for `ListAPIsResponse`. properties: limit: description: Number of items in the current page. example: 20 format: int64 type: integer offset: description: Offset for pagination. example: 0 format: int64 type: integer total_count: description: Total number of items. example: 35 format: int64 type: integer type: object ListApplicationKeysResponse: description: Response for a list of application keys. properties: data: description: Array of application keys. items: $ref: '#/components/schemas/PartialApplicationKey' type: array included: description: Array of objects related to the application key. items: $ref: '#/components/schemas/ApplicationKeyResponseIncludedItem' type: array meta: $ref: '#/components/schemas/ApplicationKeyResponseMeta' type: object ListAppsResponse: description: A paginated list of apps matching the specified filters and sorting. properties: data: description: An array of app definitions. items: $ref: '#/components/schemas/ListAppsResponseDataItems' type: array included: description: Data on the version of the app that was published. items: $ref: '#/components/schemas/Deployment' type: array meta: $ref: '#/components/schemas/ListAppsResponseMeta' type: object ListAppsResponseDataItems: description: >- An app definition object. This contains only basic information about the app such as ID, name, and tags. properties: attributes: $ref: '#/components/schemas/ListAppsResponseDataItemsAttributes' id: description: The ID of the app. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 format: uuid type: string meta: $ref: '#/components/schemas/AppMeta' relationships: $ref: '#/components/schemas/ListAppsResponseDataItemsRelationships' type: $ref: '#/components/schemas/AppDefinitionType' required: - id - type - attributes type: object ListAppsResponseDataItemsAttributes: description: Basic information about the app such as name, description, and tags. properties: description: description: A human-readable description for the app. type: string example: example_value favorite: description: Whether the app is marked as a favorite by the current user. type: boolean example: true name: description: The name of the app. type: string example: Example Monitor selfService: description: Whether the app is enabled for use in the Datadog self-service hub. type: boolean example: true tags: description: A list of tags for the app, which can be used to filter apps. example: - service:webshop-backend - team:webshop items: description: An individual tag for the app. type: string type: array type: object ListAppsResponseDataItemsRelationships: description: The app's publication information. properties: deployment: $ref: '#/components/schemas/DeploymentRelationship' type: object ListAppsResponseMeta: description: Pagination metadata. properties: page: $ref: '#/components/schemas/ListAppsResponseMetaPage' type: object ListAppsResponseMetaPage: description: Information on the total number of apps, to be used for pagination. properties: totalCount: description: >- The total number of apps under the Datadog organization, disregarding any filters applied. format: int64 type: integer example: 42 totalFilteredCount: description: The total number of apps that match the specified filters. format: int64 type: integer example: 42 type: object ListDevicesResponse: description: List devices response. properties: data: description: The list devices response data. items: $ref: '#/components/schemas/DevicesListData' type: array meta: $ref: '#/components/schemas/ListDevicesResponseMetadata' type: object ListDevicesResponseMetadata: description: Object describing meta attributes of response. properties: page: $ref: '#/components/schemas/ListDevicesResponseMetadataPage' type: object ListDevicesResponseMetadataPage: description: Pagination object. properties: total_filtered_count: description: Total count of devices matched by the filter. example: 1 format: int64 type: integer type: object ListDowntimesResponse: description: Response for retrieving all downtimes. properties: data: description: An array of downtimes. items: $ref: '#/components/schemas/DowntimeResponseData' type: array included: description: Array of objects related to the downtimes. items: $ref: '#/components/schemas/DowntimeResponseIncludedItem' type: array meta: $ref: '#/components/schemas/DowntimeMeta' type: object ListEntityCatalogResponse: description: List entity response. properties: data: $ref: '#/components/schemas/EntityResponseData' included: $ref: '#/components/schemas/ListEntityCatalogResponseIncluded' links: $ref: '#/components/schemas/ListEntityCatalogResponseLinks' meta: $ref: '#/components/schemas/EntityResponseMeta' type: object ListEntityCatalogResponseIncluded: description: List entity response included. items: $ref: '#/components/schemas/ListEntityCatalogResponseIncludedItem' type: array ListEntityCatalogResponseIncludedItem: description: List entity response included item. oneOf: - $ref: '#/components/schemas/EntityResponseIncludedSchema' - $ref: '#/components/schemas/EntityResponseIncludedRawSchema' - $ref: '#/components/schemas/EntityResponseIncludedRelatedEntity' - $ref: '#/components/schemas/EntityResponseIncludedOncall' - $ref: '#/components/schemas/EntityResponseIncludedIncident' ListEntityCatalogResponseLinks: description: List entity response links. properties: next: description: Next link. type: string example: example_value previous: description: Previous link. type: string example: example_value self: description: Current link. type: string example: example_value type: object ListExternalUserGroupResponse: description: List groups response object. example: Resources: - displayName: Group 1 externalId: group1 id: e43536e9-33fe-43f8-90b8-d3e39a7dd6ad members: - $ref: >- https://app.datadoghq.com/api/scim/v2/Users/d34a5f93-5690-4d3f-a293-f2ad5c7a82a4 display: John Doe type: User value: d34a5f93-5690-4d3f-a293-f2ad5c7a82a4 - $ref: >- https://app.datadoghq.com/api/scim/v2/Users/429ebce5-8ed3-4da9-9f1e-662f2dbc2fe6 display: Jane Doe type: User value: 429ebce5-8ed3-4da9-9f1e-662f2dbc2fe6 meta: created: '2024-11-22T15:05:52.055138963Z' lastModified: '2024-11-22T15:05:52.055139017Z' location: >- https://app.datadoghq.com/api/scim/v2/Groups/e43536e9-33fe-43f8-90b8-d3e39a7dd6ad resourceType: Group schemas: - urn:ietf:params:scim:schemas:core:2.0:Group - displayName: Group 2 externalId: group2 id: 79ef0d28-f257-4829-97e6-d23d2a26cb1a members: - $ref: >- https://app.datadoghq.com/api/scim/v2/Users/29da9fb7-8fca-4e87-bf58-86652253deae display: Alice Smith type: User value: 29da9fb7-8fca-4e87-bf58-86652253deae - $ref: >- https://app.datadoghq.com/api/scim/v2/Users/f85e3868-ad7b-47e3-a8a9-ff1eade2bbf9 display: Bob Smith type: User value: f85e3868-ad7b-47e3-a8a9-ff1eade2bbf9 meta: created: '2024-11-22T15:05:52.055139748Z' lastModified: '2024-11-22T15:05:52.055139813Z' location: >- https://app.datadoghq.com/api/scim/v2/Groups/79ef0d28-f257-4829-97e6-d23d2a26cb1a resourceType: Group schemas: - urn:ietf:params:scim:schemas:core:2.0:Group itemsPerPage: 2 schemas: - urn:ietf:params:scim:api:messages:2.0:ListResponse startIndex: 1 totalResults: 2 properties: Resources: description: List of groups matching the request criteria. items: $ref: '#/components/schemas/ListExternalUserGroupResponseResourcesItems' type: array itemsPerPage: description: Number of groups returned per page. format: int64 maximum: 4294967295 minimum: 0 type: integer example: 42 schemas: description: List response JSON Schemas. example: - urn:ietf:params:scim:api:messages:2.0:ListResponse items: type: string type: array startIndex: description: Starting index of the groups for this page (1-indexed). format: int64 maximum: 4294967295 minimum: 0 type: integer example: 42 totalResults: description: Total number of groups matching the request criteria. format: int64 maximum: 4294967295 minimum: 0 type: integer example: 42 type: object ListExternalUserGroupResponseResourcesItems: description: Resources returned in response to a List groups request. properties: displayName: description: A human-readable name for the group. example: My test group type: string externalId: description: >- An identifier for the resource as defined by the provisioning client. example: 346af543-e5ab-4855-937d-133231cd59ed type: string id: description: The identifier of the resource. Not required when creating a group. example: 0e80d350-9519-4771-9aa8-ce849fc36c20 type: string members: description: A list of members belonging to the team. items: $ref: >- #/components/schemas/ListExternalUserGroupResponseResourcesItemsMembersItems type: array meta: $ref: '#/components/schemas/ExternalUserGroupMeta' schemas: description: Group JSON Schemas. example: - urn:ietf:params:scim:schemas:core:2.0:Group items: type: string type: array type: object ListExternalUserGroupResponseResourcesItemsMembersItems: description: >- The definition of a member belonging to a group in the List groups response. properties: $ref: description: The URI corresponding to a resource that is a member of this group. example: >- https://app.datadoghq.com/api/scim/v2/Users/429ebce5-8ed3-4da9-9f1e-662f2dbc2fe6 type: string display: description: Full name of the user. example: John Doe type: string type: description: >- A label indicating the type of resource. Only supported value is "User". example: User type: string value: description: The identifier of the member of this group. example: 429ebce5-8ed3-4da9-9f1e-662f2dbc2fe6 type: string type: object ListExternalUsersResponse: description: List users response object. example: Resources: - active: true emails: - primary: true type: work value: john.doe@datadoghq.com id: e43536e9-33fe-43f8-90b8-d3e39a7dd6ad meta: created: '2024-11-22T15:05:52.055138963Z' lastModified: '2024-11-22T15:05:52.055139017Z' location: >- https://app.datadoghq.com/api/scim/v2/Users/e43536e9-33fe-43f8-90b8-d3e39a7dd6ad resourceType: User name: formatted: John Doe schemas: - urn:ietf:params:scim:schemas:core:2.0:User title: Mr. userName: john.doe@datadoghq.com - active: true emails: - primary: true type: work value: jane.doe@datadoghq.com id: 79ef0d28-f257-4829-97e6-d23d2a26cb1a meta: created: '2024-11-22T15:05:52.055139748Z' lastModified: '2024-11-22T15:05:52.055139813Z' location: >- https://app.datadoghq.com/api/scim/v2/Users/79ef0d28-f257-4829-97e6-d23d2a26cb1a resourceType: User name: formatted: Jane Doe schemas: - urn:ietf:params:scim:schemas:core:2.0:User title: Mrs. userName: jane.doe@datadoghq.com itemsPerPage: 2 schemas: - urn:ietf:params:scim:api:messages:2.0:ListResponse startIndex: 1 totalResults: 2 properties: Resources: description: List of users matching the request criteria. items: $ref: '#/components/schemas/ListExternalUsersResponseResourcesItems' type: array itemsPerPage: description: Number of users returned per page. format: int64 maximum: 4294967295 minimum: 0 type: integer example: 42 schemas: description: List response JSON Schemas. example: - urn:ietf:params:scim:api:messages:2.0:ListResponse items: type: string type: array startIndex: description: Starting index of the users for this page (1-indexed). format: int64 maximum: 4294967295 minimum: 0 type: integer example: 42 totalResults: description: Total number of users matching the request criteria. format: int64 maximum: 4294967295 minimum: 0 type: integer example: 42 type: object ListExternalUsersResponseResourcesItems: description: Resources returned in response to a List users request. properties: active: description: A Boolean value indicating the User's administrative status. type: boolean example: true emails: description: Email addresses for the user. items: $ref: '#/components/schemas/ExternalUserEmailType' type: array id: description: The identifier of the resource. Not required when creating a user. type: string example: abc-123-def meta: $ref: '#/components/schemas/ExternalUserMeta' name: $ref: '#/components/schemas/ExternalUserNameType' schemas: description: User JSON Schemas. example: - urn:ietf:params:scim:schemas:core:2.0:User items: type: string type: array title: description: The user's title. type: string example: Example Monitor userName: description: Unique identifier for the User. type: string example: Example Monitor type: object ListFindingsData: description: Array of findings. items: $ref: '#/components/schemas/Finding' type: array ListFindingsMeta: additionalProperties: false description: Metadata for pagination. properties: page: $ref: '#/components/schemas/ListFindingsPage' snapshot_timestamp: description: The point in time corresponding to the listed findings. example: 1678721573794 format: int64 minimum: 1 type: integer type: object ListFindingsPage: additionalProperties: false description: Pagination and findings count information. properties: cursor: description: The cursor used to paginate requests. example: >- eyJhZnRlciI6IkFRQUFBWWJiaEJXQS1OY1dqUUFBQUFCQldXSmlhRUpYUVVGQlJFSktkbTlDTUdaWFRVbDNRVUUiLCJ2YWx1ZXMiOlsiY3JpdGljYWwiXX0= type: string total_filtered_count: description: The total count of findings after the filter has been applied. example: 213 format: int64 type: integer type: object ListFindingsResponse: description: The expected response schema when listing findings. properties: data: $ref: '#/components/schemas/ListFindingsData' meta: $ref: '#/components/schemas/ListFindingsMeta' required: - data - meta type: object ListHistoricalJobsResponse: description: List of historical jobs. properties: data: description: Array containing the list of historical jobs. items: $ref: '#/components/schemas/HistoricalJobResponseData' type: array meta: $ref: '#/components/schemas/HistoricalJobListMeta' type: object ListPipelinesResponse: description: >- Represents the response payload containing a list of pipelines and associated metadata. properties: data: description: The `schema` `data`. items: $ref: '#/components/schemas/ObservabilityPipelineData' type: array meta: $ref: '#/components/schemas/ListPipelinesResponseMeta' required: - data type: object ListPipelinesResponseMeta: description: Metadata about the response. properties: totalCount: description: The total number of pipelines. example: 42 format: int64 type: integer type: object ListPowerpacksResponse: description: Response object which includes all powerpack configurations. properties: data: description: List of powerpack definitions. items: $ref: '#/components/schemas/PowerpackData' type: array included: description: Array of objects related to the users. items: $ref: '#/components/schemas/User' type: array links: $ref: '#/components/schemas/PowerpackResponseLinks' meta: $ref: '#/components/schemas/PowerpacksResponseMeta' type: object ListRelationCatalogResponse: description: List entity relation response. properties: data: $ref: '#/components/schemas/RelationResponseData' included: $ref: '#/components/schemas/ListRelationCatalogResponseIncluded' links: $ref: '#/components/schemas/ListRelationCatalogResponseLinks' meta: $ref: '#/components/schemas/RelationResponseMeta' type: object ListRelationCatalogResponseIncluded: description: List relation response included entities. items: $ref: '#/components/schemas/EntityData' type: array ListRelationCatalogResponseLinks: description: List relation response links. properties: next: description: Next link. example: >- /api/v2/catalog/relation?filter[from_ref]=service:service-catalog&include=entity&page[limit]=2&page[offset]=2 type: string previous: description: Previous link. type: string example: example_value self: description: Current link. example: >- /api/v2/catalog/relation?filter[from_ref]=service:service-catalog&include=entity&page[limit]=2&page[offset]=0 type: string type: object ListRulesResponse: description: Scorecard rules response. properties: data: $ref: '#/components/schemas/ListRulesResponseData' links: $ref: '#/components/schemas/ListRulesResponseLinks' type: object ListRulesResponseData: description: Array of rule details. items: $ref: '#/components/schemas/ListRulesResponseDataItem' type: array ListRulesResponseDataItem: description: Rule details. properties: attributes: $ref: '#/components/schemas/RuleAttributes' id: $ref: '#/components/schemas/RuleId' relationships: $ref: '#/components/schemas/RelationshipToRule' type: $ref: '#/components/schemas/RuleType' type: object ListRulesResponseLinks: description: Links attributes. properties: next: description: Link for the next set of rules. example: >- /api/v2/scorecard/rules?page%5Blimit%5D=2&page%5Boffset%5D=2&page%5Bsize%5D=2 type: string type: object ListTagsResponse: description: List tags response. properties: data: $ref: '#/components/schemas/ListTagsResponseData' type: object ListTagsResponseData: description: The list tags response data. properties: attributes: $ref: '#/components/schemas/ListTagsResponseDataAttributes' id: description: The device ID example: example:1.2.3.4 type: string type: description: The type of the resource. The value should always be tags. type: string example: metric alert type: object ListTagsResponseDataAttributes: description: The definition of ListTagsResponseDataAttributes object. properties: tags: description: The list of tags example: - tag:test - tag:testbis items: type: string type: array type: object ListTeamsInclude: description: Included related resources optionally requested. enum: - team_links - user_team_permissions type: string x-enum-varnames: - TEAM_LINKS - USER_TEAM_PERMISSIONS ListTeamsSort: description: Specifies the order of the returned teams enum: - name - '-name' - user_count - '-user_count' type: string x-enum-varnames: - NAME - _NAME - USER_COUNT - _USER_COUNT ListVulnerabilitiesResponse: description: The expected response schema when listing vulnerabilities. properties: data: description: List of vulnerabilities. items: $ref: '#/components/schemas/Vulnerability' type: array links: $ref: '#/components/schemas/Links' meta: $ref: '#/components/schemas/Metadata' required: - data type: object ListVulnerableAssetsResponse: description: The expected response schema when listing vulnerable assets. properties: data: description: List of vulnerable assets. items: $ref: '#/components/schemas/Asset' type: array links: $ref: '#/components/schemas/Links' meta: $ref: '#/components/schemas/Metadata' required: - data type: object Log: description: Object description of a log after being processed and stored by Datadog. properties: attributes: $ref: '#/components/schemas/LogAttributes' id: description: Unique ID of the Log. example: AAAAAWgN8Xwgr1vKDQAAAABBV2dOOFh3ZzZobm1mWXJFYTR0OA type: string type: $ref: '#/components/schemas/LogType' type: object LogAttributes: description: JSON object containing all log attributes and their associated values. properties: attributes: additionalProperties: {} description: JSON object of attributes from your log. example: customAttribute: 123 duration: 2345 type: object host: description: Name of the machine from where the logs are being sent. example: i-0123 type: string message: description: >- The message [reserved attribute](https://docs.datadoghq.com/logs/log_collection/#reserved-attributes) of your log. By default, Datadog ingests the value of the message attribute as the body of the log entry. That value is then highlighted and displayed in the Logstream, where it is indexed for full text search. example: Host connected to remote type: string service: description: >- The name of the application or service generating the log events. It is used to switch from Logs to APM, so make sure you define the same value when you use both products. example: agent type: string status: description: Status of the message associated with your log. example: INFO type: string tags: description: Array of tags associated with your log. example: - team:A items: description: Tag associated with your log. type: string type: array timestamp: description: Timestamp of your log. example: '2019-01-02T09:42:36.320Z' format: date-time type: string type: object LogType: default: log description: Type of the event. enum: - log example: log type: string x-enum-varnames: - LOG LogsAggregateBucket: description: A bucket values properties: by: additionalProperties: description: The values for each group by description: The key, value pairs for each group by example: '@state': success '@version': abc type: object computes: additionalProperties: $ref: '#/components/schemas/LogsAggregateBucketValue' description: >- A map of the metric name -> value for regular compute or list of values for a timeseries type: object type: object LogsAggregateBucketValue: description: A bucket value, can be either a timeseries or a single value oneOf: - $ref: '#/components/schemas/LogsAggregateBucketValueSingleString' - $ref: '#/components/schemas/LogsAggregateBucketValueSingleNumber' - $ref: '#/components/schemas/LogsAggregateBucketValueTimeseries' LogsAggregateBucketValueSingleNumber: description: A single number value format: double type: number LogsAggregateBucketValueSingleString: description: A single string value type: string LogsAggregateBucketValueTimeseries: description: A timeseries array items: $ref: '#/components/schemas/LogsAggregateBucketValueTimeseriesPoint' type: array x-generate-alias-as-model: true LogsAggregateBucketValueTimeseriesPoint: description: A timeseries point properties: time: description: The time value for this point example: '2020-06-08T11:55:00Z' type: string value: description: The value for this point example: 19 format: double type: number type: object LogsAggregateRequest: description: >- The object sent with the request to retrieve a list of logs from your organization. properties: compute: description: >- The list of metrics or timeseries to compute for the retrieved buckets. items: $ref: '#/components/schemas/LogsCompute' type: array filter: $ref: '#/components/schemas/LogsQueryFilter' group_by: description: The rules for the group by items: $ref: '#/components/schemas/LogsGroupBy' type: array options: $ref: '#/components/schemas/LogsQueryOptions' page: $ref: '#/components/schemas/LogsAggregateRequestPage' type: object LogsAggregateRequestPage: description: Paging settings properties: cursor: description: >- The returned paging point to use to get the next results. Note: at most 1000 results can be paged. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string type: object LogsAggregateResponse: description: The response object for the logs aggregate API endpoint properties: data: $ref: '#/components/schemas/LogsAggregateResponseData' meta: $ref: '#/components/schemas/LogsResponseMetadata' type: object LogsAggregateResponseData: description: The query results properties: buckets: description: The list of matching buckets, one item per bucket items: $ref: '#/components/schemas/LogsAggregateBucket' type: array type: object LogsAggregateResponseStatus: description: The status of the response enum: - done - timeout example: done type: string x-enum-varnames: - DONE - TIMEOUT LogsAggregateSort: description: A sort rule example: aggregation: count order: asc properties: aggregation: $ref: '#/components/schemas/LogsAggregationFunction' metric: description: The metric to sort by (only used for `type=measure`) example: '@duration' type: string order: $ref: '#/components/schemas/LogsSortOrder' type: $ref: '#/components/schemas/LogsAggregateSortType' type: object LogsAggregateSortType: default: alphabetical description: The type of sorting algorithm enum: - alphabetical - measure type: string x-enum-varnames: - ALPHABETICAL - MEASURE LogsAggregationFunction: description: An aggregation function enum: - count - cardinality - pc75 - pc90 - pc95 - pc98 - pc99 - sum - min - max - avg - median example: pc90 type: string x-enum-varnames: - COUNT - CARDINALITY - PERCENTILE_75 - PERCENTILE_90 - PERCENTILE_95 - PERCENTILE_98 - PERCENTILE_99 - SUM - MIN - MAX - AVG - MEDIAN LogsArchive: description: The logs archive. properties: data: $ref: '#/components/schemas/LogsArchiveDefinition' type: object LogsArchiveAttributes: description: The attributes associated with the archive. properties: destination: $ref: '#/components/schemas/LogsArchiveDestination' include_tags: default: false description: >- To store the tags in the archive, set the value "true". If it is set to "false", the tags will be deleted when the logs are sent to the archive. example: false type: boolean name: description: The archive name. example: Nginx Archive type: string query: description: >- The archive query/filter. Logs matching this query are included in the archive. example: source:nginx type: string rehydration_max_scan_size_in_gb: description: Maximum scan size for rehydration from this archive. example: 100 format: int64 nullable: true type: integer rehydration_tags: description: An array of tags to add to rehydrated logs from an archive. example: - team:intake - team:app items: description: A given tag in the `:` format. type: string type: array state: $ref: '#/components/schemas/LogsArchiveState' required: - name - query - destination type: object LogsArchiveCreateRequest: description: The logs archive. properties: data: $ref: '#/components/schemas/LogsArchiveCreateRequestDefinition' type: object LogsArchiveCreateRequestAttributes: description: The attributes associated with the archive. properties: destination: $ref: '#/components/schemas/LogsArchiveCreateRequestDestination' include_tags: default: false description: >- To store the tags in the archive, set the value "true". If it is set to "false", the tags will be deleted when the logs are sent to the archive. example: false type: boolean name: description: The archive name. example: Nginx Archive type: string query: description: >- The archive query/filter. Logs matching this query are included in the archive. example: source:nginx type: string rehydration_max_scan_size_in_gb: description: Maximum scan size for rehydration from this archive. example: 100 format: int64 nullable: true type: integer rehydration_tags: description: An array of tags to add to rehydrated logs from an archive. example: - team:intake - team:app items: description: A given tag in the `:` format. type: string type: array required: - name - query - destination type: object LogsArchiveCreateRequestDefinition: description: The definition of an archive. properties: attributes: $ref: '#/components/schemas/LogsArchiveCreateRequestAttributes' type: default: archives description: The type of the resource. The value should always be archives. example: archives type: string required: - type type: object LogsArchiveCreateRequestDestination: description: An archive's destination. oneOf: - $ref: '#/components/schemas/LogsArchiveDestinationAzure' - $ref: '#/components/schemas/LogsArchiveDestinationGCS' - $ref: '#/components/schemas/LogsArchiveDestinationS3' LogsArchiveDefinition: description: The definition of an archive. properties: attributes: $ref: '#/components/schemas/LogsArchiveAttributes' id: description: The archive ID. example: a2zcMylnM4OCHpYusxIi3g readOnly: true type: string type: default: archives description: The type of the resource. The value should always be archives. example: archives readOnly: true type: string required: - type type: object LogsArchiveDestination: description: An archive's destination. nullable: true oneOf: - $ref: '#/components/schemas/LogsArchiveDestinationAzure' - $ref: '#/components/schemas/LogsArchiveDestinationGCS' - $ref: '#/components/schemas/LogsArchiveDestinationS3' type: object LogsArchiveDestinationAzure: description: The Azure archive destination. properties: container: description: The container where the archive will be stored. example: container-name type: string integration: $ref: '#/components/schemas/LogsArchiveIntegrationAzure' path: description: The archive path. type: string example: example_value region: description: The region where the archive will be stored. type: string example: example_value storage_account: description: The associated storage account. example: account-name type: string type: $ref: '#/components/schemas/LogsArchiveDestinationAzureType' required: - storage_account - container - integration - type type: object LogsArchiveDestinationAzureType: default: azure description: Type of the Azure archive destination. enum: - azure example: azure type: string x-enum-varnames: - AZURE LogsArchiveDestinationGCS: description: The GCS archive destination. properties: bucket: description: The bucket where the archive will be stored. example: bucket-name type: string integration: $ref: '#/components/schemas/LogsArchiveIntegrationGCS' path: description: The archive path. type: string example: example_value type: $ref: '#/components/schemas/LogsArchiveDestinationGCSType' required: - bucket - integration - type type: object LogsArchiveDestinationGCSType: default: gcs description: Type of the GCS archive destination. enum: - gcs example: gcs type: string x-enum-varnames: - GCS LogsArchiveDestinationS3: description: The S3 archive destination. properties: bucket: description: The bucket where the archive will be stored. example: bucket-name type: string encryption: $ref: '#/components/schemas/LogsArchiveEncryptionS3' integration: $ref: '#/components/schemas/LogsArchiveIntegrationS3' path: description: The archive path. type: string example: example_value storage_class: $ref: '#/components/schemas/LogsArchiveStorageClassS3Type' type: $ref: '#/components/schemas/LogsArchiveDestinationS3Type' required: - bucket - integration - type type: object LogsArchiveDestinationS3Type: default: s3 description: Type of the S3 archive destination. enum: - s3 example: s3 type: string x-enum-varnames: - S3 LogsArchiveEncryptionS3: description: The S3 encryption settings. properties: key: description: An Amazon Resource Name (ARN) used to identify an AWS KMS key. example: arn:aws:kms:us-east-1:012345678901:key/DatadogIntegrationRoleKms type: string type: $ref: '#/components/schemas/LogsArchiveEncryptionS3Type' required: - type type: object LogsArchiveEncryptionS3Type: description: Type of S3 encryption for a destination. enum: - NO_OVERRIDE - SSE_S3 - SSE_KMS example: SSE_S3 type: string x-enum-varnames: - NO_OVERRIDE - SSE_S3 - SSE_KMS LogsArchiveIntegrationAzure: description: The Azure archive's integration destination. properties: client_id: description: A client ID. example: aaaaaaaa-1a1a-1a1a-1a1a-aaaaaaaaaaaa type: string tenant_id: description: A tenant ID. example: aaaaaaaa-1a1a-1a1a-1a1a-aaaaaaaaaaaa type: string required: - tenant_id - client_id type: object LogsArchiveIntegrationGCS: description: The GCS archive's integration destination. properties: client_email: description: A client email. example: youremail@example.com type: string project_id: description: A project ID. example: project-id type: string required: - client_email type: object LogsArchiveIntegrationS3: description: The S3 Archive's integration destination. properties: account_id: description: The account ID for the integration. example: '123456789012' type: string role_name: description: The path of the integration. example: role-name type: string required: - role_name - account_id type: object LogsArchiveOrder: description: A ordered list of archive IDs. properties: data: $ref: '#/components/schemas/LogsArchiveOrderDefinition' type: object LogsArchiveOrderAttributes: description: The attributes associated with the archive order. properties: archive_ids: description: >- An ordered array of `` strings, the order of archive IDs in the array define the overall archives order for Datadog. example: - a2zcMylnM4OCHpYusxIi1g - a2zcMylnM4OCHpYusxIi2g - a2zcMylnM4OCHpYusxIi3g items: description: A given archive ID. type: string type: array required: - archive_ids type: object LogsArchiveOrderDefinition: description: The definition of an archive order. properties: attributes: $ref: '#/components/schemas/LogsArchiveOrderAttributes' type: $ref: '#/components/schemas/LogsArchiveOrderDefinitionType' required: - type - attributes type: object LogsArchiveOrderDefinitionType: default: archive_order description: Type of the archive order definition. enum: - archive_order example: archive_order type: string x-enum-varnames: - ARCHIVE_ORDER LogsArchiveState: description: The state of the archive. enum: - UNKNOWN - WORKING - FAILING - WORKING_AUTH_LEGACY example: WORKING type: string x-enum-varnames: - UNKNOWN - WORKING - FAILING - WORKING_AUTH_LEGACY LogsArchiveStorageClassS3Type: default: STANDARD description: The storage class where the archive will be stored. enum: - STANDARD - STANDARD_IA - ONEZONE_IA - INTELLIGENT_TIERING - GLACIER_IR example: STANDARD type: string x-enum-varnames: - STANDARD - STANDARD_IA - ONEZONE_IA - INTELLIGENT_TIERING - GLACIER_IR LogsArchives: description: The available archives. properties: data: description: A list of archives. items: $ref: '#/components/schemas/LogsArchiveDefinition' type: array type: object LogsCompute: description: A compute rule to compute metrics or timeseries properties: aggregation: $ref: '#/components/schemas/LogsAggregationFunction' interval: description: |- The time buckets' size (only used for type=timeseries) Defaults to a resolution of 150 points example: 5m type: string metric: description: The metric to use example: '@duration' type: string type: $ref: '#/components/schemas/LogsComputeType' required: - aggregation type: object LogsComputeType: default: total description: The type of compute enum: - timeseries - total type: string x-enum-varnames: - TIMESERIES - TOTAL LogsGroupBy: description: A group by rule properties: facet: description: The name of the facet to use (required) example: host type: string histogram: $ref: '#/components/schemas/LogsGroupByHistogram' limit: default: 10 description: >- The maximum buckets to return for this group by. Note: at most 10000 buckets are allowed. If grouping by multiple facets, the product of limits must not exceed 10000. format: int64 type: integer example: 42 missing: $ref: '#/components/schemas/LogsGroupByMissing' sort: $ref: '#/components/schemas/LogsAggregateSort' total: $ref: '#/components/schemas/LogsGroupByTotal' required: - facet type: object LogsGroupByHistogram: description: >- Used to perform a histogram computation (only for measure facets). Note: at most 100 buckets are allowed, the number of buckets is (max - min)/interval. properties: interval: description: The bin size of the histogram buckets example: 10 format: double type: number max: description: |- The maximum value for the measure used in the histogram (values greater than this one are filtered out) example: 100 format: double type: number min: description: |- The minimum value for the measure used in the histogram (values smaller than this one are filtered out) example: 50 format: double type: number required: - interval - min - max type: object LogsGroupByMissing: description: The value to use for logs that don't have the facet used to group by oneOf: - $ref: '#/components/schemas/LogsGroupByMissingString' - $ref: '#/components/schemas/LogsGroupByMissingNumber' LogsGroupByMissingNumber: description: The missing value to use if there is a number valued facet. format: double type: number LogsGroupByMissingString: description: The missing value to use if there is string valued facet. type: string LogsGroupByTotal: default: false description: >- A resulting object to put the given computes in over all the matching records. oneOf: - $ref: '#/components/schemas/LogsGroupByTotalBoolean' - $ref: '#/components/schemas/LogsGroupByTotalString' - $ref: '#/components/schemas/LogsGroupByTotalNumber' LogsGroupByTotalBoolean: description: If set to true, creates an additional bucket labeled "$facet_total" type: boolean LogsGroupByTotalNumber: description: A number to use as the key value for the total bucket format: double type: number LogsGroupByTotalString: description: A string to use as the key value for the total bucket type: string LogsListRequest: description: The request for a logs list. properties: filter: $ref: '#/components/schemas/LogsQueryFilter' options: $ref: '#/components/schemas/LogsQueryOptions' page: $ref: '#/components/schemas/LogsListRequestPage' sort: $ref: '#/components/schemas/LogsSort' type: object LogsListRequestPage: description: Paging attributes for listing logs. properties: cursor: description: List following results with a cursor provided in the previous query. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string limit: default: 10 description: Maximum number of logs in the response. example: 25 format: int32 maximum: 1000 type: integer type: object LogsListResponse: description: >- Response object with all logs matching the request and pagination information. properties: data: description: Array of logs matching the request. items: $ref: '#/components/schemas/Log' type: array links: $ref: '#/components/schemas/LogsListResponseLinks' meta: $ref: '#/components/schemas/LogsResponseMetadata' type: object LogsListResponseLinks: description: Links attributes. properties: next: description: >- Link for the next set of results. Note that the request can also be made using the POST endpoint. example: >- https://app.datadoghq.com/api/v2/logs/event?filter[query]=foo&page[cursor]=eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string type: object LogsMetricCompute: description: The compute rule to compute the log-based metric. properties: aggregation_type: $ref: '#/components/schemas/LogsMetricComputeAggregationType' include_percentiles: $ref: '#/components/schemas/LogsMetricComputeIncludePercentiles' path: description: >- The path to the value the log-based metric will aggregate on (only used if the aggregation type is a "distribution"). example: '@duration' type: string required: - aggregation_type type: object LogsMetricComputeAggregationType: description: The type of aggregation to use. enum: - count - distribution example: distribution type: string x-enum-varnames: - COUNT - DISTRIBUTION LogsMetricComputeIncludePercentiles: description: >- Toggle to include or exclude percentile aggregations for distribution metrics. Only present when the `aggregation_type` is `distribution`. example: true type: boolean LogsMetricCreateAttributes: description: The object describing the Datadog log-based metric to create. properties: compute: $ref: '#/components/schemas/LogsMetricCompute' filter: $ref: '#/components/schemas/LogsMetricFilter' group_by: description: The rules for the group by. items: $ref: '#/components/schemas/LogsMetricGroupBy' type: array required: - compute type: object LogsMetricCreateData: description: The new log-based metric properties. properties: attributes: $ref: '#/components/schemas/LogsMetricCreateAttributes' id: $ref: '#/components/schemas/LogsMetricID' type: $ref: '#/components/schemas/LogsMetricType' required: - id - type - attributes type: object LogsMetricCreateRequest: description: The new log-based metric body. properties: data: $ref: '#/components/schemas/LogsMetricCreateData' required: - data type: object LogsMetricFilter: description: >- The log-based metric filter. Logs matching this filter will be aggregated in this metric. properties: query: default: '*' description: The search query - following the log search syntax. example: service:web* AND @http.status_code:[200 TO 299] type: string type: object LogsMetricGroupBy: description: A group by rule. properties: path: description: The path to the value the log-based metric will be aggregated over. example: '@http.status_code' type: string tag_name: description: >- Eventual name of the tag that gets created. By default, the path attribute is used as the tag name. example: status_code type: string required: - path type: object LogsMetricID: description: The name of the log-based metric. example: logs.page.load.count type: string LogsMetricResponse: description: The log-based metric object. properties: data: $ref: '#/components/schemas/LogsMetricResponseData' type: object LogsMetricResponseAttributes: description: The object describing a Datadog log-based metric. properties: compute: $ref: '#/components/schemas/LogsMetricResponseCompute' filter: $ref: '#/components/schemas/LogsMetricResponseFilter' group_by: description: The rules for the group by. items: $ref: '#/components/schemas/LogsMetricResponseGroupBy' type: array type: object LogsMetricResponseCompute: description: The compute rule to compute the log-based metric. properties: aggregation_type: $ref: '#/components/schemas/LogsMetricResponseComputeAggregationType' include_percentiles: $ref: '#/components/schemas/LogsMetricComputeIncludePercentiles' path: description: >- The path to the value the log-based metric will aggregate on (only used if the aggregation type is a "distribution"). example: '@duration' type: string type: object LogsMetricResponseComputeAggregationType: description: The type of aggregation to use. enum: - count - distribution example: distribution type: string x-enum-varnames: - COUNT - DISTRIBUTION LogsMetricResponseData: description: The log-based metric properties. properties: attributes: $ref: '#/components/schemas/LogsMetricResponseAttributes' id: $ref: '#/components/schemas/LogsMetricID' type: $ref: '#/components/schemas/LogsMetricType' type: object LogsMetricResponseFilter: description: >- The log-based metric filter. Logs matching this filter will be aggregated in this metric. properties: query: description: The search query - following the log search syntax. example: service:web* AND @http.status_code:[200 TO 299] type: string type: object LogsMetricResponseGroupBy: description: A group by rule. properties: path: description: The path to the value the log-based metric will be aggregated over. example: '@http.status_code' type: string tag_name: description: >- Eventual name of the tag that gets created. By default, the path attribute is used as the tag name. example: status_code type: string type: object LogsMetricType: default: logs_metrics description: The type of the resource. The value should always be logs_metrics. enum: - logs_metrics example: logs_metrics type: string x-enum-varnames: - LOGS_METRICS LogsMetricUpdateAttributes: description: The log-based metric properties that will be updated. properties: compute: $ref: '#/components/schemas/LogsMetricUpdateCompute' filter: $ref: '#/components/schemas/LogsMetricFilter' group_by: description: The rules for the group by. items: $ref: '#/components/schemas/LogsMetricGroupBy' type: array type: object LogsMetricUpdateCompute: description: The compute rule to compute the log-based metric. properties: include_percentiles: $ref: '#/components/schemas/LogsMetricComputeIncludePercentiles' type: object LogsMetricUpdateData: description: The new log-based metric properties. properties: attributes: $ref: '#/components/schemas/LogsMetricUpdateAttributes' type: $ref: '#/components/schemas/LogsMetricType' required: - type - attributes type: object LogsMetricUpdateRequest: description: The new log-based metric body. properties: data: $ref: '#/components/schemas/LogsMetricUpdateData' required: - data type: object LogsMetricsResponse: description: All the available log-based metric objects. properties: data: description: A list of log-based metric objects. items: $ref: '#/components/schemas/LogsMetricResponseData' type: array type: object LogsQueryFilter: description: The search and filter query settings properties: from: default: now-15m description: >- The minimum time for the requested logs, supports date math and regular timestamps (milliseconds). example: now-15m type: string indexes: default: - '*' description: >- For customers with multiple indexes, the indexes to search. Defaults to ['*'] which means all indexes. example: - main - web items: description: The name of a log index. type: string type: array query: default: '*' description: The search query - following the log search syntax. example: service:web* AND @http.status_code:[200 TO 299] type: string storage_tier: $ref: '#/components/schemas/LogsStorageTier' to: default: now description: >- The maximum time for the requested logs, supports date math and regular timestamps (milliseconds). example: now type: string type: object LogsQueryOptions: deprecated: true description: >- Global query options that are used during the query. Note: These fields are currently deprecated and do not affect the query results. properties: timeOffset: description: The time offset (in seconds) to apply to the query. format: int64 type: integer example: 42 timezone: default: UTC description: >- The timezone can be specified as GMT, UTC, an offset from UTC (like UTC+1), or as a Timezone Database identifier (like America/New_York). example: GMT type: string type: object LogsResponseMetadata: description: The metadata associated with a request properties: elapsed: description: The time elapsed in milliseconds example: 132 format: int64 type: integer page: $ref: '#/components/schemas/LogsResponseMetadataPage' request_id: description: The identifier of the request example: MWlFUjVaWGZTTTZPYzM0VXp1OXU2d3xLSVpEMjZKQ0VKUTI0dEYtM3RSOFVR type: string status: $ref: '#/components/schemas/LogsAggregateResponseStatus' warnings: description: >- A list of warnings (non fatal errors) encountered, partial results might be returned if warnings are present in the response. items: $ref: '#/components/schemas/LogsWarning' type: array type: object LogsResponseMetadataPage: description: Paging attributes. properties: after: description: >- The cursor to use to get the next results, if any. To make the next request, use the same parameters with the addition of the `page[cursor]`. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string type: object LogsRestrictionQueriesType: default: logs_restriction_queries description: Restriction query resource type. enum: - logs_restriction_queries example: logs_restriction_queries type: string x-enum-varnames: - LOGS_RESTRICTION_QUERIES LogsSort: description: Sort parameters when querying logs. enum: - timestamp - '-timestamp' type: string x-enum-varnames: - TIMESTAMP_ASCENDING - TIMESTAMP_DESCENDING LogsSortOrder: description: The order to use, ascending or descending enum: - asc - desc example: asc type: string x-enum-varnames: - ASCENDING - DESCENDING LogsStorageTier: default: indexes description: Specifies storage type as indexes, online-archives or flex enum: - indexes - online-archives - flex example: indexes type: string x-enum-varnames: - INDEXES - ONLINE_ARCHIVES - FLEX LogsWarning: description: A warning message indicating something that went wrong with the query properties: code: description: A unique code for this type of warning example: unknown_index type: string detail: description: A detailed explanation of this specific warning example: 'indexes: foo, bar' type: string title: description: A short human-readable summary of the warning example: >- One or several indexes are missing or invalid, results hold data from the other indexes type: string type: object MSTeamsIntegrationMetadata: description: Incident integration metadata for the Microsoft Teams integration. properties: teams: description: Array of Microsoft Teams in this integration metadata. example: [] items: $ref: '#/components/schemas/MSTeamsIntegrationMetadataTeamsItem' type: array required: - teams type: object MSTeamsIntegrationMetadataTeamsItem: description: Item in the Microsoft Teams integration metadata teams array. properties: ms_channel_id: description: Microsoft Teams channel ID. example: 19:abc00abcdef00a0abcdef0abcdef0a@thread.tacv2 type: string ms_channel_name: description: Microsoft Teams channel name. example: incident-0001-example type: string ms_tenant_id: description: Microsoft Teams tenant ID. example: 00000000-abcd-0005-0000-000000000000 type: string redirect_url: description: URL redirecting to the Microsoft Teams channel. example: >- https://teams.microsoft.com/l/channel/19%3Aabc00abcdef00a0abcdef0abcdef0a%40thread.tacv2/conversations?groupId=12345678-abcd-dcba-abcd-1234567890ab&tenantId=00000000-abcd-0005-0000-000000000000 type: string required: - ms_tenant_id - ms_channel_id - ms_channel_name - redirect_url type: object Metadata: description: The metadata related to this request. properties: count: description: Number of entities included in the response. example: 150 format: int64 type: integer token: description: The token that identifies the request. example: >- b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4 type: string total: description: Total number of entities across all pages. example: 152431 format: int64 type: integer required: - count - total - token type: object Metric: description: Object for a single metric tag configuration. example: id: metric.foo.bar type: metrics properties: id: $ref: '#/components/schemas/MetricName' type: $ref: '#/components/schemas/MetricType' type: object MetricActiveConfigurationType: default: actively_queried_configurations description: The metric actively queried configuration resource type. enum: - actively_queried_configurations example: actively_queried_configurations type: string x-enum-varnames: - ACTIVELY_QUERIED_CONFIGURATIONS MetricAllTags: description: Object for a single metric's indexed tags. properties: attributes: $ref: '#/components/schemas/MetricAllTagsAttributes' id: $ref: '#/components/schemas/MetricName' type: $ref: '#/components/schemas/MetricType' type: object MetricAllTagsAttributes: description: Object containing the definition of a metric's tags. properties: tags: description: List of indexed tag value pairs. example: - sport:golf - sport:football - animal:dog items: description: Tag key-value pairs. type: string type: array type: object MetricAllTagsResponse: description: Response object that includes a single metric's indexed tags. properties: data: $ref: '#/components/schemas/MetricAllTags' readOnly: true type: object MetricAssetAttributes: description: Assets related to the object, including title and url. properties: title: description: Title of the asset. type: string example: Example Monitor url: description: URL path of the asset. type: string example: https://app.datadoghq.com type: object MetricAssetDashboardRelationship: description: >- An object of type `dashboard` that can be referenced in the `included` data. properties: id: $ref: '#/components/schemas/MetricDashboardID' type: $ref: '#/components/schemas/MetricDashboardType' type: object MetricAssetDashboardRelationships: description: >- An object containing the list of dashboards that can be referenced in the `included` data. properties: data: description: A list of dashboards that can be referenced in the `included` data. items: $ref: '#/components/schemas/MetricAssetDashboardRelationship' type: array type: object MetricAssetMonitorRelationship: description: >- An object of type `monitor` that can be referenced in the `included` data. properties: id: $ref: '#/components/schemas/MetricMonitorID' type: $ref: '#/components/schemas/MetricMonitorType' type: object MetricAssetMonitorRelationships: description: >- A object containing the list of monitors that can be referenced in the `included` data. properties: data: description: A list of monitors that can be referenced in the `included` data. items: $ref: '#/components/schemas/MetricAssetMonitorRelationship' type: array type: object MetricAssetNotebookRelationship: description: >- An object of type `notebook` that can be referenced in the `included` data. properties: id: $ref: '#/components/schemas/MetricNotebookID' type: $ref: '#/components/schemas/MetricNotebookType' type: object MetricAssetNotebookRelationships: description: >- An object containing the list of notebooks that can be referenced in the `included` data. properties: data: description: A list of notebooks that can be referenced in the `included` data. items: $ref: '#/components/schemas/MetricAssetNotebookRelationship' type: array type: object MetricAssetResponseData: description: Metric assets response data. properties: id: $ref: '#/components/schemas/MetricName' relationships: $ref: '#/components/schemas/MetricAssetResponseRelationships' type: $ref: '#/components/schemas/MetricType' required: - id - type type: object MetricAssetResponseIncluded: description: List of included assets with full set of attributes. oneOf: - $ref: '#/components/schemas/MetricDashboardAsset' - $ref: '#/components/schemas/MetricMonitorAsset' - $ref: '#/components/schemas/MetricNotebookAsset' - $ref: '#/components/schemas/MetricSLOAsset' MetricAssetResponseRelationships: description: Relationships to assets related to the metric. properties: dashboards: $ref: '#/components/schemas/MetricAssetDashboardRelationships' monitors: $ref: '#/components/schemas/MetricAssetMonitorRelationships' notebooks: $ref: '#/components/schemas/MetricAssetNotebookRelationships' slos: $ref: '#/components/schemas/MetricAssetSLORelationships' type: object MetricAssetSLORelationship: description: An object of type `slos` that can be referenced in the `included` data. properties: id: $ref: '#/components/schemas/MetricSLOID' type: $ref: '#/components/schemas/MetricSLOType' type: object MetricAssetSLORelationships: description: >- An object containing a list of SLOs that can be referenced in the `included` data. properties: data: description: A list of SLOs that can be referenced in the `included` data. items: $ref: '#/components/schemas/MetricAssetSLORelationship' type: array type: object MetricAssetsResponse: description: >- Response object that includes related dashboards, monitors, notebooks, and SLOs. properties: data: $ref: '#/components/schemas/MetricAssetResponseData' included: description: Array of objects related to the metric assets. items: $ref: '#/components/schemas/MetricAssetResponseIncluded' type: array type: object MetricBulkConfigureTagsType: default: metric_bulk_configure_tags description: The metric bulk configure tags resource. enum: - metric_bulk_configure_tags example: metric_bulk_configure_tags type: string x-enum-varnames: - BULK_MANAGE_TAGS MetricBulkTagConfigCreate: description: >- Request object to bulk configure tags for metrics matching the given prefix. properties: attributes: $ref: '#/components/schemas/MetricBulkTagConfigCreateAttributes' id: $ref: '#/components/schemas/MetricBulkTagConfigNamePrefix' type: $ref: '#/components/schemas/MetricBulkConfigureTagsType' required: - id - type type: object MetricBulkTagConfigCreateAttributes: description: Optional parameters for bulk creating metric tag configurations. properties: emails: $ref: '#/components/schemas/MetricBulkTagConfigEmailList' exclude_tags_mode: description: >- When set to true, the configuration will exclude the configured tags and include any other submitted tags. When set to false, the configuration will include the configured tags and exclude any other submitted tags. Defaults to false. type: boolean example: true include_actively_queried_tags_window: description: |- When provided, all tags that have been actively queried are configured (and, therefore, remain queryable) for each metric that matches the given prefix. Minimum value is 1 second, and maximum value is 7,776,000 seconds (90 days). format: double maximum: 7776000 minimum: 1 type: number example: 95.5 override_existing_configurations: description: |- When set to true, the configuration overrides any existing configurations for the given metric with the new set of tags in this configuration request. If false, old configurations are kept and are merged with the set of tags in this configuration request. Defaults to true. type: boolean example: true tags: $ref: '#/components/schemas/MetricBulkTagConfigTagNameList' type: object MetricBulkTagConfigCreateRequest: description: Wrapper object for a single bulk tag configuration request. properties: data: $ref: '#/components/schemas/MetricBulkTagConfigCreate' required: - data type: object MetricBulkTagConfigDelete: description: >- Request object to bulk delete all tag configurations for metrics matching the given prefix. properties: attributes: $ref: '#/components/schemas/MetricBulkTagConfigDeleteAttributes' id: $ref: '#/components/schemas/MetricBulkTagConfigNamePrefix' type: $ref: '#/components/schemas/MetricBulkConfigureTagsType' required: - id - type type: object MetricBulkTagConfigDeleteAttributes: description: Optional parameters for bulk deleting metric tag configurations. properties: emails: $ref: '#/components/schemas/MetricBulkTagConfigEmailList' type: object MetricBulkTagConfigDeleteRequest: description: Wrapper object for a single bulk tag deletion request. properties: data: $ref: '#/components/schemas/MetricBulkTagConfigDelete' required: - data type: object MetricBulkTagConfigEmailList: description: A list of account emails to notify when the configuration is applied. example: - sue@example.com - bob@example.com items: description: An email address. type: string type: array MetricBulkTagConfigNamePrefix: description: A text prefix to match against metric names. example: kafka.lag type: string MetricBulkTagConfigResponse: description: Wrapper for a single bulk tag configuration status response. properties: data: $ref: '#/components/schemas/MetricBulkTagConfigStatus' type: object MetricBulkTagConfigStatus: description: |- The status of a request to bulk configure metric tags. It contains the fields from the original request for reference. properties: attributes: $ref: '#/components/schemas/MetricBulkTagConfigStatusAttributes' id: $ref: '#/components/schemas/MetricBulkTagConfigNamePrefix' type: $ref: '#/components/schemas/MetricBulkConfigureTagsType' required: - id - type type: object MetricBulkTagConfigStatusAttributes: description: Optional attributes for the status of a bulk tag configuration request. properties: emails: $ref: '#/components/schemas/MetricBulkTagConfigEmailList' exclude_tags_mode: description: >- When set to true, the configuration will exclude the configured tags and include any other submitted tags. When set to false, the configuration will include the configured tags and exclude any other submitted tags. type: boolean example: true status: description: The status of the request. example: Accepted type: string tags: $ref: '#/components/schemas/MetricBulkTagConfigTagNameList' type: object MetricBulkTagConfigTagNameList: description: A list of tag names to apply to the configuration. example: - host - pod_name - is_shadow items: description: A metric tag name. maxLength: 200 pattern: ^[A-Za-z][A-Za-z0-9\.\-\_:\/]*$ type: string type: array MetricContentEncoding: default: deflate description: HTTP header used to compress the media-type. enum: - deflate - zstd1 - gzip example: deflate type: string x-enum-varnames: - DEFLATE - ZSTD1 - GZIP MetricCustomAggregation: description: A time and space aggregation combination for use in query. example: space: sum time: sum properties: space: $ref: '#/components/schemas/MetricCustomSpaceAggregation' time: $ref: '#/components/schemas/MetricCustomTimeAggregation' required: - time - space type: object MetricCustomAggregations: description: >- Deprecated. You no longer need to configure specific time and space aggregations for Metrics Without Limits. example: - space: sum time: sum - space: sum time: count items: $ref: '#/components/schemas/MetricCustomAggregation' type: array MetricCustomSpaceAggregation: description: A space aggregation for use in query. enum: - avg - max - min - sum example: sum type: string x-enum-varnames: - AVG - MAX - MIN - SUM MetricCustomTimeAggregation: description: A time aggregation for use in query. enum: - avg - count - max - min - sum example: sum type: string x-enum-varnames: - AVG - COUNT - MAX - MIN - SUM MetricDashboardAsset: description: A dashboard object with title and popularity. properties: attributes: $ref: '#/components/schemas/MetricDashboardAttributes' id: $ref: '#/components/schemas/MetricDashboardID' type: $ref: '#/components/schemas/MetricDashboardType' required: - id - type type: object MetricDashboardAttributes: description: >- Attributes related to the dashboard, including title, popularity, and url. properties: popularity: description: Value from 0 to 5 that ranks popularity of the dashboard. format: double maximum: 5 minimum: 0 type: number example: 95.5 title: description: Title of the asset. type: string example: Example Monitor url: description: URL path of the asset. type: string example: https://app.datadoghq.com type: object MetricDashboardID: description: The related dashboard's ID. example: xxx-yyy-zzz type: string MetricDashboardType: description: Dashboard resource type. enum: - dashboards example: dashboards type: string x-enum-varnames: - DASHBOARDS MetricDistinctVolume: description: Object for a single metric's distinct volume. properties: attributes: $ref: '#/components/schemas/MetricDistinctVolumeAttributes' id: $ref: '#/components/schemas/MetricName' type: $ref: '#/components/schemas/MetricDistinctVolumeType' type: object MetricDistinctVolumeAttributes: description: Object containing the definition of a metric's distinct volume. properties: distinct_volume: description: Distinct volume for the given metric. example: 10 format: int64 type: integer type: object MetricDistinctVolumeType: default: distinct_metric_volumes description: The metric distinct volume type. enum: - distinct_metric_volumes example: distinct_metric_volumes type: string x-enum-varnames: - DISTINCT_METRIC_VOLUMES MetricEstimate: description: Object for a metric cardinality estimate. properties: attributes: $ref: '#/components/schemas/MetricEstimateAttributes' id: $ref: '#/components/schemas/MetricName' type: $ref: '#/components/schemas/MetricEstimateResourceType' type: object x-merge-override: required: false MetricEstimateAttributes: description: Object containing the definition of a metric estimate attribute. properties: estimate_type: $ref: '#/components/schemas/MetricEstimateType' estimated_at: description: Timestamp when the cardinality estimate was requested. example: '2022-04-27T09:48:37.463835Z' format: date-time type: string estimated_output_series: description: >- Estimated cardinality of the metric based on the queried configuration. example: 50 format: int64 type: integer type: object x-merge-override: required: false MetricEstimateResourceType: default: metric_cardinality_estimate description: The metric estimate resource type. enum: - metric_cardinality_estimate example: metric_cardinality_estimate type: string x-enum-varnames: - METRIC_CARDINALITY_ESTIMATE MetricEstimateResponse: description: Response object that includes metric cardinality estimates. properties: data: $ref: '#/components/schemas/MetricEstimate' type: object MetricEstimateType: default: count_or_gauge description: >- Estimate type based on the queried configuration. By default, `count_or_gauge` is returned. `distribution` is returned for distribution metrics without percentiles enabled. Lastly, `percentile` is returned if `filter[pct]=true` is queried with a distribution metric. enum: - count_or_gauge - distribution - percentile example: distribution type: string x-enum-varnames: - COUNT_OR_GAUGE - DISTRIBUTION - PERCENTILE MetricIngestedIndexedVolume: description: Object for a single metric's ingested and indexed volume. properties: attributes: $ref: '#/components/schemas/MetricIngestedIndexedVolumeAttributes' id: $ref: '#/components/schemas/MetricName' type: $ref: '#/components/schemas/MetricIngestedIndexedVolumeType' type: object MetricIngestedIndexedVolumeAttributes: description: >- Object containing the definition of a metric's ingested and indexed volume. properties: indexed_volume: description: Indexed volume for the given metric. example: 10 format: int64 type: integer ingested_volume: description: Ingested volume for the given metric. example: 20 format: int64 type: integer type: object MetricIngestedIndexedVolumeType: default: metric_volumes description: The metric ingested and indexed volume type. enum: - metric_volumes example: metric_volumes type: string x-enum-varnames: - METRIC_VOLUMES MetricIntakeType: description: >- The type of metric. The available types are `0` (unspecified), `1` (count), `2` (rate), and `3` (gauge). enum: - 0 - 1 - 2 - 3 format: int32 type: integer x-enum-varnames: - UNSPECIFIED - COUNT - RATE - GAUGE MetricMetaPage: description: >- Paging attributes. Only present if pagination query parameters were provided. properties: cursor: description: The cursor used to get the current results, if any. nullable: true type: string example: example_value limit: description: Number of results returned format: int32 maximum: 20000 minimum: 0 type: integer example: 42 next_cursor: description: The cursor used to get the next results, if any. nullable: true type: string example: example_value type: $ref: '#/components/schemas/MetricMetaPageType' type: object MetricMetaPageType: default: cursor_limit description: Type of metric pagination. enum: - cursor_limit example: cursor_limit type: string x-enum-varnames: - CURSOR_LIMIT MetricMetadata: description: Metadata for the metric. properties: origin: $ref: '#/components/schemas/MetricOrigin' type: object MetricMonitorAsset: description: A monitor object with title. properties: attributes: $ref: '#/components/schemas/MetricAssetAttributes' id: $ref: '#/components/schemas/MetricMonitorID' type: $ref: '#/components/schemas/MetricMonitorType' required: - id - type type: object MetricMonitorID: description: The related monitor's ID. example: '1775073' type: string MetricMonitorType: description: Monitor resource type. enum: - monitors example: monitors type: string x-enum-varnames: - MONITORS MetricName: description: The metric name for this resource. example: test.metric.latency type: string MetricNotebookAsset: description: A notebook object with title. properties: attributes: $ref: '#/components/schemas/MetricAssetAttributes' id: $ref: '#/components/schemas/MetricNotebookID' type: $ref: '#/components/schemas/MetricNotebookType' required: - id - type type: object MetricNotebookID: description: The related notebook's ID. example: '12345' type: string MetricNotebookType: description: Notebook resource type. enum: - notebooks example: notebooks type: string x-enum-varnames: - NOTEBOOKS MetricOrigin: description: Metric origin information. properties: metric_type: default: 0 description: The origin metric type code format: int32 maximum: 1000 type: integer example: 42 product: default: 0 description: The origin product code format: int32 maximum: 1000 type: integer example: 42 service: default: 0 description: The origin service code format: int32 maximum: 1000 type: integer example: 42 type: object MetricPaginationMeta: description: Response metadata object. properties: pagination: $ref: '#/components/schemas/MetricMetaPage' type: object MetricPayload: description: The metrics' payload. properties: series: description: A list of timeseries to submit to Datadog. example: - metric: system.load.1 points: - timestamp: 1475317847 value: 0.7 resources: - name: dummyhost type: host items: $ref: '#/components/schemas/MetricSeries' type: array required: - series type: object MetricPoint: description: A point object is of the form `{POSIX_timestamp, numeric_value}`. example: timestamp: 1575317847 value: 0.5 properties: timestamp: description: >- The timestamp should be in seconds and current. Current is defined as not more than 10 minutes in the future or more than 1 hour in the past. format: int64 type: integer example: 42 value: description: The numeric value format should be a 64bit float gauge-type value. format: double type: number example: 95.5 type: object MetricResource: description: Metric resource. example: name: dummyhost type: host properties: name: description: The name of the resource. type: string example: Example Monitor type: description: The type of the resource. type: string example: metric alert type: object MetricSLOAsset: description: A SLO object with title. properties: attributes: $ref: '#/components/schemas/MetricAssetAttributes' id: $ref: '#/components/schemas/MetricSLOID' type: $ref: '#/components/schemas/MetricSLOType' required: - id - type type: object MetricSLOID: description: The SLO ID. example: 9ffef113b389520db54391d67d652dfb type: string MetricSLOType: description: SLO resource type. enum: - slos example: slos type: string x-enum-varnames: - SLOS MetricSeries: description: >- A metric to submit to Datadog. See [Datadog metrics](https://docs.datadoghq.com/developers/metrics/#custom-metrics-properties). properties: interval: description: >- If the type of the metric is rate or count, define the corresponding interval in seconds. example: 20 format: int64 type: integer metadata: $ref: '#/components/schemas/MetricMetadata' metric: description: The name of the timeseries. example: system.load.1 type: string points: description: >- Points relating to a metric. All points must be objects with timestamp and a scalar value (cannot be a string). Timestamps should be in POSIX time in seconds, and cannot be more than ten minutes in the future or more than one hour in the past. example: - timestamp: 1575317847 value: 0.5 items: $ref: '#/components/schemas/MetricPoint' type: array resources: description: A list of resources to associate with this metric. items: $ref: '#/components/schemas/MetricResource' type: array source_type_name: description: The source type name. example: datadog type: string tags: description: A list of tags associated with the metric. example: - environment:test items: description: Individual tags. type: string type: array type: $ref: '#/components/schemas/MetricIntakeType' unit: description: The unit of point value. example: second type: string required: - metric - points type: object MetricSuggestedAggregations: description: List of aggregation combinations that have been actively queried. example: - space: sum time: sum - space: sum time: count items: $ref: '#/components/schemas/MetricCustomAggregation' type: array MetricSuggestedTagsAndAggregations: description: Object for a single metric's actively queried tags and aggregations. properties: attributes: $ref: '#/components/schemas/MetricSuggestedTagsAttributes' id: $ref: '#/components/schemas/MetricName' type: $ref: '#/components/schemas/MetricActiveConfigurationType' type: object MetricSuggestedTagsAndAggregationsResponse: description: >- Response object that includes a single metric's actively queried tags and aggregations. properties: data: $ref: '#/components/schemas/MetricSuggestedTagsAndAggregations' readOnly: true type: object MetricSuggestedTagsAttributes: description: >- Object containing the definition of a metric's actively queried tags and aggregations. properties: active_aggregations: $ref: '#/components/schemas/MetricSuggestedAggregations' active_tags: description: List of tag keys that have been actively queried. example: - app - datacenter items: description: Actively queried tag keys. type: string type: array type: object MetricTagConfiguration: description: Object for a single metric tag configuration. example: attributes: aggregations: - space: avg time: avg created_at: '2020-03-25T09:48:37.463835Z' metric_type: gauge modified_at: '2020-04-25T09:48:37.463835Z' tags: - app - datacenter id: http.request.latency type: manage_tags properties: attributes: $ref: '#/components/schemas/MetricTagConfigurationAttributes' id: $ref: '#/components/schemas/MetricName' type: $ref: '#/components/schemas/MetricTagConfigurationType' type: object MetricTagConfigurationAttributes: description: >- Object containing the definition of a metric tag configuration attributes. properties: aggregations: $ref: '#/components/schemas/MetricCustomAggregations' created_at: description: Timestamp when the tag configuration was created. example: '2020-03-25T09:48:37.463835Z' format: date-time type: string exclude_tags_mode: description: >- When set to true, the configuration will exclude the configured tags and include any other submitted tags. When set to false, the configuration will include the configured tags and exclude any other submitted tags. Defaults to false. Requires `tags` property. type: boolean example: true include_percentiles: description: >- Toggle to include or exclude percentile aggregations for distribution metrics. Only present when the `metric_type` is `distribution`. example: true type: boolean metric_type: $ref: '#/components/schemas/MetricTagConfigurationMetricTypes' modified_at: description: Timestamp when the tag configuration was last modified. example: '2020-03-25T09:48:37.463835Z' format: date-time type: string tags: description: List of tag keys on which to group. example: - app - datacenter items: description: Tag keys to group by. type: string type: array type: object MetricTagConfigurationCreateAttributes: description: >- Object containing the definition of a metric tag configuration to be created. properties: aggregations: $ref: '#/components/schemas/MetricCustomAggregations' exclude_tags_mode: description: >- When set to true, the configuration will exclude the configured tags and include any other submitted tags. When set to false, the configuration will include the configured tags and exclude any other submitted tags. Defaults to false. Requires `tags` property. type: boolean example: true include_percentiles: description: >- Toggle to include/exclude percentiles for a distribution metric. Defaults to false. Can only be applied to metrics that have a `metric_type` of `distribution`. example: true type: boolean metric_type: $ref: '#/components/schemas/MetricTagConfigurationMetricTypes' tags: default: [] description: A list of tag keys that will be queryable for your metric. example: - app - datacenter items: description: Tag keys to group by. type: string type: array required: - tags - metric_type type: object MetricTagConfigurationCreateData: description: Object for a single metric to be configure tags on. example: attributes: include_percentiles: false metric_type: distribution tags: - app - datacenter id: http.endpoint.request type: manage_tags properties: attributes: $ref: '#/components/schemas/MetricTagConfigurationCreateAttributes' id: $ref: '#/components/schemas/MetricName' type: $ref: '#/components/schemas/MetricTagConfigurationType' required: - id - type type: object MetricTagConfigurationCreateRequest: description: >- Request object that includes the metric that you would like to configure tags for. properties: data: $ref: '#/components/schemas/MetricTagConfigurationCreateData' required: - data type: object MetricTagConfigurationMetricTypeCategory: default: distribution description: The metric's type category. enum: - non_distribution - distribution example: distribution type: string x-enum-varnames: - NON_DISTRIBUTION - DISTRIBUTION MetricTagConfigurationMetricTypes: default: gauge description: The metric's type. enum: - gauge - count - rate - distribution example: count type: string x-enum-varnames: - GAUGE - COUNT - RATE - DISTRIBUTION MetricTagConfigurationResponse: description: Response object which includes a single metric's tag configuration. properties: data: $ref: '#/components/schemas/MetricTagConfiguration' readOnly: true type: object MetricTagConfigurationType: default: manage_tags description: The metric tag configuration resource type. enum: - manage_tags example: manage_tags type: string x-enum-varnames: - MANAGE_TAGS MetricTagConfigurationUpdateAttributes: description: >- Object containing the definition of a metric tag configuration to be updated. properties: aggregations: $ref: '#/components/schemas/MetricCustomAggregations' exclude_tags_mode: description: >- When set to true, the configuration will exclude the configured tags and include any other submitted tags. When set to false, the configuration will include the configured tags and exclude any other submitted tags. Defaults to false. Requires `tags` property. type: boolean example: true include_percentiles: description: >- Toggle to include/exclude percentiles for a distribution metric. Defaults to false. Can only be applied to metrics that have a `metric_type` of `distribution`. example: true type: boolean tags: default: [] description: A list of tag keys that will be queryable for your metric. example: - app - datacenter items: description: Tag keys to group by. type: string type: array type: object MetricTagConfigurationUpdateData: description: Object for a single tag configuration to be edited. example: attributes: group_by: - app - datacenter include_percentiles: false id: http.endpoint.request type: manage_tags properties: attributes: $ref: '#/components/schemas/MetricTagConfigurationUpdateAttributes' id: $ref: '#/components/schemas/MetricName' type: $ref: '#/components/schemas/MetricTagConfigurationType' required: - id - type type: object MetricTagConfigurationUpdateRequest: description: >- Request object that includes the metric that you would like to edit the tag configuration on. properties: data: $ref: '#/components/schemas/MetricTagConfigurationUpdateData' required: - data type: object MetricType: default: metrics description: The metric resource type. enum: - metrics example: metrics type: string x-enum-varnames: - METRICS MetricVolumes: description: Possible response objects for a metric's volume. oneOf: - $ref: '#/components/schemas/MetricDistinctVolume' - $ref: '#/components/schemas/MetricIngestedIndexedVolume' MetricVolumesResponse: description: Response object which includes a single metric's volume. properties: data: $ref: '#/components/schemas/MetricVolumes' readOnly: true type: object MetricsAggregator: default: avg description: The type of aggregation that can be performed on metrics-based queries. enum: - avg - min - max - sum - last - percentile - mean - l2norm - area example: avg type: string x-enum-varnames: - AVG - MIN - MAX - SUM - LAST - PERCENTILE - MEAN - L2NORM - AREA MetricsAndMetricTagConfigurations: description: Object for a metrics and metric tag configurations. oneOf: - $ref: '#/components/schemas/Metric' - $ref: '#/components/schemas/MetricTagConfiguration' MetricsAndMetricTagConfigurationsResponse: description: Response object that includes metrics and metric tag configurations. properties: data: description: Array of metrics and metric tag configurations. items: $ref: '#/components/schemas/MetricsAndMetricTagConfigurations' type: array links: $ref: '#/components/schemas/MetricsListResponseLinks' meta: $ref: '#/components/schemas/MetricPaginationMeta' readOnly: true type: object MetricsDataSource: default: metrics description: A data source that is powered by the Metrics platform. enum: - metrics - cloud_cost example: metrics type: string x-enum-varnames: - METRICS - CLOUD_COST MetricsListResponseLinks: description: >- Pagination links. Only present if pagination query parameters were provided. properties: first: description: Link to the first page. type: string example: example_value last: description: Link to the last page. nullable: true type: string example: example_value next: description: Link to the next page. nullable: true type: string example: example_value prev: description: Link to previous page. nullable: true type: string example: example_value self: description: Link to current page. type: string example: example_value type: object MetricsScalarQuery: description: An individual scalar metrics query. properties: aggregator: $ref: '#/components/schemas/MetricsAggregator' data_source: $ref: '#/components/schemas/MetricsDataSource' name: description: The variable name for use in formulas. type: string example: Example Monitor query: description: A classic metrics query string. example: avg:system.cpu.user{*} by {env} type: string required: - data_source - query - aggregator type: object MetricsTimeseriesQuery: description: An individual timeseries metrics query. properties: data_source: $ref: '#/components/schemas/MetricsDataSource' name: description: The variable name for use in formulas. type: string example: Example Monitor query: description: A classic metrics query string. example: avg:system.cpu.user{*} by {env} type: string required: - data_source - query type: object MicrosoftSentinelDestination: description: >- The `microsoft_sentinel` destination forwards logs to Microsoft Sentinel. properties: client_id: description: Azure AD client ID used for authentication. example: a1b2c3d4-5678-90ab-cdef-1234567890ab type: string dcr_immutable_id: description: The immutable ID of the Data Collection Rule (DCR). example: dcr-uuid-1234 type: string id: description: The unique identifier for this component. example: sentinel-destination type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - filter-processor items: type: string type: array table: description: The name of the Log Analytics table where logs are sent. example: CustomLogsTable type: string tenant_id: description: Azure AD tenant ID. example: abcdef12-3456-7890-abcd-ef1234567890 type: string type: $ref: '#/components/schemas/MicrosoftSentinelDestinationType' required: - id - type - inputs - client_id - tenant_id - dcr_immutable_id - table type: object MicrosoftSentinelDestinationType: default: microsoft_sentinel description: The destination type. The value should always be `microsoft_sentinel`. enum: - microsoft_sentinel example: microsoft_sentinel type: string x-enum-varnames: - MICROSOFT_SENTINEL MicrosoftTeamsChannelInfoResponseAttributes: description: Channel attributes. properties: is_primary: description: Indicates if this is the primary channel. example: true maxLength: 255 type: boolean team_id: description: Team id. example: 00000000-0000-0000-0000-000000000000 maxLength: 255 type: string tenant_id: description: Tenant id. example: 00000000-0000-0000-0000-000000000001 maxLength: 255 type: string type: object x-merge-override: required: false MicrosoftTeamsChannelInfoResponseData: description: Channel data from a response. properties: attributes: $ref: '#/components/schemas/MicrosoftTeamsChannelInfoResponseAttributes' id: description: The ID of the channel. example: 19:b41k24b14bn1nwffkernfkwrnfneubgkr@thread.tacv2 maxLength: 255 minLength: 1 type: string type: $ref: '#/components/schemas/MicrosoftTeamsChannelInfoType' type: object x-merge-override: required: false MicrosoftTeamsChannelInfoType: default: ms-teams-channel-info description: Channel info resource type. enum: - ms-teams-channel-info example: ms-teams-channel-info type: string x-enum-varnames: - MS_TEAMS_CHANNEL_INFO MicrosoftTeamsCreateTenantBasedHandleRequest: description: Create tenant-based handle request. properties: data: $ref: '#/components/schemas/MicrosoftTeamsTenantBasedHandleRequestData' required: - data type: object MicrosoftTeamsCreateWorkflowsWebhookHandleRequest: description: Create Workflows webhook handle request. properties: data: $ref: '#/components/schemas/MicrosoftTeamsWorkflowsWebhookHandleRequestData' required: - data type: object MicrosoftTeamsGetChannelByNameResponse: description: Response with channel, team, and tenant ID information. properties: data: $ref: '#/components/schemas/MicrosoftTeamsChannelInfoResponseData' type: object MicrosoftTeamsTenantBasedHandleAttributes: description: Tenant-based handle attributes. properties: channel_id: description: Channel id. example: fake-channel-id maxLength: 255 type: string name: description: Tenant-based handle name. example: fake-handle-name maxLength: 255 type: string team_id: description: Team id. example: 00000000-0000-0000-0000-000000000000 maxLength: 255 type: string tenant_id: description: Tenant id. example: 00000000-0000-0000-0000-000000000001 maxLength: 255 type: string type: object x-merge-override: required: false MicrosoftTeamsTenantBasedHandleInfoResponseAttributes: description: Tenant-based handle attributes. properties: channel_id: description: Channel id. example: fake-channel-id maxLength: 255 type: string channel_name: description: Channel name. example: fake-channel-name maxLength: 255 type: string name: description: Tenant-based handle name. example: fake-handle-name maxLength: 255 type: string team_id: description: Team id. example: 00000000-0000-0000-0000-000000000000 maxLength: 255 type: string team_name: description: Team name. example: fake-team-name maxLength: 255 type: string tenant_id: description: Tenant id. example: 00000000-0000-0000-0000-000000000001 maxLength: 255 type: string tenant_name: description: Tenant name. example: fake-tenant-name maxLength: 255 type: string type: object x-merge-override: required: false MicrosoftTeamsTenantBasedHandleInfoResponseData: description: Tenant-based handle data from a response. properties: attributes: $ref: >- #/components/schemas/MicrosoftTeamsTenantBasedHandleInfoResponseAttributes id: description: The ID of the tenant-based handle. example: 596da4af-0563-4097-90ff-07230c3f9db3 maxLength: 100 minLength: 1 type: string type: $ref: '#/components/schemas/MicrosoftTeamsTenantBasedHandleInfoType' type: object x-merge-override: required: false MicrosoftTeamsTenantBasedHandleInfoType: default: ms-teams-tenant-based-handle-info description: Tenant-based handle resource type. enum: - ms-teams-tenant-based-handle-info example: ms-teams-tenant-based-handle-info type: string x-enum-varnames: - MS_TEAMS_TENANT_BASED_HANDLE_INFO MicrosoftTeamsTenantBasedHandleRequestAttributes: description: Tenant-based handle attributes. properties: channel_id: description: Channel id. example: fake-channel-id maxLength: 255 type: string name: description: Tenant-based handle name. example: fake-handle-name maxLength: 255 type: string team_id: description: Team id. example: 00000000-0000-0000-0000-000000000000 maxLength: 255 type: string tenant_id: description: Tenant id. example: 00000000-0000-0000-0000-000000000001 maxLength: 255 type: string required: - name - channel_id - team_id - tenant_id type: object x-merge-override: required: false MicrosoftTeamsTenantBasedHandleRequestData: description: Tenant-based handle data from a response. properties: attributes: $ref: >- #/components/schemas/MicrosoftTeamsTenantBasedHandleRequestAttributes type: $ref: '#/components/schemas/MicrosoftTeamsTenantBasedHandleType' required: - type - attributes type: object x-merge-override: required: false MicrosoftTeamsTenantBasedHandleResponse: description: Response of a tenant-based handle. properties: data: $ref: '#/components/schemas/MicrosoftTeamsTenantBasedHandleResponseData' required: - data type: object MicrosoftTeamsTenantBasedHandleResponseData: description: Tenant-based handle data from a response. properties: attributes: $ref: '#/components/schemas/MicrosoftTeamsTenantBasedHandleAttributes' id: description: The ID of the tenant-based handle. example: 596da4af-0563-4097-90ff-07230c3f9db3 maxLength: 100 minLength: 1 type: string type: $ref: '#/components/schemas/MicrosoftTeamsTenantBasedHandleType' type: object x-merge-override: required: false MicrosoftTeamsTenantBasedHandleType: default: tenant-based-handle description: Specifies the tenant-based handle resource type. enum: - tenant-based-handle example: tenant-based-handle type: string x-enum-varnames: - TENANT_BASED_HANDLE MicrosoftTeamsTenantBasedHandlesResponse: description: Response with a list of tenant-based handles. properties: data: description: An array of tenant-based handles. example: - attributes: channelId: 19:b41k24b14bn1nwffkernfkwrnfneubgkr@thread.tacv2 channelName: General name: general-handle teamId: 00000000-0000-0000-0000-000000000000 teamName: Example Team tenantId: 00000000-0000-0000-0000-000000000001 tenantName: Company, Inc. id: 596da4af-0563-4097-90ff-07230c3f9db3 type: ms-teams-tenant-based-handle-info - attributes: channelId: 19:b41k24b14bn1nwffkernfkwrnfneubgk1@thread.tacv2 channelName: General2 name: general-handle-2 teamId: 00000000-0000-0000-0000-000000000002 teamName: Example Team 2 tenantId: 00000000-0000-0000-0000-000000000003 tenantName: Company, Inc. id: 596da4af-0563-4097-90ff-07230c3f9db4 type: ms-teams-tenant-based-handle-info items: $ref: >- #/components/schemas/MicrosoftTeamsTenantBasedHandleInfoResponseData type: array required: - data type: object MicrosoftTeamsUpdateTenantBasedHandleRequest: description: Update tenant-based handle request. properties: data: $ref: >- #/components/schemas/MicrosoftTeamsUpdateTenantBasedHandleRequestData required: - data type: object MicrosoftTeamsUpdateTenantBasedHandleRequestData: description: Tenant-based handle data from a response. properties: attributes: $ref: '#/components/schemas/MicrosoftTeamsTenantBasedHandleAttributes' type: $ref: '#/components/schemas/MicrosoftTeamsTenantBasedHandleType' required: - type - attributes type: object x-merge-override: required: false MicrosoftTeamsUpdateWorkflowsWebhookHandleRequest: description: Update Workflows webhook handle request. properties: data: $ref: >- #/components/schemas/MicrosoftTeamsUpdateWorkflowsWebhookHandleRequestData required: - data type: object MicrosoftTeamsUpdateWorkflowsWebhookHandleRequestData: description: Workflows Webhook handle data from a response. properties: attributes: $ref: '#/components/schemas/MicrosoftTeamsWorkflowsWebhookHandleAttributes' type: $ref: '#/components/schemas/MicrosoftTeamsWorkflowsWebhookHandleType' required: - type - attributes type: object MicrosoftTeamsWorkflowsWebhookHandleAttributes: description: Workflows Webhook handle attributes. properties: name: description: Workflows Webhook handle name. example: fake-handle-name maxLength: 255 type: string url: description: Workflows Webhook URL. example: https://fake.url.com maxLength: 255 type: string type: object MicrosoftTeamsWorkflowsWebhookHandleRequestAttributes: description: Workflows Webhook handle attributes. properties: name: description: Workflows Webhook handle name. example: fake-handle-name maxLength: 255 type: string url: description: Workflows Webhook URL. example: https://fake.url.com maxLength: 255 type: string required: - name - url type: object MicrosoftTeamsWorkflowsWebhookHandleRequestData: description: Workflows Webhook handle data from a response. properties: attributes: $ref: >- #/components/schemas/MicrosoftTeamsWorkflowsWebhookHandleRequestAttributes type: $ref: '#/components/schemas/MicrosoftTeamsWorkflowsWebhookHandleType' required: - type - attributes type: object MicrosoftTeamsWorkflowsWebhookHandleResponse: description: Response of a Workflows webhook handle. properties: data: $ref: >- #/components/schemas/MicrosoftTeamsWorkflowsWebhookHandleResponseData required: - data type: object MicrosoftTeamsWorkflowsWebhookHandleResponseData: description: Workflows Webhook handle data from a response. properties: attributes: $ref: >- #/components/schemas/MicrosoftTeamsWorkflowsWebhookResponseAttributes id: description: The ID of the Workflows webhook handle. example: 596da4af-0563-4097-90ff-07230c3f9db3 maxLength: 100 minLength: 1 type: string type: $ref: '#/components/schemas/MicrosoftTeamsWorkflowsWebhookHandleType' type: object MicrosoftTeamsWorkflowsWebhookHandleType: default: workflows-webhook-handle description: Specifies the Workflows webhook handle resource type. enum: - workflows-webhook-handle example: workflows-webhook-handle type: string x-enum-varnames: - WORKFLOWS_WEBHOOK_HANDLE MicrosoftTeamsWorkflowsWebhookHandlesResponse: description: Response with a list of Workflows webhook handles. properties: data: description: An array of Workflows webhook handles. example: - attributes: name: general-handle id: 596da4af-0563-4097-90ff-07230c3f9db3 type: workflows-webhook-handle - attributes: name: general-handle-2 id: 596da4af-0563-4097-90ff-07230c3f9db4 type: workflows-webhook-handle items: $ref: >- #/components/schemas/MicrosoftTeamsWorkflowsWebhookHandleResponseData type: array required: - data type: object MicrosoftTeamsWorkflowsWebhookResponseAttributes: description: Workflows Webhook handle attributes. properties: name: description: Workflows Webhook handle name. example: fake-handle-name maxLength: 255 type: string type: object MonitorConfigPolicyAttributeCreateRequest: description: Policy and policy type for a monitor configuration policy. properties: policy: $ref: '#/components/schemas/MonitorConfigPolicyPolicyCreateRequest' policy_type: $ref: '#/components/schemas/MonitorConfigPolicyType' required: - policy_type - policy type: object MonitorConfigPolicyAttributeEditRequest: description: Policy and policy type for a monitor configuration policy. properties: policy: $ref: '#/components/schemas/MonitorConfigPolicyPolicy' policy_type: $ref: '#/components/schemas/MonitorConfigPolicyType' required: - policy_type - policy type: object MonitorConfigPolicyAttributeResponse: description: Policy and policy type for a monitor configuration policy. properties: policy: $ref: '#/components/schemas/MonitorConfigPolicyPolicy' policy_type: $ref: '#/components/schemas/MonitorConfigPolicyType' type: object MonitorConfigPolicyCreateData: description: A monitor configuration policy data. properties: attributes: $ref: '#/components/schemas/MonitorConfigPolicyAttributeCreateRequest' type: $ref: '#/components/schemas/MonitorConfigPolicyResourceType' required: - type - attributes type: object MonitorConfigPolicyCreateRequest: description: Request for creating a monitor configuration policy. properties: data: $ref: '#/components/schemas/MonitorConfigPolicyCreateData' required: - data type: object MonitorConfigPolicyEditData: description: A monitor configuration policy data. properties: attributes: $ref: '#/components/schemas/MonitorConfigPolicyAttributeEditRequest' id: description: ID of this monitor configuration policy. example: 00000000-0000-1234-0000-000000000000 type: string type: $ref: '#/components/schemas/MonitorConfigPolicyResourceType' required: - id - type - attributes type: object MonitorConfigPolicyEditRequest: description: Request for editing a monitor configuration policy. properties: data: $ref: '#/components/schemas/MonitorConfigPolicyEditData' required: - data type: object MonitorConfigPolicyListResponse: description: Response for retrieving all monitor configuration policies. properties: data: description: An array of monitor configuration policies. items: $ref: '#/components/schemas/MonitorConfigPolicyResponseData' type: array type: object MonitorConfigPolicyPolicy: description: Configuration for the policy. oneOf: - $ref: '#/components/schemas/MonitorConfigPolicyTagPolicy' MonitorConfigPolicyPolicyCreateRequest: description: Configuration for the policy. oneOf: - $ref: '#/components/schemas/MonitorConfigPolicyTagPolicyCreateRequest' MonitorConfigPolicyResourceType: default: monitor-config-policy description: Monitor configuration policy resource type. enum: - monitor-config-policy example: monitor-config-policy type: string x-enum-varnames: - MONITOR_CONFIG_POLICY MonitorConfigPolicyResponse: description: Response for retrieving a monitor configuration policy. properties: data: $ref: '#/components/schemas/MonitorConfigPolicyResponseData' type: object MonitorConfigPolicyResponseData: description: A monitor configuration policy data. properties: attributes: $ref: '#/components/schemas/MonitorConfigPolicyAttributeResponse' id: description: ID of this monitor configuration policy. example: 00000000-0000-1234-0000-000000000000 type: string type: $ref: '#/components/schemas/MonitorConfigPolicyResourceType' type: object MonitorConfigPolicyTagPolicy: description: Tag attributes of a monitor configuration policy. properties: tag_key: description: The key of the tag. example: datacenter maxLength: 255 type: string tag_key_required: description: If a tag key is required for monitor creation. example: true type: boolean valid_tag_values: description: Valid values for the tag. example: - prod - staging items: maxLength: 255 type: string type: array type: object MonitorConfigPolicyTagPolicyCreateRequest: description: Tag attributes of a monitor configuration policy. properties: tag_key: description: The key of the tag. example: datacenter maxLength: 255 type: string tag_key_required: description: If a tag key is required for monitor creation. example: true type: boolean valid_tag_values: description: Valid values for the tag. example: - prod - staging items: maxLength: 255 type: string type: array required: - tag_key - tag_key_required - valid_tag_values type: object MonitorConfigPolicyType: default: tag description: The monitor configuration policy type. enum: - tag example: tag type: string x-enum-varnames: - TAG MonitorDowntimeMatchResourceType: default: downtime_match description: Monitor Downtime Match resource type. enum: - downtime_match example: downtime_match type: string x-enum-varnames: - DOWNTIME_MATCH MonitorDowntimeMatchResponse: description: Response for retrieving all downtime matches for a monitor. properties: data: description: An array of downtime matches. items: $ref: '#/components/schemas/MonitorDowntimeMatchResponseData' type: array meta: $ref: '#/components/schemas/DowntimeMeta' type: object MonitorDowntimeMatchResponseAttributes: description: Downtime match details. properties: end: description: The end of the downtime. example: '2020-01-02T03:04:00.000Z' format: date-time nullable: true type: string groups: description: An array of groups associated with the downtime. example: - service:postgres - team:frontend items: description: An array of groups. example: service:postgres type: string type: array scope: $ref: '#/components/schemas/DowntimeScope' start: description: The start of the downtime. example: '2020-01-02T03:04:00.000Z' format: date-time type: string type: object MonitorDowntimeMatchResponseData: description: A downtime match. properties: attributes: $ref: '#/components/schemas/MonitorDowntimeMatchResponseAttributes' id: description: The downtime ID. example: 00000000-0000-1234-0000-000000000000 nullable: true type: string type: $ref: '#/components/schemas/MonitorDowntimeMatchResourceType' type: object MonitorNotificationRuleAttributes: additionalProperties: false description: Attributes of the monitor notification rule. properties: filter: $ref: '#/components/schemas/MonitorNotificationRuleFilter' name: $ref: '#/components/schemas/MonitorNotificationRuleName' recipients: $ref: '#/components/schemas/MonitorNotificationRuleRecipients' required: - name - recipients type: object MonitorNotificationRuleCreateRequest: description: Request for creating a monitor notification rule. properties: data: $ref: '#/components/schemas/MonitorNotificationRuleCreateRequestData' required: - data type: object MonitorNotificationRuleCreateRequestData: description: Object to create a monitor notification rule. properties: attributes: $ref: '#/components/schemas/MonitorNotificationRuleAttributes' type: $ref: '#/components/schemas/MonitorNotificationRuleResourceType' required: - attributes type: object MonitorNotificationRuleData: description: Monitor notification rule data. properties: attributes: $ref: '#/components/schemas/MonitorNotificationRuleResponseAttributes' id: $ref: '#/components/schemas/MonitorNotificationRuleId' relationships: $ref: '#/components/schemas/MonitorNotificationRuleRelationships' type: $ref: '#/components/schemas/MonitorNotificationRuleResourceType' type: object MonitorNotificationRuleFilter: description: Filter used to associate the notification rule with monitors. oneOf: - $ref: '#/components/schemas/MonitorNotificationRuleFilterTags' MonitorNotificationRuleFilterTags: additionalProperties: false description: Filter monitors by tags. Monitors must match all tags. properties: tags: description: A list of monitor tags. example: - team:product - host:abc items: maxLength: 255 type: string maxItems: 20 minItems: 1 type: array uniqueItems: true required: - tags type: object MonitorNotificationRuleId: description: The ID of the monitor notification rule. example: 00000000-0000-1234-0000-000000000000 type: string MonitorNotificationRuleListResponse: description: Response for retrieving all monitor notification rules. properties: data: description: A list of monitor notification rules. items: $ref: '#/components/schemas/MonitorNotificationRuleData' type: array included: description: Array of objects related to the monitor notification rules. items: $ref: '#/components/schemas/MonitorNotificationRuleResponseIncludedItem' type: array type: object MonitorNotificationRuleName: description: The name of the monitor notification rule. example: A notification rule name maxLength: 1000 minLength: 1 type: string MonitorNotificationRuleRecipients: description: >- A list of recipients to notify. Uses the same format as the monitor `message` field. Must not start with an '@'. example: - slack-test-channel - jira-test items: description: individual recipient. maxLength: 255 type: string maxItems: 20 minItems: 1 type: array uniqueItems: true MonitorNotificationRuleRelationships: description: All relationships associated with monitor notification rule. properties: created_by: $ref: '#/components/schemas/MonitorNotificationRuleRelationshipsCreatedBy' type: object MonitorNotificationRuleRelationshipsCreatedBy: description: The user who created the monitor notification rule. properties: data: $ref: >- #/components/schemas/MonitorNotificationRuleRelationshipsCreatedByData type: object MonitorNotificationRuleRelationshipsCreatedByData: description: Data for the user who created the monitor notification rule. nullable: true properties: id: description: User ID of the monitor notification rule creator. example: 00000000-0000-1234-0000-000000000000 type: string type: $ref: '#/components/schemas/UsersType' type: object MonitorNotificationRuleResourceType: default: monitor-notification-rule description: Monitor notification rule resource type. enum: - monitor-notification-rule example: monitor-notification-rule type: string x-enum-varnames: - MONITOR_NOTIFICATION_RULE MonitorNotificationRuleResponse: description: A monitor notification rule. properties: data: $ref: '#/components/schemas/MonitorNotificationRuleData' included: description: >- Array of objects related to the monitor notification rule that the user requested. items: $ref: '#/components/schemas/MonitorNotificationRuleResponseIncludedItem' type: array type: object MonitorNotificationRuleResponseAttributes: additionalProperties: {} description: Attributes of the monitor notification rule. properties: created: description: Creation time of the monitor notification rule. example: '2020-01-02T03:04:00.000Z' format: date-time type: string filter: $ref: '#/components/schemas/MonitorNotificationRuleFilter' modified: description: Time the monitor notification rule was last modified. example: '2020-01-02T03:04:00.000Z' format: date-time type: string name: $ref: '#/components/schemas/MonitorNotificationRuleName' recipients: $ref: '#/components/schemas/MonitorNotificationRuleRecipients' type: object MonitorNotificationRuleResponseIncludedItem: description: An object related to a monitor notification rule. oneOf: - $ref: '#/components/schemas/User' MonitorNotificationRuleUpdateRequest: description: Request for updating a monitor notification rule. properties: data: $ref: '#/components/schemas/MonitorNotificationRuleUpdateRequestData' required: - data type: object MonitorNotificationRuleUpdateRequestData: description: Object to update a monitor notification rule. properties: attributes: $ref: '#/components/schemas/MonitorNotificationRuleAttributes' id: $ref: '#/components/schemas/MonitorNotificationRuleId' type: $ref: '#/components/schemas/MonitorNotificationRuleResourceType' required: - id - attributes type: object MonitorTrigger: description: >- Trigger a workflow from a Monitor. For automatic triggering a handle must be configured and the workflow must be published. properties: rateLimit: $ref: '#/components/schemas/TriggerRateLimit' type: object MonitorTriggerWrapper: description: Schema for a Monitor-based trigger. properties: monitorTrigger: $ref: '#/components/schemas/MonitorTrigger' startStepNames: $ref: '#/components/schemas/StartStepNames' required: - monitorTrigger type: object MonitorType: description: Attributes from the monitor that triggered the event. nullable: true properties: created_at: description: The POSIX timestamp of the monitor's creation in nanoseconds. example: 1646318692000 format: int64 type: integer group_status: description: Monitor group status used when there is no `result_groups`. format: int32 maximum: 2147483647 type: integer example: 42 groups: description: Groups to which the monitor belongs. items: description: A group. type: string type: array id: description: The monitor ID. format: int64 type: integer example: 42 message: description: The monitor message. type: string example: CPU usage is high on {{host.name}} modified: description: The monitor's last-modified timestamp. format: int64 type: integer example: 42 name: description: The monitor name. type: string example: Example Monitor query: description: The query that triggers the alert. type: string example: avg:system.cpu.user{*} tags: description: A list of tags attached to the monitor. example: - environment:test items: description: A tag. type: string type: array templated_name: description: >- The templated name of the monitor before resolving any template variables. type: string example: Example Monitor type: description: The monitor type. type: string example: metric alert type: object MonthlyCostAttributionAttributes: description: Cost Attribution by Tag for a given organization. properties: month: description: >- Datetime in ISO-8601 format, UTC, precise to hour: `[YYYY-MM-DDThh]`. format: date-time type: string example: example_value org_name: description: The name of the organization. type: string example: Example Monitor public_id: description: The organization public ID. type: string example: abc-123-def tag_config_source: description: >- The source of the cost attribution tag configuration and the selected tags in the format `::://////`. type: string example: env:production tags: $ref: '#/components/schemas/CostAttributionTagNames' updated_at: description: >- Shows the most recent hour in the current months for all organizations for which all costs were calculated. type: string example: '2026-04-17T12:00:00Z' values: description: >- Fields in Cost Attribution by tag(s). Example: `infra_host_on_demand_cost`, `infra_host_committed_cost`, `infra_host_total_cost`, `infra_host_percentage_in_org`, `infra_host_percentage_in_account`. type: object type: object MonthlyCostAttributionBody: description: Cost data. properties: attributes: $ref: '#/components/schemas/MonthlyCostAttributionAttributes' id: description: Unique ID of the response. type: string example: abc-123-def type: $ref: '#/components/schemas/CostAttributionType' type: object MonthlyCostAttributionMeta: description: The object containing document metadata. properties: aggregates: $ref: '#/components/schemas/CostAttributionAggregates' pagination: $ref: '#/components/schemas/MonthlyCostAttributionPagination' type: object MonthlyCostAttributionPagination: description: The metadata for the current pagination. properties: next_record_id: description: >- The cursor to use to get the next results, if any. To make the next request, use the same parameters with the addition of the `next_record_id`. nullable: true type: string example: abc-123-def type: object MonthlyCostAttributionResponse: description: Response containing the monthly cost attribution by tag(s). properties: data: description: Response containing cost attribution. items: $ref: '#/components/schemas/MonthlyCostAttributionBody' type: array meta: $ref: '#/components/schemas/MonthlyCostAttributionMeta' type: object NotebookTriggerWrapper: description: Schema for a Notebook-based trigger. properties: notebookTrigger: description: Trigger a workflow from a Notebook. type: object startStepNames: $ref: '#/components/schemas/StartStepNames' required: - notebookTrigger type: object NotificationRule: description: > Notification rules allow full control over notifications generated by the various Datadog security products. They allow users to define the conditions under which a notification should be generated (based on rule severities, rule types, rule tags, and so on), and the targets to notify. A notification rule is composed of a rule ID, a rule type, and the rule attributes. All fields are required. properties: attributes: $ref: '#/components/schemas/NotificationRuleAttributes' id: $ref: '#/components/schemas/ID' type: $ref: '#/components/schemas/NotificationRulesType' required: - attributes - id - type type: object NotificationRuleAttributes: description: Attributes of the notification rule. properties: created_at: $ref: '#/components/schemas/Date' created_by: $ref: '#/components/schemas/RuleUser' enabled: $ref: '#/components/schemas/Enabled' modified_at: $ref: '#/components/schemas/Date' modified_by: $ref: '#/components/schemas/RuleUser' name: $ref: '#/components/schemas/RuleName' selectors: $ref: '#/components/schemas/Selectors' targets: $ref: '#/components/schemas/Targets' time_aggregation: $ref: '#/components/schemas/TimeAggregation' version: $ref: '#/components/schemas/Version' required: - created_at - created_by - enabled - modified_at - modified_by - name - selectors - targets - version type: object NotificationRuleQuery: description: >- The query is composed of one or several key:value pairs, which can be used to filter security issues on tags and attributes. example: (source:production_service OR env:prod) type: string NotificationRuleResponse: description: Response object which includes a notification rule. properties: data: $ref: '#/components/schemas/NotificationRule' type: object NotificationRulesType: description: The rule type associated to notification rules. enum: - notification_rules example: notification_rules type: string x-enum-varnames: - NOTIFICATION_RULES NullableRelationshipToUser: description: Relationship to user. nullable: true properties: data: $ref: '#/components/schemas/NullableRelationshipToUserData' required: - data type: object NullableRelationshipToUserData: description: Relationship to user object. nullable: true properties: id: description: A unique identifier that represents the user. example: 00000000-0000-0000-0000-000000000000 type: string type: $ref: '#/components/schemas/UsersType' required: - id - type type: object x-merge-override: required: false NullableUserRelationship: description: Relationship to user. nullable: true properties: data: $ref: '#/components/schemas/NullableUserRelationshipData' required: - data type: object NullableUserRelationshipData: description: Relationship to user object. nullable: true properties: id: description: A unique identifier that represents the user. example: 00000000-0000-0000-0000-000000000000 type: string type: $ref: '#/components/schemas/UserResourceType' required: - id - type type: object ObservabilityPipeline: description: Top-level schema representing a pipeline. properties: data: $ref: '#/components/schemas/ObservabilityPipelineData' required: - data type: object ObservabilityPipelineAddEnvVarsProcessor: description: >- The `add_env_vars` processor adds environment variable values to log events. properties: id: description: >- The unique identifier for this component. Used to reference this processor in the pipeline. example: add-env-vars-processor type: string include: description: >- A Datadog search query used to determine which logs this processor targets. example: service:my-service type: string inputs: description: >- A list of component IDs whose output is used as the input for this processor. example: - datadog-agent-source items: type: string type: array type: $ref: '#/components/schemas/ObservabilityPipelineAddEnvVarsProcessorType' variables: description: A list of environment variable mappings to apply to log fields. items: $ref: >- #/components/schemas/ObservabilityPipelineAddEnvVarsProcessorVariable type: array required: - id - type - include - inputs - variables type: object ObservabilityPipelineAddEnvVarsProcessorType: default: add_env_vars description: The processor type. The value should always be `add_env_vars`. enum: - add_env_vars example: add_env_vars type: string x-enum-varnames: - ADD_ENV_VARS ObservabilityPipelineAddEnvVarsProcessorVariable: description: Defines a mapping between an environment variable and a log field. properties: field: description: The target field in the log event. example: log.environment.region type: string name: description: The name of the environment variable to read. example: AWS_REGION type: string required: - field - name type: object ObservabilityPipelineAddFieldsProcessor: description: The `add_fields` processor adds static key-value fields to logs. properties: fields: description: >- A list of static fields (key-value pairs) that is added to each log event processed by this component. items: $ref: '#/components/schemas/ObservabilityPipelineFieldValue' type: array id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline (for example, as the `input` to downstream components). example: add-fields-processor type: string include: description: >- A Datadog search query used to determine which logs this processor targets. example: service:my-service type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - datadog-agent-source items: type: string type: array type: $ref: '#/components/schemas/ObservabilityPipelineAddFieldsProcessorType' required: - id - type - include - fields - inputs type: object ObservabilityPipelineAddFieldsProcessorType: default: add_fields description: The processor type. The value should always be `add_fields`. enum: - add_fields example: add_fields type: string x-enum-varnames: - ADD_FIELDS ObservabilityPipelineAmazonDataFirehoseSource: description: The `amazon_data_firehose` source ingests logs from AWS Data Firehose. properties: auth: $ref: '#/components/schemas/ObservabilityPipelineAwsAuth' id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline (e.g., as input to downstream components). example: amazon-firehose-source type: string tls: $ref: '#/components/schemas/ObservabilityPipelineTls' type: $ref: >- #/components/schemas/ObservabilityPipelineAmazonDataFirehoseSourceType required: - id - type type: object ObservabilityPipelineAmazonDataFirehoseSourceType: default: amazon_data_firehose description: The source type. The value should always be `amazon_data_firehose`. enum: - amazon_data_firehose example: amazon_data_firehose type: string x-enum-varnames: - AMAZON_DATA_FIREHOSE ObservabilityPipelineAmazonOpenSearchDestination: description: The `amazon_opensearch` destination writes logs to Amazon OpenSearch. properties: auth: $ref: >- #/components/schemas/ObservabilityPipelineAmazonOpenSearchDestinationAuth bulk_index: description: The index to write logs to. example: logs-index type: string id: description: The unique identifier for this component. example: elasticsearch-destination type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - filter-processor items: type: string type: array type: $ref: >- #/components/schemas/ObservabilityPipelineAmazonOpenSearchDestinationType required: - id - type - inputs - auth type: object ObservabilityPipelineAmazonOpenSearchDestinationAuth: description: > Authentication settings for the Amazon OpenSearch destination. The `strategy` field determines whether basic or AWS-based authentication is used. properties: assume_role: description: The ARN of the role to assume (used with `aws` strategy). type: string example: example_value aws_region: description: AWS region type: string example: example_value external_id: description: External ID for the assumed role (used with `aws` strategy). type: string example: abc-123-def session_name: description: Session name for the assumed role (used with `aws` strategy). type: string example: Example Monitor strategy: $ref: >- #/components/schemas/ObservabilityPipelineAmazonOpenSearchDestinationAuthStrategy required: - strategy type: object ObservabilityPipelineAmazonOpenSearchDestinationAuthStrategy: description: The authentication strategy to use. enum: - basic - aws example: aws type: string x-enum-varnames: - BASIC - AWS ObservabilityPipelineAmazonOpenSearchDestinationType: default: amazon_opensearch description: The destination type. The value should always be `amazon_opensearch`. enum: - amazon_opensearch example: amazon_opensearch type: string x-enum-varnames: - AMAZON_OPENSEARCH ObservabilityPipelineAmazonS3Destination: description: >- The `amazon_s3` destination sends your logs in Datadog-rehydratable format to an Amazon S3 bucket for archiving. properties: auth: $ref: '#/components/schemas/ObservabilityPipelineAwsAuth' bucket: description: S3 bucket name. example: error-logs type: string id: description: Unique identifier for the destination component. example: amazon-s3-destination type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - datadog-agent-source items: type: string type: array key_prefix: description: Optional prefix for object keys. type: string example: example_value region: description: AWS region of the S3 bucket. example: us-east-1 type: string storage_class: $ref: >- #/components/schemas/ObservabilityPipelineAmazonS3DestinationStorageClass tls: $ref: '#/components/schemas/ObservabilityPipelineTls' type: $ref: '#/components/schemas/ObservabilityPipelineAmazonS3DestinationType' required: - id - type - inputs - bucket - region - storage_class type: object ObservabilityPipelineAmazonS3DestinationStorageClass: description: S3 storage class. enum: - STANDARD - REDUCED_REDUNDANCY - INTELLIGENT_TIERING - STANDARD_IA - EXPRESS_ONEZONE - ONEZONE_IA - GLACIER - GLACIER_IR - DEEP_ARCHIVE example: STANDARD type: string x-enum-varnames: - STANDARD - REDUCED_REDUNDANCY - INTELLIGENT_TIERING - STANDARD_IA - EXPRESS_ONEZONE - ONEZONE_IA - GLACIER - GLACIER_IR - DEEP_ARCHIVE ObservabilityPipelineAmazonS3DestinationType: default: amazon_s3 description: The destination type. Always `amazon_s3`. enum: - amazon_s3 example: amazon_s3 type: string x-enum-varnames: - AMAZON_S3 ObservabilityPipelineAmazonS3Source: description: | The `amazon_s3` source ingests logs from an Amazon S3 bucket. It supports AWS authentication and TLS encryption. properties: auth: $ref: '#/components/schemas/ObservabilityPipelineAwsAuth' id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline (e.g., as input to downstream components). example: aws-s3-source type: string region: description: AWS region where the S3 bucket resides. example: us-east-1 type: string tls: $ref: '#/components/schemas/ObservabilityPipelineTls' type: $ref: '#/components/schemas/ObservabilityPipelineAmazonS3SourceType' required: - id - type - region type: object ObservabilityPipelineAmazonS3SourceType: default: amazon_s3 description: The source type. Always `amazon_s3`. enum: - amazon_s3 example: amazon_s3 type: string x-enum-varnames: - AMAZON_S3 ObservabilityPipelineAwsAuth: description: > AWS authentication credentials used for accessing AWS services such as S3. If omitted, the system’s default credentials are used (for example, the IAM role and environment variables). properties: assume_role: description: The Amazon Resource Name (ARN) of the role to assume. type: string example: example_value external_id: description: A unique identifier for cross-account role assumption. type: string example: abc-123-def session_name: description: >- A session identifier used for logging and tracing the assumed role session. type: string example: Example Monitor type: object ObservabilityPipelineConfig: description: >- Specifies the pipeline's configuration, including its sources, processors, and destinations. properties: destinations: description: A list of destination components where processed logs are sent. example: - id: datadog-logs-destination inputs: - filter-processor type: datadog_logs items: $ref: '#/components/schemas/ObservabilityPipelineConfigDestinationItem' type: array processors: description: A list of processors that transform or enrich log data. example: - id: filter-processor include: service:my-service inputs: - datadog-agent-source type: filter items: $ref: '#/components/schemas/ObservabilityPipelineConfigProcessorItem' type: array sources: description: A list of configured data sources for the pipeline. example: - id: datadog-agent-source type: datadog_agent items: $ref: '#/components/schemas/ObservabilityPipelineConfigSourceItem' type: array required: - sources - destinations type: object ObservabilityPipelineConfigDestinationItem: description: A destination for the pipeline. oneOf: - $ref: '#/components/schemas/ObservabilityPipelineDatadogLogsDestination' - $ref: '#/components/schemas/ObservabilityPipelineAmazonS3Destination' - $ref: >- #/components/schemas/ObservabilityPipelineGoogleCloudStorageDestination - $ref: '#/components/schemas/ObservabilityPipelineSplunkHecDestination' - $ref: '#/components/schemas/ObservabilityPipelineSumoLogicDestination' - $ref: '#/components/schemas/ObservabilityPipelineElasticsearchDestination' - $ref: '#/components/schemas/ObservabilityPipelineRsyslogDestination' - $ref: '#/components/schemas/ObservabilityPipelineSyslogNgDestination' - $ref: '#/components/schemas/AzureStorageDestination' - $ref: '#/components/schemas/MicrosoftSentinelDestination' - $ref: '#/components/schemas/ObservabilityPipelineGoogleChronicleDestination' - $ref: '#/components/schemas/ObservabilityPipelineNewRelicDestination' - $ref: '#/components/schemas/ObservabilityPipelineSentinelOneDestination' - $ref: '#/components/schemas/ObservabilityPipelineOpenSearchDestination' - $ref: >- #/components/schemas/ObservabilityPipelineAmazonOpenSearchDestination ObservabilityPipelineConfigProcessorItem: description: A processor for the pipeline. oneOf: - $ref: '#/components/schemas/ObservabilityPipelineFilterProcessor' - $ref: '#/components/schemas/ObservabilityPipelineParseJSONProcessor' - $ref: '#/components/schemas/ObservabilityPipelineQuotaProcessor' - $ref: '#/components/schemas/ObservabilityPipelineAddFieldsProcessor' - $ref: '#/components/schemas/ObservabilityPipelineRemoveFieldsProcessor' - $ref: '#/components/schemas/ObservabilityPipelineRenameFieldsProcessor' - $ref: '#/components/schemas/ObservabilityPipelineGenerateMetricsProcessor' - $ref: '#/components/schemas/ObservabilityPipelineSampleProcessor' - $ref: '#/components/schemas/ObservabilityPipelineParseGrokProcessor' - $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessor - $ref: '#/components/schemas/ObservabilityPipelineOcsfMapperProcessor' - $ref: '#/components/schemas/ObservabilityPipelineAddEnvVarsProcessor' - $ref: '#/components/schemas/ObservabilityPipelineDedupeProcessor' - $ref: '#/components/schemas/ObservabilityPipelineEnrichmentTableProcessor' - $ref: '#/components/schemas/ObservabilityPipelineReduceProcessor' - $ref: '#/components/schemas/ObservabilityPipelineThrottleProcessor' ObservabilityPipelineConfigSourceItem: description: A data source for the pipeline. oneOf: - $ref: '#/components/schemas/ObservabilityPipelineKafkaSource' - $ref: '#/components/schemas/ObservabilityPipelineDatadogAgentSource' - $ref: '#/components/schemas/ObservabilityPipelineSplunkTcpSource' - $ref: '#/components/schemas/ObservabilityPipelineSplunkHecSource' - $ref: '#/components/schemas/ObservabilityPipelineAmazonS3Source' - $ref: '#/components/schemas/ObservabilityPipelineFluentdSource' - $ref: '#/components/schemas/ObservabilityPipelineFluentBitSource' - $ref: '#/components/schemas/ObservabilityPipelineHttpServerSource' - $ref: '#/components/schemas/ObservabilityPipelineSumoLogicSource' - $ref: '#/components/schemas/ObservabilityPipelineRsyslogSource' - $ref: '#/components/schemas/ObservabilityPipelineSyslogNgSource' - $ref: '#/components/schemas/ObservabilityPipelineAmazonDataFirehoseSource' - $ref: '#/components/schemas/ObservabilityPipelineGooglePubSubSource' - $ref: '#/components/schemas/ObservabilityPipelineHttpClientSource' - $ref: '#/components/schemas/ObservabilityPipelineLogstashSource' ObservabilityPipelineData: description: Contains the pipeline’s ID, type, and configuration attributes. properties: attributes: $ref: '#/components/schemas/ObservabilityPipelineDataAttributes' id: description: Unique identifier for the pipeline. example: 3fa85f64-5717-4562-b3fc-2c963f66afa6 type: string type: default: pipelines description: >- The resource type identifier. For pipeline resources, this should always be set to `pipelines`. example: pipelines type: string required: - id - type - attributes type: object ObservabilityPipelineDataAttributes: description: >- Defines the pipeline’s name and its components (sources, processors, and destinations). properties: config: $ref: '#/components/schemas/ObservabilityPipelineConfig' name: description: Name of the pipeline. example: Main Observability Pipeline type: string required: - name - config type: object ObservabilityPipelineDatadogAgentSource: description: The `datadog_agent` source collects logs from the Datadog Agent. properties: id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline (e.g., as input to downstream components). example: datadog-agent-source type: string tls: $ref: '#/components/schemas/ObservabilityPipelineTls' type: $ref: '#/components/schemas/ObservabilityPipelineDatadogAgentSourceType' required: - id - type type: object ObservabilityPipelineDatadogAgentSourceType: default: datadog_agent description: The source type. The value should always be `datadog_agent`. enum: - datadog_agent example: datadog_agent type: string x-enum-varnames: - DATADOG_AGENT ObservabilityPipelineDatadogLogsDestination: description: The `datadog_logs` destination forwards logs to Datadog Log Management. properties: id: description: The unique identifier for this component. example: datadog-logs-destination type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - filter-processor items: type: string type: array type: $ref: '#/components/schemas/ObservabilityPipelineDatadogLogsDestinationType' required: - id - type - inputs type: object ObservabilityPipelineDatadogLogsDestinationType: default: datadog_logs description: The destination type. The value should always be `datadog_logs`. enum: - datadog_logs example: datadog_logs type: string x-enum-varnames: - DATADOG_LOGS ObservabilityPipelineDecoding: description: The decoding format used to interpret incoming logs. enum: - bytes - gelf - json - syslog example: json type: string x-enum-varnames: - DECODE_BYTES - DECODE_GELF - DECODE_JSON - DECODE_SYSLOG ObservabilityPipelineDedupeProcessor: description: The `dedupe` processor removes duplicate fields in log events. properties: fields: description: A list of log field paths to check for duplicates. example: - log.message - log.error items: type: string type: array id: description: The unique identifier for this processor. example: dedupe-processor type: string include: description: >- A Datadog search query used to determine which logs this processor targets. example: service:my-service type: string inputs: description: >- A list of component IDs whose output is used as the input for this processor. example: - parse-json-processor items: type: string type: array mode: $ref: '#/components/schemas/ObservabilityPipelineDedupeProcessorMode' type: $ref: '#/components/schemas/ObservabilityPipelineDedupeProcessorType' required: - id - type - include - inputs - fields - mode type: object ObservabilityPipelineDedupeProcessorMode: description: The deduplication mode to apply to the fields. enum: - match - ignore example: match type: string x-enum-varnames: - MATCH - IGNORE ObservabilityPipelineDedupeProcessorType: default: dedupe description: The processor type. The value should always be `dedupe`. enum: - dedupe example: dedupe type: string x-enum-varnames: - DEDUPE ObservabilityPipelineElasticsearchDestination: description: The `elasticsearch` destination writes logs to an Elasticsearch cluster. properties: api_version: $ref: >- #/components/schemas/ObservabilityPipelineElasticsearchDestinationApiVersion bulk_index: description: The index to write logs to in Elasticsearch. example: logs-index type: string id: description: The unique identifier for this component. example: elasticsearch-destination type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - filter-processor items: type: string type: array type: $ref: >- #/components/schemas/ObservabilityPipelineElasticsearchDestinationType required: - id - type - inputs type: object ObservabilityPipelineElasticsearchDestinationApiVersion: description: The Elasticsearch API version to use. Set to `auto` to auto-detect. enum: - auto - v6 - v7 - v8 example: auto type: string x-enum-varnames: - AUTO - V6 - V7 - V8 ObservabilityPipelineElasticsearchDestinationType: default: elasticsearch description: The destination type. The value should always be `elasticsearch`. enum: - elasticsearch example: elasticsearch type: string x-enum-varnames: - ELASTICSEARCH ObservabilityPipelineEnrichmentTableFile: description: Defines a static enrichment table loaded from a CSV file. properties: encoding: $ref: >- #/components/schemas/ObservabilityPipelineEnrichmentTableFileEncoding key: description: Key fields used to look up enrichment values. items: $ref: >- #/components/schemas/ObservabilityPipelineEnrichmentTableFileKeyItems type: array path: description: Path to the CSV file. example: /etc/enrichment/lookup.csv type: string schema: description: Schema defining column names and their types. items: $ref: >- #/components/schemas/ObservabilityPipelineEnrichmentTableFileSchemaItems type: array required: - encoding - key - path - schema type: object ObservabilityPipelineEnrichmentTableFileEncoding: description: File encoding format. properties: delimiter: description: The `encoding` `delimiter`. example: ',' type: string includes_headers: description: The `encoding` `includes_headers`. example: true type: boolean type: $ref: >- #/components/schemas/ObservabilityPipelineEnrichmentTableFileEncodingType required: - type - delimiter - includes_headers type: object ObservabilityPipelineEnrichmentTableFileEncodingType: description: Specifies the encoding format (e.g., CSV) used for enrichment tables. enum: - csv example: csv type: string x-enum-varnames: - CSV ObservabilityPipelineEnrichmentTableFileKeyItems: description: >- Defines how to map log fields to enrichment table columns during lookups. properties: column: description: The `items` `column`. example: user_id type: string comparison: $ref: >- #/components/schemas/ObservabilityPipelineEnrichmentTableFileKeyItemsComparison field: description: The `items` `field`. example: log.user.id type: string required: - column - comparison - field type: object ObservabilityPipelineEnrichmentTableFileKeyItemsComparison: description: Defines how to compare key fields for enrichment table lookups. enum: - equals example: equals type: string x-enum-varnames: - EQUALS ObservabilityPipelineEnrichmentTableFileSchemaItems: description: Describes a single column and its type in an enrichment table schema. properties: column: description: The `items` `column`. example: region type: string type: $ref: >- #/components/schemas/ObservabilityPipelineEnrichmentTableFileSchemaItemsType required: - column - type type: object ObservabilityPipelineEnrichmentTableFileSchemaItemsType: description: Declares allowed data types for enrichment table columns. enum: - string - boolean - integer - float - date - timestamp example: string type: string x-enum-varnames: - STRING - BOOLEAN - INTEGER - FLOAT - DATE - TIMESTAMP ObservabilityPipelineEnrichmentTableGeoIp: description: Uses a GeoIP database to enrich logs based on an IP field. properties: key_field: description: Path to the IP field in the log. example: log.source.ip type: string locale: description: Locale used to resolve geographical names. example: en type: string path: description: Path to the GeoIP database file. example: /etc/geoip/GeoLite2-City.mmdb type: string required: - key_field - locale - path type: object ObservabilityPipelineEnrichmentTableProcessor: description: >- The `enrichment_table` processor enriches logs using a static CSV file or GeoIP database. properties: file: $ref: '#/components/schemas/ObservabilityPipelineEnrichmentTableFile' geoip: $ref: '#/components/schemas/ObservabilityPipelineEnrichmentTableGeoIp' id: description: The unique identifier for this processor. example: enrichment-table-processor type: string include: description: >- A Datadog search query used to determine which logs this processor targets. example: source:my-source type: string inputs: description: >- A list of component IDs whose output is used as the input for this processor. example: - add-fields-processor items: type: string type: array target: description: Path where enrichment results should be stored in the log. example: enriched.geoip type: string type: $ref: >- #/components/schemas/ObservabilityPipelineEnrichmentTableProcessorType required: - id - type - include - inputs - target type: object ObservabilityPipelineEnrichmentTableProcessorType: default: enrichment_table description: The processor type. The value should always be `enrichment_table`. enum: - enrichment_table example: enrichment_table type: string x-enum-varnames: - ENRICHMENT_TABLE ObservabilityPipelineFieldValue: description: Represents a static key-value pair used in various processors. properties: name: description: The field name. example: field_name type: string value: description: The field value. example: field_value type: string required: - name - value type: object ObservabilityPipelineFilterProcessor: description: >- The `filter` processor allows conditional processing of logs based on a Datadog search query. Logs that match the `include` query are passed through; others are discarded. properties: id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline (for example, as the `input` to downstream components). example: filter-processor type: string include: description: >- A Datadog search query used to determine which logs should pass through the filter. Logs that match this query continue to downstream components; others are dropped. example: service:my-service type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - datadog-agent-source items: type: string type: array type: $ref: '#/components/schemas/ObservabilityPipelineFilterProcessorType' required: - id - type - include - inputs type: object ObservabilityPipelineFilterProcessorType: default: filter description: The processor type. The value should always be `filter`. enum: - filter example: filter type: string x-enum-varnames: - FILTER ObservabilityPipelineFluentBitSource: description: The `fluent_bit` source ingests logs from Fluent Bit. properties: id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline (for example, as the `input` to downstream components). example: fluent-source type: string tls: $ref: '#/components/schemas/ObservabilityPipelineTls' type: $ref: '#/components/schemas/ObservabilityPipelineFluentBitSourceType' required: - id - type type: object ObservabilityPipelineFluentBitSourceType: default: fluent_bit description: The source type. The value should always be `fluent_bit`. enum: - fluent_bit example: fluent_bit type: string x-enum-varnames: - FLUENT_BIT ObservabilityPipelineFluentdSource: description: The `fluentd` source ingests logs from a Fluentd-compatible service. properties: id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline (for example, as the `input` to downstream components). example: fluent-source type: string tls: $ref: '#/components/schemas/ObservabilityPipelineTls' type: $ref: '#/components/schemas/ObservabilityPipelineFluentdSourceType' required: - id - type type: object ObservabilityPipelineFluentdSourceType: default: fluentd description: The source type. The value should always be `fluentd. enum: - fluentd example: fluentd type: string x-enum-varnames: - FLUENTD ObservabilityPipelineGcpAuth: description: | GCP credentials used to authenticate with Google Cloud Storage. properties: credentials_file: description: Path to the GCP service account key file. example: /var/secrets/gcp-credentials.json type: string required: - credentials_file type: object ObservabilityPipelineGenerateMetricsProcessor: description: > The `generate_datadog_metrics` processor creates custom metrics from logs and sends them to Datadog. Metrics can be counters, gauges, or distributions and optionally grouped by log fields. properties: id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline. example: generate-metrics-processor type: string include: description: >- A Datadog search query used to determine which logs this processor targets. example: service:my-service type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this processor. example: - source-id items: type: string type: array metrics: description: Configuration for generating individual metrics. items: $ref: '#/components/schemas/ObservabilityPipelineGeneratedMetric' type: array type: $ref: >- #/components/schemas/ObservabilityPipelineGenerateMetricsProcessorType required: - id - type - inputs - include - metrics type: object ObservabilityPipelineGenerateMetricsProcessorType: default: generate_datadog_metrics description: The processor type. Always `generate_datadog_metrics`. enum: - generate_datadog_metrics example: generate_datadog_metrics type: string x-enum-varnames: - GENERATE_DATADOG_METRICS ObservabilityPipelineGeneratedMetric: description: > Defines a log-based custom metric, including its name, type, filter, value computation strategy, and optional grouping fields. properties: group_by: description: Optional fields used to group the metric series. example: - service - env items: type: string type: array include: description: Datadog filter query to match logs for metric generation. example: service:billing type: string metric_type: $ref: '#/components/schemas/ObservabilityPipelineGeneratedMetricMetricType' name: description: Name of the custom metric to be created. example: logs.processed type: string value: $ref: '#/components/schemas/ObservabilityPipelineMetricValue' required: - name - include - metric_type - value type: object ObservabilityPipelineGeneratedMetricIncrementByField: description: >- Strategy that increments a generated metric based on the value of a log field. properties: field: description: >- Name of the log field containing the numeric value to increment the metric by. example: errors type: string strategy: $ref: >- #/components/schemas/ObservabilityPipelineGeneratedMetricIncrementByFieldStrategy required: - strategy - field type: object ObservabilityPipelineGeneratedMetricIncrementByFieldStrategy: description: Uses a numeric field in the log event as the metric increment. enum: - increment_by_field example: increment_by_field type: string x-enum-varnames: - INCREMENT_BY_FIELD ObservabilityPipelineGeneratedMetricIncrementByOne: description: >- Strategy that increments a generated metric by one for each matching event. properties: strategy: $ref: >- #/components/schemas/ObservabilityPipelineGeneratedMetricIncrementByOneStrategy required: - strategy type: object ObservabilityPipelineGeneratedMetricIncrementByOneStrategy: description: Increments the metric by 1 for each matching event. enum: - increment_by_one example: increment_by_one type: string x-enum-varnames: - INCREMENT_BY_ONE ObservabilityPipelineGeneratedMetricMetricType: description: Type of metric to create. enum: - count - gauge - distribution example: count type: string x-enum-varnames: - COUNT - GAUGE - DISTRIBUTION ObservabilityPipelineGoogleChronicleDestination: description: The `google_chronicle` destination sends logs to Google Chronicle. properties: auth: $ref: '#/components/schemas/ObservabilityPipelineGcpAuth' customer_id: description: The Google Chronicle customer ID. example: abcdefg123456789 type: string encoding: $ref: >- #/components/schemas/ObservabilityPipelineGoogleChronicleDestinationEncoding id: description: The unique identifier for this component. example: google-chronicle-destination type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - parse-json-processor items: type: string type: array log_type: description: The log type metadata associated with the Chronicle destination. example: nginx_logs type: string type: $ref: >- #/components/schemas/ObservabilityPipelineGoogleChronicleDestinationType required: - id - type - inputs - auth - customer_id type: object ObservabilityPipelineGoogleChronicleDestinationEncoding: description: The encoding format for the logs sent to Chronicle. enum: - json - raw_message example: json type: string x-enum-varnames: - JSON - RAW_MESSAGE ObservabilityPipelineGoogleChronicleDestinationType: default: google_chronicle description: The destination type. The value should always be `google_chronicle`. enum: - google_chronicle example: google_chronicle type: string x-enum-varnames: - GOOGLE_CHRONICLE ObservabilityPipelineGoogleCloudStorageDestination: description: > The `google_cloud_storage` destination stores logs in a Google Cloud Storage (GCS) bucket. It requires a bucket name, GCP authentication, and metadata fields. properties: acl: $ref: >- #/components/schemas/ObservabilityPipelineGoogleCloudStorageDestinationAcl auth: $ref: '#/components/schemas/ObservabilityPipelineGcpAuth' bucket: description: Name of the GCS bucket. example: error-logs type: string id: description: Unique identifier for the destination component. example: gcs-destination type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - datadog-agent-source items: type: string type: array key_prefix: description: Optional prefix for object keys within the GCS bucket. type: string example: example_value metadata: description: Custom metadata to attach to each object uploaded to the GCS bucket. items: $ref: '#/components/schemas/ObservabilityPipelineMetadataEntry' type: array storage_class: $ref: >- #/components/schemas/ObservabilityPipelineGoogleCloudStorageDestinationStorageClass type: $ref: >- #/components/schemas/ObservabilityPipelineGoogleCloudStorageDestinationType required: - id - type - inputs - bucket - auth - storage_class - acl type: object ObservabilityPipelineGoogleCloudStorageDestinationAcl: description: Access control list setting for objects written to the bucket. enum: - private - project-private - public-read - authenticated-read - bucket-owner-read - bucket-owner-full-control example: private type: string x-enum-varnames: - PRIVATE - PROJECTNOT_PRIVATE - PUBLICNOT_READ - AUTHENTICATEDNOT_READ - BUCKETNOT_OWNERNOT_READ - BUCKETNOT_OWNERNOT_FULLNOT_CONTROL ObservabilityPipelineGoogleCloudStorageDestinationStorageClass: description: Storage class used for objects stored in GCS. enum: - STANDARD - NEARLINE - COLDLINE - ARCHIVE example: STANDARD type: string x-enum-varnames: - STANDARD - NEARLINE - COLDLINE - ARCHIVE ObservabilityPipelineGoogleCloudStorageDestinationType: default: google_cloud_storage description: The destination type. Always `google_cloud_storage`. enum: - google_cloud_storage example: google_cloud_storage type: string x-enum-varnames: - GOOGLE_CLOUD_STORAGE ObservabilityPipelineGooglePubSubSource: description: >- The `google_pubsub` source ingests logs from a Google Cloud Pub/Sub subscription. properties: auth: $ref: '#/components/schemas/ObservabilityPipelineGcpAuth' decoding: $ref: '#/components/schemas/ObservabilityPipelineDecoding' id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline (e.g., as input to downstream components). example: google-pubsub-source type: string project: description: The GCP project ID that owns the Pub/Sub subscription. example: my-gcp-project type: string subscription: description: The Pub/Sub subscription name from which messages are consumed. example: logs-subscription type: string tls: $ref: '#/components/schemas/ObservabilityPipelineTls' type: $ref: '#/components/schemas/ObservabilityPipelineGooglePubSubSourceType' required: - id - type - auth - decoding - project - subscription type: object ObservabilityPipelineGooglePubSubSourceType: default: google_pubsub description: The source type. The value should always be `google_pubsub`. enum: - google_pubsub example: google_pubsub type: string x-enum-varnames: - GOOGLE_PUBSUB ObservabilityPipelineHttpClientSource: description: >- The `http_client` source scrapes logs from HTTP endpoints at regular intervals. properties: auth_strategy: $ref: >- #/components/schemas/ObservabilityPipelineHttpClientSourceAuthStrategy decoding: $ref: '#/components/schemas/ObservabilityPipelineDecoding' id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline (e.g., as input to downstream components). example: http-client-source type: string scrape_interval_secs: description: The interval (in seconds) between HTTP scrape requests. example: 60 format: int64 type: integer scrape_timeout_secs: description: The timeout (in seconds) for each scrape request. example: 10 format: int64 type: integer tls: $ref: '#/components/schemas/ObservabilityPipelineTls' type: $ref: '#/components/schemas/ObservabilityPipelineHttpClientSourceType' required: - id - type - decoding type: object ObservabilityPipelineHttpClientSourceAuthStrategy: description: Optional authentication strategy for HTTP requests. enum: - basic - bearer example: basic type: string x-enum-varnames: - BASIC - BEARER ObservabilityPipelineHttpClientSourceType: default: http_client description: The source type. The value should always be `http_client`. enum: - http_client example: http_client type: string x-enum-varnames: - HTTP_CLIENT ObservabilityPipelineHttpServerSource: description: >- The `http_server` source collects logs over HTTP POST from external services. properties: auth_strategy: $ref: >- #/components/schemas/ObservabilityPipelineHttpServerSourceAuthStrategy decoding: $ref: '#/components/schemas/ObservabilityPipelineDecoding' id: description: Unique ID for the HTTP server source. example: http-server-source type: string tls: $ref: '#/components/schemas/ObservabilityPipelineTls' type: $ref: '#/components/schemas/ObservabilityPipelineHttpServerSourceType' required: - id - type - auth_strategy - decoding type: object ObservabilityPipelineHttpServerSourceAuthStrategy: description: HTTP authentication method. enum: - none - plain example: plain type: string x-enum-varnames: - NONE - PLAIN ObservabilityPipelineHttpServerSourceType: default: http_server description: The source type. The value should always be `http_server`. enum: - http_server example: http_server type: string x-enum-varnames: - HTTP_SERVER ObservabilityPipelineKafkaSource: description: The `kafka` source ingests data from Apache Kafka topics. properties: group_id: description: Consumer group ID used by the Kafka client. example: consumer-group-0 type: string id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline (e.g., as input to downstream components). example: kafka-source type: string librdkafka_options: description: >- Optional list of advanced Kafka client configuration options, defined as key-value pairs. items: $ref: >- #/components/schemas/ObservabilityPipelineKafkaSourceLibrdkafkaOption type: array sasl: $ref: '#/components/schemas/ObservabilityPipelineKafkaSourceSasl' tls: $ref: '#/components/schemas/ObservabilityPipelineTls' topics: description: >- A list of Kafka topic names to subscribe to. The source ingests messages from each topic specified. example: - topic1 - topic2 items: type: string type: array type: $ref: '#/components/schemas/ObservabilityPipelineKafkaSourceType' required: - id - type - group_id - topics type: object ObservabilityPipelineKafkaSourceLibrdkafkaOption: description: >- Represents a key-value pair used to configure low-level `librdkafka` client options for Kafka sources, such as timeouts, buffer sizes, and security settings. properties: name: description: The name of the `librdkafka` configuration option to set. example: fetch.message.max.bytes type: string value: description: >- The value assigned to the specified `librdkafka` configuration option. example: '1048576' type: string required: - name - value type: object ObservabilityPipelineKafkaSourceSasl: description: Specifies the SASL mechanism for authenticating with a Kafka cluster. properties: mechanism: $ref: >- #/components/schemas/ObservabilityPipelinePipelineKafkaSourceSaslMechanism type: object ObservabilityPipelineKafkaSourceType: default: kafka description: The source type. The value should always be `kafka`. enum: - kafka example: kafka type: string x-enum-varnames: - KAFKA ObservabilityPipelineLogstashSource: description: The `logstash` source ingests logs from a Logstash forwarder. properties: id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline (e.g., as input to downstream components). example: logstash-source type: string tls: $ref: '#/components/schemas/ObservabilityPipelineTls' type: $ref: '#/components/schemas/ObservabilityPipelineLogstashSourceType' required: - id - type type: object ObservabilityPipelineLogstashSourceType: default: logstash description: The source type. The value should always be `logstash`. enum: - logstash example: logstash type: string x-enum-varnames: - LOGSTASH ObservabilityPipelineMetadataEntry: description: A custom metadata entry. properties: name: description: The metadata key. example: environment type: string value: description: The metadata value. example: production type: string required: - name - value type: object ObservabilityPipelineMetricValue: description: Specifies how the value of the generated metric is computed. oneOf: - $ref: >- #/components/schemas/ObservabilityPipelineGeneratedMetricIncrementByOne - $ref: >- #/components/schemas/ObservabilityPipelineGeneratedMetricIncrementByField ObservabilityPipelineNewRelicDestination: description: The `new_relic` destination sends logs to the New Relic platform. properties: id: description: The unique identifier for this component. example: new-relic-destination type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - parse-json-processor items: type: string type: array region: $ref: '#/components/schemas/ObservabilityPipelineNewRelicDestinationRegion' type: $ref: '#/components/schemas/ObservabilityPipelineNewRelicDestinationType' required: - id - type - inputs - region type: object ObservabilityPipelineNewRelicDestinationRegion: description: The New Relic region. enum: - us - eu example: us type: string x-enum-varnames: - US - EU ObservabilityPipelineNewRelicDestinationType: default: new_relic description: The destination type. The value should always be `new_relic`. enum: - new_relic example: new_relic type: string x-enum-varnames: - NEW_RELIC ObservabilityPipelineOcsfMapperProcessor: description: >- The `ocsf_mapper` processor transforms logs into the OCSF schema using a predefined mapping configuration. properties: id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline. example: ocsf-mapper-processor type: string include: description: >- A Datadog search query used to determine which logs this processor targets. example: service:my-service type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this processor. example: - filter-processor items: type: string type: array mappings: description: A list of mapping rules to convert events to the OCSF format. items: $ref: >- #/components/schemas/ObservabilityPipelineOcsfMapperProcessorMapping type: array type: $ref: '#/components/schemas/ObservabilityPipelineOcsfMapperProcessorType' required: - id - type - include - inputs - mappings type: object ObservabilityPipelineOcsfMapperProcessorMapping: description: >- Defines how specific events are transformed to OCSF using a mapping configuration. properties: include: description: >- A Datadog search query used to select the logs that this mapping should apply to. example: service:my-service type: string mapping: $ref: >- #/components/schemas/ObservabilityPipelineOcsfMapperProcessorMappingMapping required: - include - mapping type: object ObservabilityPipelineOcsfMapperProcessorMappingMapping: description: >- Defines a single mapping rule for transforming logs into the OCSF schema. oneOf: - $ref: '#/components/schemas/ObservabilityPipelineOcsfMappingLibrary' ObservabilityPipelineOcsfMapperProcessorType: default: ocsf_mapper description: The processor type. The value should always be `ocsf_mapper`. enum: - ocsf_mapper example: ocsf_mapper type: string x-enum-varnames: - OCSF_MAPPER ObservabilityPipelineOcsfMappingLibrary: description: Predefined library mappings for common log formats. enum: - CloudTrail Account Change - GCP Cloud Audit CreateBucket - GCP Cloud Audit CreateSink - GCP Cloud Audit SetIamPolicy - GCP Cloud Audit UpdateSink - Github Audit Log API Activity - Google Workspace Admin Audit addPrivilege - Microsoft 365 Defender Incident - Microsoft 365 Defender UserLoggedIn - Okta System Log Authentication - Palo Alto Networks Firewall Traffic example: CloudTrail Account Change type: string x-enum-varnames: - CLOUDTRAIL_ACCOUNT_CHANGE - GCP_CLOUD_AUDIT_CREATEBUCKET - GCP_CLOUD_AUDIT_CREATESINK - GCP_CLOUD_AUDIT_SETIAMPOLICY - GCP_CLOUD_AUDIT_UPDATESINK - GITHUB_AUDIT_LOG_API_ACTIVITY - GOOGLE_WORKSPACE_ADMIN_AUDIT_ADDPRIVILEGE - MICROSOFT_365_DEFENDER_INCIDENT - MICROSOFT_365_DEFENDER_USERLOGGEDIN - OKTA_SYSTEM_LOG_AUTHENTICATION - PALO_ALTO_NETWORKS_FIREWALL_TRAFFIC ObservabilityPipelineOpenSearchDestination: description: The `opensearch` destination writes logs to an OpenSearch cluster. properties: bulk_index: description: The index to write logs to. example: logs-index type: string id: description: The unique identifier for this component. example: opensearch-destination type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - filter-processor items: type: string type: array type: $ref: '#/components/schemas/ObservabilityPipelineOpenSearchDestinationType' required: - id - type - inputs type: object ObservabilityPipelineOpenSearchDestinationType: default: opensearch description: The destination type. The value should always be `opensearch`. enum: - opensearch example: opensearch type: string x-enum-varnames: - OPENSEARCH ObservabilityPipelineParseGrokProcessor: description: >- The `parse_grok` processor extracts structured fields from unstructured log messages using Grok patterns. properties: disable_library_rules: default: false description: >- If set to `true`, disables the default Grok rules provided by Datadog. example: true type: boolean id: description: A unique identifier for this processor. example: parse-grok-processor type: string include: description: >- A Datadog search query used to determine which logs this processor targets. example: service:my-service type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - datadog-agent-source items: type: string type: array rules: description: >- The list of Grok parsing rules. If multiple matching rules are provided, they are evaluated in order. The first successful match is applied. items: $ref: '#/components/schemas/ObservabilityPipelineParseGrokProcessorRule' type: array type: $ref: '#/components/schemas/ObservabilityPipelineParseGrokProcessorType' required: - id - type - include - inputs - rules type: object ObservabilityPipelineParseGrokProcessorRule: description: > A Grok parsing rule used in the `parse_grok` processor. Each rule defines how to extract structured fields from a specific log field using Grok patterns. properties: match_rules: description: > A list of Grok parsing rules that define how to extract fields from the source field. Each rule must contain a name and a valid Grok pattern. example: - name: MyParsingRule rule: '%{word:user} connected on %{date("MM/dd/yyyy"):date}' items: $ref: >- #/components/schemas/ObservabilityPipelineParseGrokProcessorRuleMatchRule type: array source: description: The name of the field in the log event to apply the Grok rules to. example: message type: string support_rules: description: > A list of Grok helper rules that can be referenced by the parsing rules. example: - name: user rule: '%{word:user.name}' items: $ref: >- #/components/schemas/ObservabilityPipelineParseGrokProcessorRuleSupportRule type: array required: - source - match_rules - support_rules type: object ObservabilityPipelineParseGrokProcessorRuleMatchRule: description: > Defines a Grok parsing rule, which extracts structured fields from log content using named Grok patterns. Each rule must have a unique name and a valid Datadog Grok pattern that will be applied to the source field. properties: name: description: The name of the rule. example: MyParsingRule type: string rule: description: The definition of the Grok rule. example: '%{word:user} connected on %{date("MM/dd/yyyy"):date}' type: string required: - name - rule type: object ObservabilityPipelineParseGrokProcessorRuleSupportRule: description: The Grok helper rule referenced in the parsing rules. properties: name: description: The name of the Grok helper rule. example: user type: string rule: description: The definition of the Grok helper rule. example: ' %{word:user.name}' type: string required: - name - rule type: object ObservabilityPipelineParseGrokProcessorType: default: parse_grok description: The processor type. The value should always be `parse_grok`. enum: - parse_grok example: parse_grok type: string x-enum-varnames: - PARSE_GROK ObservabilityPipelineParseJSONProcessor: description: >- The `parse_json` processor extracts JSON from a specified field and flattens it into the event. This is useful when logs contain embedded JSON as a string. properties: field: description: The name of the log field that contains a JSON string. example: message type: string id: description: >- A unique identifier for this component. Used to reference this component in other parts of the pipeline (e.g., as input to downstream components). example: parse-json-processor type: string include: description: >- A Datadog search query used to determine which logs this processor targets. example: service:my-service type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - datadog-agent-source items: type: string type: array type: $ref: '#/components/schemas/ObservabilityPipelineParseJSONProcessorType' required: - id - type - include - field - inputs type: object ObservabilityPipelineParseJSONProcessorType: default: parse_json description: The processor type. The value should always be `parse_json`. enum: - parse_json example: parse_json type: string x-enum-varnames: - PARSE_JSON ObservabilityPipelinePipelineKafkaSourceSaslMechanism: description: SASL mechanism used for Kafka authentication. enum: - PLAIN - SCRAM-SHA-256 - SCRAM-SHA-512 type: string x-enum-varnames: - PLAIN - SCRAMNOT_SHANOT_256 - SCRAMNOT_SHANOT_512 ObservabilityPipelineQuotaProcessor: description: >- The Quota Processor measures logging traffic for logs that match a specified filter. When the configured daily quota is met, the processor can drop or alert. properties: drop_events: description: >- If set to `true`, logs that matched the quota filter and sent after the quota has been met are dropped; only logs that did not match the filter query continue through the pipeline. example: false type: boolean id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline (for example, as the `input` to downstream components). example: quota-processor type: string ignore_when_missing_partitions: description: >- If `true`, the processor skips quota checks when partition fields are missing from the logs. type: boolean example: true include: description: >- A Datadog search query used to determine which logs this processor targets. example: service:my-service type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - datadog-agent-source items: type: string type: array limit: $ref: '#/components/schemas/ObservabilityPipelineQuotaProcessorLimit' name: description: Name of the quota. example: MyQuota type: string overflow_action: $ref: >- #/components/schemas/ObservabilityPipelineQuotaProcessorOverflowAction overrides: description: >- A list of alternate quota rules that apply to specific sets of events, identified by matching field values. Each override can define a custom limit. items: $ref: '#/components/schemas/ObservabilityPipelineQuotaProcessorOverride' type: array partition_fields: description: >- A list of fields used to segment log traffic for quota enforcement. Quotas are tracked independently by unique combinations of these field values. items: type: string type: array type: $ref: '#/components/schemas/ObservabilityPipelineQuotaProcessorType' required: - id - type - include - name - drop_events - limit - inputs type: object ObservabilityPipelineQuotaProcessorLimit: description: >- The maximum amount of data or number of events allowed before the quota is enforced. Can be specified in bytes or events. properties: enforce: $ref: >- #/components/schemas/ObservabilityPipelineQuotaProcessorLimitEnforceType limit: description: The limit for quota enforcement. example: 1000 format: int64 type: integer required: - enforce - limit type: object ObservabilityPipelineQuotaProcessorLimitEnforceType: description: Unit for quota enforcement in bytes for data size or events for count. enum: - bytes - events example: bytes type: string x-enum-varnames: - BYTES - EVENTS ObservabilityPipelineQuotaProcessorOverflowAction: description: | The action to take when the quota is exceeded. Options: - `drop`: Drop the event. - `no_action`: Let the event pass through. - `overflow_routing`: Route to an overflow destination. enum: - drop - no_action - overflow_routing example: drop type: string x-enum-varnames: - DROP - NO_ACTION - OVERFLOW_ROUTING ObservabilityPipelineQuotaProcessorOverride: description: >- Defines a custom quota limit that applies to specific log events based on matching field values. properties: fields: description: >- A list of field matchers used to apply a specific override. If an event matches all listed key-value pairs, the corresponding override limit is enforced. items: $ref: '#/components/schemas/ObservabilityPipelineFieldValue' type: array limit: $ref: '#/components/schemas/ObservabilityPipelineQuotaProcessorLimit' required: - fields - limit type: object ObservabilityPipelineQuotaProcessorType: default: quota description: The processor type. The value should always be `quota`. enum: - quota example: quota type: string x-enum-varnames: - QUOTA ObservabilityPipelineReduceProcessor: description: >- The `reduce` processor aggregates and merges logs based on matching keys and merge strategies. properties: group_by: description: A list of fields used to group log events for merging. example: - log.user.id - log.device.id items: type: string type: array id: description: The unique identifier for this processor. example: reduce-processor type: string include: description: >- A Datadog search query used to determine which logs this processor targets. example: env:prod type: string inputs: description: >- A list of component IDs whose output is used as the input for this processor. example: - parse-json-processor items: type: string type: array merge_strategies: description: >- List of merge strategies defining how values from grouped events should be combined. items: $ref: >- #/components/schemas/ObservabilityPipelineReduceProcessorMergeStrategy type: array type: $ref: '#/components/schemas/ObservabilityPipelineReduceProcessorType' required: - id - type - include - inputs - group_by - merge_strategies type: object ObservabilityPipelineReduceProcessorMergeStrategy: description: Defines how a specific field should be merged across grouped events. properties: path: description: The field path in the log event. example: log.user.roles type: string strategy: $ref: >- #/components/schemas/ObservabilityPipelineReduceProcessorMergeStrategyStrategy required: - path - strategy type: object ObservabilityPipelineReduceProcessorMergeStrategyStrategy: description: The merge strategy to apply. enum: - discard - retain - sum - max - min - array - concat - concat_newline - concat_raw - shortest_array - longest_array - flat_unique example: flat_unique type: string x-enum-varnames: - DISCARD - RETAIN - SUM - MAX - MIN - ARRAY - CONCAT - CONCAT_NEWLINE - CONCAT_RAW - SHORTEST_ARRAY - LONGEST_ARRAY - FLAT_UNIQUE ObservabilityPipelineReduceProcessorType: default: reduce description: The processor type. The value should always be `reduce`. enum: - reduce example: reduce type: string x-enum-varnames: - REDUCE ObservabilityPipelineRemoveFieldsProcessor: description: The `remove_fields` processor deletes specified fields from logs. properties: fields: description: A list of field names to be removed from each log event. example: - field1 - field2 items: type: string type: array id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline (e.g., as input to downstream components). example: remove-fields-processor type: string include: description: >- A Datadog search query used to determine which logs this processor targets. example: service:my-service type: string inputs: description: The `PipelineRemoveFieldsProcessor` `inputs`. example: - datadog-agent-source items: type: string type: array type: $ref: '#/components/schemas/ObservabilityPipelineRemoveFieldsProcessorType' required: - id - type - include - fields - inputs type: object ObservabilityPipelineRemoveFieldsProcessorType: default: remove_fields description: The processor type. The value should always be `remove_fields`. enum: - remove_fields example: remove_fields type: string x-enum-varnames: - REMOVE_FIELDS ObservabilityPipelineRenameFieldsProcessor: description: The `rename_fields` processor changes field names. properties: fields: description: >- A list of rename rules specifying which fields to rename in the event, what to rename them to, and whether to preserve the original fields. items: $ref: >- #/components/schemas/ObservabilityPipelineRenameFieldsProcessorField type: array id: description: >- A unique identifier for this component. Used to reference this component in other parts of the pipeline (e.g., as input to downstream components). example: rename-fields-processor type: string include: description: >- A Datadog search query used to determine which logs this processor targets. example: service:my-service type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - datadog-agent-source items: type: string type: array type: $ref: '#/components/schemas/ObservabilityPipelineRenameFieldsProcessorType' required: - id - type - include - fields - inputs type: object ObservabilityPipelineRenameFieldsProcessorField: description: Defines how to rename a field in log events. properties: destination: description: The field name to assign the renamed value to. example: destination_field type: string preserve_source: description: >- Indicates whether the original field, that is received from the source, should be kept (`true`) or removed (`false`) after renaming. example: false type: boolean source: description: The original field name in the log event that should be renamed. example: source_field type: string required: - source - destination - preserve_source type: object ObservabilityPipelineRenameFieldsProcessorType: default: rename_fields description: The processor type. The value should always be `rename_fields`. enum: - rename_fields example: rename_fields type: string x-enum-varnames: - RENAME_FIELDS ObservabilityPipelineRsyslogDestination: description: >- The `rsyslog` destination forwards logs to an external `rsyslog` server over TCP or UDP using the syslog protocol. properties: id: description: The unique identifier for this component. example: rsyslog-destination type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - filter-processor items: type: string type: array keepalive: description: Optional socket keepalive duration in milliseconds. example: 60000 format: int64 minimum: 0 type: integer tls: $ref: '#/components/schemas/ObservabilityPipelineTls' type: $ref: '#/components/schemas/ObservabilityPipelineRsyslogDestinationType' required: - id - type - inputs type: object ObservabilityPipelineRsyslogDestinationType: default: rsyslog description: The destination type. The value should always be `rsyslog`. enum: - rsyslog example: rsyslog type: string x-enum-varnames: - RSYSLOG ObservabilityPipelineRsyslogSource: description: >- The `rsyslog` source listens for logs over TCP or UDP from an `rsyslog` server using the syslog protocol. properties: id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline (e.g., as input to downstream components). example: rsyslog-source type: string mode: $ref: '#/components/schemas/ObservabilityPipelineSyslogSourceMode' tls: $ref: '#/components/schemas/ObservabilityPipelineTls' type: $ref: '#/components/schemas/ObservabilityPipelineRsyslogSourceType' required: - id - type - mode type: object ObservabilityPipelineRsyslogSourceType: default: rsyslog description: The source type. The value should always be `rsyslog`. enum: - rsyslog example: rsyslog type: string x-enum-varnames: - RSYSLOG ObservabilityPipelineSampleProcessor: description: >- The `sample` processor allows probabilistic sampling of logs at a fixed rate. properties: id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline (for example, as the `input` to downstream components). example: sample-processor type: string include: description: >- A Datadog search query used to determine which logs this processor targets. example: service:my-service type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - datadog-agent-source items: type: string type: array percentage: description: The percentage of logs to sample. example: 10 format: double type: number rate: description: Number of events to sample (1 in N). example: 10 format: int64 minimum: 1 type: integer type: $ref: '#/components/schemas/ObservabilityPipelineSampleProcessorType' required: - id - type - include - inputs type: object ObservabilityPipelineSampleProcessorType: default: sample description: The processor type. The value should always be `sample`. enum: - sample example: sample type: string x-enum-varnames: - SAMPLE ObservabilityPipelineSensitiveDataScannerProcessor: description: >- The `sensitive_data_scanner` processor detects and optionally redacts sensitive data in log events. properties: id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline (e.g., as input to downstream components). example: sensitive-scanner type: string include: description: >- A Datadog search query used to determine which logs this processor targets. example: source:prod type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - parse-json-processor items: type: string type: array rules: description: >- A list of rules for identifying and acting on sensitive data patterns. items: $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorRule type: array type: $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorType required: - id - type - include - inputs - rules type: object ObservabilityPipelineSensitiveDataScannerProcessorAction: description: Defines what action to take when sensitive data is matched. oneOf: - $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorActionRedact - $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorActionHash - $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorActionPartialRedact ObservabilityPipelineSensitiveDataScannerProcessorActionHash: description: Configuration for hashing matched sensitive values. properties: action: $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorActionHashAction options: description: >- The `ObservabilityPipelineSensitiveDataScannerProcessorActionHash` `options`. type: object required: - action type: object ObservabilityPipelineSensitiveDataScannerProcessorActionHashAction: description: >- Action type that replaces the matched sensitive data with a hashed representation, preserving structure while securing content. enum: - hash example: hash type: string x-enum-varnames: - HASH ObservabilityPipelineSensitiveDataScannerProcessorActionPartialRedact: description: Configuration for partially redacting matched sensitive data. properties: action: $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorActionPartialRedactAction options: $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorActionPartialRedactOptions required: - action - options type: object ObservabilityPipelineSensitiveDataScannerProcessorActionPartialRedactAction: description: >- Action type that redacts part of the sensitive data while preserving a configurable number of characters, typically used for masking purposes (e.g., show last 4 digits of a credit card). enum: - partial_redact example: partial_redact type: string x-enum-varnames: - PARTIAL_REDACT ObservabilityPipelineSensitiveDataScannerProcessorActionPartialRedactOptions: description: >- Controls how partial redaction is applied, including character count and direction. properties: characters: description: >- The `ObservabilityPipelineSensitiveDataScannerProcessorActionPartialRedactOptions` `characters`. example: 4 format: int64 type: integer direction: $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorActionPartialRedactOptionsDirection required: - characters - direction type: object ObservabilityPipelineSensitiveDataScannerProcessorActionPartialRedactOptionsDirection: description: >- Indicates whether to redact characters from the first or last part of the matched value. enum: - first - last example: last type: string x-enum-varnames: - FIRST - LAST ObservabilityPipelineSensitiveDataScannerProcessorActionRedact: description: Configuration for completely redacting matched sensitive data. properties: action: $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorActionRedactAction options: $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorActionRedactOptions required: - action - options type: object ObservabilityPipelineSensitiveDataScannerProcessorActionRedactAction: description: >- Action type that completely replaces the matched sensitive data with a fixed replacement string to remove all visibility. enum: - redact example: redact type: string x-enum-varnames: - REDACT ObservabilityPipelineSensitiveDataScannerProcessorActionRedactOptions: description: Configuration for fully redacting sensitive data. properties: replace: description: >- The `ObservabilityPipelineSensitiveDataScannerProcessorActionRedactOptions` `replace`. example: '***' type: string required: - replace type: object ObservabilityPipelineSensitiveDataScannerProcessorCustomPattern: description: >- Defines a custom regex-based pattern for identifying sensitive data in logs. properties: options: $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorCustomPatternOptions type: $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorCustomPatternType required: - type - options type: object ObservabilityPipelineSensitiveDataScannerProcessorCustomPatternOptions: description: Options for defining a custom regex pattern. properties: rule: description: >- A regular expression used to detect sensitive values. Must be a valid regex. example: \b\d{16}\b type: string required: - rule type: object ObservabilityPipelineSensitiveDataScannerProcessorCustomPatternType: description: Indicates a custom regular expression is used for matching. enum: - custom example: custom type: string x-enum-varnames: - CUSTOM ObservabilityPipelineSensitiveDataScannerProcessorKeywordOptions: description: >- Configuration for keywords used to reinforce sensitive data pattern detection. properties: keywords: description: A list of keywords to match near the sensitive pattern. example: - ssn - card - account items: type: string type: array proximity: description: >- Maximum number of tokens between a keyword and a sensitive value match. example: 5 format: int64 type: integer required: - keywords - proximity type: object ObservabilityPipelineSensitiveDataScannerProcessorLibraryPattern: description: >- Specifies a pattern from Datadog’s sensitive data detection library to match known sensitive data types. properties: options: $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorLibraryPatternOptions type: $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorLibraryPatternType required: - type - options type: object ObservabilityPipelineSensitiveDataScannerProcessorLibraryPatternOptions: description: >- Options for selecting a predefined library pattern and enabling keyword support. properties: id: description: >- Identifier for a predefined pattern from the sensitive data scanner pattern library. example: credit_card type: string use_recommended_keywords: description: Whether to augment the pattern with recommended keywords (optional). type: boolean example: true required: - id type: object ObservabilityPipelineSensitiveDataScannerProcessorLibraryPatternType: description: Indicates that a predefined library pattern is used. enum: - library example: library type: string x-enum-varnames: - LIBRARY ObservabilityPipelineSensitiveDataScannerProcessorPattern: description: >- Pattern detection configuration for identifying sensitive data using either a custom regex or a library reference. oneOf: - $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorCustomPattern - $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorLibraryPattern ObservabilityPipelineSensitiveDataScannerProcessorRule: description: >- Defines a rule for detecting sensitive data, including matching pattern, scope, and the action to take. properties: keyword_options: $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorKeywordOptions name: description: A name identifying the rule. example: Redact Credit Card Numbers type: string on_match: $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorAction pattern: $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorPattern scope: $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorScope tags: description: Tags assigned to this rule for filtering and classification. example: - pii - ccn items: type: string type: array required: - name - tags - pattern - scope - on_match type: object ObservabilityPipelineSensitiveDataScannerProcessorScope: description: >- Determines which parts of the log the pattern-matching rule should be applied to. oneOf: - $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorScopeInclude - $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorScopeExclude - $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorScopeAll ObservabilityPipelineSensitiveDataScannerProcessorScopeAll: description: Applies scanning across all available fields. properties: target: $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorScopeAllTarget required: - target type: object ObservabilityPipelineSensitiveDataScannerProcessorScopeAllTarget: description: Applies the rule to all fields. enum: - all example: all type: string x-enum-varnames: - ALL ObservabilityPipelineSensitiveDataScannerProcessorScopeExclude: description: Excludes specific fields from sensitive data scanning. properties: options: $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorScopeOptions target: $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorScopeExcludeTarget required: - target - options type: object ObservabilityPipelineSensitiveDataScannerProcessorScopeExcludeTarget: description: Excludes specific fields from processing. enum: - exclude example: exclude type: string x-enum-varnames: - EXCLUDE ObservabilityPipelineSensitiveDataScannerProcessorScopeInclude: description: Includes only specific fields for sensitive data scanning. properties: options: $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorScopeOptions target: $ref: >- #/components/schemas/ObservabilityPipelineSensitiveDataScannerProcessorScopeIncludeTarget required: - target - options type: object ObservabilityPipelineSensitiveDataScannerProcessorScopeIncludeTarget: description: Applies the rule only to included fields. enum: - include example: include type: string x-enum-varnames: - INCLUDE ObservabilityPipelineSensitiveDataScannerProcessorScopeOptions: description: Fields to which the scope rule applies. properties: fields: description: >- The `ObservabilityPipelineSensitiveDataScannerProcessorScopeOptions` `fields`. example: - '' items: type: string type: array required: - fields type: object ObservabilityPipelineSensitiveDataScannerProcessorType: default: sensitive_data_scanner description: The processor type. The value should always be `sensitive_data_scanner`. enum: - sensitive_data_scanner example: sensitive_data_scanner type: string x-enum-varnames: - SENSITIVE_DATA_SCANNER ObservabilityPipelineSentinelOneDestination: description: The `sentinel_one` destination sends logs to SentinelOne. properties: id: description: The unique identifier for this component. example: sentinelone-destination type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - filter-processor items: type: string type: array region: $ref: >- #/components/schemas/ObservabilityPipelineSentinelOneDestinationRegion type: $ref: '#/components/schemas/ObservabilityPipelineSentinelOneDestinationType' required: - id - type - inputs - region type: object ObservabilityPipelineSentinelOneDestinationRegion: description: The SentinelOne region to send logs to. enum: - us - eu - ca - data_set_us example: us type: string x-enum-varnames: - US - EU - CA - DATA_SET_US ObservabilityPipelineSentinelOneDestinationType: default: sentinel_one description: The destination type. The value should always be `sentinel_one`. enum: - sentinel_one example: sentinel_one type: string x-enum-varnames: - SENTINEL_ONE ObservabilityPipelineSpec: description: >- Input schema representing an observability pipeline configuration. Used in create and validate requests. properties: data: $ref: '#/components/schemas/ObservabilityPipelineSpecData' required: - data type: object ObservabilityPipelineSpecData: description: Contains the the pipeline configuration. properties: attributes: $ref: '#/components/schemas/ObservabilityPipelineDataAttributes' type: default: pipelines description: >- The resource type identifier. For pipeline resources, this should always be set to `pipelines`. example: pipelines type: string required: - type - attributes type: object ObservabilityPipelineSplunkHecDestination: description: > The `splunk_hec` destination forwards logs to Splunk using the HTTP Event Collector (HEC). properties: auto_extract_timestamp: description: > If `true`, Splunk tries to extract timestamps from incoming log events. If `false`, Splunk assigns the time the event was received. example: true type: boolean encoding: $ref: >- #/components/schemas/ObservabilityPipelineSplunkHecDestinationEncoding id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline (e.g., as input to downstream components). example: splunk-hec-destination type: string index: description: Optional name of the Splunk index where logs are written. example: main type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - filter-processor items: type: string type: array sourcetype: description: The Splunk sourcetype to assign to log events. example: custom_sourcetype type: string type: $ref: '#/components/schemas/ObservabilityPipelineSplunkHecDestinationType' required: - id - type - inputs type: object ObservabilityPipelineSplunkHecDestinationEncoding: description: Encoding format for log events. enum: - json - raw_message example: json type: string x-enum-varnames: - JSON - RAW_MESSAGE ObservabilityPipelineSplunkHecDestinationType: default: splunk_hec description: The destination type. Always `splunk_hec`. enum: - splunk_hec example: splunk_hec type: string x-enum-varnames: - SPLUNK_HEC ObservabilityPipelineSplunkHecSource: description: > The `splunk_hec` source implements the Splunk HTTP Event Collector (HEC) API. properties: id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline (e.g., as input to downstream components). example: splunk-hec-source type: string tls: $ref: '#/components/schemas/ObservabilityPipelineTls' type: $ref: '#/components/schemas/ObservabilityPipelineSplunkHecSourceType' required: - id - type type: object ObservabilityPipelineSplunkHecSourceType: default: splunk_hec description: The source type. Always `splunk_hec`. enum: - splunk_hec example: splunk_hec type: string x-enum-varnames: - SPLUNK_HEC ObservabilityPipelineSplunkTcpSource: description: > The `splunk_tcp` source receives logs from a Splunk Universal Forwarder over TCP. TLS is supported for secure transmission. properties: id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline (e.g., as input to downstream components). example: splunk-tcp-source type: string tls: $ref: '#/components/schemas/ObservabilityPipelineTls' type: $ref: '#/components/schemas/ObservabilityPipelineSplunkTcpSourceType' required: - id - type type: object ObservabilityPipelineSplunkTcpSourceType: default: splunk_tcp description: The source type. Always `splunk_tcp`. enum: - splunk_tcp example: splunk_tcp type: string x-enum-varnames: - SPLUNK_TCP ObservabilityPipelineSumoLogicDestination: description: The `sumo_logic` destination forwards logs to Sumo Logic. properties: encoding: $ref: >- #/components/schemas/ObservabilityPipelineSumoLogicDestinationEncoding header_custom_fields: description: A list of custom headers to include in the request to Sumo Logic. items: $ref: >- #/components/schemas/ObservabilityPipelineSumoLogicDestinationHeaderCustomFieldsItem type: array header_host_name: description: Optional override for the host name header. example: host-123 type: string header_source_category: description: Optional override for the source category header. example: source-category type: string header_source_name: description: Optional override for the source name header. example: source-name type: string id: description: The unique identifier for this component. example: sumo-logic-destination type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - filter-processor items: type: string type: array type: $ref: '#/components/schemas/ObservabilityPipelineSumoLogicDestinationType' required: - id - type - inputs type: object ObservabilityPipelineSumoLogicDestinationEncoding: description: The output encoding format. enum: - json - raw_message - logfmt example: json type: string x-enum-varnames: - JSON - RAW_MESSAGE - LOGFMT ObservabilityPipelineSumoLogicDestinationHeaderCustomFieldsItem: description: Single key-value pair used as a custom log header for Sumo Logic. properties: name: description: The header field name. example: X-Sumo-Category type: string value: description: The header field value. example: my-app-logs type: string required: - name - value type: object ObservabilityPipelineSumoLogicDestinationType: default: sumo_logic description: The destination type. The value should always be `sumo_logic`. enum: - sumo_logic example: sumo_logic type: string x-enum-varnames: - SUMO_LOGIC ObservabilityPipelineSumoLogicSource: description: The `sumo_logic` source receives logs from Sumo Logic collectors. properties: id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline (e.g., as input to downstream components). example: sumo-logic-source type: string type: $ref: '#/components/schemas/ObservabilityPipelineSumoLogicSourceType' required: - id - type type: object ObservabilityPipelineSumoLogicSourceType: default: sumo_logic description: The source type. The value should always be `sumo_logic`. enum: - sumo_logic example: sumo_logic type: string x-enum-varnames: - SUMO_LOGIC ObservabilityPipelineSyslogNgDestination: description: >- The `syslog_ng` destination forwards logs to an external `syslog-ng` server over TCP or UDP using the syslog protocol. properties: id: description: The unique identifier for this component. example: syslog-ng-destination type: string inputs: description: >- A list of component IDs whose output is used as the `input` for this component. example: - filter-processor items: type: string type: array keepalive: description: Optional socket keepalive duration in milliseconds. example: 60000 format: int64 minimum: 0 type: integer tls: $ref: '#/components/schemas/ObservabilityPipelineTls' type: $ref: '#/components/schemas/ObservabilityPipelineSyslogNgDestinationType' required: - id - type - inputs type: object ObservabilityPipelineSyslogNgDestinationType: default: syslog_ng description: The destination type. The value should always be `syslog_ng`. enum: - syslog_ng example: syslog_ng type: string x-enum-varnames: - SYSLOG_NG ObservabilityPipelineSyslogNgSource: description: >- The `syslog_ng` source listens for logs over TCP or UDP from a `syslog-ng` server using the syslog protocol. properties: id: description: >- The unique identifier for this component. Used to reference this component in other parts of the pipeline (e.g., as input to downstream components). example: syslog-ng-source type: string mode: $ref: '#/components/schemas/ObservabilityPipelineSyslogSourceMode' tls: $ref: '#/components/schemas/ObservabilityPipelineTls' type: $ref: '#/components/schemas/ObservabilityPipelineSyslogNgSourceType' required: - id - type - mode type: object ObservabilityPipelineSyslogNgSourceType: default: syslog_ng description: The source type. The value should always be `syslog_ng`. enum: - syslog_ng example: syslog_ng type: string x-enum-varnames: - SYSLOG_NG ObservabilityPipelineSyslogSourceMode: description: Protocol used by the syslog source to receive messages. enum: - tcp - udp example: tcp type: string x-enum-varnames: - TCP - UDP ObservabilityPipelineThrottleProcessor: description: >- The `throttle` processor limits the number of events that pass through over a given time window. properties: group_by: description: >- Optional list of fields used to group events before the threshold has been reached. example: - log.user.id items: type: string type: array id: description: The unique identifier for this processor. example: throttle-processor type: string include: description: >- A Datadog search query used to determine which logs this processor targets. example: env:prod type: string inputs: description: >- A list of component IDs whose output is used as the input for this processor. example: - datadog-agent-source items: type: string type: array threshold: description: >- the number of events allowed in a given time window. Events sent after the threshold has been reached, are dropped. example: 1000 format: int64 type: integer type: $ref: '#/components/schemas/ObservabilityPipelineThrottleProcessorType' window: description: The time window in seconds over which the threshold applies. example: 60 format: double type: number required: - id - type - include - inputs - threshold - window type: object ObservabilityPipelineThrottleProcessorType: default: throttle description: The processor type. The value should always be `throttle`. enum: - throttle example: throttle type: string x-enum-varnames: - THROTTLE ObservabilityPipelineTls: description: >- Configuration for enabling TLS encryption between the pipeline component and external services. properties: ca_file: description: >- Path to the Certificate Authority (CA) file used to validate the server’s TLS certificate. type: string example: example_value crt_file: description: >- Path to the TLS client certificate file used to authenticate the pipeline component with upstream or downstream services. example: /path/to/cert.crt type: string key_file: description: >- Path to the private key file associated with the TLS client certificate. Used for mutual TLS authentication. type: string example: example_value required: - crt_file type: object OktaAccount: description: Schema for an Okta account. properties: attributes: $ref: '#/components/schemas/OktaAccountAttributes' id: description: The ID of the Okta account, a UUID hash of the account name. example: f749daaf-682e-4208-a38d-c9b43162c609 type: string type: $ref: '#/components/schemas/OktaAccountType' required: - attributes - type type: object OktaAccountAttributes: description: Attributes object for an Okta account. properties: api_key: description: The API key of the Okta account. type: string writeOnly: true example: example_value auth_method: description: The authorization method for an Okta account. example: oauth type: string client_id: description: The Client ID of an Okta app integration. type: string example: abc-123-def client_secret: description: The client secret of an Okta app integration. type: string writeOnly: true example: example_value domain: description: The domain of the Okta account. example: https://example.okta.com/ type: string name: description: The name of the Okta account. example: Okta-Prod type: string required: - auth_method - domain - name type: object OktaAccountRequest: description: Request object for an Okta account. properties: data: $ref: '#/components/schemas/OktaAccount' required: - data type: object OktaAccountResponse: description: Response object for an Okta account. properties: data: $ref: '#/components/schemas/OktaAccount' type: object OktaAccountResponseData: description: Data object of an Okta account properties: attributes: $ref: '#/components/schemas/OktaAccountAttributes' id: description: The ID of the Okta account, a UUID hash of the account name. example: f749daaf-682e-4208-a38d-c9b43162c609 type: string type: $ref: '#/components/schemas/OktaAccountType' required: - attributes - id - type type: object x-merge-override: required: false OktaAccountType: default: okta-accounts description: Account type for an Okta account. enum: - okta-accounts example: okta-accounts type: string x-enum-varnames: - OKTA_ACCOUNTS OktaAccountUpdateRequest: description: Payload schema when updating an Okta account. properties: data: $ref: '#/components/schemas/OktaAccountUpdateRequestData' required: - data type: object OktaAccountUpdateRequestAttributes: description: Attributes object for updating an Okta account. properties: api_key: description: The API key of the Okta account. type: string writeOnly: true example: example_value auth_method: description: The authorization method for an Okta account. example: oauth type: string client_id: description: The Client ID of an Okta app integration. type: string example: abc-123-def client_secret: description: The client secret of an Okta app integration. type: string writeOnly: true example: example_value domain: description: The domain associated with an Okta account. example: https://dev-test.okta.com/ type: string required: - auth_method - domain type: object OktaAccountUpdateRequestData: description: Data object for updating an Okta account. properties: attributes: $ref: '#/components/schemas/OktaAccountUpdateRequestAttributes' type: $ref: '#/components/schemas/OktaAccountType' type: object OktaAccountsResponse: description: The expected response schema when getting Okta accounts. properties: data: description: List of Okta accounts. items: $ref: '#/components/schemas/OktaAccountResponseData' type: array type: object OnCallPageTargetType: description: The kind of target, `team_id` | `team_handle` | `user_id`. enum: - team_id - team_handle - user_id example: team_id type: string x-enum-varnames: - TEAM_ID - TEAM_HANDLE - USER_ID OnDemandConcurrencyCap: description: On-demand concurrency cap. properties: attributes: $ref: '#/components/schemas/OnDemandConcurrencyCapAttributes' type: $ref: '#/components/schemas/OnDemandConcurrencyCapType' type: object OnDemandConcurrencyCapAttributes: description: On-demand concurrency cap attributes. properties: on_demand_concurrency_cap: description: Value of the on-demand concurrency cap. format: double type: number example: 95.5 type: object OnDemandConcurrencyCapResponse: description: On-demand concurrency cap response. properties: data: $ref: '#/components/schemas/OnDemandConcurrencyCap' type: object OnDemandConcurrencyCapType: description: On-demand concurrency cap type. enum: - on_demand_concurrency_cap type: string x-enum-varnames: - ON_DEMAND_CONCURRENCY_CAP OpenAPIEndpoint: description: Endpoint info extracted from an `OpenAPI` specification. properties: method: description: The endpoint method. type: string example: example_value path: description: The endpoint path. type: string example: example_value type: object OpenAPIFile: description: Object for API data in an `OpenAPI` format as a file. properties: openapi_spec_file: description: Binary `OpenAPI` spec file format: binary type: string example: example_value type: object OpsgenieServiceCreateAttributes: description: The Opsgenie service attributes for a create request. properties: custom_url: description: The custom URL for a custom region. example: https://example.com type: string name: description: The name for the Opsgenie service. example: fake-opsgenie-service-name maxLength: 100 type: string opsgenie_api_key: description: The Opsgenie API key for your Opsgenie service. example: 00000000-0000-0000-0000-000000000000 type: string region: $ref: '#/components/schemas/OpsgenieServiceRegionType' required: - name - opsgenie_api_key - region type: object OpsgenieServiceCreateData: description: Opsgenie service data for a create request. properties: attributes: $ref: '#/components/schemas/OpsgenieServiceCreateAttributes' type: $ref: '#/components/schemas/OpsgenieServiceType' required: - type - attributes type: object OpsgenieServiceCreateRequest: description: Create request for an Opsgenie service. properties: data: $ref: '#/components/schemas/OpsgenieServiceCreateData' required: - data type: object OpsgenieServiceRegionType: description: The region for the Opsgenie service. enum: - us - eu - custom example: us type: string x-enum-varnames: - US - EU - CUSTOM OpsgenieServiceResponse: description: Response of an Opsgenie service. properties: data: $ref: '#/components/schemas/OpsgenieServiceResponseData' required: - data type: object OpsgenieServiceResponseAttributes: description: The attributes from an Opsgenie service response. properties: custom_url: description: The custom URL for a custom region. example: nullable: true type: string name: description: The name for the Opsgenie service. example: fake-opsgenie-service-name maxLength: 100 type: string region: $ref: '#/components/schemas/OpsgenieServiceRegionType' type: object x-merge-override: required: false OpsgenieServiceResponseData: description: Opsgenie service data from a response. properties: attributes: $ref: '#/components/schemas/OpsgenieServiceResponseAttributes' id: description: The ID of the Opsgenie service. example: 596da4af-0563-4097-90ff-07230c3f9db3 maxLength: 100 minLength: 1 type: string type: $ref: '#/components/schemas/OpsgenieServiceType' required: - id - type - attributes type: object x-merge-override: required: false OpsgenieServiceType: default: opsgenie-service description: Opsgenie service resource type. enum: - opsgenie-service example: opsgenie-service type: string x-enum-varnames: - OPSGENIE_SERVICE OpsgenieServiceUpdateAttributes: description: The Opsgenie service attributes for an update request. properties: custom_url: description: The custom URL for a custom region. example: https://example.com nullable: true type: string name: description: The name for the Opsgenie service. example: fake-opsgenie-service-name maxLength: 100 type: string opsgenie_api_key: description: The Opsgenie API key for your Opsgenie service. example: 00000000-0000-0000-0000-000000000000 type: string region: $ref: '#/components/schemas/OpsgenieServiceRegionType' type: object x-merge-override: required: false OpsgenieServiceUpdateData: description: Opsgenie service for an update request. properties: attributes: $ref: '#/components/schemas/OpsgenieServiceUpdateAttributes' id: description: The ID of the Opsgenie service. example: 596da4af-0563-4097-90ff-07230c3f9db3 maxLength: 100 minLength: 1 type: string type: $ref: '#/components/schemas/OpsgenieServiceType' required: - id - type - attributes type: object x-merge-override: required: false OpsgenieServiceUpdateRequest: description: Update request for an Opsgenie service. properties: data: $ref: '#/components/schemas/OpsgenieServiceUpdateData' required: - data type: object OpsgenieServicesResponse: description: Response with a list of Opsgenie services. properties: data: description: An array of Opsgenie services. example: - attributes: custom_url: name: fake-opsgenie-service-name region: us id: 596da4af-0563-4097-90ff-07230c3f9db3 type: opsgenie-service - attributes: custom_url: name: fake-opsgenie-service-name-2 region: eu id: 0d2937f1-b561-44fa-914a-99910f848014 type: opsgenie-service items: $ref: '#/components/schemas/OpsgenieServiceResponseData' type: array required: - data type: object OrderDirection: description: The sort direction for results. enum: - asc - desc example: asc type: string x-enum-varnames: - ASC - DESC OrgConfigGetResponse: description: A response with a single Org Config. properties: data: $ref: '#/components/schemas/OrgConfigRead' required: - data type: object OrgConfigListResponse: description: A response with multiple Org Configs. properties: data: description: An array of Org Configs. items: $ref: '#/components/schemas/OrgConfigRead' type: array required: - data type: object OrgConfigRead: description: A single Org Config. properties: attributes: $ref: '#/components/schemas/OrgConfigReadAttributes' id: description: A unique identifier for an Org Config. example: abcd1234 type: string type: $ref: '#/components/schemas/OrgConfigType' required: - id - type - attributes type: object OrgConfigReadAttributes: description: Readable attributes of an Org Config. properties: description: description: The description of an Org Config. example: Frobulate the turbo encabulator manifold type: string modified_at: description: The timestamp of the last Org Config update (if any). format: date-time nullable: true type: string example: example_value name: description: The machine-friendly name of an Org Config. example: monitor_timezone type: string value: description: The value of an Org Config. example: example_value value_type: description: The type of an Org Config value. example: bool type: string required: - name - description - value_type - value type: object OrgConfigType: description: Data type of an Org Config. enum: - org_configs example: org_configs type: string x-enum-varnames: - ORG_CONFIGS OrgConfigWrite: description: An Org Config write operation. properties: attributes: $ref: '#/components/schemas/OrgConfigWriteAttributes' type: $ref: '#/components/schemas/OrgConfigType' required: - type - attributes type: object OrgConfigWriteAttributes: description: Writable attributes of an Org Config. properties: value: description: The value of an Org Config. example: example_value required: - value type: object OrgConfigWriteRequest: description: A request to update an Org Config. properties: data: $ref: '#/components/schemas/OrgConfigWrite' required: - data type: object Organization: description: Organization object. properties: attributes: $ref: '#/components/schemas/OrganizationAttributes' id: description: ID of the organization. type: string example: abc-123-def type: $ref: '#/components/schemas/OrganizationsType' required: - type type: object OrganizationAttributes: description: Attributes of the organization. properties: created_at: description: Creation time of the organization. format: date-time type: string example: example_value description: description: Description of the organization. type: string example: example_value disabled: description: Whether or not the organization is disabled. type: boolean example: true modified_at: description: Time of last organization modification. format: date-time type: string example: example_value name: description: Name of the organization. type: string example: Example Monitor public_id: description: Public ID of the organization. type: string example: abc-123-def sharing: description: Sharing type of the organization. type: string example: example_value url: description: URL of the site that this organization exists at. type: string example: https://app.datadoghq.com type: object OrganizationsType: default: orgs description: Organizations resource type. enum: - orgs example: orgs type: string x-enum-varnames: - ORGS OutboundEdge: description: The definition of `OutboundEdge` object. properties: branchName: description: The `OutboundEdge` `branchName`. example: '' type: string nextStepName: description: The `OutboundEdge` `nextStepName`. example: '' type: string required: - nextStepName - branchName type: object OutcomeType: default: outcome description: The JSON:API type for an outcome. enum: - outcome example: outcome type: string x-enum-varnames: - OUTCOME OutcomesBatchAttributes: description: The JSON:API attributes for a batched set of scorecard outcomes. properties: results: description: Set of scorecard outcomes to update. items: $ref: '#/components/schemas/OutcomesBatchRequestItem' type: array type: object OutcomesBatchRequest: description: Scorecard outcomes batch request. properties: data: $ref: '#/components/schemas/OutcomesBatchRequestData' type: object OutcomesBatchRequestData: description: Scorecard outcomes batch request data. properties: attributes: $ref: '#/components/schemas/OutcomesBatchAttributes' type: $ref: '#/components/schemas/OutcomesBatchType' type: object OutcomesBatchRequestItem: description: >- Scorecard outcome for a specific rule, for a given service within a batched update. properties: remarks: description: >- Any remarks regarding the scorecard rule's evaluation, and supports HTML hyperlinks. example: 'See: Services' type: string rule_id: $ref: '#/components/schemas/RuleId' service_name: description: The unique name for a service in the catalog. example: my-service type: string state: $ref: '#/components/schemas/State' required: - rule_id - service_name - state type: object OutcomesBatchResponse: description: Scorecard outcomes batch response. properties: data: $ref: '#/components/schemas/OutcomesBatchResponseData' meta: $ref: '#/components/schemas/OutcomesBatchResponseMeta' required: - data - meta type: object OutcomesBatchResponseAttributes: description: The JSON:API attributes for an outcome. properties: created_at: description: Creation time of the rule outcome. format: date-time type: string example: example_value modified_at: description: Time of last rule outcome modification. format: date-time type: string example: example_value remarks: description: >- Any remarks regarding the scorecard rule's evaluation, and supports HTML hyperlinks. example: 'See: Services' type: string service_name: description: The unique name for a service in the catalog. example: my-service type: string state: $ref: '#/components/schemas/State' type: object OutcomesBatchResponseData: description: List of rule outcomes which were affected during the bulk operation. items: $ref: '#/components/schemas/OutcomesResponseDataItem' type: array OutcomesBatchResponseMeta: description: Metadata pertaining to the bulk operation. properties: total_received: description: >- Total number of scorecard results received during the bulk operation. format: int64 type: integer example: 42 total_updated: description: >- Total number of scorecard results modified during the bulk operation. format: int64 type: integer example: 42 type: object OutcomesBatchType: default: batched-outcome description: The JSON:API type for scorecard outcomes. enum: - batched-outcome example: batched-outcome type: string x-enum-varnames: - BATCHED_OUTCOME OutcomesResponse: description: Scorecard outcomes - the result of a rule for a service. properties: data: $ref: '#/components/schemas/OutcomesResponseData' included: $ref: '#/components/schemas/OutcomesResponseIncluded' links: $ref: '#/components/schemas/OutcomesResponseLinks' type: object OutcomesResponseData: description: List of rule outcomes. items: $ref: '#/components/schemas/OutcomesResponseDataItem' type: array OutcomesResponseDataItem: description: A single rule outcome. properties: attributes: $ref: '#/components/schemas/OutcomesBatchResponseAttributes' id: description: The unique ID for a rule outcome. type: string example: abc-123-def relationships: $ref: '#/components/schemas/RuleOutcomeRelationships' type: $ref: '#/components/schemas/OutcomeType' type: object OutcomesResponseIncluded: description: Array of rule details. items: $ref: '#/components/schemas/OutcomesResponseIncludedItem' type: array OutcomesResponseIncludedItem: description: Attributes of the included rule. properties: attributes: $ref: '#/components/schemas/OutcomesResponseIncludedRuleAttributes' id: $ref: '#/components/schemas/RuleId' type: $ref: '#/components/schemas/RuleType' type: object OutcomesResponseIncludedRuleAttributes: description: Details of a rule. properties: name: description: Name of the rule. example: Team Defined type: string scorecard_name: description: The scorecard name to which this rule must belong. example: Observability Best Practices type: string type: object OutcomesResponseLinks: description: Links attributes. properties: next: description: Link for the next set of results. example: >- /api/v2/scorecard/outcomes?include=rule&page%5Blimit%5D=100&page%5Boffset%5D=100 type: string type: object OutputSchema: description: A list of output parameters for the workflow. properties: parameters: description: The `OutputSchema` `parameters`. items: $ref: '#/components/schemas/OutputSchemaParameters' type: array type: object OutputSchemaParameters: description: The definition of `OutputSchemaParameters` object. properties: defaultValue: description: The `OutputSchemaParameters` `defaultValue`. example: example_value description: description: The `OutputSchemaParameters` `description`. type: string example: example_value label: description: The `OutputSchemaParameters` `label`. type: string example: example_value name: description: The `OutputSchemaParameters` `name`. example: '' type: string type: $ref: '#/components/schemas/OutputSchemaParametersType' value: description: The `OutputSchemaParameters` `value`. example: example_value required: - name - type type: object OutputSchemaParametersType: description: The definition of `OutputSchemaParametersType` object. enum: - STRING - NUMBER - BOOLEAN - OBJECT - ARRAY_STRING - ARRAY_NUMBER - ARRAY_BOOLEAN - ARRAY_OBJECT example: STRING type: string x-enum-varnames: - STRING - NUMBER - BOOLEAN - OBJECT - ARRAY_STRING - ARRAY_NUMBER - ARRAY_BOOLEAN - ARRAY_OBJECT PageUrgency: default: high description: On-Call Page urgency level. enum: - low - high example: high type: string x-enum-varnames: - LOW - HIGH Pagination: description: Pagination object. properties: total_count: description: Total count. format: int64 type: integer example: 42 total_filtered_count: description: Total count of elements matched by the filter. format: int64 type: integer example: 42 type: object Parameter: description: The definition of `Parameter` object. properties: name: description: The `Parameter` `name`. example: '' type: string value: description: The `Parameter` `value`. example: example_value required: - name - value type: object PartialAPIKey: description: Partial Datadog API key. properties: attributes: $ref: '#/components/schemas/PartialAPIKeyAttributes' id: description: ID of the API key. type: string example: abc-123-def relationships: $ref: '#/components/schemas/APIKeyRelationships' type: $ref: '#/components/schemas/APIKeysType' type: object x-merge-override: required: false PartialAPIKeyAttributes: description: Attributes of a partial API key. properties: category: description: The category of the API key. type: string example: example_value created_at: description: Creation date of the API key. example: '2020-11-23T10:00:00.000Z' readOnly: true type: string x-merge-override: format: false last4: description: The last four characters of the API key. example: abcd maxLength: 4 minLength: 4 readOnly: true type: string x-secret: true modified_at: description: Date the API key was last modified. example: '2020-11-23T10:00:00.000Z' readOnly: true type: string x-merge-override: format: false name: description: Name of the API key. example: API Key for submitting metrics type: string remote_config_read_enabled: description: The remote config read enabled status. type: boolean example: true type: object PartialApplicationKey: description: Partial Datadog application key. properties: attributes: $ref: '#/components/schemas/PartialApplicationKeyAttributes' id: description: ID of the application key. type: string example: abc-123-def relationships: $ref: '#/components/schemas/ApplicationKeyRelationships' type: $ref: '#/components/schemas/ApplicationKeysType' type: object x-merge-override: required: false PartialApplicationKeyAttributes: description: Attributes of a partial application key. properties: created_at: description: Creation date of the application key. example: '2020-11-23T10:00:00.000Z' readOnly: true type: string x-merge-override: format: false last4: description: The last four characters of the application key. example: abcd maxLength: 4 minLength: 4 readOnly: true type: string x-secret: true name: description: Name of the application key. example: Application Key for managing dashboards type: string scopes: description: Array of scopes to grant the application key. example: - dashboards_read - dashboards_write - dashboards_public_share items: description: Name of scope. type: string nullable: true type: array type: object PartialApplicationKeyResponse: description: Response for retrieving a partial application key. properties: data: $ref: '#/components/schemas/PartialApplicationKey' included: description: Array of objects related to the application key. items: $ref: '#/components/schemas/ApplicationKeyResponseIncludedItem' type: array type: object PatchNotificationRuleParameters: description: Body of the notification rule patch request. properties: data: $ref: '#/components/schemas/PatchNotificationRuleParametersData' type: object PatchNotificationRuleParametersData: description: >- Data of the notification rule patch request: the rule ID, the rule type, and the rule attributes. All fields are required. properties: attributes: $ref: '#/components/schemas/PatchNotificationRuleParametersDataAttributes' id: $ref: '#/components/schemas/ID' type: $ref: '#/components/schemas/NotificationRulesType' required: - attributes - id - type type: object PatchNotificationRuleParametersDataAttributes: description: >- Attributes of the notification rule patch request. It is required to update the version of the rule when patching it. properties: enabled: $ref: '#/components/schemas/Enabled' name: $ref: '#/components/schemas/RuleName' selectors: $ref: '#/components/schemas/Selectors' targets: $ref: '#/components/schemas/Targets' time_aggregation: $ref: '#/components/schemas/TimeAggregation' version: $ref: '#/components/schemas/Version' type: object Permission: description: Permission object. properties: attributes: $ref: '#/components/schemas/PermissionAttributes' id: description: ID of the permission. type: string example: abc-123-def type: $ref: '#/components/schemas/PermissionsType' required: - type type: object PermissionAttributes: description: Attributes of a permission. properties: created: description: Creation time of the permission. format: date-time type: string example: example_value description: description: Description of the permission. type: string example: example_value display_name: description: Displayed name for the permission. type: string example: Example Monitor display_type: description: Display type. type: string example: metric alert group_name: description: Name of the permission group. type: string example: Example Monitor name: description: Name of the permission. type: string example: Example Monitor restricted: description: Whether or not the permission is restricted. type: boolean example: true type: object PermissionsResponse: description: Payload with API-returned permissions. properties: data: description: Array of permissions. items: $ref: '#/components/schemas/Permission' type: array type: object PermissionsType: default: permissions description: Permissions resource type. enum: - permissions example: permissions type: string x-enum-varnames: - PERMISSIONS Powerpack: description: >- Powerpacks are templated groups of dashboard widgets you can save from an existing dashboard and turn into reusable packs in the widget tray. properties: data: $ref: '#/components/schemas/PowerpackData' type: object PowerpackAttributes: description: Powerpack attribute object. properties: description: description: Description of this powerpack. example: Powerpack for ABC type: string group_widget: $ref: '#/components/schemas/PowerpackGroupWidget' name: description: Name of the powerpack. example: Sample Powerpack type: string tags: description: List of tags to identify this powerpack. example: - tag:foo1 items: maxLength: 80 type: string maxItems: 8 type: array template_variables: description: List of template variables for this powerpack. example: - defaults: - '*' name: test items: $ref: '#/components/schemas/PowerpackTemplateVariable' type: array required: - group_widget - name type: object PowerpackData: description: Powerpack data object. properties: attributes: $ref: '#/components/schemas/PowerpackAttributes' id: description: ID of the powerpack. type: string example: abc-123-def relationships: $ref: '#/components/schemas/PowerpackRelationships' type: description: Type of widget, must be powerpack. example: powerpack type: string type: object x-merge-override: required: false PowerpackGroupWidget: description: Powerpack group widget definition object. properties: definition: $ref: '#/components/schemas/PowerpackGroupWidgetDefinition' layout: $ref: '#/components/schemas/PowerpackGroupWidgetLayout' live_span: $ref: '#/components/schemas/WidgetLiveSpan' required: - definition type: object PowerpackGroupWidgetDefinition: description: Powerpack group widget object. properties: layout_type: description: Layout type of widgets. example: ordered type: string show_title: description: >- Boolean indicating whether powerpack group title should be visible or not. example: true type: boolean title: description: Name for the group widget. example: Sample Powerpack type: string type: description: Type of widget, must be group. example: group type: string widgets: description: Widgets inside the powerpack. example: - definition: content: example type: note layout: height: 5 width: 10 x: 0 'y': 0 items: $ref: '#/components/schemas/PowerpackInnerWidgets' type: array required: - widgets - layout_type - type type: object PowerpackGroupWidgetLayout: description: Powerpack group widget layout. properties: height: description: The height of the widget. Should be a non-negative integer. example: 0 format: int64 minimum: 0 type: integer width: description: The width of the widget. Should be a non-negative integer. example: 0 format: int64 minimum: 0 type: integer x: description: >- The position of the widget on the x (horizontal) axis. Should be a non-negative integer. example: 0 format: int64 minimum: 0 type: integer 'y': description: >- The position of the widget on the y (vertical) axis. Should be a non-negative integer. example: 0 format: int64 minimum: 0 type: integer required: - x - 'y' - width - height type: object PowerpackInnerWidgetLayout: description: Powerpack inner widget layout. properties: height: description: The height of the widget. Should be a non-negative integer. example: 0 format: int64 minimum: 0 type: integer width: description: The width of the widget. Should be a non-negative integer. example: 0 format: int64 minimum: 0 type: integer x: description: >- The position of the widget on the x (horizontal) axis. Should be a non-negative integer. example: 0 format: int64 minimum: 0 type: integer 'y': description: >- The position of the widget on the y (vertical) axis. Should be a non-negative integer. example: 0 format: int64 minimum: 0 type: integer required: - x - 'y' - width - height type: object PowerpackInnerWidgets: description: Powerpack group widget definition of individual widgets. properties: definition: additionalProperties: {} description: Information about widget. example: definition: content: example type: note type: object layout: $ref: '#/components/schemas/PowerpackInnerWidgetLayout' required: - definition type: object PowerpackRelationships: description: Powerpack relationship object. properties: author: $ref: '#/components/schemas/RelationshipToUser' type: object PowerpackResponse: description: Response object which includes a single powerpack configuration. properties: data: $ref: '#/components/schemas/PowerpackData' included: description: Array of objects related to the users. items: $ref: '#/components/schemas/User' type: array readOnly: true type: object PowerpackResponseLinks: description: Links attributes. properties: first: description: Link to last page. type: string example: example_value last: description: Link to first page. example: >- https://app.datadoghq.com/api/v2/powerpacks?page[offset]=0&page[limit]=25 nullable: true type: string next: description: Link for the next set of results. example: >- https://app.datadoghq.com/api/v2/powerpacks?page[offset]=25&page[limit]=25 type: string prev: description: Link for the previous set of results. nullable: true type: string example: example_value self: description: Link to current page. example: https://app.datadoghq.com/api/v2/powerpacks type: string type: object PowerpackTemplateVariable: description: Powerpack template variables. properties: available_values: description: >- The list of values that the template variable drop-down is limited to. example: - my-host - host1 - host2 items: description: Template variable value. type: string nullable: true type: array defaults: description: >- One or many template variable default values within the saved view, which are unioned together using `OR` if more than one is specified. items: description: One or many default values of the template variable. minLength: 1 type: string type: array name: description: The name of the variable. example: datacenter type: string prefix: description: >- The tag prefix associated with the variable. Only tags with this prefix appear in the variable drop-down. example: host nullable: true type: string required: - name type: object PowerpacksResponseMeta: description: Powerpack response metadata. properties: pagination: $ref: '#/components/schemas/PowerpacksResponseMetaPagination' type: object PowerpacksResponseMetaPagination: description: Powerpack response pagination metadata. properties: first_offset: description: The first offset. format: int64 type: integer example: 42 last_offset: description: The last offset. format: int64 nullable: true type: integer example: 42 limit: description: Pagination limit. format: int64 type: integer example: 42 next_offset: description: The next offset. format: int64 type: integer example: 42 offset: description: The offset. format: int64 type: integer example: 42 prev_offset: description: The previous offset. format: int64 type: integer example: 42 total: description: Total results. format: int64 type: integer example: 42 type: description: Offset type. type: string example: metric alert type: object ProcessSummariesMeta: description: Response metadata object. properties: page: $ref: '#/components/schemas/ProcessSummariesMetaPage' type: object ProcessSummariesMetaPage: description: Paging attributes. properties: after: description: >- The cursor used to get the next results, if any. To make the next request, use the same parameters with the addition of the `page[cursor]`. example: 911abf1204838d9cdfcb9a96d0b6a1bd03e1b514074f1ce1737c4cbd type: string size: description: Number of results returned. format: int32 maximum: 10000 minimum: 0 type: integer example: 42 type: object ProcessSummariesResponse: description: List of process summaries. properties: data: description: Array of process summary objects. items: $ref: '#/components/schemas/ProcessSummary' type: array meta: $ref: '#/components/schemas/ProcessSummariesMeta' type: object ProcessSummary: description: Process summary object. properties: attributes: $ref: '#/components/schemas/ProcessSummaryAttributes' id: description: Process ID. type: string example: abc-123-def type: $ref: '#/components/schemas/ProcessSummaryType' type: object x-merge-override: required: false ProcessSummaryAttributes: description: Attributes for a process summary. properties: cmdline: description: Process command line. type: string example: example_value host: description: Host running the process. type: string example: example_value pid: description: Process ID. format: int64 type: integer example: 42 ppid: description: Parent process ID. format: int64 type: integer example: 42 start: description: Time the process was started. type: string example: example_value tags: description: List of tags associated with the process. items: description: A tag associated with the process. type: string type: array timestamp: description: Time the process was seen. type: string example: '2026-04-17T12:00:00Z' user: description: Process owner. type: string example: example_value type: object ProcessSummaryType: default: process description: Type of process summary. enum: - process example: process type: string x-enum-varnames: - PROCESS Project: description: A Project properties: attributes: $ref: '#/components/schemas/ProjectAttributes' id: description: The Project's identifier example: aeadc05e-98a8-11ec-ac2c-da7ad0900001 type: string relationships: $ref: '#/components/schemas/ProjectRelationships' type: $ref: '#/components/schemas/ProjectResourceType' required: - id - type - attributes type: object ProjectAttributes: description: Project attributes properties: key: description: The project's key example: CASEM type: string name: description: Project's name type: string example: Example Monitor type: object ProjectCreate: description: Project create properties: attributes: $ref: '#/components/schemas/ProjectCreateAttributes' type: $ref: '#/components/schemas/ProjectResourceType' required: - attributes - type type: object ProjectCreateAttributes: description: Project creation attributes properties: key: description: Project's key. Cannot be "CASE" example: SEC type: string name: description: name example: Security Investigation type: string required: - name - key type: object ProjectCreateRequest: description: Project create request properties: data: $ref: '#/components/schemas/ProjectCreate' required: - data type: object ProjectRelationship: description: Relationship to project properties: data: $ref: '#/components/schemas/ProjectRelationshipData' required: - data type: object ProjectRelationshipData: description: Relationship to project object properties: id: description: A unique identifier that represents the project example: e555e290-ed65-49bd-ae18-8acbfcf18db7 type: string type: $ref: '#/components/schemas/ProjectResourceType' required: - id - type type: object ProjectRelationships: description: Project relationships properties: member_team: $ref: '#/components/schemas/RelationshipToTeamLinks' member_user: $ref: '#/components/schemas/UsersRelationship' type: object ProjectResourceType: default: project description: Project resource type enum: - project example: project type: string x-enum-varnames: - PROJECT ProjectResponse: description: Project response properties: data: $ref: '#/components/schemas/Project' type: object ProjectedCost: description: Projected Cost data. properties: attributes: $ref: '#/components/schemas/ProjectedCostAttributes' id: description: Unique ID of the response. type: string example: abc-123-def type: $ref: '#/components/schemas/ProjectedCostType' type: object ProjectedCostAttributes: description: Projected Cost attributes data. properties: account_name: description: The account name. type: string example: Example Monitor account_public_id: description: The account public ID. type: string example: abc-123-def charges: description: List of charges data reported for the requested month. items: $ref: '#/components/schemas/ChargebackBreakdown' type: array date: description: The month requested. format: date-time type: string example: '2026-04-17T12:00:00Z' org_name: description: The organization name. type: string example: Example Monitor projected_total_cost: description: The total projected cost of products for the month. format: double type: number example: 95.5 public_id: description: The organization public ID. type: string example: abc-123-def region: description: The region of the Datadog instance that the organization belongs to. type: string example: example_value type: object ProjectedCostResponse: description: Projected Cost response. properties: data: description: Response containing Projected Cost. items: $ref: '#/components/schemas/ProjectedCost' type: array type: object ProjectedCostType: default: projected_cost description: Type of cost data. enum: - projected_cost example: projected_cost type: string x-enum-varnames: - PROJECt_COST ProjectsResponse: description: Response with projects properties: data: description: Projects response data items: $ref: '#/components/schemas/Project' type: array type: object PublishAppResponse: description: The response object after an app is successfully published. properties: data: $ref: '#/components/schemas/Deployment' type: object Query: description: >- A data query used by an app. This can take the form of an external action, a data transformation, or a state variable. oneOf: - $ref: '#/components/schemas/ActionQuery' - $ref: '#/components/schemas/DataTransform' - $ref: '#/components/schemas/StateVariable' QueryFormula: description: A formula for calculation based on one or more queries. properties: formula: description: >- Formula string, referencing one or more queries with their name property. example: a+b type: string limit: $ref: '#/components/schemas/FormulaLimit' required: - formula type: object QuerySortOrder: default: desc description: Direction of sort. enum: - asc - desc type: string x-enum-varnames: - ASC - DESC RUMAggregateBucketValue: description: A bucket value, can be either a timeseries or a single value. oneOf: - $ref: '#/components/schemas/RUMAggregateBucketValueSingleString' - $ref: '#/components/schemas/RUMAggregateBucketValueSingleNumber' - $ref: '#/components/schemas/RUMAggregateBucketValueTimeseries' RUMAggregateBucketValueSingleNumber: description: A single number value. format: double type: number RUMAggregateBucketValueSingleString: description: A single string value. type: string RUMAggregateBucketValueTimeseries: description: A timeseries array. items: $ref: '#/components/schemas/RUMAggregateBucketValueTimeseriesPoint' type: array x-generate-alias-as-model: true RUMAggregateBucketValueTimeseriesPoint: description: A timeseries point. properties: time: description: The time value for this point. example: '2020-06-08T11:55:00.123Z' format: date-time type: string value: description: The value for this point. example: 19 format: double type: number type: object RUMAggregateRequest: description: >- The object sent with the request to retrieve aggregation buckets of RUM events from your organization. properties: compute: description: >- The list of metrics or timeseries to compute for the retrieved buckets. items: $ref: '#/components/schemas/RUMCompute' type: array filter: $ref: '#/components/schemas/RUMQueryFilter' group_by: description: The rules for the group by. items: $ref: '#/components/schemas/RUMGroupBy' type: array options: $ref: '#/components/schemas/RUMQueryOptions' page: $ref: '#/components/schemas/RUMQueryPageOptions' type: object RUMAggregateSort: description: A sort rule. example: aggregation: count order: asc properties: aggregation: $ref: '#/components/schemas/RUMAggregationFunction' metric: description: The metric to sort by (only used for `type=measure`). example: '@duration' type: string order: $ref: '#/components/schemas/RUMSortOrder' type: $ref: '#/components/schemas/RUMAggregateSortType' type: object RUMAggregateSortType: default: alphabetical description: The type of sorting algorithm. enum: - alphabetical - measure type: string x-enum-varnames: - ALPHABETICAL - MEASURE RUMAggregationBucketsResponse: description: The query results. properties: buckets: description: The list of matching buckets, one item per bucket. items: $ref: '#/components/schemas/RUMBucketResponse' type: array type: object RUMAggregationFunction: description: An aggregation function. enum: - count - cardinality - pc75 - pc90 - pc95 - pc98 - pc99 - sum - min - max - avg - median example: pc90 type: string x-enum-varnames: - COUNT - CARDINALITY - PERCENTILE_75 - PERCENTILE_90 - PERCENTILE_95 - PERCENTILE_98 - PERCENTILE_99 - SUM - MIN - MAX - AVG - MEDIAN RUMAnalyticsAggregateResponse: description: The response object for the RUM events aggregate API endpoint. properties: data: $ref: '#/components/schemas/RUMAggregationBucketsResponse' links: $ref: '#/components/schemas/RUMResponseLinks' meta: $ref: '#/components/schemas/RUMResponseMetadata' type: object RUMApplication: description: RUM application. properties: attributes: $ref: '#/components/schemas/RUMApplicationAttributes' id: description: RUM application ID. example: abcd1234-0000-0000-abcd-1234abcd5678 type: string x-merge-override: format: false type: $ref: '#/components/schemas/RUMApplicationType' required: - attributes - id - type type: object RUMApplicationAttributes: description: RUM application attributes. properties: application_id: description: ID of the RUM application. example: abcd1234-0000-0000-abcd-1234abcd5678 type: string x-merge-override: format: false client_token: description: Client token of the RUM application. example: abcd1234efgh5678ijkl90abcd1234efgh0 type: string created_at: description: Timestamp in ms of the creation date. example: 1659479836169 format: int64 type: integer created_by_handle: description: Handle of the creator user. example: john.doe type: string hash: description: Hash of the RUM application. Optional. type: string example: example_value is_active: description: Indicates if the RUM application is active. example: true type: boolean name: description: Name of the RUM application. example: my_rum_application type: string org_id: description: Org ID of the RUM application. example: 999 format: int32 maximum: 2147483647 type: integer type: description: >- Type of the RUM application. Supported values are `browser`, `ios`, `android`, `react-native`, `flutter`, `roku`, `electron`, `unity`, `kotlin-multiplatform`. example: browser type: string updated_at: description: Timestamp in ms of the last update date. example: 1659479836169 format: int64 type: integer updated_by_handle: description: Handle of the updater user. example: jane.doe type: string required: - application_id - client_token - created_at - created_by_handle - name - org_id - type - updated_at - updated_by_handle type: object RUMApplicationCreate: description: RUM application creation. properties: attributes: $ref: '#/components/schemas/RUMApplicationCreateAttributes' type: $ref: '#/components/schemas/RUMApplicationCreateType' required: - attributes - type type: object x-merge-override: required: false RUMApplicationCreateAttributes: description: RUM application creation attributes. properties: name: description: Name of the RUM application. example: my_new_rum_application type: string type: description: >- Type of the RUM application. Supported values are `browser`, `ios`, `android`, `react-native`, `flutter`, `roku`, `electron`, `unity`, `kotlin-multiplatform`. example: browser type: string required: - name type: object RUMApplicationCreateRequest: description: RUM application creation request attributes. properties: data: $ref: '#/components/schemas/RUMApplicationCreate' required: - data type: object RUMApplicationCreateType: default: rum_application_create description: RUM application creation type. enum: - rum_application_create example: rum_application_create type: string x-enum-varnames: - RUM_APPLICATION_CREATE RUMApplicationList: description: RUM application list. properties: attributes: $ref: '#/components/schemas/RUMApplicationListAttributes' id: description: RUM application ID. example: abcd1234-0000-0000-abcd-1234abcd5678 type: string x-merge-override: format: false type: $ref: '#/components/schemas/RUMApplicationListType' required: - attributes - type type: object x-merge-override: required: false RUMApplicationListAttributes: description: RUM application list attributes. properties: application_id: description: ID of the RUM application. example: abcd1234-0000-0000-abcd-1234abcd5678 type: string x-merge-override: format: false created_at: description: Timestamp in ms of the creation date. example: 1659479836169 format: int64 type: integer created_by_handle: description: Handle of the creator user. example: john.doe type: string hash: description: Hash of the RUM application. Optional. type: string example: example_value is_active: description: Indicates if the RUM application is active. example: true type: boolean name: description: Name of the RUM application. example: my_rum_application type: string org_id: description: Org ID of the RUM application. example: 999 format: int32 maximum: 2147483647 type: integer type: description: >- Type of the RUM application. Supported values are `browser`, `ios`, `android`, `react-native`, `flutter`, `roku`, `electron`, `unity`, `kotlin-multiplatform`. example: browser type: string updated_at: description: Timestamp in ms of the last update date. example: 1659479836169 format: int64 type: integer updated_by_handle: description: Handle of the updater user. example: jane.doe type: string required: - application_id - created_at - created_by_handle - name - org_id - type - updated_at - updated_by_handle type: object RUMApplicationListType: default: rum_application description: RUM application list type. enum: - rum_application example: rum_application type: string x-enum-varnames: - RUM_APPLICATION RUMApplicationResponse: description: RUM application response. properties: data: $ref: '#/components/schemas/RUMApplication' type: object RUMApplicationType: default: rum_application description: RUM application response type. enum: - rum_application example: rum_application type: string x-enum-varnames: - RUM_APPLICATION RUMApplicationUpdate: description: RUM application update. properties: attributes: $ref: '#/components/schemas/RUMApplicationUpdateAttributes' id: description: RUM application ID. example: abcd1234-0000-0000-abcd-1234abcd5678 type: string x-merge-override: format: false type: $ref: '#/components/schemas/RUMApplicationUpdateType' required: - id - type type: object RUMApplicationUpdateAttributes: description: RUM application update attributes. properties: name: description: Name of the RUM application. example: updated_name_for_my_existing_rum_application type: string type: description: >- Type of the RUM application. Supported values are `browser`, `ios`, `android`, `react-native`, `flutter`, `roku`, `electron`, `unity`, `kotlin-multiplatform`. example: browser type: string type: object RUMApplicationUpdateRequest: description: RUM application update request. properties: data: $ref: '#/components/schemas/RUMApplicationUpdate' required: - data type: object RUMApplicationUpdateType: default: rum_application_update description: RUM application update type. enum: - rum_application_update example: rum_application_update type: string x-enum-varnames: - RUM_APPLICATION_UPDATE RUMApplicationsResponse: description: RUM applications response. properties: data: description: RUM applications array response. items: $ref: '#/components/schemas/RUMApplicationList' type: array type: object RUMBucketResponse: description: Bucket values. properties: by: additionalProperties: description: The values for each group-by. type: string description: The key-value pairs for each group-by. example: '@session.type': user '@type': view type: object computes: additionalProperties: $ref: '#/components/schemas/RUMAggregateBucketValue' description: >- A map of the metric name to value for regular compute, or a list of values for a timeseries. type: object type: object RUMCompute: description: A compute rule to compute metrics or timeseries. properties: aggregation: $ref: '#/components/schemas/RUMAggregationFunction' interval: description: |- The time buckets' size (only used for type=timeseries) Defaults to a resolution of 150 points. example: 5m type: string metric: description: The metric to use. example: '@duration' type: string type: $ref: '#/components/schemas/RUMComputeType' required: - aggregation type: object RUMComputeType: default: total description: The type of compute. enum: - timeseries - total type: string x-enum-varnames: - TIMESERIES - TOTAL RUMEvent: description: >- Object description of a RUM event after being processed and stored by Datadog. properties: attributes: $ref: '#/components/schemas/RUMEventAttributes' id: description: Unique ID of the event. example: AAAAAWgN8Xwgr1vKDQAAAABBV2dOOFh3ZzZobm1mWXJFYTR0OA type: string type: $ref: '#/components/schemas/RUMEventType' type: object RUMEventAttributes: description: JSON object containing all event attributes and their associated values. properties: attributes: additionalProperties: {} description: JSON object of attributes from RUM events. example: customAttribute: 123 duration: 2345 type: object service: description: >- The name of the application or service generating RUM events. It is used to switch from RUM to APM, so make sure you define the same value when you use both products. example: web-app type: string tags: description: Array of tags associated with your event. example: - team:A items: description: Tag associated with your event. type: string type: array timestamp: description: Timestamp of your event. example: '2019-01-02T09:42:36.320Z' format: date-time type: string type: object RUMEventType: default: rum description: Type of the event. enum: - rum example: rum type: string x-enum-varnames: - RUM RUMEventsResponse: description: >- Response object with all events matching the request and pagination information. properties: data: description: Array of events matching the request. items: $ref: '#/components/schemas/RUMEvent' type: array links: $ref: '#/components/schemas/RUMResponseLinks' meta: $ref: '#/components/schemas/RUMResponseMetadata' type: object RUMGroupBy: description: A group-by rule. properties: facet: description: The name of the facet to use (required). example: '@view.time_spent' type: string histogram: $ref: '#/components/schemas/RUMGroupByHistogram' limit: default: 10 description: The maximum buckets to return for this group-by. format: int64 type: integer example: 42 missing: $ref: '#/components/schemas/RUMGroupByMissing' sort: $ref: '#/components/schemas/RUMAggregateSort' total: $ref: '#/components/schemas/RUMGroupByTotal' required: - facet type: object RUMGroupByHistogram: description: >- Used to perform a histogram computation (only for measure facets). Note: At most 100 buckets are allowed, the number of buckets is (max - min)/interval. properties: interval: description: The bin size of the histogram buckets. example: 10 format: double type: number max: description: |- The maximum value for the measure used in the histogram (values greater than this one are filtered out). example: 100 format: double type: number min: description: |- The minimum value for the measure used in the histogram (values smaller than this one are filtered out). example: 50 format: double type: number required: - interval - min - max type: object RUMGroupByMissing: description: The value to use for logs that don't have the facet used to group by. oneOf: - $ref: '#/components/schemas/RUMGroupByMissingString' - $ref: '#/components/schemas/RUMGroupByMissingNumber' RUMGroupByMissingNumber: description: The missing value to use if there is a number valued facet. format: double type: number RUMGroupByMissingString: description: The missing value to use if there is string valued facet. type: string RUMGroupByTotal: default: false description: >- A resulting object to put the given computes in over all the matching records. oneOf: - $ref: '#/components/schemas/RUMGroupByTotalBoolean' - $ref: '#/components/schemas/RUMGroupByTotalString' - $ref: '#/components/schemas/RUMGroupByTotalNumber' RUMGroupByTotalBoolean: description: If set to true, creates an additional bucket labeled "$facet_total". type: boolean RUMGroupByTotalNumber: description: A number to use as the key value for the total bucket. format: double type: number RUMGroupByTotalString: description: A string to use as the key value for the total bucket. type: string RUMQueryFilter: description: The search and filter query settings. properties: from: default: now-15m description: >- The minimum time for the requested events; supports date (in [ISO 8601](https://www.w3.org/TR/NOTE-datetime) format with full date, hours, minutes, and the `Z` UTC indicator - seconds and fractional seconds are optional), math, and regular timestamps (in milliseconds). example: now-15m type: string query: default: '*' description: The search query following the RUM search syntax. example: '@type:session AND @session.type:user' type: string to: default: now description: >- The maximum time for the requested events; supports date (in [ISO 8601](https://www.w3.org/TR/NOTE-datetime) format with full date, hours, minutes, and the `Z` UTC indicator - seconds and fractional seconds are optional), math, and regular timestamps (in milliseconds). example: now type: string type: object RUMQueryOptions: description: >- Global query options that are used during the query. Note: Only supply timezone or time offset, not both. Otherwise, the query fails. properties: time_offset: description: The time offset (in seconds) to apply to the query. format: int64 type: integer example: 42 timezone: default: UTC description: >- The timezone can be specified as GMT, UTC, an offset from UTC (like UTC+1), or as a Timezone Database identifier (like America/New_York). example: GMT type: string type: object RUMQueryPageOptions: description: Paging attributes for listing events. properties: cursor: description: List following results with a cursor provided in the previous query. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string limit: default: 10 description: Maximum number of events in the response. example: 25 format: int32 maximum: 1000 type: integer type: object RUMResponseLinks: description: Links attributes. properties: next: description: >- Link for the next set of results. Note that the request can also be made using the POST endpoint. example: >- https://app.datadoghq.com/api/v2/rum/event?filter[query]=foo&page[cursor]=eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string type: object RUMResponseMetadata: description: The metadata associated with a request. properties: elapsed: description: The time elapsed in milliseconds. example: 132 format: int64 type: integer page: $ref: '#/components/schemas/RUMResponsePage' request_id: description: The identifier of the request. example: MWlFUjVaWGZTTTZPYzM0VXp1OXU2d3xLSVpEMjZKQ0VKUTI0dEYtM3RSOFVR type: string status: $ref: '#/components/schemas/RUMResponseStatus' warnings: description: >- A list of warnings (non-fatal errors) encountered. Partial results may return if warnings are present in the response. items: $ref: '#/components/schemas/RUMWarning' type: array type: object RUMResponsePage: description: Paging attributes. properties: after: description: >- The cursor to use to get the next results, if any. To make the next request, use the same parameters with the addition of `page[cursor]`. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string type: object RUMResponseStatus: description: The status of the response. enum: - done - timeout example: done type: string x-enum-varnames: - DONE - TIMEOUT RUMSearchEventsRequest: description: The request for a RUM events list. properties: filter: $ref: '#/components/schemas/RUMQueryFilter' options: $ref: '#/components/schemas/RUMQueryOptions' page: $ref: '#/components/schemas/RUMQueryPageOptions' sort: $ref: '#/components/schemas/RUMSort' type: object RUMSort: description: Sort parameters when querying events. enum: - timestamp - '-timestamp' type: string x-enum-varnames: - TIMESTAMP_ASCENDING - TIMESTAMP_DESCENDING RUMSortOrder: description: The order to use, ascending or descending. enum: - asc - desc example: asc type: string x-enum-varnames: - ASCENDING - DESCENDING RUMWarning: description: A warning message indicating something that went wrong with the query. properties: code: description: A unique code for this type of warning. example: unknown_index type: string detail: description: A detailed explanation of this specific warning. example: 'indexes: foo, bar' type: string title: description: A short human-readable summary of the warning. example: >- One or several indexes are missing or invalid, results hold data from the other indexes type: string type: object ReadinessGate: description: Used to merge multiple branches into a single branch. properties: thresholdType: $ref: '#/components/schemas/ReadinessGateThresholdType' required: - thresholdType type: object ReadinessGateThresholdType: description: The definition of `ReadinessGateThresholdType` object. enum: - ANY - ALL example: ANY type: string x-enum-varnames: - ANY - ALL RelationAttributes: description: Relation attributes. properties: from: $ref: '#/components/schemas/RelationEntity' to: $ref: '#/components/schemas/RelationEntity' type: $ref: '#/components/schemas/RelationType' type: object RelationEntity: description: Relation entity reference. properties: kind: description: Entity kind. type: string example: example_value name: description: Entity name. type: string example: Example Monitor namespace: description: Entity namespace. type: string example: Example Monitor type: object RelationIncludeType: description: Supported include types for relations. enum: - entity - schema type: string x-enum-varnames: - ENTITY - SCHEMA RelationMeta: description: Relation metadata. properties: createdAt: description: Relation creation time. format: date-time type: string example: example_value definedBy: description: Relation defined by. type: string example: example_value modifiedAt: description: Relation modification time. format: date-time type: string example: example_value source: description: Relation source. type: string example: example_value type: object RelationRelationships: description: Relation relationships. properties: fromEntity: $ref: '#/components/schemas/RelationToEntity' toEntity: $ref: '#/components/schemas/RelationToEntity' type: object RelationResponse: description: Relation response data. properties: attributes: $ref: '#/components/schemas/RelationAttributes' id: description: Relation ID. type: string example: abc-123-def meta: $ref: '#/components/schemas/RelationMeta' relationships: $ref: '#/components/schemas/RelationRelationships' subtype: description: Relation subtype. type: string example: metric alert type: $ref: '#/components/schemas/RelationResponseType' type: object RelationResponseData: description: Array of relation responses items: $ref: '#/components/schemas/RelationResponse' type: array RelationResponseMeta: description: Relation response metadata. properties: count: description: Total relations count. format: int64 type: integer example: 42 includeCount: description: Total included data count. format: int64 type: integer example: 42 type: object RelationResponseType: description: Relation type. enum: - relation type: string x-enum-varnames: - RELATION RelationToEntity: description: Relation to entity. properties: data: $ref: '#/components/schemas/RelationshipItem' meta: $ref: '#/components/schemas/EntityMeta' type: object RelationType: description: Supported relation types. enum: - RelationTypeOwns - RelationTypeOwnedBy - RelationTypeDependsOn - RelationTypeDependencyOf - RelationTypePartsOf - RelationTypeHasPart - RelationTypeOtherOwns - RelationTypeOtherOwnedBy - RelationTypeImplementedBy - RelationTypeImplements type: string x-enum-varnames: - RELATIONTYPEOWNS - RELATIONTYPEOWNEDBY - RELATIONTYPEDEPENDSON - RELATIONTYPEDEPENDENCYOF - RELATIONTYPEPARTSOF - RELATIONTYPEHASPART - RELATIONTYPEOTHEROWNS - RELATIONTYPEOTHEROWNEDBY - RELATIONTYPEIMPLEMENTEDBY - RELATIONTYPEIMPLEMENTS RelationshipArray: description: Relationships. items: $ref: '#/components/schemas/RelationshipItem' type: array RelationshipItem: description: Relationship entry. properties: id: description: Associated data ID. type: string example: abc-123-def type: description: Relationship type. type: string example: metric alert type: object RelationshipToIncidentAttachment: description: A relationship reference for attachments. properties: data: description: An array of incident attachments. items: $ref: '#/components/schemas/RelationshipToIncidentAttachmentData' type: array required: - data type: object RelationshipToIncidentAttachmentData: description: The attachment relationship data. properties: id: description: A unique identifier that represents the attachment. example: 00000000-0000-abcd-1000-000000000000 type: string type: $ref: '#/components/schemas/IncidentAttachmentType' required: - id - type type: object x-merge-override: required: false RelationshipToIncidentImpactData: description: Relationship to impact object. properties: id: description: A unique identifier that represents the impact. example: 00000000-0000-0000-2345-000000000000 type: string type: $ref: '#/components/schemas/IncidentImpactsType' required: - id - type type: object x-merge-override: required: false RelationshipToIncidentImpacts: description: Relationship to impacts. properties: data: description: An array of incident impacts. items: $ref: '#/components/schemas/RelationshipToIncidentImpactData' type: array required: - data type: object RelationshipToIncidentIntegrationMetadataData: description: A relationship reference for an integration metadata object. example: id: 00000000-abcd-0002-0000-000000000000 type: incident_integrations properties: id: description: A unique identifier that represents the integration metadata. example: 00000000-abcd-0001-0000-000000000000 type: string type: $ref: '#/components/schemas/IncidentIntegrationMetadataType' required: - id - type type: object x-merge-override: required: false RelationshipToIncidentIntegrationMetadatas: description: A relationship reference for multiple integration metadata objects. example: data: - id: 00000000-abcd-0005-0000-000000000000 type: incident_integrations - id: 00000000-abcd-0006-0000-000000000000 type: incident_integrations properties: data: description: Integration metadata relationship array example: - id: 00000000-abcd-0003-0000-000000000000 type: incident_integrations - id: 00000000-abcd-0004-0000-000000000000 type: incident_integrations items: $ref: '#/components/schemas/RelationshipToIncidentIntegrationMetadataData' type: array required: - data type: object RelationshipToIncidentPostmortem: description: A relationship reference for postmortems. example: data: id: 00000000-0000-abcd-3000-000000000000 type: incident_postmortems properties: data: $ref: '#/components/schemas/RelationshipToIncidentPostmortemData' required: - data type: object RelationshipToIncidentPostmortemData: description: The postmortem relationship data. example: id: 00000000-0000-abcd-2000-000000000000 type: incident_postmortems properties: id: description: A unique identifier that represents the postmortem. example: 00000000-0000-abcd-1000-000000000000 type: string type: $ref: '#/components/schemas/IncidentPostmortemType' required: - id - type type: object RelationshipToIncidentResponderData: description: Relationship to impact object. properties: id: description: A unique identifier that represents the responder. example: 00000000-0000-0000-2345-000000000000 type: string type: $ref: '#/components/schemas/IncidentRespondersType' required: - id - type type: object x-merge-override: required: false RelationshipToIncidentResponders: description: Relationship to incident responders. properties: data: description: An array of incident responders. items: $ref: '#/components/schemas/RelationshipToIncidentResponderData' type: array required: - data type: object RelationshipToIncidentUserDefinedFieldData: description: Relationship to impact object. properties: id: description: A unique identifier that represents the responder. example: 00000000-0000-0000-2345-000000000000 type: string type: $ref: '#/components/schemas/IncidentUserDefinedFieldType' required: - id - type type: object x-merge-override: required: false RelationshipToIncidentUserDefinedFields: description: Relationship to incident user defined fields. properties: data: description: An array of user defined fields. items: $ref: '#/components/schemas/RelationshipToIncidentUserDefinedFieldData' type: array required: - data type: object RelationshipToOrganization: description: Relationship to an organization. properties: data: $ref: '#/components/schemas/RelationshipToOrganizationData' required: - data type: object RelationshipToOrganizationData: description: Relationship to organization object. properties: id: description: ID of the organization. example: 00000000-0000-beef-0000-000000000000 type: string type: $ref: '#/components/schemas/OrganizationsType' required: - id - type type: object RelationshipToOrganizations: description: Relationship to organizations. properties: data: description: Relationships to organization objects. example: [] items: $ref: '#/components/schemas/RelationshipToOrganizationData' type: array required: - data type: object RelationshipToOutcome: description: The JSON:API relationship to a scorecard outcome. properties: data: $ref: '#/components/schemas/RelationshipToOutcomeData' type: object RelationshipToOutcomeData: description: >- The JSON:API relationship to an outcome, which returns the related rule id. properties: id: $ref: '#/components/schemas/RuleId' type: $ref: '#/components/schemas/RuleType' type: object RelationshipToPermission: description: Relationship to a permissions object. properties: data: $ref: '#/components/schemas/RelationshipToPermissionData' type: object x-merge-override: required: false RelationshipToPermissionData: description: Relationship to permission object. properties: id: description: ID of the permission. type: string example: abc-123-def type: $ref: '#/components/schemas/PermissionsType' type: object x-merge-override: required: false RelationshipToPermissions: description: Relationship to multiple permissions objects. properties: data: description: Relationships to permission objects. items: $ref: '#/components/schemas/RelationshipToPermissionData' type: array type: object x-merge-override: required: false RelationshipToRole: description: Relationship to role. properties: data: $ref: '#/components/schemas/RelationshipToRoleData' type: object x-merge-override: required: false RelationshipToRoleData: description: Relationship to role object. properties: id: description: The unique identifier of the role. example: 3653d3c6-0c75-11ea-ad28-fb5701eabc7d type: string type: $ref: '#/components/schemas/RolesType' type: object x-merge-override: required: false RelationshipToRoles: description: Relationship to roles. properties: data: description: An array containing type and the unique identifier of a role. items: $ref: '#/components/schemas/RelationshipToRoleData' type: array type: object x-merge-override: required: false RelationshipToRule: description: Scorecard create rule response relationship. properties: scorecard: $ref: '#/components/schemas/RelationshipToRuleData' type: object RelationshipToRuleData: description: Relationship data for a rule. properties: data: $ref: '#/components/schemas/RelationshipToRuleDataObject' type: object RelationshipToRuleDataObject: description: Rule relationship data. properties: id: description: The unique ID for a scorecard. example: q8MQxk8TCqrHnWkp type: string type: $ref: '#/components/schemas/ScorecardType' type: object RelationshipToSAMLAssertionAttribute: description: AuthN Mapping relationship to SAML Assertion Attribute. properties: data: $ref: '#/components/schemas/RelationshipToSAMLAssertionAttributeData' required: - data type: object RelationshipToSAMLAssertionAttributeData: description: Data of AuthN Mapping relationship to SAML Assertion Attribute. properties: id: description: The ID of the SAML assertion attribute. example: '0' type: string type: $ref: '#/components/schemas/SAMLAssertionAttributesType' required: - id - type type: object x-merge-override: required: false RelationshipToTeam: description: Relationship to team. properties: data: $ref: '#/components/schemas/RelationshipToTeamData' type: object x-merge-override: required: false RelationshipToTeamData: description: Relationship to Team object. properties: id: description: The unique identifier of the team. example: f9bb8444-af7f-11ec-ac2c-da7ad0900001 type: string type: $ref: '#/components/schemas/TeamType' type: object x-merge-override: required: false RelationshipToTeamLinkData: description: Relationship between a link and a team properties: id: description: The team link's identifier example: f9bb8444-af7f-11ec-ac2c-da7ad0900001 type: string type: $ref: '#/components/schemas/TeamLinkType' required: - id - type type: object x-merge-override: required: false RelationshipToTeamLinks: description: Relationship between a team and a team link properties: data: description: Related team links items: $ref: '#/components/schemas/RelationshipToTeamLinkData' type: array links: $ref: '#/components/schemas/TeamRelationshipsLinks' type: object x-merge-override: required: false RelationshipToUser: description: Relationship to user. properties: data: $ref: '#/components/schemas/RelationshipToUserData' required: - data type: object RelationshipToUserData: description: Relationship to user object. properties: id: description: A unique identifier that represents the user. example: 00000000-0000-0000-2345-000000000000 type: string type: $ref: '#/components/schemas/UsersType' required: - id - type type: object x-merge-override: required: false RelationshipToUserTeamPermission: description: Relationship between a user team permission and a team properties: data: $ref: '#/components/schemas/RelationshipToUserTeamPermissionData' links: $ref: '#/components/schemas/TeamRelationshipsLinks' type: object x-merge-override: required: false RelationshipToUserTeamPermissionData: description: Related user team permission data properties: id: description: The ID of the user team permission example: UserTeamPermissions-aeadc05e-98a8-11ec-ac2c-da7ad0900001-416595 type: string type: $ref: '#/components/schemas/UserTeamPermissionType' required: - id - type type: object x-merge-override: required: false RelationshipToUserTeamTeam: description: Relationship between team membership and team properties: data: $ref: '#/components/schemas/RelationshipToUserTeamTeamData' required: - data type: object RelationshipToUserTeamTeamData: description: The team associated with the membership properties: id: description: The ID of the team associated with the membership example: d7e15d9d-d346-43da-81d8-3d9e71d9a5e9 type: string type: $ref: '#/components/schemas/UserTeamTeamType' required: - id - type type: object RelationshipToUserTeamUser: description: Relationship between team membership and user properties: data: $ref: '#/components/schemas/RelationshipToUserTeamUserData' required: - data type: object RelationshipToUserTeamUserData: description: A user's relationship with a team properties: id: description: The ID of the user associated with the team example: b8626d7e-cedd-11eb-abf5-da7ad0900001 type: string type: $ref: '#/components/schemas/UserTeamUserType' required: - id - type type: object x-merge-override: required: false RelationshipToUsers: description: Relationship to users. properties: data: description: Relationships to user objects. example: [] items: $ref: '#/components/schemas/RelationshipToUserData' type: array required: - data type: object Remediation: description: Vulnerability remediation. properties: auto_solvable: description: >- Whether the vulnerability can be resolved when recompiling the package or not. example: false type: boolean avoided_advisories: description: Avoided advisories. items: $ref: '#/components/schemas/Advisory' type: array fixed_advisories: description: Remediation fixed advisories. items: $ref: '#/components/schemas/Advisory' type: array library_name: description: Library name remediating the vulnerability. example: stdlib type: string library_version: description: Library version remediating the vulnerability. example: Upgrade to a version >= 1.20.0 type: string new_advisories: description: New advisories. items: $ref: '#/components/schemas/Advisory' type: array remaining_advisories: description: Remaining advisories. items: $ref: '#/components/schemas/Advisory' type: array type: description: Remediation type. example: text type: string required: - type - library_name - library_version - auto_solvable - fixed_advisories - remaining_advisories - new_advisories - avoided_advisories type: object ReorderRetentionFiltersRequest: description: A list of retention filters to reorder. properties: data: description: A list of retention filters objects. items: $ref: '#/components/schemas/RetentionFilterWithoutAttributes' type: array required: - data type: object ResourceFilterAttributes: description: Attributes of a resource filter. example: aws: '123456789': - environment:production - team:devops azure: sub-001: - app:frontend gcp: project-abc: - region:us-central1 properties: cloud_provider: additionalProperties: additionalProperties: items: description: Tag filter in format "key:value" example: environment:production type: string type: array type: object description: >- A map of cloud provider names (e.g., "aws", "gcp", "azure") to a map of account/resource IDs and their associated tag filters. type: object uuid: description: The UUID of the resource filter. type: string example: abc-123-def required: - cloud_provider type: object ResourceFilterRequestType: description: Constant string to identify the request type. enum: - csm_resource_filter example: csm_resource_filter type: string x-enum-varnames: - CSM_RESOURCE_FILTER ResponseMetaAttributes: description: Object describing meta attributes of response. properties: page: $ref: '#/components/schemas/Pagination' type: object x-merge-override: properties: false RestrictionPolicy: description: Restriction policy object. properties: attributes: $ref: '#/components/schemas/RestrictionPolicyAttributes' id: description: >- The identifier, always equivalent to the value specified in the `resource_id` path parameter. example: dashboard:abc-def-ghi type: string type: $ref: '#/components/schemas/RestrictionPolicyType' required: - type - id - attributes type: object RestrictionPolicyAttributes: description: Restriction policy attributes. example: bindings: [] properties: bindings: description: An array of bindings. items: $ref: '#/components/schemas/RestrictionPolicyBinding' type: array required: - bindings type: object RestrictionPolicyBinding: description: Specifies which principals are associated with a relation. properties: principals: description: >- An array of principals. A principal is a subject or group of subjects. Each principal is formatted as `type:id`. Supported types: `role`, `team`, `user`, and `org`. The org ID can be obtained through the api/v2/current_user API. The user principal type accepts service account IDs. example: - role:00000000-0000-1111-0000-000000000000 items: description: >- Subject or group of subjects. Each principal is formatted as `type:id`. Supported types: `role`, `team`, `user`, and `org`. The org ID can be obtained through the api/v2/current_user API. The user principal type accepts service account IDs. type: string type: array relation: description: The role/level of access. example: editor type: string required: - relation - principals type: object RestrictionPolicyResponse: description: Response containing information about a single restriction policy. properties: data: $ref: '#/components/schemas/RestrictionPolicy' required: - data type: object RestrictionPolicyType: default: restriction_policy description: Restriction policy type. enum: - restriction_policy example: restriction_policy type: string x-enum-varnames: - RESTRICTION_POLICY RestrictionPolicyUpdateRequest: description: Update request for a restriction policy. properties: data: $ref: '#/components/schemas/RestrictionPolicy' required: - data type: object RestrictionQueryAttributes: description: Attributes of the restriction query. properties: created_at: description: Creation time of the restriction query. example: '2020-03-17T21:06:44.000Z' format: date-time readOnly: true type: string modified_at: description: Time of last restriction query modification. example: '2020-03-17T21:15:15.000Z' format: date-time readOnly: true type: string restriction_query: description: >- The query that defines the restriction. Only the content matching the query can be returned. example: env:sandbox type: string type: object RestrictionQueryCreateAttributes: description: Attributes of the created restriction query. properties: restriction_query: description: The restriction query. example: env:sandbox type: string type: object RestrictionQueryCreateData: description: Data related to the creation of a restriction query. properties: attributes: $ref: '#/components/schemas/RestrictionQueryCreateAttributes' type: $ref: '#/components/schemas/LogsRestrictionQueriesType' type: object RestrictionQueryCreatePayload: description: Create a restriction query. properties: data: $ref: '#/components/schemas/RestrictionQueryCreateData' type: object RestrictionQueryListResponse: description: Response containing information about multiple restriction queries. properties: data: description: Array of returned restriction queries. items: $ref: '#/components/schemas/RestrictionQueryWithoutRelationships' type: array type: object RestrictionQueryRelationships: description: Relationships of the restriction query object. properties: roles: $ref: '#/components/schemas/RelationshipToRoles' type: object RestrictionQueryResponseIncludedItem: description: An object related to a restriction query. discriminator: mapping: roles: '#/components/schemas/RestrictionQueryRole' propertyName: type oneOf: - $ref: '#/components/schemas/RestrictionQueryRole' RestrictionQueryRole: description: Partial role object. properties: attributes: $ref: '#/components/schemas/RestrictionQueryRoleAttribute' id: description: ID of the role. example: type: string type: default: roles description: Role resource type. example: roles readOnly: true type: string type: object RestrictionQueryRoleAttribute: description: Attributes of the role for a restriction query. properties: name: description: The role name. example: Datadog Admin Role type: string type: object RestrictionQueryRolesResponse: description: >- Response containing information about roles attached to a restriction query. properties: data: description: Array of roles. items: $ref: '#/components/schemas/RestrictionQueryRole' type: array type: object RestrictionQueryUpdateAttributes: description: Attributes of the edited restriction query. properties: restriction_query: description: The restriction query. example: env:sandbox type: string type: object RestrictionQueryUpdateData: description: Data related to the update of a restriction query. properties: attributes: $ref: '#/components/schemas/RestrictionQueryUpdateAttributes' type: $ref: '#/components/schemas/LogsRestrictionQueriesType' type: object RestrictionQueryUpdatePayload: description: Update a restriction query. properties: data: $ref: '#/components/schemas/RestrictionQueryUpdateData' type: object RestrictionQueryWithRelationships: description: Restriction query object returned by the API. properties: attributes: $ref: '#/components/schemas/RestrictionQueryAttributes' id: description: ID of the restriction query. example: 79a0e60a-644a-11ea-ad29-43329f7f58b5 type: string relationships: $ref: '#/components/schemas/RestrictionQueryRelationships' type: $ref: '#/components/schemas/LogsRestrictionQueriesType' type: object RestrictionQueryWithRelationshipsResponse: description: Response containing information about a single restriction query. properties: data: $ref: '#/components/schemas/RestrictionQueryWithRelationships' included: description: Array of objects related to the restriction query. items: $ref: '#/components/schemas/RestrictionQueryResponseIncludedItem' type: array type: object RestrictionQueryWithoutRelationships: description: Restriction query object returned by the API. properties: attributes: $ref: '#/components/schemas/RestrictionQueryAttributes' id: description: ID of the restriction query. example: 79a0e60a-644a-11ea-ad29-43329f7f58b5 type: string type: default: logs_restriction_queries description: Restriction queries type. example: logs_restriction_queries readOnly: true type: string type: object RestrictionQueryWithoutRelationshipsResponse: description: Response containing information about a single restriction query. properties: data: $ref: '#/components/schemas/RestrictionQueryWithoutRelationships' type: object RetentionFilter: description: The definition of the retention filter. properties: attributes: $ref: '#/components/schemas/RetentionFilterAttributes' id: description: The ID of the retention filter. example: 7RBOb7dLSYWI01yc3pIH8w type: string type: $ref: '#/components/schemas/ApmRetentionFilterType' required: - id - type - attributes type: object RetentionFilterAll: description: The definition of the retention filter. properties: attributes: $ref: '#/components/schemas/RetentionFilterAllAttributes' id: description: The ID of the retention filter. example: 7RBOb7dLSYWI01yc3pIH8w type: string type: $ref: '#/components/schemas/ApmRetentionFilterType' required: - id - type - attributes type: object RetentionFilterAllAttributes: description: The attributes of the retention filter. properties: created_at: description: The creation timestamp of the retention filter. format: int64 type: integer example: 42 created_by: description: The creator of the retention filter. type: string example: example_value editable: description: Shows whether the filter can be edited. example: true type: boolean enabled: description: The status of the retention filter (Enabled/Disabled). example: true type: boolean execution_order: description: The execution order of the retention filter. format: int64 type: integer example: 42 filter: $ref: '#/components/schemas/SpansFilter' filter_type: $ref: '#/components/schemas/RetentionFilterAllType' modified_at: description: The modification timestamp of the retention filter. format: int64 type: integer example: 42 modified_by: description: The modifier of the retention filter. type: string example: example_value name: description: The name of the retention filter. example: my retention filter type: string rate: description: |- Sample rate to apply to spans going through this retention filter. A value of 1.0 keeps all spans matching the query. example: 1 format: double type: number trace_rate: description: >- Sample rate to apply to traces containing spans going through this retention filter. A value of 1.0 keeps all traces with spans matching the query. example: 1 format: double type: number type: object RetentionFilterAllType: default: spans-sampling-processor description: The type of retention filter. enum: - spans-sampling-processor - spans-errors-sampling-processor - spans-appsec-sampling-processor example: spans-sampling-processor type: string x-enum-varnames: - SPANS_SAMPLING_PROCESSOR - SPANS_ERRORS_SAMPLING_PROCESSOR - SPANS_APPSEC_SAMPLING_PROCESSOR RetentionFilterAttributes: description: The attributes of the retention filter. properties: created_at: description: The creation timestamp of the retention filter. format: int64 type: integer example: 42 created_by: description: The creator of the retention filter. type: string example: example_value editable: description: Shows whether the filter can be edited. example: true type: boolean enabled: description: The status of the retention filter (Enabled/Disabled). example: true type: boolean execution_order: description: The execution order of the retention filter. format: int64 type: integer example: 42 filter: $ref: '#/components/schemas/SpansFilter' filter_type: $ref: '#/components/schemas/RetentionFilterType' modified_at: description: The modification timestamp of the retention filter. format: int64 type: integer example: 42 modified_by: description: The modifier of the retention filter. type: string example: example_value name: description: The name of the retention filter. example: my retention filter type: string rate: description: |- Sample rate to apply to spans going through this retention filter. A value of 1.0 keeps all spans matching the query. example: 1 format: double type: number trace_rate: description: >- Sample rate to apply to traces containing spans going through this retention filter. A value of 1.0 keeps all traces with spans matching the query. example: 1 format: double type: number type: object RetentionFilterCreateAttributes: description: >- The object describing the configuration of the retention filter to create/update. properties: enabled: description: Enable/Disable the retention filter. example: true type: boolean filter: $ref: '#/components/schemas/SpansFilterCreate' filter_type: $ref: '#/components/schemas/RetentionFilterType' name: description: The name of the retention filter. example: my retention filter type: string rate: description: |- Sample rate to apply to spans going through this retention filter. A value of 1.0 keeps all spans matching the query. example: 1 format: double type: number trace_rate: description: >- Sample rate to apply to traces containing spans going through this retention filter. A value of 1.0 keeps all traces with spans matching the query. example: 1 format: double type: number required: - name - filter - enabled - filter_type - rate type: object RetentionFilterCreateData: description: The body of the retention filter to be created. properties: attributes: $ref: '#/components/schemas/RetentionFilterCreateAttributes' type: $ref: '#/components/schemas/ApmRetentionFilterType' required: - attributes - type type: object RetentionFilterCreateRequest: description: The body of the retention filter to be created. properties: data: $ref: '#/components/schemas/RetentionFilterCreateData' required: - data type: object RetentionFilterCreateResponse: description: The retention filters definition. properties: data: $ref: '#/components/schemas/RetentionFilter' type: object RetentionFilterResponse: description: The retention filters definition. properties: data: $ref: '#/components/schemas/RetentionFilterAll' type: object RetentionFilterType: default: spans-sampling-processor description: >- The type of retention filter. The value should always be spans-sampling-processor. enum: - spans-sampling-processor example: spans-sampling-processor type: string x-enum-varnames: - SPANS_SAMPLING_PROCESSOR RetentionFilterUpdateAttributes: description: >- The object describing the configuration of the retention filter to create/update. properties: enabled: description: Enable/Disable the retention filter. example: true type: boolean filter: $ref: '#/components/schemas/SpansFilterCreate' filter_type: $ref: '#/components/schemas/RetentionFilterAllType' name: description: The name of the retention filter. example: my retention filter type: string rate: description: |- Sample rate to apply to spans going through this retention filter. A value of 1.0 keeps all spans matching the query. example: 1 format: double type: number trace_rate: description: >- Sample rate to apply to traces containing spans going through this retention filter. A value of 1.0 keeps all traces with spans matching the query. example: 1 format: double type: number required: - name - filter - enabled - filter_type - rate type: object RetentionFilterUpdateData: description: The body of the retention filter to be updated. properties: attributes: $ref: '#/components/schemas/RetentionFilterUpdateAttributes' id: description: The ID of the retention filter. example: retention-filter-id type: string type: $ref: '#/components/schemas/ApmRetentionFilterType' required: - id - attributes - type type: object RetentionFilterUpdateRequest: description: The body of the retention filter to be updated. properties: data: $ref: '#/components/schemas/RetentionFilterUpdateData' required: - data type: object RetentionFilterWithoutAttributes: description: The retention filter object . properties: id: description: The ID of the retention filter. example: 7RBOb7dLSYWI01yc3pIH8w type: string type: $ref: '#/components/schemas/ApmRetentionFilterType' required: - id - type type: object RetentionFiltersResponse: description: An ordered list of retention filters. properties: data: description: A list of retention filters objects. items: $ref: '#/components/schemas/RetentionFilterAll' type: array required: - data type: object RetryStrategy: description: The definition of `RetryStrategy` object. properties: kind: $ref: '#/components/schemas/RetryStrategyKind' linear: $ref: '#/components/schemas/RetryStrategyLinear' required: - kind type: object RetryStrategyKind: description: The definition of `RetryStrategyKind` object. enum: - RETRY_STRATEGY_LINEAR example: RETRY_STRATEGY_LINEAR type: string x-enum-varnames: - RETRY_STRATEGY_LINEAR RetryStrategyLinear: description: The definition of `RetryStrategyLinear` object. properties: interval: description: >- The `RetryStrategyLinear` `interval`. The expected format is the number of seconds ending with an s. For example, 1 day is 86400s example: '' type: string maxRetries: description: The `RetryStrategyLinear` `maxRetries`. example: 0 format: double type: number required: - interval - maxRetries type: object Role: description: Role object returned by the API. properties: attributes: $ref: '#/components/schemas/RoleAttributes' id: description: The unique identifier of the role. type: string example: abc-123-def relationships: $ref: '#/components/schemas/RoleResponseRelationships' type: $ref: '#/components/schemas/RolesType' required: - type type: object x-merge-override: required: false RoleAttributes: description: Attributes of the role. properties: created_at: description: Creation time of the role. format: date-time readOnly: true type: string example: example_value modified_at: description: Time of last role modification. format: date-time readOnly: true type: string example: example_value name: description: >- The name of the role. The name is neither unique nor a stable identifier of the role. type: string example: Example Monitor user_count: description: Number of users with that role. format: int64 readOnly: true type: integer example: 42 type: object RoleClone: description: Data for the clone role request. properties: attributes: $ref: '#/components/schemas/RoleCloneAttributes' type: $ref: '#/components/schemas/RolesType' required: - type - attributes type: object RoleCloneAttributes: description: Attributes required to create a new role by cloning an existing one. properties: name: description: Name of the new role that is cloned. example: cloned-role type: string required: - name type: object RoleCloneRequest: description: Request to create a role by cloning an existing role. properties: data: $ref: '#/components/schemas/RoleClone' required: - data type: object RoleCreateAttributes: description: Attributes of the created role. properties: created_at: description: Creation time of the role. format: date-time readOnly: true type: string example: example_value modified_at: description: Time of last role modification. format: date-time readOnly: true type: string example: example_value name: description: Name of the role. example: developers type: string required: - name type: object RoleCreateData: description: Data related to the creation of a role. properties: attributes: $ref: '#/components/schemas/RoleCreateAttributes' relationships: $ref: '#/components/schemas/RoleRelationships' type: $ref: '#/components/schemas/RolesType' required: - attributes type: object x-merge-override: required: false RoleCreateRequest: description: Create a role. properties: data: $ref: '#/components/schemas/RoleCreateData' required: - data type: object RoleCreateResponse: description: Response containing information about a created role. properties: data: $ref: '#/components/schemas/RoleCreateResponseData' type: object RoleCreateResponseData: description: Role object returned by the API. properties: attributes: $ref: '#/components/schemas/RoleCreateAttributes' id: description: The unique identifier of the role. type: string example: abc-123-def relationships: $ref: '#/components/schemas/RoleResponseRelationships' type: $ref: '#/components/schemas/RolesType' required: - type type: object RoleRelationships: description: Relationships of the role object. properties: permissions: $ref: '#/components/schemas/RelationshipToPermissions' type: object RoleResponse: description: Response containing information about a single role. properties: data: $ref: '#/components/schemas/Role' type: object RoleResponseRelationships: description: Relationships of the role object returned by the API. properties: permissions: $ref: '#/components/schemas/RelationshipToPermissions' type: object RoleUpdateAttributes: description: Attributes of the role. properties: created_at: description: Creation time of the role. format: date-time readOnly: true type: string example: example_value modified_at: description: Time of last role modification. format: date-time readOnly: true type: string example: example_value name: description: Name of the role. type: string example: Example Monitor user_count: description: The user count. format: int32 maximum: 2147483647 type: integer example: 42 type: object RoleUpdateData: description: Data related to the update of a role. properties: attributes: $ref: '#/components/schemas/RoleUpdateAttributes' id: description: The unique identifier of the role. example: 00000000-0000-1111-0000-000000000000 type: string relationships: $ref: '#/components/schemas/RoleRelationships' type: $ref: '#/components/schemas/RolesType' required: - attributes - type - id type: object x-merge-override: required: false RoleUpdateRequest: description: Update a role. properties: data: $ref: '#/components/schemas/RoleUpdateData' required: - data type: object RoleUpdateResponse: description: Response containing information about an updated role. properties: data: $ref: '#/components/schemas/RoleUpdateResponseData' type: object RoleUpdateResponseData: description: Role object returned by the API. properties: attributes: $ref: '#/components/schemas/RoleUpdateAttributes' id: description: The unique identifier of the role. type: string example: abc-123-def relationships: $ref: '#/components/schemas/RoleResponseRelationships' type: $ref: '#/components/schemas/RolesType' required: - type type: object RolesResponse: description: Response containing information about multiple roles. properties: data: description: Array of returned roles. items: $ref: '#/components/schemas/Role' type: array meta: $ref: '#/components/schemas/ResponseMetaAttributes' type: object RolesSort: default: name description: Sorting options for roles. enum: - name - '-name' - modified_at - '-modified_at' - user_count - '-user_count' type: string x-enum-varnames: - NAME_ASCENDING - NAME_DESCENDING - MODIFIED_AT_ASCENDING - MODIFIED_AT_DESCENDING - USER_COUNT_ASCENDING - USER_COUNT_DESCENDING RolesType: default: roles description: Roles type. enum: - roles example: roles type: string x-enum-varnames: - ROLES RoutingRule: description: >- Represents a routing rule, including its attributes, relationships, and unique identifier. properties: attributes: $ref: '#/components/schemas/RoutingRuleAttributes' id: description: Specifies the unique identifier of this routing rule. type: string example: abc-123-def relationships: $ref: '#/components/schemas/RoutingRuleRelationships' type: $ref: '#/components/schemas/RoutingRuleType' required: - type type: object RoutingRuleAction: description: >- Defines an action that is executed when a routing rule matches certain criteria. oneOf: - $ref: '#/components/schemas/SendSlackMessageAction' - $ref: '#/components/schemas/SendTeamsMessageAction' RoutingRuleAttributes: description: >- Defines the configurable attributes of a routing rule, such as actions, query, time restriction, and urgency. properties: actions: description: >- Specifies the list of actions to perform when the routing rule matches. items: $ref: '#/components/schemas/RoutingRuleAction' type: array query: description: Defines the query or condition that triggers this routing rule. type: string example: avg:system.cpu.user{*} time_restriction: $ref: '#/components/schemas/TimeRestrictions' nullable: true urgency: $ref: '#/components/schemas/Urgency' type: object RoutingRuleRelationships: description: >- Specifies relationships for a routing rule, linking to associated policy resources. properties: policy: $ref: '#/components/schemas/RoutingRuleRelationshipsPolicy' type: object RoutingRuleRelationshipsPolicy: description: Defines the relationship that links a routing rule to a policy. properties: data: $ref: '#/components/schemas/RoutingRuleRelationshipsPolicyData' nullable: true type: object RoutingRuleRelationshipsPolicyData: description: >- Represents the policy data reference, containing the policy's ID and resource type. properties: id: description: Specifies the unique identifier of the policy. example: '' type: string type: $ref: '#/components/schemas/RoutingRuleRelationshipsPolicyDataType' required: - type - id type: object RoutingRuleRelationshipsPolicyDataType: default: policies description: Indicates that the resource is of type 'policies'. enum: - policies example: policies type: string x-enum-varnames: - POLICIES RoutingRuleType: default: team_routing_rules description: Team routing rules resource type. enum: - team_routing_rules example: team_routing_rules type: string x-enum-varnames: - TEAM_ROUTING_RULES RuleAttributes: description: Details of a rule. properties: category: deprecated: true description: The scorecard name to which this rule must belong. type: string example: example_value created_at: description: Creation time of the rule outcome. format: date-time type: string example: example_value custom: description: Defines if the rule is a custom rule. type: boolean example: true description: description: Explanation of the rule. type: string example: example_value enabled: description: If enabled, the rule is calculated as part of the score. example: true type: boolean modified_at: description: Time of the last rule outcome modification. format: date-time type: string example: example_value name: description: Name of the rule. example: Team Defined type: string owner: description: Owner of the rule. type: string example: example_value scorecard_name: description: The scorecard name to which this rule must belong. example: Deployments automated via Deployment Trains type: string type: object RuleId: description: The unique ID for a scorecard rule. example: q8MQxk8TCqrHnWkx type: string RuleName: description: Name of the notification rule. example: Rule 1 type: string RuleOutcomeRelationships: description: The JSON:API relationship to a scorecard rule. properties: rule: $ref: '#/components/schemas/RelationshipToOutcome' type: object RuleSeverity: description: Severity of a security rule. enum: - critical - high - medium - low - unknown - info example: critical type: string x-enum-varnames: - CRITICAL - HIGH - MEDIUM - LOW - UNKNOWN - INFO RuleType: default: rule description: The JSON:API type for scorecard rules. enum: - rule example: rule type: string x-enum-varnames: - RULE RuleTypes: description: Security rule types used as filters in security rules. example: - misconfiguration - attack_path items: $ref: '#/components/schemas/RuleTypesItems' type: array RuleTypesItems: description: >- Security rule type which can be used in security rules. Signal-based notification rules can filter signals based on rule types application_security, log_detection, workload_security, signal_correlation, cloud_configuration and infrastructure_configuration. Vulnerability-based notification rules can filter vulnerabilities based on rule types application_code_vulnerability, application_library_vulnerability, attack_path, container_image_vulnerability, identity_risk, misconfiguration, and api_security. enum: - application_security - log_detection - workload_security - signal_correlation - cloud_configuration - infrastructure_configuration - application_code_vulnerability - application_library_vulnerability - attack_path - container_image_vulnerability - identity_risk - misconfiguration - api_security type: string x-enum-varnames: - APPLICATION_SECURITY - LOG_DETECTION - WORKLOAD_SECURITY - SIGNAL_CORRELATION - CLOUD_CONFIGURATION - INFRASTRUCTURE_CONFIGURATION - APPLICATION_CODE_VULNERABILITY - APPLICATION_LIBRARY_VULNERABILITY - ATTACK_PATH - CONTAINER_IMAGE_VULNERABILITY - IDENTITY_RISK - MISCONFIGURATION - API_SECURITY RuleUser: description: User creating or modifying a rule. properties: handle: description: The user handle. example: john.doe@domain.com type: string name: description: The user name. example: John Doe type: string type: object RuleVersionHistory: description: Response object containing the version history of a rule. properties: count: description: The number of rule versions. format: int32 maximum: 2147483647 type: integer example: 42 data: additionalProperties: $ref: '#/components/schemas/RuleVersions' description: A rule version with a list of updates. description: The `RuleVersionHistory` `data`. type: object type: object RuleVersionUpdate: description: A change in a rule version. properties: change: description: The new value of the field. example: cloud_provider:aws type: string field: description: The field that was changed. example: Tags type: string type: $ref: '#/components/schemas/RuleVersionUpdateType' type: object RuleVersionUpdateType: description: The type of change. enum: - create - update - delete type: string x-enum-varnames: - CREATE - UPDATE - DELETE RuleVersions: description: A rule version with a list of updates. properties: changes: description: A list of changes. items: $ref: '#/components/schemas/RuleVersionUpdate' type: array rule: $ref: '#/components/schemas/SecurityMonitoringRuleResponse' type: object RumMetricCompute: description: The compute rule to compute the rum-based metric. properties: aggregation_type: $ref: '#/components/schemas/RumMetricComputeAggregationType' include_percentiles: $ref: '#/components/schemas/RumMetricComputeIncludePercentiles' path: description: |- The path to the value the rum-based metric will aggregate on. Only present when `aggregation_type` is `distribution`. example: '@duration' type: string required: - aggregation_type type: object RumMetricComputeAggregationType: description: The type of aggregation to use. enum: - count - distribution example: distribution type: string x-enum-varnames: - COUNT - DISTRIBUTION RumMetricComputeIncludePercentiles: description: >- Toggle to include or exclude percentile aggregations for distribution metrics. Only present when `aggregation_type` is `distribution`. example: true type: boolean RumMetricCreateAttributes: description: The object describing the Datadog rum-based metric to create. properties: compute: $ref: '#/components/schemas/RumMetricCompute' event_type: $ref: '#/components/schemas/RumMetricEventType' filter: $ref: '#/components/schemas/RumMetricFilter' group_by: description: The rules for the group by. items: $ref: '#/components/schemas/RumMetricGroupBy' type: array uniqueness: $ref: '#/components/schemas/RumMetricUniqueness' required: - event_type - compute type: object RumMetricCreateData: description: The new rum-based metric properties. properties: attributes: $ref: '#/components/schemas/RumMetricCreateAttributes' id: $ref: '#/components/schemas/RumMetricID' type: $ref: '#/components/schemas/RumMetricType' required: - id - type - attributes type: object RumMetricCreateRequest: description: The new rum-based metric body. properties: data: $ref: '#/components/schemas/RumMetricCreateData' required: - data type: object RumMetricEventType: description: The type of RUM events to filter on. enum: - session - view - action - error - resource - long_task - vital example: session type: string x-enum-varnames: - SESSION - VIEW - ACTION - ERROR - RESOURCE - LONG_TASK - VITAL RumMetricFilter: description: >- The rum-based metric filter. Events matching this filter will be aggregated in this metric. properties: query: default: '*' description: The search query - following the RUM search syntax. example: '@service:web-ui: ' type: string required: - query type: object RumMetricGroupBy: description: A group by rule. properties: path: description: The path to the value the rum-based metric will be aggregated over. example: '@browser.name' type: string tag_name: description: >- Eventual name of the tag that gets created. By default, `path` is used as the tag name. example: browser_name type: string required: - path type: object RumMetricID: description: The name of the rum-based metric. example: rum.sessions.webui.count type: string RumMetricResponse: description: The rum-based metric object. properties: data: $ref: '#/components/schemas/RumMetricResponseData' type: object RumMetricResponseAttributes: description: The object describing a Datadog rum-based metric. properties: compute: $ref: '#/components/schemas/RumMetricResponseCompute' event_type: $ref: '#/components/schemas/RumMetricEventType' filter: $ref: '#/components/schemas/RumMetricResponseFilter' group_by: description: The rules for the group by. items: $ref: '#/components/schemas/RumMetricResponseGroupBy' type: array uniqueness: $ref: '#/components/schemas/RumMetricResponseUniqueness' type: object RumMetricResponseCompute: description: The compute rule to compute the rum-based metric. properties: aggregation_type: $ref: '#/components/schemas/RumMetricComputeAggregationType' include_percentiles: $ref: '#/components/schemas/RumMetricComputeIncludePercentiles' path: description: |- The path to the value the rum-based metric will aggregate on. Only present when `aggregation_type` is `distribution`. example: '@duration' type: string type: object RumMetricResponseData: description: The rum-based metric properties. properties: attributes: $ref: '#/components/schemas/RumMetricResponseAttributes' id: $ref: '#/components/schemas/RumMetricID' type: $ref: '#/components/schemas/RumMetricType' type: object RumMetricResponseFilter: description: >- The rum-based metric filter. RUM events matching this filter will be aggregated in this metric. properties: query: description: The search query - following the RUM search syntax. example: service:web* AND @http.status_code:[200 TO 299] type: string type: object RumMetricResponseGroupBy: description: A group by rule. properties: path: description: The path to the value the rum-based metric will be aggregated over. example: '@http.status_code' type: string tag_name: description: >- Eventual name of the tag that gets created. By default, `path` is used as the tag name. example: status_code type: string type: object RumMetricResponseUniqueness: description: >- The rule to count updatable events. Is only set if `event_type` is `session` or `view`. properties: when: $ref: '#/components/schemas/RumMetricUniquenessWhen' type: object RumMetricType: default: rum_metrics description: The type of the resource. The value should always be rum_metrics. enum: - rum_metrics example: rum_metrics type: string x-enum-varnames: - RUM_METRICS RumMetricUniqueness: description: >- The rule to count updatable events. Is only set if `event_type` is `sessions` or `views`. properties: when: $ref: '#/components/schemas/RumMetricUniquenessWhen' required: - when type: object RumMetricUniquenessWhen: description: >- When to count updatable events. `match` when the event is first seen, or `end` when the event is complete. enum: - match - end example: match type: string x-enum-varnames: - WHEN_MATCH - WHEN_END RumMetricUpdateAttributes: description: The rum-based metric properties that will be updated. properties: compute: $ref: '#/components/schemas/RumMetricUpdateCompute' filter: $ref: '#/components/schemas/RumMetricFilter' group_by: description: The rules for the group by. items: $ref: '#/components/schemas/RumMetricGroupBy' type: array type: object RumMetricUpdateCompute: description: The compute rule to compute the rum-based metric. properties: include_percentiles: $ref: '#/components/schemas/RumMetricComputeIncludePercentiles' type: object RumMetricUpdateData: description: The new rum-based metric properties. properties: attributes: $ref: '#/components/schemas/RumMetricUpdateAttributes' id: $ref: '#/components/schemas/RumMetricID' type: $ref: '#/components/schemas/RumMetricType' required: - type - attributes type: object RumMetricUpdateRequest: description: The new rum-based metric body. properties: data: $ref: '#/components/schemas/RumMetricUpdateData' required: - data type: object RumMetricsResponse: description: All the available rum-based metric objects. properties: data: description: A list of rum-based metric objects. items: $ref: '#/components/schemas/RumMetricResponseData' type: array type: object RumRetentionFilterAttributes: description: The object describing attributes of a RUM retention filter. properties: enabled: $ref: '#/components/schemas/RumRetentionFilterEnabled' event_type: $ref: '#/components/schemas/RumRetentionFilterEventType' name: $ref: '#/components/schemas/RunRetentionFilterName' query: $ref: '#/components/schemas/RumRetentionFilterQuery' sample_rate: $ref: '#/components/schemas/RumRetentionFilterSampleRate' type: object RumRetentionFilterCreateAttributes: description: The object describing attributes of a RUM retention filter to create. properties: enabled: $ref: '#/components/schemas/RumRetentionFilterEnabled' event_type: $ref: '#/components/schemas/RumRetentionFilterEventType' name: $ref: '#/components/schemas/RunRetentionFilterName' query: $ref: '#/components/schemas/RumRetentionFilterQuery' sample_rate: $ref: '#/components/schemas/RumRetentionFilterSampleRate' required: - event_type - name - sample_rate type: object RumRetentionFilterCreateData: description: The new RUM retention filter properties to create. properties: attributes: $ref: '#/components/schemas/RumRetentionFilterCreateAttributes' type: $ref: '#/components/schemas/RumRetentionFilterType' required: - type - attributes type: object RumRetentionFilterCreateRequest: description: The RUM retention filter body to create. properties: data: $ref: '#/components/schemas/RumRetentionFilterCreateData' required: - data type: object RumRetentionFilterData: description: The RUM retention filter. properties: attributes: $ref: '#/components/schemas/RumRetentionFilterAttributes' id: $ref: '#/components/schemas/RumRetentionFilterID' type: $ref: '#/components/schemas/RumRetentionFilterType' type: object RumRetentionFilterEnabled: description: Whether the retention filter is enabled. example: true type: boolean RumRetentionFilterEventType: description: The type of RUM events to filter on. enum: - session - view - action - error - resource - long_task - vital example: session type: string x-enum-varnames: - SESSION - VIEW - ACTION - ERROR - RESOURCE - LONG_TASK - VITAL RumRetentionFilterID: description: ID of retention filter in UUID. example: 051601eb-54a0-abc0-03f9-cc02efa18892 type: string RumRetentionFilterQuery: description: The query string for a RUM retention filter. example: '@session.has_replay:true' type: string RumRetentionFilterResponse: description: The RUM retention filter object. properties: data: $ref: '#/components/schemas/RumRetentionFilterData' type: object RumRetentionFilterSampleRate: description: The sample rate for a RUM retention filter, between 0 and 100. example: 25 format: int64 maximum: 100 minimum: 0 type: integer RumRetentionFilterType: default: retention_filters description: The type of the resource. The value should always be retention_filters. enum: - retention_filters example: retention_filters type: string x-enum-varnames: - RETENTION_FILTERS RumRetentionFilterUpdateAttributes: description: The object describing attributes of a RUM retention filter to update. properties: enabled: $ref: '#/components/schemas/RumRetentionFilterEnabled' event_type: $ref: '#/components/schemas/RumRetentionFilterEventType' name: $ref: '#/components/schemas/RunRetentionFilterName' query: $ref: '#/components/schemas/RumRetentionFilterQuery' sample_rate: $ref: '#/components/schemas/RumRetentionFilterSampleRate' type: object RumRetentionFilterUpdateData: description: The new RUM retention filter properties to update. properties: attributes: $ref: '#/components/schemas/RumRetentionFilterUpdateAttributes' id: $ref: '#/components/schemas/RumRetentionFilterID' type: $ref: '#/components/schemas/RumRetentionFilterType' required: - id - type - attributes type: object RumRetentionFilterUpdateRequest: description: The RUM retention filter body to update. properties: data: $ref: '#/components/schemas/RumRetentionFilterUpdateData' required: - data type: object RumRetentionFiltersOrderData: description: The RUM retention filter data for ordering. properties: id: $ref: '#/components/schemas/RumRetentionFilterID' type: $ref: '#/components/schemas/RumRetentionFilterType' required: - id - type type: object RumRetentionFiltersOrderRequest: description: >- The list of RUM retention filter IDs along with their corresponding type to reorder. All retention filter IDs should be included in the list created for a RUM application. properties: data: description: A list of RUM retention filter IDs along with type. items: $ref: '#/components/schemas/RumRetentionFiltersOrderData' type: array type: object RumRetentionFiltersOrderResponse: description: The list of RUM retention filter IDs along with type. properties: data: description: A list of RUM retention filter IDs along with type. items: $ref: '#/components/schemas/RumRetentionFiltersOrderData' type: array type: object RumRetentionFiltersResponse: description: All RUM retention filters for a RUM application. properties: data: description: A list of RUM retention filters. items: $ref: '#/components/schemas/RumRetentionFilterData' type: array type: object RunHistoricalJobRequest: description: Run a historical job request. properties: data: $ref: '#/components/schemas/RunHistoricalJobRequestData' type: object RunHistoricalJobRequestAttributes: description: Run a historical job request. properties: fromRule: $ref: '#/components/schemas/JobDefinitionFromRule' id: description: Request ID. type: string example: abc-123-def jobDefinition: $ref: '#/components/schemas/JobDefinition' type: object RunHistoricalJobRequestData: description: Data for running a historical job request. properties: attributes: $ref: '#/components/schemas/RunHistoricalJobRequestAttributes' type: $ref: '#/components/schemas/RunHistoricalJobRequestDataType' type: object RunHistoricalJobRequestDataType: description: Type of data. enum: - historicalDetectionsJobCreate type: string x-enum-varnames: - HISTORICALDETECTIONSJOBCREATE RunRetentionFilterName: description: The name of a RUM retention filter. example: Retention filter for session type: string SAMLAssertionAttribute: description: SAML assertion attribute. properties: attributes: $ref: '#/components/schemas/SAMLAssertionAttributeAttributes' id: description: The ID of the SAML assertion attribute. example: '0' type: string type: $ref: '#/components/schemas/SAMLAssertionAttributesType' required: - id - type type: object x-merge-override: required: false SAMLAssertionAttributeAttributes: description: Key/Value pair of attributes used in SAML assertion attributes. properties: attribute_key: description: >- Key portion of a key/value pair of the attribute sent from the Identity Provider. example: member-of type: string attribute_value: description: >- Value portion of a key/value pair of the attribute sent from the Identity Provider. example: Development type: string type: object SAMLAssertionAttributesType: default: saml_assertion_attributes description: SAML assertion attributes resource type. enum: - saml_assertion_attributes example: saml_assertion_attributes type: string x-enum-varnames: - SAML_ASSERTION_ATTRIBUTES SBOM: description: A single SBOM properties: attributes: $ref: '#/components/schemas/SBOMAttributes' id: description: >- The unique ID for this SBOM (it is equivalent to the `asset_name` or `asset_name@repo_digest` (Image) example: github.com/datadog/datadog-agent type: string type: $ref: '#/components/schemas/SBOMType' type: object SBOMAttributes: description: The JSON:API attributes of the SBOM. properties: bomFormat: description: >- Specifies the format of the BOM. This helps to identify the file as CycloneDX since BOM do not have a filename convention nor does JSON schema support namespaces. This value MUST be `CycloneDX`. example: CycloneDX type: string components: description: A list of software and hardware components. items: $ref: '#/components/schemas/SBOMComponent' type: array metadata: $ref: '#/components/schemas/SBOMMetadata' serialNumber: description: >- Every BOM generated has a unique serial number, even if the contents of the BOM have not changed overt time. The serial number follows [RFC-4122](https://datatracker.ietf.org/doc/html/rfc4122) example: urn:uuid:f7119d2f-1vgh-24b5-91f0-12010db72da7 type: string specVersion: $ref: '#/components/schemas/SpecVersion' version: description: It increments when a BOM is modified. The default value is 1. example: 1 format: int64 type: integer required: - bomFormat - specVersion - components - metadata - serialNumber - version type: object SBOMComponent: description: Software or hardware component. properties: bom-ref: description: >- An optional identifier that can be used to reference the component elsewhere in the BOM. example: pkg:golang/google.golang.org/grpc@1.68.1 type: string name: description: >- The name of the component. This will often be a shortened, single name of the component. example: google.golang.org/grpc type: string purl: description: >- Specifies the package-url (purl). The purl, if specified, MUST be valid and conform to the [specification](https://github.com/package-url/purl-spec). example: pkg:golang/google.golang.org/grpc@1.68.1 type: string type: $ref: '#/components/schemas/SBOMComponentType' version: description: The component version. example: 1.68.1 type: string required: - type - name - version type: object SBOMComponentType: description: The SBOM component type enum: - application - container - data - device - device-driver - file - firmware - framework - library - machine-learning-model - operating-system - platform example: application type: string x-enum-varnames: - APPLICATION - CONTAINER - DATA - DEVICE - DEVICE_DRIVER - FILE - FIRMWARE - FRAMEWORK - LIBRARY - MACHINE_LEARNING_MODEL - OPERATING_SYSTEM - PLATFORM SBOMMetadata: description: Provides additional information about a BOM. properties: component: $ref: '#/components/schemas/SBOMMetadataComponent' type: object SBOMMetadataComponent: description: The component that the BOM describes. properties: name: description: >- The name of the component. This will often be a shortened, single name of the component. example: github.com/datadog/datadog-agent type: string type: description: Specifies the type of the component. example: application type: string type: object SBOMType: description: The JSON:API type. enum: - sboms example: sboms type: string x-enum-varnames: - SBOMS SLOReportInterval: description: The frequency at which report data is to be generated. enum: - daily - weekly - monthly example: weekly type: string x-enum-varnames: - DAILY - WEEKLY - MONTHLY SLOReportPostResponse: description: The SLO report response. properties: data: $ref: '#/components/schemas/SLOReportPostResponseData' type: object SLOReportPostResponseData: description: The data portion of the SLO report response. properties: id: description: The ID of the report job. example: dc8d92aa-e0af-11ee-af21-1feeaccaa3a3 type: string type: description: The type of ID. example: report_id type: string type: object SLOReportStatus: description: The status of the SLO report job. enum: - in_progress - completed - completed_with_errors - failed example: completed type: string x-enum-varnames: - IN_PROGRESS - COMPLETED - COMPLETED_WITH_ERRORS - FAILED SLOReportStatusGetResponse: description: The SLO report status response. properties: data: $ref: '#/components/schemas/SLOReportStatusGetResponseData' type: object SLOReportStatusGetResponseAttributes: description: The attributes portion of the SLO report status response. properties: status: $ref: '#/components/schemas/SLOReportStatus' type: object SLOReportStatusGetResponseData: description: The data portion of the SLO report status response. properties: attributes: $ref: '#/components/schemas/SLOReportStatusGetResponseAttributes' id: description: The ID of the report job. example: dc8d92aa-e0af-11ee-af21-1feeaccaa3a3 type: string type: description: The type of ID. example: report_id type: string type: object ScalarColumn: description: A single column in a scalar query response. oneOf: - $ref: '#/components/schemas/GroupScalarColumn' - $ref: '#/components/schemas/DataScalarColumn' ScalarColumnTypeGroup: default: group description: The type of column present for groups. enum: - group example: group type: string x-enum-varnames: - GROUP ScalarColumnTypeNumber: default: number description: The type of column present for numbers. enum: - number example: number type: string x-enum-varnames: - NUMBER ScalarFormulaQueryRequest: description: A wrapper request around one scalar query to be executed. properties: data: $ref: '#/components/schemas/ScalarFormulaRequest' required: - data type: object ScalarFormulaQueryResponse: description: A message containing one or more responses to scalar queries. properties: data: $ref: '#/components/schemas/ScalarResponse' errors: description: An error generated when processing a request. type: string example: example_value type: object ScalarFormulaRequest: description: A single scalar query to be executed. properties: attributes: $ref: '#/components/schemas/ScalarFormulaRequestAttributes' type: $ref: '#/components/schemas/ScalarFormulaRequestType' required: - type - attributes type: object ScalarFormulaRequestAttributes: description: The object describing a scalar formula request. properties: formulas: description: List of formulas to be calculated and returned as responses. items: $ref: '#/components/schemas/QueryFormula' type: array from: description: >- Start date (inclusive) of the query in milliseconds since the Unix epoch. example: 1568899800000 format: int64 type: integer queries: $ref: '#/components/schemas/ScalarFormulaRequestQueries' to: description: >- End date (exclusive) of the query in milliseconds since the Unix epoch. example: 1568923200000 format: int64 type: integer required: - to - from - queries type: object ScalarFormulaRequestQueries: description: List of queries to be run and used as inputs to the formulas. example: - aggregator: avg data_source: metrics query: avg:system.cpu.user{*} by {env} items: $ref: '#/components/schemas/ScalarQuery' type: array ScalarFormulaRequestType: default: scalar_request description: The type of the resource. The value should always be scalar_request. enum: - scalar_request example: scalar_request type: string x-enum-varnames: - SCALAR_REQUEST ScalarFormulaResponseAtrributes: description: The object describing a scalar response. properties: columns: description: >- List of response columns, each corresponding to an individual formula or query in the request and with values in parallel arrays matching the series list. items: $ref: '#/components/schemas/ScalarColumn' type: array type: object ScalarFormulaResponseType: default: scalar_response description: The type of the resource. The value should always be scalar_response. enum: - scalar_response example: scalar_response type: string x-enum-varnames: - SCALAR_RESPONSE ScalarMeta: description: Metadata for the resulting numerical values. properties: unit: description: >- Detailed information about the unit. First element describes the "primary unit" (for example, `bytes` in `bytes per second`). The second element describes the "per unit" (for example, `second` in `bytes per second`). If the second element is not present, the API returns null. items: $ref: '#/components/schemas/Unit' nullable: true type: array type: object ScalarQuery: description: An individual scalar query to one of the basic Datadog data sources. example: aggregator: avg data_source: metrics query: avg:system.cpu.user{*} by {env} oneOf: - $ref: '#/components/schemas/MetricsScalarQuery' - $ref: '#/components/schemas/EventsScalarQuery' ScalarResponse: description: A message containing the response to a scalar query. properties: attributes: $ref: '#/components/schemas/ScalarFormulaResponseAtrributes' type: $ref: '#/components/schemas/ScalarFormulaResponseType' type: object Schedule: description: >- Top-level container for a schedule object, including both the `data` payload and any related `included` resources (such as teams, layers, or members). example: data: attributes: name: On-Call Schedule time_zone: America/New_York id: 3653d3c6-0c75-11ea-ad28-fb5701eabc7d relationships: layers: data: - id: 00000000-0000-0000-0000-000000000001 type: layers teams: data: - id: 00000000-da3a-0000-0000-000000000000 type: teams type: schedules included: - attributes: avatar: '' description: Team 1 description handle: team1 name: Team 1 id: 00000000-da3a-0000-0000-000000000000 type: teams - attributes: effective_date: '2025-02-03T05:00:00Z' end_date: '2025-12-31T00:00:00Z' interval: days: 1 name: Layer 1 restrictions: - end_day: friday end_time: '17:00:00' start_day: monday start_time: '09:00:00' rotation_start: '2025-02-01T00:00:00Z' id: 00000000-0000-0000-0000-000000000001 relationships: members: data: - id: 00000000-0000-0000-0000-000000000002 type: members type: layers - id: 00000000-0000-0000-0000-000000000002 relationships: user: data: id: 00000000-aba1-0000-0000-000000000000 type: users type: members - attributes: email: foo@bar.com name: User 1 id: 00000000-aba1-0000-0000-000000000000 type: users properties: data: $ref: '#/components/schemas/ScheduleData' included: description: >- Any additional resources related to this schedule, such as teams and layers. items: $ref: '#/components/schemas/ScheduleDataIncludedItem' type: array type: object ScheduleCreateRequest: description: >- The top-level request body for schedule creation, wrapping a `data` object. example: data: attributes: layers: - effective_date: '2025-02-03T05:00:00Z' end_date: '2025-12-31T00:00:00Z' interval: days: 1 members: - user: id: 00000000-aba1-0000-0000-000000000000 name: Layer 1 restrictions: - end_day: friday end_time: '17:00:00' start_day: monday start_time: '09:00:00' rotation_start: '2025-02-01T00:00:00Z' name: On-Call Schedule time_zone: America/New_York relationships: teams: data: - id: 00000000-da3a-0000-0000-000000000000 type: teams type: schedules properties: data: $ref: '#/components/schemas/ScheduleCreateRequestData' required: - data type: object ScheduleCreateRequestData: description: >- The core data wrapper for creating a schedule, encompassing attributes, relationships, and the resource type. properties: attributes: $ref: '#/components/schemas/ScheduleCreateRequestDataAttributes' relationships: $ref: '#/components/schemas/ScheduleCreateRequestDataRelationships' type: $ref: '#/components/schemas/ScheduleCreateRequestDataType' required: - type - attributes type: object ScheduleCreateRequestDataAttributes: description: >- Describes the main attributes for creating a new schedule, including name, layers, and time zone. properties: layers: description: >- The layers of On-Call coverage that define rotation intervals and restrictions. items: $ref: >- #/components/schemas/ScheduleCreateRequestDataAttributesLayersItems type: array name: description: A human-readable name for the new schedule. example: Team A On-Call type: string time_zone: description: The time zone in which the schedule is defined. example: America/New_York type: string required: - name - time_zone - layers type: object ScheduleCreateRequestDataAttributesLayersItems: description: >- Describes a schedule layer, including rotation intervals, members, restrictions, and timeline settings. properties: effective_date: description: The date/time when this layer becomes active (in ISO 8601). example: '2025-01-01T00:00:00Z' format: date-time type: string end_date: description: >- The date/time after which this layer no longer applies (in ISO 8601). format: date-time type: string example: '2026-04-17T12:00:00Z' interval: $ref: '#/components/schemas/LayerAttributesInterval' members: description: A list of members who participate in this layer's rotation. items: $ref: >- #/components/schemas/ScheduleRequestDataAttributesLayersItemsMembersItems type: array name: description: The name of this layer. example: Primary On-Call Layer type: string restrictions: description: >- Zero or more time-based restrictions (for example, only weekdays, during business hours). items: $ref: '#/components/schemas/TimeRestriction' type: array rotation_start: description: The date/time when the rotation for this layer starts (in ISO 8601). example: '2025-01-01T00:00:00Z' format: date-time type: string required: - name - interval - rotation_start - effective_date - members type: object ScheduleCreateRequestDataRelationships: description: >- Gathers relationship objects for the schedule creation request, including the teams to associate. properties: teams: $ref: '#/components/schemas/DataRelationshipsTeams' type: object ScheduleCreateRequestDataType: default: schedules description: Schedules resource type. enum: - schedules example: schedules type: string x-enum-varnames: - SCHEDULES ScheduleData: description: >- Represents the primary data object for a schedule, linking attributes and relationships. properties: attributes: $ref: '#/components/schemas/ScheduleDataAttributes' id: description: The schedule's unique identifier. example: 3653d3c6-0c75-11ea-ad28-fb5701eabc7d type: string relationships: $ref: '#/components/schemas/ScheduleDataRelationships' type: $ref: '#/components/schemas/ScheduleDataType' required: - type type: object ScheduleDataAttributes: description: >- Provides core properties of a schedule object such as its name and time zone. properties: name: description: A short name for the schedule. example: Primary On-Call type: string time_zone: description: The time zone in which this schedule operates. example: America/New_York type: string type: object ScheduleDataIncludedItem: description: >- Any additional resources related to this schedule, such as teams and layers. oneOf: - $ref: '#/components/schemas/TeamReference' - $ref: '#/components/schemas/Layer' - $ref: '#/components/schemas/ScheduleMember' - $ref: '#/components/schemas/ScheduleUser' ScheduleDataRelationships: description: >- Groups the relationships for a schedule object, referencing layers and teams. properties: layers: $ref: '#/components/schemas/ScheduleDataRelationshipsLayers' teams: $ref: '#/components/schemas/DataRelationshipsTeams' type: object ScheduleDataRelationshipsLayers: description: Associates layers with this schedule in a data structure. properties: data: description: An array of layer references for this schedule. items: $ref: '#/components/schemas/ScheduleDataRelationshipsLayersDataItems' type: array type: object ScheduleDataRelationshipsLayersDataItems: description: >- Relates a layer to this schedule, identified by `id` and `type` (must be `layers`). properties: id: description: The unique identifier of the layer in this relationship. example: 00000000-0000-0000-0000-000000000001 type: string type: $ref: '#/components/schemas/ScheduleDataRelationshipsLayersDataItemsType' required: - type - id type: object ScheduleDataRelationshipsLayersDataItemsType: default: layers description: Layers resource type. enum: - layers example: layers type: string x-enum-varnames: - LAYERS ScheduleDataType: default: schedules description: Schedules resource type. enum: - schedules example: schedules type: string x-enum-varnames: - SCHEDULES ScheduleMember: description: >- Represents a single member entry in a schedule, referencing a specific user. properties: id: description: The unique identifier for this schedule member. type: string example: abc-123-def relationships: $ref: '#/components/schemas/ScheduleMemberRelationships' type: $ref: '#/components/schemas/ScheduleMemberType' required: - type type: object ScheduleMemberRelationships: description: >- Defines relationships for a schedule member, primarily referencing a single user. properties: user: $ref: '#/components/schemas/ScheduleMemberRelationshipsUser' type: object ScheduleMemberRelationshipsUser: description: Wraps the user data reference for a schedule member. properties: data: $ref: '#/components/schemas/ScheduleMemberRelationshipsUserData' required: - data type: object ScheduleMemberRelationshipsUserData: description: >- Points to the user data associated with this schedule member, including an ID and type. properties: id: description: The user's unique identifier. example: 00000000-aba1-0000-0000-000000000000 type: string type: $ref: '#/components/schemas/ScheduleMemberRelationshipsUserDataType' required: - type - id type: object ScheduleMemberRelationshipsUserDataType: default: users description: Users resource type. enum: - users example: users type: string x-enum-varnames: - USERS ScheduleMemberType: default: members description: Schedule Members resource type. enum: - members example: members type: string x-enum-varnames: - MEMBERS ScheduleRequestDataAttributesLayersItemsMembersItems: description: >- Defines a single member within a schedule layer, including the reference to the underlying user. properties: user: $ref: >- #/components/schemas/ScheduleRequestDataAttributesLayersItemsMembersItemsUser type: object ScheduleRequestDataAttributesLayersItemsMembersItemsUser: description: >- Identifies the user participating in this layer as a single object with an `id`. properties: id: description: The user's ID. example: 00000000-aba1-0000-0000-000000000000 type: string type: object ScheduleTarget: description: >- Represents a schedule target for an escalation policy step, including its ID and resource type. properties: id: description: Specifies the unique identifier of the schedule resource. example: 00000000-aba1-0000-0000-000000000000 type: string type: $ref: '#/components/schemas/ScheduleTargetType' required: - type - id type: object ScheduleTargetType: default: schedules description: Indicates that the resource is of type `schedules`. enum: - schedules example: schedules type: string x-enum-varnames: - SCHEDULES ScheduleTrigger: description: Trigger a workflow from a Schedule. The workflow must be published. properties: rruleExpression: description: Recurrence rule expression for scheduling. example: '' type: string required: - rruleExpression type: object ScheduleTriggerWrapper: description: Schema for a Schedule-based trigger. properties: scheduleTrigger: $ref: '#/components/schemas/ScheduleTrigger' startStepNames: $ref: '#/components/schemas/StartStepNames' required: - scheduleTrigger type: object ScheduleUpdateRequest: description: >- A top-level wrapper for a schedule update request, referring to the `data` object with the new details. example: data: attributes: layers: - effective_date: '2025-02-03T05:00:00Z' end_date: '2025-12-31T00:00:00Z' interval: seconds: 300 members: - user: id: 00000000-aba1-0000-0000-000000000000 name: Layer 1 restrictions: - end_day: friday end_time: '17:00:00' start_day: monday start_time: '09:00:00' rotation_start: '2025-02-01T00:00:00Z' name: On-Call Schedule Updated time_zone: America/New_York id: 3653d3c6-0c75-11ea-ad28-fb5701eabc7d relationships: teams: data: - id: 00000000-da3a-0000-0000-000000000000 type: teams type: schedules properties: data: $ref: '#/components/schemas/ScheduleUpdateRequestData' required: - data type: object ScheduleUpdateRequestData: description: >- Contains all data needed to update an existing schedule, including its attributes (such as name and time zone) and any relationships to teams. properties: attributes: $ref: '#/components/schemas/ScheduleUpdateRequestDataAttributes' id: description: The ID of the schedule to be updated. example: 3653d3c6-0c75-11ea-ad28-fb5701eabc7d type: string relationships: $ref: '#/components/schemas/ScheduleUpdateRequestDataRelationships' type: $ref: '#/components/schemas/ScheduleUpdateRequestDataType' required: - type - id - attributes type: object ScheduleUpdateRequestDataAttributes: description: >- Defines the updatable attributes for a schedule, such as name, time zone, and layers. properties: layers: description: The updated list of layers (rotations) for this schedule. items: $ref: >- #/components/schemas/ScheduleUpdateRequestDataAttributesLayersItems type: array name: description: A short name for the schedule. example: Primary On-Call type: string time_zone: description: The time zone used when interpreting rotation times. example: America/New_York type: string required: - name - time_zone - layers type: object ScheduleUpdateRequestDataAttributesLayersItems: description: >- Represents a layer within a schedule update, including rotation details, members, and optional restrictions. properties: effective_date: description: When this updated layer takes effect (ISO 8601 format). example: '2025-02-03T05:00:00Z' format: date-time type: string end_date: description: When this updated layer should stop being active (ISO 8601 format). example: '2025-12-31T00:00:00Z' format: date-time type: string id: description: A unique identifier for the layer being updated. example: 00000000-0000-0000-0000-000000000001 type: string interval: $ref: '#/components/schemas/LayerAttributesInterval' members: description: The members assigned to this layer. items: $ref: >- #/components/schemas/ScheduleRequestDataAttributesLayersItemsMembersItems type: array name: description: The name for this layer (for example, "Secondary Coverage"). example: Primary On-Call Layer type: string restrictions: description: Any time restrictions that define when this layer is active. items: $ref: '#/components/schemas/TimeRestriction' type: array rotation_start: description: The date/time at which the rotation begins (ISO 8601 format). example: '2025-02-01T00:00:00Z' format: date-time type: string required: - effective_date - interval - members - name - rotation_start type: object ScheduleUpdateRequestDataRelationships: description: >- Houses relationships for the schedule update, typically referencing teams. properties: teams: $ref: '#/components/schemas/DataRelationshipsTeams' type: object ScheduleUpdateRequestDataType: default: schedules description: Schedules resource type. enum: - schedules example: schedules type: string x-enum-varnames: - SCHEDULES ScheduleUser: description: >- Represents a user object in the context of a schedule, including their `id`, type, and basic attributes. properties: attributes: $ref: '#/components/schemas/ScheduleUserAttributes' id: description: The unique user identifier. type: string example: abc-123-def type: $ref: '#/components/schemas/ScheduleUserType' required: - type type: object ScheduleUserAttributes: description: >- Provides basic user information for a schedule, including a name and email address. properties: email: description: The user's email address. example: jane.doe@example.com type: string name: description: The user's name. example: Jane Doe type: string status: $ref: '#/components/schemas/UserAttributesStatus' type: object ScheduleUserType: default: users description: Users resource type. enum: - users example: users type: string x-enum-varnames: - USERS ScorecardType: default: scorecard description: The JSON:API type for scorecard. enum: - scorecard example: scorecard type: string x-enum-varnames: - SCORECARD SecurityFilter: description: The security filter's properties. properties: attributes: $ref: '#/components/schemas/SecurityFilterAttributes' id: $ref: '#/components/schemas/SecurityFilterID' type: $ref: '#/components/schemas/SecurityFilterType' type: object SecurityFilterAttributes: description: The object describing a security filter. properties: exclusion_filters: description: The list of exclusion filters applied in this security filter. items: $ref: '#/components/schemas/SecurityFilterExclusionFilterResponse' type: array filtered_data_type: $ref: '#/components/schemas/SecurityFilterFilteredDataType' is_builtin: description: Whether the security filter is the built-in filter. example: false type: boolean is_enabled: description: Whether the security filter is enabled. example: false type: boolean name: description: The security filter name. example: Custom security filter type: string query: description: >- The security filter query. Logs accepted by this query will be accepted by this filter. example: service:api type: string version: description: The version of the security filter. example: 1 format: int32 maximum: 2147483647 type: integer type: object SecurityFilterCreateAttributes: description: Object containing the attributes of the security filter to be created. properties: exclusion_filters: description: Exclusion filters to exclude some logs from the security filter. example: - name: Exclude staging query: source:staging items: $ref: '#/components/schemas/SecurityFilterExclusionFilter' type: array filtered_data_type: $ref: '#/components/schemas/SecurityFilterFilteredDataType' is_enabled: description: Whether the security filter is enabled. example: true type: boolean name: description: The name of the security filter. example: Custom security filter type: string query: description: The query of the security filter. example: service:api type: string required: - name - query - exclusion_filters - filtered_data_type - is_enabled type: object SecurityFilterCreateData: description: Object for a single security filter. properties: attributes: $ref: '#/components/schemas/SecurityFilterCreateAttributes' type: $ref: '#/components/schemas/SecurityFilterType' required: - type - attributes type: object SecurityFilterCreateRequest: description: >- Request object that includes the security filter that you would like to create. properties: data: $ref: '#/components/schemas/SecurityFilterCreateData' required: - data type: object SecurityFilterExclusionFilter: description: Exclusion filter for the security filter. example: name: Exclude staging query: source:staging properties: name: description: Exclusion filter name. example: Exclude staging type: string query: description: >- Exclusion filter query. Logs that match this query are excluded from the security filter. example: source:staging type: string required: - name - query type: object SecurityFilterExclusionFilterResponse: description: A single exclusion filter. properties: name: description: The exclusion filter name. example: Exclude staging type: string query: description: The exclusion filter query. example: source:staging type: string type: object SecurityFilterFilteredDataType: description: The filtered data type. enum: - logs example: logs type: string x-enum-varnames: - LOGS SecurityFilterID: description: The ID of the security filter. example: 3dd-0uc-h1s type: string SecurityFilterMeta: description: Optional metadata associated to the response. properties: warning: description: A warning message. example: >- All the security filters are disabled. As a result, no logs are being analyzed. type: string type: object SecurityFilterResponse: description: Response object which includes a single security filter. properties: data: $ref: '#/components/schemas/SecurityFilter' meta: $ref: '#/components/schemas/SecurityFilterMeta' type: object SecurityFilterType: default: security_filters description: The type of the resource. The value should always be `security_filters`. enum: - security_filters example: security_filters type: string x-enum-varnames: - SECURITY_FILTERS SecurityFilterUpdateAttributes: description: The security filters properties to be updated. properties: exclusion_filters: description: Exclusion filters to exclude some logs from the security filter. example: [] items: $ref: '#/components/schemas/SecurityFilterExclusionFilter' type: array filtered_data_type: $ref: '#/components/schemas/SecurityFilterFilteredDataType' is_enabled: description: Whether the security filter is enabled. example: true type: boolean name: description: The name of the security filter. example: Custom security filter type: string query: description: The query of the security filter. example: service:api type: string version: description: The version of the security filter to update. example: 1 format: int32 maximum: 2147483647 type: integer type: object SecurityFilterUpdateData: description: The new security filter properties. properties: attributes: $ref: '#/components/schemas/SecurityFilterUpdateAttributes' type: $ref: '#/components/schemas/SecurityFilterType' required: - type - attributes type: object SecurityFilterUpdateRequest: description: The new security filter body. properties: data: $ref: '#/components/schemas/SecurityFilterUpdateData' required: - data type: object SecurityFiltersResponse: description: All the available security filters objects. properties: data: description: A list of security filters objects. items: $ref: '#/components/schemas/SecurityFilter' type: array meta: $ref: '#/components/schemas/SecurityFilterMeta' type: object SecurityMonitoringFilter: description: The rule's suppression filter. properties: action: $ref: '#/components/schemas/SecurityMonitoringFilterAction' query: description: Query for selecting logs to apply the filtering action. type: string example: avg:system.cpu.user{*} type: object SecurityMonitoringFilterAction: description: The type of filtering action. enum: - require - suppress type: string x-enum-varnames: - REQUIRE - SUPPRESS SecurityMonitoringListRulesResponse: description: List of rules. properties: data: description: Array containing the list of rules. items: $ref: '#/components/schemas/SecurityMonitoringRuleResponse' type: array meta: $ref: '#/components/schemas/ResponseMetaAttributes' type: object SecurityMonitoringReferenceTable: description: Reference tables used in the queries. properties: checkPresence: description: Whether to include or exclude the matched values. type: boolean example: true columnName: description: The name of the column in the reference table. type: string example: Example Monitor logFieldPath: description: The field in the log to match against the reference table. type: string example: example_value ruleQueryName: description: The name of the query to apply the reference table to. type: string example: Example Monitor tableName: description: The name of the reference table. type: string example: Example Monitor type: object SecurityMonitoringRuleCase: description: Case when signal is generated. properties: actions: description: Action to perform for each rule case. items: $ref: '#/components/schemas/SecurityMonitoringRuleCaseAction' type: array condition: description: >- A rule case contains logical operations (`>`,`>=`, `&&`, `||`) to determine if a signal should be generated based on the event counts in the previously defined queries. type: string example: example_value name: description: Name of the case. type: string example: Example Monitor notifications: description: Notification targets for each rule case. items: description: Notification. type: string type: array status: $ref: '#/components/schemas/SecurityMonitoringRuleSeverity' type: object SecurityMonitoringRuleCaseAction: description: >- Action to perform when a signal is triggered. Only available for Application Security rule type. properties: options: $ref: '#/components/schemas/SecurityMonitoringRuleCaseActionOptions' type: $ref: '#/components/schemas/SecurityMonitoringRuleCaseActionType' type: object SecurityMonitoringRuleCaseActionOptions: additionalProperties: {} description: Options for the rule action properties: duration: description: Duration of the action in seconds. 0 indicates no expiration. example: 0 format: int64 minimum: 0 type: integer userBehaviorName: $ref: >- #/components/schemas/SecurityMonitoringRuleCaseActionOptionsUserBehaviorName type: object SecurityMonitoringRuleCaseActionOptionsUserBehaviorName: description: >- Used with the case action of type 'user_behavior'. The value specified in this field is applied as a risk tag to all users affected by the rule. type: string SecurityMonitoringRuleCaseActionType: description: The action type. enum: - block_ip - block_user - user_behavior type: string x-enum-varnames: - BLOCK_IP - BLOCK_USER - USER_BEHAVIOR SecurityMonitoringRuleCaseCreate: description: Case when signal is generated. properties: actions: description: Action to perform for each rule case. items: $ref: '#/components/schemas/SecurityMonitoringRuleCaseAction' type: array condition: description: >- A case contains logical operations (`>`,`>=`, `&&`, `||`) to determine if a signal should be generated based on the event counts in the previously defined queries. type: string example: example_value name: description: Name of the case. type: string example: Example Monitor notifications: description: Notification targets. items: description: Notification. type: string type: array status: $ref: '#/components/schemas/SecurityMonitoringRuleSeverity' required: - status type: object SecurityMonitoringRuleConvertPayload: description: Convert a rule from JSON to Terraform. oneOf: - $ref: '#/components/schemas/SecurityMonitoringStandardRulePayload' - $ref: '#/components/schemas/SecurityMonitoringSignalRulePayload' SecurityMonitoringRuleConvertResponse: description: Result of the convert rule request containing Terraform content. properties: terraformContent: description: Terraform string as a result of converting the rule from JSON. type: string example: example_value type: object SecurityMonitoringRuleCreatePayload: description: Create a new rule. oneOf: - $ref: '#/components/schemas/SecurityMonitoringStandardRuleCreatePayload' - $ref: '#/components/schemas/SecurityMonitoringSignalRuleCreatePayload' - $ref: '#/components/schemas/CloudConfigurationRuleCreatePayload' SecurityMonitoringRuleDecreaseCriticalityBasedOnEnv: description: >- If true, signals in non-production environments have a lower severity than what is defined by the rule case, which can reduce signal noise. The severity is decreased by one level: `CRITICAL` in production becomes `HIGH` in non-production, `HIGH` becomes `MEDIUM` and so on. `INFO` remains `INFO`. The decrement is applied when the environment tag of the signal starts with `staging`, `test` or `dev`. example: false type: boolean SecurityMonitoringRuleDetectionMethod: description: The detection method. enum: - threshold - new_value - anomaly_detection - impossible_travel - hardcoded - third_party - anomaly_threshold type: string x-enum-varnames: - THRESHOLD - NEW_VALUE - ANOMALY_DETECTION - IMPOSSIBLE_TRAVEL - HARDCODED - THIRD_PARTY - ANOMALY_THRESHOLD SecurityMonitoringRuleEvaluationWindow: description: >- A time window is specified to match when at least one of the cases matches true. This is a sliding window and evaluates in real time. For third party detection method, this field is not used. enum: - 0 - 60 - 300 - 600 - 900 - 1800 - 3600 - 7200 - 10800 - 21600 - 43200 - 86400 format: int32 type: integer x-enum-varnames: - ZERO_MINUTES - ONE_MINUTE - FIVE_MINUTES - TEN_MINUTES - FIFTEEN_MINUTES - THIRTY_MINUTES - ONE_HOUR - TWO_HOURS - THREE_HOURS - SIX_HOURS - TWELVE_HOURS - ONE_DAY SecurityMonitoringRuleHardcodedEvaluatorType: description: Hardcoded evaluator type. enum: - log4shell type: string x-enum-varnames: - LOG4SHELL SecurityMonitoringRuleImpossibleTravelOptions: description: Options on impossible travel detection method. properties: baselineUserLocations: $ref: >- #/components/schemas/SecurityMonitoringRuleImpossibleTravelOptionsBaselineUserLocations type: object SecurityMonitoringRuleImpossibleTravelOptionsBaselineUserLocations: description: >- If true, signals are suppressed for the first 24 hours. In that time, Datadog learns the user's regular access locations. This can be helpful to reduce noise and infer VPN usage or credentialed API access. example: true type: boolean SecurityMonitoringRuleKeepAlive: description: >- Once a signal is generated, the signal will remain "open" if a case is matched at least once within this keep alive window. For third party detection method, this field is not used. enum: - 0 - 60 - 300 - 600 - 900 - 1800 - 3600 - 7200 - 10800 - 21600 - 43200 - 86400 format: int32 type: integer x-enum-varnames: - ZERO_MINUTES - ONE_MINUTE - FIVE_MINUTES - TEN_MINUTES - FIFTEEN_MINUTES - THIRTY_MINUTES - ONE_HOUR - TWO_HOURS - THREE_HOURS - SIX_HOURS - TWELVE_HOURS - ONE_DAY SecurityMonitoringRuleMaxSignalDuration: description: >- A signal will "close" regardless of the query being matched once the time exceeds the maximum duration. This time is calculated from the first seen timestamp. enum: - 0 - 60 - 300 - 600 - 900 - 1800 - 3600 - 7200 - 10800 - 21600 - 43200 - 86400 format: int32 type: integer x-enum-varnames: - ZERO_MINUTES - ONE_MINUTE - FIVE_MINUTES - TEN_MINUTES - FIFTEEN_MINUTES - THIRTY_MINUTES - ONE_HOUR - TWO_HOURS - THREE_HOURS - SIX_HOURS - TWELVE_HOURS - ONE_DAY SecurityMonitoringRuleNewValueOptions: description: Options on new value detection method. properties: forgetAfter: $ref: >- #/components/schemas/SecurityMonitoringRuleNewValueOptionsForgetAfter learningDuration: $ref: >- #/components/schemas/SecurityMonitoringRuleNewValueOptionsLearningDuration learningMethod: $ref: >- #/components/schemas/SecurityMonitoringRuleNewValueOptionsLearningMethod learningThreshold: $ref: >- #/components/schemas/SecurityMonitoringRuleNewValueOptionsLearningThreshold type: object SecurityMonitoringRuleNewValueOptionsForgetAfter: description: The duration in days after which a learned value is forgotten. enum: - 1 - 2 - 7 - 14 - 21 - 28 format: int32 type: integer x-enum-varnames: - ONE_DAY - TWO_DAYS - ONE_WEEK - TWO_WEEKS - THREE_WEEKS - FOUR_WEEKS SecurityMonitoringRuleNewValueOptionsLearningDuration: default: 0 description: >- The duration in days during which values are learned, and after which signals will be generated for values that weren't learned. If set to 0, a signal will be generated for all new values after the first value is learned. enum: - 0 - 1 - 7 format: int32 type: integer x-enum-varnames: - ZERO_DAYS - ONE_DAY - SEVEN_DAYS SecurityMonitoringRuleNewValueOptionsLearningMethod: default: duration description: >- The learning method used to determine when signals should be generated for values that weren't learned. enum: - duration - threshold type: string x-enum-varnames: - DURATION - THRESHOLD SecurityMonitoringRuleNewValueOptionsLearningThreshold: default: 0 description: >- A number of occurrences after which signals will be generated for values that weren't learned. enum: - 0 - 1 format: int32 type: integer x-enum-varnames: - ZERO_OCCURRENCES - ONE_OCCURRENCE SecurityMonitoringRuleOptions: description: Options. properties: complianceRuleOptions: $ref: '#/components/schemas/CloudConfigurationComplianceRuleOptions' decreaseCriticalityBasedOnEnv: $ref: >- #/components/schemas/SecurityMonitoringRuleDecreaseCriticalityBasedOnEnv detectionMethod: $ref: '#/components/schemas/SecurityMonitoringRuleDetectionMethod' evaluationWindow: $ref: '#/components/schemas/SecurityMonitoringRuleEvaluationWindow' hardcodedEvaluatorType: $ref: '#/components/schemas/SecurityMonitoringRuleHardcodedEvaluatorType' impossibleTravelOptions: $ref: '#/components/schemas/SecurityMonitoringRuleImpossibleTravelOptions' keepAlive: $ref: '#/components/schemas/SecurityMonitoringRuleKeepAlive' maxSignalDuration: $ref: '#/components/schemas/SecurityMonitoringRuleMaxSignalDuration' newValueOptions: $ref: '#/components/schemas/SecurityMonitoringRuleNewValueOptions' thirdPartyRuleOptions: $ref: '#/components/schemas/SecurityMonitoringRuleThirdPartyOptions' type: object SecurityMonitoringRuleQuery: description: Query for matching rule. oneOf: - $ref: '#/components/schemas/SecurityMonitoringStandardRuleQuery' - $ref: '#/components/schemas/SecurityMonitoringSignalRuleQuery' SecurityMonitoringRuleQueryAggregation: description: The aggregation type. enum: - count - cardinality - sum - max - new_value - geo_data - event_count - none type: string x-enum-varnames: - COUNT - CARDINALITY - SUM - MAX - NEW_VALUE - GEO_DATA - EVENT_COUNT - NONE SecurityMonitoringRuleQueryPayload: description: Payload to test a rule query with the expected result. properties: expectedResult: description: Expected result of the test. example: true type: boolean index: description: Index of the query under test. example: 0 format: int64 minimum: 0 type: integer payload: $ref: '#/components/schemas/SecurityMonitoringRuleQueryPayloadData' type: object SecurityMonitoringRuleQueryPayloadData: additionalProperties: {} description: Payload used to test the rule query. properties: ddsource: description: Source of the payload. example: nginx type: string ddtags: description: Tags associated with your data. example: env:staging,version:5.1 type: string hostname: description: The name of the originating host of the log. example: i-012345678 type: string message: description: The message of the payload. example: 2019-11-19T14:37:58,995 INFO [process.name][20081] Hello World type: string service: description: The name of the application or service generating the data. example: payment type: string type: object SecurityMonitoringRuleResponse: description: Create a new rule. oneOf: - $ref: '#/components/schemas/SecurityMonitoringStandardRuleResponse' - $ref: '#/components/schemas/SecurityMonitoringSignalRuleResponse' SecurityMonitoringRuleSeverity: description: Severity of the Security Signal. enum: - info - low - medium - high - critical example: critical type: string x-enum-varnames: - INFO - LOW - MEDIUM - HIGH - CRITICAL SecurityMonitoringRuleTestPayload: description: Test a rule. oneOf: - $ref: '#/components/schemas/SecurityMonitoringStandardRuleTestPayload' SecurityMonitoringRuleTestRequest: description: >- Test the rule queries of a rule (rule property is ignored when applied to an existing rule) properties: rule: $ref: '#/components/schemas/SecurityMonitoringRuleTestPayload' ruleQueryPayloads: description: Data payloads used to test rules query with the expected result. items: $ref: '#/components/schemas/SecurityMonitoringRuleQueryPayload' type: array type: object SecurityMonitoringRuleTestResponse: description: Result of the test of the rule queries. properties: results: description: >- Assert results are returned in the same order as the rule query payloads. For each payload, it returns True if the result matched the expected result, False otherwise. items: type: boolean type: array type: object SecurityMonitoringRuleThirdPartyOptions: description: Options on third party detection method. properties: defaultNotifications: description: >- Notification targets for the logs that do not correspond to any of the cases. items: description: Notification. type: string type: array defaultStatus: $ref: '#/components/schemas/SecurityMonitoringRuleSeverity' rootQueries: description: >- Queries to be combined with third party case queries. Each of them can have different group by fields, to aggregate differently based on the type of alert. items: $ref: '#/components/schemas/SecurityMonitoringThirdPartyRootQuery' type: array signalTitleTemplate: description: >- A template for the signal title; if omitted, the title is generated based on the case name. type: string example: Example Monitor type: object SecurityMonitoringRuleTypeCreate: description: The rule type. enum: - application_security - log_detection - workload_security type: string x-enum-varnames: - APPLICATION_SECURITY - LOG_DETECTION - WORKLOAD_SECURITY SecurityMonitoringRuleTypeRead: description: The rule type. enum: - log_detection - infrastructure_configuration - workload_security - cloud_configuration - application_security type: string x-enum-varnames: - LOG_DETECTION - INFRASTRUCTURE_CONFIGURATION - WORKLOAD_SECURITY - CLOUD_CONFIGURATION - APPLICATION_SECURITY SecurityMonitoringRuleTypeTest: description: The rule type. enum: - log_detection type: string x-enum-varnames: - LOG_DETECTION SecurityMonitoringRuleUpdatePayload: description: Update an existing rule. properties: cases: description: Cases for generating signals. items: $ref: '#/components/schemas/SecurityMonitoringRuleCase' type: array complianceSignalOptions: $ref: '#/components/schemas/CloudConfigurationRuleComplianceSignalOptions' filters: description: >- Additional queries to filter matched events before they are processed. This field is deprecated for log detection, signal correlation, and workload security rules. items: $ref: '#/components/schemas/SecurityMonitoringFilter' type: array groupSignalsBy: description: >- Additional grouping to perform on top of the existing groups in the query section. Must be a subset of the existing groups. example: - service items: description: Field to group by. type: string type: array hasExtendedTitle: description: >- Whether the notifications include the triggering group-by values in their title. example: true type: boolean isEnabled: description: Whether the rule is enabled. type: boolean example: true message: description: Message for generated signals. type: string example: CPU usage is high on {{host.name}} name: description: Name of the rule. type: string example: Example Monitor options: $ref: '#/components/schemas/SecurityMonitoringRuleOptions' queries: description: Queries for selecting logs which are part of the rule. items: $ref: '#/components/schemas/SecurityMonitoringRuleQuery' type: array referenceTables: description: Reference tables for the rule. items: $ref: '#/components/schemas/SecurityMonitoringReferenceTable' type: array tags: description: Tags for generated signals. items: description: Tag. type: string type: array thirdPartyCases: description: >- Cases for generating signals from third-party rules. Only available for third-party rules. example: [] items: $ref: '#/components/schemas/SecurityMonitoringThirdPartyRuleCase' type: array version: description: The version of the rule being updated. example: 1 format: int32 maximum: 2147483647 type: integer type: object SecurityMonitoringRuleValidatePayload: description: Validate a rule. oneOf: - $ref: '#/components/schemas/SecurityMonitoringStandardRulePayload' - $ref: '#/components/schemas/SecurityMonitoringSignalRulePayload' - $ref: '#/components/schemas/CloudConfigurationRulePayload' SecurityMonitoringSignal: description: Object description of a security signal. properties: attributes: $ref: '#/components/schemas/SecurityMonitoringSignalAttributes' id: description: The unique ID of the security signal. example: AAAAAWgN8Xwgr1vKDQAAAABBV2dOOFh3ZzZobm1mWXJFYTR0OA type: string type: $ref: '#/components/schemas/SecurityMonitoringSignalType' type: object SecurityMonitoringSignalArchiveComment: description: Optional comment to display on archived signals. type: string SecurityMonitoringSignalArchiveReason: description: Reason a signal is archived. enum: - none - false_positive - testing_or_maintenance - investigated_case_opened - other type: string x-enum-varnames: - NONE - FALSE_POSITIVE - TESTING_OR_MAINTENANCE - INVESTIGATED_CASE_OPENED - OTHER SecurityMonitoringSignalAssigneeUpdateAttributes: description: Attributes describing the new assignee of a security signal. properties: assignee: $ref: '#/components/schemas/SecurityMonitoringTriageUser' version: $ref: '#/components/schemas/SecurityMonitoringSignalVersion' required: - assignee type: object SecurityMonitoringSignalAssigneeUpdateData: description: Data containing the patch for changing the assignee of a signal. properties: attributes: $ref: >- #/components/schemas/SecurityMonitoringSignalAssigneeUpdateAttributes required: - attributes type: object SecurityMonitoringSignalAssigneeUpdateRequest: description: >- Request body for changing the assignee of a given security monitoring signal. properties: data: $ref: '#/components/schemas/SecurityMonitoringSignalAssigneeUpdateData' required: - data type: object SecurityMonitoringSignalAttributes: additionalProperties: {} description: |- The object containing all signal attributes and their associated values. properties: custom: additionalProperties: {} description: A JSON object of attributes in the security signal. example: workflow: first_seen: '2020-06-23T14:46:01.000Z' last_seen: '2020-06-23T14:46:49.000Z' rule: id: 0f5-e0c-805 name: 'Brute Force Attack Grouped By User ' version: 12 type: object message: description: >- The message in the security signal defined by the rule that generated the signal. example: Detect Account Take Over (ATO) through brute force attempts type: string tags: description: An array of tags associated with the security signal. example: - security:attack - technique:T1110-brute-force items: description: The tag associated with the security signal. type: string type: array timestamp: description: The timestamp of the security signal. example: '2019-01-02T09:42:36.320Z' format: date-time type: string type: object SecurityMonitoringSignalIncidentIds: description: Array of incidents that are associated with this signal. example: - 2066 items: description: >- Public ID attribute of the incident that is associated with the signal. example: 2066 format: int64 type: integer type: array SecurityMonitoringSignalIncidentsUpdateAttributes: description: >- Attributes describing the new list of related signals for a security signal. properties: incident_ids: $ref: '#/components/schemas/SecurityMonitoringSignalIncidentIds' version: $ref: '#/components/schemas/SecurityMonitoringSignalVersion' required: - incident_ids type: object SecurityMonitoringSignalIncidentsUpdateData: description: >- Data containing the patch for changing the related incidents of a signal. properties: attributes: $ref: >- #/components/schemas/SecurityMonitoringSignalIncidentsUpdateAttributes required: - attributes type: object SecurityMonitoringSignalIncidentsUpdateRequest: description: >- Request body for changing the related incidents of a given security monitoring signal. properties: data: $ref: '#/components/schemas/SecurityMonitoringSignalIncidentsUpdateData' required: - data type: object SecurityMonitoringSignalListRequest: description: The request for a security signal list. properties: filter: $ref: '#/components/schemas/SecurityMonitoringSignalListRequestFilter' page: $ref: '#/components/schemas/SecurityMonitoringSignalListRequestPage' sort: $ref: '#/components/schemas/SecurityMonitoringSignalsSort' type: object SecurityMonitoringSignalListRequestFilter: description: Search filters for listing security signals. properties: from: description: The minimum timestamp for requested security signals. example: '2019-01-02T09:42:36.320Z' format: date-time type: string query: description: Search query for listing security signals. example: security:attack status:high type: string to: description: The maximum timestamp for requested security signals. example: '2019-01-03T09:42:36.320Z' format: date-time type: string type: object SecurityMonitoringSignalListRequestPage: description: The paging attributes for listing security signals. properties: cursor: description: A list of results using the cursor provided in the previous query. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string limit: default: 10 description: The maximum number of security signals in the response. example: 25 format: int32 maximum: 1000 type: integer type: object SecurityMonitoringSignalMetadataType: default: signal_metadata description: The type of event. enum: - signal_metadata example: signal_metadata type: string x-enum-varnames: - SIGNAL_METADATA SecurityMonitoringSignalResponse: description: Security Signal response data object. properties: data: $ref: '#/components/schemas/SecurityMonitoringSignal' type: object SecurityMonitoringSignalRuleCreatePayload: description: Create a new signal correlation rule. properties: cases: description: Cases for generating signals. example: [] items: $ref: '#/components/schemas/SecurityMonitoringRuleCaseCreate' type: array filters: description: >- Additional queries to filter matched events before they are processed. This field is deprecated for log detection, signal correlation, and workload security rules. items: $ref: '#/components/schemas/SecurityMonitoringFilter' type: array hasExtendedTitle: description: >- Whether the notifications include the triggering group-by values in their title. example: true type: boolean isEnabled: description: Whether the rule is enabled. example: true type: boolean message: description: Message for generated signals. example: '' type: string name: description: The name of the rule. example: My security monitoring rule. type: string options: $ref: '#/components/schemas/SecurityMonitoringRuleOptions' queries: description: Queries for selecting signals which are part of the rule. example: [] items: $ref: '#/components/schemas/SecurityMonitoringSignalRuleQuery' type: array tags: description: Tags for generated signals. example: - env:prod - team:security items: description: Tag. type: string type: array type: $ref: '#/components/schemas/SecurityMonitoringSignalRuleType' required: - name - isEnabled - queries - options - cases - message type: object SecurityMonitoringSignalRulePayload: description: The payload of a signal correlation rule. properties: cases: description: Cases for generating signals. example: [] items: $ref: '#/components/schemas/SecurityMonitoringRuleCaseCreate' type: array filters: description: >- Additional queries to filter matched events before they are processed. This field is deprecated for log detection, signal correlation, and workload security rules. items: $ref: '#/components/schemas/SecurityMonitoringFilter' type: array hasExtendedTitle: description: >- Whether the notifications include the triggering group-by values in their title. example: true type: boolean isEnabled: description: Whether the rule is enabled. example: true type: boolean message: description: Message for generated signals. example: '' type: string name: description: The name of the rule. example: My security monitoring rule. type: string options: $ref: '#/components/schemas/SecurityMonitoringRuleOptions' queries: description: Queries for selecting signals which are part of the rule. example: [] items: $ref: '#/components/schemas/SecurityMonitoringSignalRuleQuery' type: array tags: description: Tags for generated signals. example: - env:prod - team:security items: description: Tag. type: string type: array type: $ref: '#/components/schemas/SecurityMonitoringSignalRuleType' required: - name - isEnabled - queries - options - cases - message type: object SecurityMonitoringSignalRuleQuery: description: Query for matching rule on signals. properties: aggregation: $ref: '#/components/schemas/SecurityMonitoringRuleQueryAggregation' correlatedByFields: description: Fields to group by. items: description: Field. type: string type: array correlatedQueryIndex: description: Index of the rule query used to retrieve the correlated field. format: int32 maximum: 9 type: integer example: 42 metrics: description: Group of target fields to aggregate over. items: description: Field. type: string type: array name: description: Name of the query. type: string example: Example Monitor ruleId: description: Rule ID to match on signals. example: org-ru1-e1d type: string required: - ruleId type: object SecurityMonitoringSignalRuleResponse: description: Rule. properties: cases: description: Cases for generating signals. items: $ref: '#/components/schemas/SecurityMonitoringRuleCase' type: array createdAt: description: When the rule was created, timestamp in milliseconds. format: int64 type: integer example: 42 creationAuthorId: description: User ID of the user who created the rule. format: int64 type: integer example: 42 deprecationDate: description: When the rule will be deprecated, timestamp in milliseconds. format: int64 type: integer example: 42 filters: description: >- Additional queries to filter matched events before they are processed. This field is deprecated for log detection, signal correlation, and workload security rules. items: $ref: '#/components/schemas/SecurityMonitoringFilter' type: array hasExtendedTitle: description: >- Whether the notifications include the triggering group-by values in their title. type: boolean example: true id: description: The ID of the rule. type: string example: abc-123-def isDefault: description: Whether the rule is included by default. type: boolean example: true isDeleted: description: Whether the rule has been deleted. type: boolean example: true isEnabled: description: Whether the rule is enabled. type: boolean example: true message: description: Message for generated signals. type: string example: CPU usage is high on {{host.name}} name: description: The name of the rule. type: string example: Example Monitor options: $ref: '#/components/schemas/SecurityMonitoringRuleOptions' queries: description: Queries for selecting logs which are part of the rule. items: $ref: '#/components/schemas/SecurityMonitoringSignalRuleResponseQuery' type: array tags: description: Tags for generated signals. items: description: Tag. type: string type: array type: $ref: '#/components/schemas/SecurityMonitoringSignalRuleType' updateAuthorId: description: User ID of the user who updated the rule. format: int64 type: integer example: 42 version: description: The version of the rule. format: int64 type: integer example: 42 type: object SecurityMonitoringSignalRuleResponseQuery: description: Query for matching rule on signals. properties: aggregation: $ref: '#/components/schemas/SecurityMonitoringRuleQueryAggregation' correlatedByFields: description: Fields to correlate by. items: description: Field. type: string type: array correlatedQueryIndex: description: Index of the rule query used to retrieve the correlated field. format: int32 maximum: 9 type: integer example: 42 defaultRuleId: description: Default Rule ID to match on signals. example: d3f-ru1-e1d type: string distinctFields: description: Field for which the cardinality is measured. Sent as an array. items: description: Field. type: string type: array groupByFields: description: Fields to group by. items: description: Field. type: string type: array metrics: description: Group of target fields to aggregate over. items: description: Field. type: string type: array name: description: Name of the query. type: string example: Example Monitor ruleId: description: Rule ID to match on signals. example: org-ru1-e1d type: string type: object SecurityMonitoringSignalRuleType: description: The rule type. enum: - signal_correlation type: string x-enum-varnames: - SIGNAL_CORRELATION SecurityMonitoringSignalState: description: The new triage state of the signal. enum: - open - archived - under_review example: open type: string x-enum-varnames: - OPEN - ARCHIVED - UNDER_REVIEW SecurityMonitoringSignalStateUpdateAttributes: description: Attributes describing the change of state of a security signal. properties: archive_comment: $ref: '#/components/schemas/SecurityMonitoringSignalArchiveComment' archive_reason: $ref: '#/components/schemas/SecurityMonitoringSignalArchiveReason' state: $ref: '#/components/schemas/SecurityMonitoringSignalState' version: $ref: '#/components/schemas/SecurityMonitoringSignalVersion' required: - state type: object SecurityMonitoringSignalStateUpdateData: description: Data containing the patch for changing the state of a signal. properties: attributes: $ref: '#/components/schemas/SecurityMonitoringSignalStateUpdateAttributes' id: description: The unique ID of the security signal. example: abc-123-def type: $ref: '#/components/schemas/SecurityMonitoringSignalMetadataType' required: - attributes type: object SecurityMonitoringSignalStateUpdateRequest: description: >- Request body for changing the state of a given security monitoring signal. properties: data: $ref: '#/components/schemas/SecurityMonitoringSignalStateUpdateData' required: - data type: object SecurityMonitoringSignalTriageAttributes: description: >- Attributes describing a triage state update operation over a security signal. properties: archive_comment: $ref: '#/components/schemas/SecurityMonitoringSignalArchiveComment' archive_comment_timestamp: description: Timestamp of the last edit to the comment. format: int64 minimum: 0 type: integer example: 42 archive_comment_user: $ref: '#/components/schemas/SecurityMonitoringTriageUser' archive_reason: $ref: '#/components/schemas/SecurityMonitoringSignalArchiveReason' assignee: $ref: '#/components/schemas/SecurityMonitoringTriageUser' incident_ids: $ref: '#/components/schemas/SecurityMonitoringSignalIncidentIds' state: $ref: '#/components/schemas/SecurityMonitoringSignalState' state_update_timestamp: description: Timestamp of the last update to the signal state. format: int64 minimum: 0 type: integer example: 42 state_update_user: $ref: '#/components/schemas/SecurityMonitoringTriageUser' required: - assignee - state - incident_ids type: object SecurityMonitoringSignalTriageUpdateData: description: Data containing the updated triage attributes of the signal. properties: attributes: $ref: '#/components/schemas/SecurityMonitoringSignalTriageAttributes' id: description: The unique ID of the security signal. type: string example: abc-123-def type: $ref: '#/components/schemas/SecurityMonitoringSignalMetadataType' type: object SecurityMonitoringSignalTriageUpdateResponse: description: >- The response returned after all triage operations, containing the updated signal triage data. properties: data: $ref: '#/components/schemas/SecurityMonitoringSignalTriageUpdateData' required: - data type: object SecurityMonitoringSignalType: default: signal description: The type of event. enum: - signal example: signal type: string x-enum-varnames: - SIGNAL SecurityMonitoringSignalVersion: description: >- Version of the updated signal. If server side version is higher, update will be rejected. format: int64 type: integer SecurityMonitoringSignalsListResponse: description: |- The response object with all security signals matching the request and pagination information. properties: data: description: An array of security signals matching the request. items: $ref: '#/components/schemas/SecurityMonitoringSignal' type: array links: $ref: '#/components/schemas/SecurityMonitoringSignalsListResponseLinks' meta: $ref: '#/components/schemas/SecurityMonitoringSignalsListResponseMeta' type: object SecurityMonitoringSignalsListResponseLinks: description: Links attributes. properties: next: description: >- The link for the next set of results. **Note**: The request can also be made using the POST endpoint. example: >- https://app.datadoghq.com/api/v2/security_monitoring/signals?filter[query]=foo&page[cursor]=eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string type: object SecurityMonitoringSignalsListResponseMeta: description: Meta attributes. properties: page: $ref: '#/components/schemas/SecurityMonitoringSignalsListResponseMetaPage' type: object SecurityMonitoringSignalsListResponseMetaPage: description: Paging attributes. properties: after: description: >- The cursor used to get the next results, if any. To make the next request, use the same parameters with the addition of the `page[cursor]`. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string type: object SecurityMonitoringSignalsSort: description: The sort parameters used for querying security signals. enum: - timestamp - '-timestamp' type: string x-enum-varnames: - TIMESTAMP_ASCENDING - TIMESTAMP_DESCENDING SecurityMonitoringStandardDataSource: default: logs description: Source of events, either logs, audit trail, or Datadog events. enum: - logs - audit - app_sec_spans - spans - security_runtime - network - events example: logs type: string x-enum-varnames: - LOGS - AUDIT - APP_SEC_SPANS - SPANS - SECURITY_RUNTIME - NETWORK - EVENTS SecurityMonitoringStandardRuleCreatePayload: description: Create a new rule. properties: cases: description: Cases for generating signals. example: [] items: $ref: '#/components/schemas/SecurityMonitoringRuleCaseCreate' type: array filters: description: >- Additional queries to filter matched events before they are processed. This field is deprecated for log detection, signal correlation, and workload security rules. items: $ref: '#/components/schemas/SecurityMonitoringFilter' type: array groupSignalsBy: description: >- Additional grouping to perform on top of the existing groups in the query section. Must be a subset of the existing groups. example: - service items: description: Field to group by. type: string type: array hasExtendedTitle: description: >- Whether the notifications include the triggering group-by values in their title. example: true type: boolean isEnabled: description: Whether the rule is enabled. example: true type: boolean message: description: Message for generated signals. example: '' type: string name: description: The name of the rule. example: My security monitoring rule. type: string options: $ref: '#/components/schemas/SecurityMonitoringRuleOptions' queries: description: Queries for selecting logs which are part of the rule. example: [] items: $ref: '#/components/schemas/SecurityMonitoringStandardRuleQuery' type: array referenceTables: description: Reference tables for the rule. items: $ref: '#/components/schemas/SecurityMonitoringReferenceTable' type: array tags: description: Tags for generated signals. example: - env:prod - team:security items: description: Tag. type: string type: array thirdPartyCases: description: >- Cases for generating signals from third-party rules. Only available for third-party rules. example: [] items: $ref: '#/components/schemas/SecurityMonitoringThirdPartyRuleCaseCreate' type: array type: $ref: '#/components/schemas/SecurityMonitoringRuleTypeCreate' required: - name - isEnabled - queries - options - cases - message type: object SecurityMonitoringStandardRulePayload: description: The payload of a rule. properties: cases: description: Cases for generating signals. example: [] items: $ref: '#/components/schemas/SecurityMonitoringRuleCaseCreate' type: array filters: description: >- Additional queries to filter matched events before they are processed. This field is deprecated for log detection, signal correlation, and workload security rules. items: $ref: '#/components/schemas/SecurityMonitoringFilter' type: array groupSignalsBy: description: >- Additional grouping to perform on top of the existing groups in the query section. Must be a subset of the existing groups. example: - service items: description: Field to group by. type: string type: array hasExtendedTitle: description: >- Whether the notifications include the triggering group-by values in their title. example: true type: boolean isEnabled: description: Whether the rule is enabled. example: true type: boolean message: description: Message for generated signals. example: '' type: string name: description: The name of the rule. example: My security monitoring rule. type: string options: $ref: '#/components/schemas/SecurityMonitoringRuleOptions' queries: description: Queries for selecting logs which are part of the rule. example: [] items: $ref: '#/components/schemas/SecurityMonitoringStandardRuleQuery' type: array referenceTables: description: Reference tables for the rule. items: $ref: '#/components/schemas/SecurityMonitoringReferenceTable' type: array tags: description: Tags for generated signals. example: - env:prod - team:security items: description: Tag. type: string type: array thirdPartyCases: description: >- Cases for generating signals from third-party rules. Only available for third-party rules. example: [] items: $ref: '#/components/schemas/SecurityMonitoringThirdPartyRuleCaseCreate' type: array type: $ref: '#/components/schemas/SecurityMonitoringRuleTypeCreate' required: - name - isEnabled - queries - options - cases - message type: object SecurityMonitoringStandardRuleQuery: description: Query for matching rule. properties: aggregation: $ref: '#/components/schemas/SecurityMonitoringRuleQueryAggregation' dataSource: $ref: '#/components/schemas/SecurityMonitoringStandardDataSource' distinctFields: description: Field for which the cardinality is measured. Sent as an array. items: description: Field. type: string type: array groupByFields: description: Fields to group by. items: description: Field. type: string type: array hasOptionalGroupByFields: description: >- When false, events without a group-by value are ignored by the rule. When true, events with missing group-by fields are processed with `N/A`, replacing the missing values. example: false readOnly: true type: boolean metric: deprecated: true description: >- (Deprecated) The target field to aggregate over when using the sum or max aggregations. `metrics` field should be used instead. type: string example: example_value metrics: description: >- Group of target fields to aggregate over when using the sum, max, geo data, or new value aggregations. The sum, max, and geo data aggregations only accept one value in this list, whereas the new value aggregation accepts up to five values. items: description: Field. type: string type: array name: description: Name of the query. type: string example: Example Monitor query: description: Query to run on logs. example: a > 3 type: string type: object SecurityMonitoringStandardRuleResponse: description: Rule. properties: cases: description: Cases for generating signals. items: $ref: '#/components/schemas/SecurityMonitoringRuleCase' type: array complianceSignalOptions: $ref: '#/components/schemas/CloudConfigurationRuleComplianceSignalOptions' createdAt: description: When the rule was created, timestamp in milliseconds. format: int64 type: integer example: 42 creationAuthorId: description: User ID of the user who created the rule. format: int64 type: integer example: 42 defaultTags: description: Default Tags for default rules (included in tags) example: - security:attacks items: description: Default Tag. type: string type: array deprecationDate: description: When the rule will be deprecated, timestamp in milliseconds. format: int64 type: integer example: 42 filters: description: >- Additional queries to filter matched events before they are processed. This field is deprecated for log detection, signal correlation, and workload security rules. items: $ref: '#/components/schemas/SecurityMonitoringFilter' type: array groupSignalsBy: description: >- Additional grouping to perform on top of the existing groups in the query section. Must be a subset of the existing groups. example: - service items: description: Field to group by. type: string type: array hasExtendedTitle: description: >- Whether the notifications include the triggering group-by values in their title. type: boolean example: true id: description: The ID of the rule. type: string example: abc-123-def isDefault: description: Whether the rule is included by default. type: boolean example: true isDeleted: description: Whether the rule has been deleted. type: boolean example: true isEnabled: description: Whether the rule is enabled. type: boolean example: true message: description: Message for generated signals. type: string example: CPU usage is high on {{host.name}} name: description: The name of the rule. type: string example: Example Monitor options: $ref: '#/components/schemas/SecurityMonitoringRuleOptions' queries: description: Queries for selecting logs which are part of the rule. items: $ref: '#/components/schemas/SecurityMonitoringStandardRuleQuery' type: array referenceTables: description: Reference tables for the rule. items: $ref: '#/components/schemas/SecurityMonitoringReferenceTable' type: array tags: description: Tags for generated signals. items: description: Tag. type: string type: array thirdPartyCases: description: >- Cases for generating signals from third-party rules. Only available for third-party rules. example: [] items: $ref: '#/components/schemas/SecurityMonitoringThirdPartyRuleCase' type: array type: $ref: '#/components/schemas/SecurityMonitoringRuleTypeRead' updateAuthorId: description: User ID of the user who updated the rule. format: int64 type: integer example: 42 updatedAt: description: The date the rule was last updated, in milliseconds. format: int64 type: integer example: 42 version: description: The version of the rule. format: int64 type: integer example: 42 type: object SecurityMonitoringStandardRuleTestPayload: description: The payload of a rule to test properties: cases: description: Cases for generating signals. example: [] items: $ref: '#/components/schemas/SecurityMonitoringRuleCaseCreate' type: array filters: description: >- Additional queries to filter matched events before they are processed. This field is deprecated for log detection, signal correlation, and workload security rules. items: $ref: '#/components/schemas/SecurityMonitoringFilter' type: array groupSignalsBy: description: >- Additional grouping to perform on top of the existing groups in the query section. Must be a subset of the existing groups. example: - service items: description: Field to group by. type: string type: array hasExtendedTitle: description: >- Whether the notifications include the triggering group-by values in their title. example: true type: boolean isEnabled: description: Whether the rule is enabled. example: true type: boolean message: description: Message for generated signals. example: '' type: string name: description: The name of the rule. example: My security monitoring rule. type: string options: $ref: '#/components/schemas/SecurityMonitoringRuleOptions' queries: description: Queries for selecting logs which are part of the rule. example: [] items: $ref: '#/components/schemas/SecurityMonitoringStandardRuleQuery' type: array referenceTables: description: Reference tables for the rule. items: $ref: '#/components/schemas/SecurityMonitoringReferenceTable' type: array tags: description: Tags for generated signals. example: - env:prod - team:security items: description: Tag. type: string type: array thirdPartyCases: description: >- Cases for generating signals from third-party rules. Only available for third-party rules. example: [] items: $ref: '#/components/schemas/SecurityMonitoringThirdPartyRuleCaseCreate' type: array type: $ref: '#/components/schemas/SecurityMonitoringRuleTypeTest' required: - name - isEnabled - queries - options - cases - message type: object SecurityMonitoringSuppression: description: The suppression rule's properties. properties: attributes: $ref: '#/components/schemas/SecurityMonitoringSuppressionAttributes' id: $ref: '#/components/schemas/SecurityMonitoringSuppressionID' type: $ref: '#/components/schemas/SecurityMonitoringSuppressionType' type: object SecurityMonitoringSuppressionAttributes: description: The attributes of the suppression rule. properties: creation_date: description: >- A Unix millisecond timestamp given the creation date of the suppression rule. format: int64 type: integer example: 42 creator: $ref: '#/components/schemas/SecurityMonitoringUser' data_exclusion_query: description: >- An exclusion query on the input data of the security rules, which could be logs, Agent events, or other types of data based on the security rule. Events matching this query are ignored by any detection rules referenced in the suppression rule. example: source:cloudtrail account_id:12345 type: string description: description: A description for the suppression rule. example: This rule suppresses low-severity signals in staging environments. type: string editable: description: Whether the suppression rule is editable. example: true type: boolean enabled: description: Whether the suppression rule is enabled. example: true type: boolean expiration_date: description: >- A Unix millisecond timestamp giving an expiration date for the suppression rule. After this date, it won't suppress signals anymore. example: 1703187336000 format: int64 type: integer name: description: The name of the suppression rule. example: Custom suppression type: string rule_query: description: >- The rule query of the suppression rule, with the same syntax as the search bar for detection rules. example: type:log_detection source:cloudtrail type: string start_date: description: >- A Unix millisecond timestamp giving the start date for the suppression rule. After this date, it starts suppressing signals. example: 1703187336000 format: int64 type: integer suppression_query: description: >- The suppression query of the suppression rule. If a signal matches this query, it is suppressed and not triggered. Same syntax as the queries to search signals in the signal explorer. example: env:staging status:low type: string update_date: description: >- A Unix millisecond timestamp given the update date of the suppression rule. format: int64 type: integer example: 42 updater: $ref: '#/components/schemas/SecurityMonitoringUser' version: description: >- The version of the suppression rule; it starts at 1, and is incremented at each update. example: 42 format: int32 maximum: 2147483647 type: integer type: object SecurityMonitoringSuppressionCreateAttributes: description: Object containing the attributes of the suppression rule to be created. properties: data_exclusion_query: description: >- An exclusion query on the input data of the security rules, which could be logs, Agent events, or other types of data based on the security rule. Events matching this query are ignored by any detection rules referenced in the suppression rule. example: source:cloudtrail account_id:12345 type: string description: description: A description for the suppression rule. example: This rule suppresses low-severity signals in staging environments. type: string enabled: description: Whether the suppression rule is enabled. example: true type: boolean expiration_date: description: >- A Unix millisecond timestamp giving an expiration date for the suppression rule. After this date, it won't suppress signals anymore. example: 1703187336000 format: int64 type: integer name: description: The name of the suppression rule. example: Custom suppression type: string rule_query: description: >- The rule query of the suppression rule, with the same syntax as the search bar for detection rules. example: type:log_detection source:cloudtrail type: string start_date: description: >- A Unix millisecond timestamp giving the start date for the suppression rule. After this date, it starts suppressing signals. example: 1703187336000 format: int64 type: integer suppression_query: description: >- The suppression query of the suppression rule. If a signal matches this query, it is suppressed and is not triggered. It uses the same syntax as the queries to search signals in the Signals Explorer. example: env:staging status:low type: string required: - name - enabled - rule_query type: object SecurityMonitoringSuppressionCreateData: description: Object for a single suppression rule. properties: attributes: $ref: '#/components/schemas/SecurityMonitoringSuppressionCreateAttributes' type: $ref: '#/components/schemas/SecurityMonitoringSuppressionType' required: - type - attributes type: object SecurityMonitoringSuppressionCreateRequest: description: >- Request object that includes the suppression rule that you would like to create. properties: data: $ref: '#/components/schemas/SecurityMonitoringSuppressionCreateData' required: - data type: object SecurityMonitoringSuppressionID: description: The ID of the suppression rule. example: 3dd-0uc-h1s type: string SecurityMonitoringSuppressionResponse: description: Response object containing a single suppression rule. properties: data: $ref: '#/components/schemas/SecurityMonitoringSuppression' type: object SecurityMonitoringSuppressionType: default: suppressions description: The type of the resource. The value should always be `suppressions`. enum: - suppressions example: suppressions type: string x-enum-varnames: - SUPPRESSIONS SecurityMonitoringSuppressionUpdateAttributes: description: The suppression rule properties to be updated. properties: data_exclusion_query: description: >- An exclusion query on the input data of the security rules, which could be logs, Agent events, or other types of data based on the security rule. Events matching this query are ignored by any detection rules referenced in the suppression rule. example: source:cloudtrail account_id:12345 type: string description: description: A description for the suppression rule. example: This rule suppresses low-severity signals in staging environments. type: string enabled: description: Whether the suppression rule is enabled. example: true type: boolean expiration_date: description: >- A Unix millisecond timestamp giving an expiration date for the suppression rule. After this date, it won't suppress signals anymore. If unset, the expiration date of the suppression rule is left untouched. If set to `null`, the expiration date is removed. example: 1703187336000 format: int64 nullable: true type: integer name: description: The name of the suppression rule. example: Custom suppression type: string rule_query: description: >- The rule query of the suppression rule, with the same syntax as the search bar for detection rules. example: type:log_detection source:cloudtrail type: string start_date: description: >- A Unix millisecond timestamp giving the start date for the suppression rule. After this date, it starts suppressing signals. If unset, the start date of the suppression rule is left untouched. If set to `null`, the start date is removed. example: 1703187336000 format: int64 nullable: true type: integer suppression_query: description: >- The suppression query of the suppression rule. If a signal matches this query, it is suppressed and not triggered. Same syntax as the queries to search signals in the signal explorer. example: env:staging status:low type: string version: description: >- The current version of the suppression. This is optional, but it can help prevent concurrent modifications. format: int32 maximum: 2147483647 type: integer example: 42 type: object SecurityMonitoringSuppressionUpdateData: description: The new suppression properties; partial updates are supported. properties: attributes: $ref: '#/components/schemas/SecurityMonitoringSuppressionUpdateAttributes' type: $ref: '#/components/schemas/SecurityMonitoringSuppressionType' required: - type - attributes type: object SecurityMonitoringSuppressionUpdateRequest: description: Request object containing the fields to update on the suppression rule. properties: data: $ref: '#/components/schemas/SecurityMonitoringSuppressionUpdateData' required: - data type: object SecurityMonitoringSuppressionsResponse: description: Response object containing the available suppression rules. properties: data: description: A list of suppressions objects. items: $ref: '#/components/schemas/SecurityMonitoringSuppression' type: array type: object SecurityMonitoringThirdPartyRootQuery: description: A query to be combined with the third party case query. properties: groupByFields: description: Fields to group by. items: description: Field. type: string type: array query: description: Query to run on logs. example: source:cloudtrail type: string type: object SecurityMonitoringThirdPartyRuleCase: description: Case when signal is generated by a third party rule. properties: name: description: Name of the case. type: string example: Example Monitor notifications: description: Notification targets for each rule case. items: description: Notification. type: string type: array query: description: A query to map a third party event to this case. type: string example: avg:system.cpu.user{*} status: $ref: '#/components/schemas/SecurityMonitoringRuleSeverity' type: object SecurityMonitoringThirdPartyRuleCaseCreate: description: Case when a signal is generated by a third party rule. properties: name: description: Name of the case. type: string example: Example Monitor notifications: description: Notification targets for each case. items: description: Notification. type: string type: array query: description: A query to map a third party event to this case. type: string example: avg:system.cpu.user{*} status: $ref: '#/components/schemas/SecurityMonitoringRuleSeverity' required: - status type: object SecurityMonitoringTriageUser: description: Object representing a given user entity. properties: handle: description: The handle for this user account. type: string example: example_value icon: description: Gravatar icon associated to the user. example: /path/to/matching/gravatar/icon readOnly: true type: string id: description: Numerical ID assigned by Datadog to this user account. format: int64 type: integer example: 42 name: description: The name for this user account. nullable: true type: string example: Example Monitor uuid: description: UUID assigned by Datadog to this user account. example: 773b045d-ccf8-4808-bd3b-955ef6a8c940 type: string required: - uuid type: object SecurityMonitoringUser: description: A user. properties: handle: description: The handle of the user. example: john.doe@datadoghq.com type: string name: description: The name of the user. example: John Doe nullable: true type: string type: object SecurityTrigger: description: >- Trigger a workflow from a Security Signal or Finding. For automatic triggering a handle must be configured and the workflow must be published. properties: rateLimit: $ref: '#/components/schemas/TriggerRateLimit' type: object SecurityTriggerWrapper: description: Schema for a Security-based trigger. properties: securityTrigger: $ref: '#/components/schemas/SecurityTrigger' startStepNames: $ref: '#/components/schemas/StartStepNames' required: - securityTrigger type: object Selectors: description: >- Selectors are used to filter security issues for which notifications should be generated. Users can specify rule severities, rule types, a query to filter security issues on tags and attributes, and the trigger source. Only the trigger_source field is required. properties: query: $ref: '#/components/schemas/NotificationRuleQuery' rule_types: $ref: '#/components/schemas/RuleTypes' severities: description: The security rules severities to consider. items: $ref: '#/components/schemas/RuleSeverity' type: array trigger_source: $ref: '#/components/schemas/TriggerSource' required: - trigger_source type: object SelfServiceTriggerWrapper: description: Schema for a Self Service-based trigger. properties: selfServiceTrigger: description: Trigger a workflow from Self Service. type: object startStepNames: $ref: '#/components/schemas/StartStepNames' required: - selfServiceTrigger type: object SendSlackMessageAction: description: Sends a message to a Slack channel. properties: channel: description: The channel ID. example: CHANNEL type: string type: $ref: '#/components/schemas/SendSlackMessageActionType' workspace: description: The workspace ID. example: WORKSPACE type: string required: - type - channel - workspace type: object SendSlackMessageActionType: default: send_slack_message description: Indicates that the action is a send Slack message action. enum: - send_slack_message example: send_slack_message type: string x-enum-varnames: - SEND_SLACK_MESSAGE SendTeamsMessageAction: description: Sends a message to a Microsoft Teams channel. properties: channel: description: The channel ID. example: CHANNEL type: string team: description: The team ID. example: TEAM type: string tenant: description: The tenant ID. example: TENANT type: string type: $ref: '#/components/schemas/SendTeamsMessageActionType' required: - type - channel - tenant - team type: object SendTeamsMessageActionType: default: send_teams_message description: Indicates that the action is a send Microsoft Teams message action. enum: - send_teams_message example: send_teams_message type: string x-enum-varnames: - SEND_TEAMS_MESSAGE SensitiveDataScannerConfigRequest: description: Group reorder request. properties: data: $ref: '#/components/schemas/SensitiveDataScannerReorderConfig' meta: $ref: '#/components/schemas/SensitiveDataScannerMetaVersionOnly' required: - data - meta type: object SensitiveDataScannerConfiguration: description: A Sensitive Data Scanner configuration. properties: id: description: ID of the configuration. type: string example: abc-123-def type: $ref: '#/components/schemas/SensitiveDataScannerConfigurationType' type: object SensitiveDataScannerConfigurationData: description: A Sensitive Data Scanner configuration data. properties: data: $ref: '#/components/schemas/SensitiveDataScannerConfiguration' type: object SensitiveDataScannerConfigurationRelationships: description: Relationships of the configuration. properties: groups: $ref: '#/components/schemas/SensitiveDataScannerGroupList' type: object SensitiveDataScannerConfigurationType: default: sensitive_data_scanner_configuration description: Sensitive Data Scanner configuration type. enum: - sensitive_data_scanner_configuration example: sensitive_data_scanner_configuration type: string x-enum-varnames: - SENSITIVE_DATA_SCANNER_CONFIGURATIONS SensitiveDataScannerCreateGroupResponse: description: Create group response. properties: data: $ref: '#/components/schemas/SensitiveDataScannerGroupResponse' meta: $ref: '#/components/schemas/SensitiveDataScannerMetaVersionOnly' type: object SensitiveDataScannerCreateRuleResponse: description: Create rule response. properties: data: $ref: '#/components/schemas/SensitiveDataScannerRuleResponse' meta: $ref: '#/components/schemas/SensitiveDataScannerMetaVersionOnly' type: object SensitiveDataScannerFilter: description: Filter for the Scanning Group. properties: query: description: Query to filter the events. type: string example: avg:system.cpu.user{*} type: object SensitiveDataScannerGetConfigIncludedArray: description: Included objects from relationships. items: $ref: '#/components/schemas/SensitiveDataScannerGetConfigIncludedItem' type: array SensitiveDataScannerGetConfigIncludedItem: description: An object related to the configuration. oneOf: - $ref: '#/components/schemas/SensitiveDataScannerRuleIncludedItem' - $ref: '#/components/schemas/SensitiveDataScannerGroupIncludedItem' SensitiveDataScannerGetConfigResponse: description: Get all groups response. properties: data: $ref: '#/components/schemas/SensitiveDataScannerGetConfigResponseData' included: $ref: '#/components/schemas/SensitiveDataScannerGetConfigIncludedArray' meta: $ref: '#/components/schemas/SensitiveDataScannerMeta' type: object SensitiveDataScannerGetConfigResponseData: description: Response data related to the scanning groups. properties: attributes: additionalProperties: {} description: Attributes of the Sensitive Data configuration. type: object id: description: ID of the configuration. type: string example: abc-123-def relationships: $ref: '#/components/schemas/SensitiveDataScannerConfigurationRelationships' type: $ref: '#/components/schemas/SensitiveDataScannerConfigurationType' type: object SensitiveDataScannerGroup: description: A scanning group. properties: id: description: ID of the group. type: string example: abc-123-def type: $ref: '#/components/schemas/SensitiveDataScannerGroupType' type: object SensitiveDataScannerGroupAttributes: description: Attributes of the Sensitive Data Scanner group. properties: description: description: Description of the group. type: string example: example_value filter: $ref: '#/components/schemas/SensitiveDataScannerFilter' is_enabled: description: Whether or not the group is enabled. type: boolean example: true name: description: Name of the group. type: string example: Example Monitor product_list: description: List of products the scanning group applies. items: $ref: '#/components/schemas/SensitiveDataScannerProduct' type: array type: object SensitiveDataScannerGroupCreate: description: Data related to the creation of a group. properties: attributes: $ref: '#/components/schemas/SensitiveDataScannerGroupAttributes' relationships: $ref: '#/components/schemas/SensitiveDataScannerGroupRelationships' type: $ref: '#/components/schemas/SensitiveDataScannerGroupType' required: - type - attributes type: object SensitiveDataScannerGroupCreateRequest: description: Create group request. properties: data: $ref: '#/components/schemas/SensitiveDataScannerGroupCreate' meta: $ref: '#/components/schemas/SensitiveDataScannerMetaVersionOnly' type: object SensitiveDataScannerGroupData: description: A scanning group data. properties: data: $ref: '#/components/schemas/SensitiveDataScannerGroup' type: object SensitiveDataScannerGroupDeleteRequest: description: Delete group request. properties: meta: $ref: '#/components/schemas/SensitiveDataScannerMetaVersionOnly' required: - meta type: object SensitiveDataScannerGroupDeleteResponse: description: Delete group response. properties: meta: $ref: '#/components/schemas/SensitiveDataScannerMetaVersionOnly' type: object SensitiveDataScannerGroupIncludedItem: description: A Scanning Group included item. properties: attributes: $ref: '#/components/schemas/SensitiveDataScannerGroupAttributes' id: description: ID of the group. type: string example: abc-123-def relationships: $ref: '#/components/schemas/SensitiveDataScannerGroupRelationships' type: $ref: '#/components/schemas/SensitiveDataScannerGroupType' type: object SensitiveDataScannerGroupItem: description: Data related to a Sensitive Data Scanner Group. properties: id: description: ID of the group. type: string example: abc-123-def type: $ref: '#/components/schemas/SensitiveDataScannerGroupType' type: object SensitiveDataScannerGroupList: description: List of groups, ordered. properties: data: description: List of groups. The order is important. items: $ref: '#/components/schemas/SensitiveDataScannerGroupItem' type: array type: object SensitiveDataScannerGroupRelationships: description: Relationships of the group. properties: configuration: $ref: '#/components/schemas/SensitiveDataScannerConfigurationData' rules: $ref: '#/components/schemas/SensitiveDataScannerRuleData' type: object SensitiveDataScannerGroupResponse: description: Response data related to the creation of a group. properties: attributes: $ref: '#/components/schemas/SensitiveDataScannerGroupAttributes' id: description: ID of the group. type: string example: abc-123-def relationships: $ref: '#/components/schemas/SensitiveDataScannerGroupRelationships' type: $ref: '#/components/schemas/SensitiveDataScannerGroupType' type: object SensitiveDataScannerGroupType: default: sensitive_data_scanner_group description: Sensitive Data Scanner group type. enum: - sensitive_data_scanner_group example: sensitive_data_scanner_group type: string x-enum-varnames: - SENSITIVE_DATA_SCANNER_GROUP SensitiveDataScannerGroupUpdate: description: Data related to the update of a group. properties: attributes: $ref: '#/components/schemas/SensitiveDataScannerGroupAttributes' id: description: ID of the group. type: string example: abc-123-def relationships: $ref: '#/components/schemas/SensitiveDataScannerGroupRelationships' type: $ref: '#/components/schemas/SensitiveDataScannerGroupType' type: object SensitiveDataScannerGroupUpdateRequest: description: Update group request. properties: data: $ref: '#/components/schemas/SensitiveDataScannerGroupUpdate' meta: $ref: '#/components/schemas/SensitiveDataScannerMetaVersionOnly' required: - data - meta type: object SensitiveDataScannerGroupUpdateResponse: description: Update group response. properties: meta: $ref: '#/components/schemas/SensitiveDataScannerMetaVersionOnly' type: object SensitiveDataScannerIncludedKeywordConfiguration: description: >- Object defining a set of keywords and a number of characters that help reduce noise. You can provide a list of keywords you would like to check within a defined proximity of the matching pattern. If any of the keywords are found within the proximity check, the match is kept. If none are found, the match is discarded. properties: character_count: description: >- The number of characters behind a match detected by Sensitive Data Scanner to look for the keywords defined. `character_count` should be greater than the maximum length of a keyword defined for a rule. example: 30 format: int64 maximum: 50 minimum: 1 type: integer keywords: description: >- Keyword list that will be checked during scanning in order to validate a match. The number of keywords in the list must be less than or equal to 30. example: - credit card - cc items: type: string type: array use_recommended_keywords: description: >- Should the rule use the underlying standard pattern keyword configuration. If set to `true`, the rule must be tied to a standard pattern. If set to `false`, the specified keywords and `character_count` are applied. type: boolean example: true required: - keywords - character_count type: object SensitiveDataScannerMeta: description: Meta response containing information about the API. properties: count_limit: description: Maximum number of scanning rules allowed for the org. format: int64 type: integer example: 42 group_count_limit: description: Maximum number of scanning groups allowed for the org. format: int64 type: integer example: 42 has_highlight_enabled: default: true deprecated: true description: >- (Deprecated) Whether or not scanned events are highlighted in Logs or RUM for the org. type: boolean example: true has_multi_pass_enabled: deprecated: true description: (Deprecated) Whether or not scanned events have multi-pass enabled. type: boolean example: true is_pci_compliant: description: >- Whether or not the org is compliant to the payment card industry standard. type: boolean example: true version: description: Version of the API. example: 0 format: int64 minimum: 0 type: integer type: object SensitiveDataScannerMetaVersionOnly: description: Meta payload containing information about the API. properties: version: description: Version of the API (optional). example: 0 format: int64 minimum: 0 type: integer type: object SensitiveDataScannerProduct: default: logs description: Datadog product onto which Sensitive Data Scanner can be activated. enum: - logs - rum - events - apm type: string x-enum-varnames: - LOGS - RUM - EVENTS - APM SensitiveDataScannerReorderConfig: description: Data related to the reordering of scanning groups. properties: id: description: ID of the configuration. type: string example: abc-123-def relationships: $ref: '#/components/schemas/SensitiveDataScannerConfigurationRelationships' type: $ref: '#/components/schemas/SensitiveDataScannerConfigurationType' type: object SensitiveDataScannerReorderGroupsResponse: description: Group reorder response. properties: meta: $ref: '#/components/schemas/SensitiveDataScannerMeta' type: object SensitiveDataScannerRule: description: Rule item included in the group. properties: id: description: ID of the rule. type: string example: abc-123-def type: $ref: '#/components/schemas/SensitiveDataScannerRuleType' type: object SensitiveDataScannerRuleAttributes: description: Attributes of the Sensitive Data Scanner rule. properties: description: description: Description of the rule. type: string example: example_value excluded_namespaces: description: >- Attributes excluded from the scan. If namespaces is provided, it has to be a sub-path of the namespaces array. example: - admin.name items: type: string type: array included_keyword_configuration: $ref: >- #/components/schemas/SensitiveDataScannerIncludedKeywordConfiguration is_enabled: description: Whether or not the rule is enabled. type: boolean example: true name: description: Name of the rule. type: string example: Example Monitor namespaces: description: >- Attributes included in the scan. If namespaces is empty or missing, all attributes except excluded_namespaces are scanned. If both are missing the whole event is scanned. example: - admin items: type: string type: array pattern: description: Not included if there is a relationship to a standard pattern. type: string example: example_value priority: description: Integer from 1 (high) to 5 (low) indicating rule issue severity. format: int64 maximum: 5 minimum: 1 type: integer example: 42 tags: description: List of tags. items: type: string type: array text_replacement: $ref: '#/components/schemas/SensitiveDataScannerTextReplacement' type: object SensitiveDataScannerRuleCreate: description: Data related to the creation of a rule. properties: attributes: $ref: '#/components/schemas/SensitiveDataScannerRuleAttributes' relationships: $ref: '#/components/schemas/SensitiveDataScannerRuleRelationships' type: $ref: '#/components/schemas/SensitiveDataScannerRuleType' required: - type - attributes - relationships type: object SensitiveDataScannerRuleCreateRequest: description: Create rule request. properties: data: $ref: '#/components/schemas/SensitiveDataScannerRuleCreate' meta: $ref: '#/components/schemas/SensitiveDataScannerMetaVersionOnly' required: - data - meta type: object SensitiveDataScannerRuleData: description: Rules included in the group. properties: data: description: Rules included in the group. The order is important. items: $ref: '#/components/schemas/SensitiveDataScannerRule' type: array type: object SensitiveDataScannerRuleDeleteRequest: description: Delete rule request. properties: meta: $ref: '#/components/schemas/SensitiveDataScannerMetaVersionOnly' required: - meta type: object SensitiveDataScannerRuleDeleteResponse: description: Delete rule response. properties: meta: $ref: '#/components/schemas/SensitiveDataScannerMetaVersionOnly' type: object SensitiveDataScannerRuleIncludedItem: description: A Scanning Rule included item. properties: attributes: $ref: '#/components/schemas/SensitiveDataScannerRuleAttributes' id: description: ID of the rule. type: string example: abc-123-def relationships: $ref: '#/components/schemas/SensitiveDataScannerRuleRelationships' type: $ref: '#/components/schemas/SensitiveDataScannerRuleType' type: object SensitiveDataScannerRuleRelationships: description: Relationships of a scanning rule. properties: group: $ref: '#/components/schemas/SensitiveDataScannerGroupData' standard_pattern: $ref: '#/components/schemas/SensitiveDataScannerStandardPatternData' type: object SensitiveDataScannerRuleResponse: description: Response data related to the creation of a rule. properties: attributes: $ref: '#/components/schemas/SensitiveDataScannerRuleAttributes' id: description: ID of the rule. type: string example: abc-123-def relationships: $ref: '#/components/schemas/SensitiveDataScannerRuleRelationships' type: $ref: '#/components/schemas/SensitiveDataScannerRuleType' type: object SensitiveDataScannerRuleType: default: sensitive_data_scanner_rule description: Sensitive Data Scanner rule type. enum: - sensitive_data_scanner_rule example: sensitive_data_scanner_rule type: string x-enum-varnames: - SENSITIVE_DATA_SCANNER_RULE SensitiveDataScannerRuleUpdate: description: Data related to the update of a rule. properties: attributes: $ref: '#/components/schemas/SensitiveDataScannerRuleAttributes' id: description: ID of the rule. type: string example: abc-123-def relationships: $ref: '#/components/schemas/SensitiveDataScannerRuleRelationships' type: $ref: '#/components/schemas/SensitiveDataScannerRuleType' type: object SensitiveDataScannerRuleUpdateRequest: description: Update rule request. properties: data: $ref: '#/components/schemas/SensitiveDataScannerRuleUpdate' meta: $ref: '#/components/schemas/SensitiveDataScannerMetaVersionOnly' required: - data - meta type: object SensitiveDataScannerRuleUpdateResponse: description: Update rule response. properties: meta: $ref: '#/components/schemas/SensitiveDataScannerMetaVersionOnly' type: object SensitiveDataScannerStandardPattern: description: Data containing the standard pattern id. properties: id: description: ID of the standard pattern. type: string example: abc-123-def type: $ref: '#/components/schemas/SensitiveDataScannerStandardPatternType' type: object SensitiveDataScannerStandardPatternAttributes: description: Attributes of the Sensitive Data Scanner standard pattern. properties: description: description: Description of the standard pattern. type: string example: example_value included_keywords: description: List of included keywords. items: type: string type: array name: description: Name of the standard pattern. type: string example: Example Monitor pattern: deprecated: true description: >- (Deprecated) Regex to match, optionally documented for older standard rules. Refer to the `description` field to understand what the rule does. type: string example: example_value priority: description: >- Integer from 1 (high) to 5 (low) indicating standard pattern issue severity. format: int64 maximum: 5 minimum: 1 type: integer example: 42 tags: description: List of tags. items: type: string type: array type: object SensitiveDataScannerStandardPatternData: description: A standard pattern. properties: data: $ref: '#/components/schemas/SensitiveDataScannerStandardPattern' type: object SensitiveDataScannerStandardPatternType: default: sensitive_data_scanner_standard_pattern description: Sensitive Data Scanner standard pattern type. enum: - sensitive_data_scanner_standard_pattern example: sensitive_data_scanner_standard_pattern type: string x-enum-varnames: - SENSITIVE_DATA_SCANNER_STANDARD_PATTERN SensitiveDataScannerStandardPatternsResponse: description: List Standard patterns response. items: $ref: '#/components/schemas/SensitiveDataScannerStandardPatternsResponseItem' type: array SensitiveDataScannerStandardPatternsResponseData: description: List Standard patterns response data. properties: data: $ref: '#/components/schemas/SensitiveDataScannerStandardPatternsResponse' type: object SensitiveDataScannerStandardPatternsResponseItem: description: Standard pattern item. properties: attributes: $ref: '#/components/schemas/SensitiveDataScannerStandardPatternAttributes' id: description: ID of the standard pattern. type: string example: abc-123-def type: $ref: '#/components/schemas/SensitiveDataScannerStandardPatternType' type: object SensitiveDataScannerTextReplacement: description: Object describing how the scanned event will be replaced. properties: number_of_chars: description: |- Required if type == 'partial_replacement_from_beginning' or 'partial_replacement_from_end'. It must be > 0. format: int64 minimum: 0 type: integer example: 42 replacement_string: description: Required if type == 'replacement_string'. type: string example: example_value type: $ref: '#/components/schemas/SensitiveDataScannerTextReplacementType' type: object SensitiveDataScannerTextReplacementType: default: none description: >- Type of the replacement text. None means no replacement. hash means the data will be stubbed. replacement_string means that one can chose a text to replace the data. partial_replacement_from_beginning allows a user to partially replace the data from the beginning, and partial_replacement_from_end on the other hand, allows to replace data from the end. enum: - none - hash - replacement_string - partial_replacement_from_beginning - partial_replacement_from_end type: string x-enum-varnames: - NONE - HASH - REPLACEMENT_STRING - PARTIAL_REPLACEMENT_FROM_BEGINNING - PARTIAL_REPLACEMENT_FROM_END ServiceAccountCreateAttributes: description: Attributes of the created user. properties: email: description: The email of the user. example: jane.doe@example.com type: string name: description: The name of the user. type: string example: Example Monitor service_account: description: Whether the user is a service account. Must be true. example: true type: boolean title: description: The title of the user. type: string example: Example Monitor required: - email - service_account type: object ServiceAccountCreateData: description: Object to create a service account User. properties: attributes: $ref: '#/components/schemas/ServiceAccountCreateAttributes' relationships: $ref: '#/components/schemas/UserRelationships' type: $ref: '#/components/schemas/UsersType' required: - attributes - type type: object ServiceAccountCreateRequest: description: Create a service account. properties: data: $ref: '#/components/schemas/ServiceAccountCreateData' required: - data type: object ServiceDefinitionCreateResponse: description: Create service definitions response. properties: data: description: Create service definitions response payload. items: $ref: '#/components/schemas/ServiceDefinitionData' type: array type: object ServiceDefinitionData: description: Service definition data. properties: attributes: $ref: '#/components/schemas/ServiceDefinitionDataAttributes' id: description: Service definition id. type: string example: abc-123-def type: description: Service definition type. type: string example: metric alert type: object ServiceDefinitionDataAttributes: description: Service definition attributes. properties: meta: $ref: '#/components/schemas/ServiceDefinitionMeta' schema: $ref: '#/components/schemas/ServiceDefinitionSchema' type: object ServiceDefinitionGetResponse: description: Get service definition response. properties: data: $ref: '#/components/schemas/ServiceDefinitionData' type: object ServiceDefinitionMeta: description: Metadata about a service definition. properties: github-html-url: description: GitHub HTML URL. type: string example: https://app.datadoghq.com ingested-schema-version: description: Ingestion schema version. type: string example: example_value ingestion-source: description: Ingestion source of the service definition. type: string example: example_value last-modified-time: description: Last modified time of the service definition. type: string example: '2026-04-17T12:00:00Z' origin: description: User defined origin of the service definition. type: string example: example_value origin-detail: description: User defined origin's detail of the service definition. type: string example: example_value warnings: description: A list of schema validation warnings. items: $ref: '#/components/schemas/ServiceDefinitionMetaWarnings' type: array type: object ServiceDefinitionMetaWarnings: description: Schema validation warnings. properties: instance-location: description: The warning instance location. type: string example: example_value keyword-location: description: The warning keyword location. type: string example: example_value message: description: The warning message. type: string example: CPU usage is high on {{host.name}} type: object ServiceDefinitionRaw: description: Service Definition in raw JSON/YAML representation. example: | --- schema-version: v2 dd-service: my-service type: string ServiceDefinitionSchema: description: Service definition schema. oneOf: - $ref: '#/components/schemas/ServiceDefinitionV1' - $ref: '#/components/schemas/ServiceDefinitionV2' - $ref: '#/components/schemas/ServiceDefinitionV2Dot1' - $ref: '#/components/schemas/ServiceDefinitionV2Dot2' ServiceDefinitionSchemaVersions: description: Schema versions enum: - v1 - v2 - v2.1 - v2.2 type: string x-enum-varnames: - V1 - V2 - V2_1 - V2_2 ServiceDefinitionV1: deprecated: true description: >- Deprecated - Service definition V1 for providing additional service metadata and integrations. properties: contact: $ref: '#/components/schemas/ServiceDefinitionV1Contact' extensions: additionalProperties: {} description: Extensions to V1 schema. example: myorg/extension: extensionValue type: object external-resources: description: A list of external links related to the services. items: $ref: '#/components/schemas/ServiceDefinitionV1Resource' type: array info: $ref: '#/components/schemas/ServiceDefinitionV1Info' integrations: $ref: '#/components/schemas/ServiceDefinitionV1Integrations' org: $ref: '#/components/schemas/ServiceDefinitionV1Org' schema-version: $ref: '#/components/schemas/ServiceDefinitionV1Version' tags: description: A set of custom tags. example: - my:tag - service:tag items: type: string type: array required: - schema-version - info type: object ServiceDefinitionV1Contact: description: Contact information about the service. properties: email: description: Service owner’s email. example: contact@datadoghq.com type: string slack: description: Service owner’s Slack channel. example: https://yourcompany.slack.com/archives/channel123 type: string type: object ServiceDefinitionV1Info: description: Basic information about a service. properties: dd-service: description: >- Unique identifier of the service. Must be unique across all services and is used to match with a service in Datadog. example: myservice type: string description: description: A short description of the service. example: A shopping cart service type: string display-name: description: A friendly name of the service. example: My Service type: string service-tier: description: Service tier. example: Tier 1 type: string required: - dd-service type: object ServiceDefinitionV1Integrations: description: Third party integrations that Datadog supports. properties: pagerduty: $ref: '#/components/schemas/ServiceDefinitionV1Pagerduty' type: object ServiceDefinitionV1Org: description: Org related information about the service. properties: application: description: App feature this service supports. example: E-Commerce type: string team: description: Team that owns the service. example: my-team type: string type: object ServiceDefinitionV1Pagerduty: description: PagerDuty service URL for the service. example: https://my-org.pagerduty.com/service-directory/PMyService type: string ServiceDefinitionV1Resource: description: Service's external links. properties: name: description: Link name. example: Runbook type: string type: $ref: '#/components/schemas/ServiceDefinitionV1ResourceType' url: description: Link URL. example: https://my-runbook type: string required: - name - type - url type: object ServiceDefinitionV1ResourceType: description: Link type. enum: - doc - wiki - runbook - url - repo - dashboard - oncall - code - link example: runbook type: string x-enum-varnames: - DOC - WIKI - RUNBOOK - URL - REPO - DASHBOARD - ONCALL - CODE - LINK ServiceDefinitionV1Version: default: v1 description: Schema version being used. enum: - v1 example: v1 type: string x-enum-varnames: - V1 ServiceDefinitionV2: description: Service definition V2 for providing service metadata and integrations. properties: contacts: description: A list of contacts related to the services. items: $ref: '#/components/schemas/ServiceDefinitionV2Contact' type: array dd-service: description: >- Unique identifier of the service. Must be unique across all services and is used to match with a service in Datadog. example: my-service type: string dd-team: description: >- Experimental feature. A Team handle that matches a Team in the Datadog Teams product. example: my-team type: string docs: description: A list of documentation related to the services. items: $ref: '#/components/schemas/ServiceDefinitionV2Doc' type: array extensions: additionalProperties: {} description: Extensions to V2 schema. example: myorg/extension: extensionValue type: object integrations: $ref: '#/components/schemas/ServiceDefinitionV2Integrations' links: description: A list of links related to the services. items: $ref: '#/components/schemas/ServiceDefinitionV2Link' type: array repos: description: A list of code repositories related to the services. items: $ref: '#/components/schemas/ServiceDefinitionV2Repo' type: array schema-version: $ref: '#/components/schemas/ServiceDefinitionV2Version' tags: description: A set of custom tags. example: - my:tag - service:tag items: type: string type: array team: description: Team that owns the service. example: my-team type: string required: - schema-version - dd-service type: object ServiceDefinitionV2Contact: description: Service owner's contacts information. oneOf: - $ref: '#/components/schemas/ServiceDefinitionV2Email' - $ref: '#/components/schemas/ServiceDefinitionV2Slack' - $ref: '#/components/schemas/ServiceDefinitionV2MSTeams' ServiceDefinitionV2Doc: description: Service documents. properties: name: description: Document name. example: Architecture type: string provider: description: Document provider. example: google drive type: string url: description: Document URL. example: https://gdrive/mydoc type: string required: - name - url type: object ServiceDefinitionV2Dot1: description: Service definition v2.1 for providing service metadata and integrations. properties: application: description: >- Identifier for a group of related services serving a product feature, which the service is a part of. example: my-app type: string contacts: description: A list of contacts related to the services. items: $ref: '#/components/schemas/ServiceDefinitionV2Dot1Contact' type: array dd-service: description: >- Unique identifier of the service. Must be unique across all services and is used to match with a service in Datadog. example: my-service type: string description: description: A short description of the service. example: My service description type: string extensions: additionalProperties: {} description: Extensions to v2.1 schema. example: myorg/extension: extensionValue type: object integrations: $ref: '#/components/schemas/ServiceDefinitionV2Dot1Integrations' lifecycle: description: The current life cycle phase of the service. example: sandbox type: string links: description: A list of links related to the services. items: $ref: '#/components/schemas/ServiceDefinitionV2Dot1Link' type: array schema-version: $ref: '#/components/schemas/ServiceDefinitionV2Dot1Version' tags: description: A set of custom tags. example: - my:tag - service:tag items: type: string type: array team: description: >- Team that owns the service. It is used to locate a team defined in Datadog Teams if it exists. example: my-team type: string tier: description: Importance of the service. example: High type: string required: - schema-version - dd-service type: object ServiceDefinitionV2Dot1Contact: description: Service owner's contacts information. oneOf: - $ref: '#/components/schemas/ServiceDefinitionV2Dot1Email' - $ref: '#/components/schemas/ServiceDefinitionV2Dot1Slack' - $ref: '#/components/schemas/ServiceDefinitionV2Dot1MSTeams' ServiceDefinitionV2Dot1Email: description: Service owner's email. properties: contact: description: Contact value. example: contact@datadoghq.com type: string name: description: Contact email. example: Team Email type: string type: $ref: '#/components/schemas/ServiceDefinitionV2Dot1EmailType' required: - type - contact type: object ServiceDefinitionV2Dot1EmailType: description: Contact type. enum: - email example: email type: string x-enum-varnames: - EMAIL ServiceDefinitionV2Dot1Integrations: description: Third party integrations that Datadog supports. properties: opsgenie: $ref: '#/components/schemas/ServiceDefinitionV2Dot1Opsgenie' pagerduty: $ref: '#/components/schemas/ServiceDefinitionV2Dot1Pagerduty' type: object ServiceDefinitionV2Dot1Link: description: Service's external links. properties: name: description: Link name. example: Runbook type: string provider: description: Link provider. example: Github type: string type: $ref: '#/components/schemas/ServiceDefinitionV2Dot1LinkType' url: description: Link URL. example: https://my-runbook type: string required: - name - type - url type: object ServiceDefinitionV2Dot1LinkType: description: Link type. enum: - doc - repo - runbook - dashboard - other example: runbook type: string x-enum-varnames: - DOC - REPO - RUNBOOK - DASHBOARD - OTHER ServiceDefinitionV2Dot1MSTeams: description: Service owner's Microsoft Teams. properties: contact: description: Contact value. example: https://teams.microsoft.com/myteam type: string name: description: Contact Microsoft Teams. example: My team channel type: string type: $ref: '#/components/schemas/ServiceDefinitionV2Dot1MSTeamsType' required: - type - contact type: object ServiceDefinitionV2Dot1MSTeamsType: description: Contact type. enum: - microsoft-teams example: microsoft-teams type: string x-enum-varnames: - MICROSOFT_TEAMS ServiceDefinitionV2Dot1Opsgenie: description: Opsgenie integration for the service. properties: region: $ref: '#/components/schemas/ServiceDefinitionV2Dot1OpsgenieRegion' service-url: description: Opsgenie service url. example: >- https://my-org.opsgenie.com/service/123e4567-e89b-12d3-a456-426614174000 type: string required: - service-url type: object ServiceDefinitionV2Dot1OpsgenieRegion: description: Opsgenie instance region. enum: - US - EU example: US type: string x-enum-varnames: - US - EU ServiceDefinitionV2Dot1Pagerduty: description: PagerDuty integration for the service. properties: service-url: description: PagerDuty service url. example: https://my-org.pagerduty.com/service-directory/PMyService type: string type: object x-ignore-duplicate-object: true ServiceDefinitionV2Dot1Slack: description: Service owner's Slack channel. properties: contact: description: Slack Channel. example: https://yourcompany.slack.com/archives/channel123 type: string name: description: Contact Slack. example: Team Slack type: string type: $ref: '#/components/schemas/ServiceDefinitionV2Dot1SlackType' required: - type - contact type: object ServiceDefinitionV2Dot1SlackType: description: Contact type. enum: - slack example: slack type: string x-enum-varnames: - SLACK ServiceDefinitionV2Dot1Version: default: v2.1 description: Schema version being used. enum: - v2.1 example: v2.1 type: string x-enum-varnames: - V2_1 ServiceDefinitionV2Dot2: description: Service definition v2.2 for providing service metadata and integrations. properties: application: description: >- Identifier for a group of related services serving a product feature, which the service is a part of. example: my-app type: string ci-pipeline-fingerprints: description: A set of CI fingerprints. example: - j88xdEy0J5lc - eZ7LMljCk8vo items: type: string type: array contacts: description: A list of contacts related to the services. items: $ref: '#/components/schemas/ServiceDefinitionV2Dot2Contact' type: array dd-service: description: >- Unique identifier of the service. Must be unique across all services and is used to match with a service in Datadog. example: my-service type: string description: description: A short description of the service. example: My service description type: string extensions: additionalProperties: {} description: Extensions to v2.2 schema. example: myorg/extension: extensionValue type: object integrations: $ref: '#/components/schemas/ServiceDefinitionV2Dot2Integrations' languages: description: >- The service's programming language. Datadog recognizes the following languages: `dotnet`, `go`, `java`, `js`, `php`, `python`, `ruby`, and `c++`. example: - dotnet - go - java - js - php - python - ruby - c++ items: type: string type: array lifecycle: description: The current life cycle phase of the service. example: sandbox type: string links: description: A list of links related to the services. items: $ref: '#/components/schemas/ServiceDefinitionV2Dot2Link' type: array schema-version: $ref: '#/components/schemas/ServiceDefinitionV2Dot2Version' tags: description: A set of custom tags. example: - my:tag - service:tag items: type: string type: array team: description: >- Team that owns the service. It is used to locate a team defined in Datadog Teams if it exists. example: my-team type: string tier: description: Importance of the service. example: High type: string type: $ref: '#/components/schemas/ServiceDefinitionV2Dot2Type' required: - schema-version - dd-service type: object ServiceDefinitionV2Dot2Contact: description: Service owner's contacts information. properties: contact: description: Contact value. example: https://teams.microsoft.com/myteam type: string name: description: Contact Name. example: My team channel type: string type: description: >- Contact type. Datadog recognizes the following types: `email`, `slack`, and `microsoft-teams`. example: slack type: string required: - type - contact type: object ServiceDefinitionV2Dot2Integrations: description: Third party integrations that Datadog supports. properties: opsgenie: $ref: '#/components/schemas/ServiceDefinitionV2Dot2Opsgenie' pagerduty: $ref: '#/components/schemas/ServiceDefinitionV2Dot2Pagerduty' type: object ServiceDefinitionV2Dot2Link: description: Service's external links. properties: name: description: Link name. example: Runbook type: string provider: description: Link provider. example: Github type: string type: description: >- Link type. Datadog recognizes the following types: `runbook`, `doc`, `repo`, `dashboard`, and `other`. example: runbook type: string url: description: Link URL. example: https://my-runbook type: string required: - name - type - url type: object ServiceDefinitionV2Dot2Opsgenie: description: Opsgenie integration for the service. properties: region: $ref: '#/components/schemas/ServiceDefinitionV2Dot2OpsgenieRegion' service-url: description: Opsgenie service url. example: >- https://my-org.opsgenie.com/service/123e4567-e89b-12d3-a456-426614174000 type: string required: - service-url type: object ServiceDefinitionV2Dot2OpsgenieRegion: description: Opsgenie instance region. enum: - US - EU example: US type: string x-enum-varnames: - US - EU ServiceDefinitionV2Dot2Pagerduty: description: PagerDuty integration for the service. properties: service-url: description: PagerDuty service url. example: https://my-org.pagerduty.com/service-directory/PMyService type: string type: object x-ignore-duplicate-object: true ServiceDefinitionV2Dot2Type: description: The type of service. example: web type: string ServiceDefinitionV2Dot2Version: default: v2.2 description: Schema version being used. enum: - v2.2 example: v2.2 type: string x-enum-varnames: - V2_2 ServiceDefinitionV2Email: description: Service owner's email. properties: contact: description: Contact value. example: contact@datadoghq.com type: string name: description: Contact email. example: Team Email type: string type: $ref: '#/components/schemas/ServiceDefinitionV2EmailType' required: - type - contact type: object ServiceDefinitionV2EmailType: description: Contact type. enum: - email example: email type: string x-enum-varnames: - EMAIL ServiceDefinitionV2Integrations: description: Third party integrations that Datadog supports. properties: opsgenie: $ref: '#/components/schemas/ServiceDefinitionV2Opsgenie' pagerduty: $ref: '#/components/schemas/ServiceDefinitionV2Pagerduty' type: object ServiceDefinitionV2Link: description: Service's external links. properties: name: description: Link name. example: Runbook type: string type: $ref: '#/components/schemas/ServiceDefinitionV2LinkType' url: description: Link URL. example: https://my-runbook type: string required: - name - type - url type: object ServiceDefinitionV2LinkType: description: Link type. enum: - doc - wiki - runbook - url - repo - dashboard - oncall - code - link example: runbook type: string x-enum-varnames: - DOC - WIKI - RUNBOOK - URL - REPO - DASHBOARD - ONCALL - CODE - LINK ServiceDefinitionV2MSTeams: description: Service owner's Microsoft Teams. properties: contact: description: Contact value. example: https://teams.microsoft.com/myteam type: string name: description: Contact Microsoft Teams. example: My team channel type: string type: $ref: '#/components/schemas/ServiceDefinitionV2MSTeamsType' required: - type - contact type: object ServiceDefinitionV2MSTeamsType: description: Contact type. enum: - microsoft-teams example: microsoft-teams type: string x-enum-varnames: - MICROSOFT_TEAMS ServiceDefinitionV2Opsgenie: description: Opsgenie integration for the service. properties: region: $ref: '#/components/schemas/ServiceDefinitionV2OpsgenieRegion' service-url: description: Opsgenie service url. example: >- https://my-org.opsgenie.com/service/123e4567-e89b-12d3-a456-426614174000 type: string required: - service-url type: object ServiceDefinitionV2OpsgenieRegion: description: Opsgenie instance region. enum: - US - EU example: US type: string x-enum-varnames: - US - EU ServiceDefinitionV2Pagerduty: description: PagerDuty service URL for the service. example: https://my-org.pagerduty.com/service-directory/PMyService type: string ServiceDefinitionV2Repo: description: Service code repositories. properties: name: description: Repository name. example: Source Code type: string provider: description: Repository provider. example: GitHub type: string url: description: Repository URL. example: https://github.com/DataDog/schema type: string required: - name - url type: object ServiceDefinitionV2Slack: description: Service owner's Slack channel. properties: contact: description: Slack Channel. example: https://yourcompany.slack.com/archives/channel123 type: string name: description: Contact Slack. example: Team Slack type: string type: $ref: '#/components/schemas/ServiceDefinitionV2SlackType' required: - type - contact type: object ServiceDefinitionV2SlackType: description: Contact type. enum: - slack example: slack type: string x-enum-varnames: - SLACK ServiceDefinitionV2Version: default: v2 description: Schema version being used. enum: - v2 example: v2 type: string x-enum-varnames: - V2 ServiceDefinitionsCreateRequest: description: Create service definitions request. oneOf: - $ref: '#/components/schemas/ServiceDefinitionV2Dot2' - $ref: '#/components/schemas/ServiceDefinitionV2Dot1' - $ref: '#/components/schemas/ServiceDefinitionV2' - $ref: '#/components/schemas/ServiceDefinitionRaw' ServiceDefinitionsListResponse: description: Create service definitions response. properties: data: description: Data representing service definitions. items: $ref: '#/components/schemas/ServiceDefinitionData' type: array type: object ServiceNowTicket: description: ServiceNow ticket attached to case nullable: true properties: result: $ref: '#/components/schemas/ServiceNowTicketResult' status: $ref: '#/components/schemas/Case3rdPartyTicketStatus' readOnly: true type: object ServiceNowTicketResult: description: ServiceNow ticket information properties: sys_target_link: description: Link to the Incident created on ServiceNow type: string example: example_value type: object Shift: description: The definition of `Shift` object. example: data: attributes: end: '2025-05-07T03:53:01.206662873Z' start: '2025-05-07T02:53:01.206662814Z' id: 00000000-0000-0000-0000-000000000000 relationships: user: data: id: 00000000-aba1-0000-0000-000000000000 type: users type: shifts included: - attributes: email: foo@bar.com name: User 1 status: '' id: 00000000-aba1-0000-0000-000000000000 type: users properties: data: $ref: '#/components/schemas/ShiftData' nullable: true included: description: The `Shift` `included`. items: $ref: '#/components/schemas/ShiftIncluded' type: array type: object ShiftData: description: The definition of `ShiftData` object. properties: attributes: $ref: '#/components/schemas/ShiftDataAttributes' id: description: The `ShiftData` `id`. type: string example: abc-123-def relationships: $ref: '#/components/schemas/ShiftDataRelationships' type: $ref: '#/components/schemas/ShiftDataType' required: - type type: object ShiftDataAttributes: description: The definition of `ShiftDataAttributes` object. properties: end: description: The end time of the shift. format: date-time type: string example: example_value start: description: The start time of the shift. format: date-time type: string example: example_value type: object ShiftDataRelationships: description: The definition of `ShiftDataRelationships` object. properties: user: $ref: '#/components/schemas/ShiftDataRelationshipsUser' type: object ShiftDataRelationshipsUser: description: >- Defines the relationship between a shift and the user who is working that shift. properties: data: $ref: '#/components/schemas/ShiftDataRelationshipsUserData' required: - data type: object ShiftDataRelationshipsUserData: description: >- Represents a reference to the user assigned to this shift, containing the user's ID and resource type. properties: id: description: Specifies the unique identifier of the user. example: 00000000-0000-0000-0000-000000000000 type: string type: $ref: '#/components/schemas/ShiftDataRelationshipsUserDataType' required: - type - id type: object ShiftDataRelationshipsUserDataType: default: users description: Indicates that the related resource is of type 'users'. enum: - users example: users type: string x-enum-varnames: - USERS ShiftDataType: default: shifts description: Indicates that the resource is of type 'shifts'. enum: - shifts example: shifts type: string x-enum-varnames: - SHIFTS ShiftIncluded: description: The definition of `ShiftIncluded` object. oneOf: - $ref: '#/components/schemas/ScheduleUser' SingleAggregatedConnectionResponseArray: description: List of aggregated connections. example: data: - attributes: bytes_sent_by_client: 100 bytes_sent_by_server: 200 group_bys: client_team: - networks server_service: - hucklebuck packets_sent_by_client: 10 packets_sent_by_server: 20 rtt_micro_seconds: 800 tcp_closed_connections: 30 tcp_established_connections: 40 tcp_refusals: 7 tcp_resets: 5 tcp_retransmits: 30 tcp_timeouts: 6 id: client_team:networks, server_service:hucklebuck type: aggregated_connection properties: data: description: Array of aggregated connection objects. items: $ref: '#/components/schemas/SingleAggregatedConnectionResponseData' type: array type: object SingleAggregatedConnectionResponseData: description: Object describing an aggregated connection. properties: attributes: $ref: >- #/components/schemas/SingleAggregatedConnectionResponseDataAttributes id: description: >- A unique identifier for the aggregated connection based on the group by values. type: string example: abc-123-def type: $ref: '#/components/schemas/SingleAggregatedConnectionResponseDataType' type: object SingleAggregatedConnectionResponseDataAttributes: description: Attributes for an aggregated connection. properties: bytes_sent_by_client: description: The total number of bytes sent by the client over the given period. format: int64 type: integer example: 42 bytes_sent_by_server: description: The total number of bytes sent by the server over the given period. format: int64 type: integer example: 42 group_bys: additionalProperties: description: The values for each group by. items: type: string type: array description: The key, value pairs for each group by. type: object packets_sent_by_client: description: >- The total number of packets sent by the client over the given period. format: int64 type: integer example: 42 packets_sent_by_server: description: >- The total number of packets sent by the server over the given period. format: int64 type: integer example: 42 rtt_micro_seconds: description: >- Measured as TCP smoothed round trip time in microseconds (the time between a TCP frame being sent and acknowledged). format: int64 type: integer example: 42 tcp_closed_connections: description: >- The number of TCP connections in a closed state. Measured in connections per second from the client. format: int64 type: integer example: 42 tcp_established_connections: description: >- The number of TCP connections in an established state. Measured in connections per second from the client. format: int64 type: integer example: 42 tcp_refusals: description: >- The number of TCP connections that were refused by the server. Typically this indicates an attempt to connect to an IP/port that is not receiving connections, or a firewall/security misconfiguration. format: int64 type: integer example: 42 tcp_resets: description: The number of TCP connections that were reset by the server. format: int64 type: integer example: 42 tcp_retransmits: description: >- TCP Retransmits represent detected failures that are retransmitted to ensure delivery. Measured in count of retransmits from the client. format: int64 type: integer example: 42 tcp_timeouts: description: >- The number of TCP connections that timed out from the perspective of the operating system. This can indicate general connectivity and latency issues. format: int64 type: integer example: 42 type: object SingleAggregatedConnectionResponseDataType: default: aggregated_connection description: Aggregated connection resource type. enum: - aggregated_connection type: string x-enum-varnames: - AGGREGATED_CONNECTION SlackIntegrationMetadata: description: Incident integration metadata for the Slack integration. properties: channels: description: Array of Slack channels in this integration metadata. example: [] items: $ref: '#/components/schemas/SlackIntegrationMetadataChannelItem' type: array required: - channels type: object SlackIntegrationMetadataChannelItem: description: Item in the Slack integration metadata channel array. properties: channel_id: description: Slack channel ID. example: C0123456789 type: string channel_name: description: Name of the Slack channel. example: '#example-channel-name' type: string redirect_url: description: URL redirecting to the Slack channel. example: https://slack.com/app_redirect?channel=C0123456789&team=T01234567 type: string team_id: description: Slack team ID. example: T01234567 type: string required: - channel_id - channel_name - redirect_url type: object SlackTriggerWrapper: description: Schema for a Slack-based trigger. properties: slackTrigger: description: Trigger a workflow from Slack. The workflow must be published. type: object startStepNames: $ref: '#/components/schemas/StartStepNames' required: - slackTrigger type: object SloReportCreateRequest: description: The SLO report request body. properties: data: $ref: '#/components/schemas/SloReportCreateRequestData' required: - data type: object SloReportCreateRequestAttributes: description: The attributes portion of the SLO report request. properties: from_ts: description: The `from` timestamp for the report in epoch seconds. example: 1690901870 format: int64 type: integer interval: $ref: '#/components/schemas/SLOReportInterval' query: description: >- The query string used to filter SLO results. Some examples of queries include `service:` and `slo-name`. example: slo_type:metric type: string timezone: description: >- The timezone used to determine the start and end of each interval. For example, weekly intervals start at 12am on Sunday in the specified timezone. example: America/New_York type: string to_ts: description: The `to` timestamp for the report in epoch seconds. example: 1706803070 format: int64 type: integer required: - query - from_ts - to_ts type: object SloReportCreateRequestData: description: The data portion of the SLO report request. properties: attributes: $ref: '#/components/schemas/SloReportCreateRequestAttributes' required: - attributes type: object SoftwareCatalogTriggerWrapper: description: Schema for a Software Catalog-based trigger. properties: softwareCatalogTrigger: description: Trigger a workflow from Software Catalog. type: object startStepNames: $ref: '#/components/schemas/StartStepNames' required: - softwareCatalogTrigger type: object SortDirection: default: desc description: The direction to sort by. enum: - desc - asc type: string x-enum-varnames: - DESC - ASC Span: description: >- Object description of a spans after being processed and stored by Datadog. properties: attributes: $ref: '#/components/schemas/SpansAttributes' id: description: Unique ID of the Span. example: AAAAAWgN8Xwgr1vKDQAAAABBV2dOOFh3ZzZobm1mWXJFYTR0OA type: string type: $ref: '#/components/schemas/SpansType' type: object SpansAggregateBucket: description: Spans aggregate. properties: attributes: $ref: '#/components/schemas/SpansAggregateBucketAttributes' id: description: ID of the spans aggregate. type: string example: abc-123-def type: $ref: '#/components/schemas/SpansAggregateBucketType' type: object SpansAggregateBucketAttributes: description: A bucket values. properties: by: additionalProperties: description: The values for each group by. description: The key, value pairs for each group by. example: '@state': success '@version': abc type: object compute: description: The compute data. type: object computes: additionalProperties: $ref: '#/components/schemas/SpansAggregateBucketValue' description: >- A map of the metric name -> value for regular compute or list of values for a timeseries. type: object type: object SpansAggregateBucketType: description: The spans aggregate bucket type. enum: - bucket example: bucket type: string x-enum-varnames: - BUCKET SpansAggregateBucketValue: description: A bucket value, can be either a timeseries or a single value. oneOf: - $ref: '#/components/schemas/SpansAggregateBucketValueSingleString' - $ref: '#/components/schemas/SpansAggregateBucketValueSingleNumber' - $ref: '#/components/schemas/SpansAggregateBucketValueTimeseries' SpansAggregateBucketValueSingleNumber: description: A single number value. format: double type: number SpansAggregateBucketValueSingleString: description: A single string value. type: string SpansAggregateBucketValueTimeseries: description: A timeseries array. items: $ref: '#/components/schemas/SpansAggregateBucketValueTimeseriesPoint' type: array x-generate-alias-as-model: true SpansAggregateBucketValueTimeseriesPoint: description: A timeseries point. properties: time: description: The time value for this point. example: '2023-06-08T11:55:00Z' type: string value: description: The value for this point. example: 19 format: double type: number type: object SpansAggregateData: description: The object containing the query content. properties: attributes: $ref: '#/components/schemas/SpansAggregateRequestAttributes' type: $ref: '#/components/schemas/SpansAggregateRequestType' type: object SpansAggregateRequest: description: >- The object sent with the request to retrieve a list of aggregated spans from your organization. properties: data: $ref: '#/components/schemas/SpansAggregateData' type: object SpansAggregateRequestAttributes: description: The object containing all the query parameters. properties: compute: description: >- The list of metrics or timeseries to compute for the retrieved buckets. items: $ref: '#/components/schemas/SpansCompute' type: array filter: $ref: '#/components/schemas/SpansQueryFilter' group_by: description: The rules for the group by. items: $ref: '#/components/schemas/SpansGroupBy' type: array options: $ref: '#/components/schemas/SpansQueryOptions' type: object SpansAggregateRequestType: default: aggregate_request description: The type of resource. The value should always be aggregate_request. enum: - aggregate_request example: aggregate_request type: string x-enum-varnames: - AGGREGATE_REQUEST SpansAggregateResponse: description: The response object for the spans aggregate API endpoint. properties: data: description: The list of matching buckets, one item per bucket. items: $ref: '#/components/schemas/SpansAggregateBucket' type: array meta: $ref: '#/components/schemas/SpansAggregateResponseMetadata' type: object SpansAggregateResponseMetadata: description: The metadata associated with a request. properties: elapsed: description: The time elapsed in milliseconds. example: 132 format: int64 type: integer request_id: description: The identifier of the request. example: MWlFUjVaWGZTTTZPYzM0VXp1OXU2d3xLSVpEMjZKQ0VKUTI0dEYtM3RSOFVR type: string status: $ref: '#/components/schemas/SpansAggregateResponseStatus' warnings: description: >- A list of warnings (non fatal errors) encountered, partial results might be returned if warnings are present in the response. items: $ref: '#/components/schemas/SpansWarning' type: array type: object SpansAggregateResponseStatus: description: The status of the response. enum: - done - timeout example: done type: string x-enum-varnames: - DONE - TIMEOUT SpansAggregateSort: description: A sort rule. example: aggregation: count order: asc properties: aggregation: $ref: '#/components/schemas/SpansAggregationFunction' metric: description: The metric to sort by (only used for `type=measure`). example: '@duration' type: string order: $ref: '#/components/schemas/SpansSortOrder' type: $ref: '#/components/schemas/SpansAggregateSortType' type: object SpansAggregateSortType: default: alphabetical description: The type of sorting algorithm. enum: - alphabetical - measure type: string x-enum-varnames: - ALPHABETICAL - MEASURE SpansAggregationFunction: description: An aggregation function. enum: - count - cardinality - pc75 - pc90 - pc95 - pc98 - pc99 - sum - min - max - avg - median example: pc90 type: string x-enum-varnames: - COUNT - CARDINALITY - PERCENTILE_75 - PERCENTILE_90 - PERCENTILE_95 - PERCENTILE_98 - PERCENTILE_99 - SUM - MIN - MAX - AVG - MEDIAN SpansAttributes: description: JSON object containing all span attributes and their associated values. properties: attributes: additionalProperties: {} description: JSON object of attributes from your span. example: customAttribute: 123 duration: 2345 type: object custom: additionalProperties: {} description: JSON object of custom spans data. type: object end_timestamp: description: End timestamp of your span. example: '2023-01-02T09:42:36.420Z' format: date-time type: string env: description: Name of the environment from where the spans are being sent. example: prod type: string host: description: Name of the machine from where the spans are being sent. example: i-0123 type: string ingestion_reason: description: The reason why the span was ingested. example: rule type: string parent_id: description: Id of the span that's parent of this span. example: '0' type: string resource_hash: description: Unique identifier of the resource. example: a12345678b91c23d type: string resource_name: description: The name of the resource. example: agent type: string retained_by: description: The reason why the span was indexed. example: retention_filter type: string service: description: >- The name of the application or service generating the span events. It is used to switch from APM to Logs, so make sure you define the same value when you use both products. example: agent type: string single_span: description: >- Whether or not the span was collected as a stand-alone span. Always associated to "single_span" ingestion_reason if true. example: true type: boolean span_id: description: Id of the span. example: '1234567890987654321' type: string start_timestamp: description: Start timestamp of your span. example: '2023-01-02T09:42:36.320Z' format: date-time type: string tags: description: Array of tags associated with your span. example: - team:A items: description: Tag associated with your span. type: string type: array trace_id: description: Id of the trace to which the span belongs. example: '1234567890987654321' type: string type: description: The type of the span. example: web type: string type: object SpansCompute: description: A compute rule to compute metrics or timeseries. properties: aggregation: $ref: '#/components/schemas/SpansAggregationFunction' interval: description: |- The time buckets' size (only used for type=timeseries) Defaults to a resolution of 150 points. example: 5m type: string metric: description: The metric to use. example: '@duration' type: string type: $ref: '#/components/schemas/SpansComputeType' required: - aggregation type: object SpansComputeType: default: total description: The type of compute. enum: - timeseries - total type: string x-enum-varnames: - TIMESERIES - TOTAL SpansFilter: description: The spans filter used to index spans. properties: query: description: >- The search query - following the [span search syntax](https://docs.datadoghq.com/tracing/trace_explorer/query_syntax/). example: '@http.status_code:200 service:my-service' type: string type: object SpansFilterCreate: description: The spans filter. Spans matching this filter will be indexed and stored. properties: query: description: >- The search query - following the [span search syntax](https://docs.datadoghq.com/tracing/trace_explorer/query_syntax/). example: '@http.status_code:200 service:my-service' type: string required: - query type: object SpansGroupBy: description: A group by rule. properties: facet: description: The name of the facet to use (required). example: host type: string histogram: $ref: '#/components/schemas/SpansGroupByHistogram' limit: default: 10 description: The maximum buckets to return for this group by. format: int64 type: integer example: 42 missing: $ref: '#/components/schemas/SpansGroupByMissing' sort: $ref: '#/components/schemas/SpansAggregateSort' total: $ref: '#/components/schemas/SpansGroupByTotal' required: - facet type: object SpansGroupByHistogram: description: >- Used to perform a histogram computation (only for measure facets). Note: At most 100 buckets are allowed, the number of buckets is (max - min)/interval. properties: interval: description: The bin size of the histogram buckets. example: 10 format: double type: number max: description: |- The maximum value for the measure used in the histogram (values greater than this one are filtered out). example: 100 format: double type: number min: description: |- The minimum value for the measure used in the histogram (values smaller than this one are filtered out). example: 50 format: double type: number required: - interval - min - max type: object SpansGroupByMissing: description: The value to use for spans that don't have the facet used to group by. oneOf: - $ref: '#/components/schemas/SpansGroupByMissingString' - $ref: '#/components/schemas/SpansGroupByMissingNumber' SpansGroupByMissingNumber: description: The missing value to use if there is a number valued facet. format: double type: number SpansGroupByMissingString: description: The missing value to use if there is string valued facet. type: string SpansGroupByTotal: default: false description: >- A resulting object to put the given computes in over all the matching records. oneOf: - $ref: '#/components/schemas/SpansGroupByTotalBoolean' - $ref: '#/components/schemas/SpansGroupByTotalString' - $ref: '#/components/schemas/SpansGroupByTotalNumber' SpansGroupByTotalBoolean: description: If set to true, creates an additional bucket labeled "$facet_total". type: boolean SpansGroupByTotalNumber: description: A number to use as the key value for the total bucket. format: double type: number SpansGroupByTotalString: description: A string to use as the key value for the total bucket. type: string SpansListRequest: description: The request for a spans list. properties: data: $ref: '#/components/schemas/SpansListRequestData' type: object SpansListRequestAttributes: description: The object containing all the query parameters. properties: filter: $ref: '#/components/schemas/SpansQueryFilter' options: $ref: '#/components/schemas/SpansQueryOptions' page: $ref: '#/components/schemas/SpansListRequestPage' sort: $ref: '#/components/schemas/SpansSort' type: object SpansListRequestData: description: The object containing the query content. properties: attributes: $ref: '#/components/schemas/SpansListRequestAttributes' type: $ref: '#/components/schemas/SpansListRequestType' type: object SpansListRequestPage: description: Paging attributes for listing spans. properties: cursor: description: List following results with a cursor provided in the previous query. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string limit: default: 10 description: Maximum number of spans in the response. example: 25 format: int32 maximum: 1000 type: integer type: object SpansListRequestType: default: search_request description: The type of resource. The value should always be search_request. enum: - search_request example: search_request type: string x-enum-varnames: - SEARCH_REQUEST SpansListResponse: description: >- Response object with all spans matching the request and pagination information. properties: data: description: Array of spans matching the request. items: $ref: '#/components/schemas/Span' type: array links: $ref: '#/components/schemas/SpansListResponseLinks' meta: $ref: '#/components/schemas/SpansListResponseMetadata' type: object SpansListResponseLinks: description: Links attributes. properties: next: description: >- Link for the next set of results. Note that the request can also be made using the POST endpoint. example: >- https://app.datadoghq.com/api/v2/spans/event?filter[query]=foo&page[cursor]=eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string type: object SpansListResponseMetadata: description: The metadata associated with a request. properties: elapsed: description: The time elapsed in milliseconds. example: 132 format: int64 type: integer page: $ref: '#/components/schemas/SpansResponseMetadataPage' request_id: description: The identifier of the request. example: MWlFUjVaWGZTTTZPYzM0VXp1OXU2d3xLSVpEMjZKQ0VKUTI0dEYtM3RSOFVR type: string status: $ref: '#/components/schemas/SpansAggregateResponseStatus' warnings: description: >- A list of warnings (non fatal errors) encountered, partial results might be returned if warnings are present in the response. items: $ref: '#/components/schemas/SpansWarning' type: array type: object SpansMetricCompute: description: The compute rule to compute the span-based metric. properties: aggregation_type: $ref: '#/components/schemas/SpansMetricComputeAggregationType' include_percentiles: $ref: '#/components/schemas/SpansMetricComputeIncludePercentiles' path: description: >- The path to the value the span-based metric will aggregate on (only used if the aggregation type is a "distribution"). example: '@duration' type: string required: - aggregation_type type: object SpansMetricComputeAggregationType: description: The type of aggregation to use. enum: - count - distribution example: distribution type: string x-enum-varnames: - COUNT - DISTRIBUTION SpansMetricComputeIncludePercentiles: description: >- Toggle to include or exclude percentile aggregations for distribution metrics. Only present when the `aggregation_type` is `distribution`. example: false type: boolean SpansMetricCreateAttributes: description: The object describing the Datadog span-based metric to create. properties: compute: $ref: '#/components/schemas/SpansMetricCompute' filter: $ref: '#/components/schemas/SpansMetricFilter' group_by: description: The rules for the group by. items: $ref: '#/components/schemas/SpansMetricGroupBy' type: array required: - compute type: object SpansMetricCreateData: description: The new span-based metric properties. properties: attributes: $ref: '#/components/schemas/SpansMetricCreateAttributes' id: $ref: '#/components/schemas/SpansMetricID' type: $ref: '#/components/schemas/SpansMetricType' required: - id - type - attributes type: object SpansMetricCreateRequest: description: The new span-based metric body. properties: data: $ref: '#/components/schemas/SpansMetricCreateData' required: - data type: object SpansMetricFilter: description: >- The span-based metric filter. Spans matching this filter will be aggregated in this metric. properties: query: default: '*' description: The search query - following the span search syntax. example: '@http.status_code:200 service:my-service' type: string type: object SpansMetricGroupBy: description: A group by rule. properties: path: description: The path to the value the span-based metric will be aggregated over. example: resource_name type: string tag_name: description: >- Eventual name of the tag that gets created. By default, the path attribute is used as the tag name. example: resource_name type: string required: - path type: object SpansMetricID: description: The name of the span-based metric. example: my.metric type: string SpansMetricResponse: description: The span-based metric object. properties: data: $ref: '#/components/schemas/SpansMetricResponseData' type: object SpansMetricResponseAttributes: description: The object describing a Datadog span-based metric. properties: compute: $ref: '#/components/schemas/SpansMetricResponseCompute' filter: $ref: '#/components/schemas/SpansMetricResponseFilter' group_by: description: The rules for the group by. items: $ref: '#/components/schemas/SpansMetricResponseGroupBy' type: array type: object SpansMetricResponseCompute: description: The compute rule to compute the span-based metric. properties: aggregation_type: $ref: '#/components/schemas/SpansMetricComputeAggregationType' include_percentiles: $ref: '#/components/schemas/SpansMetricComputeIncludePercentiles' path: description: >- The path to the value the span-based metric will aggregate on (only used if the aggregation type is a "distribution"). example: '@duration' type: string type: object SpansMetricResponseData: description: The span-based metric properties. properties: attributes: $ref: '#/components/schemas/SpansMetricResponseAttributes' id: $ref: '#/components/schemas/SpansMetricID' type: $ref: '#/components/schemas/SpansMetricType' type: object SpansMetricResponseFilter: description: >- The span-based metric filter. Spans matching this filter will be aggregated in this metric. properties: query: description: The search query - following the span search syntax. example: '@http.status_code:200 service:my-service' type: string type: object SpansMetricResponseGroupBy: description: A group by rule. properties: path: description: The path to the value the span-based metric will be aggregated over. example: resource_name type: string tag_name: description: >- Eventual name of the tag that gets created. By default, the path attribute is used as the tag name. example: resource_name type: string type: object SpansMetricType: default: spans_metrics description: The type of resource. The value should always be spans_metrics. enum: - spans_metrics example: spans_metrics type: string x-enum-varnames: - SPANS_METRICS SpansMetricUpdateAttributes: description: The span-based metric properties that will be updated. properties: compute: $ref: '#/components/schemas/SpansMetricUpdateCompute' filter: $ref: '#/components/schemas/SpansMetricFilter' group_by: description: The rules for the group by. items: $ref: '#/components/schemas/SpansMetricGroupBy' type: array type: object SpansMetricUpdateCompute: description: The compute rule to compute the span-based metric. properties: include_percentiles: $ref: '#/components/schemas/SpansMetricComputeIncludePercentiles' type: object SpansMetricUpdateData: description: The new span-based metric properties. properties: attributes: $ref: '#/components/schemas/SpansMetricUpdateAttributes' type: $ref: '#/components/schemas/SpansMetricType' required: - type - attributes type: object SpansMetricUpdateRequest: description: The new span-based metric body. properties: data: $ref: '#/components/schemas/SpansMetricUpdateData' required: - data type: object SpansMetricsResponse: description: All the available span-based metric objects. properties: data: description: A list of span-based metric objects. items: $ref: '#/components/schemas/SpansMetricResponseData' type: array type: object SpansQueryFilter: description: The search and filter query settings. properties: from: default: now-15m description: >- The minimum time for the requested spans, supports date-time ISO8601, date math, and regular timestamps (milliseconds). example: now-15m type: string query: default: '*' description: The search query - following the span search syntax. example: service:web* AND @http.status_code:[200 TO 299] type: string to: default: now description: >- The maximum time for the requested spans, supports date-time ISO8601, date math, and regular timestamps (milliseconds). example: now type: string type: object SpansQueryOptions: description: >- Global query options that are used during the query. Note: You should only supply timezone or time offset but not both otherwise the query will fail. properties: timeOffset: description: The time offset (in seconds) to apply to the query. format: int64 type: integer example: 42 timezone: default: UTC description: >- The timezone can be specified as GMT, UTC, an offset from UTC (like UTC+1), or as a Timezone Database identifier (like America/New_York). example: GMT type: string type: object SpansResponseMetadataPage: description: Paging attributes. properties: after: description: >- The cursor to use to get the next results, if any. To make the next request, use the same parameters with the addition of the `page[cursor]`. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string type: object SpansSort: description: Sort parameters when querying spans. enum: - timestamp - '-timestamp' type: string x-enum-varnames: - TIMESTAMP_ASCENDING - TIMESTAMP_DESCENDING SpansSortOrder: description: The order to use, ascending or descending. enum: - asc - desc example: asc type: string x-enum-varnames: - ASCENDING - DESCENDING SpansType: default: spans description: Type of the span. enum: - spans example: spans type: string x-enum-varnames: - SPANS SpansWarning: description: A warning message indicating something that went wrong with the query. properties: code: description: A unique code for this type of warning. example: unknown_index type: string detail: description: A detailed explanation of this specific warning. example: 'indexes: foo, bar' type: string title: description: A short human-readable summary of the warning. example: >- One or several indexes are missing or invalid, results hold data from the other indexes type: string type: object Spec: description: The spec defines what the workflow does. properties: annotations: description: >- A list of annotations used in the workflow. These are like sticky notes for your workflow! items: $ref: '#/components/schemas/Annotation' type: array connectionEnvs: description: A list of connections or connection groups used in the workflow. items: $ref: '#/components/schemas/ConnectionEnv' type: array handle: description: >- Unique identifier used to trigger workflows automatically in Datadog. type: string example: example_value inputSchema: $ref: '#/components/schemas/InputSchema' outputSchema: $ref: '#/components/schemas/OutputSchema' steps: description: >- A `Step` is a sub-component of a workflow. Each `Step` performs an action. items: $ref: '#/components/schemas/Step' type: array triggers: description: >- The list of triggers that activate this workflow. At least one trigger is required, and each trigger type may appear at most once. items: $ref: '#/components/schemas/Trigger' type: array type: object SpecVersion: description: The version of the CycloneDX specification a BOM conforms to. enum: - '1.0' - '1.1' - '1.2' - '1.3' - '1.4' - '1.5' example: '1.5' type: string x-enum-varnames: - ONE_ZERO - ONE_ONE - ONE_TWO - ONE_THREE - ONE_FOUR - ONE_FIVE StartStepNames: description: A list of steps that run first after a trigger fires. example: - '' items: description: The `StartStepNames` `items`. type: string type: array State: description: The state of the rule evaluation. enum: - pass - fail - skip example: pass type: string x-enum-varnames: - PASS - FAIL - SKIP StateVariable: description: A variable, which can be set and read by other components in the app. properties: id: description: The ID of the state variable. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 format: uuid type: string name: description: >- A unique identifier for this state variable. This name is also used to access the variable's value throughout the app. example: ordersToSubmit type: string properties: $ref: '#/components/schemas/StateVariableProperties' type: $ref: '#/components/schemas/StateVariableType' required: - id - name - type - properties type: object StateVariableProperties: description: The properties of the state variable. properties: defaultValue: description: The default value of the state variable. example: ${['order_3145', 'order_4920']} type: object StateVariableType: default: stateVariable description: The state variable type. enum: - stateVariable example: stateVariable type: string x-enum-varnames: - STATEVARIABLE Step: description: A Step is a sub-component of a workflow. Each Step performs an action. properties: actionId: description: The unique identifier of an action. example: '' type: string completionGate: $ref: '#/components/schemas/CompletionGate' connectionLabel: description: The unique identifier of a connection defined in the spec. type: string example: example_value display: $ref: '#/components/schemas/StepDisplay' errorHandlers: description: The `Step` `errorHandlers`. items: $ref: '#/components/schemas/ErrorHandler' type: array name: description: Name of the step. example: '' type: string outboundEdges: description: A list of subsequent actions to run. items: $ref: '#/components/schemas/OutboundEdge' type: array parameters: description: A list of inputs for an action. items: $ref: '#/components/schemas/Parameter' type: array readinessGate: $ref: '#/components/schemas/ReadinessGate' required: - name - actionId type: object StepDisplay: description: The definition of `StepDisplay` object. properties: bounds: $ref: '#/components/schemas/StepDisplayBounds' type: object StepDisplayBounds: description: The definition of `StepDisplayBounds` object. properties: x: description: The `bounds` `x`. format: double type: number example: 95.5 'y': description: The `bounds` `y`. format: double type: number example: 95.5 type: object TagFilter: description: Tag filter for the budget's entries. properties: tag_key: description: The key of the tag. example: service type: string tag_value: description: The value of the tag. example: ec2 type: string type: object TagsEventAttribute: description: Array of tags associated with your event. example: - team:A items: description: Tag associated with your event. type: string type: array Targets: description: >- List of recipients to notify when a notification rule is triggered. Many different target types are supported, such as email addresses, Slack channels, and PagerDuty services. The appropriate integrations need to be properly configured to send notifications to the specified targets. example: - '@john.doe@email.com' items: description: Recipients to notify. type: string type: array Team: description: A team properties: attributes: $ref: '#/components/schemas/TeamAttributes' id: description: The team's identifier example: aeadc05e-98a8-11ec-ac2c-da7ad0900001 type: string relationships: $ref: '#/components/schemas/TeamRelationships' type: $ref: '#/components/schemas/TeamType' required: - attributes - id - type type: object x-merge-override: required: false TeamAttributes: description: Team attributes properties: avatar: description: >- Unicode representation of the avatar for the team, limited to a single grapheme example: 🥑 nullable: true type: string banner: description: Banner selection for the team format: int64 nullable: true type: integer example: 42 created_at: description: Creation date of the team format: date-time type: string example: example_value description: description: Free-form markdown description/content for the team's homepage nullable: true type: string example: example_value handle: description: The team's identifier example: example-team maxLength: 195 type: string hidden_modules: description: Collection of hidden modules for the team items: description: String identifier of the module type: string type: array link_count: description: The number of links belonging to the team format: int32 maximum: 2147483647 readOnly: true type: integer example: 42 modified_at: description: Modification date of the team format: date-time type: string example: example_value name: description: The name of the team example: Example Team maxLength: 200 type: string summary: description: A brief summary of the team, derived from the `description` maxLength: 120 nullable: true type: string example: example_value user_count: description: The number of users belonging to the team format: int32 maximum: 2147483647 readOnly: true type: integer example: 42 visible_modules: description: Collection of visible modules for the team items: description: String identifier of the module type: string type: array required: - handle - name type: object TeamCreate: description: Team create properties: attributes: $ref: '#/components/schemas/TeamCreateAttributes' relationships: $ref: '#/components/schemas/TeamCreateRelationships' type: $ref: '#/components/schemas/TeamType' required: - attributes - type type: object TeamCreateAttributes: description: Team creation attributes properties: avatar: description: >- Unicode representation of the avatar for the team, limited to a single grapheme example: 🥑 nullable: true type: string banner: description: Banner selection for the team format: int64 nullable: true type: integer example: 42 description: description: Free-form markdown description/content for the team's homepage type: string example: example_value handle: description: The team's identifier example: example-team maxLength: 195 type: string hidden_modules: description: Collection of hidden modules for the team items: description: String identifier of the module type: string type: array name: description: The name of the team example: Example Team maxLength: 200 type: string visible_modules: description: Collection of visible modules for the team items: description: String identifier of the module type: string type: array required: - handle - name type: object TeamCreateRelationships: description: Relationships formed with the team on creation properties: users: $ref: '#/components/schemas/RelationshipToUsers' type: object TeamCreateRequest: description: Request to create a team properties: data: $ref: '#/components/schemas/TeamCreate' required: - data type: object TeamIncluded: description: Included resources related to the team oneOf: - $ref: '#/components/schemas/User' - $ref: '#/components/schemas/TeamLink' - $ref: '#/components/schemas/UserTeamPermission' TeamLink: description: Team link properties: attributes: $ref: '#/components/schemas/TeamLinkAttributes' id: description: The team link's identifier example: b8626d7e-cedd-11eb-abf5-da7ad0900001 type: string type: $ref: '#/components/schemas/TeamLinkType' required: - attributes - id - type type: object x-merge-override: required: false TeamLinkAttributes: description: Team link attributes properties: label: description: The link's label example: Link label maxLength: 256 type: string position: description: The link's position, used to sort links for the team format: int32 maximum: 2147483647 type: integer example: 42 team_id: description: ID of the team the link is associated with readOnly: true type: string example: abc-123-def url: description: The URL for the link example: https://example.com type: string required: - label - url type: object TeamLinkCreate: description: Team link create properties: attributes: $ref: '#/components/schemas/TeamLinkAttributes' type: $ref: '#/components/schemas/TeamLinkType' required: - attributes - type type: object TeamLinkCreateRequest: description: Team link create request properties: data: $ref: '#/components/schemas/TeamLinkCreate' required: - data type: object TeamLinkResponse: description: Team link response properties: data: $ref: '#/components/schemas/TeamLink' type: object TeamLinkType: default: team_links description: Team link type enum: - team_links example: team_links type: string x-enum-varnames: - TEAM_LINKS TeamLinksResponse: description: Team links response properties: data: description: Team links response data items: $ref: '#/components/schemas/TeamLink' type: array type: object TeamOnCallResponders: description: Root object representing a team's on-call responder configuration. example: data: id: 111ee23r-aaaaa-aaaa-aaww-1234wertsd23 relationships: escalations: data: - id: 111ee23r-aaaaa-aaaa-aaww-1234wertsd23 type: escalation_policy_steps responders: data: - id: 111ee23r-aaaaa-aaaa-aaww-1234wertsd23 type: users type: team_oncall_responders included: - attributes: email: test@test.com name: Test User status: active id: 111ee23r-aaaaa-aaaa-aaww-1234wertsd23 type: users - id: 111ee23r-aaaaa-aaaa-aaww-1234wertsd23 relationships: responders: data: - id: 111ee23r-aaaaa-aaaa-aaww-1234wertsd23 type: users type: escalation_policy_steps properties: data: $ref: '#/components/schemas/TeamOnCallRespondersData' included: description: The `TeamOnCallResponders` `included`. items: $ref: '#/components/schemas/TeamOnCallRespondersIncluded' type: array type: object TeamOnCallRespondersData: description: >- Defines the main on-call responder object for a team, including relationships and metadata. properties: id: description: Unique identifier of the on-call responder configuration. type: string example: abc-123-def relationships: $ref: '#/components/schemas/TeamOnCallRespondersDataRelationships' type: $ref: '#/components/schemas/TeamOnCallRespondersDataType' required: - type type: object TeamOnCallRespondersDataRelationships: description: >- Relationship objects linked to a team's on-call responder configuration, including escalations and responders. properties: escalations: $ref: >- #/components/schemas/TeamOnCallRespondersDataRelationshipsEscalations responders: $ref: '#/components/schemas/TeamOnCallRespondersDataRelationshipsResponders' type: object TeamOnCallRespondersDataRelationshipsEscalations: description: >- Defines the escalation policy steps linked to the team's on-call configuration. properties: data: description: Array of escalation step references. items: $ref: >- #/components/schemas/TeamOnCallRespondersDataRelationshipsEscalationsDataItems type: array type: object TeamOnCallRespondersDataRelationshipsEscalationsDataItems: description: >- Represents a link to a specific escalation policy step associated with the on-call team. properties: id: description: Unique identifier of the escalation step. example: '' type: string type: $ref: >- #/components/schemas/TeamOnCallRespondersDataRelationshipsEscalationsDataItemsType required: - type - id type: object TeamOnCallRespondersDataRelationshipsEscalationsDataItemsType: default: escalation_policy_steps description: >- Identifies the resource type for escalation policy steps linked to a team's on-call configuration. enum: - escalation_policy_steps example: escalation_policy_steps type: string x-enum-varnames: - ESCALATION_POLICY_STEPS TeamOnCallRespondersDataRelationshipsResponders: description: Defines the list of users assigned as on-call responders for the team. properties: data: description: Array of user references associated as responders. items: $ref: >- #/components/schemas/TeamOnCallRespondersDataRelationshipsRespondersDataItems type: array type: object TeamOnCallRespondersDataRelationshipsRespondersDataItems: description: Represents a user responder associated with the on-call team. properties: id: description: Unique identifier of the responder. example: '' type: string type: $ref: >- #/components/schemas/TeamOnCallRespondersDataRelationshipsRespondersDataItemsType required: - type - id type: object TeamOnCallRespondersDataRelationshipsRespondersDataItemsType: default: users description: >- Identifies the resource type for individual user entities associated with on-call response. enum: - users example: users type: string x-enum-varnames: - USERS TeamOnCallRespondersDataType: default: team_oncall_responders description: >- Represents the resource type for a group of users assigned to handle on-call duties within a team. enum: - team_oncall_responders example: team_oncall_responders type: string x-enum-varnames: - TEAM_ONCALL_RESPONDERS TeamOnCallRespondersIncluded: description: >- Represents an union of related resources included in the response, such as users and escalation steps. oneOf: - $ref: '#/components/schemas/User' - $ref: '#/components/schemas/Escalation' TeamPermissionSetting: description: Team permission setting properties: attributes: $ref: '#/components/schemas/TeamPermissionSettingAttributes' id: description: The team permission setting's identifier example: TeamPermission-aeadc05e-98a8-11ec-ac2c-da7ad0900001-edit type: string type: $ref: '#/components/schemas/TeamPermissionSettingType' required: - id - type type: object x-merge-override: required: false TeamPermissionSettingAttributes: description: Team permission setting attributes properties: action: $ref: '#/components/schemas/TeamPermissionSettingSerializerAction' editable: description: >- Whether or not the permission setting is editable by the current user readOnly: true type: boolean example: true options: $ref: '#/components/schemas/TeamPermissionSettingValues' title: description: The team permission name readOnly: true type: string example: Example Monitor value: $ref: '#/components/schemas/TeamPermissionSettingValue' type: object TeamPermissionSettingResponse: description: Team permission setting response properties: data: $ref: '#/components/schemas/TeamPermissionSetting' type: object TeamPermissionSettingSerializerAction: description: The identifier for the action enum: - manage_membership - edit readOnly: true type: string x-enum-varnames: - MANAGE_MEMBERSHIP - EDIT TeamPermissionSettingType: default: team_permission_settings description: Team permission setting type enum: - team_permission_settings example: team_permission_settings type: string x-enum-varnames: - TEAM_PERMISSION_SETTINGS TeamPermissionSettingUpdate: description: Team permission setting update properties: attributes: $ref: '#/components/schemas/TeamPermissionSettingUpdateAttributes' type: $ref: '#/components/schemas/TeamPermissionSettingType' required: - type type: object TeamPermissionSettingUpdateAttributes: description: Team permission setting update attributes properties: value: $ref: '#/components/schemas/TeamPermissionSettingValue' type: object TeamPermissionSettingUpdateRequest: description: Team permission setting update request properties: data: $ref: '#/components/schemas/TeamPermissionSettingUpdate' required: - data type: object TeamPermissionSettingValue: description: What type of user is allowed to perform the specified action enum: - admins - members - organization - user_access_manage - teams_manage type: string x-enum-varnames: - ADMINS - MEMBERS - ORGANIZATION - USER_ACCESS_MANAGE - TEAMS_MANAGE TeamPermissionSettingValues: description: Possible values for action items: $ref: '#/components/schemas/TeamPermissionSettingValue' readOnly: true type: array TeamPermissionSettingsResponse: description: Team permission settings response properties: data: description: Team permission settings response data items: $ref: '#/components/schemas/TeamPermissionSetting' type: array type: object TeamReference: description: >- Provides a reference to a team, including ID, type, and basic attributes/relationships. properties: attributes: $ref: '#/components/schemas/TeamReferenceAttributes' id: description: The team's unique identifier. type: string example: abc-123-def type: $ref: '#/components/schemas/TeamReferenceType' required: - type type: object TeamReferenceAttributes: description: >- Encapsulates the basic attributes of a Team reference, such as name, handle, and an optional avatar or description. properties: avatar: description: URL or reference for the team's avatar (if available). type: string example: example_value description: description: A short text describing the team. type: string example: example_value handle: description: A unique handle/slug for the team. type: string example: example_value name: description: The full, human-readable name of the team. type: string example: Example Monitor type: object TeamReferenceType: default: teams description: Teams resource type. enum: - teams example: teams type: string x-enum-varnames: - TEAMS TeamRelationships: description: Resources related to a team properties: team_links: $ref: '#/components/schemas/RelationshipToTeamLinks' user_team_permissions: $ref: '#/components/schemas/RelationshipToUserTeamPermission' type: object TeamRelationshipsLinks: description: Links attributes. properties: related: description: Related link. example: /api/v2/team/c75a4a8e-20c7-11ee-a3a5-da7ad0900002/links type: string type: object TeamResponse: description: Response with a team properties: data: $ref: '#/components/schemas/Team' type: object TeamRoutingRules: description: >- Represents a complete set of team routing rules, including data and optionally included related resources. example: data: id: 27590dae-47be-4a7d-9abf-8f4e45124020 relationships: rules: data: - id: 03aff2d6-6cbf-496c-997f-a857bbe9a94a type: team_routing_rules - id: 03aff2d6-6cbf-496c-997f-a857bbe9a94a type: team_routing_rules type: team_routing_rules included: - attributes: actions: query: tags.service:test time_restriction: restrictions: - end_day: monday end_time: '17:00:00' start_day: monday start_time: '09:00:00' - end_day: tuesday end_time: '17:00:00' start_day: tuesday start_time: '09:00:00' time_zone: '' urgency: high id: 03aff2d6-6cbf-496c-997f-a857bbe9a94a relationships: policy: data: type: team_routing_rules properties: data: $ref: '#/components/schemas/TeamRoutingRulesData' included: description: Provides related routing rules or other included resources. items: $ref: '#/components/schemas/TeamRoutingRulesIncluded' type: array type: object TeamRoutingRulesData: description: >- Represents the top-level data object for team routing rules, containing the ID, relationships, and resource type. properties: id: description: Specifies the unique identifier of this team routing rules record. type: string example: abc-123-def relationships: $ref: '#/components/schemas/TeamRoutingRulesDataRelationships' type: $ref: '#/components/schemas/TeamRoutingRulesDataType' required: - type type: object TeamRoutingRulesDataRelationships: description: >- Specifies relationships for team routing rules, including rule references. properties: rules: $ref: '#/components/schemas/TeamRoutingRulesDataRelationshipsRules' type: object TeamRoutingRulesDataRelationshipsRules: description: Holds references to a set of routing rules in a relationship. properties: data: description: >- An array of references to the routing rules associated with this team. items: $ref: >- #/components/schemas/TeamRoutingRulesDataRelationshipsRulesDataItems type: array type: object TeamRoutingRulesDataRelationshipsRulesDataItems: description: Defines a relationship item to link a routing rule by its ID and type. properties: id: description: Specifies the unique identifier for the related routing rule. example: '' type: string type: $ref: >- #/components/schemas/TeamRoutingRulesDataRelationshipsRulesDataItemsType required: - type - id type: object TeamRoutingRulesDataRelationshipsRulesDataItemsType: default: team_routing_rules description: Indicates that the resource is of type 'team_routing_rules'. enum: - team_routing_rules example: team_routing_rules type: string x-enum-varnames: - TEAM_ROUTING_RULES TeamRoutingRulesDataType: default: team_routing_rules description: Team routing rules resource type. enum: - team_routing_rules example: team_routing_rules type: string x-enum-varnames: - TEAM_ROUTING_RULES TeamRoutingRulesIncluded: description: >- Represents additional included resources for team routing rules, such as associated routing rules. oneOf: - $ref: '#/components/schemas/RoutingRule' TeamRoutingRulesRequest: description: >- Represents a request to create or update team routing rules, including the data payload. example: data: attributes: rules: - actions: policy_id: '' query: tags.service:test time_restriction: restrictions: - end_day: monday end_time: '17:00:00' start_day: monday start_time: '09:00:00' - end_day: tuesday end_time: '17:00:00' start_day: tuesday start_time: '09:00:00' time_zone: '' urgency: high - actions: - channel: channel type: send_slack_message workspace: workspace policy_id: fad4eee1-13f5-40d8-886b-4e56d8d5d1c6 query: '' time_restriction: urgency: low id: 27590dae-47be-4a7d-9abf-8f4e45124020 type: team_routing_rules properties: data: $ref: '#/components/schemas/TeamRoutingRulesRequestData' type: object TeamRoutingRulesRequestData: description: >- Holds the data necessary to create or update team routing rules, including attributes, ID, and resource type. properties: attributes: $ref: '#/components/schemas/TeamRoutingRulesRequestDataAttributes' id: description: Specifies the unique identifier for this set of team routing rules. type: string example: abc-123-def type: $ref: '#/components/schemas/TeamRoutingRulesRequestDataType' required: - type type: object TeamRoutingRulesRequestDataAttributes: description: >- Represents the attributes of a request to update or create team routing rules. properties: rules: description: >- A list of routing rule items that define how incoming pages should be handled. items: $ref: '#/components/schemas/TeamRoutingRulesRequestRule' type: array type: object TeamRoutingRulesRequestDataType: default: team_routing_rules description: Team routing rules resource type. enum: - team_routing_rules example: team_routing_rules type: string x-enum-varnames: - TEAM_ROUTING_RULES TeamRoutingRulesRequestRule: description: >- Defines an individual routing rule item that contains the rule data for the request. properties: actions: description: >- Specifies the list of actions to perform when the routing rule is matched. items: $ref: '#/components/schemas/RoutingRuleAction' type: array policy_id: description: Identifies the policy to be applied when this routing rule matches. type: string example: abc-123-def query: description: Defines the query or condition that triggers this routing rule. type: string example: avg:system.cpu.user{*} time_restriction: $ref: '#/components/schemas/TimeRestrictions' urgency: $ref: '#/components/schemas/Urgency' type: object TeamTarget: description: >- Represents a team target for an escalation policy step, including the team's ID and resource type. properties: id: description: Specifies the unique identifier of the team resource. example: 00000000-aba1-0000-0000-000000000000 type: string type: $ref: '#/components/schemas/TeamTargetType' required: - type - id type: object TeamTargetType: default: teams description: Indicates that the resource is of type `teams`. enum: - teams example: teams type: string x-enum-varnames: - TEAMS TeamType: default: team description: Team type enum: - team example: team type: string x-enum-varnames: - TEAM TeamUpdate: description: Team update request properties: attributes: $ref: '#/components/schemas/TeamUpdateAttributes' relationships: $ref: '#/components/schemas/TeamUpdateRelationships' type: $ref: '#/components/schemas/TeamType' required: - attributes - type type: object TeamUpdateAttributes: description: Team update attributes properties: avatar: description: >- Unicode representation of the avatar for the team, limited to a single grapheme example: 🥑 nullable: true type: string banner: description: Banner selection for the team format: int64 nullable: true type: integer example: 42 description: description: Free-form markdown description/content for the team's homepage type: string example: example_value handle: description: The team's identifier example: example-team maxLength: 195 type: string hidden_modules: description: Collection of hidden modules for the team items: description: String identifier of the module type: string type: array name: description: The name of the team example: Example Team maxLength: 200 type: string visible_modules: description: Collection of visible modules for the team items: description: String identifier of the module type: string type: array required: - handle - name type: object TeamUpdateRelationships: description: Team update relationships properties: team_links: $ref: '#/components/schemas/RelationshipToTeamLinks' type: object TeamUpdateRequest: description: Team update request properties: data: $ref: '#/components/schemas/TeamUpdate' required: - data type: object TeamsField: description: Supported teams field. enum: - id - name - handle - summary - description - avatar - banner - visible_modules - hidden_modules - created_at - modified_at - user_count - link_count - team_links - user_team_permissions type: string x-enum-varnames: - ID - NAME - HANDLE - SUMMARY - DESCRIPTION - AVATAR - BANNER - VISIBLE_MODULES - HIDDEN_MODULES - CREATED_AT - MODIFIED_AT - USER_COUNT - LINK_COUNT - TEAM_LINKS - USER_TEAM_PERMISSIONS TeamsResponse: description: Response with multiple teams properties: data: description: Teams response data items: $ref: '#/components/schemas/Team' type: array included: description: Resources related to the team items: $ref: '#/components/schemas/TeamIncluded' type: array links: $ref: '#/components/schemas/TeamsResponseLinks' meta: $ref: '#/components/schemas/TeamsResponseMeta' type: object TeamsResponseLinks: description: Teams response links. properties: first: description: First link. type: string example: example_value last: description: Last link. nullable: true type: string example: example_value next: description: Next link. type: string example: example_value prev: description: Previous link. nullable: true type: string example: example_value self: description: Current link. type: string example: example_value type: object TeamsResponseMeta: description: Teams response metadata. properties: pagination: $ref: '#/components/schemas/TeamsResponseMetaPagination' type: object TeamsResponseMetaPagination: description: Teams response metadata. properties: first_offset: description: The first offset. format: int64 type: integer example: 42 last_offset: description: The last offset. format: int64 type: integer example: 42 limit: description: Pagination limit. format: int64 type: integer example: 42 next_offset: description: The next offset. format: int64 type: integer example: 42 offset: description: The offset. format: int64 type: integer example: 42 prev_offset: description: The previous offset. format: int64 type: integer example: 42 total: description: Total results. format: int64 type: integer example: 42 type: description: Offset type. type: string example: metric alert type: object TimeAggregation: description: >- Time aggregation period (in seconds) is used to aggregate the results of the notification rule evaluation. Results are aggregated over a selected time frame using a rolling window, which updates with each new evaluation. Notifications are only sent for new issues discovered during the window. Time aggregation is only available for vulnerability-based notification rules. When omitted or set to 0, no aggregation is done. example: 86400 format: int64 type: integer TimeRestriction: description: >- Defines a single time restriction rule with start and end times and the applicable weekdays. properties: end_day: $ref: '#/components/schemas/Weekday' end_time: description: Specifies the ending time for this restriction. type: string example: '2026-04-17T12:00:00Z' start_day: $ref: '#/components/schemas/Weekday' start_time: description: Specifies the starting time for this restriction. type: string example: '2026-04-17T12:00:00Z' type: object TimeRestrictions: description: >- Holds time zone information and a list of time restrictions for a routing rule. properties: restrictions: description: Defines the list of time-based restrictions. items: $ref: '#/components/schemas/TimeRestriction' type: array time_zone: description: Specifies the time zone applicable to the restrictions. example: '' type: string required: - time_zone - restrictions type: object TimeseriesFormulaQueryRequest: description: A request wrapper around a single timeseries query to be executed. properties: data: $ref: '#/components/schemas/TimeseriesFormulaRequest' required: - data type: object TimeseriesFormulaQueryResponse: description: >- A message containing one response to a timeseries query made with timeseries formula query request. properties: data: $ref: '#/components/schemas/TimeseriesResponse' errors: description: The error generated by the request. type: string example: example_value type: object TimeseriesFormulaRequest: description: A single timeseries query to be executed. properties: attributes: $ref: '#/components/schemas/TimeseriesFormulaRequestAttributes' type: $ref: '#/components/schemas/TimeseriesFormulaRequestType' required: - type - attributes type: object TimeseriesFormulaRequestAttributes: description: The object describing a timeseries formula request. properties: formulas: description: List of formulas to be calculated and returned as responses. items: $ref: '#/components/schemas/QueryFormula' type: array from: description: >- Start date (inclusive) of the query in milliseconds since the Unix epoch. example: 1568899800000 format: int64 type: integer interval: description: |- A time interval in milliseconds. May be overridden by a larger interval if the query would result in too many points for the specified timeframe. Defaults to a reasonable interval for the given timeframe. example: 5000 format: int64 type: integer queries: $ref: '#/components/schemas/TimeseriesFormulaRequestQueries' to: description: >- End date (exclusive) of the query in milliseconds since the Unix epoch. example: 1568923200000 format: int64 type: integer required: - to - from - queries type: object TimeseriesFormulaRequestQueries: description: List of queries to be run and used as inputs to the formulas. example: - data_source: metrics query: avg:system.cpu.user{*} by {env} items: $ref: '#/components/schemas/TimeseriesQuery' type: array TimeseriesFormulaRequestType: default: timeseries_request description: The type of the resource. The value should always be timeseries_request. enum: - timeseries_request example: timeseries_request type: string x-enum-varnames: - TIMESERIES_REQUEST TimeseriesFormulaResponseType: default: timeseries_response description: >- The type of the resource. The value should always be timeseries_response. enum: - timeseries_response example: timeseries_response type: string x-enum-varnames: - TIMESERIES_RESPONSE TimeseriesQuery: description: An individual timeseries query to one of the basic Datadog data sources. example: data_source: metrics query: avg:system.cpu.user{*} by {env} oneOf: - $ref: '#/components/schemas/MetricsTimeseriesQuery' - $ref: '#/components/schemas/EventsTimeseriesQuery' TimeseriesResponse: description: A message containing the response to a timeseries query. properties: attributes: $ref: '#/components/schemas/TimeseriesResponseAttributes' type: $ref: '#/components/schemas/TimeseriesFormulaResponseType' type: object TimeseriesResponseAttributes: description: The object describing a timeseries response. properties: series: $ref: '#/components/schemas/TimeseriesResponseSeriesList' times: $ref: '#/components/schemas/TimeseriesResponseTimes' values: $ref: '#/components/schemas/TimeseriesResponseValuesList' type: object TimeseriesResponseSeries: description: '' properties: group_tags: $ref: '#/components/schemas/GroupTags' query_index: description: >- The index of the query in the "formulas" array (or "queries" array if no "formulas" was specified). example: 0 format: int32 maximum: 2147483647 type: integer unit: description: >- Detailed information about the unit. The first element describes the "primary unit" (for example, `bytes` in `bytes per second`). The second element describes the "per unit" (for example, `second` in `bytes per second`). If the second element is not present, the API returns null. items: $ref: '#/components/schemas/Unit' nullable: true type: array type: object TimeseriesResponseSeriesList: description: >- Array of response series. The index here corresponds to the index in the `formulas` or `queries` array from the request. items: $ref: '#/components/schemas/TimeseriesResponseSeries' type: array TimeseriesResponseTimes: description: Array of times, 1-1 match with individual values arrays. items: description: Start date (inclusive) of the query in seconds since the Unix epoch. example: 1568899800000 format: int64 type: integer type: array TimeseriesResponseValues: description: Array of values for an individual formula or query. example: - 1575317847 - 0.5 items: description: An individual value for a given time. format: double nullable: true type: number type: array TimeseriesResponseValuesList: description: >- Array of value-arrays. The index here corresponds to the index in the `formulas` or `queries` array from the request. items: $ref: '#/components/schemas/TimeseriesResponseValues' type: array TokenName: description: Name for tokens. example: MyTokenName pattern: ^[A-Za-z][A-Za-z\\d]*$ type: string TokenType: description: The definition of `TokenType` object. enum: - SECRET example: SECRET type: string x-enum-varnames: - SECRET Trigger: description: One of the triggers that can start the execution of a workflow. oneOf: - $ref: '#/components/schemas/APITriggerWrapper' - $ref: '#/components/schemas/AppTriggerWrapper' - $ref: '#/components/schemas/CaseTriggerWrapper' - $ref: '#/components/schemas/ChangeEventTriggerWrapper' - $ref: '#/components/schemas/DatabaseMonitoringTriggerWrapper' - $ref: '#/components/schemas/DashboardTriggerWrapper' - $ref: '#/components/schemas/GithubWebhookTriggerWrapper' - $ref: '#/components/schemas/IncidentTriggerWrapper' - $ref: '#/components/schemas/MonitorTriggerWrapper' - $ref: '#/components/schemas/NotebookTriggerWrapper' - $ref: '#/components/schemas/ScheduleTriggerWrapper' - $ref: '#/components/schemas/SecurityTriggerWrapper' - $ref: '#/components/schemas/SelfServiceTriggerWrapper' - $ref: '#/components/schemas/SlackTriggerWrapper' - $ref: '#/components/schemas/SoftwareCatalogTriggerWrapper' - $ref: '#/components/schemas/WorkflowTriggerWrapper' TriggerRateLimit: description: Defines a rate limit for a trigger. properties: count: description: The `TriggerRateLimit` `count`. format: int64 type: integer example: 42 interval: description: >- The `TriggerRateLimit` `interval`. The expected format is the number of seconds ending with an s. For example, 1 day is 86400s type: string example: example_value type: object TriggerSource: description: >- The type of security issues on which the rule applies. Notification rules based on security signals need to use the trigger source "security_signals", while notification rules based on security vulnerabilities need to use the trigger source "security_findings". enum: - security_findings - security_signals example: security_findings type: string x-enum-varnames: - SECURITY_FINDINGS - SECURITY_SIGNALS Unit: description: >- Object containing the metric unit family, scale factor, name, and short name. nullable: true properties: family: description: >- Unit family, allows for conversion between units of the same family, for scaling. example: time type: string name: description: Unit name example: minute type: string plural: description: Plural form of the unit name. example: minutes type: string scale_factor: description: Factor for scaling between units of the same family. example: 60 format: double type: number short_name: description: Abbreviation of the unit. example: min type: string type: object UnpublishAppResponse: description: The response object after an app is successfully unpublished. properties: data: $ref: '#/components/schemas/Deployment' type: object UpdateActionConnectionRequest: description: Request used to update an action connection. properties: data: $ref: '#/components/schemas/ActionConnectionDataUpdate' required: - data type: object UpdateActionConnectionResponse: description: The response for an updated connection. properties: data: $ref: '#/components/schemas/ActionConnectionData' type: object UpdateAppRequest: description: A request object for updating an existing app. example: data: attributes: components: - events: [] name: grid0 properties: children: - events: [] name: gridCell0 properties: children: - events: [] name: calloutValue0 properties: isDisabled: false isLoading: false isVisible: true label: CPU Usage size: sm style: vivid_yellow unit: kB value: '42' type: calloutValue isVisible: 'true' layout: default: height: 8 width: 2 x: 0 'y': 0 type: gridCell type: grid description: This is a simple example app name: Example App queries: [] rootInstanceName: grid0 id: 9e20cbaf-68da-45a6-9ccf-54193ac29fa5 type: appDefinitions properties: data: $ref: '#/components/schemas/UpdateAppRequestData' type: object UpdateAppRequestData: description: >- The data object containing the new app definition. Any fields not included in the request remain unchanged. properties: attributes: $ref: '#/components/schemas/UpdateAppRequestDataAttributes' id: description: >- The ID of the app to update. The app ID must match the ID in the URL path. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 format: uuid type: string type: $ref: '#/components/schemas/AppDefinitionType' required: - type type: object UpdateAppRequestDataAttributes: description: >- App definition attributes to be updated, such as name, description, and components. properties: components: description: >- The new UI components that make up the app. If this field is set, all existing components are replaced with the new components under this field. items: $ref: '#/components/schemas/ComponentGrid' type: array description: description: The new human-readable description for the app. type: string example: example_value name: description: The new name of the app. type: string example: Example Monitor queries: description: >- The new array of queries, such as external actions and state variables, that the app uses. If this field is set, all existing queries are replaced with the new queries under this field. items: $ref: '#/components/schemas/Query' type: array rootInstanceName: description: >- The new name of the root component of the app. This must be a `grid` component that contains all other components. type: string example: Example Monitor tags: description: >- The new list of tags for the app, which can be used to filter apps. If this field is set, any existing tags not included in the request are removed. example: - service:webshop-backend - team:webshop items: description: An individual tag for the app. type: string type: array type: object UpdateAppResponse: description: The response object after an app is successfully updated. properties: data: $ref: '#/components/schemas/UpdateAppResponseData' included: description: Data on the version of the app that was published. items: $ref: '#/components/schemas/Deployment' type: array meta: $ref: '#/components/schemas/AppMeta' relationship: $ref: '#/components/schemas/AppRelationship' type: object UpdateAppResponseData: description: The data object containing the updated app definition. properties: attributes: $ref: '#/components/schemas/UpdateAppResponseDataAttributes' id: description: The ID of the updated app. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 format: uuid type: string type: $ref: '#/components/schemas/AppDefinitionType' required: - id - type - attributes type: object UpdateAppResponseDataAttributes: description: >- The updated app definition attributes, such as name, description, and components. properties: components: description: The UI components that make up the app. items: $ref: '#/components/schemas/ComponentGrid' type: array description: description: The human-readable description for the app. type: string example: example_value favorite: description: Whether the app is marked as a favorite by the current user. type: boolean example: true name: description: The name of the app. type: string example: Example Monitor queries: description: >- An array of queries, such as external actions and state variables, that the app uses. items: $ref: '#/components/schemas/Query' type: array rootInstanceName: description: >- The name of the root component of the app. This must be a `grid` component that contains all other components. type: string example: Example Monitor tags: description: A list of tags for the app, which can be used to filter apps. example: - service:webshop-backend - team:webshop items: description: An individual tag for the app. type: string type: array type: object UpdateCustomFrameworkRequest: description: Request object to update a custom framework. properties: data: $ref: '#/components/schemas/CustomFrameworkData' required: - data type: object UpdateCustomFrameworkResponse: description: Response object to update a custom framework. properties: data: $ref: '#/components/schemas/FrameworkHandleAndVersionResponseData' required: - data type: object UpdateOpenAPIResponse: description: Response for `UpdateOpenAPI`. properties: data: $ref: '#/components/schemas/UpdateOpenAPIResponseData' type: object UpdateOpenAPIResponseAttributes: description: Attributes for `UpdateOpenAPI`. properties: failed_endpoints: description: List of endpoints which couldn't be parsed. items: $ref: '#/components/schemas/OpenAPIEndpoint' type: array type: object UpdateOpenAPIResponseData: description: Data envelope for `UpdateOpenAPIResponse`. properties: attributes: $ref: '#/components/schemas/UpdateOpenAPIResponseAttributes' id: $ref: '#/components/schemas/ApiID' type: object UpdateResourceEvaluationFiltersRequest: description: Request object to update a resource filter. properties: data: $ref: '#/components/schemas/UpdateResourceEvaluationFiltersRequestData' required: - data type: object UpdateResourceEvaluationFiltersRequestData: description: The definition of `UpdateResourceFilterRequestData` object. properties: attributes: $ref: '#/components/schemas/ResourceFilterAttributes' id: description: The `UpdateResourceEvaluationFiltersRequestData` `id`. example: csm_resource_filter type: string type: $ref: '#/components/schemas/ResourceFilterRequestType' required: - attributes - type type: object UpdateResourceEvaluationFiltersResponse: description: The definition of `UpdateResourceEvaluationFiltersResponse` object. properties: data: $ref: '#/components/schemas/UpdateResourceEvaluationFiltersResponseData' required: - data type: object UpdateResourceEvaluationFiltersResponseData: description: The definition of `UpdateResourceFilterResponseData` object. properties: attributes: $ref: '#/components/schemas/ResourceFilterAttributes' id: description: The `data` `id`. example: csm_resource_filter type: string type: $ref: '#/components/schemas/ResourceFilterRequestType' required: - attributes - type type: object UpdateRuleRequest: description: Request to update a scorecard rule. properties: data: $ref: '#/components/schemas/UpdateRuleRequestData' type: object UpdateRuleRequestData: description: Data for the request to update a scorecard rule. properties: attributes: $ref: '#/components/schemas/RuleAttributes' type: $ref: '#/components/schemas/RuleType' type: object UpdateRuleResponse: description: The response from a rule update request. properties: data: $ref: '#/components/schemas/UpdateRuleResponseData' type: object UpdateRuleResponseData: description: The data for a rule update response. properties: attributes: $ref: '#/components/schemas/RuleAttributes' id: $ref: '#/components/schemas/RuleId' relationships: $ref: '#/components/schemas/RelationshipToRule' type: $ref: '#/components/schemas/RuleType' type: object UpdateWorkflowRequest: description: A request object for updating an existing workflow. example: data: attributes: description: A sample workflow. name: Example Workflow published: true spec: annotations: - display: bounds: height: 150 width: 300 x: -375 'y': -0.5 id: 99999999-9999-9999-9999-999999999999 markdownTextAnnotation: text: Example annotation. connectionEnvs: - connections: - connectionId: 11111111-1111-1111-1111-111111111111 label: INTEGRATION_DATADOG env: default handle: my-handle inputSchema: parameters: - defaultValue: default name: input type: STRING outputSchema: parameters: - name: output type: ARRAY_OBJECT value: '{{ Steps.Step1 }}' steps: - actionId: com.datadoghq.dd.monitor.listMonitors connectionLabel: INTEGRATION_DATADOG name: Step1 outboundEdges: - branchName: main nextStepName: Step2 parameters: - name: tags value: service:monitoring - actionId: com.datadoghq.core.noop name: Step2 triggers: - monitorTrigger: rateLimit: count: 1 interval: 3600s startStepNames: - Step1 - githubWebhookTrigger: {} startStepNames: - Step1 tags: - team:infra - service:monitoring - foo:bar id: 22222222-2222-2222-2222-222222222222 type: workflows properties: data: $ref: '#/components/schemas/WorkflowDataUpdate' required: - data type: object UpdateWorkflowResponse: description: The response object after updating a workflow. properties: data: $ref: '#/components/schemas/WorkflowDataUpdate' type: object UpsertCatalogEntityRequest: description: Create or update entity request. oneOf: - $ref: '#/components/schemas/EntityV3' - $ref: '#/components/schemas/EntityRaw' UpsertCatalogEntityResponse: description: Upsert entity response. properties: data: $ref: '#/components/schemas/EntityResponseData' included: $ref: '#/components/schemas/UpsertCatalogEntityResponseIncluded' meta: $ref: '#/components/schemas/EntityResponseMeta' type: object UpsertCatalogEntityResponseIncluded: description: Upsert entity response included. items: $ref: '#/components/schemas/UpsertCatalogEntityResponseIncludedItem' type: array UpsertCatalogEntityResponseIncludedItem: description: Upsert entity response included item. oneOf: - $ref: '#/components/schemas/EntityResponseIncludedSchema' Urgency: description: >- Specifies the level of urgency for a routing rule (low, high, or dynamic). enum: - low - high - dynamic example: low type: string x-enum-varnames: - LOW - HIGH - DYNAMIC UrlParam: description: The definition of `UrlParam` object. properties: name: $ref: '#/components/schemas/TokenName' example: MyUrlParameter value: description: The `UrlParam` `value`. example: Some Url Parameter value type: string required: - name - value type: object UrlParamUpdate: description: The definition of `UrlParamUpdate` object. properties: deleted: description: Should the header be deleted. type: boolean example: true name: $ref: '#/components/schemas/TokenName' example: MyUrlParameter value: description: The `UrlParamUpdate` `value`. example: Some Url Parameter value type: string required: - name type: object UsageApplicationSecurityMonitoringResponse: description: Application Security Monitoring usage response. properties: data: description: Response containing Application Security Monitoring usage. items: $ref: '#/components/schemas/UsageDataObject' type: array type: object UsageAttributesObject: description: Usage attributes data. properties: org_name: description: The organization name. type: string example: Example Monitor product_family: description: The product for which usage is being reported. type: string example: example_value public_id: description: The organization public ID. type: string example: abc-123-def region: description: The region of the Datadog instance that the organization belongs to. type: string example: example_value timeseries: description: List of usage data reported for each requested hour. items: $ref: '#/components/schemas/UsageTimeSeriesObject' type: array usage_type: $ref: '#/components/schemas/HourlyUsageType' type: object UsageDataObject: description: Usage data. properties: attributes: $ref: '#/components/schemas/UsageAttributesObject' id: description: Unique ID of the response. type: string example: abc-123-def type: $ref: '#/components/schemas/UsageTimeSeriesType' type: object UsageLambdaTracedInvocationsResponse: description: Lambda Traced Invocations usage response. properties: data: description: Response containing Lambda Traced Invocations usage. items: $ref: '#/components/schemas/UsageDataObject' type: array type: object UsageObservabilityPipelinesResponse: description: Observability Pipelines usage response. properties: data: description: Response containing Observability Pipelines usage. items: $ref: '#/components/schemas/UsageDataObject' type: array type: object UsageTimeSeriesObject: description: Usage timeseries data. properties: timestamp: description: Datetime in ISO-8601 format, UTC. The hour for the usage. format: date-time type: string example: '2026-04-17T12:00:00Z' value: description: >- Contains the number measured for the given usage_type during the hour. format: int64 nullable: true type: integer example: 42 type: object UsageTimeSeriesType: default: usage_timeseries description: Type of usage data. enum: - usage_timeseries example: usage_timeseries type: string x-enum-varnames: - USAGE_TIMESERIES User: description: User object returned by the API. properties: attributes: $ref: '#/components/schemas/UserAttributes' id: description: ID of the user. type: string example: abc-123-def relationships: $ref: '#/components/schemas/UserResponseRelationships' type: $ref: '#/components/schemas/UsersType' type: object x-merge-override: required: false UserAttributes: description: Attributes of user object returned by the API. properties: created_at: description: Creation time of the user. format: date-time type: string example: example_value disabled: description: Whether the user is disabled. type: boolean example: true email: description: Email of the user. type: string example: user@example.com handle: description: Handle of the user. type: string example: example_value icon: description: URL of the user's icon. type: string example: example_value mfa_enabled: description: If user has MFA enabled. readOnly: true type: boolean example: true modified_at: description: Time that the user was last modified. format: date-time type: string example: example_value name: description: Name of the user. nullable: true type: string example: Example Monitor service_account: description: Whether the user is a service account. type: boolean example: true status: description: Status of the user. type: string example: OK title: description: Title of the user. nullable: true type: string example: Example Monitor verified: description: Whether the user is verified. type: boolean example: true type: object UserAttributesStatus: description: The user's status. enum: - active - deactivated - pending type: string x-enum-varnames: - ACTIVE - DEACTIVATED - PENDING UserCreateAttributes: description: Attributes of the created user. properties: email: description: The email of the user. example: jane.doe@example.com type: string name: description: The name of the user. type: string example: Example Monitor title: description: The title of the user. type: string example: Example Monitor required: - email type: object UserCreateData: description: Object to create a user. properties: attributes: $ref: '#/components/schemas/UserCreateAttributes' relationships: $ref: '#/components/schemas/UserRelationships' type: $ref: '#/components/schemas/UsersType' required: - attributes - type type: object x-merge-override: required: false UserCreateRequest: description: Create a user. properties: data: $ref: '#/components/schemas/UserCreateData' required: - data type: object UserInvitationData: description: Object to create a user invitation. properties: relationships: $ref: '#/components/schemas/UserInvitationRelationships' type: $ref: '#/components/schemas/UserInvitationsType' required: - type - relationships type: object x-merge-override: required: false UserInvitationDataAttributes: description: Attributes of a user invitation. properties: created_at: description: Creation time of the user invitation. format: date-time type: string example: example_value expires_at: description: Time of invitation expiration. format: date-time type: string example: example_value invite_type: description: Type of invitation. type: string example: metric alert uuid: description: UUID of the user invitation. type: string example: abc-123-def type: object UserInvitationRelationships: description: Relationships data for user invitation. properties: user: $ref: '#/components/schemas/RelationshipToUser' required: - user type: object UserInvitationResponse: description: User invitation as returned by the API. properties: data: $ref: '#/components/schemas/UserInvitationResponseData' type: object UserInvitationResponseData: description: Object of a user invitation returned by the API. properties: attributes: $ref: '#/components/schemas/UserInvitationDataAttributes' id: description: ID of the user invitation. type: string example: abc-123-def relationships: $ref: '#/components/schemas/UserInvitationRelationships' type: $ref: '#/components/schemas/UserInvitationsType' type: object x-merge-override: required: false UserInvitationsRequest: description: Object to invite users to join the organization. properties: data: description: List of user invitations. example: [] items: $ref: '#/components/schemas/UserInvitationData' type: array required: - data type: object UserInvitationsResponse: description: User invitations as returned by the API. properties: data: description: Array of user invitations. items: $ref: '#/components/schemas/UserInvitationResponseData' type: array type: object UserInvitationsType: default: user_invitations description: User invitations type. enum: - user_invitations example: user_invitations type: string x-enum-varnames: - USER_INVITATIONS UserRelationshipData: description: Relationship to user object. properties: id: description: A unique identifier that represents the user. example: 00000000-0000-0000-0000-000000000000 type: string type: $ref: '#/components/schemas/UserResourceType' required: - id - type type: object UserRelationships: description: Relationships of the user object. properties: roles: $ref: '#/components/schemas/RelationshipToRoles' type: object UserResourceType: default: user description: User resource type. enum: - user example: user type: string x-enum-varnames: - USER UserResponse: description: Response containing information about a single user. properties: data: $ref: '#/components/schemas/User' included: description: Array of objects related to the user. items: $ref: '#/components/schemas/UserResponseIncludedItem' type: array type: object UserResponseIncludedItem: description: An object related to a user. oneOf: - $ref: '#/components/schemas/Organization' - $ref: '#/components/schemas/Permission' - $ref: '#/components/schemas/Role' UserResponseRelationships: description: Relationships of the user object returned by the API. properties: org: $ref: '#/components/schemas/RelationshipToOrganization' other_orgs: $ref: '#/components/schemas/RelationshipToOrganizations' other_users: $ref: '#/components/schemas/RelationshipToUsers' roles: $ref: '#/components/schemas/RelationshipToRoles' type: object x-merge-override: properties: false UserTarget: description: >- Represents a user target for an escalation policy step, including the user's ID and resource type. properties: id: description: Specifies the unique identifier of the user resource. example: 00000000-aba1-0000-0000-000000000000 type: string type: $ref: '#/components/schemas/UserTargetType' required: - type - id type: object UserTargetType: default: users description: Indicates that the resource is of type `users`. enum: - users example: users type: string x-enum-varnames: - USERS UserTeam: description: A user's relationship with a team properties: attributes: $ref: '#/components/schemas/UserTeamAttributes' id: description: The ID of a user's relationship with a team example: TeamMembership-aeadc05e-98a8-11ec-ac2c-da7ad0900001-38835 type: string relationships: $ref: '#/components/schemas/UserTeamRelationships' type: $ref: '#/components/schemas/UserTeamType' required: - id - type type: object x-merge-override: required: false UserTeamAttributes: description: Team membership attributes properties: provisioned_by: description: >- The mechanism responsible for provisioning the team relationship. Possible values: null for added by a user, "service_account" if added by a service account, and "saml_mapping" if provisioned via SAML mapping. nullable: true readOnly: true type: string example: example_value provisioned_by_id: description: >- UUID of the User or Service Account who provisioned this team membership, or null if provisioned via SAML mapping. nullable: true readOnly: true type: string example: abc-123-def role: $ref: '#/components/schemas/UserTeamRole' type: object UserTeamCreate: description: A user's relationship with a team properties: attributes: $ref: '#/components/schemas/UserTeamAttributes' relationships: $ref: '#/components/schemas/UserTeamRelationships' type: $ref: '#/components/schemas/UserTeamType' required: - type type: object UserTeamIncluded: description: Included resources related to the team membership oneOf: - $ref: '#/components/schemas/User' - $ref: '#/components/schemas/Team' UserTeamPermission: description: A user's permissions for a given team properties: attributes: $ref: '#/components/schemas/UserTeamPermissionAttributes' id: description: The user team permission's identifier example: UserTeamPermissions-aeadc05e-98a8-11ec-ac2c-da7ad0900001-416595 type: string type: $ref: '#/components/schemas/UserTeamPermissionType' required: - id - type type: object x-merge-override: required: false UserTeamPermissionAttributes: description: User team permission attributes properties: permissions: description: >- Object of team permission actions and boolean values that a logged in user can perform on this team. readOnly: true type: object type: object UserTeamPermissionType: default: user_team_permissions description: User team permission type enum: - user_team_permissions example: user_team_permissions type: string x-enum-varnames: - USER_TEAM_PERMISSIONS UserTeamRelationships: description: Relationship between membership and a user properties: team: $ref: '#/components/schemas/RelationshipToUserTeamTeam' user: $ref: '#/components/schemas/RelationshipToUserTeamUser' type: object UserTeamRequest: description: Team membership request properties: data: $ref: '#/components/schemas/UserTeamCreate' required: - data type: object UserTeamResponse: description: Team membership response properties: data: $ref: '#/components/schemas/UserTeam' included: description: Resources related to the team memberships items: $ref: '#/components/schemas/UserTeamIncluded' type: array type: object UserTeamRole: description: The user's role within the team enum: - admin nullable: true type: string x-enum-varnames: - ADMIN UserTeamTeamType: default: team description: User team team type enum: - team example: team type: string x-enum-varnames: - TEAM UserTeamType: default: team_memberships description: Team membership type enum: - team_memberships example: team_memberships type: string x-enum-varnames: - TEAM_MEMBERSHIPS UserTeamUpdate: description: A user's relationship with a team properties: attributes: $ref: '#/components/schemas/UserTeamAttributes' type: $ref: '#/components/schemas/UserTeamType' required: - type type: object UserTeamUpdateRequest: description: Team membership request properties: data: $ref: '#/components/schemas/UserTeamUpdate' required: - data type: object UserTeamUserType: default: users description: User team user type enum: - users example: users type: string x-enum-varnames: - USERS UserTeamsResponse: description: Team memberships response properties: data: description: Team memberships response data items: $ref: '#/components/schemas/UserTeam' type: array included: description: Resources related to the team memberships items: $ref: '#/components/schemas/UserTeamIncluded' type: array links: $ref: '#/components/schemas/TeamsResponseLinks' meta: $ref: '#/components/schemas/TeamsResponseMeta' type: object UserUpdateAttributes: description: Attributes of the edited user. properties: disabled: description: If the user is enabled or disabled. type: boolean example: true email: description: The email of the user. type: string example: user@example.com name: description: The name of the user. type: string example: Example Monitor type: object UserUpdateData: description: Object to update a user. properties: attributes: $ref: '#/components/schemas/UserUpdateAttributes' id: description: ID of the user. example: 00000000-0000-feed-0000-000000000000 type: string type: $ref: '#/components/schemas/UsersType' required: - attributes - type - id type: object x-merge-override: required: false UserUpdateRequest: description: Update a user. properties: data: $ref: '#/components/schemas/UserUpdateData' required: - data type: object UsersRelationship: description: Relationship to users. properties: data: description: Relationships to user objects. example: [] items: $ref: '#/components/schemas/UserRelationshipData' type: array required: - data type: object UsersResponse: description: Response containing information about multiple users. properties: data: description: Array of returned users. items: $ref: '#/components/schemas/User' type: array included: description: Array of objects related to the users. items: $ref: '#/components/schemas/UserResponseIncludedItem' type: array meta: $ref: '#/components/schemas/ResponseMetaAttributes' readOnly: true type: object UsersType: default: users description: Users resource type. enum: - users example: users type: string x-enum-varnames: - USERS ValidationError: description: >- Represents a single validation error, including a human-readable title and metadata. properties: meta: $ref: '#/components/schemas/ValidationErrorMeta' title: description: A short, human-readable summary of the error. example: Field 'region' is required type: string required: - title - meta type: object ValidationErrorMeta: description: >- Describes additional metadata for validation errors, including field names and error messages. properties: field: description: The field name that caused the error. example: region type: string id: description: The ID of the component in which the error occurred. example: datadog-agent-source type: string message: description: The detailed error message. example: Field 'region' is required type: string required: - message type: object ValidationResponse: description: Response containing validation errors. example: errors: - meta: field: region id: datadog-agent-source message: Field 'region' is required title: Field 'region' is required properties: errors: description: The `ValidationResponse` `errors`. items: $ref: '#/components/schemas/ValidationError' type: array type: object Version: description: >- Version of the notification rule. It is updated when the rule is modified. example: 1 format: int64 type: integer VulnerabilitiesType: description: The JSON:API type. enum: - vulnerabilities example: vulnerabilities type: string x-enum-varnames: - VULNERABILITIES Vulnerability: description: A single vulnerability properties: attributes: $ref: '#/components/schemas/VulnerabilityAttributes' id: description: The unique ID for this vulnerability. example: 3ecdfea798f2ce8f6e964805a344945f type: string relationships: $ref: '#/components/schemas/VulnerabilityRelationships' type: $ref: '#/components/schemas/VulnerabilitiesType' required: - id - type - attributes - relationships type: object VulnerabilityAttributes: description: The JSON:API attributes of the vulnerability. properties: advisory_id: description: Vulnerability advisory ID. example: TRIVY-CVE-2023-0615 type: string code_location: $ref: '#/components/schemas/CodeLocation' cve_list: description: Vulnerability CVE list. example: - CVE-2023-0615 items: example: CVE-2023-0615 type: string type: array cvss: $ref: '#/components/schemas/VulnerabilityCvss' dependency_locations: $ref: '#/components/schemas/VulnerabilityDependencyLocations' description: description: Vulnerability description. example: >- LDAP Injection is a security vulnerability that occurs when untrusted user input is improperly handled and directly incorporated into LDAP queries without appropriate sanitization or validation. This vulnerability enables attackers to manipulate LDAP queries and potentially gain unauthorized access, modify data, or extract sensitive information from the directory server. By exploiting the LDAP injection vulnerability, attackers can execute malicious commands, bypass authentication mechanisms, and perform unauthorized actions within the directory service. type: string ecosystem: $ref: '#/components/schemas/VulnerabilityEcosystem' exposure_time: description: Vulnerability exposure time in seconds. example: 5618604 format: int64 type: integer first_detection: description: >- First detection of the vulnerability in [RFC 3339](https://datatracker.ietf.org/doc/html/rfc3339) format example: '2024-09-19T21:23:08.000Z' type: string fix_available: description: Whether the vulnerability has a remediation or not. example: false type: boolean language: description: Vulnerability language. example: ubuntu type: string last_detection: description: >- Last detection of the vulnerability in [RFC 3339](https://datatracker.ietf.org/doc/html/rfc3339) format example: '2024-09-01T21:23:08.000Z' type: string library: $ref: '#/components/schemas/Library' remediations: description: List of remediations. items: $ref: '#/components/schemas/Remediation' type: array repo_digests: description: >- Vulnerability `repo_digest` list (when the vulnerability is related to `Image` asset). items: example: >- sha256:0ae7da091191787229d321e3638e39c319a97d6e20f927d465b519d699215bf7 type: string type: array risks: $ref: '#/components/schemas/VulnerabilityRisks' status: $ref: '#/components/schemas/VulnerabilityStatus' title: description: Vulnerability title. example: LDAP Injection type: string tool: $ref: '#/components/schemas/VulnerabilityTool' type: $ref: '#/components/schemas/VulnerabilityType' required: - type - cvss - status - tool - title - description - cve_list - risks - language - first_detection - last_detection - exposure_time - remediations - fix_available type: object VulnerabilityCvss: description: Vulnerability severities. properties: base: $ref: '#/components/schemas/CVSS' datadog: $ref: '#/components/schemas/CVSS' required: - base - datadog type: object VulnerabilityDependencyLocations: description: Static library vulnerability location. properties: block: $ref: '#/components/schemas/DependencyLocation' name: $ref: '#/components/schemas/DependencyLocation' version: $ref: '#/components/schemas/DependencyLocation' required: - block type: object VulnerabilityEcosystem: description: The related vulnerability asset ecosystem. enum: - PyPI - Maven - NuGet - Npm - RubyGems - Go - Packagist - Ddeb - Rpm - Apk - Windows type: string x-enum-varnames: - PYPI - MAVEN - NUGET - NPM - RUBY_GEMS - GO - PACKAGIST - D_DEB - RPM - APK - WINDOWS VulnerabilityRelationships: description: Related entities object. properties: affects: $ref: '#/components/schemas/VulnerabilityRelationshipsAffects' required: - affects type: object VulnerabilityRelationshipsAffects: description: Relationship type. properties: data: $ref: '#/components/schemas/VulnerabilityRelationshipsAffectsData' required: - data type: object VulnerabilityRelationshipsAffectsData: description: Asset affected by this vulnerability. properties: id: description: The unique ID for this related asset. example: Repository|github.com/DataDog/datadog-agent.git type: string type: $ref: '#/components/schemas/AssetEntityType' required: - id - type type: object VulnerabilityRisks: description: Vulnerability risks. properties: epss: $ref: '#/components/schemas/EPSS' exploit_available: description: Vulnerability public exploit availability. example: false type: boolean exploit_sources: description: Vulnerability exploit sources. example: - NIST items: example: NIST type: string type: array exploitation_probability: description: Vulnerability exploitation probability. example: false type: boolean poc_exploit_available: description: Vulnerability POC exploit availability. example: false type: boolean required: - exploitation_probability - poc_exploit_available - exploit_available - exploit_sources type: object VulnerabilitySeverity: description: The vulnerability severity. enum: - Unknown - None - Low - Medium - High - Critical example: Medium type: string x-enum-varnames: - UNKNOWN - NONE - LOW - MEDIUM - HIGH - CRITICAL VulnerabilityStatus: description: The vulnerability status. enum: - Open - Muted - Remediated - InProgress - AutoClosed example: Open type: string x-enum-varnames: - OPEN - MUTED - REMEDIATED - INPROGRESS - AUTOCLOSED VulnerabilityTool: description: The vulnerability tool. enum: - IAST - SCA - Infra example: SCA type: string x-enum-varnames: - IAST - SCA - INFRA VulnerabilityType: description: The vulnerability type. enum: - AdminConsoleActive - CodeInjection - CommandInjection - ComponentWithKnownVulnerability - DangerousWorkflows - DefaultAppDeployed - DefaultHtmlEscapeInvalid - DirectoryListingLeak - EmailHtmlInjection - EndOfLife - HardcodedPassword - HardcodedSecret - HeaderInjection - HstsHeaderMissing - InsecureAuthProtocol - InsecureCookie - InsecureJspLayout - LdapInjection - MaliciousPackage - MandatoryRemediation - NoHttpOnlyCookie - NoSameSiteCookie - NoSqlMongoDbInjection - PathTraversal - ReflectionInjection - RiskyLicense - SessionRewriting - SessionTimeout - SqlInjection - Ssrf - StackTraceLeak - TrustBoundaryViolation - Unmaintained - UntrustedDeserialization - UnvalidatedRedirect - VerbTampering - WeakCipher - WeakHash - WeakRandomness - XContentTypeHeaderMissing - XPathInjection - Xss example: WeakCipher type: string x-enum-varnames: - ADMIN_CONSOLE_ACTIVE - CODE_INJECTION - COMMAND_INJECTION - COMPONENT_WITH_KNOWN_VULNERABILITY - DANGEROUS_WORKFLOWS - DEFAULT_APP_DEPLOYED - DEFAULT_HTML_ESCAPE_INVALID - DIRECTORY_LISTING_LEAK - EMAIL_HTML_INJECTION - END_OF_LIFE - HARDCODED_PASSWORD - HARDCODED_SECRET - HEADER_INJECTION - HSTS_HEADER_MISSING - INSECURE_AUTH_PROTOCOL - INSECURE_COOKIE - INSECURE_JSP_LAYOUT - LDAP_INJECTION - MALICIOUS_PACKAGE - MANDATORY_REMEDIATION - NO_HTTP_ONLY_COOKIE - NO_SAME_SITE_COOKIE - NO_SQL_MONGO_DB_INJECTION - PATH_TRAVERSAL - REFLECTION_INJECTION - RISKY_LICENSE - SESSION_REWRITING - SESSION_TIMEOUT - SQL_INJECTION - SSRF - STACK_TRACE_LEAK - TRUST_BOUNDARY_VIOLATION - UNMAINTAINED - UNTRUSTED_DESERIALIZATION - UNVALIDATED_REDIRECT - VERB_TAMPERING - WEAK_CIPHER - WEAK_HASH - WEAK_RANDOMNESS - X_CONTENT_TYPE_HEADER_MISSING - X_PATH_INJECTION - XSS Weekday: description: A day of the week. enum: - monday - tuesday - wednesday - thursday - friday - saturday - sunday type: string x-enum-varnames: - MONDAY - TUESDAY - WEDNESDAY - THURSDAY - FRIDAY - SATURDAY - SUNDAY WidgetLiveSpan: description: The available timeframes depend on the widget you are using. enum: - 1m - 5m - 10m - 15m - 30m - 1h - 4h - 1d - 2d - 1w - 1mo - 3mo - 6mo - 1y - alert example: 5m type: string x-enum-varnames: - PAST_ONE_MINUTE - PAST_FIVE_MINUTES - PAST_TEN_MINUTES - PAST_FIFTEEN_MINUTES - PAST_THIRTY_MINUTES - PAST_ONE_HOUR - PAST_FOUR_HOURS - PAST_ONE_DAY - PAST_TWO_DAYS - PAST_ONE_WEEK - PAST_ONE_MONTH - PAST_THREE_MONTHS - PAST_SIX_MONTHS - PAST_ONE_YEAR - ALERT WorkflowData: description: Data related to the workflow. properties: attributes: $ref: '#/components/schemas/WorkflowDataAttributes' id: description: The workflow identifier readOnly: true type: string example: abc-123-def relationships: $ref: '#/components/schemas/WorkflowDataRelationships' type: $ref: '#/components/schemas/WorkflowDataType' required: - type - attributes type: object WorkflowDataAttributes: description: The definition of `WorkflowDataAttributes` object. properties: createdAt: description: When the workflow was created. format: date-time readOnly: true type: string example: example_value description: description: Description of the workflow. type: string example: example_value name: description: Name of the workflow. example: '' type: string published: description: >- Set the workflow to published or unpublished. Workflows in an unpublished state will only be executable via manual runs. Automatic triggers such as Schedule will not execute the workflow until it is published. type: boolean example: true spec: $ref: '#/components/schemas/Spec' tags: description: Tags of the workflow. items: type: string type: array updatedAt: description: When the workflow was last updated. format: date-time readOnly: true type: string example: '2026-04-17T12:00:00Z' webhookSecret: description: >- If a Webhook trigger is defined on this workflow, a webhookSecret is required and should be provided here. type: string writeOnly: true example: example_value required: - name - spec type: object WorkflowDataRelationships: description: The definition of `WorkflowDataRelationships` object. properties: creator: $ref: '#/components/schemas/WorkflowUserRelationship' owner: $ref: '#/components/schemas/WorkflowUserRelationship' readOnly: true type: object WorkflowDataType: description: The definition of `WorkflowDataType` object. enum: - workflows example: workflows type: string x-enum-varnames: - WORKFLOWS WorkflowDataUpdate: description: Data related to the workflow being updated. properties: attributes: $ref: '#/components/schemas/WorkflowDataUpdateAttributes' id: description: The workflow identifier type: string example: abc-123-def relationships: $ref: '#/components/schemas/WorkflowDataRelationships' type: $ref: '#/components/schemas/WorkflowDataType' required: - type - attributes type: object WorkflowDataUpdateAttributes: description: The definition of `WorkflowDataUpdateAttributes` object. properties: createdAt: description: When the workflow was created. format: date-time readOnly: true type: string example: example_value description: description: Description of the workflow. type: string example: example_value name: description: Name of the workflow. type: string example: Example Monitor published: description: >- Set the workflow to published or unpublished. Workflows in an unpublished state will only be executable via manual runs. Automatic triggers such as Schedule will not execute the workflow until it is published. type: boolean example: true spec: $ref: '#/components/schemas/Spec' tags: description: Tags of the workflow. items: type: string type: array updatedAt: description: When the workflow was last updated. format: date-time readOnly: true type: string example: '2026-04-17T12:00:00Z' webhookSecret: description: >- If a Webhook trigger is defined on this workflow, a webhookSecret is required and should be provided here. type: string writeOnly: true example: example_value type: object WorkflowInstanceCreateMeta: description: Additional information for creating a workflow instance. properties: payload: additionalProperties: {} description: The input parameters to the workflow. type: object type: object WorkflowInstanceCreateRequest: description: Request used to create a workflow instance. properties: meta: $ref: '#/components/schemas/WorkflowInstanceCreateMeta' type: object WorkflowInstanceCreateResponse: additionalProperties: {} description: Response returned upon successful workflow instance creation. properties: data: $ref: '#/components/schemas/WorkflowInstanceCreateResponseData' type: object WorkflowInstanceCreateResponseData: additionalProperties: {} description: Data about the created workflow instance. properties: id: description: >- The ID of the workflow execution. It can be used to fetch the execution status. type: string example: abc-123-def type: object WorkflowInstanceListItem: additionalProperties: {} description: An item in the workflow instances list. properties: id: description: The ID of the workflow instance type: string example: abc-123-def type: object WorkflowListInstancesResponse: additionalProperties: {} description: Response returned when listing workflow instances. properties: data: description: A list of workflow instances. items: $ref: '#/components/schemas/WorkflowInstanceListItem' type: array meta: $ref: '#/components/schemas/WorkflowListInstancesResponseMeta' type: object WorkflowListInstancesResponseMeta: additionalProperties: {} description: Metadata about the instances list properties: page: $ref: '#/components/schemas/WorkflowListInstancesResponseMetaPage' type: object WorkflowListInstancesResponseMetaPage: additionalProperties: {} description: Page information for the list instances response. properties: totalCount: description: The total count of items. format: int64 type: integer example: 42 type: object WorkflowTriggerWrapper: description: Schema for a Workflow-based trigger. properties: startStepNames: $ref: '#/components/schemas/StartStepNames' workflowTrigger: description: >- Trigger a workflow from the Datadog UI. Only required if no other trigger exists. type: object required: - workflowTrigger type: object WorkflowUserRelationship: description: The definition of `WorkflowUserRelationship` object. properties: data: $ref: '#/components/schemas/WorkflowUserRelationshipData' type: object WorkflowUserRelationshipData: description: The definition of `WorkflowUserRelationshipData` object. properties: id: description: The user identifier example: '' type: string type: $ref: '#/components/schemas/WorkflowUserRelationshipType' required: - type - id type: object WorkflowUserRelationshipType: description: The definition of `WorkflowUserRelationshipType` object. enum: - users example: users type: string x-enum-varnames: - USERS WorklflowCancelInstanceResponse: description: Information about the canceled instance. properties: data: $ref: '#/components/schemas/WorklflowCancelInstanceResponseData' type: object WorklflowCancelInstanceResponseData: description: Data about the canceled instance. properties: id: description: The id of the canceled instance type: string example: abc-123-def type: object WorklflowGetInstanceResponse: additionalProperties: {} description: The state of the given workflow instance. properties: data: $ref: '#/components/schemas/WorklflowGetInstanceResponseData' type: object WorklflowGetInstanceResponseData: additionalProperties: {} description: The data of the instance response. properties: attributes: $ref: '#/components/schemas/WorklflowGetInstanceResponseDataAttributes' type: object WorklflowGetInstanceResponseDataAttributes: additionalProperties: {} description: The attributes of the instance response data. properties: id: description: The id of the instance. type: string example: abc-123-def type: object XRayServicesIncludeAll: description: Include all services. properties: include_all: description: Include all services. example: false type: boolean required: - include_all type: object XRayServicesIncludeOnly: description: Include only these services. Defaults to `[]`. nullable: true properties: include_only: description: Include only these services. example: - AWS/AppSync items: example: AWS/AppSync type: string type: array required: - include_only type: object XRayServicesList: description: AWS X-Ray services to collect traces from. Defaults to `include_only`. oneOf: - $ref: '#/components/schemas/XRayServicesIncludeAll' - $ref: '#/components/schemas/XRayServicesIncludeOnly' securitySchemes: AuthZ: description: This API uses OAuth 2 with the implicit grant flow. flows: authorizationCode: authorizationUrl: /oauth2/v1/authorize scopes: apm_api_catalog_read: View API catalog and API definitions. apm_api_catalog_write: Add, modify, and delete API catalog definitions. apm_read: Read and query APM and Trace Analytics. apm_service_catalog_read: View service catalog and service definitions. apm_service_catalog_write: >- Add, modify, and delete service catalog definitions when those definitions are maintained by Datadog. appsec_vm_read: >- View infrastructure, application code, and library vulnerabilities. This does not restrict API or inventory SQL access to the vulnerability data source. cases_read: View Cases. cases_write: Create and update cases. ci_visibility_pipelines_write: Create CI Visibility pipeline spans using the API. ci_visibility_read: View CI Visibility. cloud_cost_management_read: >- View Cloud Cost pages and the cloud cost data source in dashboards and notebooks. For more details, see the Cloud Cost Management docs. cloud_cost_management_write: >- Configure cloud cost accounts and global customizations. For more details, see the Cloud Cost Management docs. code_analysis_read: View Code Analysis. continuous_profiler_pgo_read: >- Read and query Continuous Profiler data for Profile-Guided Optimization (PGO). create_webhooks: Create webhooks integrations. dashboards_embed_share: >- Create, modify, and delete shared dashboards with share type 'embed'. dashboards_invite_share: >- Create, modify, and delete shared dashboards with share type 'invite'. dashboards_public_share: >- Generate public and authenticated links to share dashboards or embeddable graphs externally. dashboards_read: View dashboards. dashboards_write: Create and change dashboards. data_scanner_read: View Data Scanner configurations. data_scanner_write: Edit Data Scanner configurations. embeddable_graphs_share: Generate public links to share embeddable graphs externally. events_read: Read Events data. hosts_read: List hosts and their attributes. incident_notification_settings_write: Configure Incidents Notification settings. incident_read: View incidents in Datadog. incident_settings_write: Configure Incident Settings. incident_write: Create, view, and manage incidents in Datadog. metrics_read: View custom metrics. monitor_config_policy_write: Edit and delete monitor configuration. monitors_downtime: >- Set downtimes to suppress alerts from any monitor in an organization. Mute and unmute monitors. The ability to write monitors is not required to set downtimes. monitors_read: View monitors. monitors_write: Edit, delete, and resolve individual monitors. org_management: >- Edit org configurations, including authentication and certain security preferences such as configuring SAML, renaming an org, configuring allowed login methods, creating child orgs, subscribing & unsubscribing from apps in the marketplace, and enabling & disabling Remote Configuration for the entire organization. security_comments_read: Read comments of vulnerabilities. security_monitoring_filters_read: Read Security Filters. security_monitoring_filters_write: Create, edit, and delete Security Filters. security_monitoring_findings_read: >- View a list of findings that include both misconfigurations and identity risks. security_monitoring_notification_profiles_read: View Rule Security Notification rules. security_monitoring_notification_profiles_write: Create, edit, and delete Security Notification rules. security_monitoring_rules_read: Read Detection Rules. security_monitoring_rules_write: Create and edit Detection Rules. security_monitoring_signals_read: View Security Signals. security_monitoring_suppressions_read: Read Rule Suppressions. security_monitoring_suppressions_write: Write Rule Suppressions. security_pipelines_read: View Security Pipelines. security_pipelines_write: Create, edit, and delete CSM Security Pipelines. slos_corrections: >- Apply, edit, and delete SLO status corrections. A user with this permission can make status corrections, even if they do not have permission to edit those SLOs. slos_read: View SLOs and status corrections. slos_write: Create, edit, and delete SLOs. synthetics_global_variable_read: View, search, and use Synthetics global variables. synthetics_global_variable_write: Create, edit, and delete global variables for Synthetics. synthetics_private_location_read: View, search, and use Synthetics private locations. synthetics_private_location_write: >- Create and delete private locations in addition to having access to the associated installation guidelines. synthetics_read: List and view configured Synthetic tests and test results. synthetics_write: Create, edit, and delete Synthetic tests. teams_manage: >- Manage Teams. Create, delete, rename, and edit metadata of all Teams. To control Team membership across all Teams, use the User Access Manage permission. teams_read: >- Read Teams data. A User with this permission can view Team names, metadata, and which Users are on each Team. test_optimization_read: View Test Optimization. timeseries_query: Query Timeseries data. usage_read: View your organization's usage and usage attribution. user_access_invite: Invite other users to your organization. user_access_manage: >- Disable users, manage user roles, manage SAML-to-role mappings, and configure logs restriction queries. user_access_read: View users and their roles and settings. workflows_read: View workflows. workflows_run: Run workflows. workflows_write: Create, edit, and delete workflows. tokenUrl: /oauth2/v1/token type: oauth2 apiKeyAuth: description: Your Datadog API Key. in: header name: DD-API-KEY type: apiKey x-env-name: DD_API_KEY appKeyAuth: description: Your Datadog APP Key. in: header name: DD-APPLICATION-KEY type: apiKey x-env-name: DD_APP_KEY bearerAuth: scheme: bearer type: http x-env-name: DD_BEARER_TOKEN info: contact: email: support@datadoghq.com name: Datadog Support url: https://www.datadoghq.com/support/ description: >- The Datadog API is an HTTP REST API. The API uses resource-oriented URLs to call the API, uses status codes to indicate the success or failure of requests, returns JSON from all requests, and uses standard HTTP response codes. Use the Datadog API to access the Datadog platform programmatically. title: Datadog API version: '1.0' openapi: 3.0.0 paths: /api/v2/actions/connections: post: description: Create a new Action Connection operationId: CreateActionConnection requestBody: content: application/json: schema: $ref: '#/components/schemas/CreateActionConnectionRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/CreateActionConnectionResponse' description: Successfully created Action Connection '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '429': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Too Many Request summary: Datadog Create a New Action Connection tags: - Action - Connection - Create x-given: action_connection: parameters: - name: body value: |- { "data": { "type": "action_connection", "attributes": { "name": "Cassette Connection {{ unique_lower_alnum }}", "integration": { "type": "AWS", "credentials": { "type": "AWSAssumeRole", "role": "MyRole", "account_id": "123456789123" } } } } } step: there is a valid "action_connection" in the system x-menu-order: 2 x-undo: operationId: DeleteActionConnection parameters: - name: connection_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/actions/connections/{connection_id}: delete: description: Delete an existing Action Connection operationId: DeleteActionConnection parameters: - $ref: '#/components/parameters/ConnectionId' responses: '204': description: The resource was deleted successfully. '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Not Found '429': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Too Many Request summary: Datadog Delete an Existing Action Connection tags: - Action - Connection - Delete - Existing x-menu-order: 4 x-permission: operator: OR permissions: - connection_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get an existing Action Connection operationId: GetActionConnection parameters: - $ref: '#/components/parameters/ConnectionId' responses: '200': content: application/json: schema: $ref: '#/components/schemas/GetActionConnectionResponse' description: Successfully get Action Connection '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Not Found '429': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Too Many Request summary: Datadog Get an Existing Action Connection tags: - Action - Connection - Existing - Get x-menu-order: 1 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update an existing Action Connection operationId: UpdateActionConnection parameters: - $ref: '#/components/parameters/ConnectionId' requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateActionConnectionRequest' description: Update an existing Action Connection request body required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/UpdateActionConnectionResponse' description: Successfully updated Action Connection '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Not Found '429': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Too Many Request summary: Datadog Update an Existing Action Connection tags: - Action - Connection - Existing - Update x-menu-order: 3 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/agentless_scanning/accounts/aws: get: description: Fetches the scan options configured for AWS accounts. operationId: ListAwsScanOptions responses: '200': content: application/json: schema: $ref: '#/components/schemas/AwsScanOptionsListResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get Aws Scan Options tags: - Get - Options - Scan x-menu-order: 1 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Activate Agentless scan options for an AWS account. operationId: CreateAwsScanOptions requestBody: content: application/json: schema: $ref: '#/components/schemas/AwsScanOptionsCreateRequest' description: The definition of the new scan options. required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/AwsScanOptionsResponse' description: Agentless scan options enabled successfully. '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Post Aws Scan Options tags: - Options - Post - Scan x-codegen-request-body-name: body x-menu-order: 2 x-undo: operationId: DeleteAwsScanOptions parameters: - name: account_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/agentless_scanning/accounts/aws/{account_id}: delete: description: Delete Agentless scan options for an AWS account. operationId: DeleteAwsScanOptions parameters: - $ref: '#/components/parameters/AwsAccountId' responses: '204': description: No Content '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete Aws Scan Options tags: - Delete - Options - Scan x-menu-order: 4 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update the Agentless scan options for an activated account. operationId: UpdateAwsScanOptions parameters: - $ref: '#/components/parameters/AwsAccountId' requestBody: content: application/json: schema: $ref: '#/components/schemas/AwsScanOptionsUpdateRequest' description: New definition of the scan options. required: true responses: '204': description: No Content '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Patch Aws Scan Options tags: - Options - Patch - Scan x-codegen-request-body-name: body x-menu-order: 3 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/agentless_scanning/ondemand/aws: get: description: Fetches the most recent 1000 AWS on demand tasks. operationId: ListAwsOnDemandTasks responses: '200': content: application/json: schema: $ref: '#/components/schemas/AwsOnDemandListResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get Aws on Demand Tasks tags: - Demand - Get - Tasks x-menu-order: 5 x-permission: operator: OR permissions: - security_monitoring_findings_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Trigger the scan of an AWS resource with a high priority. Agentless scanning must be activated for the AWS account containing the resource to scan. operationId: CreateAwsOnDemandTask requestBody: content: application/json: schema: $ref: '#/components/schemas/AwsOnDemandCreateRequest' description: The definition of the on demand task. required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/AwsOnDemandResponse' description: AWS on demand task created successfully. '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Post an Aws on Demand Task tags: - Demand - Post - Tasks x-codegen-request-body-name: body x-menu-order: 7 x-permission: operator: OR permissions: - security_monitoring_findings_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/agentless_scanning/ondemand/aws/{task_id}: get: description: Fetch the data of a specific on demand task. operationId: GetAwsOnDemandTask parameters: - $ref: '#/components/parameters/OnDemandTaskId' responses: '200': content: application/json: schema: $ref: '#/components/schemas/AwsOnDemandResponse' description: OK. '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get Aws on Demand Task by Id tags: - Demand - Get - Identifiers - Tasks x-menu-order: 6 x-permission: operator: OR permissions: - security_monitoring_findings_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/api_keys: get: description: List all API keys available for your account. operationId: ListAPIKeys parameters: - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' - $ref: '#/components/parameters/APIKeysSortParameter' - $ref: '#/components/parameters/APIKeyFilterParameter' - $ref: '#/components/parameters/APIKeyFilterCreatedAtStartParameter' - $ref: '#/components/parameters/APIKeyFilterCreatedAtEndParameter' - $ref: '#/components/parameters/APIKeyFilterModifiedAtStartParameter' - $ref: '#/components/parameters/APIKeyFilterModifiedAtEndParameter' - $ref: '#/components/parameters/APIKeyIncludeParameter' - $ref: '#/components/parameters/APIKeyReadConfigReadEnabledParameter' - $ref: '#/components/parameters/APIKeyCategoryParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/APIKeysResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get All Api Keys tags: - All - Get - Keys x-menu-order: 5 x-permission: operator: OR permissions: - api_keys_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create an API key. operationId: CreateAPIKey requestBody: content: application/json: schema: $ref: '#/components/schemas/APIKeyCreateRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/APIKeyResponse' description: Created '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create an Api Key tags: - Create - Keys x-codegen-request-body-name: body x-given: api_key: parameters: - name: body value: |- { "data": { "attributes": { "name": "{{ unique }}" }, "type": "api_keys" } } step: there is a valid "api_key" in the system x-menu-order: 4 x-permission: operator: OR permissions: - api_keys_write x-undo: operationId: DeleteAPIKey parameters: - name: api_key_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: post: true /api/v2/api_keys/{api_key_id}: delete: description: Delete an API key. operationId: DeleteAPIKey parameters: - $ref: '#/components/parameters/APIKeyId' responses: '204': description: No Content '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete an Api Key tags: - Delete - Keys x-menu-order: 1 x-permission: operator: OR permissions: - api_keys_delete x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get an API key. operationId: GetAPIKey parameters: - $ref: '#/components/parameters/APIKeyId' - $ref: '#/components/parameters/APIKeyIncludeParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/APIKeyResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get Api Key tags: - Get - Keys x-menu-order: 3 x-merge-override: parameters: false x-permission: operator: OR permissions: - api_keys_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update an API key. operationId: UpdateAPIKey parameters: - $ref: '#/components/parameters/APIKeyId' requestBody: content: application/json: schema: $ref: '#/components/schemas/APIKeyUpdateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/APIKeyResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Edit an Api Key tags: - Edit - Keys x-codegen-request-body-name: body x-menu-order: 2 x-permission: operator: OR permissions: - api_keys_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: true get: true patch: true /api/v2/apicatalog/api: get: deprecated: true description: List APIs and their IDs. operationId: ListAPIs parameters: - description: Filter APIs by name in: query name: query required: false schema: example: payments type: string example: payments - description: Number of items per page. in: query name: page[limit] required: false schema: default: 20 format: int64 minimum: 1 type: integer example: 42 - description: Offset for pagination. in: query name: page[offset] required: false schema: default: 0 format: int64 minimum: 0 type: integer example: 42 responses: '200': content: application/json: schema: $ref: '#/components/schemas/ListAPIsResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_api_catalog_read summary: Datadog List Apis tags: - Lists x-menu-order: 4 x-permission: operator: OR permissions: - apm_api_catalog_read x-undo: type: safe x-unstable: '**Note**: This endpoint is deprecated.' x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/apicatalog/api/{id}: delete: deprecated: true description: Delete a specific API by ID. operationId: DeleteOpenAPI parameters: - description: ID of the API to delete in: path name: id required: true schema: $ref: '#/components/schemas/ApiID' example: abc-123-def responses: '204': description: API deleted successfully '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: API not found error '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_api_catalog_write summary: Datadog Delete an Api tags: - Delete x-menu-order: 5 x-permission: operator: OR permissions: - apm_api_catalog_write x-undo: type: idempotent x-unstable: '**Note**: This endpoint is deprecated.' x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/apicatalog/api/{id}/openapi: get: deprecated: true description: >- Retrieve information about a specific API in [OpenAPI](https://spec.openapis.org/oas/latest.html) format file. operationId: GetOpenAPI parameters: - description: ID of the API to retrieve in: path name: id required: true schema: $ref: '#/components/schemas/ApiID' example: abc-123-def responses: '200': content: multipart/form-data: schema: format: binary type: string description: OK '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: API not found error '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_api_catalog_read summary: Datadog Get an Api tags: - Get x-menu-order: 3 x-permission: operator: OR permissions: - apm_api_catalog_read x-undo: type: safe x-unstable: '**Note**: This endpoint is deprecated.' x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK put: deprecated: true description: > Update information about a specific API. The given content will replace all API content of the given ID. The ID is returned by the create API, or can be found in the URL in the API catalog UI. operationId: UpdateOpenAPI parameters: - description: ID of the API to modify in: path name: id required: true schema: $ref: '#/components/schemas/ApiID' example: abc-123-def requestBody: content: multipart/form-data: schema: $ref: '#/components/schemas/OpenAPIFile' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/UpdateOpenAPIResponse' description: API updated successfully '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: API not found error '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_api_catalog_write summary: Datadog Update an Api tags: - Update x-menu-order: 2 x-permission: operator: OR permissions: - apm_api_catalog_write x-undo: type: idempotent x-unstable: '**Note**: This endpoint is deprecated.' x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/apicatalog/openapi: post: deprecated: true description: > Create a new API from the [OpenAPI](https://spec.openapis.org/oas/latest.html) specification given. See the [API Catalog documentation](https://docs.datadoghq.com/api_catalog/add_metadata/) for additional information about the possible metadata. It returns the created API ID. operationId: CreateOpenAPI requestBody: content: multipart/form-data: schema: $ref: '#/components/schemas/OpenAPIFile' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/CreateOpenAPIResponse' description: API created successfully '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_api_catalog_write summary: Datadog Create a New Api tags: - Create x-given: managed_api: parameters: - name: openapi_spec_file value: '"openapi-spec.yaml"' step: there is a valid "managed_api" in the system x-menu-order: 1 x-permission: operator: OR permissions: - apm_api_catalog_write x-undo: operationId: DeleteOpenAPI parameters: - name: id source: data.id type: unsafe x-unstable: '**Note**: This endpoint is deprecated.' x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/apm/config/metrics: get: description: Get the list of configured span-based metrics with their definitions. operationId: ListSpansMetrics responses: '200': content: application/json: schema: $ref: '#/components/schemas/SpansMetricsResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get All Span-based Metrics tags: - All - Get - Metrics x-menu-order: 1 x-permission: operator: OR permissions: - apm_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Create a metric based on your ingested spans in your organization. Returns the span-based metric object from the request body when the request is successful. operationId: CreateSpansMetric requestBody: content: application/json: schema: $ref: '#/components/schemas/SpansMetricCreateRequest' description: The definition of the new span-based metric. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/SpansMetricResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create a Span-based Metric tags: - Create - Metrics x-codegen-request-body-name: body x-given: spans_metric: parameters: - name: body value: |- { "data": { "id": "{{ unique }}", "attributes": { "filter": { "query": "source:{{ unique }}" }, "compute": { "aggregation_type": "distribution", "path": "@duration", "include_percentiles": false }, "group_by": [ { "path": "resource_name", "tag_name": "resource_name" } ] }, "type": "spans_metrics" } } step: there is a valid "spans_metric" in the system x-menu-order: 2 x-permission: operator: OR permissions: - apm_generate_metrics x-undo: operationId: DeleteSpansMetric parameters: - name: metric_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/apm/config/metrics/{metric_id}: delete: description: Delete a specific span-based metric from your organization. operationId: DeleteSpansMetric parameters: - $ref: '#/components/parameters/SpansMetricIDParameter' responses: '204': description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete a Span-based Metric tags: - Delete - Metrics x-menu-order: 5 x-permission: operator: OR permissions: - apm_generate_metrics x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a specific span-based metric from your organization. operationId: GetSpansMetric parameters: - $ref: '#/components/parameters/SpansMetricIDParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/SpansMetricResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get a Span-based Metric tags: - Get - Metrics x-menu-order: 3 x-permission: operator: OR permissions: - apm_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- Update a specific span-based metric from your organization. Returns the span-based metric object from the request body when the request is successful. operationId: UpdateSpansMetric parameters: - $ref: '#/components/parameters/SpansMetricIDParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/SpansMetricUpdateRequest' description: New definition of the span-based metric. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/SpansMetricResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update a Span-based Metric tags: - Metrics - Update x-codegen-request-body-name: body x-menu-order: 4 x-permission: operator: OR permissions: - apm_generate_metrics x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/apm/config/retention-filters: get: description: Get the list of APM retention filters. operationId: ListApmRetentionFilters responses: '200': content: application/json: schema: $ref: '#/components/schemas/RetentionFiltersResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List All Apm Retention Filters tags: - All - Lists - Retention x-menu-order: 1 x-permission: operator: OR permissions: - apm_retention_filter_read - apm_pipelines_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Create a retention filter to index spans in your organization. Returns the retention filter definition when the request is successful. Default filters with types spans-errors-sampling-processor and spans-appsec-sampling-processor cannot be created. operationId: CreateApmRetentionFilter requestBody: content: application/json: schema: $ref: '#/components/schemas/RetentionFilterCreateRequest' description: The definition of the new retention filter. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/RetentionFilterCreateResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create a Retention Filter tags: - Create - Filter - Retention x-codegen-request-body-name: body x-given: retention_filter: parameters: - name: body value: |- { "data": { "attributes": { "name": "demo retention filter", "rate": 0.90, "filter": { "query": "@_top_level:1 test:service-demo" }, "enabled": true, "filter_type": "spans-sampling-processor" }, "type": "apm_retention_filter" } } step: there is a valid "retention_filter" in the system x-menu-order: 2 x-permission: operator: OR permissions: - apm_retention_filter_write - apm_pipelines_write x-undo: operationId: DeleteApmRetentionFilter parameters: - name: filter_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/apm/config/retention-filters-execution-order: put: description: Re-order the execution order of retention filters. operationId: ReorderApmRetentionFilters requestBody: content: application/json: schema: $ref: '#/components/schemas/ReorderRetentionFiltersRequest' description: The list of retention filters in the new order. required: true responses: '200': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Re-order Retention Filters tags: - Retention x-codegen-request-body-name: body x-menu-order: 6 x-permission: operator: OR permissions: - apm_retention_filter_write - apm_pipelines_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/apm/config/retention-filters/{filter_id}: delete: description: >- Delete a specific retention filter from your organization. Default filters with types spans-errors-sampling-processor and spans-appsec-sampling-processor cannot be deleted. operationId: DeleteApmRetentionFilter parameters: - $ref: '#/components/parameters/RetentionFilterIdParam' responses: '200': description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete a Retention Filter tags: - Delete - Filter - Retention x-menu-order: 5 x-permission: operator: OR permissions: - apm_retention_filter_write - apm_pipelines_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get an APM retention filter. operationId: GetApmRetentionFilter parameters: - $ref: '#/components/parameters/RetentionFilterIdParam' responses: '200': content: application/json: schema: $ref: '#/components/schemas/RetentionFilterResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get a Given Apm Retention Filter tags: - Filter - Get - Given - Retention x-menu-order: 3 x-permission: operator: OR permissions: - apm_retention_filter_read - apm_pipelines_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: >- Update a retention filter from your organization. Default filters (filters with types spans-errors-sampling-processor and spans-appsec-sampling-processor) cannot be renamed or removed. operationId: UpdateApmRetentionFilter parameters: - $ref: '#/components/parameters/RetentionFilterIdParam' requestBody: content: application/json: schema: $ref: '#/components/schemas/RetentionFilterUpdateRequest' description: The updated definition of the retention filter. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/RetentionFilterResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update a Retention Filter tags: - Filter - Retention - Update x-codegen-request-body-name: body x-menu-order: 4 x-permission: operator: OR permissions: - apm_retention_filter_write - apm_pipelines_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/app-builder/apps: delete: description: Delete multiple apps in a single request from a list of app IDs. operationId: DeleteApps requestBody: content: application/json: schema: $ref: '#/components/schemas/DeleteAppsRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/DeleteAppsResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete Multiple Apps tags: - Applications - Delete - Multiple x-menu-order: 3 x-permission: operator: OR permissions: - apps_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: >- List all apps, with optional filters and sorting. This endpoint is paginated. Only basic app information such as the app ID, name, and description is returned by this endpoint. operationId: ListApps parameters: - description: The number of apps to return per page. in: query name: limit required: false schema: format: int64 type: integer example: 42 - description: The page number to return. in: query name: page required: false schema: format: int64 type: integer example: 42 - description: Filter apps by the app creator. Usually the user's email. in: query name: filter[user_name] required: false schema: type: string example: Example Monitor - description: Filter apps by the app creator's UUID. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 in: query name: filter[user_uuid] required: false schema: format: uuid type: string - description: Filter by app name. in: query name: filter[name] required: false schema: type: string example: Example Monitor - description: Filter apps by the app name or the app creator. in: query name: filter[query] required: false schema: type: string example: avg:system.cpu.user{*} - description: Filter apps by whether they are published. in: query name: filter[deployed] required: false schema: type: boolean example: true - description: Filter apps by tags. in: query name: filter[tags] required: false schema: type: string example: env:production - description: Filter apps by whether you have added them to your favorites. in: query name: filter[favorite] required: false schema: type: boolean example: true - description: Filter apps by whether they are enabled for self-service. in: query name: filter[self_service] required: false schema: type: boolean example: true - description: The fields and direction to sort apps by. explode: false in: query name: sort required: false schema: items: $ref: '#/components/schemas/AppsSortField' type: array style: form responses: '200': content: application/json: schema: $ref: '#/components/schemas/ListAppsResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List Apps tags: - Applications - Lists x-menu-order: 1 x-permission: operator: OR permissions: - apps_run x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a new app, returning the app ID. operationId: CreateApp requestBody: content: application/json: schema: $ref: '#/components/schemas/CreateAppRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/CreateAppResponse' description: Created '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create App tags: - Applications - Create x-given: app: parameters: - name: body value: >- {"data":{"type":"appDefinitions","attributes":{"rootInstanceName":"grid0","components":[{"name":"grid0","type":"grid","properties":{"children":[{"type":"gridCell","name":"gridCell0","properties":{"children":[{"name":"text0","type":"text","properties":{"content":"# Cat Facts","contentType":"markdown","textAlign":"left","verticalAlign":"top","isVisible":true},"events":[]}],"isVisible":"true","layout":{"default":{"x":0,"y":0,"width":4,"height":5}}},"events":[]},{"type":"gridCell","name":"gridCell2","properties":{"children":[{"name":"table0","type":"table","properties":{"data":"${fetchFacts?.outputs?.body?.data}","columns":[{"dataPath":"fact","header":"fact","isHidden":false,"id":"0ae2ae9e-0280-4389-83c6-1c5949f7e674"},{"dataPath":"length","header":"length","isHidden":true,"id":"c9048611-0196-4a00-9366-1ef9e3ec0408"},{"id":"8fa9284b-7a58-4f13-9959-57b7d8a7fe8f","dataPath":"Due Date","header":"Unused Old Column","disableSortBy":false,"formatter":{"type":"formatted_time","format":"LARGE_WITHOUT_TIME"},"isDeleted":true}],"summary":true,"pageSize":"${pageSize?.value}","paginationType":"server_side","isLoading":"${fetchFacts?.isLoading}","rowButtons":[],"isWrappable":false,"isScrollable":"vertical","isSubRowsEnabled":false,"globalFilter":false,"isVisible":true,"totalCount":"${fetchFacts?.outputs?.body?.total}"},"events":[]}],"isVisible":"true","layout":{"default":{"x":0,"y":5,"width":12,"height":96}}},"events":[]},{"type":"gridCell","name":"gridCell1","properties":{"children":[{"name":"text1","type":"text","properties":{"content":"## Random Fact\n\n${randomFact?.outputs?.fact}","contentType":"markdown","textAlign":"left","verticalAlign":"top","isVisible":true},"events":[]}],"isVisible":"true","layout":{"default":{"x":0,"y":101,"width":12,"height":16}}},"events":[]},{"type":"gridCell","name":"gridCell3","properties":{"children":[{"name":"button0","type":"button","properties":{"label":"Increase Page Size","level":"default","isPrimary":true,"isBorderless":false,"isLoading":false,"isDisabled":false,"isVisible":true,"iconLeft":"angleUp","iconRight":""},"events":[{"variableName":"pageSize","value":"${pageSize?.value + 1}","name":"click","type":"setStateVariableValue"}]}],"isVisible":"true","layout":{"default":{"x":10,"y":134,"width":2,"height":4}}},"events":[]},{"type":"gridCell","name":"gridCell4","properties":{"children":[{"name":"button1","type":"button","properties":{"label":"Decrease Page Size","level":"default","isPrimary":true,"isBorderless":false,"isLoading":false,"isDisabled":false,"isVisible":true,"iconLeft":"angleDown","iconRight":""},"events":[{"variableName":"pageSize","value":"${pageSize?.value - 1}","name":"click","type":"setStateVariableValue"}]}],"isVisible":"true","layout":{"default":{"x":10,"y":138,"width":2,"height":4}}},"events":[]}],"backgroundColor":"default"},"events":[]}],"queries":[{"id":"92ff0bb8-553b-4f31-87c7-ef5bd16d47d5","type":"action","name":"fetchFacts","events":[],"properties":{"spec":{"fqn":"com.datadoghq.http.request","connectionId":"5e63f4a8-4ce6-47de-ba11-f6617c1d54f3","inputs":{"verb":"GET","url":"https://catfact.ninja/facts","urlParams":[{"key":"limit","value":"${pageSize.value.toString()}"},{"key":"page","value":"${(table0.pageIndex + 1).toString()}"}]}}}},{"type":"stateVariable","name":"pageSize","properties":{"defaultValue":"${20}"},"id":"afd03c81-4075-4432-8618-ba09d52d2f2d"},{"type":"dataTransform","name":"randomFact","properties":{"outputs":"${(() => {const facts = fetchFacts.outputs.body.data\nreturn facts[Math.floor(Math.random()*facts.length)]\n})()}"},"id":"0fb22859-47dc-4137-9e41-7b67d04c525c"}],"name":"Example Cat Facts Viewer","description":"This is a slightly complicated example app that fetches and displays cat facts"}}} step: there is a valid "app" in the system x-menu-order: 2 x-permission: operator: AND permissions: - apps_write - connections_resolve - workflows_run x-undo: operationId: DeleteApp parameters: - name: app_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/app-builder/apps/{app_id}: delete: description: Delete a single app. operationId: DeleteApp parameters: - description: The ID of the app to delete. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 in: path name: app_id required: true schema: format: uuid type: string responses: '200': content: application/json: schema: $ref: '#/components/schemas/DeleteAppResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Not Found '410': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Gone '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete App tags: - Applications - Delete x-menu-order: 6 x-permission: operator: OR permissions: - apps_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get the full definition of an app. operationId: GetApp parameters: - description: The ID of the app to retrieve. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 in: path name: app_id required: true schema: format: uuid type: string - description: >- The version number of the app to retrieve. If not specified, the latest version is returned. Version numbers start at 1 and increment with each update. The special values `latest` and `deployed` can be used to retrieve the latest version or the published version, respectively. in: query name: version required: false schema: type: string example: example_value responses: '200': content: application/json: schema: $ref: '#/components/schemas/GetAppResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Not Found '410': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Gone '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get App tags: - Applications - Get x-menu-order: 4 x-permission: operator: AND permissions: - apps_run - connections_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update an existing app. This creates a new version of the app. operationId: UpdateApp parameters: - description: The ID of the app to update. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 in: path name: app_id required: true schema: format: uuid type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateAppRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/UpdateAppResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update App tags: - Applications - Update x-menu-order: 5 x-permission: operator: AND permissions: - apps_write - connections_resolve - workflows_run x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/app-builder/apps/{app_id}/deployment: delete: description: >- Unpublish an app, removing the live version of the app. Unpublishing creates a new instance of a `deployment` object on the app, with a nil `app_version_id` (`00000000-0000-0000-0000-000000000000`). The app can still be updated and published again in the future. operationId: UnpublishApp parameters: - description: The ID of the app to unpublish. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 in: path name: app_id required: true schema: format: uuid type: string responses: '200': content: application/json: schema: $ref: '#/components/schemas/UnpublishAppResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Unpublish App tags: - Applications x-menu-order: 8 x-permission: operator: OR permissions: - apps_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Publish an app for use by other users. To ensure the app is accessible to the correct users, you also need to set a [Restriction Policy](https://docs.datadoghq.com/api/latest/restriction-policies/) on the app if a policy does not yet exist. operationId: PublishApp parameters: - description: The ID of the app to publish. example: 65bb1f25-52e1-4510-9f8d-22d1516ed693 in: path name: app_id required: true schema: format: uuid type: string responses: '201': content: application/json: schema: $ref: '#/components/schemas/PublishAppResponse' description: Created '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Publish App tags: - Applications - Publish x-menu-order: 7 x-permission: operator: OR permissions: - apps_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/application_keys: get: description: List all application keys available for your org operationId: ListApplicationKeys parameters: - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' - $ref: '#/components/parameters/ApplicationKeysSortParameter' - $ref: '#/components/parameters/ApplicationKeyFilterParameter' - $ref: '#/components/parameters/ApplicationKeyFilterCreatedAtStartParameter' - $ref: '#/components/parameters/ApplicationKeyFilterCreatedAtEndParameter' - $ref: '#/components/parameters/ApplicationKeyIncludeParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/ListApplicationKeysResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get All Application Keys tags: - All - Applications - Get - Keys x-menu-order: 9 x-permission: operator: OR permissions: - org_app_keys_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/application_keys/{app_key_id}: delete: description: Delete an application key operationId: DeleteApplicationKey parameters: - $ref: '#/components/parameters/ApplicationKeyID' responses: '204': description: No Content '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete an Application Key tags: - Applications - Delete - Keys x-codegen-request-body-name: body x-menu-order: 6 x-permission: operator: OR permissions: - org_app_keys_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get an application key for your org. operationId: GetApplicationKey parameters: - $ref: '#/components/parameters/ApplicationKeyID' - $ref: '#/components/parameters/ApplicationKeyIncludeParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/ApplicationKeyResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get an Application Key tags: - Applications - Get - Keys x-menu-order: 8 x-permission: operator: OR permissions: - org_app_keys_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Edit an application key operationId: UpdateApplicationKey parameters: - $ref: '#/components/parameters/ApplicationKeyID' requestBody: content: application/json: schema: $ref: '#/components/schemas/ApplicationKeyUpdateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/ApplicationKeyResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Edit an Application Key tags: - Applications - Edit - Keys x-codegen-request-body-name: body x-menu-order: 7 x-permission: operator: OR permissions: - org_app_keys_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: true get: false /api/v2/audit/events: get: description: >- List endpoint returns events that match a Audit Logs search query. [Results are paginated][1]. Use this endpoint to see your latest Audit Logs events. [1]: https://docs.datadoghq.com/logs/guide/collect-multiple-logs-with-pagination operationId: ListAuditLogs parameters: - description: Search query following Audit Logs syntax. example: '@type:session @application_id:xxxx' in: query name: filter[query] required: false schema: type: string - description: Minimum timestamp for requested events. example: '2019-01-02T09:42:36.320Z' in: query name: filter[from] required: false schema: format: date-time type: string - description: Maximum timestamp for requested events. example: '2019-01-03T09:42:36.320Z' in: query name: filter[to] required: false schema: format: date-time type: string - description: Order of events in results. in: query name: sort required: false schema: $ref: '#/components/schemas/AuditLogsSort' example: example_value - description: List following results with a cursor provided in the previous query. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== in: query name: page[cursor] required: false schema: type: string - description: Maximum number of events in the response. example: 25 in: query name: page[limit] required: false schema: default: 10 format: int32 maximum: 1000 type: integer responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuditLogsEventsResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get a List of Audit Logs Events tags: - Audit - Events - Get - Lists - Logs x-menu-order: 2 x-pagination: cursorParam: page[cursor] cursorPath: meta.page.after limitParam: page[limit] resultsPath: data x-permission: operator: OR permissions: - audit_logs_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/audit/events/search: post: description: >- List endpoint returns Audit Logs events that match an Audit search query. [Results are paginated][1]. Use this endpoint to build complex Audit Logs events filtering and search. [1]: https://docs.datadoghq.com/logs/guide/collect-multiple-logs-with-pagination operationId: SearchAuditLogs requestBody: content: application/json: schema: $ref: '#/components/schemas/AuditLogsSearchEventsRequest' required: false responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuditLogsEventsResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Search Audit Logs Events tags: - Audit - Events - Logs - Search x-codegen-request-body-name: body x-menu-order: 1 x-pagination: cursorParam: body.page.cursor cursorPath: meta.page.after limitParam: body.page.limit resultsPath: data x-permission: operator: OR permissions: - audit_logs_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/authn_mappings: get: description: List all AuthN Mappings in the org. operationId: ListAuthNMappings parameters: - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' - description: Sort AuthN Mappings depending on the given field. in: query name: sort required: false schema: $ref: '#/components/schemas/AuthNMappingsSort' example: example_value - description: Filter all mappings by the given string. in: query name: filter required: false schema: type: string example: example_value - description: >- Filter by mapping resource type. Defaults to "role" if not specified. in: query name: resource_type schema: $ref: '#/components/schemas/AuthNMappingResourceType' example: metric alert responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthNMappingsResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication Error '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List All Authn Mappings tags: - All - Lists x-menu-order: 4 x-permission: operator: OPEN permissions: [] x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create an AuthN Mapping. operationId: CreateAuthNMapping requestBody: content: application/json: schema: $ref: '#/components/schemas/AuthNMappingCreateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthNMappingResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication Error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create an Authn Mapping tags: - Create - Mapping x-codegen-request-body-name: body x-given: authn_mapping: parameters: - name: body value: |- { "data": { "attributes": { "attribute_key": "{{ unique_lower_alnum }}", "attribute_value": "{{ unique }}" }, "relationships": { "role": { "data": { "id": "{{ role.data.id }}", "type": "{{ role.data.type }}" } } }, "type": "authn_mappings" } } step: there is a valid "authn_mapping" in the system x-menu-order: 5 x-permission: operator: OR permissions: - user_access_manage x-undo: operationId: DeleteAuthNMapping parameters: - name: authn_mapping_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: get: false post: false /api/v2/authn_mappings/{authn_mapping_id}: delete: description: Delete an AuthN Mapping specified by AuthN Mapping UUID. operationId: DeleteAuthNMapping parameters: - $ref: '#/components/parameters/AuthNMappingID' responses: '204': description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication Error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete an Authn Mapping tags: - Delete - Mapping x-menu-order: 3 x-permission: operator: OR permissions: - user_access_manage x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get an AuthN Mapping specified by the AuthN Mapping UUID. operationId: GetAuthNMapping parameters: - $ref: '#/components/parameters/AuthNMappingID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthNMappingResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication Error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get an Authn Mapping by Uuid tags: - Get - Mapping x-menu-order: 1 x-permission: operator: OPEN permissions: [] x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Edit an AuthN Mapping. operationId: UpdateAuthNMapping parameters: - $ref: '#/components/parameters/AuthNMappingID' requestBody: content: application/json: schema: $ref: '#/components/schemas/AuthNMappingUpdateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/AuthNMappingResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication Error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '409': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Conflict '422': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Unprocessable Entity '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Edit an Authn Mapping tags: - Edit - Mapping x-codegen-request-body-name: body x-menu-order: 2 x-permission: operator: OR permissions: - user_access_manage x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: get: false patch: false /api/v2/cases: get: description: Search cases. operationId: SearchCases parameters: - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' - $ref: '#/components/parameters/CaseSortableFieldParameter' - description: Search query in: query name: filter required: false schema: example: status:open (team:case-management OR team:event-management) type: string example: status:open (team:case-management OR team:event-management) - description: Specify if order is ascending or not in: query name: sort[asc] required: false schema: default: false type: boolean example: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/CasesResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cases_read summary: Datadog Search Cases tags: - Cases - Search x-menu-order: 1 x-pagination: limitParam: page[size] pageParam: page[number] resultsPath: data x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a Case operationId: CreateCase requestBody: content: application/json: schema: $ref: '#/components/schemas/CaseCreateRequest' description: Case payload required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/CaseResponse' description: CREATED '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cases_write summary: Datadog Create a Case tags: - Case - Create x-given: case: parameters: - name: body value: |- { "data": { "attributes": { "title": "My new case", "type": "STANDARD", "priority": "P4" }, "relationships": { "project": { "data": { "id": "d4bbe1af-f36e-42f1-87c1-493ca35c320e", "type": "project" } } }, "type": "case" } } source: data step: there is a valid "case" in the system x-menu-order: 2 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cases/projects: get: description: Get all projects. operationId: GetProjects responses: '200': content: application/json: schema: $ref: '#/components/schemas/ProjectsResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cases_read summary: Datadog Get All Projects tags: - All - Get - Projects x-menu-order: 2 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a project. operationId: CreateProject requestBody: content: application/json: schema: $ref: '#/components/schemas/ProjectCreateRequest' description: Project payload required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/ProjectResponse' description: CREATED '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cases_write summary: Datadog Create a Project tags: - Create - Projects x-menu-order: 1 x-undo: operationId: DeleteProject parameters: - name: project_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cases/projects/{project_id}: delete: description: Remove a project using the project's `id`. operationId: DeleteProject parameters: - $ref: '#/components/parameters/ProjectIDPathParameter' responses: '204': description: No Content '403': $ref: '#/components/responses/ForbiddenResponse' '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cases_write summary: Datadog Remove a Project tags: - Projects - Remove x-menu-order: 4 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get the details of a project by `project_id`. operationId: GetProject parameters: - $ref: '#/components/parameters/ProjectIDPathParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/ProjectResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cases_read summary: Datadog Get the Details of a Project tags: - Get - Projects x-menu-order: 3 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cases/{case_id}: get: description: Get the details of case by `case_id` operationId: GetCase parameters: - $ref: '#/components/parameters/CaseIDPathParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/CaseResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cases_read summary: Datadog Get the Details of a Case tags: - Case - Get x-menu-order: 3 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cases/{case_id}/archive: post: description: Archive case operationId: ArchiveCase parameters: - $ref: '#/components/parameters/CaseIDPathParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/CaseEmptyRequest' description: Archive case payload required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/CaseResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cases_write summary: Datadog Archive Case tags: - Archive - Case x-menu-order: 8 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cases/{case_id}/assign: post: description: Assign case to a user operationId: AssignCase parameters: - $ref: '#/components/parameters/CaseIDPathParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/CaseAssignRequest' description: Assign case payload required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/CaseResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cases_write summary: Datadog Assign Case tags: - Assign - Case x-menu-order: 6 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cases/{case_id}/priority: post: description: Update case priority operationId: UpdatePriority parameters: - $ref: '#/components/parameters/CaseIDPathParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/CaseUpdatePriorityRequest' description: Case priority update payload required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/CaseResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cases_write summary: Datadog Update Case Priority tags: - Case - Priority - Update x-menu-order: 5 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cases/{case_id}/status: post: description: Update case status operationId: UpdateStatus parameters: - $ref: '#/components/parameters/CaseIDPathParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/CaseUpdateStatusRequest' description: Case status update payload required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/CaseResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cases_write summary: Datadog Update Case Status tags: - Case - Status - Update x-menu-order: 4 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cases/{case_id}/unarchive: post: description: Unarchive case operationId: UnarchiveCase parameters: - $ref: '#/components/parameters/CaseIDPathParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/CaseEmptyRequest' description: Unarchive case payload required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/CaseResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cases_write summary: Datadog Unarchive Case tags: - Case - Unarchive x-menu-order: 9 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cases/{case_id}/unassign: post: description: Unassign case operationId: UnassignCase parameters: - $ref: '#/components/parameters/CaseIDPathParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/CaseEmptyRequest' description: Unassign case payload required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/CaseResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cases_write summary: Datadog Unassign Case tags: - Case - Unassign x-menu-order: 7 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/catalog/entity: get: description: Get a list of entities from Software Catalog. operationId: ListCatalogEntity parameters: - $ref: '#/components/parameters/PageOffset' - description: Maximum number of entities in the response. example: 100 in: query name: page[limit] required: false schema: default: 100 format: int64 type: integer - $ref: '#/components/parameters/FilterByID' - $ref: '#/components/parameters/FilterByRef' - $ref: '#/components/parameters/FilterByName' - $ref: '#/components/parameters/FilterByKind' - $ref: '#/components/parameters/FilterByOwner' - $ref: '#/components/parameters/FilterByRelationType' - $ref: '#/components/parameters/FilterByExcludeSnapshot' - $ref: '#/components/parameters/Include' responses: '200': content: application/json: schema: $ref: '#/components/schemas/ListEntityCatalogResponse' description: OK '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_service_catalog_read summary: Datadog Get a List of Entities tags: - Entities - Get - Lists x-menu-order: 1 x-pagination: limitParam: page[limit] pageOffsetParam: page[offset] resultsPath: data x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create or update entities in Software Catalog. operationId: UpsertCatalogEntity requestBody: content: application/json: schema: $ref: '#/components/schemas/UpsertCatalogEntityRequest' description: Entity YAML or JSON. required: true responses: '202': content: application/json: schema: $ref: '#/components/schemas/UpsertCatalogEntityResponse' description: ACCEPTED '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_service_catalog_write summary: Datadog Create or Update Entities tags: - Create - Entities - Update x-codegen-request-body-name: body x-given: entity: parameters: - name: body value: |- { "apiVersion": "v3", "kind": "service", "metadata": { "name": "service-{{ unique_lower_alnum }}", "displayName": "Shopping Cart", "inheritFrom": "service:otherService", "tags": [ "tag:value" ], "links": [ { "name": "shopping-cart runbook", "type": "runbook", "url": "https://runbook/shopping-cart" }, { "name": "shopping-cart architecture", "provider": "gdoc", "url": "https://google.drive/shopping-cart-architecture", "type": "doc" }, { "name": "shopping-cart Wiki", "provider": "wiki", "url": "https://wiki/shopping-cart", "type": "doc" }, { "name": "shopping-cart source code", "provider": "github", "url": "http://github/shopping-cart", "type": "repo" } ], "contacts": [ { "name": "Support Email", "type": "email", "contact": "team@shopping.com" }, { "name": "Support Slack", "type": "slack", "contact": "https://www.slack.com/archives/shopping-cart" } ], "owner": "myteam", "additionalOwners": [ { "name": "opsTeam", "type": "operator" } ] }, "integrations": { "pagerduty": { "serviceURL": "https://www.pagerduty.com/service-directory/Pshopping-cart" }, "opsgenie": { "serviceURL": "https://www.opsgenie.com/service/shopping-cart", "region": "US" } }, "extensions": { "datadoghq.com/shopping-cart": { "customField": "customValue" } }, "spec": { "lifecycle": "production", "tier": "1", "type": "web", "languages": [ "go", "python" ], "dependsOn": [ "service:serviceA", "service:serviceB" ] }, "datadog": { "performanceData": { "tags": [ "service:shopping-cart", "hostname:shopping-cart" ] }, "events": [ { "name": "deployment events", "query": "app:myapp AND type:github" }, { "name": "event type B", "query": "app:myapp AND type:github" } ], "logs": [ { "name": "critical logs", "query": "app:myapp AND type:github" }, { "name": "ops logs", "query": "app:myapp AND type:github" } ], "pipelines": { "fingerprints": [ "fp1", "fp2" ] }, "codeLocations": [ { "repositoryURL": "http://github/shopping-cart.git", "paths": [ "baz/*.c", "bat/**/*", "../plop/*.java" ] }, { "repositoryURL": "http://github/shopping-cart-2.git", "paths": [ "baz/*.c", "bat/**/*", "../plop/*.java" ] } ] } } step: there is a valid entity in the system x-menu-order: 2 x-undo: operationId: DeleteCatalogEntity parameters: - name: entity_id source: data[0].id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/catalog/entity/{entity_id}: delete: description: Delete a single entity in Software Catalog. operationId: DeleteCatalogEntity parameters: - $ref: '#/components/parameters/EntityID' responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_service_catalog_write summary: Datadog Delete a Single Entity tags: - Delete - Entity - Single x-menu-order: 3 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/catalog/relation: get: description: Get a list of entity relations from Software Catalog. operationId: ListCatalogRelation parameters: - $ref: '#/components/parameters/PageOffset' - description: Maximum number of relations in the response. example: 100 in: query name: page[limit] required: false schema: default: 100 format: int64 type: integer - $ref: '#/components/parameters/FilterRelationByType' - $ref: '#/components/parameters/FilterRelationByFromRef' - $ref: '#/components/parameters/FilterRelationByToRef' - $ref: '#/components/parameters/RelationInclude' responses: '200': content: application/json: schema: $ref: '#/components/schemas/ListRelationCatalogResponse' description: OK '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_service_catalog_read summary: Datadog Get a List of Entity Relations tags: - Entity - Get - Lists x-menu-order: 3 x-pagination: limitParam: page[limit] pageOffsetParam: page[offset] resultsPath: data x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/ci/pipeline: post: description: >- Send your pipeline event to your Datadog platform over HTTP. For details about how pipeline executions are modeled and what execution types we support, see [Pipeline Data Model And Execution Types](https://docs.datadoghq.com/continuous_integration/guides/pipeline_data_model/). Pipeline events can be submitted with a timestamp that is up to 18 hours in the past. operationId: CreateCIAppPipelineEvent requestBody: content: application/json: schema: $ref: '#/components/schemas/CIAppCreatePipelineEventRequest' required: true responses: '202': content: application/json: schema: type: object description: Request accepted for processing '400': content: application/json: schema: $ref: '#/components/schemas/HTTPCIAppErrors' description: Bad Request '401': content: application/json: schema: $ref: '#/components/schemas/HTTPCIAppErrors' description: Unauthorized '403': content: application/json: schema: $ref: '#/components/schemas/HTTPCIAppErrors' description: Forbidden '408': content: application/json: schema: $ref: '#/components/schemas/HTTPCIAppErrors' description: Request Timeout '413': content: application/json: schema: $ref: '#/components/schemas/HTTPCIAppErrors' description: Payload Too Large '429': content: application/json: schema: $ref: '#/components/schemas/HTTPCIAppErrors' description: Too Many Requests '500': content: application/json: schema: $ref: '#/components/schemas/HTTPCIAppErrors' description: Internal Server Error '503': content: application/json: schema: $ref: '#/components/schemas/HTTPCIAppErrors' description: Service Unavailable security: - apiKeyAuth: [] summary: Datadog Send Pipeline Event tags: - Events - Pipelines - Send x-codegen-request-body-name: body x-menu-order: 1 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/ci/pipelines/analytics/aggregate: post: description: >- Use this API endpoint to aggregate CI Visibility pipeline events into buckets of computed metrics and timeseries. operationId: AggregateCIAppPipelineEvents requestBody: content: application/json: schema: $ref: '#/components/schemas/CIAppPipelinesAggregateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/CIAppPipelinesAnalyticsAggregateResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - ci_visibility_read summary: Datadog Aggregate Pipelines Events tags: - Aggregate - Events - Pipelines x-codegen-request-body-name: body x-menu-order: 4 x-permission: operator: OR permissions: - ci_visibility_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/ci/pipelines/events: get: description: >- List endpoint returns CI Visibility pipeline events that match a [search query](https://docs.datadoghq.com/continuous_integration/explorer/search_syntax/). [Results are paginated similarly to logs](https://docs.datadoghq.com/logs/guide/collect-multiple-logs-with-pagination). Use this endpoint to see your latest pipeline events. operationId: ListCIAppPipelineEvents parameters: - description: Search query following log syntax. example: '@ci.provider.name:github @ci.pipeline.name:Pull Request Labeler' in: query name: filter[query] required: false schema: type: string - description: Minimum timestamp for requested events. example: '2019-01-02T09:42:36.320Z' in: query name: filter[from] required: false schema: format: date-time type: string - description: Maximum timestamp for requested events. example: '2019-01-03T09:42:36.320Z' in: query name: filter[to] required: false schema: format: date-time type: string - description: Order of events in results. in: query name: sort required: false schema: $ref: '#/components/schemas/CIAppSort' example: example_value - description: List following results with a cursor provided in the previous query. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== in: query name: page[cursor] required: false schema: type: string - description: Maximum number of events in the response. example: 25 in: query name: page[limit] required: false schema: default: 10 format: int32 maximum: 1000 type: integer responses: '200': content: application/json: schema: $ref: '#/components/schemas/CIAppPipelineEventsResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - ci_visibility_read summary: Datadog Get a List of Pipelines Events tags: - Events - Get - Lists - Pipelines x-menu-order: 2 x-pagination: cursorParam: page[cursor] cursorPath: meta.page.after limitParam: page[limit] resultsPath: data x-permission: operator: OR permissions: - ci_visibility_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/ci/pipelines/events/search: post: description: >- List endpoint returns CI Visibility pipeline events that match a [search query](https://docs.datadoghq.com/continuous_integration/explorer/search_syntax/). [Results are paginated similarly to logs](https://docs.datadoghq.com/logs/guide/collect-multiple-logs-with-pagination). Use this endpoint to build complex events filtering and search. operationId: SearchCIAppPipelineEvents requestBody: content: application/json: schema: $ref: '#/components/schemas/CIAppPipelineEventsRequest' required: false responses: '200': content: application/json: schema: $ref: '#/components/schemas/CIAppPipelineEventsResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - ci_visibility_read summary: Datadog Search Pipelines Events tags: - Events - Pipelines - Search x-codegen-request-body-name: body x-menu-order: 3 x-pagination: cursorParam: body.page.cursor cursorPath: meta.page.after limitParam: body.page.limit resultsPath: data x-permission: operator: OR permissions: - ci_visibility_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/ci/tests/analytics/aggregate: post: description: >- The API endpoint to aggregate CI Visibility test events into buckets of computed metrics and timeseries. operationId: AggregateCIAppTestEvents requestBody: content: application/json: schema: $ref: '#/components/schemas/CIAppTestsAggregateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/CIAppTestsAnalyticsAggregateResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - ci_visibility_read summary: Datadog Aggregate Tests Events tags: - Aggregate - Events - Tests x-codegen-request-body-name: body x-menu-order: 3 x-permission: operator: OR permissions: - ci_visibility_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/ci/tests/events: get: description: >- List endpoint returns CI Visibility test events that match a [search query](https://docs.datadoghq.com/continuous_integration/explorer/search_syntax/). [Results are paginated similarly to logs](https://docs.datadoghq.com/logs/guide/collect-multiple-logs-with-pagination). Use this endpoint to see your latest test events. operationId: ListCIAppTestEvents parameters: - description: Search query following log syntax. example: '@test.name:test_foo @test.suite:github.com/DataDog/dd-go/model' in: query name: filter[query] required: false schema: type: string - description: Minimum timestamp for requested events. example: '2019-01-02T09:42:36.320Z' in: query name: filter[from] required: false schema: format: date-time type: string - description: Maximum timestamp for requested events. example: '2019-01-03T09:42:36.320Z' in: query name: filter[to] required: false schema: format: date-time type: string - description: Order of events in results. in: query name: sort required: false schema: $ref: '#/components/schemas/CIAppSort' example: example_value - description: List following results with a cursor provided in the previous query. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== in: query name: page[cursor] required: false schema: type: string - description: Maximum number of events in the response. example: 25 in: query name: page[limit] required: false schema: default: 10 format: int32 maximum: 1000 type: integer responses: '200': content: application/json: schema: $ref: '#/components/schemas/CIAppTestEventsResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - ci_visibility_read summary: Datadog Get a List of Tests Events tags: - Events - Get - Lists - Tests x-menu-order: 1 x-pagination: cursorParam: page[cursor] cursorPath: meta.page.after limitParam: page[limit] resultsPath: data x-permission: operator: OR permissions: - ci_visibility_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/ci/tests/events/search: post: description: >- List endpoint returns CI Visibility test events that match a [search query](https://docs.datadoghq.com/continuous_integration/explorer/search_syntax/). [Results are paginated similarly to logs](https://docs.datadoghq.com/logs/guide/collect-multiple-logs-with-pagination). Use this endpoint to build complex events filtering and search. operationId: SearchCIAppTestEvents requestBody: content: application/json: schema: $ref: '#/components/schemas/CIAppTestEventsRequest' required: false responses: '200': content: application/json: schema: $ref: '#/components/schemas/CIAppTestEventsResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - ci_visibility_read summary: Datadog Search Tests Events tags: - Events - Search - Tests x-codegen-request-body-name: body x-menu-order: 2 x-pagination: cursorParam: body.page.cursor cursorPath: meta.page.after limitParam: body.page.limit resultsPath: data x-permission: operator: OR permissions: - ci_visibility_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cloud_security_management/custom_frameworks: post: description: Create a custom framework. operationId: CreateCustomFramework requestBody: content: application/json: schema: $ref: '#/components/schemas/CreateCustomFrameworkRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/CreateCustomFrameworkResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' '500': $ref: '#/components/responses/BadRequestResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_rules_read - security_monitoring_rules_write summary: Datadog Create a Custom Framework tags: - Create - Custom - Framework x-codegen-request-body-name: body x-given: custom_framework: parameters: - name: body value: |- { "data": { "type":"custom_framework", "attributes":{ "name":"name", "handle":"create-framework-new", "version":"10", "icon_url":"test-url", "requirements":[{ "name":"requirement", "controls":[{ "name":"control", "rules_id": ["def-000-be9"] }] }] } } } step: there is a valid "custom_framework" in the system x-menu-order: 4 x-permission: operator: AND permissions: - security_monitoring_rules_read - security_monitoring_rules_write x-undo: operationId: DeleteCustomFramework parameters: - name: handle source: data.attributes.handle - name: version source: data.attributes.version type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cloud_security_management/custom_frameworks/{handle}/{version}: delete: description: Delete a custom framework. operationId: DeleteCustomFramework parameters: - $ref: '#/components/parameters/CustomFrameworkHandle' - $ref: '#/components/parameters/CustomFrameworkVersion' responses: '200': content: application/json: schema: $ref: '#/components/schemas/DeleteCustomFrameworkResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' '500': $ref: '#/components/responses/BadRequestResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_rules_read - security_monitoring_rules_write summary: Datadog Delete a Custom Framework tags: - Custom - Delete - Framework x-codegen-request-body-name: body x-menu-order: 4 x-permission: operator: AND permissions: - security_monitoring_rules_read - security_monitoring_rules_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a custom framework. operationId: GetCustomFramework parameters: - $ref: '#/components/parameters/CustomFrameworkHandle' - $ref: '#/components/parameters/CustomFrameworkVersion' responses: '200': content: application/json: schema: $ref: '#/components/schemas/GetCustomFrameworkResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' '500': $ref: '#/components/responses/BadRequestResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_rules_read summary: Datadog Get a Custom Framework tags: - Custom - Framework - Get x-codegen-request-body-name: body x-menu-order: 4 x-permission: operator: OR permissions: - security_monitoring_rules_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: Update a custom framework. operationId: UpdateCustomFramework parameters: - $ref: '#/components/parameters/CustomFrameworkHandle' - $ref: '#/components/parameters/CustomFrameworkVersion' requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateCustomFrameworkRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/UpdateCustomFrameworkResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' '500': $ref: '#/components/responses/BadRequestResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_rules_read - security_monitoring_rules_write summary: Datadog Update a Custom Framework tags: - Custom - Framework - Update x-codegen-request-body-name: body x-menu-order: 4 x-permission: operator: AND permissions: - security_monitoring_rules_read - security_monitoring_rules_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cloud_security_management/resource_filters: get: description: List resource filters. operationId: GetResourceEvaluationFilters parameters: - $ref: '#/components/parameters/ResourceFilterProvider' - $ref: '#/components/parameters/ResourceFilterAccountID' - $ref: '#/components/parameters/SkipCache' responses: '200': content: application/json: schema: $ref: '#/components/schemas/GetResourceEvaluationFiltersResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_filters_read summary: Datadog List Resource Filters tags: - Lists - Resource x-menu-order: 26 x-permission: operator: OR permissions: - security_monitoring_filters_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: Update resource filters. operationId: UpdateResourceEvaluationFilters requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateResourceEvaluationFiltersRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/UpdateResourceEvaluationFiltersResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_filters_write summary: Datadog Update Resource Filters tags: - Resource - Update x-codegen-request-body-name: body x-menu-order: 27 x-permission: operator: OR permissions: - security_monitoring_filters_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/container_images: get: description: Get all Container Images for your organization. operationId: ListContainerImages parameters: - description: Comma-separated list of tags to filter Container Images by. example: short_image:redis,status:running in: query name: filter[tags] required: false schema: type: string - description: Comma-separated list of tags to group Container Images by. example: registry,image_tags in: query name: group_by required: false schema: type: string - description: Attribute to sort Container Images by. example: container_count in: query name: sort required: false schema: type: string - description: Maximum number of results returned. in: query name: page[size] required: false schema: default: 1000 format: int32 maximum: 10000 minimum: 1 type: integer example: 42 - description: >- String to query the next page of results. This key is provided with each valid response from the API in `meta.pagination.next_cursor`. in: query name: page[cursor] required: false schema: type: string example: example_value responses: '200': content: application/json: schema: $ref: '#/components/schemas/ContainerImagesResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication Error '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Get All Container Images tags: - All - Containers - Get - Images x-menu-order: 1 x-pagination: cursorParam: page[cursor] cursorPath: meta.pagination.next_cursor limitParam: page[size] resultsPath: data x-permission: operator: OPEN permissions: [] x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/containers: get: description: Get all containers for your organization. operationId: ListContainers parameters: - description: Comma-separated list of tags to filter containers by. example: env:prod,short_image:cassandra in: query name: filter[tags] required: false schema: type: string - description: Comma-separated list of tags to group containers by. example: datacenter,cluster in: query name: group_by required: false schema: type: string - description: Attribute to sort containers by. example: started_at in: query name: sort required: false schema: type: string - description: Maximum number of results returned. in: query name: page[size] required: false schema: default: 1000 format: int32 maximum: 10000 minimum: 1 type: integer example: 42 - description: >- String to query the next page of results. This key is provided with each valid response from the API in `meta.pagination.next_cursor`. in: query name: page[cursor] required: false schema: type: string example: example_value responses: '200': content: application/json: schema: $ref: '#/components/schemas/ContainersResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication Error '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Get All Containers tags: - All - Containers - Get x-menu-order: 1 x-pagination: cursorParam: page[cursor] cursorPath: meta.pagination.next_cursor limitParam: page[size] resultsPath: data x-permission: operator: OPEN permissions: [] x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cost/aws_cur_config: get: description: List the AWS CUR configs. operationId: ListCostAWSCURConfigs responses: '200': content: application/json: schema: $ref: '#/components/schemas/AwsCURConfigsResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cloud_cost_management_read summary: Datadog List Cloud Cost Management Aws Cur Configs tags: - Cloud - Cost - Lists - Management x-menu-order: 1 x-permission: operator: OR permissions: - cloud_cost_management_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a Cloud Cost Management account for an AWS CUR config. operationId: CreateCostAWSCURConfig requestBody: content: application/json: schema: $ref: '#/components/schemas/AwsCURConfigPostRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/AwsCURConfigResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cloud_cost_management_write summary: Datadog Create Cloud Cost Management Aws Cur Config tags: - Cloud - Cost - Create - Management x-menu-order: 3 x-permission: operator: OR permissions: - cloud_cost_management_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cost/aws_cur_config/{cloud_account_id}: delete: description: Archive a Cloud Cost Management Account. operationId: DeleteCostAWSCURConfig parameters: - $ref: '#/components/parameters/CloudAccountID' responses: '204': description: No Content '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cloud_cost_management_write summary: Datadog Delete Cloud Cost Management Aws Cur Config tags: - Cloud - Cost - Delete - Management x-menu-order: 4 x-permission: operator: OR permissions: - cloud_cost_management_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- Update the status (active/archived) and/or account filtering configuration of an AWS CUR config. operationId: UpdateCostAWSCURConfig parameters: - $ref: '#/components/parameters/CloudAccountID' requestBody: content: application/json: schema: $ref: '#/components/schemas/AwsCURConfigPatchRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/AwsCURConfigsResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cloud_cost_management_write summary: Datadog Update Cloud Cost Management Aws Cur Config tags: - Cloud - Cost - Management - Update x-menu-order: 2 x-permission: operator: OR permissions: - cloud_cost_management_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cost/azure_uc_config: get: description: List the Azure configs. operationId: ListCostAzureUCConfigs responses: '200': content: application/json: schema: $ref: '#/components/schemas/AzureUCConfigsResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cloud_cost_management_read summary: Datadog List Cloud Cost Management Azure Configs tags: - Cloud - Cost - Lists - Management x-menu-order: 6 x-permission: operator: OR permissions: - cloud_cost_management_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a Cloud Cost Management account for an Azure config. operationId: CreateCostAzureUCConfigs requestBody: content: application/json: schema: $ref: '#/components/schemas/AzureUCConfigPostRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/AzureUCConfigPairsResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cloud_cost_management_write summary: Datadog Create Cloud Cost Management Azure Configs tags: - Cloud - Cost - Create - Management x-menu-order: 8 x-permission: operator: OR permissions: - cloud_cost_management_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cost/azure_uc_config/{cloud_account_id}: delete: description: Archive a Cloud Cost Management Account. operationId: DeleteCostAzureUCConfig parameters: - $ref: '#/components/parameters/CloudAccountID' responses: '204': description: No Content '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cloud_cost_management_write summary: Datadog Delete Cloud Cost Management Azure Config tags: - Cloud - Cost - Delete - Management x-menu-order: 9 x-permission: operator: OR permissions: - cloud_cost_management_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update the status of an Azure config (active/archived). operationId: UpdateCostAzureUCConfigs parameters: - $ref: '#/components/parameters/CloudAccountID' requestBody: content: application/json: schema: $ref: '#/components/schemas/AzureUCConfigPatchRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/AzureUCConfigPairsResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cloud_cost_management_write summary: Datadog Update Cloud Cost Management Azure Config tags: - Cloud - Cost - Management - Update x-menu-order: 7 x-permission: operator: OR permissions: - cloud_cost_management_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: true /api/v2/cost/budget: put: description: Create a new budget or update an existing one. operationId: UpsertBudget requestBody: content: application/json: schema: $ref: '#/components/schemas/BudgetWithEntries' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/BudgetWithEntries' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cloud_cost_management_write summary: Datadog Create or Update a Budget tags: - Budget - Create - Update x-menu-order: 14 x-undo: operationId: DeleteBudget parameters: - name: budget_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cost/budget/{budget_id}: delete: description: Delete a budget. operationId: DeleteBudget parameters: - $ref: '#/components/parameters/BudgetID' responses: '204': description: No Content '400': $ref: '#/components/responses/BadRequestResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cloud_cost_management_write summary: Datadog Delete a Budget tags: - Budget - Delete x-menu-order: 15 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a budget. operationId: GetBudget parameters: - $ref: '#/components/parameters/BudgetID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/BudgetWithEntries' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cloud_cost_management_read summary: Datadog Get a Budget tags: - Budget - Get x-menu-order: 16 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cost/budgets: get: description: List budgets. operationId: ListBudgets responses: '200': content: application/json: schema: $ref: '#/components/schemas/BudgetArray' description: OK '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cloud_cost_management_read summary: Datadog List Budgets tags: - Budgets - Lists x-menu-order: 17 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cost/custom_costs: get: description: List the Custom Costs files. operationId: ListCustomCostsFiles responses: '200': content: application/json: schema: $ref: '#/components/schemas/CustomCostsFileListResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cloud_cost_management_read summary: Datadog List Custom Costs Files tags: - Custom - Files - Lists x-menu-order: 10 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: Upload a Custom Costs file. operationId: UploadCustomCostsFile requestBody: content: application/json: schema: $ref: '#/components/schemas/CustomCostsFileUploadRequest' required: true responses: '202': content: application/json: schema: $ref: '#/components/schemas/CustomCostsFileUploadResponse' description: Accepted '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cloud_cost_management_write summary: Datadog Upload Custom Costs File tags: - Custom - Files - Upload x-menu-order: 11 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cost/custom_costs/{file_id}: delete: description: Delete the specified Custom Costs file. operationId: DeleteCustomCostsFile parameters: - $ref: '#/components/parameters/FileID' responses: '204': description: No Content '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cloud_cost_management_write summary: Datadog Delete Custom Costs File tags: - Custom - Delete - Files x-menu-order: 13 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Fetch the specified Custom Costs file. operationId: GetCustomCostsFile parameters: - $ref: '#/components/parameters/FileID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/CustomCostsFileGetResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - cloud_cost_management_read summary: Datadog Get Custom Costs File tags: - Custom - Files - Get x-menu-order: 12 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cost_by_tag/active_billing_dimensions: get: description: >- Get active billing dimensions for cost attribution. Cost data for a given month becomes available no later than the 19th of the following month. operationId: GetActiveBillingDimensions responses: '200': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/ActiveBillingDimensionsResponse' description: OK '400': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden - User is not authorized '429': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too many requests security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - usage_read summary: Datadog Get Active Billing Dimensions for Cost Attribution tags: - Active - Billing - Cost - Dimensions - Get x-menu-order: 5 x-permission: operator: OR permissions: - usage_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/cost_by_tag/monthly_cost_attribution: get: description: >- Get monthly cost attribution by tag across multi-org and single root-org accounts. Cost Attribution data for a given month becomes available no later than the 19th of the following month. This API endpoint is paginated. To make sure you receive all records, check if the value of `next_record_id` is set in the response. If it is, make another request and pass `next_record_id` as a parameter. Pseudo code example: ``` response := GetMonthlyCostAttribution(start_month, end_month) cursor := response.metadata.pagination.next_record_id WHILE cursor != null BEGIN sleep(5 seconds) # Avoid running into rate limit response := GetMonthlyCostAttribution(start_month, end_month, next_record_id=cursor) cursor := response.metadata.pagination.next_record_id END ``` This endpoint is only accessible for [parent-level organizations](https://docs.datadoghq.com/account_management/multi_organization/). This endpoint is not available in the Government (US1-FED) site. operationId: GetMonthlyCostAttribution parameters: - description: >- Datetime in ISO-8601 format, UTC, precise to month: `[YYYY-MM]` for cost beginning in this month. in: query name: start_month required: true schema: format: date-time type: string example: example_value - description: >- Datetime in ISO-8601 format, UTC, precise to month: `[YYYY-MM]` for cost ending this month. in: query name: end_month required: false schema: format: date-time type: string example: example_value - description: >- Comma-separated list specifying cost types (e.g., `_on_demand_cost`, `_committed_cost`, `_total_cost`) and the proportions (`_percentage_in_org`, `_percentage_in_account`). Use `*` to retrieve all fields. Example: `infra_host_on_demand_cost,infra_host_percentage_in_account` To obtain the complete list of active billing dimensions that can be used to replace `` in the field names, make a request to the [Get active billing dimensions API](https://docs.datadoghq.com/api/latest/usage-metering/#get-active-billing-dimensions-for-cost-attribution). in: query name: fields required: true schema: type: string example: example_value - description: 'The direction to sort by: `[desc, asc]`.' in: query name: sort_direction required: false schema: $ref: '#/components/schemas/SortDirection' example: example_value - description: >- The billing dimension to sort by. Always sorted by total cost. Example: `infra_host`. in: query name: sort_name required: false schema: type: string example: Example Monitor - description: >- Comma separated list of tag keys used to group cost. If no value is provided the cost will not be broken down by tags. To see which tags are available, look for the value of `tag_config_source` in the API response. in: query name: tag_breakdown_keys required: false schema: type: string example: env:production - description: >- List following results with a next_record_id provided in the previous query. in: query name: next_record_id required: false schema: type: string example: abc-123-def - description: Include child org cost in the response. Defaults to `true`. in: query name: include_descendants required: false schema: default: true type: boolean example: true responses: '200': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/MonthlyCostAttributionResponse' description: OK '400': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden - User is not authorized '429': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too many requests security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - usage_read summary: Datadog Get Monthly Cost Attribution tags: - Cost - Get - Monthly x-menu-order: 5 x-permission: operator: OR permissions: - usage_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/csm/onboarding/agents: get: description: Get the list of all CSM Agents running on your hosts and containers. operationId: ListAllCSMAgents parameters: - description: The page index for pagination (zero-based). in: query name: page required: false schema: example: 2 format: int32 maximum: 1000000 minimum: 0 type: integer example: 2 - description: The number of items to include in a single page. in: query name: size required: false schema: example: 12 format: int32 maximum: 100 minimum: 0 type: integer example: 12 - description: >- A search query string to filter results (for example, `hostname:COMP-T2H4J27423`). in: query name: query required: false schema: example: hostname:COMP-T2H4J27423 type: string example: hostname:COMP-T2H4J27423 - description: >- The sort direction for results. Use `asc` for ascending or `desc` for descending. in: query name: order_direction required: false schema: $ref: '#/components/schemas/OrderDirection' example: example_value responses: '200': content: application/json: schema: $ref: '#/components/schemas/CsmAgentsResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get All Csm Agents tags: - Agents - All - Get x-menu-order: 3 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/csm/onboarding/coverage_analysis/cloud_accounts: get: description: |- Get the CSM Coverage Analysis of your Cloud Accounts. This is calculated based on the number of your Cloud Accounts that are scanned for security issues. operationId: GetCSMCloudAccountsCoverageAnalysis responses: '200': content: application/json: schema: $ref: '#/components/schemas/CsmCloudAccountsCoverageAnalysisResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get the Csm Cloud Accounts Coverage Analysis tags: - Accounts - Analysis - Cloud - Coverage - Get x-menu-order: 1 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/csm/onboarding/coverage_analysis/hosts_and_containers: get: description: |- Get the CSM Coverage Analysis of your Hosts and Containers. This is calculated based on the number of agents running on your Hosts and Containers with CSM feature(s) enabled. operationId: GetCSMHostsAndContainersCoverageAnalysis responses: '200': content: application/json: schema: $ref: >- #/components/schemas/CsmHostsAndContainersCoverageAnalysisResponse description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get the Csm Hosts and Containers Coverage Analysis tags: - Analysis - Containers - Coverage - Get - Hosts x-menu-order: 1 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/csm/onboarding/coverage_analysis/serverless: get: description: >- Get the CSM Coverage Analysis of your Serverless Resources. This is calculated based on the number of agents running on your Serverless Resources with CSM feature(s) enabled. operationId: GetCSMServerlessCoverageAnalysis responses: '200': content: application/json: schema: $ref: '#/components/schemas/CsmServerlessCoverageAnalysisResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get the Csm Serverless Coverage Analysis tags: - Analysis - Coverage - Get - Serverless x-menu-order: 1 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/csm/onboarding/serverless/agents: get: description: >- Get the list of all CSM Serverless Agents running on your hosts and containers. operationId: ListAllCSMServerlessAgents parameters: - description: The page index for pagination (zero-based). in: query name: page required: false schema: example: 2 format: int32 maximum: 1000000 minimum: 0 type: integer example: 2 - description: The number of items to include in a single page. in: query name: size required: false schema: example: 12 format: int32 maximum: 100 minimum: 0 type: integer example: 12 - description: >- A search query string to filter results (for example, `hostname:COMP-T2H4J27423`). in: query name: query required: false schema: example: hostname:COMP-T2H4J27423 type: string example: hostname:COMP-T2H4J27423 - description: >- The sort direction for results. Use `asc` for ascending or `desc` for descending. in: query name: order_direction required: false schema: $ref: '#/components/schemas/OrderDirection' example: example_value responses: '200': content: application/json: schema: $ref: '#/components/schemas/CsmAgentsResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get All Csm Serverless Agents tags: - Agents - All - Get - Serverless x-menu-order: 3 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/current_user/application_keys: get: description: List all application keys available for current user operationId: ListCurrentUserApplicationKeys parameters: - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' - $ref: '#/components/parameters/ApplicationKeysSortParameter' - $ref: '#/components/parameters/ApplicationKeyFilterParameter' - $ref: '#/components/parameters/ApplicationKeyFilterCreatedAtStartParameter' - $ref: '#/components/parameters/ApplicationKeyFilterCreatedAtEndParameter' - $ref: '#/components/parameters/ApplicationKeyIncludeParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/ListApplicationKeysResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get All Application Keys Owned by Current User tags: - All - Applications - Current - Get - Keys - Owned - Users x-menu-order: 5 x-permission: operator: OR permissions: - user_app_keys x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create an application key for current user operationId: CreateCurrentUserApplicationKey requestBody: content: application/json: schema: $ref: '#/components/schemas/ApplicationKeyCreateRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/ApplicationKeyResponse' description: Created '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create an Application Key for Current User tags: - Applications - Create - Current - Keys - Users x-codegen-request-body-name: body x-given: application_key: parameters: - name: body value: |- { "data": { "attributes": { "name": "{{ unique }}" }, "type": "application_keys" } } step: there is a valid "application_key" in the system x-menu-order: 4 x-permission: operator: OR permissions: - user_app_keys x-undo: operationId: DeleteCurrentUserApplicationKey parameters: - name: app_key_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/current_user/application_keys/{app_key_id}: delete: description: Delete an application key owned by current user operationId: DeleteCurrentUserApplicationKey parameters: - $ref: '#/components/parameters/ApplicationKeyID' responses: '204': description: No Content '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete an Application Key Owned by Current User tags: - Applications - Current - Delete - Keys - Owned - Users x-menu-order: 1 x-permission: operator: OR permissions: - user_app_keys x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get an application key owned by current user operationId: GetCurrentUserApplicationKey parameters: - $ref: '#/components/parameters/ApplicationKeyID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/ApplicationKeyResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get One Application Key Owned by Current User tags: - Applications - Current - Get - Keys - Owned - Users x-menu-order: 3 x-permission: operator: OR permissions: - user_app_keys x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Edit an application key owned by current user operationId: UpdateCurrentUserApplicationKey parameters: - $ref: '#/components/parameters/ApplicationKeyID' requestBody: content: application/json: schema: $ref: '#/components/schemas/ApplicationKeyUpdateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/ApplicationKeyResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Edit an Application Key Owned by Current User tags: - Applications - Current - Edit - Keys - Owned - Users x-codegen-request-body-name: body x-menu-order: 2 x-permission: operator: OR permissions: - user_app_keys x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: true patch: true /api/v2/dashboard/lists/manual/{dashboard_list_id}/dashboards: delete: description: Delete dashboards from an existing dashboard list. operationId: DeleteDashboardListItems parameters: - description: ID of the dashboard list to delete items from. in: path name: dashboard_list_id required: true schema: format: int64 type: integer example: 42 requestBody: content: application/json: schema: $ref: '#/components/schemas/DashboardListDeleteItemsRequest' description: Dashboards to delete from the dashboard list. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/DashboardListDeleteItemsResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete Items from a Dashboard List tags: - Dashboards - Delete - Items - Lists x-codegen-request-body-name: body x-menu-order: 4 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Fetch the dashboard list’s dashboard definitions. operationId: GetDashboardListItems parameters: - description: ID of the dashboard list to get items from. in: path name: dashboard_list_id required: true schema: format: int64 type: integer example: 42 responses: '200': content: application/json: schema: $ref: '#/components/schemas/DashboardListItems' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - dashboards_read summary: Datadog Get Items of a Dashboard List tags: - Dashboards - Get - Items - Lists x-menu-order: 1 x-permission: operator: OR permissions: - dashboards_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Add dashboards to an existing dashboard list. operationId: CreateDashboardListItems parameters: - description: ID of the dashboard list to add items to. in: path name: dashboard_list_id required: true schema: format: int64 type: integer example: 42 requestBody: content: application/json: schema: $ref: '#/components/schemas/DashboardListAddItemsRequest' description: Dashboards to add to the dashboard list. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/DashboardListAddItemsResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Add Items to a Dashboard List tags: - Add - Dashboards - Items - Lists x-codegen-request-body-name: body x-given: dashboard_list_dashboard: parameters: - name: dashboard_list_id source: dashboard_list.id - name: body value: |- { "dashboards": [ { "id": "{{ dashboard.id }}", "type": "custom_timeboard" } ] } step: the "dashboard_list" has the "dashboard" dashboard_list_screenboard_dashboard: parameters: - name: dashboard_list_id source: dashboard_list.id - name: body value: |- { "dashboards": [ { "id": "{{ screenboard_dashboard.id }}", "type": "custom_screenboard" } ] } step: the "dashboard_list" has the "screenboard_dashboard" x-menu-order: 2 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: Update dashboards of an existing dashboard list. operationId: UpdateDashboardListItems parameters: - description: ID of the dashboard list to update items from. in: path name: dashboard_list_id required: true schema: format: int64 type: integer example: 42 requestBody: content: application/json: schema: $ref: '#/components/schemas/DashboardListUpdateItemsRequest' description: New dashboards of the dashboard list. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/DashboardListUpdateItemsResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update Items of a Dashboard List tags: - Dashboards - Items - Lists - Update x-codegen-request-body-name: body x-menu-order: 3 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/domain_allowlist: get: description: Get the domain allowlist for an organization. operationId: GetDomainAllowlist responses: '200': content: application/json: schema: $ref: '#/components/schemas/DomainAllowlistResponse' description: OK '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - org_management summary: Datadog Get Domain Allowlist tags: - Domain - Get x-menu-order: 1 x-permission: operator: OR permissions: - org_management x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update the domain allowlist for an organization. operationId: PatchDomainAllowlist requestBody: content: application/json: schema: $ref: '#/components/schemas/DomainAllowlistRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/DomainAllowlistResponse' description: OK '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - org_management summary: Datadog Sets Domain Allowlist tags: - Domain - Sets x-menu-order: 2 x-permission: operator: OR permissions: - org_management x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/dora/deployment: post: description: >- Use this API endpoint to provide data about deployments for DORA metrics. This is necessary for: - Deployment Frequency - Change Lead Time - Change Failure Rate operationId: CreateDORADeployment requestBody: content: application/json: schema: $ref: '#/components/schemas/DORADeploymentRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/DORADeploymentResponse' description: OK '202': content: application/json: schema: $ref: '#/components/schemas/DORADeploymentResponse' description: OK - but delayed due to incident '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad Request '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] summary: Datadog Send a Deployment Event for Dora Metrics tags: - Deployments - Events - Metrics - Send x-codegen-request-body-name: body x-menu-order: 1 x-undo: type: idempotent x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/dora/deployments: post: description: Use this API endpoint to get a list of deployment events. operationId: ListDORADeployments requestBody: content: application/json: schema: $ref: '#/components/schemas/DORAListDeploymentsRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/DORAListResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad Request '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] summary: Datadog Get a List of Deployment Events tags: - Deployments - Events - Get - Lists x-codegen-request-body-name: body x-menu-order: 3 x-permission: operator: OR permissions: - dora_metrics_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/dora/deployments/{deployment_id}: get: description: Use this API endpoint to get a deployment event. operationId: GetDORADeployment parameters: - description: The ID of the deployment event. in: path name: deployment_id required: true schema: type: string example: abc-123-def responses: '200': content: application/json: schema: $ref: '#/components/schemas/DORAFetchResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad Request '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] - appKeyAuth: [] summary: Datadog Get a Deployment Event tags: - Deployments - Events - Get x-codegen-request-body-name: body x-menu-order: 5 x-permission: operator: OR permissions: - dora_metrics_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/dora/failures: post: description: Use this API endpoint to get a list of failure events. operationId: ListDORAFailures requestBody: content: application/json: schema: $ref: '#/components/schemas/DORAListFailuresRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/DORAListResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad Request '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] summary: Datadog Get a List of Failure Events tags: - Events - Failure - Get - Lists x-codegen-request-body-name: body x-menu-order: 4 x-permission: operator: OR permissions: - dora_metrics_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/dora/failures/{failure_id}: get: description: Use this API endpoint to get a failure event. operationId: GetDORAFailure parameters: - description: The ID of the failure event. in: path name: failure_id required: true schema: type: string example: abc-123-def responses: '200': content: application/json: schema: $ref: '#/components/schemas/DORAFetchResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad Request '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] - appKeyAuth: [] summary: Datadog Get a Failure Event tags: - Events - Failure - Get x-codegen-request-body-name: body x-menu-order: 6 x-permission: operator: OR permissions: - dora_metrics_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/dora/incident: post: description: |- Use this API endpoint to provide failure data for DORA metrics. This is necessary for: - Change Failure Rate - Time to Restore operationId: CreateDORAIncident requestBody: content: application/json: schema: $ref: '#/components/schemas/DORAIncidentRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/DORAIncidentResponse' description: OK '202': content: application/json: schema: $ref: '#/components/schemas/DORAIncidentResponse' description: OK - but delayed due to incident '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad Request '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] summary: Datadog Send an Incident Event for Dora Metrics tags: - Events - Incident - Metrics - Send x-codegen-request-body-name: body x-menu-order: 2 x-undo: type: idempotent x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/downtime: get: description: Get all scheduled downtimes. operationId: ListDowntimes parameters: - description: Only return downtimes that are active when the request is made. in: query name: current_only required: false schema: type: boolean example: true - description: >- Comma-separated list of resource paths for related resources to include in the response. Supported resource paths are `created_by` and `monitor`. in: query name: include required: false schema: example: created_by,monitor type: string example: created_by,monitor - $ref: '#/components/parameters/PageOffset' - description: Maximum number of downtimes in the response. example: 100 in: query name: page[limit] required: false schema: default: 30 format: int64 type: integer responses: '200': content: application/json: schema: $ref: '#/components/schemas/ListDowntimesResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - monitors_downtime summary: Datadog Get All Downtimes tags: - All - Get x-menu-order: 1 x-pagination: limitParam: page[limit] pageOffsetParam: page[offset] resultsPath: data x-permission: operator: OR permissions: - monitors_downtime x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Schedule a downtime. operationId: CreateDowntime requestBody: content: application/json: schema: $ref: '#/components/schemas/DowntimeCreateRequest' description: Schedule a downtime request body. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/DowntimeResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - monitors_downtime summary: Datadog Schedule a Downtime tags: - Schedules x-codegen-request-body-name: body x-given: downtime_v2: parameters: - name: body value: |- { "data": { "attributes": { "message": "test message", "monitor_identifier": { "monitor_tags": ["cat:hat"] }, "scope": "test:{{ unique_lower_alnum }}", "schedule": { "start": null } }, "type": "downtime" } } step: there is a valid "downtime_v2" in the system x-menu-order: 2 x-permission: operator: OR permissions: - monitors_downtime x-undo: operationId: CancelDowntime parameters: - name: downtime_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/downtime/{downtime_id}: delete: description: >- Cancel a downtime. **Note**: Downtimes canceled through the API are no longer active, but are retained for approximately two days before being permanently removed. The downtime may still appear in search results until it is permanently removed. operationId: CancelDowntime parameters: - description: ID of the downtime to cancel. in: path name: downtime_id required: true schema: example: 00000000-0000-1234-0000-000000000000 type: string example: 00000000-0000-1234-0000-000000000000 responses: '204': description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Downtime not found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - monitors_downtime summary: Datadog Cancel a Downtime tags: - Cancel x-menu-order: 4 x-permission: operator: OR permissions: - monitors_downtime x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get downtime detail by `downtime_id`. operationId: GetDowntime parameters: - description: ID of the downtime to fetch. in: path name: downtime_id required: true schema: example: 00000000-0000-1234-0000-000000000000 type: string example: 00000000-0000-1234-0000-000000000000 - description: >- Comma-separated list of resource paths for related resources to include in the response. Supported resource paths are `created_by` and `monitor`. in: query name: include required: false schema: example: created_by,monitor type: string example: created_by,monitor responses: '200': content: application/json: schema: $ref: '#/components/schemas/DowntimeResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - monitors_downtime summary: Datadog Get a Downtime tags: - Get x-menu-order: 5 x-permission: operator: OR permissions: - monitors_downtime x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update a downtime by `downtime_id`. operationId: UpdateDowntime parameters: - description: ID of the downtime to update. in: path name: downtime_id required: true schema: example: 00e000000-0000-1234-0000-000000000000 type: string example: 00e000000-0000-1234-0000-000000000000 requestBody: content: application/json: schema: $ref: '#/components/schemas/DowntimeUpdateRequest' description: Update a downtime request body. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/DowntimeResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Downtime not found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - monitors_downtime summary: Datadog Update a Downtime tags: - Update x-codegen-request-body-name: body x-menu-order: 6 x-permission: operator: OR permissions: - monitors_downtime x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/events: get: description: >- List endpoint returns events that match an events search query. [Results are paginated similarly to logs](https://docs.datadoghq.com/logs/guide/collect-multiple-logs-with-pagination). Use this endpoint to see your latest events. operationId: ListEvents parameters: - description: Search query following events syntax. in: query name: filter[query] required: false schema: type: string example: avg:system.cpu.user{*} - description: Minimum timestamp for requested events, in milliseconds. in: query name: filter[from] required: false schema: type: string example: example_value - description: Maximum timestamp for requested events, in milliseconds. in: query name: filter[to] required: false schema: type: string example: example_value - description: Order of events in results. in: query name: sort required: false schema: $ref: '#/components/schemas/EventsSort' example: example_value - description: List following results with a cursor provided in the previous query. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== in: query name: page[cursor] required: false schema: type: string - description: Maximum number of events in the response. example: 25 in: query name: page[limit] required: false schema: default: 10 format: int32 maximum: 1000 type: integer responses: '200': content: application/json: schema: $ref: '#/components/schemas/EventsListResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - events_read summary: Datadog Get a List of Events tags: - Events - Get - Lists x-menu-order: 1 x-pagination: cursorParam: page[cursor] cursorPath: meta.page.after limitParam: page[limit] resultsPath: data x-permission: operator: OR permissions: - events_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- This endpoint allows you to post events. ✅ **Only events with the `change` category** are in General Availability. See [Change Tracking](https://docs.datadoghq.com/change_tracking) for more details. ❌ For use cases involving other event categories, please use the V1 endpoint. operationId: CreateEvent requestBody: content: application/json: examples: json-request-body: value: data: attributes: attributes: author: name: datadog@datadog.com type: user change_metadata: dd: team: datadog_team user_email: datadog@datadog.com user_id: datadog_user_id user_name: datadog_username resource_link: datadog.com/feature/fallback_payments_test changed_resource: name: fallback_payments_test type: feature_flag impacted_resources: - name: payments_api type: service new_value: enabled: true percentage: 50% rule: datacenter: devcycle.us1.prod prev_value: enabled: true percentage: 10% rule: datacenter: devcycle.us1.prod category: change message: payment_processed feature flag has been enabled tags: - env:test title: payment_processed feature flag updated type: event schema: $ref: '#/components/schemas/EventCreateRequestPayload' description: Event request object required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/EventCreateResponsePayload' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] summary: Datadog Post an Event tags: - Events - Post x-codegen-request-body-name: body x-menu-order: 2 x-undo: type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: get: false post: false /api/v2/events/search: post: description: >- List endpoint returns events that match an events search query. [Results are paginated similarly to logs](https://docs.datadoghq.com/logs/guide/collect-multiple-logs-with-pagination). Use this endpoint to build complex events filtering and search. operationId: SearchEvents requestBody: content: application/json: schema: $ref: '#/components/schemas/EventsListRequest' required: false responses: '200': content: application/json: schema: $ref: '#/components/schemas/EventsListResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Search Events tags: - Events - Search x-codegen-request-body-name: body x-menu-order: 2 x-pagination: cursorParam: body.page.cursor cursorPath: meta.page.after limitParam: body.page.limit resultsPath: data x-permission: operator: OR permissions: - events_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: post: false /api/v2/incidents: get: description: Get all incidents for the user's organization. operationId: ListIncidents parameters: - $ref: '#/components/parameters/IncidentIncludeQueryParameter' - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageOffset' responses: '200': content: application/json: schema: $ref: '#/components/schemas/IncidentsResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_read summary: Datadog Get a List of Incidents tags: - Get - Lists x-menu-order: 5 x-pagination: limitParam: page[size] pageOffsetParam: page[offset] resultsPath: data x-permission: operator: OR permissions: - incident_read x-undo: type: safe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create an incident. operationId: CreateIncident requestBody: content: application/json: schema: $ref: '#/components/schemas/IncidentCreateRequest' description: Incident payload. required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/IncidentResponse' description: CREATED '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_write summary: Datadog Create an Incident tags: - Create - Incident x-codegen-request-body-name: body x-given: incident: parameters: - name: body value: |- { "data": { "attributes": { "title": "{{ unique }}", "customer_impacted": false }, "type": "incidents" } } step: there is a valid "incident" in the system x-menu-order: 1 x-permission: operator: OR permissions: - incident_write x-undo: operationId: DeleteIncident parameters: - name: incident_id source: data.id type: unsafe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/incidents/config/types: get: description: Get all incident types. operationId: ListIncidentTypes parameters: - $ref: '#/components/parameters/IncidentTypeIncludeDeletedParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/IncidentTypeListResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_read summary: Datadog Get a List of Incident Types tags: - Get - Incident - Lists - Types x-menu-order: 20 x-permission: operator: OR permissions: - incident_read x-undo: type: safe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create an incident type. operationId: CreateIncidentType requestBody: content: application/json: schema: $ref: '#/components/schemas/IncidentTypeCreateRequest' description: Incident type payload. required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/IncidentTypeResponse' description: CREATED '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_settings_write summary: Datadog Create an Incident Type tags: - Create - Incident - Type x-codegen-request-body-name: body x-given: incident_type: parameters: - name: body value: |- { "data": { "attributes": { "name": "Security Incident", "description": "Any incidents that harm (or have the potential to) the confidentiality, integrity, or availability of our data.", "is_default": false }, "type": "incident_types" } } step: there is a valid "incident_type" in the system x-menu-order: 19 x-permission: operator: OR permissions: - incident_settings_write x-undo: operationId: DeleteIncidentType parameters: - name: incident_type_id source: data.id type: unsafe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/incidents/config/types/{incident_type_id}: delete: description: Delete an incident type. operationId: DeleteIncidentType parameters: - $ref: '#/components/parameters/IncidentTypeIDPathParameter' responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_settings_write summary: Datadog Delete an Incident Type tags: - Delete - Incident - Type x-codegen-request-body-name: body x-menu-order: 23 x-permission: operator: OR permissions: - incident_settings_write x-undo: type: idempotent x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get incident type details. operationId: GetIncidentType parameters: - $ref: '#/components/parameters/IncidentTypeIDPathParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/IncidentTypeResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_read summary: Datadog Get Incident Type Details tags: - Get - Incident - Type x-menu-order: 21 x-permission: operator: OR permissions: - incident_read x-undo: type: safe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update an incident type. operationId: UpdateIncidentType parameters: - $ref: '#/components/parameters/IncidentTypeIDPathParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/IncidentTypePatchRequest' description: Incident type payload. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/IncidentTypeResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_settings_write summary: Datadog Update an Incident Type tags: - Incident - Type - Update x-codegen-request-body-name: body x-menu-order: 22 x-permission: operator: OR permissions: - incident_settings_write x-undo: type: idempotent x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/incidents/search: get: description: Search for incidents matching a certain query. operationId: SearchIncidents parameters: - $ref: '#/components/parameters/IncidentSearchIncludeQueryParameter' - $ref: '#/components/parameters/IncidentSearchQueryQueryParameter' - $ref: '#/components/parameters/IncidentSearchSortQueryParameter' - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageOffset' responses: '200': content: application/json: schema: $ref: '#/components/schemas/IncidentSearchResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_read summary: Datadog Search for Incidents tags: - Search x-menu-order: 6 x-pagination: limitParam: page[size] pageOffsetParam: page[offset] resultsPath: data.attributes.incidents x-permission: operator: OR permissions: - incident_read x-undo: type: safe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/incidents/{incident_id}: delete: description: Deletes an existing incident from the users organization. operationId: DeleteIncident parameters: - $ref: '#/components/parameters/IncidentIDPathParameter' responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_write summary: Datadog Delete an Existing Incident tags: - Delete - Existing - Incident x-menu-order: 4 x-permission: operator: OR permissions: - incident_write x-undo: type: idempotent x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get the details of an incident by `incident_id`. operationId: GetIncident parameters: - $ref: '#/components/parameters/IncidentIDPathParameter' - $ref: '#/components/parameters/IncidentIncludeQueryParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/IncidentResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_read summary: Datadog Get the Details of an Incident tags: - Get - Incident x-menu-order: 2 x-permission: operator: OR permissions: - incident_read x-undo: type: safe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- Updates an incident. Provide only the attributes that should be updated as this request is a partial update. operationId: UpdateIncident parameters: - $ref: '#/components/parameters/IncidentIDPathParameter' - $ref: '#/components/parameters/IncidentIncludeQueryParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/IncidentUpdateRequest' description: Incident Payload. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/IncidentResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_write summary: Datadog Update an Existing Incident tags: - Existing - Incident - Update x-codegen-request-body-name: body x-menu-order: 3 x-permission: operator: OR permissions: - incident_write x-undo: type: idempotent x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: true /api/v2/incidents/{incident_id}/attachments: get: description: Get all attachments for a given incident. operationId: ListIncidentAttachments parameters: - $ref: '#/components/parameters/IncidentIDPathParameter' - $ref: '#/components/parameters/IncidentAttachmentIncludeQueryParameter' - $ref: '#/components/parameters/IncidentAttachmentFilterQueryParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/IncidentAttachmentsResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get a List of Attachments tags: - Attachments - Get - Lists x-menu-order: 7 x-permission: operator: OR permissions: - incident_read x-undo: type: safe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- The bulk update endpoint for creating, updating, and deleting attachments for a given incident. operationId: UpdateIncidentAttachments parameters: - $ref: '#/components/parameters/IncidentIDPathParameter' - $ref: '#/components/parameters/IncidentAttachmentIncludeQueryParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/IncidentAttachmentUpdateRequest' description: Incident Attachment Payload. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/IncidentAttachmentUpdateResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create, Update, and Delete Incident Attachments tags: - Attachments - Create - Delete - Incident - Update x-codegen-request-body-name: body x-given: incident_attachment: parameters: - name: incident_id source: incident.data.id - name: body value: |- { "data": [ { "attributes": { "attachment_type": "link", "attachment": { "documentUrl": "https://www.example.com/doc", "title": "Important Doc" } }, "type": "incident_attachments" } ] } step: the "incident" has an "incident_attachment" x-menu-order: 8 x-permission: operator: OR permissions: - incident_write x-undo: type: idempotent x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/incidents/{incident_id}/relationships/integrations: get: description: Get all integration metadata for an incident. operationId: ListIncidentIntegrations parameters: - $ref: '#/components/parameters/IncidentIDPathParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/IncidentIntegrationMetadataListResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_read summary: Datadog Get a List of an Incident's Integration Metadata tags: - Get - Integration - Lists x-menu-order: 9 x-permission: operator: OR permissions: - incident_read x-undo: type: safe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create an incident integration metadata. operationId: CreateIncidentIntegration parameters: - $ref: '#/components/parameters/IncidentIDPathParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/IncidentIntegrationMetadataCreateRequest' description: Incident integration metadata payload. required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/IncidentIntegrationMetadataResponse' description: CREATED '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_write summary: Datadog Create an Incident Integration Metadata tags: - Create - Incident - Integration x-codegen-request-body-name: body x-given: incident_integration_metadata: parameters: - name: incident_id source: incident.data.id - name: body value: |- { "data": { "attributes": { "integration_type": 1, "incident_id": "{{ incident.data.id }}", "status": 2, "metadata": { "channels": [ { "channel_id": "C0123456789", "team_id": "T01234567", "channel_name": "#example-channel-name", "redirect_url": "https://slack.com/app_redirect?channel=C0123456789&team=T01234567" } ] } }, "type": "incident_integrations" } } step: the "incident" has an "incident_integration_metadata" x-menu-order: 10 x-permission: operator: OR permissions: - incident_write x-undo: operationId: DeleteIncidentIntegration parameters: - name: incident_id source: data.attributes.incident_id - name: integration_metadata_id source: data.id type: unsafe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/incidents/{incident_id}/relationships/integrations/{integration_metadata_id}: delete: description: Delete an incident integration metadata. operationId: DeleteIncidentIntegration parameters: - $ref: '#/components/parameters/IncidentIDPathParameter' - $ref: '#/components/parameters/IncidentIntegrationMetadataIDPathParameter' responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_write summary: Datadog Delete an Incident Integration Metadata tags: - Delete - Incident - Integration x-codegen-request-body-name: body x-menu-order: 13 x-undo: type: idempotent x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get incident integration metadata details. operationId: GetIncidentIntegration parameters: - $ref: '#/components/parameters/IncidentIDPathParameter' - $ref: '#/components/parameters/IncidentIntegrationMetadataIDPathParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/IncidentIntegrationMetadataResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_read summary: Datadog Get Incident Integration Metadata Details tags: - Get - Incident - Integration x-menu-order: 11 x-undo: type: safe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update an existing incident integration metadata. operationId: UpdateIncidentIntegration parameters: - $ref: '#/components/parameters/IncidentIDPathParameter' - $ref: '#/components/parameters/IncidentIntegrationMetadataIDPathParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/IncidentIntegrationMetadataPatchRequest' description: Incident integration metadata payload. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/IncidentIntegrationMetadataResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_write summary: Datadog Update an Existing Incident Integration Metadata tags: - Existing - Incident - Integration - Update x-codegen-request-body-name: body x-menu-order: 12 x-undo: type: idempotent x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/incidents/{incident_id}/relationships/todos: get: description: Get all todos for an incident. operationId: ListIncidentTodos parameters: - $ref: '#/components/parameters/IncidentIDPathParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/IncidentTodoListResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_read summary: Datadog Get a List of an Incident's Todos tags: - Get - Lists x-menu-order: 14 x-permission: operator: OR permissions: - incident_read x-undo: type: safe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create an incident todo. operationId: CreateIncidentTodo parameters: - $ref: '#/components/parameters/IncidentIDPathParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/IncidentTodoCreateRequest' description: Incident todo payload. required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/IncidentTodoResponse' description: CREATED '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_write summary: Datadog Create an Incident Todo tags: - Create - Incident x-codegen-request-body-name: body x-given: incident_todo: parameters: - name: incident_id source: incident.data.id - name: body value: |- { "data": { "attributes": { "content": "Follow up with customer about the impact they saw.", "assignees": [ "@test.user@test.com", { "icon": "https://a.slack-edge.com/80588/img/slackbot_48.png", "id": "USLACKBOT", "name": "Slackbot", "source": "slack" } ] }, "type": "incident_todos" } } step: the "incident" has an "incident_todo" x-menu-order: 15 x-permission: operator: OR permissions: - incident_write x-undo: operationId: DeleteIncidentTodo parameters: - name: incident_id source: data.attributes.incident_id - name: todo_id source: data.id type: unsafe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/incidents/{incident_id}/relationships/todos/{todo_id}: delete: description: Delete an incident todo. operationId: DeleteIncidentTodo parameters: - $ref: '#/components/parameters/IncidentIDPathParameter' - $ref: '#/components/parameters/IncidentTodoIDPathParameter' responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_write summary: Datadog Delete an Incident Todo tags: - Delete - Incident x-menu-order: 18 x-permission: operator: OR permissions: - incident_write x-undo: type: idempotent x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get incident todo details. operationId: GetIncidentTodo parameters: - $ref: '#/components/parameters/IncidentIDPathParameter' - $ref: '#/components/parameters/IncidentTodoIDPathParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/IncidentTodoResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_read summary: Datadog Get Incident Todo Details tags: - Get - Incident x-menu-order: 16 x-permission: operator: OR permissions: - incident_read x-undo: type: safe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update an incident todo. operationId: UpdateIncidentTodo parameters: - $ref: '#/components/parameters/IncidentIDPathParameter' - $ref: '#/components/parameters/IncidentTodoIDPathParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/IncidentTodoPatchRequest' description: Incident todo payload. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/IncidentTodoResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_write summary: Datadog Update an Incident Todo tags: - Incident - Update x-codegen-request-body-name: body x-menu-order: 17 x-permission: operator: OR permissions: - incident_write x-undo: type: idempotent x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/integration/aws/accounts: get: description: Get a list of AWS Account Integration Configs. operationId: ListAWSAccounts parameters: - description: >- Optional query parameter to filter accounts by AWS Account ID. If not provided, all accounts are returned. example: '123456789012' in: query name: aws_account_id required: false schema: type: string responses: '200': content: application/json: schema: $ref: '#/components/schemas/AWSAccountsResponse' description: AWS Accounts List object '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List All Aws Integrations tags: - All - Integrations - Lists x-menu-order: 1 x-permission: operator: OR permissions: - aws_configuration_read x-undo: type: safe x-unstable: |- **Note: This endpoint is in Preview. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).** x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a new AWS Account Integration Config. operationId: CreateAWSAccount requestBody: content: application/json: schema: $ref: '#/components/schemas/AWSAccountCreateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/AWSAccountResponse' description: AWS Account object '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create an Aws Integration tags: - Create - Integration x-codegen-request-body-name: body x-given: aws_account_v2: parameters: - name: body value: |- { "data": { "type": "account", "attributes": { "account_tags": [ "key:value" ], "auth_config": { "role_name": "DatadogIntegrationRole" }, "aws_account_id": "123456789012", "aws_partition": "aws", "aws_regions": { "include_only": [ "us-east-1" ] }, "logs_config": { "lambda_forwarder": { "lambdas": [ "arn:aws:lambda:us-east-1:123456789012:function:DatadogLambdaLogForwarder" ], "sources": [ "s3" ] } }, "metrics_config": { "enabled": true, "automute_enabled": true, "collect_custom_metrics": false, "collect_cloudwatch_alarms": false, "tag_filters": [ { "namespace": "AWS/EC2", "tags": [ "key:value" ] } ], "namespace_filters": { "include_only": [ "AWS/EC2" ] } }, "resources_config": { "cloud_security_posture_management_collection": false, "extended_collection": false }, "traces_config": { "xray_services": { "include_only": [ "AWS/AppSync" ] } } } } } step: there is a valid "aws_account_v2" in the system x-menu-order: 2 x-permission: operator: OR permissions: - aws_configurations_manage x-undo: operationId: DeleteAWSAccount parameters: - name: aws_account_config_id source: data.id type: unsafe x-unstable: |- **Note: This endpoint is in Preview. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).** x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/integration/aws/accounts/{aws_account_config_id}: delete: description: Delete an AWS Account Integration Config by config ID. operationId: DeleteAWSAccount parameters: - $ref: '#/components/parameters/AWSAccountConfigIDPathParameter' responses: '204': description: No Content '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete an Aws Integration tags: - Delete - Integration x-menu-order: 4 x-permission: operator: OR permissions: - aws_configurations_manage x-undo: type: idempotent x-unstable: |- **Note: This endpoint is in Preview. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).** x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get an AWS Account Integration Config by config ID. operationId: GetAWSAccount parameters: - $ref: '#/components/parameters/AWSAccountConfigIDPathParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/AWSAccountResponse' description: AWS Account object '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get an Aws Integration by Config Id tags: - Get - Identifiers - Integration x-menu-order: 3 x-permission: operator: OR permissions: - aws_configuration_read x-undo: type: safe x-unstable: |- **Note: This endpoint is in Preview. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).** x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update an AWS Account Integration Config by config ID. operationId: UpdateAWSAccount parameters: - $ref: '#/components/parameters/AWSAccountConfigIDPathParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/AWSAccountUpdateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/AWSAccountResponse' description: AWS Account object '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update an Aws Integration tags: - Integration - Update x-codegen-request-body-name: body x-menu-order: 5 x-permission: operator: OR permissions: - aws_configuration_edit x-undo: type: idempotent x-unstable: |- **Note: This endpoint is in Preview. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).** x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/integration/aws/available_namespaces: get: description: >- Get a list of available AWS CloudWatch namespaces that can send metrics to Datadog. operationId: ListAWSNamespaces responses: '200': content: application/json: schema: $ref: '#/components/schemas/AWSNamespacesResponse' description: AWS Namespaces List object '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List Available Namespaces tags: - Available - Lists - Namespaces x-menu-order: 1 x-permission: operator: OR permissions: - aws_configuration_read x-undo: type: safe x-unstable: |- **Note: This endpoint is in Preview. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).** x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/integration/aws/generate_new_external_id: post: description: Generate a new external ID for AWS role-based authentication. operationId: CreateNewAWSExternalID responses: '200': content: application/json: schema: $ref: '#/components/schemas/AWSNewExternalIDResponse' description: AWS External ID object '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Generate a New External Id tags: - External - Generate - Identifiers x-menu-order: 2 x-permission: operator: OR permissions: - aws_configuration_edit x-undo: type: safe x-unstable: |- **Note: This endpoint is in Preview. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).** x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/integration/aws/logs/services: get: description: Get a list of AWS services that can send logs to Datadog. operationId: ListAWSLogsServices responses: '200': content: application/json: schema: $ref: '#/components/schemas/AWSLogsServicesResponse' description: AWS Logs Services List object '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get List of Aws Log Ready Services tags: - Get - Lists - Logs - Ready x-menu-order: 1 x-permission: operator: OR permissions: - aws_configuration_read x-undo: type: safe x-unstable: |- **Note: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).** x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/integration/gcp/accounts: get: description: >- List all GCP STS-enabled service accounts configured in your Datadog account. operationId: ListGCPSTSAccounts responses: '200': content: application/json: schema: $ref: '#/components/schemas/GCPSTSServiceAccountsResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List All Gcp Sts-enabled Service Accounts tags: - Accounts - All - Lists x-menu-order: 1 x-permission: operator: OR permissions: - gcp_configuration_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a new entry within Datadog for your STS enabled service account. operationId: CreateGCPSTSAccount requestBody: content: application/json: schema: $ref: '#/components/schemas/GCPSTSServiceAccountCreateRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/GCPSTSServiceAccountResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create a New Entry for Your Service Account tags: - Account - Create - Entry x-codegen-request-body-name: body x-given: gcp_sts_account: parameters: - name: body value: |- { "data": { "attributes": { "client_email": "Test-{{ unique_hash }}@example.com", "host_filters": [] }, "type": "gcp_service_account" } } step: there is a valid "gcp_sts_account" in the system x-menu-order: 2 x-permission: operator: OR permissions: - gcp_configurations_manage x-undo: operationId: DeleteGCPSTSAccount parameters: - name: account_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: get: false post: false /api/v2/integration/gcp/accounts/{account_id}: delete: description: Delete an STS enabled GCP account from within Datadog. operationId: DeleteGCPSTSAccount parameters: - $ref: '#/components/parameters/GCPSTSServiceAccountID' responses: '204': description: No Content '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete an Sts Enabled Gcp Account tags: - Account - Delete - Enabled x-menu-order: 3 x-permission: operator: OR permissions: - gcp_configurations_manage x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update an STS enabled service account. operationId: UpdateGCPSTSAccount parameters: - $ref: '#/components/parameters/GCPSTSServiceAccountID' requestBody: content: application/json: schema: $ref: '#/components/schemas/GCPSTSServiceAccountUpdateRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/GCPSTSServiceAccountResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update Sts Service Account tags: - Account - Update x-codegen-request-body-name: body x-menu-order: 4 x-permission: operator: OR permissions: - gcp_configuration_edit x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: patch: false /api/v2/integration/gcp/sts_delegate: get: description: >- List your Datadog-GCP STS delegate account configured in your Datadog account. operationId: GetGCPSTSDelegate responses: '200': content: application/json: schema: $ref: '#/components/schemas/GCPSTSDelegateAccountResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List Delegate Account tags: - Account - Delegate - Lists x-codegen-request-body-name: body x-menu-order: 6 x-permission: operator: OR permissions: - gcp_configuration_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a Datadog GCP principal. operationId: MakeGCPSTSDelegate requestBody: content: application/json: schema: example: {} type: object description: Create a delegate service account within Datadog. required: false responses: '200': content: application/json: schema: $ref: '#/components/schemas/GCPSTSDelegateAccountResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create a Datadog Gcp Principal tags: - Create - Principal x-codegen-request-body-name: body x-menu-order: 5 x-permission: operator: OR permissions: - gcp_configuration_edit x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/integration/ms-teams/configuration/channel/{tenant_name}/{team_name}/{channel_name}: get: description: >- Get the tenant, team, and channel ID of a channel in the Datadog Microsoft Teams integration. operationId: GetChannelByName parameters: - $ref: '#/components/parameters/MicrosoftTeamsTenantNamePathParameter' - $ref: '#/components/parameters/MicrosoftTeamsTeamNamePathParameter' - $ref: '#/components/parameters/MicrosoftTeamsChannelNamePathParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/MicrosoftTeamsGetChannelByNameResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get Channel Information by Name tags: - Channel - Get - Information - Names x-menu-order: 1 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: get: true /api/v2/integration/ms-teams/configuration/tenant-based-handles: get: description: >- Get a list of all tenant-based handles from the Datadog Microsoft Teams integration. operationId: ListTenantBasedHandles parameters: - $ref: '#/components/parameters/MicrosoftTeamsTenantIDQueryParameter' - $ref: '#/components/parameters/MicrosoftTeamsHandleNameQueryParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/MicrosoftTeamsTenantBasedHandlesResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '412': $ref: '#/components/responses/PreconditionFailedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get All Tenant-based Handles tags: - All - Get x-menu-order: 1 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a tenant-based handle in the Datadog Microsoft Teams integration. operationId: CreateTenantBasedHandle requestBody: content: application/json: schema: $ref: >- #/components/schemas/MicrosoftTeamsCreateTenantBasedHandleRequest description: Tenant-based handle payload. required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/MicrosoftTeamsTenantBasedHandleResponse' description: CREATED '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConflictResponse' '412': $ref: '#/components/responses/PreconditionFailedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create Tenant-based Handle tags: - Create - Handle x-codegen-request-body-name: body x-given: tenant_based_handle: parameters: - name: body value: |- { "data": { "attributes": { "name": "{{ unique }}", "tenant_id": "4d3bac44-0230-4732-9e70-cc00736f0a97", "team_id": "e5f50a58-c929-4fb3-8866-e2cd836de3c2", "channel_id": "19:iD_D2xy_sAa-JV851JJYwIa6mlW9F9Nxm3SLyZq68qY1@thread.tacv2" }, "type": "tenant-based-handle" } } step: there is a valid "tenant_based_handle" in the system x-menu-order: 1 x-undo: operationId: DeleteTenantBasedHandle parameters: - name: handle_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: get: true post: true /api/v2/integration/ms-teams/configuration/tenant-based-handles/{handle_id}: delete: description: >- Delete a tenant-based handle from the Datadog Microsoft Teams integration. operationId: DeleteTenantBasedHandle parameters: - $ref: >- #/components/parameters/MicrosoftTeamsTenantBasedHandleIDPathParameter responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '412': $ref: '#/components/responses/PreconditionFailedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete Tenant-based Handle tags: - Delete - Handle x-menu-order: 1 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: >- Get the tenant, team, and channel information of a tenant-based handle from the Datadog Microsoft Teams integration. operationId: GetTenantBasedHandle parameters: - $ref: >- #/components/parameters/MicrosoftTeamsTenantBasedHandleIDPathParameter responses: '200': content: application/json: schema: $ref: '#/components/schemas/MicrosoftTeamsTenantBasedHandleResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '412': $ref: '#/components/responses/PreconditionFailedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get Tenant-based Handle Information tags: - Get - Handle - Information x-menu-order: 1 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- Update a tenant-based handle from the Datadog Microsoft Teams integration. operationId: UpdateTenantBasedHandle parameters: - $ref: >- #/components/parameters/MicrosoftTeamsTenantBasedHandleIDPathParameter requestBody: content: application/json: schema: $ref: >- #/components/schemas/MicrosoftTeamsUpdateTenantBasedHandleRequest description: Tenant-based handle payload. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/MicrosoftTeamsTenantBasedHandleResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConflictResponse' '412': $ref: '#/components/responses/PreconditionFailedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update Tenant-based Handle tags: - Handle - Update x-codegen-request-body-name: body x-menu-order: 1 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: true get: true patch: true /api/v2/integration/ms-teams/configuration/workflows-webhook-handles: get: description: >- Get a list of all Workflows webhook handles from the Datadog Microsoft Teams integration. operationId: ListWorkflowsWebhookHandles parameters: - $ref: >- #/components/parameters/MicrosoftTeamsWorkflowsWebhookHandleNameQueryParameter responses: '200': content: application/json: schema: $ref: >- #/components/schemas/MicrosoftTeamsWorkflowsWebhookHandlesResponse description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '412': $ref: '#/components/responses/PreconditionFailedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get All Workflows Webhook Handles tags: - All - Get - Webhooks - Workflows x-menu-order: 1 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Create a Workflows webhook handle in the Datadog Microsoft Teams integration. operationId: CreateWorkflowsWebhookHandle requestBody: content: application/json: schema: $ref: >- #/components/schemas/MicrosoftTeamsCreateWorkflowsWebhookHandleRequest description: Workflows Webhook handle payload. required: true responses: '201': content: application/json: schema: $ref: >- #/components/schemas/MicrosoftTeamsWorkflowsWebhookHandleResponse description: CREATED '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConflictResponse' '412': $ref: '#/components/responses/PreconditionFailedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create Workflows Webhook Handle tags: - Create - Handle - Webhooks - Workflows x-codegen-request-body-name: body x-given: workflows_webhook_handle: parameters: - name: body value: |- { "data": { "attributes": { "name": "{{ unique }}", "url": "https://prod-100.westus.logic.azure.com:443/workflows/abcd1234" }, "type": "workflows-webhook-handle" } } step: there is a valid "workflows_webhook_handle" in the system x-menu-order: 1 x-undo: operationId: DeleteWorkflowsWebhookHandle parameters: - name: handle_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/integration/ms-teams/configuration/workflows-webhook-handles/{handle_id}: delete: description: >- Delete a Workflows webhook handle from the Datadog Microsoft Teams integration. operationId: DeleteWorkflowsWebhookHandle parameters: - $ref: >- #/components/parameters/MicrosoftTeamsWorkflowsWebhookHandleIDPathParameter responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '412': $ref: '#/components/responses/PreconditionFailedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete Workflows Webhook Handle tags: - Delete - Handle - Webhooks - Workflows x-menu-order: 1 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: >- Get the name of a Workflows webhook handle from the Datadog Microsoft Teams integration. operationId: GetWorkflowsWebhookHandle parameters: - $ref: >- #/components/parameters/MicrosoftTeamsWorkflowsWebhookHandleIDPathParameter responses: '200': content: application/json: schema: $ref: >- #/components/schemas/MicrosoftTeamsWorkflowsWebhookHandleResponse description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '412': $ref: '#/components/responses/PreconditionFailedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get Workflows Webhook Handle Information tags: - Get - Handle - Information - Webhooks - Workflows x-menu-order: 1 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- Update a Workflows webhook handle from the Datadog Microsoft Teams integration. operationId: UpdateWorkflowsWebhookHandle parameters: - $ref: >- #/components/parameters/MicrosoftTeamsWorkflowsWebhookHandleIDPathParameter requestBody: content: application/json: schema: $ref: >- #/components/schemas/MicrosoftTeamsUpdateWorkflowsWebhookHandleRequest description: Workflows Webhook handle payload. required: true responses: '200': content: application/json: schema: $ref: >- #/components/schemas/MicrosoftTeamsWorkflowsWebhookHandleResponse description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConflictResponse' '412': $ref: '#/components/responses/PreconditionFailedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update Workflows Webhook Handle tags: - Handle - Update - Webhooks - Workflows x-codegen-request-body-name: body x-menu-order: 1 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/integration/opsgenie/services: get: description: Get a list of all services from the Datadog Opsgenie integration. operationId: ListOpsgenieServices responses: '200': content: application/json: schema: $ref: '#/components/schemas/OpsgenieServicesResponse' description: OK '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get All Service Objects tags: - All - Get - Objects x-menu-order: 1 x-permission: operator: OR permissions: - integrations_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a new service object in the Opsgenie integration. operationId: CreateOpsgenieService requestBody: content: application/json: schema: $ref: '#/components/schemas/OpsgenieServiceCreateRequest' description: Opsgenie service payload required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/OpsgenieServiceResponse' description: CREATED '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create a New Service Object tags: - Create - Objects x-codegen-request-body-name: body x-given: opsgenie_service: parameters: - name: body value: |- { "data": { "attributes": { "name": "{{ unique }}", "opsgenie_api_key": "00000000-0000-0000-0000-000000000000", "region": "us" }, "type": "opsgenie-service" } } step: there is a valid "opsgenie_service" in the system x-menu-order: 2 x-permission: operator: OR permissions: - manage_integrations x-undo: operationId: DeleteOpsgenieService parameters: - name: integration_service_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: get: true post: true /api/v2/integration/opsgenie/services/{integration_service_id}: delete: description: Delete a single service object in the Datadog Opsgenie integration. operationId: DeleteOpsgenieService parameters: - $ref: '#/components/parameters/OpsgenieServiceIDPathParameter' responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete a Single Service Object tags: - Delete - Objects - Single x-menu-order: 5 x-permission: operator: OR permissions: - manage_integrations x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a single service from the Datadog Opsgenie integration. operationId: GetOpsgenieService parameters: - $ref: '#/components/parameters/OpsgenieServiceIDPathParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/OpsgenieServiceResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get a Single Service Object tags: - Get - Objects - Single x-menu-order: 3 x-permission: operator: OR permissions: - integrations_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update a single service object in the Datadog Opsgenie integration. operationId: UpdateOpsgenieService parameters: - $ref: '#/components/parameters/OpsgenieServiceIDPathParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/OpsgenieServiceUpdateRequest' description: Opsgenie service payload. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/OpsgenieServiceResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update a Single Service Object tags: - Objects - Single - Update x-codegen-request-body-name: body x-menu-order: 4 x-permission: operator: OR permissions: - manage_integrations x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: true get: true patch: true /api/v2/integrations/cloudflare/accounts: get: description: List Cloudflare accounts. operationId: ListCloudflareAccounts responses: '200': content: application/json: schema: $ref: '#/components/schemas/CloudflareAccountsResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List Cloudflare Accounts tags: - Accounts - Cloudflare - Lists x-menu-order: 1 x-permission: operator: OR permissions: - integrations_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a Cloudflare account. operationId: CreateCloudflareAccount requestBody: content: application/json: schema: $ref: '#/components/schemas/CloudflareAccountCreateRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/CloudflareAccountResponse' description: CREATED '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Add Cloudflare Account tags: - Account - Add - Cloudflare x-codegen-request-body-name: body x-given: cloudflare_account: parameters: - name: body value: |- { "data": { "type": "cloudflare-accounts", "attributes": { "api_key": "fakekey", "name": "{{ unique_lower_alnum }}", "email": "dev@datadog.com", "zones": ["zone-id-1", "zone-id-2"], "resources": ["web", "dns"] } } } step: there is a valid "cloudflare_account" in the system x-menu-order: 2 x-permission: operator: OR permissions: - manage_integrations x-undo: operationId: DeleteCloudflareAccount parameters: - name: account_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: get: true /api/v2/integrations/cloudflare/accounts/{account_id}: delete: description: Delete a Cloudflare account. operationId: DeleteCloudflareAccount parameters: - description: None in: path name: account_id required: true schema: type: string example: abc-123-def responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete Cloudflare Account tags: - Account - Cloudflare - Delete x-menu-order: 5 x-permission: operator: OR permissions: - manage_integrations x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a Cloudflare account. operationId: GetCloudflareAccount parameters: - description: None in: path name: account_id required: true schema: type: string example: abc-123-def responses: '200': content: application/json: schema: $ref: '#/components/schemas/CloudflareAccountResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get Cloudflare Account tags: - Account - Cloudflare - Get x-menu-order: 3 x-permission: operator: OR permissions: - integrations_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update a Cloudflare account. operationId: UpdateCloudflareAccount parameters: - description: None in: path name: account_id required: true schema: type: string example: abc-123-def requestBody: content: application/json: schema: $ref: '#/components/schemas/CloudflareAccountUpdateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/CloudflareAccountResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update Cloudflare Account tags: - Account - Cloudflare - Update x-codegen-request-body-name: body x-menu-order: 4 x-permission: operator: OR permissions: - manage_integrations x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: true patch: true /api/v2/integrations/confluent-cloud/accounts: get: description: List Confluent accounts. operationId: ListConfluentAccount responses: '200': content: application/json: schema: $ref: '#/components/schemas/ConfluentAccountsResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List Confluent Accounts tags: - Accounts - Lists x-menu-order: 10 x-permission: operator: OR permissions: - integrations_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a Confluent account. operationId: CreateConfluentAccount requestBody: content: application/json: schema: $ref: '#/components/schemas/ConfluentAccountCreateRequest' description: Confluent payload required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/ConfluentAccountResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Add Confluent Account tags: - Account - Add x-codegen-request-body-name: body x-given: confluent_account: parameters: - name: body value: |- { "data": { "type": "confluent-cloud-accounts", "attributes": { "api_key": "{{ unique_alnum }}", "api_secret": "test-api-secret", "tags": [ "tag1", "tag2:val2" ], "resources": [ { "id": "test-resource-id", "resource_type": "kafka", "tags": [ "tag1", "tag2:val2" ] } ] } } } step: there is a valid "confluent_account" in the system x-menu-order: 9 x-permission: operator: OR permissions: - manage_integrations x-undo: operationId: DeleteConfluentAccount parameters: - name: account_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/integrations/confluent-cloud/accounts/{account_id}: delete: description: Delete a Confluent account with the provided account ID. operationId: DeleteConfluentAccount parameters: - $ref: '#/components/parameters/ConfluentAccountID' responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete Confluent Account tags: - Account - Delete x-menu-order: 8 x-permission: operator: OR permissions: - manage_integrations x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get the Confluent account with the provided account ID. operationId: GetConfluentAccount parameters: - $ref: '#/components/parameters/ConfluentAccountID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/ConfluentAccountResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get Confluent Account tags: - Account - Get x-menu-order: 7 x-permission: operator: OR permissions: - integrations_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update the Confluent account with the provided account ID. operationId: UpdateConfluentAccount parameters: - $ref: '#/components/parameters/ConfluentAccountID' requestBody: content: application/json: schema: $ref: '#/components/schemas/ConfluentAccountUpdateRequest' description: Confluent payload required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/ConfluentAccountResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update Confluent Account tags: - Account - Update x-codegen-request-body-name: body x-menu-order: 6 x-permission: operator: OR permissions: - manage_integrations x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: true /api/v2/integrations/confluent-cloud/accounts/{account_id}/resources: get: description: >- Get a Confluent resource for the account associated with the provided ID. operationId: ListConfluentResource parameters: - $ref: '#/components/parameters/ConfluentAccountID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/ConfluentResourcesResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List Confluent Account Resources tags: - Account - Lists - Resources x-menu-order: 5 x-permission: operator: OR permissions: - integrations_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Create a Confluent resource for the account associated with the provided ID. operationId: CreateConfluentResource parameters: - $ref: '#/components/parameters/ConfluentAccountID' requestBody: content: application/json: schema: $ref: '#/components/schemas/ConfluentResourceRequest' description: Confluent payload required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/ConfluentResourceResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Add Resource to Confluent Account tags: - Account - Add - Resource x-codegen-request-body-name: body x-menu-order: 4 x-permission: operator: OR permissions: - manage_integrations x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/integrations/confluent-cloud/accounts/{account_id}/resources/{resource_id}: delete: description: >- Delete a Confluent resource with the provided resource id for the account associated with the provided account ID. operationId: DeleteConfluentResource parameters: - $ref: '#/components/parameters/ConfluentAccountID' - $ref: '#/components/parameters/ConfluentResourceID' responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete Resource from Confluent Account tags: - Account - Delete - Resource x-menu-order: 3 x-permission: operator: OR permissions: - manage_integrations x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: >- Get a Confluent resource with the provided resource id for the account associated with the provided account ID. operationId: GetConfluentResource parameters: - $ref: '#/components/parameters/ConfluentAccountID' - $ref: '#/components/parameters/ConfluentResourceID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/ConfluentResourceResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get Resource from Confluent Account tags: - Account - Get - Resource x-menu-order: 2 x-permission: operator: OR permissions: - integrations_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- Update a Confluent resource with the provided resource id for the account associated with the provided account ID. operationId: UpdateConfluentResource parameters: - $ref: '#/components/parameters/ConfluentAccountID' - $ref: '#/components/parameters/ConfluentResourceID' requestBody: content: application/json: schema: $ref: '#/components/schemas/ConfluentResourceRequest' description: Confluent payload required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/ConfluentResourceResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update Resource in Confluent Account tags: - Account - Resource - Update x-codegen-request-body-name: body x-menu-order: 1 x-permission: operator: OR permissions: - manage_integrations x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: true /api/v2/integrations/fastly/accounts: get: description: List Fastly accounts. operationId: ListFastlyAccounts responses: '200': content: application/json: schema: $ref: '#/components/schemas/FastlyAccountsResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List Fastly Accounts tags: - Accounts - Lists x-menu-order: 1 x-permission: operator: OR permissions: - integrations_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a Fastly account. operationId: CreateFastlyAccount requestBody: content: application/json: schema: $ref: '#/components/schemas/FastlyAccountCreateRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/FastlyAccountResponse' description: CREATED '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Add Fastly Account tags: - Account - Add x-codegen-request-body-name: body x-given: fastly_account: parameters: - name: body value: |- { "data": { "type": "fastly-accounts", "attributes": { "api_key": "{{ unique_alnum }}", "name": "{{ unique }}", "services": [] } } } step: there is a valid "fastly_account" in the system x-menu-order: 2 x-permission: operator: OR permissions: - manage_integrations x-undo: operationId: DeleteFastlyAccount parameters: - name: account_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: get: true /api/v2/integrations/fastly/accounts/{account_id}: delete: description: Delete a Fastly account. operationId: DeleteFastlyAccount parameters: - $ref: '#/components/parameters/FastlyAccountID' responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete Fastly Account tags: - Account - Delete x-menu-order: 5 x-permission: operator: OR permissions: - manage_integrations x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a Fastly account. operationId: GetFastlyAccount parameters: - $ref: '#/components/parameters/FastlyAccountID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/FastlyAccountResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get Fastly Account tags: - Account - Get x-menu-order: 3 x-permission: operator: OR permissions: - integrations_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update a Fastly account. operationId: UpdateFastlyAccount parameters: - $ref: '#/components/parameters/FastlyAccountID' requestBody: content: application/json: schema: $ref: '#/components/schemas/FastlyAccountUpdateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/FastlyAccountResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update Fastly Account tags: - Account - Update x-codegen-request-body-name: body x-menu-order: 4 x-permission: operator: OR permissions: - manage_integrations x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: true patch: true /api/v2/integrations/fastly/accounts/{account_id}/services: get: description: List Fastly services for an account. operationId: ListFastlyServices parameters: - $ref: '#/components/parameters/FastlyAccountID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/FastlyServicesResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List Fastly Services tags: - Lists x-menu-order: 6 x-permission: operator: OR permissions: - integrations_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a Fastly service for an account. operationId: CreateFastlyService parameters: - $ref: '#/components/parameters/FastlyAccountID' requestBody: content: application/json: schema: $ref: '#/components/schemas/FastlyServiceRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/FastlyServiceResponse' description: CREATED '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Add Fastly Service tags: - Add x-codegen-request-body-name: body x-menu-order: 7 x-permission: operator: OR permissions: - manage_integrations x-undo: operationId: DeleteFastlyService parameters: - name: account_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: get: true post: true /api/v2/integrations/fastly/accounts/{account_id}/services/{service_id}: delete: description: Delete a Fastly service for an account. operationId: DeleteFastlyService parameters: - $ref: '#/components/parameters/FastlyAccountID' - $ref: '#/components/parameters/FastlyServiceID' responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete Fastly Service tags: - Delete x-menu-order: 10 x-permission: operator: OR permissions: - manage_integrations x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a Fastly service for an account. operationId: GetFastlyService parameters: - $ref: '#/components/parameters/FastlyAccountID' - $ref: '#/components/parameters/FastlyServiceID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/FastlyServiceResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get Fastly Service tags: - Get x-menu-order: 8 x-permission: operator: OR permissions: - integrations_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update a Fastly service for an account. operationId: UpdateFastlyService parameters: - $ref: '#/components/parameters/FastlyAccountID' - $ref: '#/components/parameters/FastlyServiceID' requestBody: content: application/json: schema: $ref: '#/components/schemas/FastlyServiceRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/FastlyServiceResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update Fastly Service tags: - Update x-codegen-request-body-name: body x-menu-order: 9 x-permission: operator: OR permissions: - manage_integrations x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: true get: true patch: true /api/v2/integrations/okta/accounts: get: description: List Okta accounts. operationId: ListOktaAccounts responses: '200': content: application/json: schema: $ref: '#/components/schemas/OktaAccountsResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List Okta Accounts tags: - Accounts - Lists x-menu-order: 1 x-permission: operator: OR permissions: - integrations_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create an Okta account. operationId: CreateOktaAccount requestBody: content: application/json: schema: $ref: '#/components/schemas/OktaAccountRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/OktaAccountResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Add Okta Account tags: - Account - Add x-codegen-request-body-name: body x-given: okta_account: parameters: - name: body value: |- { "data": { "type": "okta-accounts", "attributes": { "auth_method": "oauth", "name": "{{ unique_lower_alnum }}", "domain": "https://dev-test.okta.com/", "client_id": "fakeclientid", "client_secret": "fakeclientsecret" } } } step: there is a valid "okta_account" in the system x-menu-order: 2 x-permission: operator: OR permissions: - manage_integrations x-undo: operationId: DeleteOktaAccount parameters: - name: account_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: get: true /api/v2/integrations/okta/accounts/{account_id}: delete: description: Delete an Okta account. operationId: DeleteOktaAccount parameters: - description: None in: path name: account_id required: true schema: type: string example: abc-123-def responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete Okta Account tags: - Account - Delete x-menu-order: 5 x-permission: operator: OR permissions: - manage_integrations x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get an Okta account. operationId: GetOktaAccount parameters: - description: None in: path name: account_id required: true schema: type: string example: abc-123-def responses: '200': content: application/json: schema: $ref: '#/components/schemas/OktaAccountResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get Okta Account tags: - Account - Get x-menu-order: 3 x-permission: operator: OR permissions: - integrations_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update an Okta account. operationId: UpdateOktaAccount parameters: - description: None in: path name: account_id required: true schema: type: string example: abc-123-def requestBody: content: application/json: schema: $ref: '#/components/schemas/OktaAccountUpdateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/OktaAccountResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update Okta Account tags: - Account - Update x-codegen-request-body-name: body x-menu-order: 4 x-permission: operator: OR permissions: - manage_integrations x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: true get: true patch: true /api/v2/ip_allowlist: get: description: Returns the IP allowlist and its enabled or disabled state. operationId: GetIPAllowlist responses: '200': content: application/json: schema: $ref: '#/components/schemas/IPAllowlistResponse' description: OK '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - org_management summary: Datadog Get Ip Allowlist tags: - Get - Ip x-menu-order: 1 x-permission: operator: OR permissions: - org_management x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Edit the entries in the IP allowlist, and enable or disable it. operationId: UpdateIPAllowlist requestBody: content: application/json: schema: $ref: '#/components/schemas/IPAllowlistUpdateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/IPAllowlistResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - org_management summary: Datadog Update Ip Allowlist tags: - Ip - Update x-codegen-request-body-name: body x-given: ip_allowlist_empty_disabled: parameters: - name: body value: |- { "data": { "attributes": { "enabled": false, "entries": [] }, "type": "ip_allowlist" } } step: the "ip_allowlist_empty_disabled" has no entries and is disabled ip_allowlist_nonempty_disabled: parameters: - name: body value: |- { "data": { "attributes": { "enabled": false, "entries": [ { "data": { "attributes": { "cidr_block": "127.0.0.1", "note": "{{ unique }}" }, "type": "ip_allowlist_entry" } }, { "data": { "attributes": { "cidr_block": "0.0.0.0", "note": "{{ unique }}" }, "type": "ip_allowlist_entry" } } ] }, "type": "ip_allowlist" } } step: the "ip_allowlist_nonempty_disabled" has two entries and is disabled x-menu-order: 2 x-permission: operator: OR permissions: - org_management x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/logs: post: description: >- Send your logs to your Datadog platform over HTTP. Limits per HTTP request are: - Maximum content size per payload (uncompressed): 5MB - Maximum size for a single log: 1MB - Maximum array size if sending multiple logs in an array: 1000 entries Any log exceeding 1MB is accepted and truncated by Datadog: - For a single log request, the API truncates the log at 1MB and returns a 2xx. - For a multi-logs request, the API processes all logs, truncates only logs larger than 1MB, and returns a 2xx. Datadog recommends sending your logs compressed. Add the `Content-Encoding: gzip` header to the request when sending compressed logs. Log events can be submitted with a timestamp that is up to 18 hours in the past. The status codes answered by the HTTP API are: - 202: Accepted: the request has been accepted for processing - 400: Bad request (likely an issue in the payload formatting) - 401: Unauthorized (likely a missing API Key) - 403: Permission issue (likely using an invalid API Key) - 408: Request Timeout, request should be retried after some time - 413: Payload too large (batch is above 5MB uncompressed) - 429: Too Many Requests, request should be retried after some time - 500: Internal Server Error, the server encountered an unexpected condition that prevented it from fulfilling the request, request should be retried after some time - 503: Service Unavailable, the server is not ready to handle the request probably because it is overloaded, request should be retried after some time operationId: SubmitLog parameters: - description: HTTP header used to compress the media-type. in: header name: Content-Encoding required: false schema: $ref: '#/components/schemas/ContentEncoding' example: example_value - description: >- Log tags can be passed as query parameters with `text/plain` content type. example: env:prod,user:my-user in: query name: ddtags required: false schema: type: string requestBody: content: application/json: examples: multi-json-messages: description: Pass multiple log objects at once. summary: Multi JSON Messages value: - ddsource: nginx ddtags: env:staging,version:5.1 hostname: i-012345678 message: 2019-11-19T14:37:58,995 INFO [process.name][20081] Hello service: payment - ddsource: nginx ddtags: env:staging,version:5.1 hostname: i-012345679 message: 2019-11-19T14:37:58,995 INFO [process.name][20081] World service: payment simple-json-message: description: >- Log attributes can be passed as `key:value` pairs in valid JSON messages. summary: Simple JSON Message value: ddsource: nginx ddtags: env:staging,version:5.1 hostname: i-012345678 message: >- 2019-11-19T14:37:58,995 INFO [process.name][20081] Hello World service: payment schema: $ref: '#/components/schemas/HTTPLog' application/logplex-1: examples: multi-raw-message: description: Submit log messages. summary: Multi Logplex Messages value: |- 2019-11-19T14:37:58,995 INFO [process.name][20081] Hello 2019-11-19T14:37:58,995 INFO [process.name][20081] World simple-logplex-message: description: Submit log string. summary: Simple Logplex Message value: 2019-11-19T14:37:58,995 INFO [process.name][20081] Hello World schema: type: string text/plain: examples: multi-raw-message: description: Submit log string. summary: Multi Raw Messages value: | 2019-11-19T14:37:58,995 INFO [process.name][20081] Hello 2019-11-19T14:37:58,995 INFO [process.name][20081] World simple-raw-message: description: >- Submit log string. Log attributes can be passed as query parameters in the URL. This enables the addition of tags or the source by using the `ddtags` and `ddsource` parameters: `?host=my-hostname&service=my-service&ddsource=my-source&ddtags=env:prod,user:my-user`. summary: Simple Raw Message value: 2019-11-19T14:37:58,995 INFO [process.name][20081] Hello World schema: type: string description: Log to send (JSON format). required: true responses: '202': content: application/json: schema: type: object description: Request accepted for processing (always 202 empty JSON). '400': content: application/json: schema: $ref: '#/components/schemas/HTTPLogErrors' description: Bad Request '401': content: application/json: schema: $ref: '#/components/schemas/HTTPLogErrors' description: Unauthorized '403': content: application/json: schema: $ref: '#/components/schemas/HTTPLogErrors' description: Forbidden '408': content: application/json: schema: $ref: '#/components/schemas/HTTPLogErrors' description: Request Timeout '413': content: application/json: schema: $ref: '#/components/schemas/HTTPLogErrors' description: Payload Too Large '429': content: application/json: schema: $ref: '#/components/schemas/HTTPLogErrors' description: Too Many Requests '500': content: application/json: schema: $ref: '#/components/schemas/HTTPLogErrors' description: Internal Server Error '503': content: application/json: schema: $ref: '#/components/schemas/HTTPLogErrors' description: Service Unavailable security: - apiKeyAuth: [] servers: - url: https://{subdomain}.{site} variables: site: default: datadoghq.com description: The regional site for customers. enum: - datadoghq.com - us3.datadoghq.com - us5.datadoghq.com - ap1.datadoghq.com - datadoghq.eu - ddog-gov.com subdomain: default: http-intake.logs description: The subdomain where the API is deployed. - url: '{protocol}://{name}' variables: name: default: http-intake.logs.datadoghq.com description: Full site DNS name. protocol: default: https description: The protocol for accessing the API. - url: https://{subdomain}.{site} variables: site: default: datadoghq.com description: Any Datadog deployment. subdomain: default: http-intake.logs description: The subdomain where the API is deployed. summary: Datadog Send Logs tags: - Logs - Send x-codegen-request-body-name: body x-menu-order: 1 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/logs/analytics/aggregate: post: description: >- The API endpoint to aggregate events into buckets and compute metrics and timeseries. operationId: AggregateLogs requestBody: content: application/json: schema: $ref: '#/components/schemas/LogsAggregateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/LogsAggregateResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Aggregate Events tags: - Aggregate - Events x-codegen-request-body-name: body x-menu-order: 2 x-permission: operator: OR permissions: - logs_read_data x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/logs/config/archive-order: get: description: |- Get the current order of your archives. This endpoint takes no JSON arguments. operationId: GetLogsArchiveOrder responses: '200': content: application/json: schema: $ref: '#/components/schemas/LogsArchiveOrder' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get Archive Order tags: - Archive - Get - Order x-menu-order: 9 x-permission: operator: OR permissions: - logs_read_config x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: >- Update the order of your archives. Since logs are processed sequentially, reordering an archive may change the structure and content of the data processed by other archives. **Note**: Using the `PUT` method updates your archive's order by replacing the current order with the new one. operationId: UpdateLogsArchiveOrder requestBody: content: application/json: schema: $ref: '#/components/schemas/LogsArchiveOrder' description: An object containing the new ordered list of archive IDs. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/LogsArchiveOrder' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '422': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Unprocessable Entity '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update Archive Order tags: - Archive - Order - Update x-codegen-request-body-name: body x-menu-order: 10 x-permission: operator: OR permissions: - logs_write_archives x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/logs/config/archives: get: description: Get the list of configured logs archives with their definitions. operationId: ListLogsArchives responses: '200': content: application/json: schema: $ref: '#/components/schemas/LogsArchives' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get All Archives tags: - All - Archives - Get x-menu-order: 1 x-permission: operator: OR permissions: - logs_read_archives x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create an archive in your organization. operationId: CreateLogsArchive requestBody: content: application/json: schema: $ref: '#/components/schemas/LogsArchiveCreateRequest' description: The definition of the new archive. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/LogsArchive' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create an Archive tags: - Archive - Create x-codegen-request-body-name: body x-menu-order: 2 x-permission: operator: OR permissions: - logs_write_archives x-undo: operationId: DeleteLogsArchive parameters: - name: archive_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/logs/config/archives/{archive_id}: delete: description: Delete a given archive from your organization. operationId: DeleteLogsArchive parameters: - $ref: '#/components/parameters/ArchiveID' responses: '204': description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete an Archive tags: - Archive - Delete x-menu-order: 5 x-permission: operator: OR permissions: - logs_write_archives x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a specific archive from your organization. operationId: GetLogsArchive parameters: - $ref: '#/components/parameters/ArchiveID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/LogsArchive' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get an Archive tags: - Archive - Get x-menu-order: 3 x-permission: operator: OR permissions: - logs_read_archives x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: >- Update a given archive configuration. **Note**: Using this method updates your archive configuration by **replacing** your current configuration with the new one sent to your Datadog organization. operationId: UpdateLogsArchive parameters: - $ref: '#/components/parameters/ArchiveID' requestBody: content: application/json: schema: $ref: '#/components/schemas/LogsArchiveCreateRequest' description: New definition of the archive. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/LogsArchive' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update an Archive tags: - Archive - Update x-codegen-request-body-name: body x-menu-order: 4 x-permission: operator: OR permissions: - logs_write_archives x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/logs/config/archives/{archive_id}/readers: delete: description: >- Removes a role from an archive. ([Roles API](https://docs.datadoghq.com/api/v2/roles/)) operationId: RemoveRoleFromArchive parameters: - $ref: '#/components/parameters/ArchiveID' requestBody: content: application/json: schema: $ref: '#/components/schemas/RelationshipToRole' required: true responses: '204': description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Revoke Role from an Archive tags: - Archive - Revoke - Role x-codegen-request-body-name: body x-menu-order: 8 x-permission: operator: OR permissions: - logs_write_archives x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Returns all read roles a given archive is restricted to. operationId: ListArchiveReadRoles parameters: - $ref: '#/components/parameters/ArchiveID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/RolesResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List Read Roles for an Archive tags: - Archive - Lists - Read - Roles x-codegen-request-body-name: body x-menu-order: 6 x-permission: operator: OR permissions: - logs_read_config x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Adds a read role to an archive. ([Roles API](https://docs.datadoghq.com/api/v2/roles/)) operationId: AddReadRoleToArchive parameters: - $ref: '#/components/parameters/ArchiveID' requestBody: content: application/json: schema: $ref: '#/components/schemas/RelationshipToRole' required: true responses: '204': description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Grant Role to an Archive tags: - Archive - Grants - Role x-codegen-request-body-name: body x-menu-order: 7 x-permission: operator: OR permissions: - logs_write_archives x-undo: type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/logs/config/custom-destinations: get: description: >- Get the list of configured custom destinations in your organization with their definitions. operationId: ListLogsCustomDestinations responses: '200': content: application/json: schema: $ref: '#/components/schemas/CustomDestinationsResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get All Custom Destinations tags: - All - Custom - Destinations - Get x-menu-order: 1 x-permission: operator: OR permissions: - logs_read_data - logs_read_config x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a custom destination in your organization. operationId: CreateLogsCustomDestination requestBody: content: application/json: schema: $ref: '#/components/schemas/CustomDestinationCreateRequest' description: The definition of the new custom destination. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/CustomDestinationResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create a Custom Destination tags: - Create - Custom - Destination x-codegen-request-body-name: body x-given: custom_destination: parameters: - name: body value: |- { "data": { "attributes": { "name": "{{ unique }}", "query": "source:nginx", "enabled": false, "forwarder_destination": { "type": "http", "endpoint": "https://example.com", "auth": { "type": "basic", "username": "my-username", "password": "my-password" } }, "forward_tags_restriction_list_type": "BLOCK_LIST", "forward_tags_restriction_list": ["host"], "forward_tags": false }, "type": "custom_destination" } } step: there is a valid "custom_destination" in the system x-menu-order: 2 x-permission: operator: OR permissions: - logs_write_forwarding_rules x-undo: operationId: DeleteLogsCustomDestination parameters: - name: custom_destination_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/logs/config/custom-destinations/{custom_destination_id}: delete: description: Delete a specific custom destination in your organization. operationId: DeleteLogsCustomDestination parameters: - $ref: '#/components/parameters/CustomDestinationId' responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete a Custom Destination tags: - Custom - Delete - Destination x-menu-order: 5 x-permission: operator: OR permissions: - logs_write_forwarding_rules x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a specific custom destination in your organization. operationId: GetLogsCustomDestination parameters: - $ref: '#/components/parameters/CustomDestinationId' responses: '200': content: application/json: schema: $ref: '#/components/schemas/CustomDestinationResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get a Custom Destination tags: - Custom - Destination - Get x-menu-order: 3 x-permission: operator: OR permissions: - logs_read_data - logs_read_config x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- Update the given fields of a specific custom destination in your organization. operationId: UpdateLogsCustomDestination parameters: - $ref: '#/components/parameters/CustomDestinationId' requestBody: content: application/json: schema: $ref: '#/components/schemas/CustomDestinationUpdateRequest' description: New definition of the custom destination's fields. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/CustomDestinationResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update a Custom Destination tags: - Custom - Destination - Update x-codegen-request-body-name: body x-menu-order: 4 x-permission: operator: OR permissions: - logs_write_forwarding_rules x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/logs/config/metrics: get: description: Get the list of configured log-based metrics with their definitions. operationId: ListLogsMetrics responses: '200': content: application/json: schema: $ref: '#/components/schemas/LogsMetricsResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get All Log-based Metrics tags: - All - Get - Metrics x-menu-order: 1 x-permission: operator: OR permissions: - logs_read_config x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Create a metric based on your ingested logs in your organization. Returns the log-based metric object from the request body when the request is successful. operationId: CreateLogsMetric requestBody: content: application/json: schema: $ref: '#/components/schemas/LogsMetricCreateRequest' description: The definition of the new log-based metric. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/LogsMetricResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create a Log-based Metric tags: - Create - Metrics x-codegen-request-body-name: body x-given: logs_metric: parameters: - name: body value: |- { "data": { "id": "{{ unique }}", "attributes": { "filter": { "query": "source:{{ unique }}" }, "compute": { "aggregation_type": "count" } }, "type": "logs_metrics" } } step: there is a valid "logs_metric" in the system logs_metric_percentile: parameters: - name: body value: |- { "data": { "id": "{{ unique }}", "attributes": { "filter": { "query": "source:{{ unique }}" }, "compute": { "aggregation_type": "distribution", "path": "@duration", "include_percentiles": true } }, "type": "logs_metrics" } } step: there is a valid "logs_metric_percentile" in the system x-menu-order: 2 x-permission: operator: OR permissions: - logs_generate_metrics x-undo: operationId: DeleteLogsMetric parameters: - name: metric_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/logs/config/metrics/{metric_id}: delete: description: Delete a specific log-based metric from your organization. operationId: DeleteLogsMetric parameters: - $ref: '#/components/parameters/MetricID' responses: '204': description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete a Log-based Metric tags: - Delete - Metrics x-menu-order: 5 x-permission: operator: OR permissions: - logs_generate_metrics x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a specific log-based metric from your organization. operationId: GetLogsMetric parameters: - $ref: '#/components/parameters/MetricID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/LogsMetricResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get a Log-based Metric tags: - Get - Metrics x-menu-order: 3 x-permission: operator: OR permissions: - logs_read_config x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- Update a specific log-based metric from your organization. Returns the log-based metric object from the request body when the request is successful. operationId: UpdateLogsMetric parameters: - $ref: '#/components/parameters/MetricID' requestBody: content: application/json: schema: $ref: '#/components/schemas/LogsMetricUpdateRequest' description: New definition of the log-based metric. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/LogsMetricResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update a Log-based Metric tags: - Metrics - Update x-codegen-request-body-name: body x-menu-order: 4 x-permission: operator: OR permissions: - logs_generate_metrics x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/logs/config/restriction_queries: get: description: Returns all restriction queries, including their names and IDs. operationId: ListRestrictionQueries parameters: - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' responses: '200': content: application/json: schema: $ref: '#/components/schemas/RestrictionQueryListResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List Restriction Queries tags: - Lists - Queries - Restrictions x-menu-order: 1 x-permission: operator: OR permissions: - logs_read_config x-undo: type: safe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a new restriction query for your organization. operationId: CreateRestrictionQuery requestBody: content: application/json: schema: $ref: '#/components/schemas/RestrictionQueryCreatePayload' required: true responses: '200': content: application/json: schema: $ref: >- #/components/schemas/RestrictionQueryWithoutRelationshipsResponse description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create a Restriction Query tags: - Create - Queries - Restrictions x-codegen-request-body-name: body x-menu-order: 2 x-permission: operator: OR permissions: - user_access_manage x-undo: operationId: DeleteRestrictionQuery parameters: - name: restriction_query_id source: data.id type: unsafe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/logs/config/restriction_queries/role/{role_id}: get: description: Get restriction query for a given role. operationId: GetRoleRestrictionQuery parameters: - $ref: '#/components/parameters/RestrictionQueryRoleID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/RestrictionQueryListResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get Restriction Query for a Given Role tags: - Get - Given - Queries - Restrictions - Role x-menu-order: 10 x-permission: operator: OR permissions: - logs_read_config x-undo: type: safe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/logs/config/restriction_queries/user/{user_id}: get: description: Get all restriction queries for a given user. operationId: ListUserRestrictionQueries parameters: - $ref: '#/components/parameters/RestrictionQueryUserID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/RestrictionQueryListResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get All Restriction Queries for a Given User tags: - All - Get - Given - Queries - Restrictions - Users x-menu-order: 9 x-permission: operator: OR permissions: - logs_read_config x-undo: type: safe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/logs/config/restriction_queries/{restriction_query_id}: delete: description: Deletes a restriction query. operationId: DeleteRestrictionQuery parameters: - $ref: '#/components/parameters/RestrictionQueryID' responses: '204': description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete a Restriction Query tags: - Delete - Queries - Restrictions x-codegen-request-body-name: body x-menu-order: 5 x-permission: operator: OR permissions: - user_access_manage x-undo: type: idempotent x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: >- Get a restriction query in the organization specified by the restriction query's `restriction_query_id`. operationId: GetRestrictionQuery parameters: - $ref: '#/components/parameters/RestrictionQueryID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/RestrictionQueryWithRelationshipsResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get a Restriction Query tags: - Get - Queries - Restrictions x-codegen-request-body-name: body x-menu-order: 3 x-permission: operator: OR permissions: - logs_read_config x-undo: type: safe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Edit a restriction query. operationId: UpdateRestrictionQuery parameters: - $ref: '#/components/parameters/RestrictionQueryID' requestBody: content: application/json: schema: $ref: '#/components/schemas/RestrictionQueryUpdatePayload' required: true responses: '200': content: application/json: schema: $ref: >- #/components/schemas/RestrictionQueryWithoutRelationshipsResponse description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update a Restriction Query tags: - Queries - Restrictions - Update x-codegen-request-body-name: body x-menu-order: 4 x-permission: operator: OR permissions: - user_access_manage x-undo: type: idempotent x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/logs/config/restriction_queries/{restriction_query_id}/roles: delete: description: Removes a role from a restriction query. operationId: RemoveRoleFromRestrictionQuery parameters: - $ref: '#/components/parameters/RestrictionQueryID' requestBody: content: application/json: schema: $ref: '#/components/schemas/RelationshipToRole' required: true responses: '204': description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Revoke Role from a Restriction Query tags: - Queries - Restrictions - Revoke - Role x-codegen-request-body-name: body x-menu-order: 8 x-permission: operator: OR permissions: - user_access_manage x-undo: type: idempotent x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Returns all roles that have a given restriction query. operationId: ListRestrictionQueryRoles parameters: - $ref: '#/components/parameters/RestrictionQueryID' - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' responses: '200': content: application/json: schema: $ref: '#/components/schemas/RestrictionQueryRolesResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List Roles for a Restriction Query tags: - Lists - Queries - Restrictions - Roles x-codegen-request-body-name: body x-menu-order: 6 x-permission: operator: OR permissions: - logs_read_config x-undo: type: safe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Adds a role to a restriction query. operationId: AddRoleToRestrictionQuery parameters: - $ref: '#/components/parameters/RestrictionQueryID' requestBody: content: application/json: schema: $ref: '#/components/schemas/RelationshipToRole' required: true responses: '204': description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Grant Role to a Restriction Query tags: - Grants - Queries - Restrictions - Role x-codegen-request-body-name: body x-menu-order: 7 x-permission: operator: OR permissions: - user_access_manage x-undo: type: safe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/logs/events: get: description: >- List endpoint returns logs that match a log search query. [Results are paginated][1]. Use this endpoint to search and filter your logs. **If you are considering archiving logs for your organization, consider use of the Datadog archive capabilities instead of the log list API. See [Datadog Logs Archive documentation][2].** [1]: /logs/guide/collect-multiple-logs-with-pagination [2]: https://docs.datadoghq.com/logs/archives operationId: ListLogsGet parameters: - description: Search query following logs syntax. example: '@datacenter:us @role:db' in: query name: filter[query] required: false schema: type: string - description: |- For customers with multiple indexes, the indexes to search. Defaults to '*' which means all indexes example: - main - web explode: false in: query name: filter[indexes] required: false schema: items: description: The name of a log index. type: string type: array - description: Minimum timestamp for requested logs. example: '2019-01-02T09:42:36.320Z' in: query name: filter[from] required: false schema: format: date-time type: string - description: Maximum timestamp for requested logs. example: '2019-01-03T09:42:36.320Z' in: query name: filter[to] required: false schema: format: date-time type: string - description: Specifies the storage type to be used example: indexes in: query name: filter[storage_tier] required: false schema: $ref: '#/components/schemas/LogsStorageTier' - description: Order of logs in results. in: query name: sort required: false schema: $ref: '#/components/schemas/LogsSort' example: example_value - description: List following results with a cursor provided in the previous query. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== in: query name: page[cursor] required: false schema: type: string - description: Maximum number of logs in the response. example: 25 in: query name: page[limit] required: false schema: default: 10 format: int32 maximum: 1000 type: integer responses: '200': content: application/json: schema: $ref: '#/components/schemas/LogsListResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Search Logs (get) tags: - Get - Logs - Search x-menu-order: 4 x-pagination: cursorParam: page[cursor] cursorPath: meta.page.after limitParam: page[limit] resultsPath: data x-permission: operator: OR permissions: - logs_read_data x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/logs/events/search: post: description: >- List endpoint returns logs that match a log search query. [Results are paginated][1]. Use this endpoint to search and filter your logs. **If you are considering archiving logs for your organization, consider use of the Datadog archive capabilities instead of the log list API. See [Datadog Logs Archive documentation][2].** [1]: /logs/guide/collect-multiple-logs-with-pagination [2]: https://docs.datadoghq.com/logs/archives operationId: ListLogs requestBody: content: application/json: schema: $ref: '#/components/schemas/LogsListRequest' required: false responses: '200': content: application/json: schema: $ref: '#/components/schemas/LogsListResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Search Logs (post) tags: - Logs - Post - Search x-codegen-request-body-name: body x-menu-order: 3 x-pagination: cursorParam: body.page.cursor cursorPath: meta.page.after limitParam: body.page.limit resultsPath: data x-permission: operator: OR permissions: - logs_read_data x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/metrics: get: description: >- Returns all metrics that can be configured in the Metrics Summary page or with Metrics without Limits™ (matching additional filters if specified). Optionally, paginate by using the `page[cursor]` and/or `page[size]` query parameters. To fetch the first page, pass in a query parameter with either a valid `page[size]` or an empty cursor like `page[cursor]=`. To fetch the next page, pass in the `next_cursor` value from the response as the new `page[cursor]` value. Once the `meta.pagination.next_cursor` value is null, all pages have been retrieved. operationId: ListTagConfigurations parameters: - description: Filter custom metrics that have configured tags. example: true in: query name: filter[configured] required: false schema: type: boolean - description: Filter tag configurations by configured tags. example: app in: query name: filter[tags_configured] required: false schema: description: Tag keys to filter by. type: string - description: Filter metrics by metric type. in: query name: filter[metric_type] required: false schema: $ref: '#/components/schemas/MetricTagConfigurationMetricTypeCategory' example: metric alert - description: |- Filter distributions with additional percentile aggregations enabled or disabled. example: true in: query name: filter[include_percentiles] required: false schema: type: boolean - description: >- (Preview) Filter custom metrics that have or have not been queried in the specified window[seconds]. If no window is provided or the window is less than 2 hours, a default of 2 hours will be applied. example: true in: query name: filter[queried] required: false schema: type: boolean - description: >- Filter metrics that have been submitted with the given tags. Supports boolean and wildcard expressions. Can only be combined with the filter[queried] filter. example: env IN (staging,test) AND service:web in: query name: filter[tags] required: false schema: type: string - description: >- (Preview) Filter metrics that are used in dashboards, monitors, notebooks, SLOs. example: true in: query name: filter[related_assets] required: false schema: type: boolean - description: >- The number of seconds of look back (from now) to apply to a filter[tag] or filter[queried] query. Default value is 3600 (1 hour), maximum value is 2,592,000 (30 days). example: 3600 in: query name: window[seconds] required: false schema: format: int64 type: integer - description: Maximum number of results returned. in: query name: page[size] required: false schema: default: 10000 format: int32 maximum: 10000 minimum: 1 type: integer example: 42 - description: >- String to query the next page of results. This key is provided with each valid response from the API in `meta.pagination.next_cursor`. Once the `meta.pagination.next_cursor` key is null, all pages have been retrieved. in: query name: page[cursor] required: false schema: type: string example: example_value responses: '200': content: application/json: schema: $ref: '#/components/schemas/MetricsAndMetricTagConfigurationsResponse' description: Success '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too Many Requests security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - metrics_read summary: Datadog Get a List of Metrics tags: - Get - Lists - Metrics x-menu-order: 5 x-pagination: cursorParam: page[cursor] cursorPath: meta.pagination.next_cursor limitParam: page[size] resultsPath: data x-permission: operator: OR permissions: - metrics_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/metrics/config/bulk-tags: delete: description: >- Delete all custom lists of queryable tag keys for a set of existing count, gauge, rate, and distribution metrics. Metrics are selected by passing a metric name prefix. Results can be sent to a set of account email addresses, just like the same operation in the Datadog web app. Can only be used with application keys of users with the `Manage Tags for Metrics` permission. operationId: DeleteBulkTagsMetricsConfiguration requestBody: content: application/json: schema: $ref: '#/components/schemas/MetricBulkTagConfigDeleteRequest' required: true responses: '202': content: application/json: schema: $ref: '#/components/schemas/MetricBulkTagConfigResponse' description: Accepted '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too Many Requests summary: Datadog Delete Tags for Multiple Metrics tags: - Delete - Metrics - Multiple x-codegen-request-body-name: body x-menu-order: 10 x-permission: operator: OR permissions: - metric_tags_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Create and define a list of queryable tag keys for a set of existing count, gauge, rate, and distribution metrics. Metrics are selected by passing a metric name prefix. Use the Delete method of this API path to remove tag configurations. Results can be sent to a set of account email addresses, just like the same operation in the Datadog web app. If multiple calls include the same metric, the last configuration applied (not by submit order) is used, do not expect deterministic ordering of concurrent calls. The `exclude_tags_mode` value will set all metrics that match the prefix to the same exclusion state, metric tag configurations do not support mixed inclusion and exclusion for tags on the same metric. Can only be used with application keys of users with the `Manage Tags for Metrics` permission. operationId: CreateBulkTagsMetricsConfiguration requestBody: content: application/json: schema: $ref: '#/components/schemas/MetricBulkTagConfigCreateRequest' required: true responses: '202': content: application/json: schema: $ref: '#/components/schemas/MetricBulkTagConfigResponse' description: Accepted '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too Many Requests summary: Datadog Configure Tags for Multiple Metrics tags: - Configure - Metrics - Multiple x-codegen-request-body-name: body x-menu-order: 9 x-permission: operator: OR permissions: - metric_tags_write x-undo: operationId: DeleteBulkTagsMetricsConfiguration parameters: - name: body template: |- { "data": { "id":"{{ data.id }}", "type":"metric_bulk_configure_tags", "attributes": { "emails": ["{{ data.attributes.emails[0] }}"] } } } type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: false /api/v2/metrics/{metric_name}/active-configurations: get: description: >- List tags and aggregations that are actively queried on dashboards, notebooks, monitors, the Metrics Explorer, and using the API for a given metric name. operationId: ListActiveMetricConfigurations parameters: - $ref: '#/components/parameters/MetricName' - description: >- The number of seconds of look back (from now). Default value is 604,800 (1 week), minimum value is 7200 (2 hours), maximum value is 2,630,000 (1 month). example: 7200 in: query name: window[seconds] required: false schema: format: int64 type: integer responses: '200': content: application/json: schema: $ref: >- #/components/schemas/MetricSuggestedTagsAndAggregationsResponse description: Success '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too Many Requests summary: Datadog List Active Tags and Aggregations tags: - Active - Aggregations - Lists x-menu-order: 7 x-permission: operator: OR permissions: - metrics_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/metrics/{metric_name}/all-tags: get: description: >- View indexed tag key-value pairs for a given metric name over the previous hour. operationId: ListTagsByMetricName parameters: - $ref: '#/components/parameters/MetricName' responses: '200': content: application/json: schema: $ref: '#/components/schemas/MetricAllTagsResponse' description: Success '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too Many Requests security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - metrics_read summary: Datadog List Tags by Metric Name tags: - Lists - Metrics - Names x-menu-order: 6 x-permission: operator: OR permissions: - metrics_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/metrics/{metric_name}/assets: get: description: >- Returns dashboards, monitors, notebooks, and SLOs that a metric is stored in, if any. Updated every 24 hours. operationId: ListMetricAssets parameters: - $ref: '#/components/parameters/MetricName' responses: '200': content: application/json: schema: $ref: '#/components/schemas/MetricAssetsResponse' description: Success '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '429': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too Many Requests security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Related Assets to a Metric tags: - Assets - Metrics - Related x-menu-order: 12 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/metrics/{metric_name}/estimate: get: description: >- Returns the estimated cardinality for a metric with a given tag, percentile and number of aggregations configuration using Metrics without Limits™. operationId: EstimateMetricsOutputSeries parameters: - $ref: '#/components/parameters/MetricName' - description: Filtered tag keys that the metric is configured to query with. example: app,host in: query name: filter[groups] required: false schema: type: string - description: >- The number of hours of look back (from now) to estimate cardinality with. If unspecified, it defaults to 0 hours. example: 49 in: query name: filter[hours_ago] required: false schema: format: int32 maximum: 2147483647 minimum: 49 type: integer - description: Deprecated. Number of aggregations has no impact on volume. example: 1 in: query name: filter[num_aggregations] required: false schema: format: int32 maximum: 9 type: integer - description: >- A boolean, for distribution metrics only, to estimate cardinality if the metric includes additional percentile aggregators. example: true in: query name: filter[pct] required: false schema: type: boolean - description: >- A window, in hours, from the look back to estimate cardinality with. The minimum and default is 1 hour. example: 6 in: query name: filter[timespan_h] required: false schema: format: int32 maximum: 2147483647 type: integer responses: '200': content: application/json: schema: $ref: '#/components/schemas/MetricEstimateResponse' description: Success '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '429': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too Many Requests summary: Datadog Tag Configuration Cardinality Estimator tags: - Cardinality - Configuration x-menu-order: 11 x-permission: operator: OPEN permissions: [] x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/metrics/{metric_name}/tags: delete: description: |- Deletes a metric's tag configuration. Can only be used with application keys from users with the `Manage Tags for Metrics` permission. operationId: DeleteTagConfiguration parameters: - $ref: '#/components/parameters/MetricName' responses: '204': description: No Content '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too Many Requests summary: Datadog Delete a Tag Configuration tags: - Configuration - Delete x-menu-order: 4 x-permission: operator: OR permissions: - metric_tags_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Returns the tag configuration for the given metric name. operationId: ListTagConfigurationByName parameters: - $ref: '#/components/parameters/MetricName' responses: '200': content: application/json: schema: $ref: '#/components/schemas/MetricTagConfigurationResponse' description: Success '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too Many Requests security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - metrics_read summary: Datadog List Tag Configuration by Name tags: - Configuration - Lists - Names x-menu-order: 2 x-permission: operator: OR permissions: - metrics_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- Update the tag configuration of a metric or percentile aggregations of a distribution metric or custom aggregations of a count, rate, or gauge metric. By setting `exclude_tags_mode` to true the behavior is changed from an allow-list to a deny-list, and tags in the defined list will not be queryable. Can only be used with application keys from users with the `Manage Tags for Metrics` permission. This endpoint requires a tag configuration to be created first. operationId: UpdateTagConfiguration parameters: - $ref: '#/components/parameters/MetricName' requestBody: content: application/json: schema: $ref: '#/components/schemas/MetricTagConfigurationUpdateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/MetricTagConfigurationResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '422': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Unprocessable Entity '429': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too Many Requests summary: Datadog Update a Tag Configuration tags: - Configuration - Update x-codegen-request-body-name: body x-menu-order: 3 x-permission: operator: OR permissions: - metric_tags_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Create and define a list of queryable tag keys for an existing count/gauge/rate/distribution metric. Optionally, include percentile aggregations on any distribution metric. By setting `exclude_tags_mode` to true, the behavior is changed from an allow-list to a deny-list, and tags in the defined list are not queryable. Can only be used with application keys of users with the `Manage Tags for Metrics` permission. operationId: CreateTagConfiguration parameters: - $ref: '#/components/parameters/MetricName' requestBody: content: application/json: schema: $ref: '#/components/schemas/MetricTagConfigurationCreateRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/MetricTagConfigurationResponse' description: Created '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '409': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Conflict '429': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too Many Requests summary: Datadog Create a Tag Configuration tags: - Configuration - Create x-codegen-request-body-name: body x-given: metric_tag_configuration: parameters: - name: metric_name value: '"{{ unique_alnum }}"' - name: body value: |- { "data": { "attributes": { "tags":["app", "datacenter", "{{ unique_alnum }}"], "metric_type":"gauge" }, "type": "manage_tags", "id": "{{ unique_alnum }}" } } step: there is a valid "metric_tag_configuration" in the system x-menu-order: 1 x-permission: operator: OR permissions: - metric_tags_write x-undo: operationId: DeleteTagConfiguration parameters: - name: metric_name source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/metrics/{metric_name}/volumes: get: description: >- View distinct metrics volumes for the given metric name. Custom metrics generated in-app from other products will return `null` for ingested volumes. operationId: ListVolumesByMetricName parameters: - $ref: '#/components/parameters/MetricName' responses: '200': content: application/json: schema: $ref: '#/components/schemas/MetricVolumesResponse' description: Success '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too Many Requests summary: Datadog List Distinct Metric Volumes by Metric Name tags: - Lists - Metrics - Names - Volumes x-menu-order: 8 x-permission: operator: OPEN permissions: [] x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/monitor/notification_rule: get: description: Returns a list of all monitor notification rules. operationId: GetMonitorNotificationRules parameters: - description: >- Comma-separated list of resource paths for related resources to include in the response. Supported resource path is `created_by`. in: query name: include required: false schema: example: created_by type: string example: created_by responses: '200': content: application/json: schema: $ref: '#/components/schemas/MonitorNotificationRuleListResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - monitors_read summary: Datadog Get All Monitor Notification Rules tags: - All - Get - Monitor - Rules x-menu-order: 15 x-permission: operator: OR permissions: - monitors_read x-undo: type: safe x-unstable: |- **Note**: This endpoint is in Preview. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Creates a monitor notification rule. operationId: CreateMonitorNotificationRule requestBody: content: application/json: schema: $ref: '#/components/schemas/MonitorNotificationRuleCreateRequest' description: Request body to create a monitor notification rule. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/MonitorNotificationRuleResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - monitor_config_policy_write summary: Datadog Create a Monitor Notification Rule tags: - Create - Monitor - Rules x-given: monitor_notification_rule: parameters: - name: body value: |- { "data": { "type": "monitor-notification-rule", "attributes": { "name":"test rule", "filter": { "tags": [ "app:{{ unique_lower }}" ] }, "recipients":[ "slack-monitor-app" ] } } } step: there is a valid "monitor_notification_rule" in the system x-menu-order: 16 x-permission: operator: OR permissions: - monitor_config_policy_write x-undo: operationId: DeleteMonitorNotificationRule parameters: - name: rule_id source: data.id type: unsafe x-unstable: |- **Note**: This endpoint is in Preview. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/monitor/notification_rule/{rule_id}: delete: description: Deletes a monitor notification rule by `rule_id`. operationId: DeleteMonitorNotificationRule parameters: - description: ID of the monitor notification rule to delete. in: path name: rule_id required: true schema: type: string example: abc-123-def responses: '204': description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - monitor_config_policy_write summary: Datadog Delete a Monitor Notification Rule tags: - Delete - Monitor - Rules x-menu-order: 18 x-permission: operator: OR permissions: - monitor_config_policy_write x-undo: type: idempotent x-unstable: |- **Note**: This endpoint is in Preview. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Returns a monitor notification rule by `rule_id`. operationId: GetMonitorNotificationRule parameters: - description: ID of the monitor notification rule to fetch. in: path name: rule_id required: true schema: type: string example: abc-123-def - description: >- Comma-separated list of resource paths for related resources to include in the response. Supported resource path is `created_by`. in: query name: include required: false schema: example: created_by type: string example: created_by responses: '200': content: application/json: schema: $ref: '#/components/schemas/MonitorNotificationRuleResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - monitors_read summary: Datadog Get a Monitor Notification Rule tags: - Get - Monitor - Rules x-menu-order: 14 x-permission: operator: OR permissions: - monitors_read x-undo: type: safe x-unstable: |- **Note**: This endpoint is in Preview. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Updates a monitor notification rule by `rule_id`. operationId: UpdateMonitorNotificationRule parameters: - description: ID of the monitor notification rule to update. in: path name: rule_id required: true schema: type: string example: abc-123-def requestBody: content: application/json: schema: $ref: '#/components/schemas/MonitorNotificationRuleUpdateRequest' description: Request body to update the monitor notification rule. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/MonitorNotificationRuleResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - monitor_config_policy_write summary: Datadog Update a Monitor Notification Rule tags: - Monitor - Rules - Update x-codegen-request-body-name: body x-menu-order: 17 x-permission: operator: OR permissions: - monitor_config_policy_write x-undo: type: idempotent x-unstable: |- **Note**: This endpoint is in Preview. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/monitor/policy: get: description: Get all monitor configuration policies. operationId: ListMonitorConfigPolicies responses: '200': content: application/json: schema: $ref: '#/components/schemas/MonitorConfigPolicyListResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - monitors_read summary: Datadog Get All Monitor Configuration Policies tags: - All - Configuration - Get - Monitor - Policies x-menu-order: 10 x-permission: operator: OR permissions: - monitors_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a monitor configuration policy. operationId: CreateMonitorConfigPolicy requestBody: content: application/json: schema: $ref: '#/components/schemas/MonitorConfigPolicyCreateRequest' description: Create a monitor configuration policy request body. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/MonitorConfigPolicyResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create a Monitor Configuration Policy tags: - Configuration - Create - Monitor - Policies x-codegen-request-body-name: body x-given: monitor_configuration_policy: parameters: - name: body value: |- { "data": { "type": "monitor-config-policy", "attributes": { "policy_type": "tag", "policy": { "tag_key": "{{ unique_lower_alnum }}", "tag_key_required": false, "valid_tag_values": ["prod", "staging"] } } } } step: there is a valid "monitor_configuration_policy" in the system x-menu-order: 11 x-permission: operator: OR permissions: - monitor_config_policy_write x-undo: operationId: DeleteMonitorConfigPolicy parameters: - name: policy_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/monitor/policy/{policy_id}: delete: description: Delete a monitor configuration policy. operationId: DeleteMonitorConfigPolicy parameters: - description: ID of the monitor configuration policy. in: path name: policy_id required: true schema: example: 00000000-0000-1234-0000-000000000000 type: string example: 00000000-0000-1234-0000-000000000000 responses: '204': description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete a Monitor Configuration Policy tags: - Configuration - Delete - Monitor - Policies x-menu-order: 13 x-permission: operator: OR permissions: - monitor_config_policy_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a monitor configuration policy by `policy_id`. operationId: GetMonitorConfigPolicy parameters: - description: ID of the monitor configuration policy. in: path name: policy_id required: true schema: example: 00000000-0000-1234-0000-000000000000 type: string example: 00000000-0000-1234-0000-000000000000 responses: '200': content: application/json: schema: $ref: '#/components/schemas/MonitorConfigPolicyResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - monitors_read summary: Datadog Get a Monitor Configuration Policy tags: - Configuration - Get - Monitor - Policies x-menu-order: 9 x-permission: operator: OR permissions: - monitors_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Edit a monitor configuration policy. operationId: UpdateMonitorConfigPolicy parameters: - description: ID of the monitor configuration policy. in: path name: policy_id required: true schema: example: 00000000-0000-1234-0000-000000000000 type: string example: 00000000-0000-1234-0000-000000000000 requestBody: content: application/json: schema: $ref: '#/components/schemas/MonitorConfigPolicyEditRequest' description: Description of the update. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/MonitorConfigPolicyResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '422': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Unprocessable Entity '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Edit a Monitor Configuration Policy tags: - Configuration - Edit - Monitor - Policies x-codegen-request-body-name: body x-menu-order: 12 x-permission: operator: OR permissions: - monitor_config_policy_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/monitor/{monitor_id}/downtime_matches: get: description: Get all active downtimes for the specified monitor. operationId: ListMonitorDowntimes parameters: - description: The id of the monitor. in: path name: monitor_id required: true schema: format: int64 type: integer example: 42 - $ref: '#/components/parameters/PageOffset' - description: Maximum number of downtimes in the response. example: 100 in: query name: page[limit] required: false schema: default: 30 format: int64 type: integer responses: '200': content: application/json: schema: $ref: '#/components/schemas/MonitorDowntimeMatchResponse' description: OK '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Monitor Not Found error '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - monitors_downtime summary: Datadog Get Active Downtimes for a Monitor tags: - Active - Get - Monitor x-codegen-request-body-name: body x-menu-order: 7 x-pagination: limitParam: page[limit] pageOffsetParam: page[offset] resultsPath: data x-permission: operator: OR permissions: - monitors_downtime x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/ndm/devices: get: description: Get the list of devices. operationId: ListDevices parameters: - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' - description: The field to sort the devices by. example: status in: query name: sort required: false schema: type: string - description: Filter devices by tag. example: status:ok in: query name: filter[tag] required: false schema: type: string responses: '200': content: application/json: schema: $ref: '#/components/schemas/ListDevicesResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get the List of Devices tags: - Devices - Get - Lists x-menu-order: 1 x-pagination: limitParam: page[size] pageParam: page[number] resultsPath: data x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/ndm/devices/{device_id}: get: description: Get the device details. operationId: GetDevice parameters: - description: The id of the device to fetch. example: example:1.2.3.4 in: path name: device_id required: true schema: type: string responses: '200': content: application/json: schema: $ref: '#/components/schemas/GetDeviceResponse' description: OK '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get the Device Details tags: - Devices - Get x-menu-order: 2 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/ndm/interfaces: get: description: Get the list of interfaces of the device. operationId: GetInterfaces parameters: - description: The ID of the device to get interfaces from. example: example:1.2.3.4 in: query name: device_id required: true schema: type: string - description: Whether to get the IP addresses of the interfaces. example: true in: query name: get_ip_addresses required: false schema: type: boolean responses: '200': content: application/json: schema: $ref: '#/components/schemas/GetInterfacesResponse' description: OK '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get the List of Interfaces of the Device tags: - Devices - Get - Interfaces - Lists x-menu-order: 3 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/ndm/tags/devices/{device_id}: get: description: Get the list of tags for a device. operationId: ListDeviceUserTags parameters: - description: The id of the device to fetch tags for. example: example:1.2.3.4 in: path name: device_id required: true schema: type: string responses: '200': content: application/json: schema: $ref: '#/components/schemas/ListTagsResponse' description: OK '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get the List of Tags for a Device tags: - Devices - Get - Lists x-menu-order: 4 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update the tags for a device. operationId: UpdateDeviceUserTags parameters: - description: The id of the device to update tags for. example: example:1.2.3.4 in: path name: device_id required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/ListTagsResponse' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/ListTagsResponse' description: OK '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update the Tags for a Device tags: - Devices - Update x-menu-order: 5 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/network/connections/aggregate: get: description: Get all aggregated connections. operationId: GetAggregatedConnections parameters: - description: >- Unix timestamp (number of seconds since epoch) of the start of the query window. If not provided, the start of the query window is 15 minutes before the `to` timestamp. If neither `from` nor `to` are provided, the query window is `[now - 15m, now]`. in: query name: from schema: format: int64 type: integer example: 42 - description: >- Unix timestamp (number of seconds since epoch) of the end of the query window. If not provided, the end of the query window is the current time. If neither `from` nor `to` are provided, the query window is `[now - 15m, now]`. in: query name: to schema: format: int64 type: integer example: 42 - description: Comma-separated list of fields to group connections by. in: query name: group_by schema: type: string example: example_value - description: Comma-separated list of tags to filter connections by. in: query name: tags schema: type: string example: env:production - description: The number of connections to be returned. The maximum value is 5000. in: query name: limit schema: default: 100 format: int32 maximum: 5000 minimum: 1 type: integer example: 42 responses: '200': content: application/json: schema: $ref: '#/components/schemas/SingleAggregatedConnectionResponseArray' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get All Aggregated Connections tags: - Aggregated - All - Connections - Get x-menu-order: 1 x-undo: type: safe x-unstable: |- **Note**: This endpoint is in Preview. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/on-call/escalation-policies: post: description: Create a new On-Call escalation policy operationId: CreateOnCallEscalationPolicy parameters: - description: >- Comma-separated list of included relationships to be returned. Allowed values: `teams`, `steps`, `steps.targets`. in: query name: include schema: type: string example: example_value requestBody: content: application/json: schema: $ref: '#/components/schemas/EscalationPolicyCreateRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/EscalationPolicy' description: Created '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Create On-call Escalation Policy tags: - Create - Policies x-given: escalation_policy: parameters: - name: body value: |- { "data": { "attributes": { "name": "{{ unique }}", "resolve_page_on_policy_end": true, "retries": 2, "steps": [ { "assignment": "default", "escalate_after_seconds": 3600, "targets": [ { "id": "{{ dd_team.data.id }}", "type": "teams" }, { "id": "{{ schedule.data.id }}", "type": "schedules" }, { "id": "{{ user.data.id }}", "type": "users" } ] }, { "assignment": "round-robin", "escalate_after_seconds": 3600, "targets": [ { "id": "{{ dd_team.data.id }}", "type": "teams" } ] } ] }, "relationships": { "teams": { "data": [ { "id": "{{ dd_team.data.id }}", "type": "teams" } ] } }, "type": "policies" } } step: there is a valid "escalation_policy" in the system x-menu-order: 5 x-permission: operator: AND permissions: - on_call_write x-undo: operationId: DeleteOnCallEscalationPolicy parameters: - name: policy_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/on-call/escalation-policies/{policy_id}: delete: description: Delete an On-Call escalation policy operationId: DeleteOnCallEscalationPolicy parameters: - description: The ID of the escalation policy in: path name: policy_id required: true schema: example: a3000000-0000-0000-0000-000000000000 type: string example: a3000000-0000-0000-0000-000000000000 responses: '204': description: No Content '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Delete On-call Escalation Policy tags: - Delete - Policies x-menu-order: 8 x-permission: operator: AND permissions: - on_call_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get an On-Call escalation policy operationId: GetOnCallEscalationPolicy parameters: - description: The ID of the escalation policy in: path name: policy_id required: true schema: example: a3000000-0000-0000-0000-000000000000 type: string example: a3000000-0000-0000-0000-000000000000 - description: >- Comma-separated list of included relationships to be returned. Allowed values: `teams`, `steps`, `steps.targets`. in: query name: include schema: type: string example: example_value responses: '200': content: application/json: schema: $ref: '#/components/schemas/EscalationPolicy' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Get On-call Escalation Policy tags: - Get - Policies x-menu-order: 7 x-permission: operator: AND permissions: - on_call_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: Update an On-Call escalation policy operationId: UpdateOnCallEscalationPolicy parameters: - description: The ID of the escalation policy in: path name: policy_id required: true schema: example: a3000000-0000-0000-0000-000000000000 type: string example: a3000000-0000-0000-0000-000000000000 - description: >- Comma-separated list of included relationships to be returned. Allowed values: `teams`, `steps`, `steps.targets`. in: query name: include schema: type: string example: example_value requestBody: content: application/json: schema: $ref: '#/components/schemas/EscalationPolicyUpdateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/EscalationPolicy' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Update On-call Escalation Policy tags: - Policies - Update x-menu-order: 6 x-permission: operator: AND permissions: - on_call_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/on-call/pages: post: description: | Trigger a new On-Call Page. operationId: CreateOnCallPage requestBody: content: application/json: schema: $ref: '#/components/schemas/CreatePageRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/CreatePageResponse' description: OK. '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] servers: - url: https://{site} variables: site: default: navy.oncall.datadoghq.com description: The globally available endpoint for On-Call. enum: - saffron.oncall.datadoghq.com - navy.oncall.datadoghq.com - coral.oncall.datadoghq.com - teal.oncall.datadoghq.com - beige.oncall.datadoghq.eu - url: '{protocol}://{name}' variables: name: default: api.datadoghq.com description: Full site DNS name. protocol: default: https description: The protocol for accessing the API. - url: https://{subdomain}.{site} variables: site: default: datadoghq.com description: Any Datadog deployment. subdomain: default: api description: The subdomain where the API is deployed. summary: Datadog Create On-call Page tags: - Create - Pages x-menu-order: 1 x-undo: parameters: [] type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/on-call/pages/{page_id}/acknowledge: post: description: | Acknowledges an On-Call Page. operationId: AcknowledgeOnCallPage parameters: - description: The page ID. in: path name: page_id required: true schema: example: 15e74b8b-f865-48d0-bcc5-453323ed2c8f format: uuid type: string example: 15e74b8b-f865-48d0-bcc5-453323ed2c8f responses: '202': description: Accepted. '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] servers: - url: https://{site} variables: site: default: navy.oncall.datadoghq.com description: The globally available endpoint for On-Call. enum: - saffron.oncall.datadoghq.com - navy.oncall.datadoghq.com - coral.oncall.datadoghq.com - teal.oncall.datadoghq.com - beige.oncall.datadoghq.eu - url: '{protocol}://{name}' variables: name: default: api.datadoghq.com description: Full site DNS name. protocol: default: https description: The protocol for accessing the API. - url: https://{subdomain}.{site} variables: site: default: datadoghq.com description: Any Datadog deployment. subdomain: default: api description: The subdomain where the API is deployed. summary: Datadog Acknowledge On-call Page tags: - Acknowledge - Pages x-menu-order: 2 x-undo: parameters: [] type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/on-call/pages/{page_id}/escalate: post: description: | Escalates an On-Call Page. operationId: EscalateOnCallPage parameters: - description: The page ID. in: path name: page_id required: true schema: example: 15e74b8b-f865-48d0-bcc5-453323ed2c8f format: uuid type: string example: 15e74b8b-f865-48d0-bcc5-453323ed2c8f responses: '202': description: Accepted. '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] servers: - url: https://{site} variables: site: default: navy.oncall.datadoghq.com description: The globally available endpoint for On-Call. enum: - saffron.oncall.datadoghq.com - navy.oncall.datadoghq.com - coral.oncall.datadoghq.com - teal.oncall.datadoghq.com - beige.oncall.datadoghq.eu - url: '{protocol}://{name}' variables: name: default: api.datadoghq.com description: Full site DNS name. protocol: default: https description: The protocol for accessing the API. - url: https://{subdomain}.{site} variables: site: default: datadoghq.com description: Any Datadog deployment. subdomain: default: api description: The subdomain where the API is deployed. summary: Datadog Escalate On-call Page tags: - Escalate - Pages x-menu-order: 3 x-undo: parameters: [] type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/on-call/pages/{page_id}/resolve: post: description: | Resolves an On-Call Page. operationId: ResolveOnCallPage parameters: - description: The page ID. in: path name: page_id required: true schema: example: 15e74b8b-f865-48d0-bcc5-453323ed2c8f format: uuid type: string example: 15e74b8b-f865-48d0-bcc5-453323ed2c8f responses: '202': description: Accepted. '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] servers: - url: https://{site} variables: site: default: navy.oncall.datadoghq.com description: The globally available endpoint for On-Call. enum: - saffron.oncall.datadoghq.com - navy.oncall.datadoghq.com - coral.oncall.datadoghq.com - teal.oncall.datadoghq.com - beige.oncall.datadoghq.eu - url: '{protocol}://{name}' variables: name: default: api.datadoghq.com description: Full site DNS name. protocol: default: https description: The protocol for accessing the API. - url: https://{subdomain}.{site} variables: site: default: datadoghq.com description: Any Datadog deployment. subdomain: default: api description: The subdomain where the API is deployed. summary: Datadog Resolve On-call Page tags: - Pages - Resolve x-menu-order: 4 x-undo: parameters: [] type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/on-call/schedules: post: description: Create a new On-Call schedule operationId: CreateOnCallSchedule parameters: - description: >- Comma-separated list of included relationships to be returned. Allowed values: `teams`, `layers`, `layers.members`, `layers.members.user`. in: query name: include schema: type: string example: example_value requestBody: content: application/json: schema: $ref: '#/components/schemas/ScheduleCreateRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/Schedule' description: Created '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Create On-call Schedule tags: - Create - Schedules x-given: schedule: parameters: - name: body value: |- { "data": { "attributes": { "layers": [ { "effective_date": "{{ timeISO('now - 10d') }}", "end_date": "{{ timeISO('now + 10d') }}", "interval": { "days": 1 }, "members": [ { "user": { "id": "{{ user.data.id }}" } } ], "name": "Layer 1", "restrictions": [ { "end_day": "friday", "end_time": "17:00:00", "start_day": "monday", "start_time": "09:00:00" } ], "rotation_start": "{{ timeISO('now - 5d') }}" } ], "name": "{{ unique }}", "time_zone": "America/New_York" }, "relationships": { "teams": { "data": [ { "id": "65aea9d0-941c-4607-bf8a-14fc0dac2820", "type": "teams" } ] } }, "type": "schedules" } } step: there is a valid "schedule" in the system x-menu-order: 1 x-permission: operator: AND permissions: - on_call_write x-undo: operationId: DeleteOnCallSchedule parameters: - name: schedule_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/on-call/schedules/{schedule_id}: delete: description: Delete an On-Call schedule operationId: DeleteOnCallSchedule parameters: - description: The ID of the schedule in: path name: schedule_id required: true schema: example: 3653d3c6-0c75-11ea-ad28-fb5701eabc7d type: string example: 3653d3c6-0c75-11ea-ad28-fb5701eabc7d responses: '204': description: No Content '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Delete On-call Schedule tags: - Delete - Schedules x-menu-order: 3 x-permission: operator: AND permissions: - on_call_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get an On-Call schedule operationId: GetOnCallSchedule parameters: - description: >- Comma-separated list of included relationships to be returned. Allowed values: `teams`, `layers`, `layers.members`, `layers.members.user`. in: query name: include schema: type: string example: example_value - description: The ID of the schedule in: path name: schedule_id required: true schema: example: 3653d3c6-0c75-11ea-ad28-fb5701eabc7d type: string example: 3653d3c6-0c75-11ea-ad28-fb5701eabc7d responses: '200': content: application/json: schema: $ref: '#/components/schemas/Schedule' description: OK '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Get On-call Schedule tags: - Get - Schedules x-menu-order: 2 x-permission: operator: AND permissions: - on_call_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: Update a new On-Call schedule operationId: UpdateOnCallSchedule parameters: - description: >- Comma-separated list of included relationships to be returned. Allowed values: `teams`, `layers`, `layers.members`, `layers.members.user`. in: query name: include schema: type: string example: example_value - description: The ID of the schedule in: path name: schedule_id required: true schema: example: 3653d3c6-0c75-11ea-ad28-fb5701eabc7d type: string example: 3653d3c6-0c75-11ea-ad28-fb5701eabc7d requestBody: content: application/json: schema: $ref: '#/components/schemas/ScheduleUpdateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/Schedule' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Update On-call Schedule tags: - Schedules - Update x-menu-order: 4 x-permission: operator: AND permissions: - on_call_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/on-call/schedules/{schedule_id}/on-call: get: description: >- Retrieves the user who is on-call for the specified schedule at a given time. operationId: GetScheduleOnCallUser parameters: - description: >- Specifies related resources to include in the response as a comma-separated list. Allowed value: `user`. in: query name: include schema: type: string example: example_value - description: The ID of the schedule. in: path name: schedule_id required: true schema: example: 3653d3c6-0c75-11ea-ad28-fb5701eabc7d type: string example: 3653d3c6-0c75-11ea-ad28-fb5701eabc7d - description: >- Retrieves the on-call user at the given timestamp (ISO-8601). Defaults to the current time if omitted." in: query name: filter[at_ts] schema: example: '2025-05-07T02:53:01Z' type: string example: '2025-05-07T02:53:01Z' responses: '200': content: application/json: schema: $ref: '#/components/schemas/Shift' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Get the Schedule On-call User tags: - Get - Schedules - Users x-menu-order: 11 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/on-call/teams/{team_id}/on-call: get: description: Get a team's on-call users at a given time operationId: GetTeamOnCallUsers parameters: - description: >- Comma-separated list of included relationships to be returned. Allowed values: `responders`, `escalations`, `escalations.responders`. in: query name: include schema: type: string example: example_value - description: The team ID in: path name: team_id required: true schema: example: 27590dae-47be-4a7d-9abf-8f4e45124020 type: string example: 27590dae-47be-4a7d-9abf-8f4e45124020 responses: '200': content: application/json: schema: $ref: '#/components/schemas/TeamOnCallResponders' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Get Team On-call Users tags: - Get - Teams - Users x-menu-order: 12 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/on-call/teams/{team_id}/routing-rules: get: description: Get a team's On-Call routing rules operationId: GetOnCallTeamRoutingRules parameters: - description: The team ID in: path name: team_id required: true schema: example: 27590dae-47be-4a7d-9abf-8f4e45124020 type: string example: 27590dae-47be-4a7d-9abf-8f4e45124020 - description: >- Comma-separated list of included relationships to be returned. Allowed values: `rules`, `rules.policy`. in: query name: include schema: type: string example: example_value responses: '200': content: application/json: schema: $ref: '#/components/schemas/TeamRoutingRules' description: OK '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Get On-call Team Routing Rules tags: - Get - Routing - Rules - Teams x-menu-order: 9 x-permission: operator: AND permissions: - on_call_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: Set a team's On-Call routing rules operationId: SetOnCallTeamRoutingRules parameters: - description: The team ID in: path name: team_id required: true schema: example: 27590dae-47be-4a7d-9abf-8f4e45124020 type: string example: 27590dae-47be-4a7d-9abf-8f4e45124020 - description: >- Comma-separated list of included relationships to be returned. Allowed values: `rules`, `rules.policy`. in: query name: include schema: type: string example: example_value requestBody: content: application/json: schema: $ref: '#/components/schemas/TeamRoutingRulesRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/TeamRoutingRules' description: OK '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Set On-call Team Routing Rules tags: - Routing - Rules - Sets - Teams x-given: routing_rules: parameters: - name: team_id source: dd_team.data.id - name: body value: |- { "data": { "type": "team_routing_rules", "id": "{{ dd_team.data.id }}", "attributes": { "rules": [ { "query": "", "policy_id": "{{ escalation_policy.data.id }}", "urgency": "low", "actions": [] } ] } } } step: there are valid "routing_rules" in the system x-menu-order: 10 x-permission: operator: AND permissions: - on_call_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/org_configs: get: description: Returns all Org Configs (name, description, and value). operationId: ListOrgConfigs responses: '200': content: application/json: schema: $ref: '#/components/schemas/OrgConfigListResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List Org Configs tags: - Lists x-menu-order: 100 x-permission: operator: OPEN permissions: [] x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/org_configs/{org_config_name}: get: description: Return the name, description, and value of a specific Org Config. operationId: GetOrgConfig parameters: - $ref: '#/components/parameters/OrgConfigName' responses: '200': content: application/json: schema: $ref: '#/components/schemas/OrgConfigGetResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get a Specific Org Config Value tags: - Get - Specific - Value x-menu-order: 101 x-permission: operator: OPEN permissions: [] x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update the value of a specific Org Config. operationId: UpdateOrgConfig parameters: - $ref: '#/components/parameters/OrgConfigName' requestBody: content: application/json: schema: $ref: '#/components/schemas/OrgConfigWriteRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/OrgConfigGetResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update a Specific Org Config tags: - Specific - Update x-menu-order: 102 x-permission: operator: OR permissions: - org_management x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/permissions: get: description: Returns a list of all permissions, including name, description, and ID. operationId: ListPermissions responses: '200': content: application/json: schema: $ref: '#/components/schemas/PermissionsResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - user_access_read summary: Datadog List Permissions tags: - Lists - Permissions x-given: permission: source: data[4] step: there is a valid "permission" in the system x-menu-order: 1 x-permission: operator: OR permissions: - user_access_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/posture_management/findings: get: description: > Get a list of findings. These include both misconfigurations and identity risks. **Note**: To filter and return only identity risks, add the following query parameter: `?filter[tags]=dd_rule_type:ciem` ### Filtering Filters can be applied by appending query parameters to the URL. - Using a single filter: `?filter[attribute_key]=attribute_value` - Chaining filters: `?filter[attribute_key]=attribute_value&filter[attribute_key]=attribute_value...` - Filtering on tags: `?filter[tags]=tag_key:tag_value&filter[tags]=tag_key_2:tag_value_2` Here, `attribute_key` can be any of the filter keys described further below. Query parameters of type `integer` support comparison operators (`>`, `>=`, `<`, `<=`). This is particularly useful when filtering by `evaluation_changed_at` or `resource_discovery_timestamp`. For example: `?filter[evaluation_changed_at]=>20123123121`. You can also use the negation operator on strings. For example, use `filter[resource_type]=-aws*` to filter for any non-AWS resources. The operator must come after the equal sign. For example, to filter with the `>=` operator, add the operator after the equal sign: `filter[evaluation_changed_at]=>=1678809373257`. Query parameters must be only among the documented ones and with values of correct types. Duplicated query parameters (e.g. `filter[status]=low&filter[status]=info`) are not allowed. ### Response The response includes an array of finding objects, pagination metadata, and a count of items that match the query. Each finding object contains the following: - The finding ID that can be used in a `GetFinding` request to retrieve the full finding details. - Core attributes, including status, evaluation, high-level resource details, muted state, and rule details. - `evaluation_changed_at` and `resource_discovery_date` time stamps. - An array of associated tags. operationId: ListFindings parameters: - description: Limit the number of findings returned. Must be <= 1000. example: 50 in: query name: page[limit] required: false schema: default: 100 format: int64 maximum: 1000 minimum: 1 type: integer - description: Return findings for a given snapshot of time (Unix ms). example: 1678721573794 in: query name: snapshot_timestamp required: false schema: format: int64 minimum: 1 type: integer - description: Return the next page of findings pointed to by the cursor. example: >- eyJhZnRlciI6IkFRQUFBWWJiaEJXQS1OY1dqUUFBQUFCQldXSmlhRUpYUVVGQlJFSktkbTlDTUdaWFRVbDNRVUUiLCJ2YWx1ZXMiOlsiY3JpdGljYWwiXX0= in: query name: page[cursor] required: false schema: type: string - description: Return findings that have these associated tags (repeatable). example: >- filter[tags]=cloud_provider:aws&filter[tags]=aws_account:999999999999 in: query name: filter[tags] required: false schema: type: string - description: >- Return findings that have changed from pass to fail or vice versa on a specified date (Unix ms) or date range (using comparison operators). example: '>=1678721573794' in: query name: filter[evaluation_changed_at] required: false schema: type: string - description: >- Set to `true` to return findings that are muted. Set to `false` to return unmuted findings. in: query name: filter[muted] required: false schema: type: boolean example: true - description: Return findings for the specified rule ID. in: query name: filter[rule_id] required: false schema: type: string example: abc-123-def - description: Return findings for the specified rule. in: query name: filter[rule_name] required: false schema: type: string example: Example Monitor - description: Return only findings for the specified resource type. in: query name: filter[resource_type] required: false schema: type: string example: metric alert - description: >- Return findings that were found on a specified date (Unix ms) or date range (using comparison operators). example: '>=1678721573794' in: query name: filter[discovery_timestamp] required: false schema: type: string - description: Return only `pass` or `fail` findings. example: pass in: query name: filter[evaluation] required: false schema: $ref: '#/components/schemas/FindingEvaluation' - description: Return only findings with the specified status. example: critical in: query name: filter[status] required: false schema: $ref: '#/components/schemas/FindingStatus' - description: >- Return findings that match the selected vulnerability types (repeatable). example: - misconfiguration explode: true in: query name: filter[vulnerability_type] required: false schema: items: $ref: '#/components/schemas/FindingVulnerabilityType' type: array responses: '200': content: application/json: schema: $ref: '#/components/schemas/ListFindingsResponse' description: OK '400': $ref: '#/components/responses/FindingsBadRequestResponse' '403': $ref: '#/components/responses/FindingsForbiddenResponse' '404': $ref: '#/components/responses/FindingsNotFoundResponse' '429': $ref: '#/components/responses/FindingsTooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_findings_read summary: Datadog List Findings tags: - Findings - Lists x-menu-order: 1 x-pagination: cursorParam: page[cursor] cursorPath: meta.page.cursor limitParam: page[limit] resultsPath: data x-undo: type: safe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Mute or unmute findings. operationId: MuteFindings requestBody: content: application/json: schema: $ref: '#/components/schemas/BulkMuteFindingsRequest' description: > ### Attributes All findings are updated with the same attributes. The request body must include at least two attributes: `muted` and `reason`. The allowed reasons depend on whether the finding is being muted or unmuted: - To mute a finding: `PENDING_FIX`, `FALSE_POSITIVE`, `ACCEPTED_RISK`, `OTHER`. - To unmute a finding : `NO_PENDING_FIX`, `HUMAN_ERROR`, `NO_LONGER_ACCEPTED_RISK`, `OTHER`. ### Meta The request body must include a list of the finding IDs to be updated. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/BulkMuteFindingsResponse' description: OK '400': $ref: '#/components/responses/FindingsBadRequestResponse' '403': $ref: '#/components/responses/FindingsForbiddenResponse' '404': $ref: '#/components/responses/FindingsNotFoundResponse' '422': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: >- Invalid Request: The server understands the request syntax but cannot process it due to invalid data. '429': $ref: '#/components/responses/FindingsTooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] summary: Datadog Mute or Unmute a Batch of Findings tags: - Batch - Findings - Mute x-codegen-request-body-name: body x-menu-order: 2 x-undo: type: safe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/posture_management/findings/{finding_id}: get: description: Returns a single finding with message and resource configuration. operationId: GetFinding parameters: - description: The ID of the finding. in: path name: finding_id required: true schema: type: string example: abc-123-def - description: Return the finding for a given snapshot of time (Unix ms). example: 1678721573794 in: query name: snapshot_timestamp required: false schema: format: int64 minimum: 1 type: integer responses: '200': content: application/json: schema: $ref: '#/components/schemas/GetFindingResponse' description: OK '400': $ref: '#/components/responses/FindingsBadRequestResponse' '403': $ref: '#/components/responses/FindingsForbiddenResponse' '404': $ref: '#/components/responses/FindingsNotFoundResponse' '429': $ref: '#/components/responses/FindingsTooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_findings_read summary: Datadog Get a Finding tags: - Finding - Get x-menu-order: 2 x-undo: type: safe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/powerpacks: get: description: Get a list of all powerpacks. operationId: ListPowerpacks parameters: - description: Maximum number of powerpacks in the response. example: 25 in: query name: page[limit] required: false schema: default: 25 format: int64 maximum: 1000 type: integer - $ref: '#/components/parameters/PageOffset' responses: '200': content: application/json: schema: $ref: '#/components/schemas/ListPowerpacksResponse' description: OK '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - dashboards_read summary: Datadog Get All Powerpacks tags: - All - Get x-menu-order: 1 x-pagination: limitParam: page[limit] pageOffsetParam: page[offset] resultsPath: data x-permission: operator: OR permissions: - dashboards_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a powerpack. operationId: CreatePowerpack requestBody: content: application/json: schema: $ref: '#/components/schemas/Powerpack' description: Create a powerpack request body. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/PowerpackResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - dashboards_write summary: Datadog Create a New Powerpack tags: - Create x-codegen-request-body-name: body x-given: powerpack: parameters: - file: powerpack_payload.json name: body step: there is a valid "powerpack" in the system x-menu-order: 2 x-permission: operator: OR permissions: - dashboards_write x-undo: operationId: DeletePowerpack parameters: - name: powerpack_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/powerpacks/{powerpack_id}: delete: description: Delete a powerpack. operationId: DeletePowerpack parameters: - description: Powerpack id in: path name: powerpack_id required: true schema: type: string example: abc-123-def responses: '204': description: OK '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Powerpack Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - dashboards_write summary: Datadog Delete a Powerpack tags: - Delete x-menu-order: 3 x-permission: operator: OR permissions: - dashboards_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a powerpack. operationId: GetPowerpack parameters: - description: ID of the powerpack. in: path name: powerpack_id required: true schema: type: string example: abc-123-def responses: '200': content: application/json: schema: $ref: '#/components/schemas/PowerpackResponse' description: OK '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Powerpack Not Found. '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - dashboards_read summary: Datadog Get a Powerpack tags: - Get x-menu-order: 4 x-permission: operator: OR permissions: - dashboards_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update a powerpack. operationId: UpdatePowerpack parameters: - description: ID of the powerpack. in: path name: powerpack_id required: true schema: type: string example: abc-123-def requestBody: content: application/json: schema: $ref: '#/components/schemas/Powerpack' description: Update a powerpack request body. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/PowerpackResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Powerpack Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - dashboards_write summary: Datadog Update a Powerpack tags: - Update x-codegen-request-body-name: body x-menu-order: 5 x-permission: operator: OR permissions: - dashboards_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: true /api/v2/processes: get: description: Get all processes for your organization. operationId: ListProcesses parameters: - description: String to search processes by. in: query name: search required: false schema: type: string example: example_value - description: Comma-separated list of tags to filter processes by. example: account:prod,user:admin in: query name: tags required: false schema: type: string - description: >- Unix timestamp (number of seconds since epoch) of the start of the query window. If not provided, the start of the query window will be 15 minutes before the `to` timestamp. If neither `from` nor `to` are provided, the query window will be `[now - 15m, now]`. in: query name: from required: false schema: format: int64 type: integer example: 42 - description: >- Unix timestamp (number of seconds since epoch) of the end of the query window. If not provided, the end of the query window will be 15 minutes after the `from` timestamp. If neither `from` nor `to` are provided, the query window will be `[now - 15m, now]`. in: query name: to required: false schema: format: int64 type: integer example: 42 - description: Maximum number of results returned. in: query name: page[limit] required: false schema: default: 1000 format: int32 maximum: 10000 minimum: 1 type: integer example: 42 - description: >- String to query the next page of results. This key is provided with each valid response from the API in `meta.page.after`. in: query name: page[cursor] required: false schema: type: string example: example_value responses: '200': content: application/json: schema: $ref: '#/components/schemas/ProcessSummariesResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication Error '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Get All Processes tags: - All - Get x-menu-order: 1 x-pagination: cursorParam: page[cursor] cursorPath: meta.page.after limitParam: page[limit] resultsPath: data x-permission: operator: OPEN permissions: [] x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/query/scalar: post: description: >- Query scalar values (as seen on Query Value, Table, and Toplist widgets). Multiple data sources are supported with the ability to process the data using formulas and functions. operationId: QueryScalarData requestBody: content: application/json: schema: $ref: '#/components/schemas/ScalarFormulaQueryRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/ScalarFormulaQueryResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - timeseries_query summary: Datadog Query Scalar Data Across Multiple Products tags: - Across - Data - Multiple - Products - Queries x-codegen-request-body-name: body x-menu-order: 2 x-permission: operator: OR permissions: - timeseries_query x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/query/timeseries: post: description: |- Query timeseries data across various data sources and process the data by applying formulas and functions. operationId: QueryTimeseriesData requestBody: content: application/json: schema: $ref: '#/components/schemas/TimeseriesFormulaQueryRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/TimeseriesFormulaQueryResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - timeseries_query summary: Datadog Query Timeseries Data Across Multiple Products tags: - Across - Data - Multiple - Products - Queries x-codegen-request-body-name: body x-menu-order: 1 x-permission: operator: OR permissions: - timeseries_query x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/remote_config/products/asm/waf/custom_rules: get: description: Retrieve a list of WAF custom rule. operationId: ListApplicationSecurityWAFCustomRules responses: '200': content: application/json: schema: $ref: >- #/components/schemas/ApplicationSecurityWafCustomRuleListResponse description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List All Waf Custom Rules tags: - All - Custom - Lists - Rules x-menu-order: 13 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a new WAF custom rule with the given parameters. operationId: CreateApplicationSecurityWafCustomRule requestBody: content: application/json: schema: $ref: >- #/components/schemas/ApplicationSecurityWafCustomRuleCreateRequest description: The definition of the new WAF Custom Rule. required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleResponse' description: Created '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '409': $ref: '#/components/responses/ConcurrentModificationResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create a Waf Custom Rule tags: - Create - Custom - Rules x-codegen-request-body-name: body x-given: custom_rule: parameters: - name: body value: |- { "data": { "type": "custom_rule", "attributes": { "blocking": false, "conditions": [ { "operator": "match_regex", "parameters": { "inputs": [ { "address": "server.request.query", "key_path": [ "id" ] } ], "regex": "badactor" } } ], "enabled": true, "name": "test", "path_glob": "/test", "scope": [ { "env": "test", "service": "test" } ], "tags": { "category": "attack_attempt", "type": "test" } } } } step: there is a valid "custom_rule" in the system x-menu-order: 12 x-undo: operationId: DeleteApplicationSecurityWafCustomRule parameters: - name: custom_rule_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}: delete: description: Delete a specific WAF custom rule. operationId: DeleteApplicationSecurityWafCustomRule parameters: - $ref: '#/components/parameters/ApplicationSecurityWafCustomRuleIDParam' responses: '204': description: No Content '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConcurrentModificationResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete a Waf Custom Rule tags: - Custom - Delete - Rules x-menu-order: 16 x-terraform-resource: appsec_waf_custom_rule x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Retrieve a WAF custom rule by ID. operationId: GetApplicationSecurityWafCustomRule parameters: - $ref: '#/components/parameters/ApplicationSecurityWafCustomRuleIDParam' responses: '200': content: application/json: schema: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get a Waf Custom Rule tags: - Custom - Get - Rules x-menu-order: 10 x-terraform-resource: appsec_waf_custom_rule x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: |- Update a specific WAF custom Rule. Returns the Custom Rule object when the request is successful. operationId: UpdateApplicationSecurityWafCustomRule parameters: - $ref: '#/components/parameters/ApplicationSecurityWafCustomRuleIDParam' requestBody: content: application/json: schema: $ref: >- #/components/schemas/ApplicationSecurityWafCustomRuleUpdateRequest description: New definition of the WAF Custom Rule. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/ApplicationSecurityWafCustomRuleResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConcurrentModificationResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update a Waf Custom Rule tags: - Custom - Rules - Update x-codegen-request-body-name: body x-menu-order: 15 x-terraform-resource: appsec_waf_custom_rule x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/remote_config/products/asm/waf/exclusion_filters: get: description: Retrieve a list of WAF exclusion filters. operationId: ListApplicationSecurityWafExclusionFilters responses: '200': content: application/json: schema: $ref: >- #/components/schemas/ApplicationSecurityWafExclusionFiltersResponse description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List All Waf Exclusion Filters tags: - All - Lists x-menu-order: 3 x-permission: operator: AND permissions: - appsec_protect_read x-terraform-resource: appsec_waf_exclusion_filter x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Create a new WAF exclusion filter with the given parameters. A request matched by an exclusion filter will be ignored by the Application Security WAF product. Go to https://app.datadoghq.com/security/appsec/passlist to review existing exclusion filters (also called passlist entries). operationId: CreateApplicationSecurityWafExclusionFilter requestBody: content: application/json: schema: $ref: >- #/components/schemas/ApplicationSecurityWafExclusionFilterCreateRequest description: The definition of the new WAF exclusion filter. required: true responses: '200': content: application/json: schema: $ref: >- #/components/schemas/ApplicationSecurityWafExclusionFilterResponse description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '409': $ref: '#/components/responses/ConcurrentModificationResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create a Waf Exclusion Filter tags: - Create - Filter x-codegen-request-body-name: body x-given: exclusion_filter: parameters: - name: body value: |- { "data": { "type": "exclusion_filter", "attributes": { "description": "My Exclusion Filter", "enabled": true, "path_glob": "*", "parameters": [ "list.search.query" ], "rules_target": [ { "tags": { "category":"attack_attempt", "type":"xss" } } ], "scope": [ { "env": "staging", "service": "event-query" } ] } } } step: there is a valid "exclusion_filter" in the system x-menu-order: 2 x-permission: operator: AND permissions: - appsec_protect_write x-terraform-resource: appsec_waf_exclusion_filter x-undo: operationId: DeleteApplicationSecurityWafExclusionFilter parameters: - name: exclusion_filter_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}: delete: description: Delete a specific WAF exclusion filter using its identifier. operationId: DeleteApplicationSecurityWafExclusionFilter parameters: - $ref: '#/components/parameters/ApplicationSecurityWafExclusionFilterID' responses: '204': description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConcurrentModificationResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete a Waf Exclusion Filter tags: - Delete - Filter x-menu-order: 6 x-permission: operator: AND permissions: - appsec_protect_write x-terraform-resource: appsec_waf_exclusion_filter x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Retrieve a specific WAF exclusion filter using its identifier. operationId: GetApplicationSecurityWafExclusionFilter parameters: - $ref: '#/components/parameters/ApplicationSecurityWafExclusionFilterID' responses: '200': content: application/json: schema: $ref: >- #/components/schemas/ApplicationSecurityWafExclusionFilterResponse description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get a Waf Exclusion Filter tags: - Filter - Get x-menu-order: 1 x-permission: operator: AND permissions: - appsec_protect_read x-terraform-resource: appsec_waf_exclusion_filter x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: |- Update a specific WAF exclusion filter using its identifier. Returns the exclusion filter object when the request is successful. operationId: UpdateApplicationSecurityWafExclusionFilter parameters: - $ref: '#/components/parameters/ApplicationSecurityWafExclusionFilterID' requestBody: content: application/json: schema: $ref: >- #/components/schemas/ApplicationSecurityWafExclusionFilterUpdateRequest description: The exclusion filter to update. required: true responses: '200': content: application/json: schema: $ref: >- #/components/schemas/ApplicationSecurityWafExclusionFilterResponse description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConcurrentModificationResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update a Waf Exclusion Filter tags: - Filter - Update x-codegen-request-body-name: body x-menu-order: 5 x-permission: operator: AND permissions: - appsec_protect_write x-terraform-resource: appsec_waf_exclusion_filter x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/remote_config/products/cws/agent_rules: get: description: >- Get the list of Workload Protection agent rules. **Note**: This endpoint is not available for the Government (US1-FED) site. Please reference the (US1-FED) specific resource below. operationId: ListCSMThreatsAgentRules parameters: - $ref: '#/components/parameters/CloudWorkloadSecurityQueryAgentPolicyID' responses: '200': content: application/json: schema: $ref: >- #/components/schemas/CloudWorkloadSecurityAgentRulesListResponse description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get All Workload Protection Agent Rules tags: - Agent - All - Get - Protections - Rules x-menu-order: 1 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Create a new Workload Protection agent rule with the given parameters. **Note**: This endpoint is not available for the Government (US1-FED) site. Please reference the (US1-FED) specific resource below. operationId: CreateCSMThreatsAgentRule requestBody: content: application/json: schema: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleCreateRequest' description: The definition of the new agent rule required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create a Workload Protection Agent Rule tags: - Agent - Create - Protections - Rules x-codegen-request-body-name: body x-given: agent_rule: parameters: - name: body value: |- { "data": { "type": "agent_rule", "attributes": { "name": "{{ unique_lower_alnum }}", "description": "My Agent rule", "expression": "exec.file.name == \"sh\"", "enabled": true, "product_tags": ["security:attack", "technique:T1059"], "actions": [{"set": {"name": "test_set", "value": "test_value", "scope": "process"}}], "policy_id": "{{ policy.data.id }}" } } } step: there is a valid "agent_rule_rc" in the system x-menu-order: 3 x-undo: operationId: DeleteCSMThreatsAgentRule parameters: - name: agent_rule_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/remote_config/products/cws/agent_rules/{agent_rule_id}: delete: description: >- Delete a specific Workload Protection agent rule. **Note**: This endpoint is not available for the Government (US1-FED) site. Please reference the (US1-FED) specific resource below. operationId: DeleteCSMThreatsAgentRule parameters: - $ref: '#/components/parameters/CloudWorkloadSecurityAgentRuleID' - $ref: '#/components/parameters/CloudWorkloadSecurityQueryAgentPolicyID' responses: '204': description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete a Workload Protection Agent Rule tags: - Agent - Delete - Protections - Rules x-menu-order: 5 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: >- Get the details of a specific Workload Protection agent rule. **Note**: This endpoint is not available for the Government (US1-FED) site. Please reference the (US1-FED) specific resource below. operationId: GetCSMThreatsAgentRule parameters: - $ref: '#/components/parameters/CloudWorkloadSecurityAgentRuleID' - $ref: '#/components/parameters/CloudWorkloadSecurityQueryAgentPolicyID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get a Workload Protection Agent Rule tags: - Agent - Get - Protections - Rules x-menu-order: 2 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- Update a specific Workload Protection Agent rule. Returns the agent rule object when the request is successful. **Note**: This endpoint is not available for the Government (US1-FED) site. Please reference the (US1-FED) specific resource below. operationId: UpdateCSMThreatsAgentRule parameters: - $ref: '#/components/parameters/CloudWorkloadSecurityAgentRuleID' - $ref: '#/components/parameters/CloudWorkloadSecurityQueryAgentPolicyID' requestBody: content: application/json: schema: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleUpdateRequest' description: New definition of the agent rule required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConcurrentModificationResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update a Workload Protection Agent Rule tags: - Agent - Protections - Rules - Update x-codegen-request-body-name: body x-menu-order: 4 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/remote_config/products/cws/policy: get: description: >- Get the list of Workload Protection policies. **Note**: This endpoint is not available for the Government (US1-FED) site. Please reference the (US1-FED) specific resource below. operationId: ListCSMThreatsAgentPolicies responses: '200': content: application/json: schema: $ref: >- #/components/schemas/CloudWorkloadSecurityAgentPoliciesListResponse description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get All Workload Protection Policies tags: - All - Get - Policies - Protections x-menu-order: 6 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Create a new Workload Protection policy with the given parameters. **Note**: This endpoint is not available for the Government (US1-FED) site. Please reference the (US1-FED) specific resource below. operationId: CreateCSMThreatsAgentPolicy requestBody: content: application/json: schema: $ref: >- #/components/schemas/CloudWorkloadSecurityAgentPolicyCreateRequest description: The definition of the new Agent policy required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/CloudWorkloadSecurityAgentPolicyResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create a Workload Protection Policy tags: - Create - Policies - Protections x-codegen-request-body-name: body x-given: policy: parameters: - name: body value: |- { "data": { "type": "policy", "attributes": { "name": "{{ unique_lower_alnum }}", "description": "My agent policy", "hostTags": ["env:staging"], "enabled": true } } } step: there is a valid "policy_rc" in the system x-menu-order: 8 x-undo: operationId: DeleteCSMThreatsAgentPolicy parameters: - name: policy_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/remote_config/products/cws/policy/download: get: description: >- The download endpoint generates a Workload Protection policy file from your currently active Workload Protection agent rules, and downloads them as a `.policy` file. This file can then be deployed to your agents to update the policy running in your environment. **Note**: This endpoint is not available for the Government (US1-FED) site. Please reference the (US1-FED) specific resource below. operationId: DownloadCSMThreatsPolicy responses: '200': content: application/zip: schema: format: binary type: string description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Download the Workload Protection Policy tags: - Download - Policies - Protections x-menu-order: 11 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/remote_config/products/cws/policy/{policy_id}: delete: description: >- Delete a specific Workload Protection policy. **Note**: This endpoint is not available for the Government (US1-FED) site. Please reference the (US1-FED) specific resource below. operationId: DeleteCSMThreatsAgentPolicy parameters: - $ref: '#/components/parameters/CloudWorkloadSecurityPathAgentPolicyID' responses: '202': description: OK '204': description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete a Workload Protection Policy tags: - Delete - Policies - Protections x-menu-order: 10 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: >- Get the details of a specific Workload Protection policy. **Note**: This endpoint is not available for the Government (US1-FED) site. Please reference the (US1-FED) specific resource below. operationId: GetCSMThreatsAgentPolicy parameters: - $ref: '#/components/parameters/CloudWorkloadSecurityPathAgentPolicyID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/CloudWorkloadSecurityAgentPolicyResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get a Workload Protection Policy tags: - Get - Policies - Protections x-menu-order: 7 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- Update a specific Workload Protection policy. Returns the policy object when the request is successful. **Note**: This endpoint is not available for the Government (US1-FED) site. Please reference the (US1-FED) specific resource below. operationId: UpdateCSMThreatsAgentPolicy parameters: - $ref: '#/components/parameters/CloudWorkloadSecurityPathAgentPolicyID' requestBody: content: application/json: schema: $ref: >- #/components/schemas/CloudWorkloadSecurityAgentPolicyUpdateRequest description: New definition of the Agent policy required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/CloudWorkloadSecurityAgentPolicyResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConcurrentModificationResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update a Workload Protection Policy tags: - Policies - Protections - Update x-codegen-request-body-name: body x-menu-order: 9 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/remote_config/products/obs_pipelines/pipelines: get: description: Retrieve a list of pipelines. operationId: ListPipelines parameters: - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' responses: '200': content: application/json: schema: $ref: '#/components/schemas/ListPipelinesResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List Pipelines tags: - Lists - Pipelines x-menu-order: 0 x-permission: operator: OR permissions: - observability_pipelines_read x-undo: type: safe x-unstable: '**Note**: This endpoint is in Preview.' x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a new pipeline. operationId: CreatePipeline requestBody: content: application/json: schema: $ref: '#/components/schemas/ObservabilityPipelineSpec' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/ObservabilityPipeline' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create a New Pipeline tags: - Create - Pipelines x-given: pipeline: parameters: - name: body value: |- { "data":{ "attributes":{ "config":{ "destinations":[ { "id":"datadog-logs-destination", "inputs":[ "filter-processor" ], "type":"datadog_logs" } ], "processors":[ { "id":"filter-processor", "include":"service:my-service", "inputs":[ "datadog-agent-source" ], "type":"filter" } ], "sources":[ { "id":"datadog-agent-source", "type":"datadog_agent" } ] }, "name":"Main Observability Pipeline" }, "type":"pipelines" } } step: there is a valid "pipeline" in the system x-menu-order: 1 x-permission: operator: OR permissions: - observability_pipelines_deploy x-undo: operationId: DeletePipeline parameters: - name: pipeline_id source: data.id type: unsafe x-unstable: '**Note**: This endpoint is in Preview.' x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/remote_config/products/obs_pipelines/pipelines/validate: post: description: > Validates a pipeline configuration without creating or updating any resources. Returns a list of validation errors, if any. operationId: ValidatePipeline requestBody: content: application/json: schema: $ref: '#/components/schemas/ObservabilityPipelineSpec' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/ValidationResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Validate an Observability Pipeline tags: - Observability - Pipelines - Validate x-menu-order: 5 x-permission: operator: OR permissions: - observability_pipelines_read x-undo: type: safe x-unstable: '**Note**: This endpoint is in Preview.' x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/remote_config/products/obs_pipelines/pipelines/{pipeline_id}: delete: description: Delete a pipeline. operationId: DeletePipeline parameters: - description: The ID of the pipeline to delete. in: path name: pipeline_id required: true schema: type: string example: abc-123-def responses: '204': description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '409': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Conflict '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete a Pipeline tags: - Delete - Pipelines x-menu-order: 4 x-permission: operator: OR permissions: - observability_pipelines_delete x-undo: type: idempotent x-unstable: '**Note**: This endpoint is in Preview.' x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a specific pipeline by its ID. operationId: GetPipeline parameters: - description: The ID of the pipeline to retrieve. in: path name: pipeline_id required: true schema: type: string example: abc-123-def responses: '200': content: application/json: schema: $ref: '#/components/schemas/ObservabilityPipeline' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get a Specific Pipeline tags: - Get - Pipelines - Specific x-menu-order: 2 x-permission: operator: OR permissions: - observability_pipelines_read x-undo: type: safe x-unstable: '**Note**: This endpoint is in Preview.' x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: Update a pipeline. operationId: UpdatePipeline parameters: - description: The ID of the pipeline to update. in: path name: pipeline_id required: true schema: type: string example: abc-123-def requestBody: content: application/json: schema: $ref: '#/components/schemas/ObservabilityPipeline' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/ObservabilityPipeline' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update a Pipeline tags: - Pipelines - Update x-menu-order: 3 x-permission: operator: OR permissions: - observability_pipelines_deploy x-undo: type: idempotent x-unstable: '**Note**: This endpoint is in Preview.' x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/restriction_policy/{resource_id}: delete: description: Deletes the restriction policy associated with a specified resource. operationId: DeleteRestrictionPolicy parameters: - $ref: '#/components/parameters/ResourceID' responses: '204': description: No Content '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Delete a Restriction Policy tags: - Delete - Policies - Restrictions x-menu-order: 3 x-permission: operator: OPEN permissions: [] x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Retrieves the restriction policy associated with a specified resource. operationId: GetRestrictionPolicy parameters: - $ref: '#/components/parameters/ResourceID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/RestrictionPolicyResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Get a Restriction Policy tags: - Get - Policies - Restrictions x-menu-order: 2 x-permission: operator: OPEN permissions: [] x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: |- Updates the restriction policy associated with a resource. #### Supported resources Restriction policies can be applied to the following resources: - Dashboards: `dashboard` - Integration Accounts: `integration-account` - Integration Services: `integration-service` - Integration Webhooks: `integration-webhook` - Notebooks: `notebook` - Powerpacks: `powerpack` - Reference Tables: `reference-table` - Security Rules: `security-rule` - Service Level Objectives: `slo` - Synthetic Global Variables: `synthetics-global-variable` - Synthetic Tests: `synthetics-test` - Synthetic Private Locations: `synthetics-private-location` - Monitors: `monitor` - Workflows: `workflow` - App Builder Apps: `app-builder-app` - Connections: `connection` - Connection Groups: `connection-group` - RUM Applications: `rum-application` #### Supported relations for resources Resource Type | Supported Relations ----------------------------|-------------------------- Dashboards | `viewer`, `editor` Integration Accounts | `viewer`, `editor` Integration Services | `viewer`, `editor` Integration Webhooks | `viewer`, `editor` Notebooks | `viewer`, `editor` Powerpacks | `viewer`, `editor` Security Rules | `viewer`, `editor` Service Level Objectives | `viewer`, `editor` Synthetic Global Variables | `viewer`, `editor` Synthetic Tests | `viewer`, `editor` Synthetic Private Locations | `viewer`, `editor` Monitors | `viewer`, `editor` Reference Tables | `viewer`, `editor` Workflows | `viewer`, `runner`, `editor` App Builder Apps | `viewer`, `editor` Connections | `viewer`, `resolver`, `editor` Connection Groups | `viewer`, `editor` RUM Application | `viewer`, `editor` operationId: UpdateRestrictionPolicy parameters: - $ref: '#/components/parameters/ResourceID' - description: >- Allows admins (users with the `user_access_manage` permission) to remove their own access from the resource if set to `true`. By default, this is set to `false`, preventing admins from locking themselves out. in: query name: allow_self_lockout required: false schema: type: boolean example: true requestBody: content: application/json: schema: $ref: '#/components/schemas/RestrictionPolicyUpdateRequest' description: Restriction policy payload required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/RestrictionPolicyResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Update a Restriction Policy tags: - Policies - Restrictions - Update x-codegen-request-body-name: body x-menu-order: 1 x-permission: operator: OPEN permissions: [] x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/roles: get: description: Returns all roles, including their names and their unique identifiers. operationId: ListRoles parameters: - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' - description: >- Sort roles depending on the given field. Sort order is **ascending** by default. Sort order is **descending** if the field is prefixed by a negative sign, for example: `sort=-name`. in: query name: sort required: false schema: $ref: '#/components/schemas/RolesSort' example: example_value - description: Filter all roles by the given string. in: query name: filter required: false schema: type: string example: example_value - description: Filter all roles by the given list of role IDs. in: query name: filter[id] required: false schema: type: string example: abc-123-def responses: '200': content: application/json: schema: $ref: '#/components/schemas/RolesResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - user_access_read summary: Datadog List Roles tags: - Lists - Roles x-menu-order: 1 x-permission: operator: OR permissions: - user_access_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a new role for your organization. operationId: CreateRole requestBody: content: application/json: schema: $ref: '#/components/schemas/RoleCreateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/RoleCreateResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - user_access_manage summary: Datadog Create Role tags: - Create - Role x-codegen-request-body-name: body x-given: role: parameters: - name: body value: |- { "data": { "attributes": { "name": "{{ unique }}" }, "type": "roles" } } step: there is a valid "role" in the system x-menu-order: 2 x-permission: operator: OR permissions: - user_access_manage x-undo: operationId: DeleteRole parameters: - name: role_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/roles/{role_id}: delete: description: Disables a role. operationId: DeleteRole parameters: - $ref: '#/components/parameters/RoleID' responses: '204': description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - user_access_manage summary: Datadog Delete Role tags: - Delete - Role x-codegen-request-body-name: body x-menu-order: 5 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a role in the organization specified by the role’s `role_id`. operationId: GetRole parameters: - $ref: '#/components/parameters/RoleID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/RoleResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - user_access_read summary: Datadog Get a Role tags: - Get - Role x-codegen-request-body-name: body x-menu-order: 3 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- Edit a role. Can only be used with application keys belonging to administrators. operationId: UpdateRole parameters: - $ref: '#/components/parameters/RoleID' requestBody: content: application/json: schema: $ref: '#/components/schemas/RoleUpdateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/RoleUpdateResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '422': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Unprocessable Entity '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - user_access_manage summary: Datadog Update a Role tags: - Role - Update x-codegen-request-body-name: body x-menu-order: 4 x-permission: operator: OR permissions: - user_access_manage x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: true patch: true /api/v2/roles/{role_id}/clone: post: description: Clone an existing role operationId: CloneRole parameters: - $ref: '#/components/parameters/RoleID' requestBody: content: application/json: schema: $ref: '#/components/schemas/RoleCloneRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/RoleResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '409': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Conflict '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - user_access_manage summary: Datadog Create a New Role by Cloning an Existing Role tags: - Create - Existing - Role x-codegen-request-body-name: body x-menu-order: 12 x-permission: operator: OR permissions: - user_access_manage x-undo: operationId: DeleteRole parameters: - name: role_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: post: true /api/v2/roles/{role_id}/permissions: delete: description: Removes a permission from a role. operationId: RemovePermissionFromRole parameters: - $ref: '#/components/parameters/RoleID' requestBody: content: application/json: schema: $ref: '#/components/schemas/RelationshipToPermission' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/PermissionsResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - user_access_manage summary: Datadog Revoke Permission tags: - Permissions - Revoke x-codegen-request-body-name: body x-menu-order: 8 x-permission: operator: OR permissions: - user_access_manage x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Returns a list of all permissions for a single role. operationId: ListRolePermissions parameters: - $ref: '#/components/parameters/RoleID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/PermissionsResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - user_access_read summary: Datadog List Permissions for a Role tags: - Lists - Permissions - Role x-codegen-request-body-name: body x-menu-order: 6 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Adds a permission to a role. operationId: AddPermissionToRole parameters: - $ref: '#/components/parameters/RoleID' requestBody: content: application/json: schema: $ref: '#/components/schemas/RelationshipToPermission' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/PermissionsResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - user_access_manage summary: Datadog Grant Permission to a Role tags: - Grants - Permissions - Role x-codegen-request-body-name: body x-given: permission_role: parameters: - name: role_id source: role.data.id - name: body value: |- { "data": { "id": "{{ permission.id }}", "type": "{{ permission.type }}" } } step: the "permission" is granted to the "role" x-menu-order: 7 x-permission: operator: OR permissions: - user_access_manage x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: true get: true post: true /api/v2/roles/{role_id}/users: delete: description: Removes a user from a role. operationId: RemoveUserFromRole parameters: - $ref: '#/components/parameters/RoleID' requestBody: content: application/json: schema: $ref: '#/components/schemas/RelationshipToUser' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/UsersResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - user_access_manage summary: Datadog Remove a User from a Role tags: - Remove - Role - Users x-codegen-request-body-name: body x-menu-order: 11 x-permission: operator: OR permissions: - user_access_manage x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Gets all users of a role. operationId: ListRoleUsers parameters: - $ref: '#/components/parameters/RoleID' - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' - description: >- User attribute to order results by. Sort order is **ascending** by default. Sort order is **descending** if the field is prefixed by a negative sign, for example `sort=-name`. Options: `name`, `email`, `status`. in: query name: sort required: false schema: default: name type: string example: example_value - description: Filter all users by the given string. Defaults to no filtering. in: query name: filter required: false schema: type: string example: example_value responses: '200': content: application/json: schema: $ref: '#/components/schemas/UsersResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - user_access_read summary: Datadog Get All Users of a Role tags: - All - Get - Role - Users x-menu-order: 9 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Adds a user to a role. operationId: AddUserToRole parameters: - $ref: '#/components/parameters/RoleID' requestBody: content: application/json: schema: $ref: '#/components/schemas/RelationshipToUser' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/UsersResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - user_access_manage summary: Datadog Add a User to a Role tags: - Add - Role - Users x-codegen-request-body-name: body x-given: permission_role: parameters: - name: role_id source: role.data.id - name: body value: |- { "data": { "id": "{{ user.data.id }}", "type": "{{ user.data.type }}" } } step: the "user" has the "role" x-menu-order: 10 x-permission: operator: OR permissions: - user_access_manage x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/rum/analytics/aggregate: post: description: >- The API endpoint to aggregate RUM events into buckets of computed metrics and timeseries. operationId: AggregateRUMEvents requestBody: content: application/json: schema: $ref: '#/components/schemas/RUMAggregateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/RUMAnalyticsAggregateResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Aggregate Rum Events tags: - Aggregate - Events - Rum x-codegen-request-body-name: body x-menu-order: 3 x-permission: operator: OPEN permissions: [] x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/rum/applications: get: description: List all the RUM applications in your organization. operationId: GetRUMApplications responses: '200': content: application/json: schema: $ref: '#/components/schemas/RUMApplicationsResponse' description: OK '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List All the Rum Applications tags: - All - Applications - Lists - Rum x-menu-order: 8 x-permission: operator: OR permissions: - rum_apps_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a new RUM application in your organization. operationId: CreateRUMApplication requestBody: content: application/json: schema: $ref: '#/components/schemas/RUMApplicationCreateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/RUMApplicationResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create a New Rum Application tags: - Applications - Create - Rum x-codegen-request-body-name: body x-given: rum_application: parameters: - name: body value: |- { "data": { "type": "rum_application_create", "attributes": { "name": "test-rum-{{ unique_hash }}", "type": "ios" } } } step: there is a valid "rum_application" in the system x-menu-order: 7 x-permission: operator: OR permissions: - rum_apps_write x-undo: operationId: DeleteRUMApplication parameters: - name: id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: get: false post: false /api/v2/rum/applications/{app_id}/relationships/retention_filters: patch: description: >- Order RUM retention filters for a RUM application. Returns RUM retention filter objects without attributes from the request body when the request is successful. operationId: OrderRetentionFilters parameters: - $ref: '#/components/parameters/RumApplicationIDParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/RumRetentionFiltersOrderRequest' description: New definition of the RUM retention filter. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/RumRetentionFiltersOrderResponse' description: Ordered '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Order Rum Retention Filters tags: - Order - Retention - Rum x-codegen-request-body-name: body x-menu-order: 6 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/rum/applications/{app_id}/retention_filters: get: description: Get the list of RUM retention filters for a RUM application. operationId: ListRetentionFilters parameters: - $ref: '#/components/parameters/RumApplicationIDParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/RumRetentionFiltersResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get All Rum Retention Filters tags: - All - Get - Retention - Rum x-menu-order: 1 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Create a RUM retention filter for a RUM application. Returns RUM retention filter objects from the request body when the request is successful. operationId: CreateRetentionFilter parameters: - $ref: '#/components/parameters/RumApplicationIDParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/RumRetentionFilterCreateRequest' description: The definition of the new RUM retention filter. required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/RumRetentionFilterResponse' description: Created '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create a Rum Retention Filter tags: - Create - Filter - Retention - Rum x-codegen-request-body-name: body x-menu-order: 3 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/rum/applications/{app_id}/retention_filters/{rf_id}: delete: description: Delete a RUM retention filter for a RUM application. operationId: DeleteRetentionFilter parameters: - $ref: '#/components/parameters/RumApplicationIDParameter' - $ref: '#/components/parameters/RumRetentionFilterIDParameter' responses: '204': description: No Content '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete a Rum Retention Filter tags: - Delete - Filter - Retention - Rum x-menu-order: 5 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a RUM retention filter for a RUM application. operationId: GetRetentionFilter parameters: - $ref: '#/components/parameters/RumApplicationIDParameter' - $ref: '#/components/parameters/RumRetentionFilterIDParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/RumRetentionFilterResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get a Rum Retention Filter tags: - Filter - Get - Retention - Rum x-menu-order: 2 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- Update a RUM retention filter for a RUM application. Returns RUM retention filter objects from the request body when the request is successful. operationId: UpdateRetentionFilter parameters: - $ref: '#/components/parameters/RumApplicationIDParameter' - $ref: '#/components/parameters/RumRetentionFilterIDParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/RumRetentionFilterUpdateRequest' description: New definition of the RUM retention filter. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/RumRetentionFilterResponse' description: Updated '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update a Rum Retention Filter tags: - Filter - Retention - Rum - Update x-codegen-request-body-name: body x-menu-order: 4 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/rum/applications/{id}: delete: description: Delete an existing RUM application in your organization. operationId: DeleteRUMApplication parameters: - description: RUM application ID. in: path name: id required: true schema: type: string example: abc-123-def responses: '204': description: No Content '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete a Rum Application tags: - Applications - Delete - Rum x-menu-order: 6 x-permission: operator: OR permissions: - rum_apps_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get the RUM application with given ID in your organization. operationId: GetRUMApplication parameters: - description: RUM application ID. in: path name: id required: true schema: type: string example: abc-123-def responses: '200': content: application/json: schema: $ref: '#/components/schemas/RUMApplicationResponse' description: OK '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get a Rum Application tags: - Applications - Get - Rum x-menu-order: 5 x-permission: operator: OR permissions: - rum_apps_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update the RUM application with given ID in your organization. operationId: UpdateRUMApplication parameters: - description: RUM application ID. in: path name: id required: true schema: type: string example: abc-123-def requestBody: content: application/json: schema: $ref: '#/components/schemas/RUMApplicationUpdateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/RUMApplicationResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '404': $ref: '#/components/responses/NotFoundResponse' '422': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Unprocessable Entity. '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update a Rum Application tags: - Applications - Rum - Update x-codegen-request-body-name: body x-menu-order: 4 x-permission: operator: OR permissions: - rum_apps_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: true get: false patch: false /api/v2/rum/config/metrics: get: description: Get the list of configured rum-based metrics with their definitions. operationId: ListRumMetrics responses: '200': content: application/json: schema: $ref: '#/components/schemas/RumMetricsResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get All Rum-based Metrics tags: - All - Get - Metrics x-menu-order: 1 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Create a metric based on your organization's RUM data. Returns the rum-based metric object from the request body when the request is successful. operationId: CreateRumMetric requestBody: content: application/json: schema: $ref: '#/components/schemas/RumMetricCreateRequest' description: The definition of the new rum-based metric. required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/RumMetricResponse' description: Created '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create a Rum-based Metric tags: - Create - Metrics x-codegen-request-body-name: body x-given: rum_metric: parameters: - name: body value: |- { "data": { "id": "{{ unique_lower_alnum }}", "type": "rum_metrics", "attributes": { "event_type": "session", "compute": { "aggregation_type": "distribution", "include_percentiles": true, "path": "@duration" }, "filter": { "query": "source:{{ unique }}" }, "group_by": [{ "path": "@browser.name", "tag_name": "browser_name" }], "uniqueness": { "when": "match" } } } } step: there is a valid "rum_metric" in the system x-menu-order: 2 x-undo: operationId: DeleteRumMetric parameters: - name: metric_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/rum/config/metrics/{metric_id}: delete: description: Delete a specific rum-based metric from your organization. operationId: DeleteRumMetric parameters: - $ref: '#/components/parameters/RumMetricIDParameter' responses: '204': description: No Content '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete a Rum-based Metric tags: - Delete - Metrics x-menu-order: 5 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a specific rum-based metric from your organization. operationId: GetRumMetric parameters: - $ref: '#/components/parameters/RumMetricIDParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/RumMetricResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get a Rum-based Metric tags: - Get - Metrics x-menu-order: 3 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- Update a specific rum-based metric from your organization. Returns the rum-based metric object from the request body when the request is successful. operationId: UpdateRumMetric parameters: - $ref: '#/components/parameters/RumMetricIDParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/RumMetricUpdateRequest' description: New definition of the rum-based metric. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/RumMetricResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update a Rum-based Metric tags: - Metrics - Update x-codegen-request-body-name: body x-menu-order: 4 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/rum/events: get: description: >- List endpoint returns events that match a RUM search query. [Results are paginated][1]. Use this endpoint to see your latest RUM events. [1]: https://docs.datadoghq.com/logs/guide/collect-multiple-logs-with-pagination operationId: ListRUMEvents parameters: - description: Search query following RUM syntax. example: '@type:session @application_id:xxxx' in: query name: filter[query] required: false schema: type: string - description: Minimum timestamp for requested events. example: '2019-01-02T09:42:36.320Z' in: query name: filter[from] required: false schema: format: date-time type: string - description: Maximum timestamp for requested events. example: '2019-01-03T09:42:36.320Z' in: query name: filter[to] required: false schema: format: date-time type: string - description: Order of events in results. in: query name: sort required: false schema: $ref: '#/components/schemas/RUMSort' example: example_value - description: List following results with a cursor provided in the previous query. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== in: query name: page[cursor] required: false schema: type: string - description: Maximum number of events in the response. example: 25 in: query name: page[limit] required: false schema: default: 10 format: int32 maximum: 1000 type: integer responses: '200': content: application/json: schema: $ref: '#/components/schemas/RUMEventsResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Get a List of Rum Events tags: - Events - Get - Lists - Rum x-menu-order: 2 x-pagination: cursorParam: page[cursor] cursorPath: meta.page.after limitParam: page[limit] resultsPath: data x-permission: operator: OPEN permissions: [] x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/rum/events/search: post: description: >- List endpoint returns RUM events that match a RUM search query. [Results are paginated][1]. Use this endpoint to build complex RUM events filtering and search. [1]: https://docs.datadoghq.com/logs/guide/collect-multiple-logs-with-pagination operationId: SearchRUMEvents requestBody: content: application/json: schema: $ref: '#/components/schemas/RUMSearchEventsRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/RUMEventsResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Search Rum Events tags: - Events - Rum - Search x-codegen-request-body-name: body x-menu-order: 1 x-pagination: cursorParam: body.page.cursor cursorPath: meta.page.after limitParam: body.page.limit resultsPath: data x-permission: operator: OPEN permissions: [] x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/saml_configurations/idp_metadata: post: description: >- Endpoint for uploading IdP metadata for SAML setup. Use this endpoint to upload or replace IdP metadata for SAML login configuration. operationId: UploadIdPMetadata requestBody: content: multipart/form-data: schema: $ref: '#/components/schemas/IdPMetadataFormData' required: true responses: '200': description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Upload Idp Metadata tags: - Upload x-codegen-request-body-name: body x-menu-order: 1 x-permission: operator: OR permissions: - org_management x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/scim/Groups: get: description: |- List groups in the organization. Results are paginated by `startIndex` and `count` parameters. Results can be narrowed down by the `filter` parameter. operationId: ListSCIMGroups parameters: - description: Specifies the start index to fetch the results (1-indexed). in: query name: startIndex required: false schema: default: 1 example: 1 format: int64 type: integer example: 1 - description: Specifies the number of groups to be returned. in: query name: count required: false schema: default: 20 example: 20 format: int64 type: integer example: 20 - description: >- Specifies the url encoded filter to use to narrow down the results. Filters can be in the form of `displayName eq ` or `externalId eq ` or `id eq and members eq ` or `members eq and id eq `. in: query name: filter required: false schema: type: string example: example_value responses: '200': content: application/json: schema: $ref: '#/components/schemas/ListExternalUserGroupResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - bearerAuth: [] summary: Datadog List Groups tags: - Groups - Lists x-menu-order: 7 x-permission: operator: AND permissions: - user_access_invite - user_access_manage x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: |- Create a new group. The group may contain members. operationId: CreateSCIMGroup requestBody: content: application/json: examples: json-request-body: value: displayName: Group 1 externalId: group1 members: - $ref: >- https://app.datadoghq.com/api/scim/v2/Users/d34a5f93-5690-4d3f-a293-f2ad5c7a82a4 display: John Doe type: User value: d34a5f93-5690-4d3f-a293-f2ad5c7a82a4 - $ref: >- https://app.datadoghq.com/api/scim/v2/Users/429ebce5-8ed3-4da9-9f1e-662f2dbc2fe6 display: Jane Doe type: User value: 429ebce5-8ed3-4da9-9f1e-662f2dbc2fe6 schemas: - urn:ietf:params:scim:schemas:core:2.0:Group schema: $ref: '#/components/schemas/ExternalUserGroup' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/ExternalUserGroup' description: Created '400': $ref: '#/components/responses/BadRequestResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - bearerAuth: [] summary: Datadog Create Group tags: - Create - Groups x-menu-order: 8 x-permission: operator: AND permissions: - user_access_invite - user_access_manage x-undo: operationId: DeleteSCIMGroup parameters: - name: group_id source: type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/scim/Groups/{group_id}: delete: description: Delete the group with the given `group_id`. operationId: DeleteSCIMGroup parameters: - description: None in: path name: group_id required: true schema: type: string example: abc-123-def responses: '204': description: No Content '400': $ref: '#/components/responses/BadRequestResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - bearerAuth: [] summary: Datadog Delete Group tags: - Delete - Groups x-menu-order: 12 x-permission: operator: AND permissions: - user_access_invite - user_access_manage x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a single group using the `group_id`. operationId: GetSCIMGroup parameters: - description: None in: path name: group_id required: true schema: type: string example: abc-123-def responses: '200': content: application/json: schema: $ref: '#/components/schemas/ExternalUserGroup' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - bearerAuth: [] summary: Datadog Get Group tags: - Get - Groups x-menu-order: 9 x-permission: operator: AND permissions: - user_access_invite - user_access_manage x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Patch the group with the given `group_id`. operationId: PatchSCIMGroup parameters: - description: None in: path name: group_id required: true schema: type: string example: abc-123-def requestBody: content: application/json: examples: json-request-body: value: Operations: - op: replace path: None value: displayName: Real new group id: e43536e9-33fe-43f8-90b8-d3e39a7dd6ad - op: add path: None value: members: - $ref: >- https://app.datadoghq.com/api/scim/v2/Users/f85e3868-ad7b-47e3-a8a9-ff1eade2bbf9 displayName: Bob Smith value: f85e3868-ad7b-47e3-a8a9-ff1eade2bbf9 - op: remove path: members[value eq "fddf0cf2-9b60-11ef-ad4b-d6754a54a839"] value: schemas: - urn:ietf:params:scim:api:messages:2.0:PatchOp schema: $ref: '#/components/schemas/ExternalUserGroupPatchRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/ExternalUserGroup' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - bearerAuth: [] summary: Datadog Patch Group tags: - Groups - Patch x-menu-order: 11 x-permission: operator: AND permissions: - user_access_invite - user_access_manage x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: Update the group with the given `group_id`. operationId: UpdateSCIMGroup parameters: - description: None in: path name: group_id required: true schema: type: string example: abc-123-def requestBody: content: application/json: examples: json-request-body: value: displayName: Group 1 externalId: group1 id: e43536e9-33fe-43f8-90b8-d3e39a7dd6ad members: - $ref: >- https://app.datadoghq.com/api/scim/v2/Users/d34a5f93-5690-4d3f-a293-f2ad5c7a82a4 display: John Doe type: User value: d34a5f93-5690-4d3f-a293-f2ad5c7a82a4 - $ref: >- https://app.datadoghq.com/api/scim/v2/Users/429ebce5-8ed3-4da9-9f1e-662f2dbc2fe6 display: Jane Doe type: User value: 429ebce5-8ed3-4da9-9f1e-662f2dbc2fe6 schemas: - urn:ietf:params:scim:schemas:core:2.0:Group schema: $ref: '#/components/schemas/ExternalUserGroup' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/ExternalUserGroup' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - bearerAuth: [] summary: Datadog Update Group tags: - Groups - Update x-menu-order: 10 x-permission: operator: AND permissions: - user_access_invite - user_access_manage x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/scim/Users: get: description: |- List users in the organization. Results are paginated by `startIndex` and `count` parameters. Results can be narrowed down by the `filter` parameter. operationId: ListSCIMUsers parameters: - description: Specifies the start index to fetch the results (1-indexed). in: query name: startIndex required: false schema: default: 1 example: 1 format: int64 type: integer example: 1 - description: Specifies the number of users to be returned. in: query name: count required: false schema: default: 20 example: 20 format: int64 type: integer example: 20 - description: |- Specifies the url encoded filter to use to narrow down the results. Filter should be of the form `userName eq `. in: query name: filter required: false schema: type: string example: example_value responses: '200': content: application/json: schema: $ref: '#/components/schemas/ListExternalUsersResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - bearerAuth: [] summary: Datadog List Users tags: - Lists - Users x-menu-order: 1 x-permission: operator: AND permissions: - user_access_invite - user_access_manage x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a new user. operationId: CreateSCIMUser requestBody: content: application/json: examples: json-request-body: value: active: true emails: - primary: true type: work value: john.doe@datadoghq.com name: formatted: John Doe schemas: - urn:ietf:params:scim:schemas:core:2.0:User title: Mr. userName: john.doe@datadoghq.com schema: $ref: '#/components/schemas/ExternalUser' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/ExternalUser' description: Created '400': $ref: '#/components/responses/BadRequestResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - bearerAuth: [] summary: Datadog Create User tags: - Create - Users x-menu-order: 2 x-permission: operator: AND permissions: - user_access_invite - user_access_manage x-undo: operationId: DeleteSCIMUser parameters: - name: user_uuid source: type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/scim/Users/{user_uuid}: delete: description: Delete the group with the given `user_uuid`. operationId: DeleteSCIMUser parameters: - description: None in: path name: user_uuid required: true schema: type: string example: abc-123-def responses: '204': description: No Content '400': $ref: '#/components/responses/BadRequestResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - bearerAuth: [] summary: Datadog Delete User tags: - Delete - Users x-menu-order: 6 x-permission: operator: AND permissions: - user_access_invite - user_access_manage x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a single user using the `user_uuid`. operationId: GetSCIMUser parameters: - description: None in: path name: user_uuid required: true schema: type: string example: abc-123-def responses: '200': content: application/json: schema: $ref: '#/components/schemas/ExternalUser' description: OK '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - bearerAuth: [] summary: Datadog Get User tags: - Get - Users x-menu-order: 3 x-permission: operator: AND permissions: - user_access_invite - user_access_manage x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Patch the user with the given `user_uuid`. operationId: PatchSCIMUser parameters: - description: None in: path name: user_uuid required: true schema: type: string example: abc-123-def requestBody: content: application/json: examples: json-request-body: value: Operations: - op: replace path: title value: CEO - op: replace value: name: formatted: John Doe schemas: - urn:ietf:params:scim:api:messages:2.0:PatchOp schema: $ref: '#/components/schemas/ExternalUserPatchRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/ExternalUser' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - bearerAuth: [] summary: Datadog Patch User tags: - Patch - Users x-menu-order: 5 x-permission: operator: AND permissions: - user_access_invite - user_access_manage x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: Update the user with the given `user_uuid`. operationId: UpdateSCIMUser parameters: - description: None in: path name: user_uuid required: true schema: type: string example: abc-123-def requestBody: content: application/json: examples: json-request-body: value: active: true emails: - primary: true type: work value: john.doe@datadoghq.com id: e43536e9-33fe-43f8-90b8-d3e39a7dd6ad name: formatted: John Doe schemas: - urn:ietf:params:scim:schemas:core:2.0:User title: Mr. userName: john.doe@datadoghq.com schema: $ref: '#/components/schemas/ExternalUser' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/ExternalUser' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - bearerAuth: [] summary: Datadog Update User tags: - Update - Users x-menu-order: 4 x-permission: operator: AND permissions: - user_access_invite - user_access_manage x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/scorecard/outcomes: get: description: Fetches all rule outcomes. operationId: ListScorecardOutcomes parameters: - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageOffset' - description: Include related rule details in the response. in: query name: include required: false schema: example: rule type: string example: rule - description: Return only specified values in the outcome attributes. in: query name: fields[outcome] required: false schema: example: state, service_name type: string example: state, service_name - description: Return only specified values in the included rule details. in: query name: fields[rule] required: false schema: example: name type: string example: name - description: Filter the outcomes on a specific service name. in: query name: filter[outcome][service_name] required: false schema: example: web-store type: string example: web-store - description: Filter the outcomes by a specific state. in: query name: filter[outcome][state] required: false schema: example: fail type: string example: fail - description: Filter outcomes on whether a rule is enabled/disabled. in: query name: filter[rule][enabled] required: false schema: example: true type: boolean example: true - description: Filter outcomes based on rule ID. in: query name: filter[rule][id] required: false schema: example: f4485c79-0762-449c-96cf-c31e54a659f6 type: string example: f4485c79-0762-449c-96cf-c31e54a659f6 - description: Filter outcomes based on rule name. in: query name: filter[rule][name] required: false schema: example: SLOs Defined type: string example: SLOs Defined responses: '200': content: application/json: schema: $ref: '#/components/schemas/OutcomesResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_service_catalog_read summary: Datadog List All Rule Outcomes tags: - All - Lists - Rules x-menu-order: 2 x-pagination: limitParam: page[size] pageOffsetParam: page[offset] resultsPath: data x-undo: type: safe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/scorecard/outcomes/batch: post: description: Sets multiple service-rule outcomes in a single batched request. operationId: CreateScorecardOutcomesBatch requestBody: content: application/json: schema: $ref: '#/components/schemas/OutcomesBatchRequest' description: Set of scorecard outcomes. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/OutcomesBatchResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_service_catalog_write summary: Datadog Create Outcomes Batch tags: - Batch - Create x-codegen-request-body-name: body x-menu-order: 1 x-undo: type: idempotent x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/scorecard/rules: get: description: Fetch all rules. operationId: ListScorecardRules parameters: - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageOffset' - description: Include related scorecard details in the response. in: query name: include required: false schema: example: scorecard type: string example: scorecard - description: Filter the rules on a rule ID. in: query name: filter[rule][id] required: false schema: example: 37d2f990-c885-4972-949b-8b798213a166 type: string example: 37d2f990-c885-4972-949b-8b798213a166 - description: Filter for enabled rules only. in: query name: filter[rule][enabled] required: false schema: example: true type: boolean example: true - description: Filter for custom rules only. in: query name: filter[rule][custom] required: false schema: example: true type: boolean example: true - description: Filter rules on the rule name. in: query name: filter[rule][name] required: false schema: example: Code Repos Defined type: string example: Code Repos Defined - description: Filter rules on the rule description. in: query name: filter[rule][description] required: false schema: example: Identifying type: string example: Identifying - description: Return only specific fields in the response for rule attributes. in: query name: fields[rule] required: false schema: example: name, description type: string example: name, description - description: >- Return only specific fields in the included response for scorecard attributes. in: query name: fields[scorecard] required: false schema: example: name type: string example: name responses: '200': content: application/json: schema: $ref: '#/components/schemas/ListRulesResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_service_catalog_read summary: Datadog List All Rules tags: - All - Lists - Rules x-menu-order: 2 x-pagination: limitParam: page[size] pageOffsetParam: page[offset] resultsPath: data x-undo: type: safe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Creates a new rule. operationId: CreateScorecardRule requestBody: content: application/json: schema: $ref: '#/components/schemas/CreateRuleRequest' description: Rule attributes. required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/CreateRuleResponse' description: Created '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_service_catalog_write summary: Datadog Create a New Rule tags: - Create - Rules x-codegen-request-body-name: body x-given: create_scorecard_rule: parameters: - name: body value: |- { "data": { "type": "rule", "attributes": { "name": "{{ unique }}", "enabled": true, "owner": "Datadog", "scorecard_name": "OpenAPI Spec Test Best Practices" } } } step: there is a valid "create_scorecard_rule" in the system x-menu-order: 1 x-undo: operationId: DeleteScorecardRule parameters: - name: rule_id source: data.id type: unsafe x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/scorecard/rules/{rule_id}: delete: description: Deletes a single rule. operationId: DeleteScorecardRule parameters: - $ref: '#/components/parameters/RuleId' responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_service_catalog_write summary: Datadog Delete a Rule tags: - Delete - Rules x-menu-order: 3 x-undo: type: idempotent x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: Updates an existing rule. operationId: UpdateScorecardRule parameters: - $ref: '#/components/parameters/RuleId' requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateRuleRequest' description: Rule attributes. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/UpdateRuleResponse' description: Rule updated successfully '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_service_catalog_write summary: Datadog Update an Existing Rule tags: - Existing - Rules - Update x-codegen-request-body-name: body x-menu-order: 4 x-undo: type: idempotent x-unstable: >- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security/assets: get: description: > Get a list of vulnerable assets. ### Pagination Please review the [Pagination section for the "List Vulnerabilities"](#pagination) endpoint. ### Filtering Please review the [Filtering section for the "List Vulnerabilities"](#filtering) endpoint. ### Metadata Please review the [Metadata section for the "List Vulnerabilities"](#metadata) endpoint. operationId: ListVulnerableAssets parameters: - description: >- Its value must come from the `links` section of the response of the first request. Do not manually edit it. example: >- b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4 in: query name: page[token] required: false schema: type: string - description: >- The page number to be retrieved. It should be equal or greater than `1` example: 1 in: query name: page[number] required: false schema: format: int64 minimum: 1 type: integer - description: Filter by name. example: datadog-agent in: query name: filter[name] required: false schema: type: string - description: Filter by type. example: Host in: query name: filter[type] required: false schema: $ref: '#/components/schemas/AssetType' - description: >- Filter by the first version of the asset since it has been vulnerable. example: v1.15.1 in: query name: filter[version.first] required: false schema: type: string - description: Filter by the last detected version of the asset. example: v1.15.1 in: query name: filter[version.last] required: false schema: type: string - description: Filter by the repository url associated to the asset. example: github.com/DataDog/datadog-agent.git in: query name: filter[repository_url] required: false schema: type: string - description: Filter whether the asset is in production or not. example: false in: query name: filter[risks.in_production] required: false schema: type: boolean - description: Filter whether the asset (Service) is under attack or not. example: false in: query name: filter[risks.under_attack] required: false schema: type: boolean - description: Filter whether the asset (Host) is publicly accessible or not. example: false in: query name: filter[risks.is_publicly_accessible] required: false schema: type: boolean - description: Filter whether the asset (Host) has privileged access or not. example: false in: query name: filter[risks.has_privileged_access] required: false schema: type: boolean - description: >- Filter whether the asset (Host) has access to sensitive data or not. example: false in: query name: filter[risks.has_access_to_sensitive_data] required: false schema: type: boolean - description: Filter by environment. example: staging in: query name: filter[environments] required: false schema: type: string - description: Filter by architecture. example: arm64 in: query name: filter[arch] required: false schema: type: string - description: Filter by operating system name. example: ubuntu in: query name: filter[operating_system.name] required: false schema: type: string - description: Filter by operating system version. example: '24.04' in: query name: filter[operating_system.version] required: false schema: type: string responses: '200': content: application/json: schema: $ref: '#/components/schemas/ListVulnerableAssetsResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: >- Bad request: The server cannot process the request due to invalid syntax in the request. '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: 'Forbidden: Access denied' '404': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: 'Not found: There is no request associated with the provided token.' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - appsec_vm_read summary: Datadog List Vulnerable Assets tags: - Assets - Lists x-menu-order: 26 x-undo: type: safe x-unstable: >- **Note**: This endpoint is a private preview. If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security/cloud_workload/policy/download: get: description: >- The download endpoint generates a Workload Protection policy file from your currently active Workload Protection agent rules, and downloads them as a `.policy` file. This file can then be deployed to your agents to update the policy running in your environment. **Note**: This endpoint should only be used for the Government (US1-FED) site. operationId: DownloadCloudWorkloadPolicyFile responses: '200': content: application/yaml: schema: format: binary type: string description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Download the Workload Protection Policy (us1-fed) tags: - Download - Policies - Protections x-menu-order: 17 x-permission: operator: OR permissions: - security_monitoring_cws_agent_rules_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security/sboms/{asset_type}: get: description: | Get a single SBOM related to an asset by its type and name. operationId: GetSBOM parameters: - description: The type of the asset for the SBOM request. example: Repository in: path name: asset_type required: true schema: $ref: '#/components/schemas/AssetType' - description: The name of the asset for the SBOM request. example: github.com/datadog/datadog-agent in: query name: filter[asset_name] required: true schema: type: string - description: >- The container image `repo_digest` for the SBOM request. When the requested asset type is 'Image', this filter is mandatory. example: >- sha256:0ae7da091191787229d321e3638e39c319a97d6e20f927d465b519d699215bf7 in: query name: filter[repo_digest] required: false schema: type: string responses: '200': content: application/json: schema: $ref: '#/components/schemas/GetSBOMResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: >- Bad request: The server cannot process the request due to invalid syntax in the request. '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: 'Forbidden: Access denied' '404': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: 'Not found: asset not found' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - appsec_vm_read summary: Datadog Get Sbom tags: - Get x-menu-order: 27 x-undo: type: safe x-unstable: >- **Note**: This endpoint is a private preview. If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security/signals/notification_rules: get: description: Returns the list of notification rules for security signals. operationId: GetSignalNotificationRules responses: '200': $ref: '#/components/responses/NotificationRulesList' '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_notification_profiles_read summary: Datadog Get the List of Signal-based Notification Rules tags: - Get - Lists - Rules x-menu-order: 15 x-permission: operator: OR permissions: - security_monitoring_notification_profiles_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Create a new notification rule for security signals and return the created rule. operationId: CreateSignalNotificationRule requestBody: content: application/json: schema: $ref: '#/components/schemas/CreateNotificationRuleParameters' description: > The body of the create notification rule request is composed of the rule type and the rule attributes: the rule name, the selectors, the notification targets, and the rule enabled status. required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/NotificationRuleResponse' description: Successfully created the notification rule. '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_notification_profiles_write summary: Datadog Create a New Signal-based Notification Rule tags: - Create - Rules x-codegen-request-body-name: body x-given: valid_signal_notification_rule: parameters: - name: body value: |- { "data": { "type": "notification_rules", "attributes": { "name": "{{ unique }}", "selectors": { "rule_types": ["signal_correlation"], "trigger_source": "security_signals", "severities": ["critical"], "query": "env:test" }, "targets": ["@email@email.com"], "enabled": true } } } step: there is a valid "valid_signal_notification_rule" in the system x-menu-order: 16 x-permission: operator: OR permissions: - security_monitoring_notification_profiles_write x-undo: operationId: DeleteSignalNotificationRule parameters: - name: id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security/signals/notification_rules/{id}: delete: description: Delete a notification rule for security signals. operationId: DeleteSignalNotificationRule parameters: - description: ID of the notification rule. in: path name: id required: true schema: type: string example: abc-123-def responses: '204': description: Rule successfully deleted. '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_notification_profiles_write summary: Datadog Delete a Signal-based Notification Rule tags: - Delete - Rules x-menu-order: 21 x-permission: operator: OR permissions: - security_monitoring_notification_profiles_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get the details of a notification rule for security signals. operationId: GetSignalNotificationRule parameters: - description: ID of the notification rule. in: path name: id required: true schema: type: string example: abc-123-def responses: '200': content: application/json: schema: $ref: '#/components/schemas/NotificationRuleResponse' description: Notification rule details. '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_notification_profiles_read summary: Datadog Get Details of a Signal-based Notification Rule tags: - Get - Rules x-menu-order: 18 x-permission: operator: OR permissions: - security_monitoring_notification_profiles_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- Partially update the notification rule. All fields are optional; if a field is not provided, it is not updated. operationId: PatchSignalNotificationRule parameters: - description: ID of the notification rule. in: path name: id required: true schema: type: string example: abc-123-def requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchNotificationRuleParameters' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/NotificationRuleResponse' description: Notification rule successfully patched. '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '422': $ref: '#/components/responses/UnprocessableEntityResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_notification_profiles_write summary: Datadog Patch a Signal-based Notification Rule tags: - Patch - Rules x-codegen-request-body-name: body x-menu-order: 20 x-permission: operator: OR permissions: - security_monitoring_notification_profiles_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security/vulnerabilities: get: description: > Get a list of vulnerabilities. ### Pagination Pagination is enabled by default in both `vulnerabilities` and `assets`. The size of the page varies depending on the endpoint and cannot be modified. To automate the request of the next page, you can use the links section in the response. This endpoint will return paginated responses. The pages are stored in the links section of the response: ```JSON { "data": [...], "meta": {...}, "links": { "self": "https://.../api/v2/security/vulnerabilities", "first": "https://.../api/v2/security/vulnerabilities?page[number]=1&page[token]=abc", "last": "https://.../api/v2/security/vulnerabilities?page[number]=43&page[token]=abc", "next": "https://.../api/v2/security/vulnerabilities?page[number]=2&page[token]=abc" } } ``` - `links.previous` is empty if the first page is requested. - `links.next` is empty if the last page is requested. #### Token Vulnerabilities can be created, updated or deleted at any point in time. Upon the first request, a token is created to ensure consistency across subsequent paginated requests. A token is valid only for 24 hours. #### First request We consider a request to be the first request when there is no `page[token]` parameter. The response of this first request contains the newly created token in the `links` section. This token can then be used in the subsequent paginated requests. #### Subsequent requests Any request containing valid `page[token]` and `page[number]` parameters will be considered a subsequent request. If the `token` is invalid, a `404` response will be returned. If the page `number` is invalid, a `400` response will be returned. ### Filtering The request can include some filter parameters to filter the data to be retrieved. The format of the filter parameters follows the [JSON:API format](https://jsonapi.org/format/#fetching-filtering): `filter[$prop_name]`, where `prop_name` is the property name in the entity being filtered by. All filters can include multiple values, where data will be filtered with an OR clause: `filter[title]=Title1,Title2` will filter all vulnerabilities where title is equal to `Title1` OR `Title2`. String filters are case sensitive. Boolean filters accept `true` or `false` as values. Number filters must include an operator as a second filter input: `filter[$prop_name][$operator]`. For example, for the vulnerabilities endpoint: `filter[cvss.base.score][lte]=8`. Available operators are: `eq` (==), `lt` (<), `lte` (<=), `gt` (>) and `gte` (>=). ### Metadata Following [JSON:API format](https://jsonapi.org/format/#document-meta), object including non-standard meta-information. This endpoint includes the meta member in the response. For more details on each of the properties included in this section, check the endpoints response tables. ```JSON { "data": [...], "meta": { "total": 1500, "count": 18732, "token": "some_token" }, "links": {...} } ``` operationId: ListVulnerabilities parameters: - description: >- Its value must come from the `links` section of the response of the first request. Do not manually edit it. example: >- b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4 in: query name: page[token] required: false schema: type: string - description: >- The page number to be retrieved. It should be equal or greater than `1` example: 1 in: query name: page[number] required: false schema: format: int64 minimum: 1 type: integer - description: Filter by vulnerability type. example: WeakCipher in: query name: filter[type] required: false schema: $ref: '#/components/schemas/VulnerabilityType' - description: >- Filter by vulnerability base (i.e. from the original advisory) severity score. example: 5.5 in: query name: filter[cvss.base.score][`$op`] required: false schema: format: double maximum: 10 minimum: 0 type: number - description: Filter by vulnerability base severity. example: Medium in: query name: filter[cvss.base.severity] required: false schema: $ref: '#/components/schemas/VulnerabilitySeverity' - description: Filter by vulnerability base CVSS vector. example: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H in: query name: filter[cvss.base.vector] required: false schema: type: string - description: Filter by vulnerability Datadog severity score. example: 4.3 in: query name: filter[cvss.datadog.score][`$op`] required: false schema: format: double maximum: 10 minimum: 0 type: number - description: Filter by vulnerability Datadog severity. example: Medium in: query name: filter[cvss.datadog.severity] required: false schema: $ref: '#/components/schemas/VulnerabilitySeverity' - description: Filter by vulnerability Datadog CVSS vector. example: >- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:X/RC:X/CR:X/IR:X/AR:X/MAV:L/MAC:H/MPR:L/MUI:N/MS:U/MC:N/MI:N/MA:H in: query name: filter[cvss.datadog.vector] required: false schema: type: string - description: Filter by the status of the vulnerability. example: Open in: query name: filter[status] required: false schema: $ref: '#/components/schemas/VulnerabilityStatus' - description: Filter by the tool of the vulnerability. example: SCA in: query name: filter[tool] required: false schema: $ref: '#/components/schemas/VulnerabilityTool' - description: Filter by library name. example: linux-aws-5.15 in: query name: filter[library.name] required: false schema: type: string - description: Filter by library version. example: 5.15.0 in: query name: filter[library.version] required: false schema: type: string - description: Filter by advisory ID. example: TRIVY-CVE-2023-0615 in: query name: filter[advisory_id] required: false schema: type: string - description: Filter by exploitation probability. example: false in: query name: filter[risks.exploitation_probability] required: false schema: type: boolean - description: Filter by POC exploit availability. example: false in: query name: filter[risks.poc_exploit_available] required: false schema: type: boolean - description: Filter by public exploit availability. example: false in: query name: filter[risks.exploit_available] required: false schema: type: boolean - description: >- Filter by vulnerability [EPSS](https://www.first.org/epss/) severity score. example: 0.00042 in: query name: filter[risks.epss.score][`$op`] required: false schema: format: double maximum: 1 minimum: 0 type: number - description: >- Filter by vulnerability [EPSS](https://www.first.org/epss/) severity. example: Low in: query name: filter[risks.epss.severity] required: false schema: $ref: '#/components/schemas/VulnerabilitySeverity' - description: Filter by language. example: ubuntu in: query name: filter[language] required: false schema: type: string - description: Filter by ecosystem. example: Deb in: query name: filter[ecosystem] required: false schema: $ref: '#/components/schemas/VulnerabilityEcosystem' - description: Filter by vulnerability location. example: com.example.Class:100 in: query name: filter[code_location.location] required: false schema: type: string - description: Filter by vulnerability file path. example: src/Class.java:100 in: query name: filter[code_location.file_path] required: false schema: type: string - description: Filter by method. example: FooBar in: query name: filter[code_location.method] required: false schema: type: string - description: Filter by fix availability. example: false in: query name: filter[fix_available] required: false schema: type: boolean - description: >- Filter by vulnerability `repo_digest` (when the vulnerability is related to `Image` asset). example: >- sha256:0ae7da091191787229d321e3638e39c319a97d6e20f927d465b519d699215bf7 in: query name: filter[repo_digests] required: false schema: type: string - description: Filter by asset name. example: datadog-agent in: query name: filter[asset.name] required: false schema: type: string - description: Filter by asset type. example: Host in: query name: filter[asset.type] required: false schema: $ref: '#/components/schemas/AssetType' - description: >- Filter by the first version of the asset this vulnerability has been detected on. example: v1.15.1 in: query name: filter[asset.version.first] required: false schema: type: string - description: >- Filter by the last version of the asset this vulnerability has been detected on. example: v1.15.1 in: query name: filter[asset.version.last] required: false schema: type: string - description: Filter by the repository url associated to the asset. example: github.com/DataDog/datadog-agent.git in: query name: filter[asset.repository_url] required: false schema: type: string - description: Filter whether the asset is in production or not. example: false in: query name: filter[asset.risks.in_production] required: false schema: type: boolean - description: Filter whether the asset is under attack or not. example: false in: query name: filter[asset.risks.under_attack] required: false schema: type: boolean - description: Filter whether the asset is publicly accessible or not. example: false in: query name: filter[asset.risks.is_publicly_accessible] required: false schema: type: boolean - description: Filter whether the asset is publicly accessible or not. example: false in: query name: filter[asset.risks.has_privileged_access] required: false schema: type: boolean - description: Filter whether the asset has access to sensitive data or not. example: false in: query name: filter[asset.risks.has_access_to_sensitive_data] required: false schema: type: boolean - description: Filter by asset environments. example: staging in: query name: filter[asset.environments] required: false schema: type: string - description: Filter by asset architecture. example: arm64 in: query name: filter[asset.arch] required: false schema: type: string - description: Filter by asset operating system name. example: ubuntu in: query name: filter[asset.operating_system.name] required: false schema: type: string - description: Filter by asset operating system version. example: '24.04' in: query name: filter[asset.operating_system.version] required: false schema: type: string responses: '200': content: application/json: schema: $ref: '#/components/schemas/ListVulnerabilitiesResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: >- Bad request: The server cannot process the request due to invalid syntax in the request. '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: 'Forbidden: Access denied' '404': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: 'Not found: There is no request associated with the provided token.' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - appsec_vm_read summary: Datadog List Vulnerabilities tags: - Lists - Vulnerabilities x-menu-order: 25 x-undo: type: safe x-unstable: >- **Note**: This endpoint is a private preview. If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security/vulnerabilities/notification_rules: get: description: Returns the list of notification rules for security vulnerabilities. operationId: GetVulnerabilityNotificationRules responses: '200': $ref: '#/components/responses/NotificationRulesList' '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_notification_profiles_read summary: Datadog Get the List of Vulnerability Notification Rules tags: - Get - Lists - Rules - Vulnerabilities x-menu-order: 15 x-permission: operator: OR permissions: - security_monitoring_notification_profiles_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Create a new notification rule for security vulnerabilities and return the created rule. operationId: CreateVulnerabilityNotificationRule requestBody: content: application/json: schema: $ref: '#/components/schemas/CreateNotificationRuleParameters' description: > The body of the create notification rule request is composed of the rule type and the rule attributes: the rule name, the selectors, the notification targets, and the rule enabled status. required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/NotificationRuleResponse' description: Successfully created the notification rule. '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_notification_profiles_write summary: Datadog Create a New Vulnerability-based Notification Rule tags: - Create - Rules x-codegen-request-body-name: body x-given: valid_vulnerability_notification_rule: parameters: - name: body value: |- { "data": { "type": "notification_rules", "attributes": { "name": "{{ unique }}", "selectors": { "rule_types": ["misconfiguration", "attack_path"], "trigger_source": "security_findings", "severities": ["critical"], "query": "env:test" }, "time_aggregation": 86400, "targets": ["@email@email.com"], "enabled": true } } } step: >- there is a valid "valid_vulnerability_notification_rule" in the system x-menu-order: 16 x-permission: operator: OR permissions: - security_monitoring_notification_profiles_write x-undo: operationId: DeleteVulnerabilityNotificationRule parameters: - name: id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security/vulnerabilities/notification_rules/{id}: delete: description: Delete a notification rule for security vulnerabilities. operationId: DeleteVulnerabilityNotificationRule parameters: - description: ID of the notification rule. in: path name: id required: true schema: type: string example: abc-123-def responses: '204': description: Rule successfully deleted. '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_notification_profiles_write summary: Datadog Delete a Vulnerability-based Notification Rule tags: - Delete - Rules x-menu-order: 21 x-permission: operator: OR permissions: - security_monitoring_notification_profiles_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get the details of a notification rule for security vulnerabilities. operationId: GetVulnerabilityNotificationRule parameters: - description: ID of the notification rule. in: path name: id required: true schema: type: string example: abc-123-def responses: '200': content: application/json: schema: $ref: '#/components/schemas/NotificationRuleResponse' description: Notification rule details. '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_notification_profiles_read summary: Datadog Get Details of a Vulnerability Notification Rule tags: - Get - Rules - Vulnerabilities x-menu-order: 18 x-permission: operator: OR permissions: - security_monitoring_notification_profiles_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- Partially update the notification rule. All fields are optional; if a field is not provided, it is not updated. operationId: PatchVulnerabilityNotificationRule parameters: - description: ID of the notification rule. in: path name: id required: true schema: type: string example: abc-123-def requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchNotificationRuleParameters' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/NotificationRuleResponse' description: Notification rule successfully patched. '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '422': $ref: '#/components/responses/UnprocessableEntityResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_notification_profiles_write summary: Datadog Patch a Vulnerability-based Notification Rule tags: - Patch - Rules x-codegen-request-body-name: body x-menu-order: 20 x-permission: operator: OR permissions: - security_monitoring_notification_profiles_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security_monitoring/cloud_workload_security/agent_rules: get: description: >- Get the list of agent rules. **Note**: This endpoint should only be used for the Government (US1-FED) site. operationId: ListCloudWorkloadSecurityAgentRules responses: '200': content: application/json: schema: $ref: >- #/components/schemas/CloudWorkloadSecurityAgentRulesListResponse description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get All Workload Protection Agent Rules (us1-fed) tags: - Agent - All - Get - Protections - Rules x-menu-order: 12 x-permission: operator: OR permissions: - security_monitoring_cws_agent_rules_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Create a new agent rule with the given parameters. **Note**: This endpoint should only be used for the Government (US1-FED) site. operationId: CreateCloudWorkloadSecurityAgentRule requestBody: content: application/json: schema: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleCreateRequest' description: The definition of the new agent rule required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create a Workload Protection Agent Rule (us1-fed) tags: - Agent - Create - Protections - Rules x-codegen-request-body-name: body x-given: agent_rule: parameters: - name: body value: |- { "data": { "type": "agent_rule", "attributes": { "name": "{{ unique_lower_alnum }}", "description": "My Agent rule", "expression": "exec.file.name == \"sh\"", "enabled": true } } } step: there is a valid "agent_rule" in the system x-menu-order: 14 x-permission: operator: OR permissions: - security_monitoring_cws_agent_rules_write x-undo: operationId: DeleteCloudWorkloadSecurityAgentRule parameters: - name: agent_rule_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security_monitoring/cloud_workload_security/agent_rules/{agent_rule_id}: delete: description: >- Delete a specific agent rule. **Note**: This endpoint should only be used for the Government (US1-FED) site. operationId: DeleteCloudWorkloadSecurityAgentRule parameters: - $ref: '#/components/parameters/CloudWorkloadSecurityAgentRuleID' responses: '204': description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete a Workload Protection Agent Rule (us1-fed) tags: - Agent - Delete - Protections - Rules x-menu-order: 16 x-permission: operator: OR permissions: - security_monitoring_cws_agent_rules_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: >- Get the details of a specific agent rule. **Note**: This endpoint should only be used for the Government (US1-FED) site. operationId: GetCloudWorkloadSecurityAgentRule parameters: - $ref: '#/components/parameters/CloudWorkloadSecurityAgentRuleID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get a Workload Protection Agent Rule (us1-fed) tags: - Agent - Get - Protections - Rules x-menu-order: 13 x-permission: operator: OR permissions: - security_monitoring_cws_agent_rules_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- Update a specific agent rule. Returns the agent rule object when the request is successful. **Note**: This endpoint should only be used for the Government (US1-FED) site. operationId: UpdateCloudWorkloadSecurityAgentRule parameters: - $ref: '#/components/parameters/CloudWorkloadSecurityAgentRuleID' requestBody: content: application/json: schema: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleUpdateRequest' description: New definition of the agent rule required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConcurrentModificationResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update a Workload Protection Agent Rule (us1-fed) tags: - Agent - Protections - Rules - Update x-codegen-request-body-name: body x-menu-order: 15 x-permission: operator: OR permissions: - security_monitoring_cws_agent_rules_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security_monitoring/configuration/security_filters: get: description: Get the list of configured security filters with their definitions. operationId: ListSecurityFilters responses: '200': content: application/json: schema: $ref: '#/components/schemas/SecurityFiltersResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_filters_read summary: Datadog Get All Security Filters tags: - All - Get - Security x-menu-order: 18 x-permission: operator: OR permissions: - security_monitoring_filters_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Create a security filter. See the [security filter guide](https://docs.datadoghq.com/security_platform/guide/how-to-setup-security-filters-using-security-monitoring-api/) for more examples. operationId: CreateSecurityFilter requestBody: content: application/json: schema: $ref: '#/components/schemas/SecurityFilterCreateRequest' description: The definition of the new security filter. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/SecurityFilterResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_filters_write summary: Datadog Create a Security Filter tags: - Create - Filter - Security x-codegen-request-body-name: body x-given: security_filter: parameters: - name: body value: |- { "data": { "type": "security_filters", "attributes": { "name": "{{ unique }}", "query": "service:{{ unique_alnum }}", "exclusion_filters":[ { "name": "Exclude logs from staging", "query": "source:staging" } ], "filtered_data_type":"logs", "is_enabled": true } } } step: there is a valid "security_filter" in the system x-menu-order: 17 x-permission: operator: OR permissions: - security_monitoring_filters_write x-undo: operationId: DeleteSecurityFilter parameters: - name: security_filter_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security_monitoring/configuration/security_filters/{security_filter_id}: delete: description: Delete a specific security filter. operationId: DeleteSecurityFilter parameters: - $ref: '#/components/parameters/SecurityFilterID' responses: '204': description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_filters_write summary: Datadog Delete a Security Filter tags: - Delete - Filter - Security x-menu-order: 14 x-permission: operator: OR permissions: - security_monitoring_filters_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: >- Get the details of a specific security filter. See the [security filter guide](https://docs.datadoghq.com/security_platform/guide/how-to-setup-security-filters-using-security-monitoring-api/) for more examples. operationId: GetSecurityFilter parameters: - $ref: '#/components/parameters/SecurityFilterID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/SecurityFilterResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_filters_read summary: Datadog Get a Security Filter tags: - Filter - Get - Security x-menu-order: 16 x-permission: operator: OR permissions: - security_monitoring_filters_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: |- Update a specific security filter. Returns the security filter object when the request is successful. operationId: UpdateSecurityFilter parameters: - $ref: '#/components/parameters/SecurityFilterID' requestBody: content: application/json: schema: $ref: '#/components/schemas/SecurityFilterUpdateRequest' description: New definition of the security filter. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/SecurityFilterResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConcurrentModificationResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_filters_write summary: Datadog Update a Security Filter tags: - Filter - Security - Update x-codegen-request-body-name: body x-menu-order: 15 x-permission: operator: OR permissions: - security_monitoring_filters_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security_monitoring/configuration/suppressions: get: description: Get the list of all suppression rules. operationId: ListSecurityMonitoringSuppressions responses: '200': content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringSuppressionsResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_suppressions_read summary: Datadog Get All Suppression Rules tags: - All - Get - Rules - Suppression x-menu-order: 0 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a new suppression rule. operationId: CreateSecurityMonitoringSuppression requestBody: content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringSuppressionCreateRequest' description: The definition of the new suppression rule. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringSuppressionResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_suppressions_write summary: Datadog Create a Suppression Rule tags: - Create - Rules - Suppression x-codegen-request-body-name: body x-given: suppression: parameters: - name: body value: |- { "data": { "type": "suppressions", "attributes": { "enabled": true, "name": "{{ unique }}", "description": "{{ unique }}", "rule_query": "source:cloudtrail", "suppression_query": "env:test" } } } step: there is a valid "suppression" in the system x-menu-order: 0 x-undo: operationId: DeleteSecurityMonitoringSuppression parameters: - name: suppression_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security_monitoring/configuration/suppressions/{suppression_id}: delete: description: Delete a specific suppression rule. operationId: DeleteSecurityMonitoringSuppression parameters: - $ref: '#/components/parameters/SecurityMonitoringSuppressionID' responses: '204': description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_suppressions_write summary: Datadog Delete a Suppression Rule tags: - Delete - Rules - Suppression x-menu-order: 0 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get the details of a specific suppression rule. operationId: GetSecurityMonitoringSuppression parameters: - $ref: '#/components/parameters/SecurityMonitoringSuppressionID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringSuppressionResponse' description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_suppressions_read summary: Datadog Get a Suppression Rule tags: - Get - Rules - Suppression x-menu-order: 0 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update a specific suppression rule. operationId: UpdateSecurityMonitoringSuppression parameters: - $ref: '#/components/parameters/SecurityMonitoringSuppressionID' requestBody: content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringSuppressionUpdateRequest' description: New definition of the suppression rule. Supports partial updates. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringSuppressionResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConcurrentModificationResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_suppressions_write summary: Datadog Update a Suppression Rule tags: - Rules - Suppression - Update x-menu-order: 0 x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security_monitoring/rules: get: description: List rules. operationId: ListSecurityMonitoringRules parameters: - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' responses: '200': content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringListRulesResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_rules_read summary: Datadog List Rules tags: - Lists - Rules x-menu-order: 4 x-permission: operator: OR permissions: - security_monitoring_rules_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a detection rule. operationId: CreateSecurityMonitoringRule requestBody: content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringRuleCreatePayload' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringRuleResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_rules_write summary: Datadog Create a Detection Rule tags: - Create - Detection - Rules x-codegen-request-body-name: body x-given: cloud_configuration_rule: parameters: - name: body value: |- { "name": "{{ unique }}_cloud", "tags": ["a:tag"], "type": "cloud_configuration", "isEnabled": false, "message": "Cloud configuration rule", "options": { "complianceRuleOptions": { "resourceType": "gcp_compute_disk", "regoRule": { "policy": "package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n", "resourceTypes": [ "gcp_compute_disk" ] }, "complexRule": false } }, "complianceSignalOptions": { "userActivationStatus": true, "userGroupByFields": ["@account_id"] }, "cases": [ { "status": "info", "notifications": ["channel"] } ] } step: there is a valid "cloud_configuration_rule" in the system security_rule: parameters: - name: body value: |- { "name": "{{ unique }}", "queries": [{ "query": "@test:true", "aggregation": "count", "groupByFields": [], "distinctFields": [], "metrics": [] }], "filters": [], "cases": [{ "name": "", "status": "info", "condition": "a > 0", "notifications": [] }], "options": { "evaluationWindow": 900, "keepAlive": 3600, "maxSignalDuration": 86400 }, "message": "Test rule", "tags": [], "isEnabled": true, "type": "log_detection" } step: there is a valid "security_rule" in the system security_rule_bis: parameters: - name: body value: |- { "name": "{{ unique }}_bis", "queries": [{ "query": "@test:false", "aggregation": "count", "groupByFields": [], "distinctFields": [], "metrics": [] }], "filters": [], "cases": [{ "name": "", "status": "info", "condition": "a > 0", "notifications": [] }], "options": { "evaluationWindow": 900, "keepAlive": 3600, "maxSignalDuration": 86400 }, "message": "Test rule Bis", "tags": [], "isEnabled": true, "type": "log_detection" } step: there is a valid "security_rule_bis" in the system x-menu-order: 4 x-permission: operator: OR permissions: - security_monitoring_rules_write x-undo: operationId: DeleteSecurityMonitoringRule parameters: - name: rule_id source: id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security_monitoring/rules/convert: post: description: >- Convert a rule that doesn't (yet) exist from JSON to Terraform for datadog provider resource datadog_security_monitoring_rule. operationId: ConvertSecurityMonitoringRuleFromJSONToTerraform requestBody: content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringRuleConvertPayload' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringRuleConvertResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/ConcurrentModificationResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_rules_write summary: Datadog Convert a Rule from Json to Terraform tags: - Convert - Rules - Terraform x-codegen-request-body-name: body x-menu-order: 12 x-permission: operator: OR permissions: - security_monitoring_rules_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security_monitoring/rules/test: post: description: Test a rule. operationId: TestSecurityMonitoringRule requestBody: content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringRuleTestRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringRuleTestResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/ConcurrentModificationResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_rules_write summary: Datadog Test a Rule tags: - Rules - Tests x-codegen-request-body-name: body x-menu-order: 9 x-permission: operator: OR permissions: - security_monitoring_rules_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security_monitoring/rules/validation: post: description: Validate a detection rule. operationId: ValidateSecurityMonitoringRule requestBody: content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringRuleValidatePayload' required: true responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_rules_write summary: Datadog Validate a Detection Rule tags: - Detection - Rules - Validate x-codegen-request-body-name: body x-menu-order: 10 x-permission: operator: OR permissions: - security_monitoring_rules_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security_monitoring/rules/{rule_id}: delete: description: Delete an existing rule. Default rules cannot be deleted. operationId: DeleteSecurityMonitoringRule parameters: - $ref: '#/components/parameters/SecurityMonitoringRuleID' responses: '204': description: OK '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_rules_write summary: Datadog Delete an Existing Rule tags: - Delete - Existing - Rules x-menu-order: 7 x-permission: operator: OR permissions: - security_monitoring_rules_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a rule's details. operationId: GetSecurityMonitoringRule parameters: - $ref: '#/components/parameters/SecurityMonitoringRuleID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringRuleResponse' description: OK '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_rules_read summary: Datadog Get a Rule's Details tags: - Get x-menu-order: 5 x-permission: operator: OR permissions: - security_monitoring_rules_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: >- Update an existing rule. When updating `cases`, `queries` or `options`, the whole field must be included. For example, when modifying a query all queries must be included. Default rules can only be updated to be enabled, to change notifications, or to update the tags (default tags cannot be removed). operationId: UpdateSecurityMonitoringRule parameters: - $ref: '#/components/parameters/SecurityMonitoringRuleID' requestBody: content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringRuleUpdatePayload' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringRuleResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/ConcurrentModificationResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_rules_write summary: Datadog Update an Existing Rule tags: - Existing - Rules - Update x-codegen-request-body-name: body x-menu-order: 6 x-permission: operator: OR permissions: - security_monitoring_rules_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security_monitoring/rules/{rule_id}/convert: get: description: |- Convert an existing rule from JSON to Terraform for datadog provider resource datadog_security_monitoring_rule. operationId: ConvertExistingSecurityMonitoringRule parameters: - $ref: '#/components/parameters/SecurityMonitoringRuleID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringRuleConvertResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_rules_read summary: Datadog Convert an Existing Rule from Json to Terraform tags: - Convert - Existing - Rules - Terraform x-menu-order: 11 x-permission: operator: OR permissions: - security_monitoring_rules_read x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security_monitoring/rules/{rule_id}/test: post: description: Test an existing rule. operationId: TestExistingSecurityMonitoringRule parameters: - $ref: '#/components/parameters/SecurityMonitoringRuleID' requestBody: content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringRuleTestRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringRuleTestResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/ConcurrentModificationResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_rules_write summary: Datadog Test an Existing Rule tags: - Existing - Rules - Tests x-codegen-request-body-name: body x-menu-order: 8 x-permission: operator: OR permissions: - security_monitoring_rules_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security_monitoring/rules/{rule_id}/version_history: get: description: Get a rule's version history. operationId: GetRuleVersionHistory parameters: - $ref: '#/components/parameters/SecurityMonitoringRuleID' - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' responses: '200': content: application/json: schema: $ref: '#/components/schemas/GetRuleVersionHistoryResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get a Rule's Version History tags: - Get - History - Versions x-menu-order: 25 x-permission: operator: OR permissions: - security_monitoring_rules_read x-undo: type: safe x-unstable: '**Note**: This endpoint is in beta and may be subject to changes.' x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security_monitoring/signals: get: description: >- The list endpoint returns security signals that match a search query. Both this endpoint and the POST endpoint can be used interchangeably when listing security signals. operationId: ListSecurityMonitoringSignals parameters: - description: The search query for security signals. example: security:attack status:high in: query name: filter[query] required: false schema: type: string - description: The minimum timestamp for requested security signals. example: '2019-01-02T09:42:36.320Z' in: query name: filter[from] required: false schema: format: date-time type: string - description: The maximum timestamp for requested security signals. example: '2019-01-03T09:42:36.320Z' in: query name: filter[to] required: false schema: format: date-time type: string - description: The order of the security signals in results. in: query name: sort required: false schema: $ref: '#/components/schemas/SecurityMonitoringSignalsSort' example: example_value - description: A list of results using the cursor provided in the previous query. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== in: query name: page[cursor] required: false schema: type: string - description: The maximum number of security signals in the response. example: 25 in: query name: page[limit] required: false schema: default: 10 format: int32 maximum: 1000 type: integer responses: '200': content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringSignalsListResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_signals_read summary: Datadog Get a Quick List of Security Signals tags: - Get - Lists - Security x-menu-order: 14 x-pagination: cursorParam: page[cursor] cursorPath: meta.page.after limitParam: page[limit] resultsPath: data x-permission: operator: OR permissions: - security_monitoring_signals_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security_monitoring/signals/search: post: description: >- Returns security signals that match a search query. Both this endpoint and the GET endpoint can be used interchangeably for listing security signals. operationId: SearchSecurityMonitoringSignals requestBody: content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringSignalListRequest' required: false responses: '200': content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringSignalsListResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_signals_read summary: Datadog Get a List of Security Signals tags: - Get - Lists - Security x-codegen-request-body-name: body x-menu-order: 13 x-pagination: cursorParam: body.page.cursor cursorPath: meta.page.after limitParam: body.page.limit resultsPath: data x-permission: operator: OR permissions: - security_monitoring_signals_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security_monitoring/signals/{signal_id}: get: description: Get a signal's details. operationId: GetSecurityMonitoringSignal parameters: - $ref: '#/components/parameters/SignalID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringSignalResponse' description: OK '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_signals_read summary: Datadog Get a Signal's Details tags: - Get x-menu-order: 13 x-permission: operator: OR permissions: - security_monitoring_signals_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security_monitoring/signals/{signal_id}/assignee: patch: description: Modify the triage assignee of a security signal. operationId: EditSecurityMonitoringSignalAssignee parameters: - $ref: '#/components/parameters/SignalID' requestBody: content: application/json: schema: $ref: >- #/components/schemas/SecurityMonitoringSignalAssigneeUpdateRequest description: Attributes describing the signal update. required: true responses: '200': content: application/json: schema: $ref: >- #/components/schemas/SecurityMonitoringSignalTriageUpdateResponse description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Modify the Triage Assignee of a Security Signal tags: - Assignee - Modify - Security - Signal x-codegen-request-body-name: body x-menu-order: 10 x-permission: operator: OR permissions: - security_monitoring_signals_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security_monitoring/signals/{signal_id}/incidents: patch: description: Change the related incidents for a security signal. operationId: EditSecurityMonitoringSignalIncidents parameters: - $ref: '#/components/parameters/SignalID' requestBody: content: application/json: schema: $ref: >- #/components/schemas/SecurityMonitoringSignalIncidentsUpdateRequest description: Attributes describing the signal update. required: true responses: '200': content: application/json: schema: $ref: >- #/components/schemas/SecurityMonitoringSignalTriageUpdateResponse description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Change the Related Incidents of a Security Signal tags: - Change - Related - Security - Signal x-codegen-request-body-name: body x-menu-order: 11 x-permission: operator: OR permissions: - security_monitoring_signals_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/security_monitoring/signals/{signal_id}/state: patch: description: Change the triage state of a security signal. operationId: EditSecurityMonitoringSignalState parameters: - $ref: '#/components/parameters/SignalID' requestBody: content: application/json: schema: $ref: '#/components/schemas/SecurityMonitoringSignalStateUpdateRequest' description: Attributes describing the signal update. required: true responses: '200': content: application/json: schema: $ref: >- #/components/schemas/SecurityMonitoringSignalTriageUpdateResponse description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Change the Triage State of a Security Signal tags: - Change - Security - Signal - State x-codegen-request-body-name: body x-menu-order: 12 x-permission: operator: OR permissions: - security_monitoring_signals_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/sensitive-data-scanner/config: get: description: List all the Scanning groups in your organization. operationId: ListScanningGroups responses: '200': content: application/json: schema: $ref: '#/components/schemas/SensitiveDataScannerGetConfigResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication Error '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List Scanning Groups tags: - Groups - Lists - Scanning x-given: configuration: step: a valid "configuration" in the system x-menu-order: 1 x-permission: operator: OR permissions: - data_scanner_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Reorder the list of groups. operationId: ReorderScanningGroups requestBody: content: application/json: schema: $ref: '#/components/schemas/SensitiveDataScannerConfigRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/SensitiveDataScannerReorderGroupsResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication Error '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Reorder Groups tags: - Groups - Reorder x-codegen-request-body-name: body x-menu-order: 2 x-permission: operator: OR permissions: - data_scanner_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/sensitive-data-scanner/config/groups: post: description: >- Create a scanning group. The request MAY include a configuration relationship. A rules relationship can be omitted entirely, but if it is included it MUST be null or an empty array (rules cannot be created at the same time). The new group will be ordered last within the configuration. operationId: CreateScanningGroup requestBody: content: application/json: schema: $ref: '#/components/schemas/SensitiveDataScannerGroupCreateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/SensitiveDataScannerCreateGroupResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication Error '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create Scanning Group tags: - Create - Groups - Scanning x-codegen-request-body-name: body x-given: group: parameters: - name: body value: |- { "data": { "type": "sensitive_data_scanner_group", "attributes": { "name": "my-test-group", "is_enabled": false, "product_list": [ "logs" ], "filter": { "query": "*" } }, "relationships": { "configuration": { "data": { "id": "{{ configuration.data.id }}", "type": "{{ configuration.data.type }}" } }, "rules": { "data": [] } } }, "meta": {} } step: there is a valid "scanning_group" in the system x-menu-order: 4 x-permission: operator: OR permissions: - data_scanner_write x-undo: operationId: DeleteScanningGroup parameters: - name: group_id source: data.id - name: body template: |- { "meta": {} } type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/sensitive-data-scanner/config/groups/{group_id}: delete: description: Delete a given group. operationId: DeleteScanningGroup parameters: - $ref: '#/components/parameters/SensitiveDataScannerGroupID' requestBody: content: application/json: schema: $ref: '#/components/schemas/SensitiveDataScannerGroupDeleteRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/SensitiveDataScannerGroupDeleteResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication Error '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete Scanning Group tags: - Delete - Groups - Scanning x-codegen-request-body-name: body x-menu-order: 6 x-permission: operator: OR permissions: - data_scanner_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- Update a group, including the order of the rules. Rules within the group are reordered by including a rules relationship. If the rules relationship is present, its data section MUST contain linkages for all of the rules currently in the group, and MUST NOT contain any others. operationId: UpdateScanningGroup parameters: - $ref: '#/components/parameters/SensitiveDataScannerGroupID' requestBody: content: application/json: schema: $ref: '#/components/schemas/SensitiveDataScannerGroupUpdateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/SensitiveDataScannerGroupUpdateResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication Error '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update Scanning Group tags: - Groups - Scanning - Update x-codegen-request-body-name: body x-menu-order: 5 x-permission: operator: OR permissions: - data_scanner_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/sensitive-data-scanner/config/rules: post: description: >- Create a scanning rule in a sensitive data scanner group, ordered last. The posted rule MUST include a group relationship. It MUST include either a standard_pattern relationship or a regex attribute, but not both. If included_attributes is empty or missing, we will scan all attributes except excluded_attributes. If both are missing, we will scan the whole event. operationId: CreateScanningRule requestBody: content: application/json: schema: $ref: '#/components/schemas/SensitiveDataScannerRuleCreateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/SensitiveDataScannerCreateRuleResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication Error '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create Scanning Rule tags: - Create - Rules - Scanning x-codegen-request-body-name: body x-given: rule: parameters: - name: body value: |- { "data": { "type": "sensitive_data_scanner_rule", "attributes": { "name": "{{ unique }}", "pattern": "pattern", "namespaces": ["admin.email"], "text_replacement": { "type": "none" }, "tags":[ "sensitive_data:true" ], "is_enabled":true }, "relationships": { "group": { "data": { "id": "{{ group.data.id }}", "type": "{{ group.data.type }}" } } } }, "meta": {} } step: the "scanning_group" has a "scanning_rule" x-menu-order: 7 x-permission: operator: OR permissions: - data_scanner_write x-undo: operationId: DeleteScanningRule parameters: - name: rule_id source: data.id - name: body template: |- { "meta": {} } type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/sensitive-data-scanner/config/rules/{rule_id}: delete: description: Delete a given rule. operationId: DeleteScanningRule parameters: - $ref: '#/components/parameters/SensitiveDataScannerRuleID' requestBody: content: application/json: schema: $ref: '#/components/schemas/SensitiveDataScannerRuleDeleteRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/SensitiveDataScannerRuleDeleteResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication Error '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete Scanning Rule tags: - Delete - Rules - Scanning x-codegen-request-body-name: body x-menu-order: 9 x-permission: operator: OR permissions: - data_scanner_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- Update a scanning rule. The request body MUST NOT include a standard_pattern relationship, as that relationship is non-editable. Trying to edit the regex attribute of a rule with a standard_pattern relationship will also result in an error. operationId: UpdateScanningRule parameters: - $ref: '#/components/parameters/SensitiveDataScannerRuleID' requestBody: content: application/json: schema: $ref: '#/components/schemas/SensitiveDataScannerRuleUpdateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/SensitiveDataScannerRuleUpdateResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication Error '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Update Scanning Rule tags: - Rules - Scanning - Update x-codegen-request-body-name: body x-menu-order: 8 x-permission: operator: OR permissions: - data_scanner_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/sensitive-data-scanner/config/standard-patterns: get: description: Returns all standard patterns. operationId: ListStandardPatterns responses: '200': content: application/json: schema: $ref: >- #/components/schemas/SensitiveDataScannerStandardPatternsResponseData description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication Error '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List Standard Patterns tags: - Lists - Patterns - Standard x-menu-order: 3 x-permission: operator: OR permissions: - data_scanner_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/series: post: description: >- The metrics end-point allows you to post time-series data that can be graphed on Datadog’s dashboards. The maximum payload size is 500 kilobytes (512000 bytes). Compressed payloads must have a decompressed size of less than 5 megabytes (5242880 bytes). If you’re submitting metrics directly to the Datadog API without using DogStatsD, expect: - 64 bits for the timestamp - 64 bits for the value - 20 bytes for the metric names - 50 bytes for the timeseries - The full payload is approximately 100 bytes. Host name is one of the resources in the Resources field. operationId: SubmitMetrics parameters: - description: HTTP header used to compress the media-type. in: header name: Content-Encoding required: false schema: $ref: '#/components/schemas/MetricContentEncoding' example: example_value requestBody: content: application/json: examples: dynamic-points: description: >- Post time-series data that can be graphed on Datadog’s dashboards. externalValue: examples/metrics/dynamic-points.json.sh summary: Dynamic Points x-variables: NOW: $(date +%s) schema: $ref: '#/components/schemas/MetricPayload' required: true responses: '202': content: application/json: schema: $ref: '#/components/schemas/IntakePayloadAccepted' description: Payload accepted '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '408': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Request timeout '413': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Payload too large '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] summary: Datadog Submit Metrics tags: - Metrics - Submit x-codegen-request-body-name: body x-menu-order: 1 x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/service_accounts: post: description: Create a service account for your organization. operationId: CreateServiceAccount requestBody: content: application/json: schema: $ref: '#/components/schemas/ServiceAccountCreateRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/UserResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create a Service Account tags: - Account - Create x-codegen-request-body-name: body x-given: service_account_user: parameters: - name: body value: |- { "data": { "attributes": { "email": "{{ unique }}@datadoghq.com", "title": "user title", "service_account": true }, "type": "users" } } step: there is a valid "service_account_user" in the system x-menu-order: 1 x-permission: operator: OR permissions: - service_account_write x-undo: operationId: DisableUser parameters: - name: user_id source: data.id tag: Users type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/service_accounts/{service_account_id}/application_keys: get: description: List all application keys available for this service account. operationId: ListServiceAccountApplicationKeys parameters: - $ref: '#/components/parameters/ServiceAccountID' - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' - $ref: '#/components/parameters/ApplicationKeysSortParameter' - $ref: '#/components/parameters/ApplicationKeyFilterParameter' - $ref: '#/components/parameters/ApplicationKeyFilterCreatedAtStartParameter' - $ref: '#/components/parameters/ApplicationKeyFilterCreatedAtEndParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/ListApplicationKeysResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog List Application Keys for This Service Account tags: - Account - Applications - Keys - Lists x-menu-order: 6 x-permission: operator: OR permissions: - service_account_write x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create an application key for this service account. operationId: CreateServiceAccountApplicationKey parameters: - $ref: '#/components/parameters/ServiceAccountID' requestBody: content: application/json: schema: $ref: '#/components/schemas/ApplicationKeyCreateRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/ApplicationKeyResponse' description: Created '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Create an Application Key for This Service Account tags: - Account - Applications - Create - Keys x-codegen-request-body-name: body x-given: service_account_application_key: parameters: - name: service_account_id value: '"{{ service_account_user.data.id }}"' - name: body value: |- { "data": { "attributes": { "name": "{{ unique }}" }, "type": "application_keys" } } step: >- there is a valid "service_account_application_key" for "service_account_user" x-menu-order: 5 x-permission: operator: OR permissions: - service_account_write x-undo: operationId: DeleteServiceAccountApplicationKey parameters: - name: app_key_id source: data.id - name: service_account_id source: data.relationships.owned_by.data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: get: false /api/v2/service_accounts/{service_account_id}/application_keys/{app_key_id}: delete: description: Delete an application key owned by this service account. operationId: DeleteServiceAccountApplicationKey parameters: - $ref: '#/components/parameters/ServiceAccountID' - $ref: '#/components/parameters/ApplicationKeyID' responses: '204': description: No Content '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Delete an Application Key for This Service Account tags: - Account - Applications - Delete - Keys x-menu-order: 3 x-permission: operator: OR permissions: - service_account_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get an application key owned by this service account. operationId: GetServiceAccountApplicationKey parameters: - $ref: '#/components/parameters/ServiceAccountID' - $ref: '#/components/parameters/ApplicationKeyID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/PartialApplicationKeyResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get One Application Key for This Service Account tags: - Account - Applications - Get - Keys x-menu-order: 1 x-permission: operator: OR permissions: - service_account_write x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Edit an application key owned by this service account. operationId: UpdateServiceAccountApplicationKey parameters: - $ref: '#/components/parameters/ServiceAccountID' - $ref: '#/components/parameters/ApplicationKeyID' requestBody: content: application/json: schema: $ref: '#/components/schemas/ApplicationKeyUpdateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/PartialApplicationKeyResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Edit an Application Key for This Service Account tags: - Account - Applications - Edit - Keys x-codegen-request-body-name: body x-menu-order: 2 x-permission: operator: OR permissions: - service_account_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: true /api/v2/services: get: deprecated: true description: >- Get all incident services uploaded for the requesting user's organization. If the `include[users]` query parameter is provided, the included attribute will contain the users related to these incident services. operationId: ListIncidentServices parameters: - $ref: '#/components/parameters/IncidentServiceIncludeQueryParameter' - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageOffset' - $ref: '#/components/parameters/IncidentServiceSearchQueryParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/IncidentServicesResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_read summary: Datadog Get a List of All Incident Services tags: - All - Get - Incident - Lists x-menu-order: 4 x-permission: operator: OR permissions: - incident_read x-undo: type: safe x-unstable: '**Note**: This endpoint is deprecated.' x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: deprecated: true description: Creates a new incident service. operationId: CreateIncidentService requestBody: content: application/json: schema: $ref: '#/components/schemas/IncidentServiceCreateRequest' description: Incident Service Payload. required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/IncidentServiceResponse' description: CREATED '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_settings_write summary: Datadog Create a New Incident Service tags: - Create - Incident x-codegen-request-body-name: body x-given: service: parameters: - name: body value: |- { "data": { "attributes": { "name": "{{ unique }}" }, "type": "services" } } step: there is a valid "service" in the system x-menu-order: 5 x-permission: operator: OR permissions: - incident_settings_write x-undo: operationId: DeleteIncidentService parameters: - name: service_id source: data.id type: unsafe x-unstable: '**Note**: This endpoint is deprecated.' x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/services/definitions: get: description: Get a list of all service definitions from the Datadog Service Catalog. operationId: ListServiceDefinitions parameters: - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' - $ref: '#/components/parameters/SchemaVersion' responses: '200': content: application/json: schema: $ref: '#/components/schemas/ServiceDefinitionsListResponse' description: OK '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_service_catalog_read summary: Datadog Get All Service Definitions tags: - All - Definitions - Get x-menu-order: 1 x-pagination: limitParam: page[size] pageParam: page[number] resultsPath: data x-permission: operator: OR permissions: - apm_service_catalog_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create or update service definition in the Datadog Service Catalog. operationId: CreateOrUpdateServiceDefinitions requestBody: content: application/json: schema: $ref: '#/components/schemas/ServiceDefinitionsCreateRequest' description: Service Definition YAML/JSON. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/ServiceDefinitionCreateResponse' description: CREATED '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_service_catalog_write summary: Datadog Create or Update Service Definition tags: - Create - Definition - Update x-codegen-request-body-name: body x-given: service_definition: parameters: - name: body value: |- { "dd-service": "service-{{ unique_lower_alnum }}", "dd-team": "my-team", "docs": [{"name": "Architecture", "provider": "google drive", "url": "https://gdrive/mygivedoc"}], "extensions": {"frogextension": "extensionfrogvalue"}, "integrations": {"opsgenie": {"region": "US", "service-url": "https://my-org.opsgenie.com/service/123e4567-e89b-12d3-a456-426614174000"}, "pagerduty": "https://my-org.pagerduty.com/service-directory/PMyService"}, "links": [{"name": "Runbook", "type": "runbook", "url": "https://my-runbook"}], "repos": [{"name": "Source Code", "provider": "GitHub", "url": "https://github.com/DataDog/given"}], "schema-version": "v2", "tags": ["this:tag", "service:tag"], "team": "super-team" } step: there is a valid "service_definition" in the system x-menu-order: 2 x-permission: operator: OR permissions: - apm_service_catalog_write x-undo: operationId: DeleteServiceDefinition parameters: - name: service_name source: data[0].attributes.schema.dd-service type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/services/definitions/{service_name}: delete: description: Delete a single service definition in the Datadog Service Catalog. operationId: DeleteServiceDefinition parameters: - $ref: '#/components/parameters/ServiceName' responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_service_catalog_write summary: Datadog Delete a Single Service Definition tags: - Definition - Delete - Single x-menu-order: 4 x-permission: operator: OR permissions: - apm_service_catalog_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a single service definition from the Datadog Service Catalog. operationId: GetServiceDefinition parameters: - $ref: '#/components/parameters/ServiceName' - $ref: '#/components/parameters/SchemaVersion' responses: '200': content: application/json: schema: $ref: '#/components/schemas/ServiceDefinitionGetResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_service_catalog_read summary: Datadog Get a Single Service Definition tags: - Definition - Get - Single x-menu-order: 3 x-permission: operator: OR permissions: - apm_service_catalog_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/services/{service_id}: delete: deprecated: true description: Deletes an existing incident service. operationId: DeleteIncidentService parameters: - $ref: '#/components/parameters/IncidentServiceIDPathParameter' responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_settings_write summary: Datadog Delete an Existing Incident Service tags: - Delete - Existing - Incident x-menu-order: 2 x-permission: operator: OR permissions: - incident_settings_write x-undo: type: idempotent x-unstable: '**Note**: This endpoint is deprecated.' x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: deprecated: true description: >- Get details of an incident service. If the `include[users]` query parameter is provided, the included attribute will contain the users related to these incident services. operationId: GetIncidentService parameters: - $ref: '#/components/parameters/IncidentServiceIDPathParameter' - $ref: '#/components/parameters/IncidentServiceIncludeQueryParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/IncidentServiceResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_read summary: Datadog Get Details of an Incident Service tags: - Get - Incident x-menu-order: 1 x-permission: operator: OR permissions: - incident_read x-undo: type: safe x-unstable: '**Note**: This endpoint is deprecated.' x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: deprecated: true description: >- Updates an existing incident service. Only provide the attributes which should be updated as this request is a partial update. operationId: UpdateIncidentService parameters: - $ref: '#/components/parameters/IncidentServiceIDPathParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/IncidentServiceUpdateRequest' description: Incident Service Payload. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/IncidentServiceResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_settings_write summary: Datadog Update an Existing Incident Service tags: - Existing - Incident - Update x-codegen-request-body-name: body x-menu-order: 3 x-permission: operator: OR permissions: - incident_settings_write x-undo: type: idempotent x-unstable: '**Note**: This endpoint is deprecated.' x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/siem-historical-detections/jobs: get: description: List historical jobs. operationId: ListHistoricalJobs parameters: - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' - description: The order of the jobs in results. example: status in: query name: sort required: false schema: type: string - description: Query used to filter items from the fetched list. example: security:attack status:high in: query name: filter[query] required: false schema: type: string responses: '200': content: application/json: schema: $ref: '#/components/schemas/ListHistoricalJobsResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog List Historical Jobs tags: - Historical - Jobs - Lists x-menu-order: 20 x-undo: type: safe x-unstable: |- **Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates. x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Run a historical job. operationId: RunHistoricalJob requestBody: content: application/json: schema: $ref: '#/components/schemas/RunHistoricalJobRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/JobCreateResponse' description: Status created '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/ConcurrentModificationResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_rules_write summary: Datadog Run a Historical Job tags: - Historical - Jobs - Runs x-codegen-request-body-name: body x-given: historical_job: parameters: - name: body value: |- { "data": { "type": "historicalDetectionsJobCreate", "attributes": { "jobDefinition": { "type": "log_detection", "name": "Excessive number of failed attempts.", "queries": [ { "query": "source:non_existing_src_weekend", "aggregation": "count", "groupByFields": [], "distinctFields": [] } ], "cases": [ { "name": "Condition 1", "status": "info", "notifications": [], "condition": "a > 1" } ], "options": { "keepAlive": 3600, "maxSignalDuration": 86400, "evaluationWindow": 900 }, "message": "A large number of failed login attempts.", "tags": [], "from": 1730387522611, "to": 1730387532611, "index": "main" } } } } step: there is a valid "historical_job" in the system x-menu-order: 19 x-permission: operator: OR permissions: - security_monitoring_rules_write x-undo: type: idempotent x-unstable: |- **Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates. x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/siem-historical-detections/jobs/signal_convert: post: description: Convert a job result to a signal. operationId: ConvertJobResultToSignal requestBody: content: application/json: schema: $ref: '#/components/schemas/ConvertJobResultsToSignalsRequest' required: true responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/ConcurrentModificationResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Convert a Job Result to a Signal tags: - Convert - Jobs - Result - Signal x-codegen-request-body-name: body x-menu-order: 24 x-permission: operator: OR permissions: - security_monitoring_signals_write x-undo: type: idempotent x-unstable: |- **Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates. x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/siem-historical-detections/jobs/{job_id}: delete: description: Delete an existing job. operationId: DeleteHistoricalJob parameters: - $ref: '#/components/parameters/HistoricalJobID' responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/ConcurrentModificationResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Delete an Existing Job tags: - Delete - Existing - Jobs x-menu-order: 23 x-undo: type: idempotent x-unstable: |- **Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates. x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a job's details. operationId: GetHistoricalJob parameters: - $ref: '#/components/parameters/HistoricalJobID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/HistoricalJobResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_rules_read summary: Datadog Get a Job's Details tags: - Get x-menu-order: 21 x-permission: operator: OR permissions: - security_monitoring_rules_read x-undo: type: safe x-unstable: |- **Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates. x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/siem-historical-detections/jobs/{job_id}/cancel: patch: description: Cancel a historical job. operationId: CancelHistoricalJob parameters: - $ref: '#/components/parameters/HistoricalJobID' responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/ConcurrentModificationResponse' '403': $ref: '#/components/responses/NotAuthorizedResponse' '404': $ref: '#/components/responses/NotFoundResponse' '409': $ref: '#/components/responses/ConflictResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - security_monitoring_rules_write summary: Datadog Cancel a Historical Job tags: - Cancel - Historical - Jobs x-menu-order: 22 x-permission: operator: OR permissions: - security_monitoring_rules_write x-undo: type: idempotent x-unstable: |- **Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates. x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/slo/report: post: description: >- Create a job to generate an SLO report. The report job is processed asynchronously and eventually results in a CSV report being available for download. Check the status of the job and download the CSV report using the returned `report_id`. operationId: CreateSLOReportJob requestBody: content: application/json: schema: $ref: '#/components/schemas/SloReportCreateRequest' description: Create SLO report job request body. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/SLOReportPostResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - slos_read summary: Datadog Create a New Slo Report tags: - Create - Reports x-codegen-request-body-name: body x-given: report: parameters: - name: body value: |- { "data": { "attributes": { "query": "slo_type:metric \"SLO Reporting Test\"", "interval": "monthly", "from_ts": {{ timestamp("now - 21d") }}, "to_ts": {{ timestamp("now") }} } } } step: there is a valid "report" in the system x-menu-order: 101 x-permission: operator: OR permissions: - slos_read x-undo: type: safe x-unstable: >- **Note**: This feature is in private beta. To request access, use the request access form in the [Service Level Objectives](https://docs.datadoghq.com/service_management/service_level_objectives/#slo-csv-export) docs. x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/slo/report/{report_id}/download: get: description: >- Download an SLO report. This can only be performed after the report job has completed. Reports are not guaranteed to exist indefinitely. Datadog recommends that you download the report as soon as it is available. operationId: GetSLOReport parameters: - $ref: '#/components/parameters/ReportID' responses: '200': content: text/csv: schema: type: string description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - slos_read summary: Datadog Get Slo Report tags: - Get - Reports x-menu-order: 103 x-undo: type: safe x-unstable: >- **Note**: This feature is in private beta. To request access, use the request access form in the [Service Level Objectives](https://docs.datadoghq.com/service_management/service_level_objectives/#slo-csv-export) docs. x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/slo/report/{report_id}/status: get: description: Get the status of the SLO report job. operationId: GetSLOReportJobStatus parameters: - $ref: '#/components/parameters/ReportID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/SLOReportStatusGetResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - slos_read summary: Datadog Get Slo Report Status tags: - Get - Reports - Status x-menu-order: 102 x-undo: type: safe x-unstable: >- **Note**: This feature is in private beta. To request access, use the request access form in the [Service Level Objectives](https://docs.datadoghq.com/service_management/service_level_objectives/#slo-csv-export) docs. x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/spans/analytics/aggregate: post: description: >- The API endpoint to aggregate spans into buckets and compute metrics and timeseries. This endpoint is rate limited to `300` requests per hour. operationId: AggregateSpans requestBody: content: application/json: schema: $ref: '#/components/schemas/SpansAggregateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/SpansAggregateResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_read summary: Datadog Aggregate Spans tags: - Aggregate x-codegen-request-body-name: body x-menu-order: 3 x-permission: operator: OR permissions: - apm_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/spans/events: get: description: |- List endpoint returns spans that match a span search query. [Results are paginated][1]. Use this endpoint to see your latest spans. This endpoint is rate limited to `300` requests per hour. [1]: /logs/guide/collect-multiple-logs-with-pagination?tab=v2api operationId: ListSpansGet parameters: - description: Search query following spans syntax. example: '@datacenter:us @role:db' in: query name: filter[query] required: false schema: type: string - description: >- Minimum timestamp for requested spans. Supports date-time ISO8601, date math, and regular timestamps (milliseconds). example: '2023-01-02T09:42:36.320Z' in: query name: filter[from] required: false schema: type: string - description: >- Maximum timestamp for requested spans. Supports date-time ISO8601, date math, and regular timestamps (milliseconds). example: '2023-01-03T09:42:36.320Z' in: query name: filter[to] required: false schema: type: string - description: Order of spans in results. in: query name: sort required: false schema: $ref: '#/components/schemas/SpansSort' example: example_value - description: List following results with a cursor provided in the previous query. example: >- eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== in: query name: page[cursor] required: false schema: type: string - description: Maximum number of spans in the response. example: 25 in: query name: page[limit] required: false schema: default: 10 format: int32 maximum: 1000 type: integer responses: '200': content: application/json: schema: $ref: '#/components/schemas/SpansListResponse' description: OK '400': $ref: '#/components/responses/SpansBadRequestResponse' '403': $ref: '#/components/responses/SpansForbiddenResponse' '422': $ref: '#/components/responses/SpansUnprocessableEntityResponse' '429': $ref: '#/components/responses/SpansTooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_read summary: Datadog Get a List of Spans tags: - Get - Lists x-menu-order: 1 x-pagination: cursorParam: page[cursor] cursorPath: meta.page.after limitParam: page[limit] resultsPath: data x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/spans/events/search: post: description: |- List endpoint returns spans that match a span search query. [Results are paginated][1]. Use this endpoint to build complex spans filtering and search. This endpoint is rate limited to `300` requests per hour. [1]: /logs/guide/collect-multiple-logs-with-pagination?tab=v2api operationId: ListSpans requestBody: content: application/json: schema: $ref: '#/components/schemas/SpansListRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/SpansListResponse' description: OK '400': $ref: '#/components/responses/SpansBadRequestResponse' '403': $ref: '#/components/responses/SpansForbiddenResponse' '422': $ref: '#/components/responses/SpansUnprocessableEntityResponse' '429': $ref: '#/components/responses/SpansTooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - apm_read summary: Datadog Search Spans tags: - Search x-codegen-request-body-name: body x-menu-order: 2 x-pagination: cursorParam: body.data.attributes.page.cursor cursorPath: meta.page.after limitParam: body.data.attributes.page.limit resultsPath: data x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/synthetics/settings/on_demand_concurrency_cap: get: description: Get the on-demand concurrency cap. operationId: GetOnDemandConcurrencyCap responses: '200': content: application/json: schema: $ref: '#/components/schemas/OnDemandConcurrencyCapResponse' description: OK '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Get the On-demand Concurrency Cap tags: - Cap - Get x-menu-order: 10 x-permission: operator: OR permissions: - billing_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Save new value for on-demand concurrency cap. operationId: SetOnDemandConcurrencyCap requestBody: content: application/json: schema: $ref: '#/components/schemas/OnDemandConcurrencyCapAttributes' description: . required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/OnDemandConcurrencyCapResponse' description: OK '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Save New Value for On-demand Concurrency Cap tags: - Cap - Save - Value x-codegen-request-body-name: body x-menu-order: 11 x-permission: operator: OR permissions: - billing_edit x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/team: get: description: >- Get all teams. Can be used to search for teams using the `filter[keyword]` and `filter[me]` query parameters. operationId: ListTeams parameters: - $ref: '#/components/parameters/PageNumber' - $ref: '#/components/parameters/PageSize' - description: Specifies the order of the returned teams in: query name: sort required: false schema: $ref: '#/components/schemas/ListTeamsSort' example: example_value - description: >- Included related resources optionally requested. Allowed enum values: `team_links, user_team_permissions` in: query name: include required: false schema: items: $ref: '#/components/schemas/ListTeamsInclude' type: array - description: Search query. Can be team name, team handle, or email of team member in: query name: filter[keyword] required: false schema: type: string example: example_value - description: When true, only returns teams the current user belongs to in: query name: filter[me] required: false schema: type: boolean example: true - description: List of fields that need to be fetched. explode: false in: query name: fields[team] required: false schema: items: $ref: '#/components/schemas/TeamsField' type: array responses: '200': content: application/json: schema: $ref: '#/components/schemas/TeamsResponse' description: OK '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - teams_read summary: Datadog Get All Teams tags: - All - Get - Teams x-menu-order: 1 x-pagination: limitParam: page[size] pageParam: page[number] resultsPath: data x-permission: operator: OR permissions: - teams_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Create a new team. User IDs passed through the `users` relationship field are added to the team. operationId: CreateTeam requestBody: content: application/json: schema: $ref: '#/components/schemas/TeamCreateRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/TeamResponse' description: CREATED '403': $ref: '#/components/responses/ForbiddenResponse' '409': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - teams_read - teams_manage summary: Datadog Create a Team tags: - Create - Teams x-codegen-request-body-name: body x-given: dd_team: parameters: - name: body value: |- { "data": { "attributes": { "handle": "test-handle-{{ unique_hash }}", "name": "test-name-{{ unique_hash }}" }, "type": "team" } } step: there is a valid "dd_team" in the system x-menu-order: 2 x-permission: operator: AND permissions: - teams_read - teams_manage x-undo: operationId: DeleteTeam parameters: - name: team_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: get: false post: false /api/v2/team/{team_id}: delete: description: Remove a team using the team's `id`. operationId: DeleteTeam parameters: - description: None in: path name: team_id required: true schema: type: string example: abc-123-def responses: '204': description: No Content '403': $ref: '#/components/responses/ForbiddenResponse' '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - teams_read - teams_manage summary: Datadog Remove a Team tags: - Remove - Teams x-menu-order: 5 x-permission: operator: AND permissions: - teams_read - teams_manage x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a single team using the team's `id`. operationId: GetTeam parameters: - description: None in: path name: team_id required: true schema: type: string example: abc-123-def responses: '200': content: application/json: schema: $ref: '#/components/schemas/TeamResponse' description: OK '403': $ref: '#/components/responses/ForbiddenResponse' '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - teams_read summary: Datadog Get a Team tags: - Get - Teams x-menu-order: 3 x-permission: operator: OR permissions: - teams_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- Update a team using the team's `id`. If the `team_links` relationship is present, the associated links are updated to be in the order they appear in the array, and any existing team links not present are removed. operationId: UpdateTeam parameters: - description: None in: path name: team_id required: true schema: type: string example: abc-123-def requestBody: content: application/json: schema: $ref: '#/components/schemas/TeamUpdateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/TeamResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '403': $ref: '#/components/responses/ForbiddenResponse' '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '409': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - teams_read summary: Datadog Update a Team tags: - Teams - Update x-codegen-request-body-name: body x-menu-order: 4 x-permission: operator: OR permissions: - teams_read x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: true get: false patch: false /api/v2/team/{team_id}/links: get: description: Get all links for a given team. operationId: GetTeamLinks parameters: - description: None in: path name: team_id required: true schema: type: string example: abc-123-def responses: '200': content: application/json: schema: $ref: '#/components/schemas/TeamLinksResponse' description: OK '403': $ref: '#/components/responses/ForbiddenResponse' '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - teams_read summary: Datadog Get Links for a Team tags: - Get - Links - Teams x-menu-order: 10 x-permission: operator: OR permissions: - teams_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Add a new link to a team. operationId: CreateTeamLink parameters: - description: None in: path name: team_id required: true schema: type: string example: abc-123-def requestBody: content: application/json: schema: $ref: '#/components/schemas/TeamLinkCreateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/TeamLinkResponse' description: OK '403': $ref: '#/components/responses/ForbiddenResponse' '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '422': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - teams_read summary: Datadog Create a Team Link tags: - Create - Link - Teams x-codegen-request-body-name: body x-given: team_link: parameters: - name: team_id source: dd_team.data.id - name: body value: |- { "data": { "attributes": { "label": "{{unique}}", "url": "https://example.com", "position": 0 }, "type": "team_links" } } step: there is a valid "team_link" in the system x-menu-order: 11 x-permission: operator: OR permissions: - teams_read x-undo: operationId: DeleteTeamLink parameters: - name: team_id source: data.attributes.team_id - name: link_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/team/{team_id}/links/{link_id}: delete: description: Remove a link from a team. operationId: DeleteTeamLink parameters: - description: None in: path name: team_id required: true schema: type: string example: abc-123-def - description: None in: path name: link_id required: true schema: type: string example: abc-123-def responses: '204': description: No Content '403': $ref: '#/components/responses/ForbiddenResponse' '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - teams_read summary: Datadog Remove a Team Link tags: - Link - Remove - Teams x-menu-order: 14 x-permission: operator: OR permissions: - teams_read x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a single link for a team. operationId: GetTeamLink parameters: - description: None in: path name: team_id required: true schema: type: string example: abc-123-def - description: None in: path name: link_id required: true schema: type: string example: abc-123-def responses: '200': content: application/json: schema: $ref: '#/components/schemas/TeamLinkResponse' description: OK '403': $ref: '#/components/responses/ForbiddenResponse' '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - teams_read summary: Datadog Get a Team Link tags: - Get - Link - Teams x-menu-order: 12 x-permission: operator: OR permissions: - teams_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update a team link. operationId: UpdateTeamLink parameters: - description: None in: path name: team_id required: true schema: type: string example: abc-123-def - description: None in: path name: link_id required: true schema: type: string example: abc-123-def requestBody: content: application/json: schema: $ref: '#/components/schemas/TeamLinkCreateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/TeamLinkResponse' description: OK '403': $ref: '#/components/responses/ForbiddenResponse' '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - teams_read summary: Datadog Update a Team Link tags: - Link - Teams - Update x-codegen-request-body-name: body x-menu-order: 13 x-permission: operator: OR permissions: - teams_read x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/team/{team_id}/memberships: get: description: Get a paginated list of members for a team operationId: GetTeamMemberships parameters: - description: None in: path name: team_id required: true schema: type: string example: abc-123-def - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' - description: Specifies the order of returned team memberships in: query name: sort required: false schema: $ref: '#/components/schemas/GetTeamMembershipsSort' example: example_value - description: Search query, can be user email or name in: query name: filter[keyword] required: false schema: type: string example: example_value responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserTeamsResponse' description: Represents a user's association to a team '403': $ref: '#/components/responses/ForbiddenResponse' '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - teams_read summary: Datadog Get Team Memberships tags: - Get - Memberships - Teams x-menu-order: 6 x-pagination: limitParam: page[size] pageParam: page[number] resultsPath: data x-permission: operator: OR permissions: - teams_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Add a user to a team. operationId: CreateTeamMembership parameters: - description: None in: path name: team_id required: true schema: type: string example: abc-123-def requestBody: content: application/json: schema: $ref: '#/components/schemas/UserTeamRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserTeamResponse' description: Represents a user's association to a team '403': $ref: '#/components/responses/ForbiddenResponse' '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '409': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - teams_read summary: Datadog Add a User to a Team tags: - Add - Teams - Users x-codegen-request-body-name: body x-given: team_membership: parameters: - name: body value: |- { "data": { "attributes": { "role": "admin" }, "relationships": { "user": { "data": { "id": "{{user.data.id}}", "type": "users" } } }, "type": "team_memberships" } } step: there is a valid "team_membership" in the system x-menu-order: 7 x-permission: operator: OR permissions: - teams_read x-undo: operationId: DeleteTeamMembership parameters: - name: team_id template: '{{team.data.id}}' - name: user_id source: data.relationships.user.data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/team/{team_id}/memberships/{user_id}: delete: description: Remove a user from a team. operationId: DeleteTeamMembership parameters: - description: None in: path name: team_id required: true schema: type: string example: abc-123-def - description: None in: path name: user_id required: true schema: type: string example: abc-123-def responses: '204': description: No Content '403': $ref: '#/components/responses/ForbiddenResponse' '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - teams_read summary: Datadog Remove a User from a Team tags: - Remove - Teams - Users x-menu-order: 8 x-permission: operator: OR permissions: - teams_read x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: Update a user's membership attributes on a team. operationId: UpdateTeamMembership parameters: - description: None in: path name: team_id required: true schema: type: string example: abc-123-def - description: None in: path name: user_id required: true schema: type: string example: abc-123-def requestBody: content: application/json: schema: $ref: '#/components/schemas/UserTeamUpdateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserTeamResponse' description: Represents a user's association to a team '403': $ref: '#/components/responses/ForbiddenResponse' '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - teams_read summary: Datadog Update a User's Membership Attributes on a Team tags: - Attributes - Memberships - Teams - Update x-codegen-request-body-name: body x-menu-order: 9 x-permission: operator: OR permissions: - teams_read x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: true /api/v2/team/{team_id}/permission-settings: get: description: Get all permission settings for a given team. operationId: GetTeamPermissionSettings parameters: - description: None in: path name: team_id required: true schema: type: string example: abc-123-def responses: '200': content: application/json: schema: $ref: '#/components/schemas/TeamPermissionSettingsResponse' description: OK '403': $ref: '#/components/responses/ForbiddenResponse' '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - teams_read summary: Datadog Get Permission Settings for a Team tags: - Get - Permissions - Settings - Teams x-menu-order: 17 x-permission: operator: OR permissions: - teams_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/team/{team_id}/permission-settings/{action}: put: description: Update a team permission setting for a given team. operationId: UpdateTeamPermissionSetting parameters: - description: None in: path name: team_id required: true schema: type: string example: abc-123-def - description: None in: path name: action required: true schema: type: string example: example_value requestBody: content: application/json: schema: $ref: '#/components/schemas/TeamPermissionSettingUpdateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/TeamPermissionSettingResponse' description: OK '403': $ref: '#/components/responses/ForbiddenResponse' '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - teams_read summary: Datadog Update Permission Setting for Team tags: - Permissions - Setting - Teams - Update x-codegen-request-body-name: body x-menu-order: 18 x-permission: operator: OR permissions: - teams_read x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/teams: get: deprecated: true description: >- Get all incident teams for the requesting user's organization. If the `include[users]` query parameter is provided, the included attribute will contain the users related to these incident teams. operationId: ListIncidentTeams parameters: - $ref: '#/components/parameters/IncidentTeamIncludeQueryParameter' - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageOffset' - $ref: '#/components/parameters/IncidentTeamSearchQueryParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/IncidentTeamsResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_read summary: Datadog Get a List of All Incident Teams tags: - All - Get - Incident - Lists - Teams x-menu-order: 4 x-permission: operator: OR permissions: - incident_read x-undo: type: safe x-unstable: >- **Note**: This endpoint is deprecated. See the [Teams API endpoints](https://docs.datadoghq.com/api/latest/teams/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: deprecated: true description: Creates a new incident team. operationId: CreateIncidentTeam requestBody: content: application/json: schema: $ref: '#/components/schemas/IncidentTeamCreateRequest' description: Incident Team Payload. required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/IncidentTeamResponse' description: CREATED '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_settings_write summary: Datadog Create a New Incident Team tags: - Create - Incident - Teams x-codegen-request-body-name: body x-given: team: parameters: - name: body value: |- { "data": { "attributes": { "name": "{{ unique }}" }, "type": "teams" } } step: there is a valid "team" in the system x-menu-order: 5 x-permission: operator: OR permissions: - incident_settings_write x-undo: operationId: DeleteIncidentTeam parameters: - name: team_id source: data.id type: unsafe x-unstable: >- **Note**: This endpoint is deprecated. See the [Teams API endpoints](https://docs.datadoghq.com/api/latest/teams/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/teams/{team_id}: delete: deprecated: true description: Deletes an existing incident team. operationId: DeleteIncidentTeam parameters: - $ref: '#/components/parameters/IncidentTeamIDPathParameter' responses: '204': description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_settings_write summary: Datadog Delete an Existing Incident Team tags: - Delete - Existing - Incident - Teams x-menu-order: 2 x-permission: operator: OR permissions: - incident_settings_write x-undo: type: idempotent x-unstable: >- **Note**: This endpoint is deprecated. See the [Teams API endpoints](https://docs.datadoghq.com/api/latest/teams/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: deprecated: true description: >- Get details of an incident team. If the `include[users]` query parameter is provided, the included attribute will contain the users related to these incident teams. operationId: GetIncidentTeam parameters: - $ref: '#/components/parameters/IncidentTeamIDPathParameter' - $ref: '#/components/parameters/IncidentTeamIncludeQueryParameter' responses: '200': content: application/json: schema: $ref: '#/components/schemas/IncidentTeamResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_read summary: Datadog Get Details of an Incident Team tags: - Get - Incident - Teams x-menu-order: 1 x-permission: operator: OR permissions: - incident_read x-undo: type: safe x-unstable: >- **Note**: This endpoint is deprecated. See the [Teams API endpoints](https://docs.datadoghq.com/api/latest/teams/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: deprecated: true description: >- Updates an existing incident team. Only provide the attributes which should be updated as this request is a partial update. operationId: UpdateIncidentTeam parameters: - $ref: '#/components/parameters/IncidentTeamIDPathParameter' requestBody: content: application/json: schema: $ref: '#/components/schemas/IncidentTeamUpdateRequest' description: Incident Team Payload. required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/IncidentTeamResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '401': $ref: '#/components/responses/UnauthorizedResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - incident_settings_write summary: Datadog Update an Existing Incident Team tags: - Existing - Incident - Teams - Update x-codegen-request-body-name: body x-menu-order: 3 x-permission: operator: OR permissions: - incident_settings_write x-undo: type: idempotent x-unstable: >- **Note**: This endpoint is deprecated. See the [Teams API endpoints](https://docs.datadoghq.com/api/latest/teams/). x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/usage/application_security: get: deprecated: true description: >- Get hourly usage for application security . **Note:** This endpoint has been deprecated. Hourly usage data for all products is now available in the [Get hourly usage by product family API](https://docs.datadoghq.com/api/latest/usage-metering/#get-hourly-usage-by-product-family) operationId: GetUsageApplicationSecurityMonitoring parameters: - description: >- Datetime in ISO-8601 format, UTC, precise to hour: `[YYYY-MM-DDThh]` for usage beginning at this hour. in: query name: start_hr required: true schema: format: date-time type: string example: example_value - description: >- Datetime in ISO-8601 format, UTC, precise to hour: `[YYYY-MM-DDThh]` for usage ending **before** this hour. in: query name: end_hr required: false schema: format: date-time type: string example: example_value responses: '200': content: application/json;datetime-format=rfc3339: schema: $ref: >- #/components/schemas/UsageApplicationSecurityMonitoringResponse description: OK '400': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden - User is not authorized '429': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too many requests security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - usage_read summary: Datadog Get Hourly Usage for Application Security tags: - Applications - Get - Hourly - Security - Usage x-menu-order: 38 x-permission: operator: OR permissions: - usage_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/usage/billing_dimension_mapping: get: description: >- Get a mapping of billing dimensions to the corresponding keys for the supported usage metering public API endpoints. Mapping data is updated on a monthly cadence. This endpoint is only accessible to [parent-level organizations](https://docs.datadoghq.com/account_management/multi_organization/). operationId: GetBillingDimensionMapping parameters: - description: >- Datetime in ISO-8601 format, UTC, and for mappings beginning this month. Defaults to the current month. in: query name: filter[month] required: false schema: format: date-time type: string example: example_value - description: >- String to specify whether to retrieve active billing dimension mappings for the contract or for all available mappings. Allowed views have the string `active` or `all`. Defaults to `active`. in: query name: filter[view] required: false schema: default: active type: string example: example_value responses: '200': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/BillingDimensionsMappingResponse' description: OK '400': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden - User is not authorized '429': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too many requests security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - usage_read summary: Datadog Get Billing Dimension Mapping for Usage Endpoints tags: - Billing - Dimension - Get - Mapping - Usage x-menu-order: 1 x-permission: operator: OR permissions: - usage_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/usage/cost_by_org: get: deprecated: true description: >- Get cost across multi-org account. Cost by org data for a given month becomes available no later than the 16th of the following month. **Note:** This endpoint has been deprecated. Please use the new endpoint [`/historical_cost`](https://docs.datadoghq.com/api/latest/usage-metering/#get-historical-cost-across-your-account) instead. This endpoint is only accessible for [parent-level organizations](https://docs.datadoghq.com/account_management/multi_organization/). operationId: GetCostByOrg parameters: - description: >- Datetime in ISO-8601 format, UTC, precise to month: `[YYYY-MM]` for cost beginning this month. in: query name: start_month required: true schema: format: date-time type: string example: example_value - description: >- Datetime in ISO-8601 format, UTC, precise to month: `[YYYY-MM]` for cost ending this month. in: query name: end_month required: false schema: format: date-time type: string example: example_value responses: '200': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/CostByOrgResponse' description: OK '400': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden - User is not authorized '429': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too many requests security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - usage_read summary: Datadog Get Cost Across Multi-org Account tags: - Account - Across - Cost - Get x-menu-order: 45 x-permission: operator: OR permissions: - usage_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/usage/estimated_cost: get: description: >- Get estimated cost across multi-org and single root-org accounts. Estimated cost data is only available for the current month and previous month and is delayed by up to 72 hours from when it was incurred. To access historical costs prior to this, use the `/historical_cost` endpoint. This endpoint is only accessible for [parent-level organizations](https://docs.datadoghq.com/account_management/multi_organization/). operationId: GetEstimatedCostByOrg parameters: - description: >- String to specify whether cost is broken down at a parent-org level or at the sub-org level. Available views are `summary` and `sub-org`. Defaults to `summary`. in: query name: view required: false schema: type: string example: example_value - description: >- Datetime in ISO-8601 format, UTC, precise to month: `[YYYY-MM]` for cost beginning this month. **Either start_month or start_date should be specified, but not both.** (start_month cannot go beyond two months in the past). Provide an `end_month` to view month-over-month cost. in: query name: start_month required: false schema: format: date-time type: string example: example_value - description: >- Datetime in ISO-8601 format, UTC, precise to month: `[YYYY-MM]` for cost ending this month. in: query name: end_month required: false schema: format: date-time type: string example: example_value - description: >- Datetime in ISO-8601 format, UTC, precise to day: `[YYYY-MM-DD]` for cost beginning this day. **Either start_month or start_date should be specified, but not both.** (start_date cannot go beyond two months in the past). Provide an `end_date` to view day-over-day cumulative cost. in: query name: start_date required: false schema: format: date-time type: string example: '2026-04-17T12:00:00Z' - description: >- Datetime in ISO-8601 format, UTC, precise to day: `[YYYY-MM-DD]` for cost ending this day. in: query name: end_date required: false schema: format: date-time type: string example: '2026-04-17T12:00:00Z' - description: >- Boolean to specify whether to include accounts connected to the current account as partner customers in the Datadog partner network program. Defaults to `false`. in: query name: include_connected_accounts required: false schema: default: false type: boolean example: true responses: '200': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/CostByOrgResponse' description: OK '400': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden - User is not authorized '429': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too many requests security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - usage_read summary: Datadog Get Estimated Cost Across Your Account tags: - Account - Across - Cost - Get x-menu-order: 6 x-permission: operator: OR permissions: - usage_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/usage/historical_cost: get: description: >- Get historical cost across multi-org and single root-org accounts. Cost data for a given month becomes available no later than the 16th of the following month. This endpoint is only accessible for [parent-level organizations](https://docs.datadoghq.com/account_management/multi_organization/). operationId: GetHistoricalCostByOrg parameters: - description: >- String to specify whether cost is broken down at a parent-org level or at the sub-org level. Available views are `summary` and `sub-org`. Defaults to `summary`. in: query name: view required: false schema: type: string example: example_value - description: >- Datetime in ISO-8601 format, UTC, precise to month: `[YYYY-MM]` for cost beginning this month. in: query name: start_month required: true schema: format: date-time type: string example: example_value - description: >- Datetime in ISO-8601 format, UTC, precise to month: `[YYYY-MM]` for cost ending this month. in: query name: end_month required: false schema: format: date-time type: string example: example_value - description: >- Boolean to specify whether to include accounts connected to the current account as partner customers in the Datadog partner network program. Defaults to `false`. in: query name: include_connected_accounts required: false schema: default: false type: boolean example: true responses: '200': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/CostByOrgResponse' description: OK '400': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden - User is not authorized '429': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too many requests security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - usage_read summary: Datadog Get Historical Cost Across Your Account tags: - Account - Across - Cost - Get - Historical x-menu-order: 5 x-permission: operator: OR permissions: - usage_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/usage/hourly_usage: get: description: Get hourly usage by product family. operationId: GetHourlyUsage parameters: - description: >- Datetime in ISO-8601 format, UTC, precise to hour: [YYYY-MM-DDThh] for usage beginning at this hour. in: query name: filter[timestamp][start] required: true schema: format: date-time type: string example: '2026-04-17T12:00:00Z' - description: >- Datetime in ISO-8601 format, UTC, precise to hour: [YYYY-MM-DDThh] for usage ending **before** this hour. in: query name: filter[timestamp][end] required: false schema: format: date-time type: string example: '2026-04-17T12:00:00Z' - description: >- Comma separated list of product families to retrieve. Available families are `all`, `analyzed_logs`, `application_security`, `audit_trail`, `serverless`, `ci_app`, `cloud_cost_management`, `cloud_siem`, `csm_container_enterprise`, `csm_host_enterprise`, `cspm`, `custom_events`, `cws`, `dbm`, `error_tracking`, `fargate`, `infra_hosts`, `incident_management`, `indexed_logs`, `indexed_spans`, `ingested_spans`, `iot`, `lambda_traced_invocations`, `logs`, `network_flows`, `network_hosts`, `network_monitoring`, `observability_pipelines`, `online_archive`, `profiling`, `rum`, `rum_browser_sessions`, `rum_mobile_sessions`, `sds`, `snmp`, `software_delivery`, `synthetics_api`, `synthetics_browser`, `synthetics_mobile`, `synthetics_parallel_testing`, `timeseries`, `vuln_management`, and `workflow_executions`. The following product family has been **deprecated**: `audit_logs`. in: query name: filter[product_families] required: true schema: type: string example: example_value - description: Include child org usage in the response. Defaults to false. in: query name: filter[include_descendants] required: false schema: default: false type: boolean example: true - description: >- Boolean to specify whether to include accounts connected to the current account as partner customers in the Datadog partner network program. Defaults to false. in: query name: filter[include_connected_accounts] required: false schema: default: false type: boolean example: true - description: >- Include breakdown of usage by subcategories where applicable (for product family logs only). Defaults to false. in: query name: filter[include_breakdown] required: false schema: default: false type: boolean example: true - description: >- Comma separated list of product family versions to use in the format `product_family:version`. For example, `infra_hosts:1.0.0`. If this parameter is not used, the API will use the latest version of each requested product family. Currently all families have one version `1.0.0`. in: query name: filter[versions] required: false schema: type: string example: example_value - description: >- Maximum number of results to return (between 1 and 500) - defaults to 500 if limit not specified. in: query name: page[limit] required: false schema: default: 500 format: int32 maximum: 500 minimum: 1 type: integer example: 42 - description: >- List following results with a next_record_id provided in the previous query. in: query name: page[next_record_id] required: false schema: type: string example: abc-123-def responses: '200': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/HourlyUsageResponse' description: OK '400': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden - User is not authorized '429': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too many requests security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - usage_read summary: Datadog Get Hourly Usage by Product Family tags: - Family - Get - Hourly - Product - Usage x-menu-order: 1 x-permission: operator: OR permissions: - usage_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/usage/lambda_traced_invocations: get: deprecated: true description: >- Get hourly usage for Lambda traced invocations. **Note:** This endpoint has been deprecated.. Hourly usage data for all products is now available in the [Get hourly usage by product family API](https://docs.datadoghq.com/api/latest/usage-metering/#get-hourly-usage-by-product-family) operationId: GetUsageLambdaTracedInvocations parameters: - description: >- Datetime in ISO-8601 format, UTC, precise to hour: `[YYYY-MM-DDThh]` for usage beginning at this hour. in: query name: start_hr required: true schema: format: date-time type: string example: example_value - description: >- Datetime in ISO-8601 format, UTC, precise to hour: `[YYYY-MM-DDThh]` for usage ending **before** this hour. in: query name: end_hr required: false schema: format: date-time type: string example: example_value responses: '200': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/UsageLambdaTracedInvocationsResponse' description: OK '400': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden - User is not authorized '429': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too many requests security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - usage_read summary: Datadog Get Hourly Usage for Lambda Traced Invocations tags: - Get - Hourly - Invocations - Lambda - Usage x-menu-order: 37 x-permission: operator: OR permissions: - usage_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/usage/observability_pipelines: get: deprecated: true description: >- Get hourly usage for observability pipelines. **Note:** This endpoint has been deprecated. Hourly usage data for all products is now available in the [Get hourly usage by product family API](https://docs.datadoghq.com/api/latest/usage-metering/#get-hourly-usage-by-product-family) operationId: GetUsageObservabilityPipelines parameters: - description: >- Datetime in ISO-8601 format, UTC, precise to hour: `[YYYY-MM-DDThh]` for usage beginning at this hour. in: query name: start_hr required: true schema: format: date-time type: string example: example_value - description: >- Datetime in ISO-8601 format, UTC, precise to hour: `[YYYY-MM-DDThh]` for usage ending **before** this hour. in: query name: end_hr required: false schema: format: date-time type: string example: example_value responses: '200': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/UsageObservabilityPipelinesResponse' description: OK '400': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden - User is not authorized '429': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too many requests security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - usage_read summary: Datadog Get Hourly Usage for Observability Pipelines tags: - Get - Hourly - Observability - Pipelines - Usage x-menu-order: 39 x-permission: operator: OR permissions: - usage_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/usage/projected_cost: get: description: >- Get projected cost across multi-org and single root-org accounts. Projected cost data is only available for the current month and becomes available around the 12th of the month. This endpoint is only accessible for [parent-level organizations](https://docs.datadoghq.com/account_management/multi_organization/). operationId: GetProjectedCost parameters: - description: >- String to specify whether cost is broken down at a parent-org level or at the sub-org level. Available views are `summary` and `sub-org`. Defaults to `summary`. in: query name: view required: false schema: type: string example: example_value - description: >- Boolean to specify whether to include accounts connected to the current account as partner customers in the Datadog partner network program. Defaults to `false`. in: query name: include_connected_accounts required: false schema: default: false type: boolean example: true responses: '200': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/ProjectedCostResponse' description: OK '400': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Forbidden - User is not authorized '429': content: application/json;datetime-format=rfc3339: schema: $ref: '#/components/schemas/APIErrorResponse' description: Too many requests security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - usage_read summary: Datadog Get Projected Cost Across Your Account tags: - Account - Across - Cost - Get x-menu-order: 7 x-permission: operator: OR permissions: - usage_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/user_invitations: post: description: >- Sends emails to one or more users inviting them to join the organization. operationId: SendInvitations requestBody: content: application/json: schema: $ref: '#/components/schemas/UserInvitationsRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/UserInvitationsResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - user_access_invite summary: Datadog Send Invitation Emails tags: - Emails - Invitation - Send x-codegen-request-body-name: body x-given: user_invitation: parameters: - name: body value: |- { "data": [ { "relationships": {"user": {"data": { "id": "{{ user.data.id }}", "type": "{{ user.data.type }}" }}}, "type": "user_invitations" } ] } source: data[0] step: the "user" has a "user_invitation" x-menu-order: 8 x-permission: operator: OR permissions: - user_access_invite x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/user_invitations/{user_invitation_uuid}: get: description: Returns a single user invitation by its UUID. operationId: GetInvitation parameters: - description: The UUID of the user invitation. in: path name: user_invitation_uuid required: true schema: example: 00000000-0000-0000-3456-000000000000 type: string example: 00000000-0000-0000-3456-000000000000 responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserInvitationResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - user_access_invite summary: Datadog Get a User Invitation tags: - Get - Invitation - Users x-codegen-request-body-name: body x-menu-order: 9 x-permission: operator: OR permissions: - user_access_invite x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/users: get: description: |- Get the list of all users in the organization. This list includes all users even if they are deactivated or unverified. operationId: ListUsers parameters: - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' - description: >- User attribute to order results by. Sort order is ascending by default. Sort order is descending if the field is prefixed by a negative sign, for example `sort=-name`. Options: `name`, `modified_at`, `user_count`. in: query name: sort required: false schema: default: name example: name type: string example: name - description: 'Direction of sort. Options: `asc`, `desc`.' in: query name: sort_dir required: false schema: $ref: '#/components/schemas/QuerySortOrder' example: example_value - description: Filter all users by the given string. Defaults to no filtering. in: query name: filter required: false schema: type: string example: example_value - description: >- Filter on status attribute. Comma separated list, with possible values `Active`, `Pending`, and `Disabled`. Defaults to no filtering. in: query name: filter[status] required: false schema: example: Active type: string example: Active responses: '200': content: application/json: schema: $ref: '#/components/schemas/UsersResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - user_access_read summary: Datadog List All Users tags: - All - Lists - Users x-codegen-request-body-name: body x-menu-order: 1 x-pagination: limitParam: page[size] pageParam: page[number] resultsPath: data x-permission: operator: OR permissions: - user_access_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a user for your organization. operationId: CreateUser requestBody: content: application/json: schema: $ref: '#/components/schemas/UserCreateRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/UserResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - user_access_invite summary: Datadog Create a User tags: - Create - Users x-codegen-request-body-name: body x-given: user: parameters: - name: body value: |- { "data": { "attributes": { "email": "{{ unique }}@datadoghq.com", "title": "user title" }, "type": "users" } } step: there is a valid "user" in the system x-menu-order: 2 x-permission: operator: OR permissions: - user_access_invite x-undo: operationId: DisableUser parameters: - name: user_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/users/{user_id}: delete: description: |- Disable a user. Can only be used with an application key belonging to an administrator user. operationId: DisableUser parameters: - $ref: '#/components/parameters/UserID' responses: '204': description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - user_access_manage summary: Datadog Disable a User tags: - Disables - Users x-codegen-request-body-name: body x-menu-order: 5 x-permission: operator: OR permissions: - user_access_manage - service_account_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get a user in the organization specified by the user’s `user_id`. operationId: GetUser parameters: - $ref: '#/components/parameters/UserID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - user_access_read summary: Datadog Get User Details tags: - Get - Users x-codegen-request-body-name: body x-menu-order: 3 x-permission: operator: OR permissions: - user_access_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: |- Edit a user. Can only be used with an application key belonging to an administrator user. operationId: UpdateUser parameters: - $ref: '#/components/parameters/UserID' requestBody: content: application/json: schema: $ref: '#/components/schemas/UserUpdateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserResponse' description: OK '400': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Bad Request '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '422': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Unprocessable Entity '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - user_access_manage summary: Datadog Update a User tags: - Update - Users x-codegen-request-body-name: body x-menu-order: 4 x-permission: operator: OR permissions: - user_access_manage - service_account_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: delete: true /api/v2/users/{user_id}/orgs: get: description: >- Get a user organization. Returns the user information and all organizations joined by this user. operationId: ListUserOrganizations parameters: - $ref: '#/components/parameters/UserID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: [] summary: Datadog Get a User Organization tags: - Get - Organizations - Users x-codegen-request-body-name: body x-menu-order: 6 x-permission: operator: OPEN permissions: [] x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/users/{user_id}/permissions: get: description: |- Get a user permission set. Returns a list of the user’s permissions granted by the associated user's roles. operationId: ListUserPermissions parameters: - $ref: '#/components/parameters/UserID' responses: '200': content: application/json: schema: $ref: '#/components/schemas/PermissionsResponse' description: OK '403': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Authentication error '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not found '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - user_access_read summary: Datadog Get a User Permissions tags: - Get - Permissions - Users x-codegen-request-body-name: body x-menu-order: 7 x-permission: operator: OR permissions: - user_access_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: get: true /api/v2/users/{user_uuid}/memberships: get: description: Get a list of memberships for a user operationId: GetUserMemberships parameters: - description: None in: path name: user_uuid required: true schema: type: string example: abc-123-def responses: '200': content: application/json: schema: $ref: '#/components/schemas/UserTeamsResponse' description: Represents a user's association to a team '404': content: application/json: schema: $ref: '#/components/schemas/APIErrorResponse' description: API error response. '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - teams_read summary: Datadog Get User Memberships tags: - Get - Memberships - Users x-menu-order: 1 x-permission: operator: OR permissions: - teams_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/workflows: post: description: >- Create a new workflow, returning the workflow ID. This API requires an application key scoped with the `workflows_write` permission. operationId: CreateWorkflow requestBody: content: application/json: schema: $ref: '#/components/schemas/CreateWorkflowRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/CreateWorkflowResponse' description: Successfully created a workflow. '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '429': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Too many requests summary: Datadog Create a Workflow tags: - Create - Workflows x-given: workflow: parameters: - name: body value: |- { "data": { "type": "workflows", "attributes": { "name": "Cassette Workflow x-given", "spec": { "triggers": [ { "startStepNames": ["No_op"], "workflowTrigger": {} } ], "steps": [ { "name": "No_op", "actionId": "com.datadoghq.core.noop" } ] } } } } step: there is a valid "workflow" in the system x-menu-order: 2 x-permission: operator: OR permissions: - workflows_write x-undo: operationId: DeleteWorkflow parameters: - name: workflow_id source: data.id type: unsafe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/workflows/{workflow_id}: delete: description: >- Delete a workflow by ID. This API requires an application key scoped with the `workflows_write` permission. operationId: DeleteWorkflow parameters: - $ref: '#/components/parameters/WorkflowId' responses: '204': description: Successfully deleted a workflow. '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Not found '429': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Too many requests summary: Datadog Delete an Existing Workflow tags: - Delete - Existing - Workflows x-menu-order: 4 x-permission: operator: OR permissions: - workflows_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: >- Get a workflow by ID. This API requires an application key scoped with the `workflows_read` permission. operationId: GetWorkflow parameters: - $ref: '#/components/parameters/WorkflowId' responses: '200': content: application/json: schema: $ref: '#/components/schemas/GetWorkflowResponse' description: Successfully got a workflow. '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Not found '429': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Too many requests summary: Datadog Get an Existing Workflow tags: - Existing - Get - Workflows x-menu-order: 1 x-permission: operator: OR permissions: - workflows_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- Update a workflow by ID. This API requires an application key scoped with the `workflows_write` permission. operationId: UpdateWorkflow parameters: - $ref: '#/components/parameters/WorkflowId' requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateWorkflowRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/UpdateWorkflowResponse' description: Successfully updated a workflow. '400': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Bad request '403': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Not found '429': content: application/json: schema: $ref: '#/components/schemas/JSONAPIErrorResponse' description: Too many requests summary: Datadog Update an Existing Workflow tags: - Existing - Update - Workflows x-menu-order: 3 x-permission: operator: OR permissions: - workflows_write x-undo: type: idempotent x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/workflows/{workflow_id}/instances: get: description: >- List all instances of a given workflow. This API requires an application key scoped with the workflows_read permission. operationId: ListWorkflowInstances parameters: - $ref: '#/components/parameters/WorkflowId' - $ref: '#/components/parameters/PageSize' - $ref: '#/components/parameters/PageNumber' responses: '200': content: application/json: schema: $ref: '#/components/schemas/WorkflowListInstancesResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - workflows_read summary: Datadog List Workflow Instances tags: - Instances - Lists - Workflows x-menu-order: 5 x-permission: operator: OR permissions: - workflows_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Execute the given workflow. This API requires an application key scoped with the workflows_run permission. operationId: CreateWorkflowInstance parameters: - $ref: '#/components/parameters/WorkflowId' requestBody: content: application/json: schema: $ref: '#/components/schemas/WorkflowInstanceCreateRequest' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/WorkflowInstanceCreateResponse' description: Created '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - workflows_run summary: Datadog Execute a Workflow tags: - Execute - Workflows x-codegen-request-body-name: body x-menu-order: 6 x-permission: operator: OR permissions: - workflows_run x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/workflows/{workflow_id}/instances/{instance_id}: get: description: >- Get a specific execution of a given workflow. This API requires an application key scoped with the workflows_read permission. operationId: GetWorkflowInstance parameters: - $ref: '#/components/parameters/WorkflowId' - $ref: '#/components/parameters/InstanceId' responses: '200': content: application/json: schema: $ref: '#/components/schemas/WorklflowGetInstanceResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' security: - apiKeyAuth: [] appKeyAuth: [] - AuthZ: - workflows_read summary: Datadog Get a Workflow Instance tags: - Get - Instance - Workflows x-menu-order: 7 x-permission: operator: OR permissions: - workflows_read x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/workflows/{workflow_id}/instances/{instance_id}/cancel: put: description: >- Cancels a specific execution of a given workflow. This API requires an application key scoped with the workflows_run permission. operationId: CancelWorkflowInstance parameters: - $ref: '#/components/parameters/WorkflowId' - $ref: '#/components/parameters/InstanceId' responses: '200': content: application/json: schema: $ref: '#/components/schemas/WorklflowCancelInstanceResponse' description: OK '400': $ref: '#/components/responses/BadRequestResponse' '403': $ref: '#/components/responses/ForbiddenResponse' '404': $ref: '#/components/responses/NotFoundResponse' '429': $ref: '#/components/responses/TooManyRequestsResponse' summary: Datadog Cancel a Workflow Instance tags: - Cancel - Instance - Workflows x-menu-order: 8 x-permission: operator: OR permissions: - workflows_run x-undo: type: safe x-api-evangelist-processing: PascalCaseOperationSummaries: true ChooseTags: true x-microcks-operation: delay: 0 dispatcher: FALLBACK x-merge-override: /api/v2/rum/analytics/aggregate: true /api/v2/rum/events: true /api/v2/rum/events/search: true /api/v2/team/{team_id}/links: true /api/v2/team/{team_id}/links/{link_id}: true security: - apiKeyAuth: [] appKeyAuth: [] servers: - url: https://{subdomain}.{site} variables: site: default: datadoghq.com description: The regional site for Datadog customers. enum: - datadoghq.com - us3.datadoghq.com - us5.datadoghq.com - ap1.datadoghq.com - datadoghq.eu - ddog-gov.com subdomain: default: api description: The subdomain where the API is deployed. - url: '{protocol}://{name}' variables: name: default: api.datadoghq.com description: Full site DNS name. protocol: default: https description: The protocol for accessing the API. - url: https://{subdomain}.{site} variables: site: default: datadoghq.com description: Any Datadog deployment. subdomain: default: api description: The subdomain where the API is deployed. tags: - name: Account - name: Accounts - name: Acknowledge - name: Across - name: Action - name: Active - name: Add - name: Agent - name: Agents - name: Aggregate - name: Aggregated - name: Aggregations - name: All - name: Analysis - name: Applications - name: Archive - name: Archives - name: Assets - name: Assign - name: Assignee - name: Attachments - name: Attributes - description: Search your Audit Logs events over HTTP. name: Audit - name: Available - name: Batch - name: Billing - name: Budget - name: Budgets - name: Cancel - name: Cap - name: Cardinality - name: Case - name: Cases - name: Change - name: Channel - name: Cloud - name: Cloudflare - name: Configuration - name: Configure - name: Connection - name: Connections - description: >- The Containers API allows you to query container data for your organization. See the [Container Monitoring page](https://docs.datadoghq.com/containers/) for more information. name: Containers - name: Convert - name: Cost - name: Coverage - name: Create - name: Current - name: Custom - name: Dashboards - name: Data - name: Definition - name: Definitions - name: Delegate - name: Delete - name: Demand - name: Deployments - name: Destination - name: Destinations - name: Detection - name: Devices - name: Dimension - name: Dimensions - name: Disables - name: Domain - name: Download - name: Edit - name: Emails - name: Enabled - name: Entities - name: Entity - name: Entry - name: Escalate - description: >- The Event Management API allows you to programmatically post events to the Events Explorer and fetch events from the Events Explorer. See the [Event Management page](https://docs.datadoghq.com/service_management/events/) for more information. **Update to Datadog monitor events `aggregation_key` starting March 1, 2025:** The Datadog monitor events `aggregation_key` is unique to each Monitor ID. Starting March 1st, this key will also include Monitor Group, making it unique per *Monitor ID and Monitor Group*. If you're using monitor events `aggregation_key` in dashboard queries or the Event API, you must migrate to use `@monitor.id`. Reach out to [support](https://www.datadoghq.com/support/) if you have any question. name: Events - name: Execute - name: Existing - name: External - name: Failure - name: Family - name: Files - name: Filter - name: Finding - name: Findings - name: Framework - name: Generate - name: Get - name: Given - name: Grants - name: Groups - name: Handle - name: Historical - name: History - name: Hosts - name: Hourly - name: Identifiers - name: Images - name: Incident - name: Information - name: Instance - name: Instances - name: Integration - name: Integrations - name: Interfaces - name: Invitation - name: Invocations - name: Ip - name: Items - name: Jobs - name: Keys - name: Lambda - name: Link - name: Links - name: Lists - description: >- Search your logs and send them to your Datadog platform over HTTP. See the [Log Management page](https://docs.datadoghq.com/logs/) for more information. name: Logs - name: Management - name: Mapping - name: Memberships - description: >- The metrics endpoint allows you to: - Post metrics data so it can be graphed on Datadog’s dashboards - Query metrics from any time period (timeseries and scalar) - Modify tag configurations for metrics - View tags and volumes for metrics **Note**: A graph can only contain a set number of points and as the timeframe over which a metric is viewed increases, aggregation between points occurs to stay below that set number. The Post, Patch, and Delete `manage_tags` API methods can only be performed by a user who has the `Manage Tags for Metrics` permission. See the [Metrics page](https://docs.datadoghq.com/metrics/) for more information. name: Metrics - name: Modify - name: Monitor - name: Monthly - name: Multiple - name: Mute - name: Names - name: Namespaces - name: Objects - name: Observability - name: Options - name: Order - description: >- Create, edit, and manage your organizations. Read more about [multi-org accounts](https://docs.datadoghq.com/account_management/multi_organization). externalDocs: description: Find out more at url: https://docs.datadoghq.com/account_management/multi_organization name: Organizations - name: Owned - name: Pages - name: Patch - name: Patterns - name: Permissions - name: Pipelines - name: Policies - name: Post - name: Principal - name: Priority - name: Product - name: Products - name: Projects - name: Protections - name: Publish - name: Queries - name: Read - name: Ready - name: Related - name: Remove - name: Reorder - name: Reports - name: Resolve - name: Resource - name: Resources - name: Restrictions - name: Result - name: Retention - name: Revoke - name: Role - description: >- The Roles API is used to create and manage Datadog roles, what [global permissions](https://docs.datadoghq.com/account_management/rbac/) they grant, and which users belong to them. Permissions related to specific account assets can be granted to roles in the Datadog application without using this API. For example, granting read access on a specific log index to a role can be done in Datadog from the [Pipelines page](https://app.datadoghq.com/logs/pipelines). name: Roles - name: Routing - name: Rules - description: >- Manage your Real User Monitoring (RUM) applications, and search or aggregate your RUM events over HTTP. See the [RUM & Session Replay page](https://docs.datadoghq.com/real_user_monitoring/) for more information name: Rum - name: Runs - name: Save - name: Scan - name: Scanning - name: Schedules - name: Search - name: Security - name: Send - name: Serverless - name: Sets - name: Setting - name: Settings - name: Signal - name: Single - name: Specific - name: Standard - name: State - name: Status - name: Submit - name: Suppression - name: Tasks - description: >- View and manage teams within Datadog. See the [Teams page](https://docs.datadoghq.com/account_management/teams/) for more information. name: Teams - name: Terraform - name: Tests - name: Type - name: Types - name: Unarchive - name: Unassign - name: Update - name: Upload - name: Usage - description: Create, edit, and disable users. externalDocs: url: https://docs.datadoghq.com/account_management/users name: Users - name: Validate - name: Value - name: Versions - name: Volumes - name: Vulnerabilities - name: Webhooks - name: Workflows x-group-parameters: true x-merge-override: paths: false