From 75a9008b57f9fbc3e5e5a220bba64c1c9b29a20f Mon Sep 17 00:00:00 2001 From: "ci.datadog-api-spec" Date: Tue, 26 May 2026 21:01:29 +0000 Subject: [PATCH] Regenerate client from commit 39e56e6 of spec repo --- .generator/schemas/v2/openapi.yaml | 67 ++++- .../client/v2/api/SecurityMonitoringApi.java | 4 +- .../ConvertJobResultsToSignalsAttributes.java | 31 +-- .../client/v2/model/HistoricalJobQuery.java | 257 +++++++++++++++++- .../HistoricalJobResponseAttributes.java | 28 ++ .../api/client/v2/model/JobDefinition.java | 6 +- .../v2/model/JobDefinitionFromRule.java | 32 ++- .../RunHistoricalJobRequestAttributes.java | 54 ++-- ...al_job_returns_Bad_Request_response.freeze | 2 +- ...ical_job_returns_Not_Found_response.freeze | 2 +- ..._historical_job_returns_OK_response.freeze | 2 +- ..._a_historical_job_returns_OK_response.json | 6 +- ...signal_returns_Bad_Request_response.freeze | 2 +- ...ng_job_returns_Bad_Request_response.freeze | 2 +- ...ting_job_returns_Not_Found_response.freeze | 2 +- ...etails_returns_Bad_Request_response.freeze | 2 +- ..._details_returns_Not_Found_response.freeze | 2 +- ...a_job_s_details_returns_OK_response.freeze | 2 +- ...t_a_job_s_details_returns_OK_response.json | 8 +- ...al_job_returns_Bad_Request_response.freeze | 2 +- ...ical_job_returns_Not_Found_response.freeze | 2 +- ...job_returns_Status_created_response.freeze | 2 +- ...l_job_returns_Status_created_response.json | 2 +- 23 files changed, 424 insertions(+), 95 deletions(-) diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index c1ed2925666..2c49d4f91c5 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -18908,9 +18908,6 @@ components: ConvertJobResultsToSignalsAttributes: description: Attributes for converting historical job results to signals. properties: - id: - description: Request ID. - type: string jobResultIds: description: Job result IDs. example: @@ -37540,10 +37537,34 @@ components: HistoricalJobQuery: description: Query for selecting logs analyzed by the historical job. properties: + additionalFilters: + description: Additional filters appended to the query at evaluation time. + type: string aggregation: $ref: "#/components/schemas/SecurityMonitoringRuleQueryAggregation" + correlatedByFields: + description: Fields used to correlate results across queries in sequence detection rules. + items: + description: Field. + type: string + type: array + correlatedQueryIndex: + description: Zero-based index of the query to correlate with in sequence detection rules. Up to 10 queries are supported, so valid values are 0 to 9. + format: int64 + maximum: 9 + minimum: 0 + type: integer + customQueryExtension: + description: Custom query extension used to refine the base query. + type: string dataSource: $ref: "#/components/schemas/SecurityMonitoringStandardDataSource" + datasetIds: + description: IDs of reference datasets used by this query. + items: + description: Dataset ID. + type: string + type: array distinctFields: description: Field for which the cardinality is measured. Sent as an array. items: @@ -37561,6 +37582,15 @@ components: description: When false, events without a group-by value are ignored by the query. When true, events with missing group-by fields are processed with `N/A`, replacing the missing values. example: false type: boolean + index: + description: Index used to load the data for this query. + type: string + indexes: + description: Indexes used to load the data for this query. Mutually exclusive with `index`. + items: + description: Index name. + type: string + type: array metrics: description: Group of target fields to aggregate over when using the sum, max, geo data, or new value aggregations. The sum, max, and geo data aggregations only accept one value in this list, whereas the new value aggregation accepts up to five values. items: @@ -37574,6 +37604,9 @@ components: description: Query to run on logs. example: a > 3 type: string + queryLanguage: + description: Language used to parse the query string. + type: string type: object HistoricalJobResponse: description: Historical job response. @@ -37607,6 +37640,10 @@ components: modifiedAt: description: Last modification time of the job. type: string + progressRate: + description: Job execution progress as a value between 0 and 1. Omitted for finished jobs. + format: double + type: number signalOutput: description: Whether the job outputs signals. type: boolean @@ -43137,9 +43174,10 @@ components: $ref: "#/components/schemas/CalculatedField" type: array cases: - description: Cases used for generating job results. + description: Cases used for generating job results. Up to 10 cases are allowed. items: $ref: "#/components/schemas/SecurityMonitoringRuleCaseCreate" + maxItems: 10 type: array from: description: Starting time of data analyzed by the job. @@ -43169,9 +43207,10 @@ components: options: $ref: "#/components/schemas/HistoricalJobOptions" queries: - description: Queries for selecting logs analyzed by the job. + description: Queries for selecting logs analyzed by the job. Up to 10 queries are allowed. items: $ref: "#/components/schemas/HistoricalJobQuery" + maxItems: 10 type: array referenceTables: description: Reference tables used in the queries. @@ -43185,10 +43224,11 @@ components: type: string type: array thirdPartyCases: - description: Cases for generating results from third-party detection method. Only available for third-party detection method. + description: Cases for generating results from third-party detection method. Only available for third-party detection method. Up to 10 cases are allowed. example: [] items: $ref: "#/components/schemas/SecurityMonitoringThirdPartyRuleCaseCreate" + maxItems: 10 type: array to: description: Ending time of data analyzed by the job. @@ -43210,6 +43250,12 @@ components: JobDefinitionFromRule: description: Definition of a historical job based on a security monitoring rule. properties: + caseIndex: + description: Zero-based index of the rule case to use as the job's signal condition. When omitted, all cases are evaluated. Up to 10 cases are supported, so valid values are 0 to 9. + format: int32 + maximum: 9 + minimum: 0 + type: integer from: description: Starting time of data analyzed by the job. example: 1729843470000 @@ -70274,11 +70320,11 @@ components: properties: fromRule: $ref: "#/components/schemas/JobDefinitionFromRule" - id: - description: Request ID. - type: string jobDefinition: $ref: "#/components/schemas/JobDefinition" + signalOutput: + description: Whether the job outputs signals when results are converted. + type: boolean type: object RunHistoricalJobRequestData: description: Data for running a historical job request. @@ -154835,7 +154881,7 @@ paths: **Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates. /api/v2/siem-historical-detections/histsignals/search: - get: + post: description: Search hist signals. operationId: SearchSecurityMonitoringHistsignals requestBody: @@ -154887,6 +154933,7 @@ paths: - security_monitoring_signals_read summary: Search hist signals tags: ["Security Monitoring"] + x-codegen-request-body-name: body "x-permission": operator: OR permissions: diff --git a/src/main/java/com/datadog/api/client/v2/api/SecurityMonitoringApi.java b/src/main/java/com/datadog/api/client/v2/api/SecurityMonitoringApi.java index ddd14d878b4..67b135f717d 100644 --- a/src/main/java/com/datadog/api/client/v2/api/SecurityMonitoringApi.java +++ b/src/main/java/com/datadog/api/client/v2/api/SecurityMonitoringApi.java @@ -20893,7 +20893,7 @@ public SecurityMonitoringSignalsListResponse searchSecurityMonitoringHistsignals new String[] {"application/json"}, new String[] {"apiKeyAuth", "appKeyAuth", "AuthZ"}); return apiClient.invokeAPI( - "GET", + "POST", builder, localVarHeaderParams, new String[] {"application/json"}, @@ -20949,7 +20949,7 @@ public SecurityMonitoringSignalsListResponse searchSecurityMonitoringHistsignals return result; } return apiClient.invokeAPIAsync( - "GET", + "POST", builder, localVarHeaderParams, new String[] {"application/json"}, diff --git a/src/main/java/com/datadog/api/client/v2/model/ConvertJobResultsToSignalsAttributes.java b/src/main/java/com/datadog/api/client/v2/model/ConvertJobResultsToSignalsAttributes.java index c7a084a305c..cc963afcd67 100644 --- a/src/main/java/com/datadog/api/client/v2/model/ConvertJobResultsToSignalsAttributes.java +++ b/src/main/java/com/datadog/api/client/v2/model/ConvertJobResultsToSignalsAttributes.java @@ -21,7 +21,6 @@ /** Attributes for converting historical job results to signals. */ @JsonPropertyOrder({ - ConvertJobResultsToSignalsAttributes.JSON_PROPERTY_ID, ConvertJobResultsToSignalsAttributes.JSON_PROPERTY_JOB_RESULT_IDS, ConvertJobResultsToSignalsAttributes.JSON_PROPERTY_NOTIFICATIONS, ConvertJobResultsToSignalsAttributes.JSON_PROPERTY_SIGNAL_MESSAGE, @@ -31,9 +30,6 @@ value = "https://github.com/DataDog/datadog-api-client-java/blob/master/.generator") public class ConvertJobResultsToSignalsAttributes { @JsonIgnore public boolean unparsed = false; - public static final String JSON_PROPERTY_ID = "id"; - private String id; - public static final String JSON_PROPERTY_JOB_RESULT_IDS = "jobResultIds"; private List jobResultIds = new ArrayList<>(); @@ -64,27 +60,6 @@ public ConvertJobResultsToSignalsAttributes( this.unparsed |= !signalSeverity.isValid(); } - public ConvertJobResultsToSignalsAttributes id(String id) { - this.id = id; - return this; - } - - /** - * Request ID. - * - * @return id - */ - @jakarta.annotation.Nullable - @JsonProperty(JSON_PROPERTY_ID) - @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) - public String getId() { - return id; - } - - public void setId(String id) { - this.id = id; - } - public ConvertJobResultsToSignalsAttributes jobResultIds(List jobResultIds) { this.jobResultIds = jobResultIds; return this; @@ -237,8 +212,7 @@ public boolean equals(Object o) { } ConvertJobResultsToSignalsAttributes convertJobResultsToSignalsAttributes = (ConvertJobResultsToSignalsAttributes) o; - return Objects.equals(this.id, convertJobResultsToSignalsAttributes.id) - && Objects.equals(this.jobResultIds, convertJobResultsToSignalsAttributes.jobResultIds) + return Objects.equals(this.jobResultIds, convertJobResultsToSignalsAttributes.jobResultIds) && Objects.equals(this.notifications, convertJobResultsToSignalsAttributes.notifications) && Objects.equals(this.signalMessage, convertJobResultsToSignalsAttributes.signalMessage) && Objects.equals(this.signalSeverity, convertJobResultsToSignalsAttributes.signalSeverity) @@ -249,14 +223,13 @@ public boolean equals(Object o) { @Override public int hashCode() { return Objects.hash( - id, jobResultIds, notifications, signalMessage, signalSeverity, additionalProperties); + jobResultIds, notifications, signalMessage, signalSeverity, additionalProperties); } @Override public String toString() { StringBuilder sb = new StringBuilder(); sb.append("class ConvertJobResultsToSignalsAttributes {\n"); - sb.append(" id: ").append(toIndentedString(id)).append("\n"); sb.append(" jobResultIds: ").append(toIndentedString(jobResultIds)).append("\n"); sb.append(" notifications: ").append(toIndentedString(notifications)).append("\n"); sb.append(" signalMessage: ").append(toIndentedString(signalMessage)).append("\n"); diff --git a/src/main/java/com/datadog/api/client/v2/model/HistoricalJobQuery.java b/src/main/java/com/datadog/api/client/v2/model/HistoricalJobQuery.java index d7c253a136e..e2ea1a7791f 100644 --- a/src/main/java/com/datadog/api/client/v2/model/HistoricalJobQuery.java +++ b/src/main/java/com/datadog/api/client/v2/model/HistoricalJobQuery.java @@ -20,26 +20,49 @@ /** Query for selecting logs analyzed by the historical job. */ @JsonPropertyOrder({ + HistoricalJobQuery.JSON_PROPERTY_ADDITIONAL_FILTERS, HistoricalJobQuery.JSON_PROPERTY_AGGREGATION, + HistoricalJobQuery.JSON_PROPERTY_CORRELATED_BY_FIELDS, + HistoricalJobQuery.JSON_PROPERTY_CORRELATED_QUERY_INDEX, + HistoricalJobQuery.JSON_PROPERTY_CUSTOM_QUERY_EXTENSION, HistoricalJobQuery.JSON_PROPERTY_DATA_SOURCE, + HistoricalJobQuery.JSON_PROPERTY_DATASET_IDS, HistoricalJobQuery.JSON_PROPERTY_DISTINCT_FIELDS, HistoricalJobQuery.JSON_PROPERTY_GROUP_BY_FIELDS, HistoricalJobQuery.JSON_PROPERTY_HAS_OPTIONAL_GROUP_BY_FIELDS, + HistoricalJobQuery.JSON_PROPERTY_INDEX, + HistoricalJobQuery.JSON_PROPERTY_INDEXES, HistoricalJobQuery.JSON_PROPERTY_METRICS, HistoricalJobQuery.JSON_PROPERTY_NAME, - HistoricalJobQuery.JSON_PROPERTY_QUERY + HistoricalJobQuery.JSON_PROPERTY_QUERY, + HistoricalJobQuery.JSON_PROPERTY_QUERY_LANGUAGE }) @jakarta.annotation.Generated( value = "https://github.com/DataDog/datadog-api-client-java/blob/master/.generator") public class HistoricalJobQuery { @JsonIgnore public boolean unparsed = false; + public static final String JSON_PROPERTY_ADDITIONAL_FILTERS = "additionalFilters"; + private String additionalFilters; + public static final String JSON_PROPERTY_AGGREGATION = "aggregation"; private SecurityMonitoringRuleQueryAggregation aggregation; + public static final String JSON_PROPERTY_CORRELATED_BY_FIELDS = "correlatedByFields"; + private List correlatedByFields = null; + + public static final String JSON_PROPERTY_CORRELATED_QUERY_INDEX = "correlatedQueryIndex"; + private Long correlatedQueryIndex; + + public static final String JSON_PROPERTY_CUSTOM_QUERY_EXTENSION = "customQueryExtension"; + private String customQueryExtension; + public static final String JSON_PROPERTY_DATA_SOURCE = "dataSource"; private SecurityMonitoringStandardDataSource dataSource = SecurityMonitoringStandardDataSource.LOGS; + public static final String JSON_PROPERTY_DATASET_IDS = "datasetIds"; + private List datasetIds = null; + public static final String JSON_PROPERTY_DISTINCT_FIELDS = "distinctFields"; private List distinctFields = null; @@ -50,6 +73,12 @@ public class HistoricalJobQuery { "hasOptionalGroupByFields"; private Boolean hasOptionalGroupByFields = false; + public static final String JSON_PROPERTY_INDEX = "index"; + private String index; + + public static final String JSON_PROPERTY_INDEXES = "indexes"; + private List indexes = null; + public static final String JSON_PROPERTY_METRICS = "metrics"; private List metrics = null; @@ -59,6 +88,30 @@ public class HistoricalJobQuery { public static final String JSON_PROPERTY_QUERY = "query"; private String query; + public static final String JSON_PROPERTY_QUERY_LANGUAGE = "queryLanguage"; + private String queryLanguage; + + public HistoricalJobQuery additionalFilters(String additionalFilters) { + this.additionalFilters = additionalFilters; + return this; + } + + /** + * Additional filters appended to the query at evaluation time. + * + * @return additionalFilters + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_ADDITIONAL_FILTERS) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public String getAdditionalFilters() { + return additionalFilters; + } + + public void setAdditionalFilters(String additionalFilters) { + this.additionalFilters = additionalFilters; + } + public HistoricalJobQuery aggregation(SecurityMonitoringRuleQueryAggregation aggregation) { this.aggregation = aggregation; this.unparsed |= !aggregation.isValid(); @@ -84,6 +137,78 @@ public void setAggregation(SecurityMonitoringRuleQueryAggregation aggregation) { this.aggregation = aggregation; } + public HistoricalJobQuery correlatedByFields(List correlatedByFields) { + this.correlatedByFields = correlatedByFields; + return this; + } + + public HistoricalJobQuery addCorrelatedByFieldsItem(String correlatedByFieldsItem) { + if (this.correlatedByFields == null) { + this.correlatedByFields = new ArrayList<>(); + } + this.correlatedByFields.add(correlatedByFieldsItem); + return this; + } + + /** + * Fields used to correlate results across queries in sequence detection rules. + * + * @return correlatedByFields + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_CORRELATED_BY_FIELDS) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public List getCorrelatedByFields() { + return correlatedByFields; + } + + public void setCorrelatedByFields(List correlatedByFields) { + this.correlatedByFields = correlatedByFields; + } + + public HistoricalJobQuery correlatedQueryIndex(Long correlatedQueryIndex) { + this.correlatedQueryIndex = correlatedQueryIndex; + return this; + } + + /** + * Zero-based index of the query to correlate with in sequence detection rules. Up to 10 queries + * are supported, so valid values are 0 to 9. minimum: 0 maximum: 9 + * + * @return correlatedQueryIndex + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_CORRELATED_QUERY_INDEX) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public Long getCorrelatedQueryIndex() { + return correlatedQueryIndex; + } + + public void setCorrelatedQueryIndex(Long correlatedQueryIndex) { + this.correlatedQueryIndex = correlatedQueryIndex; + } + + public HistoricalJobQuery customQueryExtension(String customQueryExtension) { + this.customQueryExtension = customQueryExtension; + return this; + } + + /** + * Custom query extension used to refine the base query. + * + * @return customQueryExtension + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_CUSTOM_QUERY_EXTENSION) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public String getCustomQueryExtension() { + return customQueryExtension; + } + + public void setCustomQueryExtension(String customQueryExtension) { + this.customQueryExtension = customQueryExtension; + } + public HistoricalJobQuery dataSource(SecurityMonitoringStandardDataSource dataSource) { this.dataSource = dataSource; this.unparsed |= !dataSource.isValid(); @@ -110,6 +235,35 @@ public void setDataSource(SecurityMonitoringStandardDataSource dataSource) { this.dataSource = dataSource; } + public HistoricalJobQuery datasetIds(List datasetIds) { + this.datasetIds = datasetIds; + return this; + } + + public HistoricalJobQuery addDatasetIdsItem(String datasetIdsItem) { + if (this.datasetIds == null) { + this.datasetIds = new ArrayList<>(); + } + this.datasetIds.add(datasetIdsItem); + return this; + } + + /** + * IDs of reference datasets used by this query. + * + * @return datasetIds + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_DATASET_IDS) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public List getDatasetIds() { + return datasetIds; + } + + public void setDatasetIds(List datasetIds) { + this.datasetIds = datasetIds; + } + public HistoricalJobQuery distinctFields(List distinctFields) { this.distinctFields = distinctFields; return this; @@ -190,6 +344,56 @@ public void setHasOptionalGroupByFields(Boolean hasOptionalGroupByFields) { this.hasOptionalGroupByFields = hasOptionalGroupByFields; } + public HistoricalJobQuery index(String index) { + this.index = index; + return this; + } + + /** + * Index used to load the data for this query. + * + * @return index + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_INDEX) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public String getIndex() { + return index; + } + + public void setIndex(String index) { + this.index = index; + } + + public HistoricalJobQuery indexes(List indexes) { + this.indexes = indexes; + return this; + } + + public HistoricalJobQuery addIndexesItem(String indexesItem) { + if (this.indexes == null) { + this.indexes = new ArrayList<>(); + } + this.indexes.add(indexesItem); + return this; + } + + /** + * Indexes used to load the data for this query. Mutually exclusive with index. + * + * @return indexes + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_INDEXES) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public List getIndexes() { + return indexes; + } + + public void setIndexes(List indexes) { + this.indexes = indexes; + } + public HistoricalJobQuery metrics(List metrics) { this.metrics = metrics; return this; @@ -263,6 +467,27 @@ public void setQuery(String query) { this.query = query; } + public HistoricalJobQuery queryLanguage(String queryLanguage) { + this.queryLanguage = queryLanguage; + return this; + } + + /** + * Language used to parse the query string. + * + * @return queryLanguage + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_QUERY_LANGUAGE) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public String getQueryLanguage() { + return queryLanguage; + } + + public void setQueryLanguage(String queryLanguage) { + this.queryLanguage = queryLanguage; + } + /** * A container for additional, undeclared properties. This is a holder for any undeclared * properties as specified with the 'additionalProperties' keyword in the OAS document. @@ -319,29 +544,45 @@ public boolean equals(Object o) { return false; } HistoricalJobQuery historicalJobQuery = (HistoricalJobQuery) o; - return Objects.equals(this.aggregation, historicalJobQuery.aggregation) + return Objects.equals(this.additionalFilters, historicalJobQuery.additionalFilters) + && Objects.equals(this.aggregation, historicalJobQuery.aggregation) + && Objects.equals(this.correlatedByFields, historicalJobQuery.correlatedByFields) + && Objects.equals(this.correlatedQueryIndex, historicalJobQuery.correlatedQueryIndex) + && Objects.equals(this.customQueryExtension, historicalJobQuery.customQueryExtension) && Objects.equals(this.dataSource, historicalJobQuery.dataSource) + && Objects.equals(this.datasetIds, historicalJobQuery.datasetIds) && Objects.equals(this.distinctFields, historicalJobQuery.distinctFields) && Objects.equals(this.groupByFields, historicalJobQuery.groupByFields) && Objects.equals( this.hasOptionalGroupByFields, historicalJobQuery.hasOptionalGroupByFields) + && Objects.equals(this.index, historicalJobQuery.index) + && Objects.equals(this.indexes, historicalJobQuery.indexes) && Objects.equals(this.metrics, historicalJobQuery.metrics) && Objects.equals(this.name, historicalJobQuery.name) && Objects.equals(this.query, historicalJobQuery.query) + && Objects.equals(this.queryLanguage, historicalJobQuery.queryLanguage) && Objects.equals(this.additionalProperties, historicalJobQuery.additionalProperties); } @Override public int hashCode() { return Objects.hash( + additionalFilters, aggregation, + correlatedByFields, + correlatedQueryIndex, + customQueryExtension, dataSource, + datasetIds, distinctFields, groupByFields, hasOptionalGroupByFields, + index, + indexes, metrics, name, query, + queryLanguage, additionalProperties); } @@ -349,16 +590,28 @@ public int hashCode() { public String toString() { StringBuilder sb = new StringBuilder(); sb.append("class HistoricalJobQuery {\n"); + sb.append(" additionalFilters: ").append(toIndentedString(additionalFilters)).append("\n"); sb.append(" aggregation: ").append(toIndentedString(aggregation)).append("\n"); + sb.append(" correlatedByFields: ").append(toIndentedString(correlatedByFields)).append("\n"); + sb.append(" correlatedQueryIndex: ") + .append(toIndentedString(correlatedQueryIndex)) + .append("\n"); + sb.append(" customQueryExtension: ") + .append(toIndentedString(customQueryExtension)) + .append("\n"); sb.append(" dataSource: ").append(toIndentedString(dataSource)).append("\n"); + sb.append(" datasetIds: ").append(toIndentedString(datasetIds)).append("\n"); sb.append(" distinctFields: ").append(toIndentedString(distinctFields)).append("\n"); sb.append(" groupByFields: ").append(toIndentedString(groupByFields)).append("\n"); sb.append(" hasOptionalGroupByFields: ") .append(toIndentedString(hasOptionalGroupByFields)) .append("\n"); + sb.append(" index: ").append(toIndentedString(index)).append("\n"); + sb.append(" indexes: ").append(toIndentedString(indexes)).append("\n"); sb.append(" metrics: ").append(toIndentedString(metrics)).append("\n"); sb.append(" name: ").append(toIndentedString(name)).append("\n"); sb.append(" query: ").append(toIndentedString(query)).append("\n"); + sb.append(" queryLanguage: ").append(toIndentedString(queryLanguage)).append("\n"); sb.append(" additionalProperties: ") .append(toIndentedString(additionalProperties)) .append("\n"); diff --git a/src/main/java/com/datadog/api/client/v2/model/HistoricalJobResponseAttributes.java b/src/main/java/com/datadog/api/client/v2/model/HistoricalJobResponseAttributes.java index 147ba90b0d1..89436d8aeb5 100644 --- a/src/main/java/com/datadog/api/client/v2/model/HistoricalJobResponseAttributes.java +++ b/src/main/java/com/datadog/api/client/v2/model/HistoricalJobResponseAttributes.java @@ -26,6 +26,7 @@ HistoricalJobResponseAttributes.JSON_PROPERTY_JOB_NAME, HistoricalJobResponseAttributes.JSON_PROPERTY_JOB_STATUS, HistoricalJobResponseAttributes.JSON_PROPERTY_MODIFIED_AT, + HistoricalJobResponseAttributes.JSON_PROPERTY_PROGRESS_RATE, HistoricalJobResponseAttributes.JSON_PROPERTY_SIGNAL_OUTPUT }) @jakarta.annotation.Generated( @@ -56,6 +57,9 @@ public class HistoricalJobResponseAttributes { public static final String JSON_PROPERTY_MODIFIED_AT = "modifiedAt"; private String modifiedAt; + public static final String JSON_PROPERTY_PROGRESS_RATE = "progressRate"; + private Double progressRate; + public static final String JSON_PROPERTY_SIGNAL_OUTPUT = "signalOutput"; private Boolean signalOutput; @@ -228,6 +232,27 @@ public void setModifiedAt(String modifiedAt) { this.modifiedAt = modifiedAt; } + public HistoricalJobResponseAttributes progressRate(Double progressRate) { + this.progressRate = progressRate; + return this; + } + + /** + * Job execution progress as a value between 0 and 1. Omitted for finished jobs. + * + * @return progressRate + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_PROGRESS_RATE) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public Double getProgressRate() { + return progressRate; + } + + public void setProgressRate(Double progressRate) { + this.progressRate = progressRate; + } + public HistoricalJobResponseAttributes signalOutput(Boolean signalOutput) { this.signalOutput = signalOutput; return this; @@ -314,6 +339,7 @@ public boolean equals(Object o) { && Objects.equals(this.jobName, historicalJobResponseAttributes.jobName) && Objects.equals(this.jobStatus, historicalJobResponseAttributes.jobStatus) && Objects.equals(this.modifiedAt, historicalJobResponseAttributes.modifiedAt) + && Objects.equals(this.progressRate, historicalJobResponseAttributes.progressRate) && Objects.equals(this.signalOutput, historicalJobResponseAttributes.signalOutput) && Objects.equals( this.additionalProperties, historicalJobResponseAttributes.additionalProperties); @@ -330,6 +356,7 @@ public int hashCode() { jobName, jobStatus, modifiedAt, + progressRate, signalOutput, additionalProperties); } @@ -346,6 +373,7 @@ public String toString() { sb.append(" jobName: ").append(toIndentedString(jobName)).append("\n"); sb.append(" jobStatus: ").append(toIndentedString(jobStatus)).append("\n"); sb.append(" modifiedAt: ").append(toIndentedString(modifiedAt)).append("\n"); + sb.append(" progressRate: ").append(toIndentedString(progressRate)).append("\n"); sb.append(" signalOutput: ").append(toIndentedString(signalOutput)).append("\n"); sb.append(" additionalProperties: ") .append(toIndentedString(additionalProperties)) diff --git a/src/main/java/com/datadog/api/client/v2/model/JobDefinition.java b/src/main/java/com/datadog/api/client/v2/model/JobDefinition.java index 29057415d42..c81765c963a 100644 --- a/src/main/java/com/datadog/api/client/v2/model/JobDefinition.java +++ b/src/main/java/com/datadog/api/client/v2/model/JobDefinition.java @@ -152,7 +152,7 @@ public JobDefinition addCasesItem(SecurityMonitoringRuleCaseCreate casesItem) { } /** - * Cases used for generating job results. + * Cases used for generating job results. Up to 10 cases are allowed. * * @return cases */ @@ -313,7 +313,7 @@ public JobDefinition addQueriesItem(HistoricalJobQuery queriesItem) { } /** - * Queries for selecting logs analyzed by the job. + * Queries for selecting logs analyzed by the job. Up to 10 queries are allowed. * * @return queries */ @@ -411,7 +411,7 @@ public JobDefinition addThirdPartyCasesItem( /** * Cases for generating results from third-party detection method. Only available for third-party - * detection method. + * detection method. Up to 10 cases are allowed. * * @return thirdPartyCases */ diff --git a/src/main/java/com/datadog/api/client/v2/model/JobDefinitionFromRule.java b/src/main/java/com/datadog/api/client/v2/model/JobDefinitionFromRule.java index b84e3aaf6c4..7591079da59 100644 --- a/src/main/java/com/datadog/api/client/v2/model/JobDefinitionFromRule.java +++ b/src/main/java/com/datadog/api/client/v2/model/JobDefinitionFromRule.java @@ -21,6 +21,7 @@ /** Definition of a historical job based on a security monitoring rule. */ @JsonPropertyOrder({ + JobDefinitionFromRule.JSON_PROPERTY_CASE_INDEX, JobDefinitionFromRule.JSON_PROPERTY_FROM, JobDefinitionFromRule.JSON_PROPERTY_ID, JobDefinitionFromRule.JSON_PROPERTY_INDEX, @@ -31,6 +32,9 @@ value = "https://github.com/DataDog/datadog-api-client-java/blob/master/.generator") public class JobDefinitionFromRule { @JsonIgnore public boolean unparsed = false; + public static final String JSON_PROPERTY_CASE_INDEX = "caseIndex"; + private Integer caseIndex; + public static final String JSON_PROPERTY_FROM = "from"; private Long from; @@ -60,6 +64,28 @@ public JobDefinitionFromRule( this.to = to; } + public JobDefinitionFromRule caseIndex(Integer caseIndex) { + this.caseIndex = caseIndex; + return this; + } + + /** + * Zero-based index of the rule case to use as the job's signal condition. When omitted, all cases + * are evaluated. Up to 10 cases are supported, so valid values are 0 to 9. minimum: 0 maximum: 9 + * + * @return caseIndex + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_CASE_INDEX) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public Integer getCaseIndex() { + return caseIndex; + } + + public void setCaseIndex(Integer caseIndex) { + this.caseIndex = caseIndex; + } + public JobDefinitionFromRule from(Long from) { this.from = from; return this; @@ -225,7 +251,8 @@ public boolean equals(Object o) { return false; } JobDefinitionFromRule jobDefinitionFromRule = (JobDefinitionFromRule) o; - return Objects.equals(this.from, jobDefinitionFromRule.from) + return Objects.equals(this.caseIndex, jobDefinitionFromRule.caseIndex) + && Objects.equals(this.from, jobDefinitionFromRule.from) && Objects.equals(this.id, jobDefinitionFromRule.id) && Objects.equals(this.index, jobDefinitionFromRule.index) && Objects.equals(this.notifications, jobDefinitionFromRule.notifications) @@ -235,13 +262,14 @@ public boolean equals(Object o) { @Override public int hashCode() { - return Objects.hash(from, id, index, notifications, to, additionalProperties); + return Objects.hash(caseIndex, from, id, index, notifications, to, additionalProperties); } @Override public String toString() { StringBuilder sb = new StringBuilder(); sb.append("class JobDefinitionFromRule {\n"); + sb.append(" caseIndex: ").append(toIndentedString(caseIndex)).append("\n"); sb.append(" from: ").append(toIndentedString(from)).append("\n"); sb.append(" id: ").append(toIndentedString(id)).append("\n"); sb.append(" index: ").append(toIndentedString(index)).append("\n"); diff --git a/src/main/java/com/datadog/api/client/v2/model/RunHistoricalJobRequestAttributes.java b/src/main/java/com/datadog/api/client/v2/model/RunHistoricalJobRequestAttributes.java index 92f9dec4c2c..202f7aa738b 100644 --- a/src/main/java/com/datadog/api/client/v2/model/RunHistoricalJobRequestAttributes.java +++ b/src/main/java/com/datadog/api/client/v2/model/RunHistoricalJobRequestAttributes.java @@ -19,8 +19,8 @@ /** Run a historical job request. */ @JsonPropertyOrder({ RunHistoricalJobRequestAttributes.JSON_PROPERTY_FROM_RULE, - RunHistoricalJobRequestAttributes.JSON_PROPERTY_ID, - RunHistoricalJobRequestAttributes.JSON_PROPERTY_JOB_DEFINITION + RunHistoricalJobRequestAttributes.JSON_PROPERTY_JOB_DEFINITION, + RunHistoricalJobRequestAttributes.JSON_PROPERTY_SIGNAL_OUTPUT }) @jakarta.annotation.Generated( value = "https://github.com/DataDog/datadog-api-client-java/blob/master/.generator") @@ -29,12 +29,12 @@ public class RunHistoricalJobRequestAttributes { public static final String JSON_PROPERTY_FROM_RULE = "fromRule"; private JobDefinitionFromRule fromRule; - public static final String JSON_PROPERTY_ID = "id"; - private String id; - public static final String JSON_PROPERTY_JOB_DEFINITION = "jobDefinition"; private JobDefinition jobDefinition; + public static final String JSON_PROPERTY_SIGNAL_OUTPUT = "signalOutput"; + private Boolean signalOutput; + public RunHistoricalJobRequestAttributes fromRule(JobDefinitionFromRule fromRule) { this.fromRule = fromRule; this.unparsed |= fromRule.unparsed; @@ -57,47 +57,47 @@ public void setFromRule(JobDefinitionFromRule fromRule) { this.fromRule = fromRule; } - public RunHistoricalJobRequestAttributes id(String id) { - this.id = id; + public RunHistoricalJobRequestAttributes jobDefinition(JobDefinition jobDefinition) { + this.jobDefinition = jobDefinition; + this.unparsed |= jobDefinition.unparsed; return this; } /** - * Request ID. + * Definition of a historical job. * - * @return id + * @return jobDefinition */ @jakarta.annotation.Nullable - @JsonProperty(JSON_PROPERTY_ID) + @JsonProperty(JSON_PROPERTY_JOB_DEFINITION) @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) - public String getId() { - return id; + public JobDefinition getJobDefinition() { + return jobDefinition; } - public void setId(String id) { - this.id = id; + public void setJobDefinition(JobDefinition jobDefinition) { + this.jobDefinition = jobDefinition; } - public RunHistoricalJobRequestAttributes jobDefinition(JobDefinition jobDefinition) { - this.jobDefinition = jobDefinition; - this.unparsed |= jobDefinition.unparsed; + public RunHistoricalJobRequestAttributes signalOutput(Boolean signalOutput) { + this.signalOutput = signalOutput; return this; } /** - * Definition of a historical job. + * Whether the job outputs signals when results are converted. * - * @return jobDefinition + * @return signalOutput */ @jakarta.annotation.Nullable - @JsonProperty(JSON_PROPERTY_JOB_DEFINITION) + @JsonProperty(JSON_PROPERTY_SIGNAL_OUTPUT) @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) - public JobDefinition getJobDefinition() { - return jobDefinition; + public Boolean getSignalOutput() { + return signalOutput; } - public void setJobDefinition(JobDefinition jobDefinition) { - this.jobDefinition = jobDefinition; + public void setSignalOutput(Boolean signalOutput) { + this.signalOutput = signalOutput; } /** @@ -158,15 +158,15 @@ public boolean equals(Object o) { RunHistoricalJobRequestAttributes runHistoricalJobRequestAttributes = (RunHistoricalJobRequestAttributes) o; return Objects.equals(this.fromRule, runHistoricalJobRequestAttributes.fromRule) - && Objects.equals(this.id, runHistoricalJobRequestAttributes.id) && Objects.equals(this.jobDefinition, runHistoricalJobRequestAttributes.jobDefinition) + && Objects.equals(this.signalOutput, runHistoricalJobRequestAttributes.signalOutput) && Objects.equals( this.additionalProperties, runHistoricalJobRequestAttributes.additionalProperties); } @Override public int hashCode() { - return Objects.hash(fromRule, id, jobDefinition, additionalProperties); + return Objects.hash(fromRule, jobDefinition, signalOutput, additionalProperties); } @Override @@ -174,8 +174,8 @@ public String toString() { StringBuilder sb = new StringBuilder(); sb.append("class RunHistoricalJobRequestAttributes {\n"); sb.append(" fromRule: ").append(toIndentedString(fromRule)).append("\n"); - sb.append(" id: ").append(toIndentedString(id)).append("\n"); sb.append(" jobDefinition: ").append(toIndentedString(jobDefinition)).append("\n"); + sb.append(" signalOutput: ").append(toIndentedString(signalOutput)).append("\n"); sb.append(" additionalProperties: ") .append(toIndentedString(additionalProperties)) .append("\n"); diff --git a/src/test/resources/cassettes/features/v2/Cancel_a_historical_job_returns_Bad_Request_response.freeze b/src/test/resources/cassettes/features/v2/Cancel_a_historical_job_returns_Bad_Request_response.freeze index a87300297ae..1c7c9a559cb 100644 --- a/src/test/resources/cassettes/features/v2/Cancel_a_historical_job_returns_Bad_Request_response.freeze +++ b/src/test/resources/cassettes/features/v2/Cancel_a_historical_job_returns_Bad_Request_response.freeze @@ -1 +1 @@ -2026-04-13T09:15:40.141Z \ No newline at end of file +2026-05-26T20:45:58.257Z \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/Cancel_a_historical_job_returns_Not_Found_response.freeze b/src/test/resources/cassettes/features/v2/Cancel_a_historical_job_returns_Not_Found_response.freeze index 5ffbfe4c377..d6cc65f0236 100644 --- a/src/test/resources/cassettes/features/v2/Cancel_a_historical_job_returns_Not_Found_response.freeze +++ b/src/test/resources/cassettes/features/v2/Cancel_a_historical_job_returns_Not_Found_response.freeze @@ -1 +1 @@ -2026-04-13T09:15:41.174Z \ No newline at end of file +2026-05-26T20:45:58.957Z \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/Cancel_a_historical_job_returns_OK_response.freeze b/src/test/resources/cassettes/features/v2/Cancel_a_historical_job_returns_OK_response.freeze index be59fd60df7..9b5b661937e 100644 --- a/src/test/resources/cassettes/features/v2/Cancel_a_historical_job_returns_OK_response.freeze +++ b/src/test/resources/cassettes/features/v2/Cancel_a_historical_job_returns_OK_response.freeze @@ -1 +1 @@ -2026-04-13T09:15:41.286Z \ No newline at end of file +2026-05-26T20:45:59.561Z \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/Cancel_a_historical_job_returns_OK_response.json b/src/test/resources/cassettes/features/v2/Cancel_a_historical_job_returns_OK_response.json index 2dd306813ac..31297caa9cd 100644 --- a/src/test/resources/cassettes/features/v2/Cancel_a_historical_job_returns_OK_response.json +++ b/src/test/resources/cassettes/features/v2/Cancel_a_historical_job_returns_OK_response.json @@ -12,7 +12,7 @@ "secure": true }, "httpResponse": { - "body": "{\"data\":{\"id\":\"67278df4-84b8-4413-884b-88d9facdb68a\",\"type\":\"historicalDetectionsJob\"}}", + "body": "{\"data\":{\"id\":\"21011d0e-e7e3-49e1-91d4-74d6791382c8\",\"type\":\"historicalDetectionsJob\"}}", "headers": { "Content-Type": [ "application/vnd.api+json" @@ -33,7 +33,7 @@ "httpRequest": { "headers": {}, "method": "PATCH", - "path": "/api/v2/siem-historical-detections/jobs/67278df4-84b8-4413-884b-88d9facdb68a/cancel", + "path": "/api/v2/siem-historical-detections/jobs/21011d0e-e7e3-49e1-91d4-74d6791382c8/cancel", "keepAlive": false, "secure": true }, @@ -48,6 +48,6 @@ "timeToLive": { "unlimited": true }, - "id": "f7ee4604-982a-dbca-72d6-b8ad43fcc8d7" + "id": "d5626b8e-a248-3b30-220e-4d10f9d98c20" } ] \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/Convert_a_job_result_to_a_signal_returns_Bad_Request_response.freeze b/src/test/resources/cassettes/features/v2/Convert_a_job_result_to_a_signal_returns_Bad_Request_response.freeze index b22ac5b07a2..f1456e24df3 100644 --- a/src/test/resources/cassettes/features/v2/Convert_a_job_result_to_a_signal_returns_Bad_Request_response.freeze +++ b/src/test/resources/cassettes/features/v2/Convert_a_job_result_to_a_signal_returns_Bad_Request_response.freeze @@ -1 +1 @@ -2026-04-13T09:15:41.656Z \ No newline at end of file +2026-05-26T20:46:00.730Z \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/Delete_an_existing_job_returns_Bad_Request_response.freeze b/src/test/resources/cassettes/features/v2/Delete_an_existing_job_returns_Bad_Request_response.freeze index 3b7d74bd4b9..37e5dc1097b 100644 --- a/src/test/resources/cassettes/features/v2/Delete_an_existing_job_returns_Bad_Request_response.freeze +++ b/src/test/resources/cassettes/features/v2/Delete_an_existing_job_returns_Bad_Request_response.freeze @@ -1 +1 @@ -2026-04-13T09:15:41.819Z \ No newline at end of file +2026-05-26T20:46:01.231Z \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/Delete_an_existing_job_returns_Not_Found_response.freeze b/src/test/resources/cassettes/features/v2/Delete_an_existing_job_returns_Not_Found_response.freeze index 7528bc4877d..d35b34f86e5 100644 --- a/src/test/resources/cassettes/features/v2/Delete_an_existing_job_returns_Not_Found_response.freeze +++ b/src/test/resources/cassettes/features/v2/Delete_an_existing_job_returns_Not_Found_response.freeze @@ -1 +1 @@ -2026-04-13T09:15:42.455Z \ No newline at end of file +2026-05-26T20:46:01.667Z \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_Bad_Request_response.freeze b/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_Bad_Request_response.freeze index f959b7469ab..8eb6d70767b 100644 --- a/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_Bad_Request_response.freeze +++ b/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_Bad_Request_response.freeze @@ -1 +1 @@ -2026-04-13T09:15:42.536Z \ No newline at end of file +2026-05-26T20:46:02.116Z \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_Not_Found_response.freeze b/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_Not_Found_response.freeze index be224ded310..a0ded07257d 100644 --- a/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_Not_Found_response.freeze +++ b/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_Not_Found_response.freeze @@ -1 +1 @@ -2026-04-13T09:15:42.599Z \ No newline at end of file +2026-05-26T20:46:02.616Z \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_OK_response.freeze b/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_OK_response.freeze index 24ebe9b1927..a81d2bd50b6 100644 --- a/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_OK_response.freeze +++ b/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_OK_response.freeze @@ -1 +1 @@ -2026-04-13T09:15:42.662Z \ No newline at end of file +2026-05-26T20:46:03.044Z \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_OK_response.json b/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_OK_response.json index 5534121a3e8..466d807e187 100644 --- a/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_OK_response.json +++ b/src/test/resources/cassettes/features/v2/Get_a_job_s_details_returns_OK_response.json @@ -12,7 +12,7 @@ "secure": true }, "httpResponse": { - "body": "{\"data\":{\"id\":\"876b8334-58f8-4b7d-8e62-0101cb019208\",\"type\":\"historicalDetectionsJob\"}}", + "body": "{\"data\":{\"id\":\"4590ff3a-0a23-4f80-b974-d06df0d9b1e6\",\"type\":\"historicalDetectionsJob\"}}", "headers": { "Content-Type": [ "application/vnd.api+json" @@ -33,12 +33,12 @@ "httpRequest": { "headers": {}, "method": "GET", - "path": "/api/v2/siem-historical-detections/jobs/876b8334-58f8-4b7d-8e62-0101cb019208", + "path": "/api/v2/siem-historical-detections/jobs/4590ff3a-0a23-4f80-b974-d06df0d9b1e6", "keepAlive": false, "secure": true }, "httpResponse": { - "body": "{\"data\":{\"id\":\"876b8334-58f8-4b7d-8e62-0101cb019208\",\"type\":\"historicalDetectionsJob\",\"attributes\":{\"createdAt\":\"2026-04-13 09:15:42.715435+00\",\"createdByHandle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"createdByName\":\"CI Account\",\"jobDefinition\":{\"from\":1730387522611,\"to\":1730387532611,\"index\":\"main\",\"name\":\"Excessive number of failed attempts.\",\"cases\":[{\"name\":\"Condition 1\",\"status\":\"info\",\"notifications\":[],\"condition\":\"a \\u003e 1\"}],\"queries\":[{\"query\":\"source:non_existing_src_weekend\",\"groupByFields\":[],\"hasOptionalGroupByFields\":false,\"distinctFields\":[],\"aggregation\":\"count\",\"name\":\"\",\"dataSource\":\"logs\"}],\"options\":{\"evaluationWindow\":900,\"detectionMethod\":\"threshold\",\"maxSignalDuration\":86400,\"keepAlive\":3600},\"message\":\"A large number of failed login attempts.\",\"tags\":[],\"type\":\"log_detection\"},\"jobName\":\"Excessive number of failed attempts.\",\"jobStatus\":\"pending\",\"modifiedAt\":\"2026-04-13 09:15:42.715435+00\",\"signalOutput\":false}}}", + "body": "{\"data\":{\"id\":\"4590ff3a-0a23-4f80-b974-d06df0d9b1e6\",\"type\":\"historicalDetectionsJob\",\"attributes\":{\"createdAt\":\"2026-05-26 20:46:03.567462+00\",\"createdByHandle\":\"frog@datadoghq.com\",\"createdByName\":\"frog\",\"jobDefinition\":{\"from\":1730387522611,\"to\":1730387532611,\"index\":\"main\",\"name\":\"Excessive number of failed attempts.\",\"cases\":[{\"name\":\"Condition 1\",\"status\":\"info\",\"notifications\":[],\"condition\":\"a \\u003e 1\"}],\"queries\":[{\"query\":\"source:non_existing_src_weekend\",\"groupByFields\":[],\"hasOptionalGroupByFields\":false,\"distinctFields\":[],\"aggregation\":\"count\",\"name\":\"\",\"dataSource\":\"logs\"}],\"options\":{\"evaluationWindow\":900,\"detectionMethod\":\"threshold\",\"maxSignalDuration\":86400,\"keepAlive\":3600},\"message\":\"A large number of failed login attempts.\",\"tags\":[],\"type\":\"log_detection\"},\"jobName\":\"Excessive number of failed attempts.\",\"jobStatus\":\"pending\",\"modifiedAt\":\"2026-05-26 20:46:03.567462+00\",\"signalOutput\":false}}}", "headers": { "Content-Type": [ "application/vnd.api+json" @@ -53,6 +53,6 @@ "timeToLive": { "unlimited": true }, - "id": "8e624a47-7fe4-18ef-6d32-b48313dc1217" + "id": "e2573f64-36fc-0045-474e-ae719678b2a6" } ] \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/Run_a_historical_job_returns_Bad_Request_response.freeze b/src/test/resources/cassettes/features/v2/Run_a_historical_job_returns_Bad_Request_response.freeze index 69151c224c6..a4d0d951556 100644 --- a/src/test/resources/cassettes/features/v2/Run_a_historical_job_returns_Bad_Request_response.freeze +++ b/src/test/resources/cassettes/features/v2/Run_a_historical_job_returns_Bad_Request_response.freeze @@ -1 +1 @@ -2026-04-13T09:15:42.851Z \ No newline at end of file +2026-05-26T20:46:04.068Z \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/Run_a_historical_job_returns_Not_Found_response.freeze b/src/test/resources/cassettes/features/v2/Run_a_historical_job_returns_Not_Found_response.freeze index 765e43e8664..94db8e42bcd 100644 --- a/src/test/resources/cassettes/features/v2/Run_a_historical_job_returns_Not_Found_response.freeze +++ b/src/test/resources/cassettes/features/v2/Run_a_historical_job_returns_Not_Found_response.freeze @@ -1 +1 @@ -2026-04-13T09:15:42.922Z \ No newline at end of file +2026-05-26T20:46:04.592Z \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/Run_a_historical_job_returns_Status_created_response.freeze b/src/test/resources/cassettes/features/v2/Run_a_historical_job_returns_Status_created_response.freeze index ee9c040c771..74da5caa26f 100644 --- a/src/test/resources/cassettes/features/v2/Run_a_historical_job_returns_Status_created_response.freeze +++ b/src/test/resources/cassettes/features/v2/Run_a_historical_job_returns_Status_created_response.freeze @@ -1 +1 @@ -2026-04-13T09:15:42.979Z \ No newline at end of file +2026-05-26T20:46:05.019Z \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/Run_a_historical_job_returns_Status_created_response.json b/src/test/resources/cassettes/features/v2/Run_a_historical_job_returns_Status_created_response.json index e5433d704cc..41e13d6ecef 100644 --- a/src/test/resources/cassettes/features/v2/Run_a_historical_job_returns_Status_created_response.json +++ b/src/test/resources/cassettes/features/v2/Run_a_historical_job_returns_Status_created_response.json @@ -12,7 +12,7 @@ "secure": true }, "httpResponse": { - "body": "{\"data\":{\"id\":\"8ce2a4d4-db9e-445d-93bb-b60980d56d25\",\"type\":\"historicalDetectionsJob\"}}", + "body": "{\"data\":{\"id\":\"1fa783c4-c6ce-430c-972c-43a2ccde1420\",\"type\":\"historicalDetectionsJob\"}}", "headers": { "Content-Type": [ "application/vnd.api+json"