--- title: Security Monitoring description: Datadog, the leading service for cloud-scale monitoring. breadcrumbs: Docs > API Reference > Security Monitoring --- # Security Monitoring Create and manage your security rules, signals, filters, and more. See the [Datadog Security page](https://docs.datadoghq.com/security.md) for more information. ## Change the triage state of a security signal →{% #change-the-triage-state-of-a-security-signal %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------------------- | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/state | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/state | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/security_monitoring/signals/{signal_id}/state | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id}/state | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id}/state | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/state | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/state | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/state | ## List findings → preview{% #list-findings %} | Datadog site | API endpoint | | ----------------- | -------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/posture_management/findings | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/posture_management/findings | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/posture_management/findings | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/posture_management/findings | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/posture_management/findings | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/posture_management/findings | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/posture_management/findings | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/posture_management/findings | ## Add a security signal to an incident →{% #add-a-security-signal-to-an-incident %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v1/security_analytics/signals/{signal_id}/add_to_incident | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v1/security_analytics/signals/{signal_id}/add_to_incident | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v1/security_analytics/signals/{signal_id}/add_to_incident | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v1/security_analytics/signals/{signal_id}/add_to_incident | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v1/security_analytics/signals/{signal_id}/add_to_incident | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v1/security_analytics/signals/{signal_id}/add_to_incident | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v1/security_analytics/signals/{signal_id}/add_to_incident | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v1/security_analytics/signals/{signal_id}/add_to_incident | ## Mute or unmute a batch of findings → preview{% #mute-or-unmute-a-batch-of-findings %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------- | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/posture_management/findings | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/posture_management/findings | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/posture_management/findings | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/posture_management/findings | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/posture_management/findings | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/posture_management/findings | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/posture_management/findings | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/posture_management/findings | ## Get a finding → preview{% #get-a-finding %} | Datadog site | API endpoint | | ----------------- | --------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/posture_management/findings/{finding_id} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/posture_management/findings/{finding_id} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/posture_management/findings/{finding_id} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/posture_management/findings/{finding_id} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/posture_management/findings/{finding_id} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/posture_management/findings/{finding_id} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/posture_management/findings/{finding_id} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/posture_management/findings/{finding_id} | ## Modify the triage assignee of a security signal →{% #modify-the-triage-assignee-of-a-security-signal %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/assignee | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/assignee | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/security_monitoring/signals/{signal_id}/assignee | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id}/assignee | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id}/assignee | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/assignee | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/assignee | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/assignee | ## Get the list of vulnerability notification rules →{% #get-the-list-of-vulnerability-notification-rules %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------ | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security/vulnerabilities/notification_rules | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security/vulnerabilities/notification_rules | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security/vulnerabilities/notification_rules | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security/vulnerabilities/notification_rules | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security/vulnerabilities/notification_rules | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security/vulnerabilities/notification_rules | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security/vulnerabilities/notification_rules | ## Create a new vulnerability-based notification rule →{% #create-a-new-vulnerability-based-notification-rule %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security/vulnerabilities/notification_rules | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security/vulnerabilities/notification_rules | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security/vulnerabilities/notification_rules | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security/vulnerabilities/notification_rules | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security/vulnerabilities/notification_rules | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security/vulnerabilities/notification_rules | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security/vulnerabilities/notification_rules | ## Get details of a vulnerability notification rule →{% #get-details-of-a-vulnerability-notification-rule %} | Datadog site | API endpoint | | ----------------- | ----------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/{id} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/{id} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security/vulnerabilities/notification_rules/{id} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security/vulnerabilities/notification_rules/{id} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security/vulnerabilities/notification_rules/{id} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/{id} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/{id} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/{id} | ## Delete a vulnerability-based notification rule →{% #delete-a-vulnerability-based-notification-rule %} | Datadog site | API endpoint | | ----------------- | -------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | DELETE https://api.ap1.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/{id} | | ap2.datadoghq.com | DELETE https://api.ap2.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/{id} | | app.datadoghq.eu | DELETE https://api.datadoghq.eu/api/v2/security/vulnerabilities/notification_rules/{id} | | app.ddog-gov.com | DELETE https://api.ddog-gov.com/api/v2/security/vulnerabilities/notification_rules/{id} | | us2.ddog-gov.com | DELETE https://api.us2.ddog-gov.com/api/v2/security/vulnerabilities/notification_rules/{id} | | app.datadoghq.com | DELETE https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/{id} | | us3.datadoghq.com | DELETE https://api.us3.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/{id} | | us5.datadoghq.com | DELETE https://api.us5.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/{id} | ## Patch a vulnerability-based notification rule →{% #patch-a-vulnerability-based-notification-rule %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/{id} | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/{id} | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/security/vulnerabilities/notification_rules/{id} | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/security/vulnerabilities/notification_rules/{id} | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/security/vulnerabilities/notification_rules/{id} | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/{id} | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/{id} | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/{id} | ## Get the list of signal-based notification rules →{% #get-the-list-of-signal-based-notification-rules %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security/signals/notification_rules | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security/signals/notification_rules | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security/signals/notification_rules | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security/signals/notification_rules | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security/signals/notification_rules | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security/signals/notification_rules | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security/signals/notification_rules | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security/signals/notification_rules | ## Create a new signal-based notification rule →{% #create-a-new-signal-based-notification-rule %} | Datadog site | API endpoint | | ----------------- | ----------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security/signals/notification_rules | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security/signals/notification_rules | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security/signals/notification_rules | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security/signals/notification_rules | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security/signals/notification_rules | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security/signals/notification_rules | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security/signals/notification_rules | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security/signals/notification_rules | ## Get details of a signal-based notification rule →{% #get-details-of-a-signal-based-notification-rule %} | Datadog site | API endpoint | | ----------------- | --------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security/signals/notification_rules/{id} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security/signals/notification_rules/{id} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security/signals/notification_rules/{id} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security/signals/notification_rules/{id} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security/signals/notification_rules/{id} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security/signals/notification_rules/{id} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security/signals/notification_rules/{id} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security/signals/notification_rules/{id} | ## Delete a signal-based notification rule →{% #delete-a-signal-based-notification-rule %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------ | | ap1.datadoghq.com | DELETE https://api.ap1.datadoghq.com/api/v2/security/signals/notification_rules/{id} | | ap2.datadoghq.com | DELETE https://api.ap2.datadoghq.com/api/v2/security/signals/notification_rules/{id} | | app.datadoghq.eu | DELETE https://api.datadoghq.eu/api/v2/security/signals/notification_rules/{id} | | app.ddog-gov.com | DELETE https://api.ddog-gov.com/api/v2/security/signals/notification_rules/{id} | | us2.ddog-gov.com | DELETE https://api.us2.ddog-gov.com/api/v2/security/signals/notification_rules/{id} | | app.datadoghq.com | DELETE https://api.datadoghq.com/api/v2/security/signals/notification_rules/{id} | | us3.datadoghq.com | DELETE https://api.us3.datadoghq.com/api/v2/security/signals/notification_rules/{id} | | us5.datadoghq.com | DELETE https://api.us5.datadoghq.com/api/v2/security/signals/notification_rules/{id} | ## Patch a signal-based notification rule →{% #patch-a-signal-based-notification-rule %} | Datadog site | API endpoint | | ----------------- | ----------------------------------------------------------------------------------- | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/security/signals/notification_rules/{id} | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/security/signals/notification_rules/{id} | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/security/signals/notification_rules/{id} | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/security/signals/notification_rules/{id} | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/security/signals/notification_rules/{id} | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/security/signals/notification_rules/{id} | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/security/signals/notification_rules/{id} | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/security/signals/notification_rules/{id} | ## List security findings →{% #list-security-findings %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security/findings | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security/findings | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security/findings | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security/findings | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security/findings | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security/findings | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security/findings | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security/findings | ## Search security findings →{% #search-security-findings %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------ | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security/findings/search | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security/findings/search | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security/findings/search | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security/findings/search | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security/findings/search | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security/findings/search | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security/findings/search | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security/findings/search | ## Create cases for security findings →{% #create-cases-for-security-findings %} | Datadog site | API endpoint | | ----------------- | ----------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security/findings/cases | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security/findings/cases | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security/findings/cases | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security/findings/cases | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security/findings/cases | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security/findings/cases | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security/findings/cases | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security/findings/cases | ## Detach security findings from their case →{% #detach-security-findings-from-their-case %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------- | | ap1.datadoghq.com | DELETE https://api.ap1.datadoghq.com/api/v2/security/findings/cases | | ap2.datadoghq.com | DELETE https://api.ap2.datadoghq.com/api/v2/security/findings/cases | | app.datadoghq.eu | DELETE https://api.datadoghq.eu/api/v2/security/findings/cases | | app.ddog-gov.com | DELETE https://api.ddog-gov.com/api/v2/security/findings/cases | | us2.ddog-gov.com | DELETE https://api.us2.ddog-gov.com/api/v2/security/findings/cases | | app.datadoghq.com | DELETE https://api.datadoghq.com/api/v2/security/findings/cases | | us3.datadoghq.com | DELETE https://api.us3.datadoghq.com/api/v2/security/findings/cases | | us5.datadoghq.com | DELETE https://api.us5.datadoghq.com/api/v2/security/findings/cases | ## Attach security findings to a case →{% #attach-security-findings-to-a-case %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------- | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/security/findings/cases/{case_id} | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/security/findings/cases/{case_id} | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/security/findings/cases/{case_id} | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/security/findings/cases/{case_id} | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/security/findings/cases/{case_id} | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/security/findings/cases/{case_id} | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/security/findings/cases/{case_id} | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/security/findings/cases/{case_id} | ## Create Jira issues for security findings →{% #create-jira-issues-for-security-findings %} | Datadog site | API endpoint | | ----------------- | ----------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security/findings/jira_issues | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security/findings/jira_issues | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security/findings/jira_issues | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security/findings/jira_issues | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security/findings/jira_issues | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security/findings/jira_issues | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security/findings/jira_issues | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security/findings/jira_issues | ## Attach security findings to a Jira issue →{% #attach-security-findings-to-a-jira-issue %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------ | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/security/findings/jira_issues | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/security/findings/jira_issues | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/security/findings/jira_issues | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/security/findings/jira_issues | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/security/findings/jira_issues | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/security/findings/jira_issues | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/security/findings/jira_issues | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/security/findings/jira_issues | ## Mute or unmute security findings →{% #mute-or-unmute-security-findings %} | Datadog site | API endpoint | | ----------------- | ----------------------------------------------------------------- | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/security/findings/mute | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/security/findings/mute | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/security/findings/mute | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/security/findings/mute | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/security/findings/mute | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/security/findings/mute | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/security/findings/mute | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/security/findings/mute | ## Update a custom framework →{% #update-a-custom-framework %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | PUT https://api.ap1.datadoghq.com/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | | ap2.datadoghq.com | PUT https://api.ap2.datadoghq.com/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | | app.datadoghq.eu | PUT https://api.datadoghq.eu/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | | app.ddog-gov.com | PUT https://api.ddog-gov.com/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | | us2.ddog-gov.com | PUT https://api.us2.ddog-gov.com/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | | app.datadoghq.com | PUT https://api.datadoghq.com/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | | us3.datadoghq.com | PUT https://api.us3.datadoghq.com/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | | us5.datadoghq.com | PUT https://api.us5.datadoghq.com/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | ## Delete a custom framework →{% #delete-a-custom-framework %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | DELETE https://api.ap1.datadoghq.com/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | | ap2.datadoghq.com | DELETE https://api.ap2.datadoghq.com/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | | app.datadoghq.eu | DELETE https://api.datadoghq.eu/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | | app.ddog-gov.com | DELETE https://api.ddog-gov.com/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | | us2.ddog-gov.com | DELETE https://api.us2.ddog-gov.com/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | | app.datadoghq.com | DELETE https://api.datadoghq.com/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | | us3.datadoghq.com | DELETE https://api.us3.datadoghq.com/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | | us5.datadoghq.com | DELETE https://api.us5.datadoghq.com/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | ## Get a custom framework →{% #get-a-custom-framework %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/cloud_security_management/custom_frameworks/{handle}/{version} | ## List resource filters →{% #list-resource-filters %} | Datadog site | API endpoint | | ----------------- | ----------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/cloud_security_management/resource_filters | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/cloud_security_management/resource_filters | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/cloud_security_management/resource_filters | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/cloud_security_management/resource_filters | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/cloud_security_management/resource_filters | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/cloud_security_management/resource_filters | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/cloud_security_management/resource_filters | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/cloud_security_management/resource_filters | ## Update resource filters →{% #update-resource-filters %} | Datadog site | API endpoint | | ----------------- | ----------------------------------------------------------------------------------- | | ap1.datadoghq.com | PUT https://api.ap1.datadoghq.com/api/v2/cloud_security_management/resource_filters | | ap2.datadoghq.com | PUT https://api.ap2.datadoghq.com/api/v2/cloud_security_management/resource_filters | | app.datadoghq.eu | PUT https://api.datadoghq.eu/api/v2/cloud_security_management/resource_filters | | app.ddog-gov.com | PUT https://api.ddog-gov.com/api/v2/cloud_security_management/resource_filters | | us2.ddog-gov.com | PUT https://api.us2.ddog-gov.com/api/v2/cloud_security_management/resource_filters | | app.datadoghq.com | PUT https://api.datadoghq.com/api/v2/cloud_security_management/resource_filters | | us3.datadoghq.com | PUT https://api.us3.datadoghq.com/api/v2/cloud_security_management/resource_filters | | us5.datadoghq.com | PUT https://api.us5.datadoghq.com/api/v2/cloud_security_management/resource_filters | ## Create a custom framework →{% #create-a-custom-framework %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/cloud_security_management/custom_frameworks | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/cloud_security_management/custom_frameworks | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/cloud_security_management/custom_frameworks | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/cloud_security_management/custom_frameworks | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/cloud_security_management/custom_frameworks | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/cloud_security_management/custom_frameworks | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/cloud_security_management/custom_frameworks | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/cloud_security_management/custom_frameworks | ## Get all security filters →{% #get-all-security-filters %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/security_filters | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/security_filters | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/configuration/security_filters | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/configuration/security_filters | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/security_filters | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/security_filters | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/security_filters | ## Create a security filter →{% #create-a-security-filter %} | Datadog site | API endpoint | | ----------------- | -------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/security_filters | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/security_filters | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/configuration/security_filters | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/configuration/security_filters | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/security_filters | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/security_filters | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/security_filters | ## Get a security filter →{% #get-a-security-filter %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | ## Update a security filter →{% #update-a-security-filter %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------------------------------ | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | ## Delete a security filter →{% #delete-a-security-filter %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | DELETE https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | | ap2.datadoghq.com | DELETE https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | | app.datadoghq.eu | DELETE https://api.datadoghq.eu/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | | app.ddog-gov.com | DELETE https://api.ddog-gov.com/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | | us2.ddog-gov.com | DELETE https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | | app.datadoghq.com | DELETE https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | | us3.datadoghq.com | DELETE https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | | us5.datadoghq.com | DELETE https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/{security_filter_id} | ## Get all suppression rules →{% #get-all-suppression-rules %} | Datadog site | API endpoint | | ----------------- | --------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/suppressions | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/suppressions | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/configuration/suppressions | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/configuration/suppressions | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/suppressions | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/suppressions | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/suppressions | ## Create a suppression rule →{% #create-a-suppression-rule %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/suppressions | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/suppressions | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/configuration/suppressions | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/configuration/suppressions | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/suppressions | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/suppressions | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/suppressions | ## Get a suppression rule →{% #get-a-suppression-rule %} | Datadog site | API endpoint | | ----------------- | -------------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | ## Update a suppression rule →{% #update-a-suppression-rule %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | ## Delete a suppression rule →{% #delete-a-suppression-rule %} | Datadog site | API endpoint | | ----------------- | ----------------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | DELETE https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | | ap2.datadoghq.com | DELETE https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | | app.datadoghq.eu | DELETE https://api.datadoghq.eu/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | | app.ddog-gov.com | DELETE https://api.ddog-gov.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | | us2.ddog-gov.com | DELETE https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | | app.datadoghq.com | DELETE https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | | us3.datadoghq.com | DELETE https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | | us5.datadoghq.com | DELETE https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id} | ## Validate a suppression rule →{% #validate-a-suppression-rule %} | Datadog site | API endpoint | | ----------------- | --------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/validation | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/validation | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/configuration/suppressions/validation | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/configuration/suppressions/validation | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/suppressions/validation | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/validation | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/validation | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/validation | ## Get suppressions affecting future rule →{% #get-suppressions-affecting-future-rule %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/rules | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/rules | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/configuration/suppressions/rules | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/configuration/suppressions/rules | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/suppressions/rules | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/rules | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/rules | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/rules | ## Get suppressions affecting a specific rule →{% #get-suppressions-affecting-a-specific-rule %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/rules/{rule_id} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/rules/{rule_id} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/configuration/suppressions/rules/{rule_id} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/configuration/suppressions/rules/{rule_id} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/suppressions/rules/{rule_id} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/rules/{rule_id} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/rules/{rule_id} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/rules/{rule_id} | ## Get a suppression's version history →{% #get-a-suppressions-version-history %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------------------------------------ | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id}/version_history | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id}/version_history | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/configuration/suppressions/{suppression_id}/version_history | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id}/version_history | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id}/version_history | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id}/version_history | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id}/version_history | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/{suppression_id}/version_history | ## Get all critical assets →{% #get-all-critical-assets %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------ | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/configuration/critical_assets | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/configuration/critical_assets | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/critical_assets | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets | ## Create a critical asset →{% #create-a-critical-asset %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/configuration/critical_assets | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/configuration/critical_assets | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/critical_assets | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets | ## Get a critical asset →{% #get-a-critical-asset %} | Datadog site | API endpoint | | ----------------- | -------------------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | ## Update a critical asset →{% #update-a-critical-asset %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | ## Delete a critical asset →{% #delete-a-critical-asset %} | Datadog site | API endpoint | | ----------------- | ----------------------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | DELETE https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | | ap2.datadoghq.com | DELETE https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | | app.datadoghq.eu | DELETE https://api.datadoghq.eu/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | | app.ddog-gov.com | DELETE https://api.ddog-gov.com/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | | us2.ddog-gov.com | DELETE https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | | app.datadoghq.com | DELETE https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | | us3.datadoghq.com | DELETE https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | | us5.datadoghq.com | DELETE https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} | ## Get critical assets affecting a specific rule →{% #get-critical-assets-affecting-a-specific-rule %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/rules/{rule_id} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/rules/{rule_id} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/configuration/critical_assets/rules/{rule_id} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/configuration/critical_assets/rules/{rule_id} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/critical_assets/rules/{rule_id} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/rules/{rule_id} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/rules/{rule_id} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/rules/{rule_id} | ## Get content pack states → preview{% #get-content-pack-states %} | Datadog site | API endpoint | | ----------------- | --------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/content_packs/states | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/content_packs/states | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/content_packs/states | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/content_packs/states | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/content_packs/states | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/content_packs/states | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/content_packs/states | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/content_packs/states | ## Activate content pack → preview{% #activate-content-pack %} | Datadog site | API endpoint | | ----------------- | ----------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | PUT https://api.ap1.datadoghq.com/api/v2/security_monitoring/content_packs/{content_pack_id}/activate | | ap2.datadoghq.com | PUT https://api.ap2.datadoghq.com/api/v2/security_monitoring/content_packs/{content_pack_id}/activate | | app.datadoghq.eu | PUT https://api.datadoghq.eu/api/v2/security_monitoring/content_packs/{content_pack_id}/activate | | app.ddog-gov.com | PUT https://api.ddog-gov.com/api/v2/security_monitoring/content_packs/{content_pack_id}/activate | | us2.ddog-gov.com | PUT https://api.us2.ddog-gov.com/api/v2/security_monitoring/content_packs/{content_pack_id}/activate | | app.datadoghq.com | PUT https://api.datadoghq.com/api/v2/security_monitoring/content_packs/{content_pack_id}/activate | | us3.datadoghq.com | PUT https://api.us3.datadoghq.com/api/v2/security_monitoring/content_packs/{content_pack_id}/activate | | us5.datadoghq.com | PUT https://api.us5.datadoghq.com/api/v2/security_monitoring/content_packs/{content_pack_id}/activate | ## Deactivate content pack → preview{% #deactivate-content-pack %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | PUT https://api.ap1.datadoghq.com/api/v2/security_monitoring/content_packs/{content_pack_id}/deactivate | | ap2.datadoghq.com | PUT https://api.ap2.datadoghq.com/api/v2/security_monitoring/content_packs/{content_pack_id}/deactivate | | app.datadoghq.eu | PUT https://api.datadoghq.eu/api/v2/security_monitoring/content_packs/{content_pack_id}/deactivate | | app.ddog-gov.com | PUT https://api.ddog-gov.com/api/v2/security_monitoring/content_packs/{content_pack_id}/deactivate | | us2.ddog-gov.com | PUT https://api.us2.ddog-gov.com/api/v2/security_monitoring/content_packs/{content_pack_id}/deactivate | | app.datadoghq.com | PUT https://api.datadoghq.com/api/v2/security_monitoring/content_packs/{content_pack_id}/deactivate | | us3.datadoghq.com | PUT https://api.us3.datadoghq.com/api/v2/security_monitoring/content_packs/{content_pack_id}/deactivate | | us5.datadoghq.com | PUT https://api.us5.datadoghq.com/api/v2/security_monitoring/content_packs/{content_pack_id}/deactivate | ## List rules →{% #list-rules %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------ | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/rules | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/rules | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/rules | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/rules | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/rules | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/rules | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/rules | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/rules | ## Create a detection rule →{% #create-a-detection-rule %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/rules | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/rules | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/rules | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/rules | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/rules | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/rules | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/rules | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/rules | ## Get a rule's details →{% #get-a-rules-details %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/rules/{rule_id} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/rules/{rule_id} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/rules/{rule_id} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/rules/{rule_id} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/rules/{rule_id} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/rules/{rule_id} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/rules/{rule_id} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/rules/{rule_id} | ## Update an existing rule →{% #update-an-existing-rule %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------- | | ap1.datadoghq.com | PUT https://api.ap1.datadoghq.com/api/v2/security_monitoring/rules/{rule_id} | | ap2.datadoghq.com | PUT https://api.ap2.datadoghq.com/api/v2/security_monitoring/rules/{rule_id} | | app.datadoghq.eu | PUT https://api.datadoghq.eu/api/v2/security_monitoring/rules/{rule_id} | | app.ddog-gov.com | PUT https://api.ddog-gov.com/api/v2/security_monitoring/rules/{rule_id} | | us2.ddog-gov.com | PUT https://api.us2.ddog-gov.com/api/v2/security_monitoring/rules/{rule_id} | | app.datadoghq.com | PUT https://api.datadoghq.com/api/v2/security_monitoring/rules/{rule_id} | | us3.datadoghq.com | PUT https://api.us3.datadoghq.com/api/v2/security_monitoring/rules/{rule_id} | | us5.datadoghq.com | PUT https://api.us5.datadoghq.com/api/v2/security_monitoring/rules/{rule_id} | ## Delete an existing rule →{% #delete-an-existing-rule %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------- | | ap1.datadoghq.com | DELETE https://api.ap1.datadoghq.com/api/v2/security_monitoring/rules/{rule_id} | | ap2.datadoghq.com | DELETE https://api.ap2.datadoghq.com/api/v2/security_monitoring/rules/{rule_id} | | app.datadoghq.eu | DELETE https://api.datadoghq.eu/api/v2/security_monitoring/rules/{rule_id} | | app.ddog-gov.com | DELETE https://api.ddog-gov.com/api/v2/security_monitoring/rules/{rule_id} | | us2.ddog-gov.com | DELETE https://api.us2.ddog-gov.com/api/v2/security_monitoring/rules/{rule_id} | | app.datadoghq.com | DELETE https://api.datadoghq.com/api/v2/security_monitoring/rules/{rule_id} | | us3.datadoghq.com | DELETE https://api.us3.datadoghq.com/api/v2/security_monitoring/rules/{rule_id} | | us5.datadoghq.com | DELETE https://api.us5.datadoghq.com/api/v2/security_monitoring/rules/{rule_id} | ## Test an existing rule →{% #test-an-existing-rule %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/rules/{rule_id}/test | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/rules/{rule_id}/test | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/rules/{rule_id}/test | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/rules/{rule_id}/test | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/rules/{rule_id}/test | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/rules/{rule_id}/test | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/rules/{rule_id}/test | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/rules/{rule_id}/test | ## Test a rule →{% #test-a-rule %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------ | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/rules/test | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/rules/test | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/rules/test | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/rules/test | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/rules/test | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/rules/test | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/rules/test | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/rules/test | ## Validate a detection rule →{% #validate-a-detection-rule %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------ | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/rules/validation | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/rules/validation | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/rules/validation | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/rules/validation | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/rules/validation | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/rules/validation | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/rules/validation | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/rules/validation | ## Convert an existing rule from JSON to Terraform →{% #convert-an-existing-rule-from-json-to-terraform %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------ | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/rules/{rule_id}/convert | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/rules/{rule_id}/convert | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/rules/{rule_id}/convert | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/rules/{rule_id}/convert | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/rules/{rule_id}/convert | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/rules/{rule_id}/convert | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/rules/{rule_id}/convert | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/rules/{rule_id}/convert | ## Convert a rule from JSON to Terraform →{% #convert-a-rule-from-json-to-terraform %} | Datadog site | API endpoint | | ----------------- | --------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/rules/convert | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/rules/convert | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/rules/convert | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/rules/convert | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/rules/convert | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/rules/convert | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/rules/convert | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/rules/convert | ## Bulk export security monitoring rules →{% #bulk-export-security-monitoring-rules %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/rules/bulk_export | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/rules/bulk_export | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/rules/bulk_export | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/rules/bulk_export | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/rules/bulk_export | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/rules/bulk_export | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/rules/bulk_export | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/rules/bulk_export | ## Get a rule's version history → preview{% #get-a-rules-version-history %} | Datadog site | API endpoint | | ----------------- | -------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/rules/{rule_id}/version_history | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/rules/{rule_id}/version_history | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/rules/{rule_id}/version_history | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/rules/{rule_id}/version_history | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/rules/{rule_id}/version_history | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/rules/{rule_id}/version_history | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/rules/{rule_id}/version_history | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/rules/{rule_id}/version_history | ## Run a historical job → preview{% #run-a-historical-job %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/siem-historical-detections/jobs | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/siem-historical-detections/jobs | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/siem-historical-detections/jobs | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/siem-historical-detections/jobs | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/siem-historical-detections/jobs | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/siem-historical-detections/jobs | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/siem-historical-detections/jobs | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/siem-historical-detections/jobs | ## List historical jobs → preview{% #list-historical-jobs %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------ | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/siem-historical-detections/jobs | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/siem-historical-detections/jobs | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/siem-historical-detections/jobs | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/siem-historical-detections/jobs | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/siem-historical-detections/jobs | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/siem-historical-detections/jobs | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/siem-historical-detections/jobs | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/siem-historical-detections/jobs | ## Get a job's details → preview{% #get-a-jobs-details %} | Datadog site | API endpoint | | ----------------- | --------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/siem-historical-detections/jobs/{job_id} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/siem-historical-detections/jobs/{job_id} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/siem-historical-detections/jobs/{job_id} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/siem-historical-detections/jobs/{job_id} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/siem-historical-detections/jobs/{job_id} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/{job_id} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/siem-historical-detections/jobs/{job_id} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/siem-historical-detections/jobs/{job_id} | ## Delete an existing job → preview{% #delete-an-existing-job %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------ | | ap1.datadoghq.com | DELETE https://api.ap1.datadoghq.com/api/v2/siem-historical-detections/jobs/{job_id} | | ap2.datadoghq.com | DELETE https://api.ap2.datadoghq.com/api/v2/siem-historical-detections/jobs/{job_id} | | app.datadoghq.eu | DELETE https://api.datadoghq.eu/api/v2/siem-historical-detections/jobs/{job_id} | | app.ddog-gov.com | DELETE https://api.ddog-gov.com/api/v2/siem-historical-detections/jobs/{job_id} | | us2.ddog-gov.com | DELETE https://api.us2.ddog-gov.com/api/v2/siem-historical-detections/jobs/{job_id} | | app.datadoghq.com | DELETE https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/{job_id} | | us3.datadoghq.com | DELETE https://api.us3.datadoghq.com/api/v2/siem-historical-detections/jobs/{job_id} | | us5.datadoghq.com | DELETE https://api.us5.datadoghq.com/api/v2/siem-historical-detections/jobs/{job_id} | ## Cancel a historical job → preview{% #cancel-a-historical-job %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------ | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/siem-historical-detections/jobs/{job_id}/cancel | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/siem-historical-detections/jobs/{job_id}/cancel | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/siem-historical-detections/jobs/{job_id}/cancel | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/siem-historical-detections/jobs/{job_id}/cancel | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/siem-historical-detections/jobs/{job_id}/cancel | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/{job_id}/cancel | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/siem-historical-detections/jobs/{job_id}/cancel | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/siem-historical-detections/jobs/{job_id}/cancel | ## Convert a job result to a signal → preview{% #convert-a-job-result-to-a-signal %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/siem-historical-detections/jobs/signal_convert | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/siem-historical-detections/jobs/signal_convert | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/siem-historical-detections/jobs/signal_convert | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/siem-historical-detections/jobs/signal_convert | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/siem-historical-detections/jobs/signal_convert | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/signal_convert | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/siem-historical-detections/jobs/signal_convert | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/siem-historical-detections/jobs/signal_convert | ## Get a job's hist signals → preview{% #get-a-jobs-hist-signals %} | Datadog site | API endpoint | | ----------------- | --------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/siem-historical-detections/jobs/{job_id}/histsignals | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/siem-historical-detections/jobs/{job_id}/histsignals | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/siem-historical-detections/jobs/{job_id}/histsignals | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/siem-historical-detections/jobs/{job_id}/histsignals | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/siem-historical-detections/jobs/{job_id}/histsignals | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/{job_id}/histsignals | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/siem-historical-detections/jobs/{job_id}/histsignals | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/siem-historical-detections/jobs/{job_id}/histsignals | ## List hist signals → preview{% #list-hist-signals %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/siem-historical-detections/histsignals | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/siem-historical-detections/histsignals | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/siem-historical-detections/histsignals | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/siem-historical-detections/histsignals | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/siem-historical-detections/histsignals | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/siem-historical-detections/histsignals | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/siem-historical-detections/histsignals | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/siem-historical-detections/histsignals | ## Get a hist signal's details → preview{% #get-a-hist-signals-details %} | Datadog site | API endpoint | | ----------------- | ----------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/siem-historical-detections/histsignals/{histsignal_id} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/siem-historical-detections/histsignals/{histsignal_id} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/siem-historical-detections/histsignals/{histsignal_id} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/siem-historical-detections/histsignals/{histsignal_id} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/siem-historical-detections/histsignals/{histsignal_id} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/siem-historical-detections/histsignals/{histsignal_id} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/siem-historical-detections/histsignals/{histsignal_id} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/siem-historical-detections/histsignals/{histsignal_id} | ## Search hist signals → preview{% #search-hist-signals %} | Datadog site | API endpoint | | ----------------- | --------------------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/siem-historical-detections/histsignals/search | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/siem-historical-detections/histsignals/search | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/siem-historical-detections/histsignals/search | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/siem-historical-detections/histsignals/search | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/siem-historical-detections/histsignals/search | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/siem-historical-detections/histsignals/search | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/siem-historical-detections/histsignals/search | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/siem-historical-detections/histsignals/search | ## Get a list of security signals →{% #get-a-list-of-security-signals %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/signals/search | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/signals/search | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/signals/search | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/signals/search | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/signals/search | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/signals/search | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/signals/search | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/signals/search | ## Get a quick list of security signals →{% #get-a-quick-list-of-security-signals %} | Datadog site | API endpoint | | ----------------- | -------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/signals | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/signals | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/signals | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/signals | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/signals | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/signals | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/signals | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/signals | ## Get a signal's details →{% #get-a-signals-details %} | Datadog site | API endpoint | | ----------------- | -------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/signals/{signal_id} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/signals/{signal_id} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/signals/{signal_id} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/signals/{signal_id} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/signals/{signal_id} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/signals/{signal_id} | ## Change the related incidents of a security signal →{% #change-the-related-incidents-of-a-security-signal %} | Datadog site | API endpoint | | ----------------- | -------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/incidents | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/incidents | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/security_monitoring/signals/{signal_id}/incidents | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id}/incidents | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id}/incidents | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/incidents | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/incidents | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/incidents | ## Returns a list of Secrets rules → preview{% #returns-a-list-of-secrets-rules %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/static-analysis/secrets/rules | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/static-analysis/secrets/rules | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/static-analysis/secrets/rules | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/static-analysis/secrets/rules | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/static-analysis/secrets/rules | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/static-analysis/secrets/rules | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/static-analysis/secrets/rules | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/static-analysis/secrets/rules | ## Ruleset get multiple → preview{% #ruleset-get-multiple %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------ | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/static-analysis/rulesets | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/static-analysis/rulesets | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/static-analysis/rulesets | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/static-analysis/rulesets | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/static-analysis/rulesets | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/static-analysis/rulesets | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/static-analysis/rulesets | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/static-analysis/rulesets | ## List vulnerabilities → deprecated preview{% #list-vulnerabilities %} | Datadog site | API endpoint | | ----------------- | ----------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security/vulnerabilities | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security/vulnerabilities | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security/vulnerabilities | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security/vulnerabilities | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security/vulnerabilities | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security/vulnerabilities | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security/vulnerabilities | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security/vulnerabilities | ## List vulnerable assets → preview{% #list-vulnerable-assets %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security/vulnerable-assets | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security/vulnerable-assets | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security/vulnerable-assets | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security/vulnerable-assets | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security/vulnerable-assets | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security/vulnerable-assets | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security/vulnerable-assets | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security/vulnerable-assets | ## Get SBOM →{% #get-sbom %} | Datadog site | API endpoint | | ----------------- | -------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security/sboms/{asset_type} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security/sboms/{asset_type} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security/sboms/{asset_type} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security/sboms/{asset_type} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security/sboms/{asset_type} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security/sboms/{asset_type} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security/sboms/{asset_type} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security/sboms/{asset_type} | ## List assets SBOMs →{% #list-assets-sboms %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security/sboms | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security/sboms | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security/sboms | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security/sboms | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security/sboms | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security/sboms | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security/sboms | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security/sboms | ## List scanned assets metadata → preview{% #list-scanned-assets-metadata %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security/scanned-assets-metadata | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security/scanned-assets-metadata | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security/scanned-assets-metadata | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security/scanned-assets-metadata | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security/scanned-assets-metadata | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security/scanned-assets-metadata | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security/scanned-assets-metadata | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security/scanned-assets-metadata | ## Bulk update triage state of security signals →{% #bulk-update-triage-state-of-security-signals %} | Datadog site | API endpoint | | ----------------- | --------------------------------------------------------------------------------- | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/security_monitoring/signals/bulk/state | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/security_monitoring/signals/bulk/state | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/security_monitoring/signals/bulk/state | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/security_monitoring/signals/bulk/state | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/security_monitoring/signals/bulk/state | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/security_monitoring/signals/bulk/state | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/security_monitoring/signals/bulk/state | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/security_monitoring/signals/bulk/state | ## Bulk update triage assignee of security signals →{% #bulk-update-triage-assignee-of-security-signals %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------ | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/security_monitoring/signals/bulk/assignee | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/security_monitoring/signals/bulk/assignee | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/security_monitoring/signals/bulk/assignee | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/security_monitoring/signals/bulk/assignee | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/security_monitoring/signals/bulk/assignee | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/security_monitoring/signals/bulk/assignee | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/security_monitoring/signals/bulk/assignee | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/security_monitoring/signals/bulk/assignee | ## Get investigation queries for a signal →{% #get-investigation-queries-for-a-signal %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------------------ | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/investigation_queries | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/investigation_queries | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/signals/{signal_id}/investigation_queries | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id}/investigation_queries | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id}/investigation_queries | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/investigation_queries | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/investigation_queries | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/investigation_queries | ## Get suggested actions for a signal →{% #get-suggested-actions-for-a-signal %} | Datadog site | API endpoint | | ----------------- | -------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/suggested_actions | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/suggested_actions | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/signals/{signal_id}/suggested_actions | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id}/suggested_actions | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id}/suggested_actions | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/suggested_actions | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/suggested_actions | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/suggested_actions | ## List indicators of compromise → preview{% #list-indicators-of-compromise %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security/siem/ioc-explorer | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security/siem/ioc-explorer | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security/siem/ioc-explorer | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security/siem/ioc-explorer | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security/siem/ioc-explorer | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security/siem/ioc-explorer | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security/siem/ioc-explorer | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security/siem/ioc-explorer | ## Get an indicator of compromise → preview{% #get-an-indicator-of-compromise %} | Datadog site | API endpoint | | ----------------- | ----------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security/siem/ioc-explorer/indicator | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security/siem/ioc-explorer/indicator | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security/siem/ioc-explorer/indicator | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security/siem/ioc-explorer/indicator | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security/siem/ioc-explorer/indicator | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security/siem/ioc-explorer/indicator | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security/siem/ioc-explorer/indicator | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security/siem/ioc-explorer/indicator | ## Export security monitoring resource to Terraform → preview{% #export-security-monitoring-resource-to-terraform %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/terraform/{resource_type}/{resource_id} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/terraform/{resource_type}/{resource_id} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/terraform/{resource_type}/{resource_id} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/terraform/{resource_type}/{resource_id} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/terraform/{resource_type}/{resource_id} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/terraform/{resource_type}/{resource_id} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/terraform/{resource_type}/{resource_id} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/terraform/{resource_type}/{resource_id} | ## Export security monitoring resources to Terraform → preview{% #export-security-monitoring-resources-to-terraform %} | Datadog site | API endpoint | | ----------------- | -------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/terraform/{resource_type}/bulk | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/terraform/{resource_type}/bulk | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/terraform/{resource_type}/bulk | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/terraform/{resource_type}/bulk | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/terraform/{resource_type}/bulk | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/terraform/{resource_type}/bulk | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/terraform/{resource_type}/bulk | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/terraform/{resource_type}/bulk | ## Convert security monitoring resource to Terraform → preview{% #convert-security-monitoring-resource-to-terraform %} | Datadog site | API endpoint | | ----------------- | ----------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/terraform/{resource_type}/convert | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/terraform/{resource_type}/convert | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/terraform/{resource_type}/convert | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/terraform/{resource_type}/convert | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/terraform/{resource_type}/convert | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/terraform/{resource_type}/convert | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/terraform/{resource_type}/convert | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/terraform/{resource_type}/convert | ## Update security signal triage state or assignee →{% #update-security-signal-triage-state-or-assignee %} | Datadog site | API endpoint | | ----------------- | ----------------------------------------------------------------------------------------- | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/update | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/update | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/security_monitoring/signals/{signal_id}/update | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id}/update | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id}/update | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/update | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/update | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/update | ## Bulk update security signals →{% #bulk-update-security-signals %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------------- | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/security_monitoring/signals/bulk/update | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/security_monitoring/signals/bulk/update | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/security_monitoring/signals/bulk/update | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/security_monitoring/signals/bulk/update | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/security_monitoring/signals/bulk/update | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/security_monitoring/signals/bulk/update | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/security_monitoring/signals/bulk/update | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/security_monitoring/signals/bulk/update | ## Bulk delete security monitoring rules →{% #bulk-delete-security-monitoring-rules %} | Datadog site | API endpoint | | ----------------- | --------------------------------------------------------------------------------- | | ap1.datadoghq.com | DELETE https://api.ap1.datadoghq.com/api/v2/security_monitoring/rules/bulk_delete | | ap2.datadoghq.com | DELETE https://api.ap2.datadoghq.com/api/v2/security_monitoring/rules/bulk_delete | | app.datadoghq.eu | DELETE https://api.datadoghq.eu/api/v2/security_monitoring/rules/bulk_delete | | app.ddog-gov.com | DELETE https://api.ddog-gov.com/api/v2/security_monitoring/rules/bulk_delete | | us2.ddog-gov.com | DELETE https://api.us2.ddog-gov.com/api/v2/security_monitoring/rules/bulk_delete | | app.datadoghq.com | DELETE https://api.datadoghq.com/api/v2/security_monitoring/rules/bulk_delete | | us3.datadoghq.com | DELETE https://api.us3.datadoghq.com/api/v2/security_monitoring/rules/bulk_delete | | us5.datadoghq.com | DELETE https://api.us5.datadoghq.com/api/v2/security_monitoring/rules/bulk_delete | ## Get entities related to a signal → preview{% #get-entities-related-to-a-signal %} | Datadog site | API endpoint | | ----------------- | ----------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/entities | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/entities | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/signals/{signal_id}/entities | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id}/entities | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id}/entities | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/entities | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/entities | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/entities | ## Get the version history of security filters →{% #get-the-version-history-of-security-filters %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/versions | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/versions | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/configuration/security_filters/versions | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/configuration/security_filters/versions | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/security_filters/versions | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/versions | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/versions | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/versions | ## List entity context sync configurations → preview{% #list-entity-context-sync-configurations %} | Datadog site | API endpoint | | ----------------- | --------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/integration_config | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/integration_config | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/configuration/integration_config | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/configuration/integration_config | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/integration_config | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/configuration/integration_config | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/integration_config | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/integration_config | ## Create an entity context sync configuration → preview{% #create-an-entity-context-sync-configuration %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/integration_config | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/integration_config | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/configuration/integration_config | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/configuration/integration_config | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/integration_config | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/configuration/integration_config | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/integration_config | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/integration_config | ## Get an entity context sync configuration → preview{% #get-an-entity-context-sync-configuration %} | Datadog site | API endpoint | | ----------------- | --------------------------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | ## Update an entity context sync configuration → preview{% #update-an-entity-context-sync-configuration %} | Datadog site | API endpoint | | ----------------- | ----------------------------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | ## Delete an entity context sync configuration → preview{% #delete-an-entity-context-sync-configuration %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------------------------------------ | | ap1.datadoghq.com | DELETE https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | | ap2.datadoghq.com | DELETE https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | | app.datadoghq.eu | DELETE https://api.datadoghq.eu/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | | app.ddog-gov.com | DELETE https://api.ddog-gov.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | | us2.ddog-gov.com | DELETE https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | | app.datadoghq.com | DELETE https://api.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | | us3.datadoghq.com | DELETE https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | | us5.datadoghq.com | DELETE https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id} | ## Validate entity context sync credentials → preview{% #validate-entity-context-sync-credentials %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/validate | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/validate | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/configuration/integration_config/validate | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/configuration/integration_config/validate | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/integration_config/validate | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/validate | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/validate | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/validate | ## Validate an entity context sync configuration → preview{% #validate-an-entity-context-sync-configuration %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id}/validate | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id}/validate | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/configuration/integration_config/{integration_config_id}/validate | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id}/validate | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id}/validate | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id}/validate | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id}/validate | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/integration_config/{integration_config_id}/validate | ## Get sample log generation subscriptions → preview{% #get-sample-log-generation-subscriptions %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------------ | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/sample_log_generation/subscriptions | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/sample_log_generation/subscriptions | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/sample_log_generation/subscriptions | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/sample_log_generation/subscriptions | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/sample_log_generation/subscriptions | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/sample_log_generation/subscriptions | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/sample_log_generation/subscriptions | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/sample_log_generation/subscriptions | ## Subscribe to sample log generation → preview{% #subscribe-to-sample-log-generation %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/sample_log_generation/subscriptions | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/sample_log_generation/subscriptions | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/sample_log_generation/subscriptions | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/sample_log_generation/subscriptions | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/sample_log_generation/subscriptions | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/sample_log_generation/subscriptions | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/sample_log_generation/subscriptions | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/sample_log_generation/subscriptions | ## Bulk subscribe to sample log generation → preview{% #bulk-subscribe-to-sample-log-generation %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------------------ | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/sample_log_generation/subscriptions/bulk | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/sample_log_generation/subscriptions/bulk | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/sample_log_generation/subscriptions/bulk | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/sample_log_generation/subscriptions/bulk | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/sample_log_generation/subscriptions/bulk | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/sample_log_generation/subscriptions/bulk | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/sample_log_generation/subscriptions/bulk | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/sample_log_generation/subscriptions/bulk | ## Unsubscribe from sample log generation → preview{% #unsubscribe-from-sample-log-generation %} | Datadog site | API endpoint | | ----------------- | --------------------------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | DELETE https://api.ap1.datadoghq.com/api/v2/security_monitoring/sample_log_generation/subscriptions/{content_pack_id} | | ap2.datadoghq.com | DELETE https://api.ap2.datadoghq.com/api/v2/security_monitoring/sample_log_generation/subscriptions/{content_pack_id} | | app.datadoghq.eu | DELETE https://api.datadoghq.eu/api/v2/security_monitoring/sample_log_generation/subscriptions/{content_pack_id} | | app.ddog-gov.com | DELETE https://api.ddog-gov.com/api/v2/security_monitoring/sample_log_generation/subscriptions/{content_pack_id} | | us2.ddog-gov.com | DELETE https://api.us2.ddog-gov.com/api/v2/security_monitoring/sample_log_generation/subscriptions/{content_pack_id} | | app.datadoghq.com | DELETE https://api.datadoghq.com/api/v2/security_monitoring/sample_log_generation/subscriptions/{content_pack_id} | | us3.datadoghq.com | DELETE https://api.us3.datadoghq.com/api/v2/security_monitoring/sample_log_generation/subscriptions/{content_pack_id} | | us5.datadoghq.com | DELETE https://api.us5.datadoghq.com/api/v2/security_monitoring/sample_log_generation/subscriptions/{content_pack_id} | ## Get entity context → preview{% #get-entity-context %} | Datadog site | API endpoint | | ----------------- | --------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/entity_context | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/entity_context | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/entity_context | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/entity_context | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/entity_context | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/entity_context | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/entity_context | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/entity_context | ## Get a SAST ruleset → preview{% #get-a-sast-ruleset %} | Datadog site | API endpoint | | ----------------- | -------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/static-analysis/rulesets/{ruleset_name} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/static-analysis/rulesets/{ruleset_name} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/static-analysis/rulesets/{ruleset_name} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/static-analysis/rulesets/{ruleset_name} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/static-analysis/rulesets/{ruleset_name} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/static-analysis/rulesets/{ruleset_name} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/static-analysis/rulesets/{ruleset_name} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/static-analysis/rulesets/{ruleset_name} | ## List codegen rulesets → preview{% #list-codegen-rulesets %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/static-analysis/codegen/rulesets | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/static-analysis/codegen/rulesets | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/static-analysis/codegen/rulesets | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/static-analysis/codegen/rulesets | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/static-analysis/codegen/rulesets | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/static-analysis/codegen/rulesets | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/static-analysis/codegen/rulesets | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/static-analysis/codegen/rulesets | ## Get default rulesets for a language → preview{% #get-default-rulesets-for-a-language %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------ | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/static-analysis/default-rulesets/{language} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/static-analysis/default-rulesets/{language} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/static-analysis/default-rulesets/{language} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/static-analysis/default-rulesets/{language} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/static-analysis/default-rulesets/{language} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/static-analysis/default-rulesets/{language} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/static-analysis/default-rulesets/{language} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/static-analysis/default-rulesets/{language} | ## Analyze code → preview{% #analyze-code %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/static-analysis/static-analysis-server/analyze | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/static-analysis/static-analysis-server/analyze | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/static-analysis/static-analysis-server/analyze | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/static-analysis/static-analysis-server/analyze | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/static-analysis/static-analysis-server/analyze | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/static-analysis/static-analysis-server/analyze | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/static-analysis/static-analysis-server/analyze | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/static-analysis/static-analysis-server/analyze | ## Get AST for source code → preview{% #get-ast-for-source-code %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/static-analysis/static-analysis-server/get-ast | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/static-analysis/static-analysis-server/get-ast | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/static-analysis/static-analysis-server/get-ast | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/static-analysis/static-analysis-server/get-ast | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/static-analysis/static-analysis-server/get-ast | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/static-analysis/static-analysis-server/get-ast | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/static-analysis/static-analysis-server/get-ast | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/static-analysis/static-analysis-server/get-ast | ## Get tree-sitter WASM file → preview{% #get-tree-sitter-wasm-file %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/static-analysis/static-analysis-server/tree-sitter-wasm/{file} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/static-analysis/static-analysis-server/tree-sitter-wasm/{file} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/static-analysis/static-analysis-server/tree-sitter-wasm/{file} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/static-analysis/static-analysis-server/tree-sitter-wasm/{file} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/static-analysis/static-analysis-server/tree-sitter-wasm/{file} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/static-analysis/static-analysis-server/tree-sitter-wasm/{file} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/static-analysis/static-analysis-server/tree-sitter-wasm/{file} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/static-analysis/static-analysis-server/tree-sitter-wasm/{file} | ## Get node types for a language → preview{% #get-node-types-for-a-language %} | Datadog site | API endpoint | | ----------------- | ----------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/static-analysis/static-analysis-server/node-types/{language} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/static-analysis/static-analysis-server/node-types/{language} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/static-analysis/static-analysis-server/node-types/{language} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/static-analysis/static-analysis-server/node-types/{language} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/static-analysis/static-analysis-server/node-types/{language} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/static-analysis/static-analysis-server/node-types/{language} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/static-analysis/static-analysis-server/node-types/{language} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/static-analysis/static-analysis-server/node-types/{language} | ## List datasets → preview{% #list-datasets %} | Datadog site | API endpoint | | ----------------- | --------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/datasets | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/datasets | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/datasets | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/datasets | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/datasets | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/datasets | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/datasets | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/datasets | ## Create a dataset → preview{% #create-a-dataset %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/datasets | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/datasets | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/datasets | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/datasets | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/datasets | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/datasets | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/datasets | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/datasets | ## Get dataset dependencies → preview{% #get-dataset-dependencies %} | Datadog site | API endpoint | | ----------------- | ----------------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/datasets/dependencies | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/datasets/dependencies | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/datasets/dependencies | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/datasets/dependencies | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/datasets/dependencies | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/datasets/dependencies | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/datasets/dependencies | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/datasets/dependencies | ## Get a dataset → preview{% #get-a-dataset %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/datasets/{dataset_id} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/datasets/{dataset_id} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/datasets/{dataset_id} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id} | ## Update a dataset → preview{% #update-a-dataset %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------ | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id} | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id} | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/security_monitoring/datasets/{dataset_id} | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/security_monitoring/datasets/{dataset_id} | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/security_monitoring/datasets/{dataset_id} | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id} | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id} | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id} | ## Delete a dataset → preview{% #delete-a-dataset %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------------- | | ap1.datadoghq.com | DELETE https://api.ap1.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id} | | ap2.datadoghq.com | DELETE https://api.ap2.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id} | | app.datadoghq.eu | DELETE https://api.datadoghq.eu/api/v2/security_monitoring/datasets/{dataset_id} | | app.ddog-gov.com | DELETE https://api.ddog-gov.com/api/v2/security_monitoring/datasets/{dataset_id} | | us2.ddog-gov.com | DELETE https://api.us2.ddog-gov.com/api/v2/security_monitoring/datasets/{dataset_id} | | app.datadoghq.com | DELETE https://api.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id} | | us3.datadoghq.com | DELETE https://api.us3.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id} | | us5.datadoghq.com | DELETE https://api.us5.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id} | ## Get a dataset at a specific version → preview{% #get-a-dataset-at-a-specific-version %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id}/version/{version} | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id}/version/{version} | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/datasets/{dataset_id}/version/{version} | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/datasets/{dataset_id}/version/{version} | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/datasets/{dataset_id}/version/{version} | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id}/version/{version} | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id}/version/{version} | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id}/version/{version} | ## Get the version history of a dataset → preview{% #get-the-version-history-of-a-dataset %} | Datadog site | API endpoint | | ----------------- | -------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id}/version_history | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id}/version_history | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/datasets/{dataset_id}/version_history | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/datasets/{dataset_id}/version_history | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/datasets/{dataset_id}/version_history | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id}/version_history | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id}/version_history | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/datasets/{dataset_id}/version_history | ## Bulk convert rules to Terraform →{% #bulk-convert-rules-to-terraform %} | Datadog site | API endpoint | | ----------------- | -------------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security_monitoring/rules/convert/bulk | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security_monitoring/rules/convert/bulk | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security_monitoring/rules/convert/bulk | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security_monitoring/rules/convert/bulk | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security_monitoring/rules/convert/bulk | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security_monitoring/rules/convert/bulk | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security_monitoring/rules/convert/bulk | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security_monitoring/rules/convert/bulk | ## Assign or unassign security findings → preview{% #assign-or-unassign-security-findings %} | Datadog site | API endpoint | | ----------------- | --------------------------------------------------------------------- | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/security/findings/assignee | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/security/findings/assignee | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/security/findings/assignee | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/security/findings/assignee | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/security/findings/assignee | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/security/findings/assignee | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/security/findings/assignee | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/security/findings/assignee | ## Create ServiceNow tickets for security findings → preview{% #create-servicenow-tickets-for-security-findings %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------ | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/security/findings/servicenow_tickets | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/security/findings/servicenow_tickets | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/security/findings/servicenow_tickets | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/security/findings/servicenow_tickets | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/security/findings/servicenow_tickets | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/security/findings/servicenow_tickets | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/security/findings/servicenow_tickets | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/security/findings/servicenow_tickets | ## Attach security findings to a ServiceNow ticket → preview{% #attach-security-findings-to-a-servicenow-ticket %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------------- | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/security/findings/servicenow_tickets | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/security/findings/servicenow_tickets | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/security/findings/servicenow_tickets | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/security/findings/servicenow_tickets | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/security/findings/servicenow_tickets | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/security/findings/servicenow_tickets | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/security/findings/servicenow_tickets | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/security/findings/servicenow_tickets |