Object containing the attributes of the critical asset to be created.
enabled
boolean
Whether the critical asset is enabled. Defaults to true if not specified.
default: true
query [required]
string
The query for the critical asset. It uses the same syntax as the queries to search signals in the Signals Explorer.
rule_query [required]
string
The rule query of the critical asset, with the same syntax as the search bar for detection rules. This determines which rules this critical asset will apply to.
severity [required]
enum
Severity associated with this critical asset. Either an explicit severity can be set, or the severity can be increased or decreased, or the severity can be left unchanged (no-op).
Allowed enum values: info,low,medium,high,critical,increase,decrease,no-op
tags
[string]
List of tags associated with the critical asset.
type [required]
enum
The type of the resource. The value should always be critical_assets.
Allowed enum values: critical_assets
default: critical_assets
{"data":{"type":"critical_assets","attributes":{"query":"host:examplesecuritymonitoring","rule_query":"type:(log_detection OR signal_correlation OR workload_security OR application_security) source:cloudtrail","severity":"decrease","tags":["team:security","env:test"]}}}
Response object containing a single critical asset.
Expand All
Field
Type
Description
data
object
The critical asset's properties.
attributes
object
The attributes of the critical asset.
creation_author_id
int64
ID of user who created the critical asset.
creation_date
int64
A Unix millisecond timestamp given the creation date of the critical asset.
creator
object
A user.
handle
string
The handle of the user.
name
string
The name of the user.
enabled
boolean
Whether the critical asset is enabled.
query
string
The query for the critical asset. It uses the same syntax as the queries to search signals in the Signals Explorer.
rule_query
string
The rule query of the critical asset, with the same syntax as the search bar for detection rules. This determines which rules this critical asset will apply to.
severity
enum
Severity associated with this critical asset. Either an explicit severity can be set, or the severity can be increased or decreased, or the severity can be left unchanged (no-op).
Allowed enum values: info,low,medium,high,critical,increase,decrease,no-op
tags
[string]
List of tags associated with the critical asset.
update_author_id
int64
ID of user who updated the critical asset.
update_date
int64
A Unix millisecond timestamp given the update date of the critical asset.
updater
object
A user.
handle
string
The handle of the user.
name
string
The name of the user.
version
int32
The version of the critical asset; it starts at 1, and is incremented at each update.
id
string
The ID of the critical asset.
type
enum
The type of the resource. The value should always be critical_assets.
Allowed enum values: critical_assets
// Create a critical asset returns "OK" responsepackagemainimport("context""encoding/json""fmt""os""github.com/DataDog/datadog-api-client-go/v2/api/datadog""github.com/DataDog/datadog-api-client-go/v2/api/datadogV2")funcmain(){body:=datadogV2.SecurityMonitoringCriticalAssetCreateRequest{Data:datadogV2.SecurityMonitoringCriticalAssetCreateData{Type:datadogV2.SECURITYMONITORINGCRITICALASSETTYPE_CRITICAL_ASSETS,Attributes:datadogV2.SecurityMonitoringCriticalAssetCreateAttributes{Query:"host:examplesecuritymonitoring",RuleQuery:"type:(log_detection OR signal_correlation OR workload_security OR application_security) source:cloudtrail",Severity:datadogV2.SECURITYMONITORINGCRITICALASSETSEVERITY_DECREASE,Tags:[]string{"team:security","env:test",},},},}ctx:=datadog.NewDefaultContext(context.Background())configuration:=datadog.NewConfiguration()apiClient:=datadog.NewAPIClient(configuration)api:=datadogV2.NewSecurityMonitoringApi(apiClient)resp,r,err:=api.CreateSecurityMonitoringCriticalAsset(ctx,body)iferr!=nil{fmt.Fprintf(os.Stderr,"Error when calling `SecurityMonitoringApi.CreateSecurityMonitoringCriticalAsset`: %v\n",err)fmt.Fprintf(os.Stderr,"Full HTTP response: %v\n",r)}responseContent,_:=json.MarshalIndent(resp,""," ")fmt.Fprintf(os.Stdout,"Response from `SecurityMonitoringApi.CreateSecurityMonitoringCriticalAsset`:\n%s\n",responseContent)}
"""
Create a critical asset returns "OK" response
"""fromdatadog_api_clientimportApiClient,Configurationfromdatadog_api_client.v2.api.security_monitoring_apiimportSecurityMonitoringApifromdatadog_api_client.v2.model.security_monitoring_critical_asset_create_attributesimport(SecurityMonitoringCriticalAssetCreateAttributes,)fromdatadog_api_client.v2.model.security_monitoring_critical_asset_create_dataimport(SecurityMonitoringCriticalAssetCreateData,)fromdatadog_api_client.v2.model.security_monitoring_critical_asset_create_requestimport(SecurityMonitoringCriticalAssetCreateRequest,)fromdatadog_api_client.v2.model.security_monitoring_critical_asset_severityimport(SecurityMonitoringCriticalAssetSeverity,)fromdatadog_api_client.v2.model.security_monitoring_critical_asset_typeimportSecurityMonitoringCriticalAssetTypebody=SecurityMonitoringCriticalAssetCreateRequest(data=SecurityMonitoringCriticalAssetCreateData(type=SecurityMonitoringCriticalAssetType.CRITICAL_ASSETS,attributes=SecurityMonitoringCriticalAssetCreateAttributes(query="host:examplesecuritymonitoring",rule_query="type:(log_detection OR signal_correlation OR workload_security OR application_security) source:cloudtrail",severity=SecurityMonitoringCriticalAssetSeverity.DECREASE,tags=["team:security","env:test",],),),)configuration=Configuration()withApiClient(configuration)asapi_client:api_instance=SecurityMonitoringApi(api_client)response=api_instance.create_security_monitoring_critical_asset(body=body)print(response)
# Create a critical asset returns "OK" responserequire"datadog_api_client"api_instance=DatadogAPIClient::V2::SecurityMonitoringAPI.newbody=DatadogAPIClient::V2::SecurityMonitoringCriticalAssetCreateRequest.new({data:DatadogAPIClient::V2::SecurityMonitoringCriticalAssetCreateData.new({type:DatadogAPIClient::V2::SecurityMonitoringCriticalAssetType::CRITICAL_ASSETS,attributes:DatadogAPIClient::V2::SecurityMonitoringCriticalAssetCreateAttributes.new({query:"host:examplesecuritymonitoring",rule_query:"type:(log_detection OR signal_correlation OR workload_security OR application_security) source:cloudtrail",severity:DatadogAPIClient::V2::SecurityMonitoringCriticalAssetSeverity::DECREASE,tags:["team:security","env:test",],}),}),})papi_instance.create_security_monitoring_critical_asset(body)
// Create a critical asset returns "OK" response
usedatadog_api_client::datadog;usedatadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAPI;usedatadog_api_client::datadogV2::model::SecurityMonitoringCriticalAssetCreateAttributes;usedatadog_api_client::datadogV2::model::SecurityMonitoringCriticalAssetCreateData;usedatadog_api_client::datadogV2::model::SecurityMonitoringCriticalAssetCreateRequest;usedatadog_api_client::datadogV2::model::SecurityMonitoringCriticalAssetSeverity;usedatadog_api_client::datadogV2::model::SecurityMonitoringCriticalAssetType;#[tokio::main]asyncfnmain(){letbody=SecurityMonitoringCriticalAssetCreateRequest::new(SecurityMonitoringCriticalAssetCreateData::new(SecurityMonitoringCriticalAssetCreateAttributes::new("host:examplesecuritymonitoring".to_string(),"type:(log_detection OR signal_correlation OR workload_security OR application_security) source:cloudtrail".to_string(),SecurityMonitoringCriticalAssetSeverity::DECREASE,).tags(vec!["team:security".to_string(),"env:test".to_string()]),SecurityMonitoringCriticalAssetType::CRITICAL_ASSETS,),);letconfiguration=datadog::Configuration::new();letapi=SecurityMonitoringAPI::with_config(configuration);letresp=api.create_security_monitoring_critical_asset(body).await;ifletOk(value)=resp{println!("{:#?}",value);}else{println!("{:#?}",resp.unwrap_err());}}
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com"DD_API_KEY="<DD_API_KEY>"DD_APP_KEY="<DD_APP_KEY>"cargo run
/**
* Create a critical asset returns "OK" response
*/import{client,v2}from"@datadog/datadog-api-client";constconfiguration=client.createConfiguration();constapiInstance=newv2.SecurityMonitoringApi(configuration);constparams: v2.SecurityMonitoringApiCreateSecurityMonitoringCriticalAssetRequest={body:{data:{type:"critical_assets",attributes:{query:"host:examplesecuritymonitoring",ruleQuery:"type:(log_detection OR signal_correlation OR workload_security OR application_security) source:cloudtrail",severity:"decrease",tags:["team:security","env:test"],},},},};apiInstance.createSecurityMonitoringCriticalAsset(params).then((data: v2.SecurityMonitoringCriticalAssetResponse)=>{console.log("API called successfully. Returned data: "+JSON.stringify(data));}).catch((error: any)=>console.error(error));