---
title: Get a SAST ruleset
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: Docs > API Reference > Security Monitoring
---

> For the complete documentation index, see [llms.txt](https://docs.datadoghq.com/llms.txt).

# Get a SAST ruleset{% #get-a-sast-ruleset %}
Copy pageCopied
{% tab title="v2" %}
**Note**: This endpoint is in preview and is subject to change. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).
| Datadog site      | API endpoint                                                                     |
| ----------------- | -------------------------------------------------------------------------------- |
| ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/static-analysis/rulesets/{ruleset_name} |
| ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/static-analysis/rulesets/{ruleset_name} |
| app.datadoghq.eu  | GET https://api.datadoghq.eu/api/v2/static-analysis/rulesets/{ruleset_name}      |
| app.ddog-gov.com  | GET https://api.ddog-gov.com/api/v2/static-analysis/rulesets/{ruleset_name}      |
| us2.ddog-gov.com  | GET https://api.us2.ddog-gov.com/api/v2/static-analysis/rulesets/{ruleset_name}  |
| uk1.datadoghq.com | GET https://api.uk1.datadoghq.com/api/v2/static-analysis/rulesets/{ruleset_name} |
| app.datadoghq.com | GET https://api.datadoghq.com/api/v2/static-analysis/rulesets/{ruleset_name}     |
| us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/static-analysis/rulesets/{ruleset_name} |
| us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/static-analysis/rulesets/{ruleset_name} |

### Overview

Get a SAST ruleset by name, including all its rules.

OAuth apps require the `code_analysis_read` authorization [scope](https://docs.datadoghq.com/api/latest/scopes.md#security-monitoring) to access this endpoint.



### Arguments

#### Path Parameters

| Name                           | Type   | Description                          |
| ------------------------------ | ------ | ------------------------------------ |
| ruleset_name [*required*] | string | The name of the ruleset to retrieve. |

#### Query Strings

| Name                  | Type    | Description                                                             |
| --------------------- | ------- | ----------------------------------------------------------------------- |
| include_tests         | boolean | When true, test cases for each rule are included in the response.       |
| include_testing_rules | boolean | When true, rules that are in testing mode are included in the response. |

### Response

{% tab title="200" %}
OK
{% tab title="Model" %}
The response payload containing a single SAST ruleset and its rules.

| Parent field | Field                               | Type      | Description                                                                                           |
| ------------ | ----------------------------------- | --------- | ----------------------------------------------------------------------------------------------------- |
|              | data [*required*]              | object    | The primary data object representing a SAST ruleset.                                                  |
| data         | attributes [*required*]        | object    | The attributes of a SAST ruleset, including its name, description, and rules.                         |
| attributes   | description [*required*]       | string    | A detailed description of the ruleset's purpose and the types of issues it targets.                   |
| attributes   | name [*required*]              | string    | The unique name of the ruleset.                                                                       |
| attributes   | rules [*required*]             | [object]  | The list of static analysis rules included in this ruleset.                                           |
| rules        | arguments                           | [object]  | The list of configurable arguments accepted by this rule.                                             |
| arguments    | description                         | string    | A human-readable explanation of the argument's purpose and accepted values.                           |
| arguments    | name                                | string    | The name of the rule argument.                                                                        |
| rules        | category                            | string    | The category classifying the type of issue this rule detects (e.g., security, style, performance).    |
| rules        | checksum                            | string    | A checksum of the rule definition used to detect changes.                                             |
| rules        | code                                | string    | The rule implementation code used by the static analysis engine.                                      |
| rules        | created_at                          | date-time | The date and time when the rule was created.                                                          |
| rules        | created_by                          | string    | The identifier of the user or system that created the rule.                                           |
| rules        | cve                                 | string    | The CVE identifier associated with the vulnerability this rule detects, if applicable.                |
| rules        | cwe                                 | string    | The CWE identifier associated with the weakness category this rule detects, if applicable.            |
| rules        | data [*required*]              | object    | The resource identifier and type for a static analysis rule.                                          |
| data         | id                                  | string    | The unique identifier of the rule resource.                                                           |
| data         | type [*required*]              | enum      | Rules resource type. Allowed enum values: `rules`                                                     |
| rules        | description                         | string    | A detailed explanation of what the rule detects and why it matters.                                   |
| rules        | documentation_url                   | string    | A URL pointing to additional documentation for this rule.                                             |
| rules        | entity_checked                      | string    | The code entity type (e.g., function, class, variable) that this rule inspects.                       |
| rules        | is_published                        | boolean   | Indicates whether the rule is publicly published and available to all users.                          |
| rules        | is_testing                          | boolean   | Indicates whether the rule is in testing mode and not yet promoted to production.                     |
| rules        | language                            | string    | The programming language this rule applies to.                                                        |
| rules        | last_updated_at                     | date-time | The date and time when the rule was last modified.                                                    |
| rules        | last_updated_by                     | string    | The identifier of the user or system that last updated the rule.                                      |
| rules        | name                                | string    | The unique name identifying this rule within its ruleset.                                             |
| rules        | regex                               | string    | A regular expression pattern used by the rule for pattern-based detection.                            |
| rules        | severity                            | string    | The severity level of findings produced by this rule (e.g., ERROR, WARNING, NOTICE).                  |
| rules        | short_description                   | string    | A brief summary of what the rule detects, suitable for display in listings.                           |
| rules        | should_use_ai_fix                   | boolean   | Indicates whether an AI-generated fix suggestion should be offered for findings from this rule.       |
| rules        | tests                               | [object]  | The list of test cases used to validate the rule's behavior.                                          |
| tests        | annotation_count                    | int64     | The expected number of annotations (findings) the rule should produce when run against the test code. |
| tests        | code                                | string    | The source code snippet used as input for the rule test.                                              |
| tests        | filename                            | string    | The filename associated with the test code snippet.                                                   |
| rules        | tree_sitter_query                   | string    | The Tree-sitter query expression used by the rule to match code patterns in the AST.                  |
| rules        | type                                | string    | The rule type indicating the detection mechanism used (e.g., tree_sitter, regex).                     |
| attributes   | short_description [*required*] | string    | A brief summary of the ruleset, suitable for display in listings.                                     |
| data         | id [*required*]                | string    | The unique identifier of the ruleset resource.                                                        |
| data         | type [*required*]              | enum      | Rulesets resource type. Allowed enum values: `rulesets`                                               |

{% /tab %}

{% tab title="Example" %}

```json
{
  "data": {
    "attributes": {
      "description": "A collection of Python best practice rules.",
      "name": "python-best-practices",
      "rules": [
        {
          "arguments": [
            {
              "description": "string",
              "name": "string"
            }
          ],
          "category": "string",
          "checksum": "string",
          "code": "string",
          "created_at": "2019-09-19T10:00:00.000Z",
          "created_by": "string",
          "cve": "string",
          "cwe": "string",
          "data": {
            "id": "string",
            "type": "rules"
          },
          "description": "string",
          "documentation_url": "string",
          "entity_checked": "string",
          "is_published": false,
          "is_testing": false,
          "language": "string",
          "last_updated_at": "2019-09-19T10:00:00.000Z",
          "last_updated_by": "string",
          "name": "string",
          "regex": "string",
          "severity": "string",
          "short_description": "string",
          "should_use_ai_fix": false,
          "tests": [
            {
              "annotation_count": "integer",
              "code": "string",
              "filename": "string"
            }
          ],
          "tree_sitter_query": "string",
          "type": "string"
        }
      ],
      "short_description": "Python best practices ruleset."
    },
    "id": "python-best-practices",
    "type": "rulesets"
  }
}
```

{% /tab %}

{% /tab %}

{% tab title="400" %}
Bad Request
{% tab title="Model" %}
API error response.

| Parent field | Field                    | Type     | Description                                                                     |
| ------------ | ------------------------ | -------- | ------------------------------------------------------------------------------- |
|              | errors [*required*] | [object] | A list of errors.                                                               |
| errors       | detail                   | string   | A human-readable explanation specific to this occurrence of the error.          |
| errors       | meta                     | object   | Non-standard meta-information about the error                                   |
| errors       | source                   | object   | References to the source of the error.                                          |
| source       | header                   | string   | A string indicating the name of a single request header which caused the error. |
| source       | parameter                | string   | A string indicating which URI query parameter caused the error.                 |
| source       | pointer                  | string   | A JSON pointer to the value in the request document that caused the error.      |
| errors       | status                   | string   | Status code of the response.                                                    |
| errors       | title                    | string   | Short human-readable summary of the error.                                      |

{% /tab %}

{% tab title="Example" %}

```json
{
  "errors": [
    {
      "detail": "Missing required attribute in body",
      "meta": {},
      "source": {
        "header": "Authorization",
        "parameter": "limit",
        "pointer": "/data/attributes/title"
      },
      "status": "400",
      "title": "Bad Request"
    }
  ]
}
```

{% /tab %}

{% /tab %}

{% tab title="404" %}
Not Found
{% tab title="Model" %}
API error response.

| Parent field | Field                    | Type     | Description                                                                     |
| ------------ | ------------------------ | -------- | ------------------------------------------------------------------------------- |
|              | errors [*required*] | [object] | A list of errors.                                                               |
| errors       | detail                   | string   | A human-readable explanation specific to this occurrence of the error.          |
| errors       | meta                     | object   | Non-standard meta-information about the error                                   |
| errors       | source                   | object   | References to the source of the error.                                          |
| source       | header                   | string   | A string indicating the name of a single request header which caused the error. |
| source       | parameter                | string   | A string indicating which URI query parameter caused the error.                 |
| source       | pointer                  | string   | A JSON pointer to the value in the request document that caused the error.      |
| errors       | status                   | string   | Status code of the response.                                                    |
| errors       | title                    | string   | Short human-readable summary of the error.                                      |

{% /tab %}

{% tab title="Example" %}

```json
{
  "errors": [
    {
      "detail": "Missing required attribute in body",
      "meta": {},
      "source": {
        "header": "Authorization",
        "parameter": "limit",
        "pointer": "/data/attributes/title"
      },
      "status": "400",
      "title": "Bad Request"
    }
  ]
}
```

{% /tab %}

{% /tab %}

{% tab title="429" %}
Too many requests
{% tab title="Model" %}
API error response.

| Field                    | Type     | Description       |
| ------------------------ | -------- | ----------------- |
| errors [*required*] | [string] | A list of errors. |

{% /tab %}

{% tab title="Example" %}

```json
{
  "errors": [
    "Bad Request"
  ]
}
```

{% /tab %}

{% /tab %}

### Code Example

##### 
                  \# Path parameters export ruleset_name="python-best-practices" \# Curl command curl -X GET "https://api.datadoghq.com/api/v2/static-analysis/rulesets/${ruleset_name}" \
-H "Accept: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}" 
                
##### 

```python
"""
Get a SAST ruleset returns "OK" response
"""

from datadog_api_client import ApiClient, Configuration
from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi

configuration = Configuration()
configuration.unstable_operations["get_static_analysis_ruleset"] = True
with ApiClient(configuration) as api_client:
    api_instance = SecurityMonitoringApi(api_client)
    response = api_instance.get_static_analysis_ruleset(
        ruleset_name="python-best-practices",
    )

    print(response)
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=python) and then save the example to `example.py` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" python3 "example.py"
##### 

```ruby
# Get a SAST ruleset returns "OK" response

require "datadog_api_client"
DatadogAPIClient.configure do |config|
  config.unstable_operations["v2.get_static_analysis_ruleset".to_sym] = true
end
api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new
p api_instance.get_static_analysis_ruleset("python-best-practices")
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=ruby) and then save the example to `example.rb` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" rb "example.rb"
##### 

```go
// Get a SAST ruleset returns "OK" response

package main

import (
	"context"
	"encoding/json"
	"fmt"
	"os"

	"github.com/DataDog/datadog-api-client-go/v2/api/datadog"
	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2"
)

func main() {
	ctx := datadog.NewDefaultContext(context.Background())
	configuration := datadog.NewConfiguration()
	configuration.SetUnstableOperationEnabled("v2.GetStaticAnalysisRuleset", true)
	apiClient := datadog.NewAPIClient(configuration)
	api := datadogV2.NewSecurityMonitoringApi(apiClient)
	resp, r, err := api.GetStaticAnalysisRuleset(ctx, "python-best-practices", *datadogV2.NewGetStaticAnalysisRulesetOptionalParameters())

	if err != nil {
		fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.GetStaticAnalysisRuleset`: %v\n", err)
		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
	}

	responseContent, _ := json.MarshalIndent(resp, "", "  ")
	fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.GetStaticAnalysisRuleset`:\n%s\n", responseContent)
}
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=go) and then save the example to `main.go` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" go run "main.go"
##### 

```java
// Get a SAST ruleset returns "OK" response

import com.datadog.api.client.ApiClient;
import com.datadog.api.client.ApiException;
import com.datadog.api.client.v2.api.SecurityMonitoringApi;
import com.datadog.api.client.v2.model.SastRulesetResponse;

public class Example {
  public static void main(String[] args) {
    ApiClient defaultClient = ApiClient.getDefaultApiClient();
    defaultClient.setUnstableOperationEnabled("v2.getStaticAnalysisRuleset", true);
    SecurityMonitoringApi apiInstance = new SecurityMonitoringApi(defaultClient);

    try {
      SastRulesetResponse result = apiInstance.getStaticAnalysisRuleset("python-best-practices");
      System.out.println(result);
    } catch (ApiException e) {
      System.err.println("Exception when calling SecurityMonitoringApi#getStaticAnalysisRuleset");
      System.err.println("Status code: " + e.getCode());
      System.err.println("Reason: " + e.getResponseBody());
      System.err.println("Response headers: " + e.getResponseHeaders());
      e.printStackTrace();
    }
  }
}
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=java) and then save the example to `Example.java` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" java "Example.java"
##### 

```rust
// Get a SAST ruleset returns "OK" response
use datadog_api_client::datadog;
use datadog_api_client::datadogV2::api_security_monitoring::GetStaticAnalysisRulesetOptionalParams;
use datadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAPI;

#[tokio::main]
async fn main() {
    let mut configuration = datadog::Configuration::new();
    configuration.set_unstable_operation_enabled("v2.GetStaticAnalysisRuleset", true);
    let api = SecurityMonitoringAPI::with_config(configuration);
    let resp = api
        .get_static_analysis_ruleset(
            "python-best-practices".to_string(),
            GetStaticAnalysisRulesetOptionalParams::default(),
        )
        .await;
    if let Ok(value) = resp {
        println!("{:#?}", value);
    } else {
        println!("{:#?}", resp.unwrap_err());
    }
}
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=rust) and then save the example to `src/main.rs` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" cargo run
##### 

```typescript
/**
 * Get a SAST ruleset returns "OK" response
 */

import { client, v2 } from "@datadog/datadog-api-client";

const configuration = client.createConfiguration();
configuration.unstableOperations["v2.getStaticAnalysisRuleset"] = true;
const apiInstance = new v2.SecurityMonitoringApi(configuration);

const params: v2.SecurityMonitoringApiGetStaticAnalysisRulesetRequest = {
  rulesetName: "python-best-practices",
};

apiInstance
  .getStaticAnalysisRuleset(params)
  .then((data: v2.SastRulesetResponse) => {
    console.log(
      "API called successfully. Returned data: " + JSON.stringify(data)
    );
  })
  .catch((error: any) => console.error(error));
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=typescript) and then save the example to `example.ts` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" tsc "example.ts"
{% /tab %}
