--- title: Get the version history of security filters description: Datadog, the leading service for cloud-scale monitoring. breadcrumbs: Docs > API Reference > Security Monitoring --- # Get the version history of security filters{% #get-the-version-history-of-security-filters %} Copy pageCopied {% tab title="v2" %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/versions | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/versions | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security_monitoring/configuration/security_filters/versions | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security_monitoring/configuration/security_filters/versions | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/security_filters/versions | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/versions | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/versions | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/versions | ### Overview Get the configured security filters at each historical version of the configuration. Each entry in the response represents the set of all security filters at a given version, ordered from the most recent version to the oldest. This endpoint requires the `security_monitoring_filters_read` permission. OAuth apps require the `security_monitoring_filters_read` authorization [scope](https://docs.datadoghq.com/api/latest/scopes.md#security-monitoring) to access this endpoint. ### Response {% tab title="200" %} OK {% tab title="Model" %} Response containing the version history of security filters. | Parent field | Field | Type | Description | | ----------------- | ------------------------------------ | -------- | -------------------------------------------------------------------------------------------------------------------------------------------- | | | data [*required*] | [object] | A list of historical security filter configurations, ordered from the most recent to the oldest. | | data | attributes [*required*] | object | The attributes describing a single security filter configuration version. | | attributes | date [*required*] | int64 | The Unix timestamp in milliseconds at which this configuration version was applied. | | attributes | filters [*required*] | [object] | The set of security filters at this configuration version. | | filters | exclusion_filters [*required*] | [object] | The list of exclusion filters applied in this security filter. | | exclusion_filters | name | string | The exclusion filter name. | | exclusion_filters | query | string | The exclusion filter query. | | filters | filtered_data_type [*required*] | enum | The filtered data type. Allowed enum values: `logs` | | filters | id [*required*] | string | The ID of the security filter. | | filters | is_builtin [*required*] | boolean | Whether the security filter is the built-in filter. | | filters | is_enabled [*required*] | boolean | Whether the security filter is enabled. | | filters | name [*required*] | string | The name of the security filter. | | filters | query [*required*] | string | The query of the security filter. | | filters | version [*required*] | int32 | The version of this security filter. | | attributes | version [*required*] | int32 | The configuration version number. | | data | id [*required*] | string | The identifier of the configuration version. | | data | type [*required*] | enum | The type of the resource. The value should always be `security_filters_configuration`. Allowed enum values: `security_filters_configuration` | {% /tab %} {% tab title="Example" %} ```json { "data": [ { "attributes": { "date": 1758177253469, "filters": [ { "exclusion_filters": [ { "name": "Exclude staging", "query": "source:staging" } ], "filtered_data_type": "logs", "id": "123", "is_builtin": false, "is_enabled": true, "name": "Test Security Filter", "query": "source:test", "version": 1 } ], "version": 1 }, "id": "1", "type": "security_filters_configuration" } ] } ``` {% /tab %} {% /tab %} {% tab title="403" %} Not Authorized {% tab title="Model" %} API error response. | Field | Type | Description | | ------------------------ | -------- | ----------------- | | errors [*required*] | [string] | A list of errors. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} {% tab title="429" %} Too many requests {% tab title="Model" %} API error response. | Field | Type | Description | | ------------------------ | -------- | ----------------- | | errors [*required*] | [string] | A list of errors. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} ### Code Example ##### \# Curl command curl -X GET "https://api.datadoghq.com/api/v2/security_monitoring/configuration/security_filters/versions" \ -H "Accept: application/json" \ -H "DD-API-KEY: ${DD_API_KEY}" \ -H "DD-APPLICATION-KEY: ${DD_APP_KEY}" {% /tab %}