List historical jobs

v2 (latest)

Note: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.

GET https://api.ap1.datadoghq.com/api/v2/siem-historical-detections/jobshttps://api.ap2.datadoghq.com/api/v2/siem-historical-detections/jobshttps://api.datadoghq.eu/api/v2/siem-historical-detections/jobshttps://api.ddog-gov.com/api/v2/siem-historical-detections/jobshttps://api.us2.ddog-gov.com/api/v2/siem-historical-detections/jobshttps://api.datadoghq.com/api/v2/siem-historical-detections/jobshttps://api.us3.datadoghq.com/api/v2/siem-historical-detections/jobshttps://api.us5.datadoghq.com/api/v2/siem-historical-detections/jobs

Overview

List historical jobs.

Arguments

Query Strings

Name

Type

Description

page[size]

integer

Size for a given page. The maximum allowed value is 100.

page[number]

integer

Specific page number to return.

sort

string

The order of the jobs in results.

filter[query]

string

Query used to filter items from the fetched list.

Response

List of historical jobs.

Expand All

Field

Type

Description

data

[object]

Array containing the list of historical jobs.

attributes

object

Historical job attributes.

jobDefinition

object

Definition of a historical job.

options

object

Job options.

meta

object

Metadata about the list of jobs.

{
  "data": [
    {
      "attributes": {
        "createdAt": "string",
        "createdByHandle": "string",
        "createdByName": "string",
        "createdFromRuleId": "string",
        "jobDefinition": {
          "calculatedFields": [
            {
              "expression": "@request_end_timestamp - @request_start_timestamp",
              "name": "response_time"
            }
          ],
          "cases": [
            {
              "actions": [
                {
                  "options": {
                    "duration": 0,
                    "flaggedIPType": "FLAGGED",
                    "userBehaviorName": "string"
                  },
                  "type": "string"
                }
              ],
              "condition": "string",
              "name": "string",
              "notifications": [],
              "status": "critical"
            }
          ],
          "from": 1729843470000,
          "groupSignalsBy": [
            "service"
          ],
          "index": "cloud_siem",
          "message": "A large number of failed login attempts.",
          "name": "Excessive number of failed attempts.",
          "options": {
            "anomalyDetectionOptions": {
              "bucketDuration": 300,
              "detectionTolerance": 5,
              "instantaneousBaseline": false,
              "learningDuration": "integer",
              "learningPeriodBaseline": "integer"
            },
            "detectionMethod": "string",
            "evaluationWindow": "integer",
            "impossibleTravelOptions": {
              "baselineUserLocations": true,
              "baselineUserLocationsDuration": "integer"
            },
            "keepAlive": "integer",
            "maxSignalDuration": "integer",
            "newValueOptions": {
              "forgetAfter": "integer",
              "instantaneousBaseline": false,
              "learningDuration": "integer",
              "learningMethod": "string",
              "learningThreshold": "integer"
            },
            "sequenceDetectionOptions": {
              "stepTransitions": [
                {
                  "child": "string",
                  "evaluationWindow": "integer",
                  "parent": "string"
                }
              ],
              "steps": [
                {
                  "condition": "string",
                  "evaluationWindow": "integer",
                  "name": "string"
                }
              ]
            },
            "thirdPartyRuleOptions": {
              "defaultNotifications": [],
              "defaultStatus": "critical",
              "rootQueries": [
                {
                  "groupByFields": [],
                  "query": "source:cloudtrail"
                }
              ],
              "signalTitleTemplate": "string"
            }
          },
          "queries": [
            {
              "additionalFilters": "string",
              "aggregation": "string",
              "correlatedByFields": [],
              "correlatedQueryIndex": "integer",
              "customQueryExtension": "string",
              "dataSource": "logs",
              "datasetIds": [],
              "distinctFields": [],
              "groupByFields": [],
              "hasOptionalGroupByFields": false,
              "index": "string",
              "indexes": [],
              "metrics": [],
              "name": "string",
              "query": "a > 3",
              "queryLanguage": "string"
            }
          ],
          "referenceTables": [
            {
              "checkPresence": false,
              "columnName": "string",
              "logFieldPath": "string",
              "ruleQueryName": "string",
              "tableName": "string"
            }
          ],
          "tags": [],
          "thirdPartyCases": [
            {
              "name": "string",
              "notifications": [],
              "query": "string",
              "status": "critical"
            }
          ],
          "to": 1729847070000,
          "type": "string"
        },
        "jobName": "string",
        "jobStatus": "string",
        "modifiedAt": "string",
        "progressRate": "number",
        "signalOutput": false
      },
      "id": "string",
      "type": "string"
    }
  ],
  "meta": {
    "totalCount": "integer"
  }
}

Bad Request

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Code Example

                  # Curl command
curl -X GET "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.us2.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/siem-historical-detections/jobs" \
-H "Accept: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}"

                

"""
List historical jobs returns "OK" response
"""

from datadog_api_client import ApiClient, Configuration
from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi

configuration = Configuration()
configuration.unstable_operations["list_historical_jobs"] = True
with ApiClient(configuration) as api_client:
    api_instance = SecurityMonitoringApi(api_client)
    response = api_instance.list_historical_jobs()

    print(response)

Instructions

First install the library and its dependencies and then save the example to example.py and run following commands:

    DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" python3 "example.py"

# List historical jobs returns "OK" response

require "datadog_api_client"
DatadogAPIClient.configure do |config|
  config.unstable_operations["v2.list_historical_jobs".to_sym] = true
end
api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new
p api_instance.list_historical_jobs()

Instructions

First install the library and its dependencies and then save the example to example.rb and run following commands:

    DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" rb "example.rb"

// List historical jobs returns "OK" response

package main

import (
	"context"
	"encoding/json"
	"fmt"
	"os"

	"github.com/DataDog/datadog-api-client-go/v2/api/datadog"
	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2"
)

func main() {
	ctx := datadog.NewDefaultContext(context.Background())
	configuration := datadog.NewConfiguration()
	configuration.SetUnstableOperationEnabled("v2.ListHistoricalJobs", true)
	apiClient := datadog.NewAPIClient(configuration)
	api := datadogV2.NewSecurityMonitoringApi(apiClient)
	resp, r, err := api.ListHistoricalJobs(ctx, *datadogV2.NewListHistoricalJobsOptionalParameters())

	if err != nil {
		fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.ListHistoricalJobs`: %v\n", err)
		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
	}

	responseContent, _ := json.MarshalIndent(resp, "", "  ")
	fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.ListHistoricalJobs`:\n%s\n", responseContent)
}

Instructions

First install the library and its dependencies and then save the example to main.go and run following commands:

    DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" go run "main.go"

// List historical jobs returns "OK" response

import com.datadog.api.client.ApiClient;
import com.datadog.api.client.ApiException;
import com.datadog.api.client.v2.api.SecurityMonitoringApi;
import com.datadog.api.client.v2.model.ListHistoricalJobsResponse;

public class Example {
  public static void main(String[] args) {
    ApiClient defaultClient = ApiClient.getDefaultApiClient();
    defaultClient.setUnstableOperationEnabled("v2.listHistoricalJobs", true);
    SecurityMonitoringApi apiInstance = new SecurityMonitoringApi(defaultClient);

    try {
      ListHistoricalJobsResponse result = apiInstance.listHistoricalJobs();
      System.out.println(result);
    } catch (ApiException e) {
      System.err.println("Exception when calling SecurityMonitoringApi#listHistoricalJobs");
      System.err.println("Status code: " + e.getCode());
      System.err.println("Reason: " + e.getResponseBody());
      System.err.println("Response headers: " + e.getResponseHeaders());
      e.printStackTrace();
    }
  }
}

Instructions

First install the library and its dependencies and then save the example to Example.java and run following commands:

    DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" java "Example.java"

// List historical jobs returns "OK" response
use datadog_api_client::datadog;
use datadog_api_client::datadogV2::api_security_monitoring::ListHistoricalJobsOptionalParams;
use datadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAPI;

#[tokio::main]
async fn main() {
    let mut configuration = datadog::Configuration::new();
    configuration.set_unstable_operation_enabled("v2.ListHistoricalJobs", true);
    let api = SecurityMonitoringAPI::with_config(configuration);
    let resp = api
        .list_historical_jobs(ListHistoricalJobsOptionalParams::default())
        .await;
    if let Ok(value) = resp {
        println!("{:#?}", value);
    } else {
        println!("{:#?}", resp.unwrap_err());
    }
}

Instructions

First install the library and its dependencies and then save the example to src/main.rs and run following commands:

    DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" cargo run

/**
 * List historical jobs returns "OK" response
 */

import { client, v2 } from "@datadog/datadog-api-client";

const configuration = client.createConfiguration();
configuration.unstableOperations["v2.listHistoricalJobs"] = true;
const apiInstance = new v2.SecurityMonitoringApi(configuration);

apiInstance
  .listHistoricalJobs()
  .then((data: v2.ListHistoricalJobsResponse) => {
    console.log(
      "API called successfully. Returned data: " + JSON.stringify(data)
    );
  })
  .catch((error: any) => console.error(error));

Instructions

First install the library and its dependencies and then save the example to example.ts and run following commands:

    DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" tsc "example.ts"

List historical jobs

Overview

Arguments

Query Strings

Response

Code Example

List historical jobs

List historical jobs

Instructions

List historical jobs

Instructions

List historical jobs

Instructions

List historical jobs

Instructions

List historical jobs

Instructions

List historical jobs

Instructions

How can I help you today?