Language

English Français 日本語 한국어 Español

Datadog Site

Site help
US1 US3 US5 EU AP1 AP2 US1-FED US2-FED

Create Custom Rule

This endpoint is in Preview and may introduce breaking changes. If you have any feedback, contact Datadog support.

PUT https://api.ap1.datadoghq.com/api/v2/static-analysis/custom/rulesets/{ruleset_name}/ruleshttps://api.ap2.datadoghq.com/api/v2/static-analysis/custom/rulesets/{ruleset_name}/ruleshttps://api.datadoghq.eu/api/v2/static-analysis/custom/rulesets/{ruleset_name}/ruleshttps://api.ddog-gov.com/api/v2/static-analysis/custom/rulesets/{ruleset_name}/ruleshttps://api.us2.ddog-gov.com/api/v2/static-analysis/custom/rulesets/{ruleset_name}/ruleshttps://api.datadoghq.com/api/v2/static-analysis/custom/rulesets/{ruleset_name}/ruleshttps://api.us3.datadoghq.com/api/v2/static-analysis/custom/rulesets/{ruleset_name}/ruleshttps://api.us5.datadoghq.com/api/v2/static-analysis/custom/rulesets/{ruleset_name}/rules

Overview

Create a new custom rule within a ruleset

Arguments

Path Parameters

Name

Type

Description

ruleset_name [required]

string

The ruleset name

Request

Body Data (required)

Expand All

Field

Type

Description

data

object

Data object for a custom rule create or update request.

attributes

object

Attributes for creating or updating a custom rule.

name

string

Rule name

id

string

Rule identifier

type

enum

Resource type Allowed enum values: custom_rule

{
  "data": {
    "attributes": {
      "name": "string"
    },
    "id": "string",
    "type": "custom_rule"
  }
}

Response

Successfully created

Response containing a single custom rule.

Expand All

Field

Type

Description

data [required]

object

Data object returned in a custom rule response, including its ID, type, and attributes.

attributes [required]

object

A custom static analysis rule within a ruleset.

created_at [required]

date-time

Creation timestamp

created_by [required]

string

Creator identifier

last_revision [required]

object

Most recent revision

attributes [required]

object

Attributes of a custom rule revision, including code, metadata, and test cases.

arguments [required]

[object]

Rule arguments

description [required]

string

Base64-encoded argument description

name [required]

string

Base64-encoded argument name

category [required]

enum

Rule category Allowed enum values: SECURITY,BEST_PRACTICES,CODE_STYLE,ERROR_PRONE,PERFORMANCE

checksum [required]

string

Code checksum

code [required]

string

Rule code

created_at [required]

date-time

Creation timestamp

created_by [required]

string

Creator identifier

creation_message [required]

string

Revision creation message

cve [required]

string

Associated CVE

cwe [required]

string

Associated CWE

description [required]

string

Full description

documentation_url [required]

string

Documentation URL

is_published [required]

boolean

Whether the revision is published

is_testing [required]

boolean

Whether this is a testing revision

language [required]

enum

Programming language Allowed enum values: PYTHON,JAVASCRIPT,TYPESCRIPT,JAVA,GO,YAML,RUBY,CSHARP,PHP,KOTLIN

Show 1 more,SWIFT

severity [required]

enum

Rule severity Allowed enum values: ERROR,WARNING,NOTICE

short_description [required]

string

Short description

should_use_ai_fix [required]

boolean

Whether to use AI for fixes

tags [required]

[string]

Rule tags

tests [required]

[object]

Rule tests

annotation_count [required]

int64

Expected violation count

code [required]

string

Test code

filename [required]

string

Test filename

tree_sitter_query [required]

string

Tree-sitter query

id [required]

string

Revision identifier

type [required]

enum

Resource type Allowed enum values: custom_rule_revision

name [required]

string

Rule name

id [required]

string

Rule identifier

type [required]

enum

Resource type Allowed enum values: custom_rule

{
  "data": {
    "attributes": {
      "created_at": "2026-01-09T13:00:57.473141Z",
      "created_by": "foobarbaz",
      "last_revision": {
        "attributes": {
          "arguments": [
            {
              "description": "YXJndW1lbnQgZGVzY3JpcHRpb24=",
              "name": "YXJndW1lbnRfbmFtZQ=="
            }
          ],
          "category": "SECURITY",
          "checksum": "8a66c4e4e631099ad71be3c1ea3ea8fc2d57193e56db2c296e2dd8a508b26b99",
          "code": "Y29uZHVjdG9yOgogICAgLSBkZXBsb3lfb25seTogdHJ1ZQ==",
          "created_at": "2026-01-09T13:00:57.473141Z",
          "created_by": "foobarbaz",
          "creation_message": "Initial revision",
          "cve": "CVE-2024-1234",
          "cwe": "CWE-79",
          "description": "bG9uZyBkZXNjcmlwdGlvbg==",
          "documentation_url": "https://docs.example.com/rules/my-rule",
          "is_published": false,
          "is_testing": false,
          "language": "PYTHON",
          "severity": "ERROR",
          "short_description": "c2hvcnQgZGVzY3JpcHRpb24=",
          "should_use_ai_fix": false,
          "tags": [
            "security",
            "custom"
          ],
          "tests": [
            {
              "annotation_count": 1,
              "code": "Y29uZHVjdG9yOgogICAgLSBkZXBsb3lfb25seTogdHJ1ZQ==",
              "filename": "test.yaml"
            }
          ],
          "tree_sitter_query": "Y29uZHVjdG9yOgogICAgLSBkZXBsb3lfb25seTogdHJ1ZQ=="
        },
        "id": "revision-123",
        "type": "custom_rule_revision"
      },
      "name": "my-rule"
    },
    "id": "my-rule",
    "type": "custom_rule"
  }
}

Bad request

API error response.

Expand All

Field

Type

Description

errors [required]

[object]

A list of errors.

detail

string

A human-readable explanation specific to this occurrence of the error.

meta

object

Non-standard meta-information about the error

source

object

References to the source of the error.

header

string

A string indicating the name of a single request header which caused the error.

parameter

string

A string indicating which URI query parameter caused the error.

pointer

string

A JSON pointer to the value in the request document that caused the error.

status

string

Status code of the response.

title

string

Short human-readable summary of the error.

{
  "errors": [
    {
      "detail": "Missing required attribute in body",
      "meta": {},
      "source": {
        "header": "Authorization",
        "parameter": "limit",
        "pointer": "/data/attributes/title"
      },
      "status": "400",
      "title": "Bad Request"
    }
  ]
}

Unauthorized - custom rules not enabled

API error response.

Expand All

Field

Type

Description

errors [required]

[object]

A list of errors.

detail

string

A human-readable explanation specific to this occurrence of the error.

meta

object

Non-standard meta-information about the error

source

object

References to the source of the error.

header

string

A string indicating the name of a single request header which caused the error.

parameter

string

A string indicating which URI query parameter caused the error.

pointer

string

A JSON pointer to the value in the request document that caused the error.

status

string

Status code of the response.

title

string

Short human-readable summary of the error.

{
  "errors": [
    {
      "detail": "Missing required attribute in body",
      "meta": {},
      "source": {
        "header": "Authorization",
        "parameter": "limit",
        "pointer": "/data/attributes/title"
      },
      "status": "400",
      "title": "Bad Request"
    }
  ]
}

Conflict - rule already exists

API error response.

Expand All

Field

Type

Description

errors [required]

[object]

A list of errors.

detail

string

A human-readable explanation specific to this occurrence of the error.

meta

object

Non-standard meta-information about the error

source

object

References to the source of the error.

header

string

A string indicating the name of a single request header which caused the error.

parameter

string

A string indicating which URI query parameter caused the error.

pointer

string

A JSON pointer to the value in the request document that caused the error.

status

string

Status code of the response.

title

string

Short human-readable summary of the error.

{
  "errors": [
    {
      "detail": "Missing required attribute in body",
      "meta": {},
      "source": {
        "header": "Authorization",
        "parameter": "limit",
        "pointer": "/data/attributes/title"
      },
      "status": "400",
      "title": "Bad Request"
    }
  ]
}

Precondition failed - validation error or ruleset not found

API error response.

Expand All

Field

Type

Description

errors [required]

[object]

A list of errors.

detail

string

A human-readable explanation specific to this occurrence of the error.

meta

object

Non-standard meta-information about the error

source

object

References to the source of the error.

header

string

A string indicating the name of a single request header which caused the error.

parameter

string

A string indicating which URI query parameter caused the error.

pointer

string

A JSON pointer to the value in the request document that caused the error.

status

string

Status code of the response.

title

string

Short human-readable summary of the error.

{
  "errors": [
    {
      "detail": "Missing required attribute in body",
      "meta": {},
      "source": {
        "header": "Authorization",
        "parameter": "limit",
        "pointer": "/data/attributes/title"
      },
      "status": "400",
      "title": "Bad Request"
    }
  ]
}

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Code Example

                  ## default
# 

# Path parameters
export ruleset_name="CHANGE_ME"
# Curl command
curl -X PUT "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.us2.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/static-analysis/custom/rulesets/${ruleset_name}/rules" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \
-d @- << EOF
{
  "data": {
    "type": "custom_rule"
  }
}
EOF

                
"""
Create Custom Rule returns "Successfully created" response
"""

from datadog_api_client import ApiClient, Configuration
from datadog_api_client.v2.api.static_analysis_api import StaticAnalysisApi
from datadog_api_client.v2.model.custom_rule_data_type import CustomRuleDataType
from datadog_api_client.v2.model.custom_rule_request import CustomRuleRequest
from datadog_api_client.v2.model.custom_rule_request_data import CustomRuleRequestData
from datadog_api_client.v2.model.custom_rule_request_data_attributes import CustomRuleRequestDataAttributes

body = CustomRuleRequest(
    data=CustomRuleRequestData(
        attributes=CustomRuleRequestDataAttributes(),
        type=CustomRuleDataType.CUSTOM_RULE,
    ),
)

configuration = Configuration()
configuration.unstable_operations["create_custom_rule"] = True
with ApiClient(configuration) as api_client:
    api_instance = StaticAnalysisApi(api_client)
    response = api_instance.create_custom_rule(ruleset_name="ruleset_name", body=body)

    print(response)

Instructions

First install the library and its dependencies and then save the example to example.py and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" python3 "example.py"
# Create Custom Rule returns "Successfully created" response

require "datadog_api_client"
DatadogAPIClient.configure do |config|
  config.unstable_operations["v2.create_custom_rule".to_sym] = true
end
api_instance = DatadogAPIClient::V2::StaticAnalysisAPI.new

body = DatadogAPIClient::V2::CustomRuleRequest.new({
  data: DatadogAPIClient::V2::CustomRuleRequestData.new({
    attributes: DatadogAPIClient::V2::CustomRuleRequestDataAttributes.new({}),
    type: DatadogAPIClient::V2::CustomRuleDataType::CUSTOM_RULE,
  }),
})
p api_instance.create_custom_rule("ruleset_name", body)

Instructions

First install the library and its dependencies and then save the example to example.rb and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" rb "example.rb"
// Create Custom Rule returns "Successfully created" response

package main

import (
	"context"
	"encoding/json"
	"fmt"
	"os"

	"github.com/DataDog/datadog-api-client-go/v2/api/datadog"
	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2"
)

func main() {
	body := datadogV2.CustomRuleRequest{
		Data: &datadogV2.CustomRuleRequestData{
			Attributes: &datadogV2.CustomRuleRequestDataAttributes{},
			Type:       datadogV2.CUSTOMRULEDATATYPE_CUSTOM_RULE.Ptr(),
		},
	}
	ctx := datadog.NewDefaultContext(context.Background())
	configuration := datadog.NewConfiguration()
	configuration.SetUnstableOperationEnabled("v2.CreateCustomRule", true)
	apiClient := datadog.NewAPIClient(configuration)
	api := datadogV2.NewStaticAnalysisApi(apiClient)
	resp, r, err := api.CreateCustomRule(ctx, "ruleset_name", body)

	if err != nil {
		fmt.Fprintf(os.Stderr, "Error when calling `StaticAnalysisApi.CreateCustomRule`: %v\n", err)
		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
	}

	responseContent, _ := json.MarshalIndent(resp, "", "  ")
	fmt.Fprintf(os.Stdout, "Response from `StaticAnalysisApi.CreateCustomRule`:\n%s\n", responseContent)
}

Instructions

First install the library and its dependencies and then save the example to main.go and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" go run "main.go"
// Create Custom Rule returns "Successfully created" response

import com.datadog.api.client.ApiClient;
import com.datadog.api.client.ApiException;
import com.datadog.api.client.v2.api.StaticAnalysisApi;
import com.datadog.api.client.v2.model.CustomRuleDataType;
import com.datadog.api.client.v2.model.CustomRuleRequest;
import com.datadog.api.client.v2.model.CustomRuleRequestData;
import com.datadog.api.client.v2.model.CustomRuleRequestDataAttributes;
import com.datadog.api.client.v2.model.CustomRuleResponse;

public class Example {
  public static void main(String[] args) {
    ApiClient defaultClient = ApiClient.getDefaultApiClient();
    defaultClient.setUnstableOperationEnabled("v2.createCustomRule", true);
    StaticAnalysisApi apiInstance = new StaticAnalysisApi(defaultClient);

    CustomRuleRequest body =
        new CustomRuleRequest()
            .data(
                new CustomRuleRequestData()
                    .attributes(new CustomRuleRequestDataAttributes())
                    .type(CustomRuleDataType.CUSTOM_RULE));

    try {
      CustomRuleResponse result = apiInstance.createCustomRule("ruleset_name", body);
      System.out.println(result);
    } catch (ApiException e) {
      System.err.println("Exception when calling StaticAnalysisApi#createCustomRule");
      System.err.println("Status code: " + e.getCode());
      System.err.println("Reason: " + e.getResponseBody());
      System.err.println("Response headers: " + e.getResponseHeaders());
      e.printStackTrace();
    }
  }
}

Instructions

First install the library and its dependencies and then save the example to Example.java and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" java "Example.java"
// Create Custom Rule returns "Successfully created" response
use datadog_api_client::datadog;
use datadog_api_client::datadogV2::api_static_analysis::StaticAnalysisAPI;
use datadog_api_client::datadogV2::model::CustomRuleDataType;
use datadog_api_client::datadogV2::model::CustomRuleRequest;
use datadog_api_client::datadogV2::model::CustomRuleRequestData;
use datadog_api_client::datadogV2::model::CustomRuleRequestDataAttributes;

#[tokio::main]
async fn main() {
    let body = CustomRuleRequest::new().data(
        CustomRuleRequestData::new()
            .attributes(CustomRuleRequestDataAttributes::new())
            .type_(CustomRuleDataType::CUSTOM_RULE),
    );
    let mut configuration = datadog::Configuration::new();
    configuration.set_unstable_operation_enabled("v2.CreateCustomRule", true);
    let api = StaticAnalysisAPI::with_config(configuration);
    let resp = api
        .create_custom_rule("ruleset_name".to_string(), body)
        .await;
    if let Ok(value) = resp {
        println!("{:#?}", value);
    } else {
        println!("{:#?}", resp.unwrap_err());
    }
}

Instructions

First install the library and its dependencies and then save the example to src/main.rs and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" cargo run
/**
 * Create Custom Rule returns "Successfully created" response
 */

import { client, v2 } from "@datadog/datadog-api-client";

const configuration = client.createConfiguration();
configuration.unstableOperations["v2.createCustomRule"] = true;
const apiInstance = new v2.StaticAnalysisApi(configuration);

const params: v2.StaticAnalysisApiCreateCustomRuleRequest = {
  body: {
    data: {
      attributes: {},
      type: "custom_rule",
    },
  },
  rulesetName: "ruleset_name",
};

apiInstance
  .createCustomRule(params)
  .then((data: v2.CustomRuleResponse) => {
    console.log(
      "API called successfully. Returned data: " + JSON.stringify(data)
    );
  })
  .catch((error: any) => console.error(error));

Instructions

First install the library and its dependencies and then save the example to example.ts and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" tsc "example.ts"