--- title: Create Custom Rule description: Datadog, the leading service for cloud-scale monitoring. breadcrumbs: Docs > API Reference > Static Analysis --- # Create Custom Rule{% #create-custom-rule %} {% tab title="v2" %} This endpoint is in Preview and may introduce breaking changes. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). | Datadog site | API endpoint | | ----------------- | --------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | PUT https://api.ap1.datadoghq.com/api/v2/static-analysis/custom/rulesets/{ruleset_name}/rules | | ap2.datadoghq.com | PUT https://api.ap2.datadoghq.com/api/v2/static-analysis/custom/rulesets/{ruleset_name}/rules | | app.datadoghq.eu | PUT https://api.datadoghq.eu/api/v2/static-analysis/custom/rulesets/{ruleset_name}/rules | | app.ddog-gov.com | PUT https://api.ddog-gov.com/api/v2/static-analysis/custom/rulesets/{ruleset_name}/rules | | us2.ddog-gov.com | PUT https://api.us2.ddog-gov.com/api/v2/static-analysis/custom/rulesets/{ruleset_name}/rules | | app.datadoghq.com | PUT https://api.datadoghq.com/api/v2/static-analysis/custom/rulesets/{ruleset_name}/rules | | us3.datadoghq.com | PUT https://api.us3.datadoghq.com/api/v2/static-analysis/custom/rulesets/{ruleset_name}/rules | | us5.datadoghq.com | PUT https://api.us5.datadoghq.com/api/v2/static-analysis/custom/rulesets/{ruleset_name}/rules | ### Overview Create a new custom rule within a ruleset ### Arguments #### Path Parameters | Name | Type | Description | | ------------------------------ | ------ | ---------------- | | ruleset_name [*required*] | string | The ruleset name | ### Request #### Body Data (required) {% tab title="Model" %} | Parent field | Field | Type | Description | | ------------ | ---------- | ------ | ------------------------------------------------------- | | | data | object | Data object for a custom rule create or update request. | | data | attributes | object | Attributes for creating or updating a custom rule. | | attributes | name | string | Rule name | | data | id | string | Rule identifier | | data | type | enum | Resource type Allowed enum values: `custom_rule` | {% /tab %} {% tab title="Example" %} ```json { "data": { "attributes": { "name": "string" }, "id": "string", "type": "custom_rule" } } ``` {% /tab %} ### Response {% tab title="200" %} Successfully created {% tab title="Model" %} Response containing a single custom rule. | Parent field | Field | Type | Description | | ------------- | ----------------------------------- | --------- | ------------------------------------------------------------------------------------------------------------ | | | data [*required*] | object | Data object returned in a custom rule response, including its ID, type, and attributes. | | data | attributes [*required*] | object | A custom static analysis rule within a ruleset. | | attributes | created_at [*required*] | date-time | Creation timestamp | | attributes | created_by [*required*] | string | Creator identifier | | attributes | last_revision [*required*] | object | Most recent revision | | last_revision | attributes [*required*] | object | Attributes of a custom rule revision, including code, metadata, and test cases. | | attributes | arguments [*required*] | [object] | Rule arguments | | arguments | description [*required*] | string | Base64-encoded argument description | | arguments | name [*required*] | string | Base64-encoded argument name | | attributes | category [*required*] | enum | Rule category Allowed enum values: `SECURITY,BEST_PRACTICES,CODE_STYLE,ERROR_PRONE,PERFORMANCE` | | attributes | checksum [*required*] | string | Code checksum | | attributes | code [*required*] | string | Rule code | | attributes | created_at [*required*] | date-time | Creation timestamp | | attributes | created_by [*required*] | string | Creator identifier | | attributes | creation_message [*required*] | string | Revision creation message | | attributes | cve [*required*] | string | Associated CVE | | attributes | cwe [*required*] | string | Associated CWE | | attributes | description [*required*] | string | Full description | | attributes | documentation_url [*required*] | string | Documentation URL | | attributes | is_published [*required*] | boolean | Whether the revision is published | | attributes | is_testing [*required*] | boolean | Whether this is a testing revision | | attributes | language [*required*] | enum | Programming language Allowed enum values: `PYTHON,JAVASCRIPT,TYPESCRIPT,JAVA,GO,YAML,RUBY,CSHARP,PHP,KOTLIN` | | attributes | severity [*required*] | enum | Rule severity Allowed enum values: `ERROR,WARNING,NOTICE` | | attributes | short_description [*required*] | string | Short description | | attributes | should_use_ai_fix [*required*] | boolean | Whether to use AI for fixes | | attributes | tags [*required*] | [string] | Rule tags | | attributes | tests [*required*] | [object] | Rule tests | | tests | annotation_count [*required*] | int64 | Expected violation count | | tests | code [*required*] | string | Test code | | tests | filename [*required*] | string | Test filename | | attributes | tree_sitter_query [*required*] | string | Tree-sitter query | | last_revision | id [*required*] | string | Revision identifier | | last_revision | type [*required*] | enum | Resource type Allowed enum values: `custom_rule_revision` | | attributes | name [*required*] | string | Rule name | | data | id [*required*] | string | Rule identifier | | data | type [*required*] | enum | Resource type Allowed enum values: `custom_rule` | {% /tab %} {% tab title="Example" %} ```json { "data": { "attributes": { "created_at": "2026-01-09T13:00:57.473141Z", "created_by": "foobarbaz", "last_revision": { "attributes": { "arguments": [ { "description": "YXJndW1lbnQgZGVzY3JpcHRpb24=", "name": "YXJndW1lbnRfbmFtZQ==" } ], "category": "SECURITY", "checksum": "8a66c4e4e631099ad71be3c1ea3ea8fc2d57193e56db2c296e2dd8a508b26b99", "code": "Y29uZHVjdG9yOgogICAgLSBkZXBsb3lfb25seTogdHJ1ZQ==", "created_at": "2026-01-09T13:00:57.473141Z", "created_by": "foobarbaz", "creation_message": "Initial revision", "cve": "CVE-2024-1234", "cwe": "CWE-79", "description": "bG9uZyBkZXNjcmlwdGlvbg==", "documentation_url": "https://docs.example.com/rules/my-rule", "is_published": false, "is_testing": false, "language": "PYTHON", "severity": "ERROR", "short_description": "c2hvcnQgZGVzY3JpcHRpb24=", "should_use_ai_fix": false, "tags": [ "security", "custom" ], "tests": [ { "annotation_count": 1, "code": "Y29uZHVjdG9yOgogICAgLSBkZXBsb3lfb25seTogdHJ1ZQ==", "filename": "test.yaml" } ], "tree_sitter_query": "Y29uZHVjdG9yOgogICAgLSBkZXBsb3lfb25seTogdHJ1ZQ==" }, "id": "revision-123", "type": "custom_rule_revision" }, "name": "my-rule" }, "id": "my-rule", "type": "custom_rule" } } ``` {% /tab %} {% /tab %} {% tab title="400" %} Bad request {% tab title="Model" %} API error response. | Parent field | Field | Type | Description | | ------------ | ------------------------ | -------- | ------------------------------------------------------------------------------- | | | errors [*required*] | [object] | A list of errors. | | errors | detail | string | A human-readable explanation specific to this occurrence of the error. | | errors | meta | object | Non-standard meta-information about the error | | errors | source | object | References to the source of the error. | | source | header | string | A string indicating the name of a single request header which caused the error. | | source | parameter | string | A string indicating which URI query parameter caused the error. | | source | pointer | string | A JSON pointer to the value in the request document that caused the error. | | errors | status | string | Status code of the response. | | errors | title | string | Short human-readable summary of the error. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ { "detail": "Missing required attribute in body", "meta": {}, "source": { "header": "Authorization", "parameter": "limit", "pointer": "/data/attributes/title" }, "status": "400", "title": "Bad Request" } ] } ``` {% /tab %} {% /tab %} {% tab title="401" %} Unauthorized - custom rules not enabled {% tab title="Model" %} API error response. | Parent field | Field | Type | Description | | ------------ | ------------------------ | -------- | ------------------------------------------------------------------------------- | | | errors [*required*] | [object] | A list of errors. | | errors | detail | string | A human-readable explanation specific to this occurrence of the error. | | errors | meta | object | Non-standard meta-information about the error | | errors | source | object | References to the source of the error. | | source | header | string | A string indicating the name of a single request header which caused the error. | | source | parameter | string | A string indicating which URI query parameter caused the error. | | source | pointer | string | A JSON pointer to the value in the request document that caused the error. | | errors | status | string | Status code of the response. | | errors | title | string | Short human-readable summary of the error. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ { "detail": "Missing required attribute in body", "meta": {}, "source": { "header": "Authorization", "parameter": "limit", "pointer": "/data/attributes/title" }, "status": "400", "title": "Bad Request" } ] } ``` {% /tab %} {% /tab %} {% tab title="409" %} Conflict - rule already exists {% tab title="Model" %} API error response. | Parent field | Field | Type | Description | | ------------ | ------------------------ | -------- | ------------------------------------------------------------------------------- | | | errors [*required*] | [object] | A list of errors. | | errors | detail | string | A human-readable explanation specific to this occurrence of the error. | | errors | meta | object | Non-standard meta-information about the error | | errors | source | object | References to the source of the error. | | source | header | string | A string indicating the name of a single request header which caused the error. | | source | parameter | string | A string indicating which URI query parameter caused the error. | | source | pointer | string | A JSON pointer to the value in the request document that caused the error. | | errors | status | string | Status code of the response. | | errors | title | string | Short human-readable summary of the error. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ { "detail": "Missing required attribute in body", "meta": {}, "source": { "header": "Authorization", "parameter": "limit", "pointer": "/data/attributes/title" }, "status": "400", "title": "Bad Request" } ] } ``` {% /tab %} {% /tab %} {% tab title="412" %} Precondition failed - validation error or ruleset not found {% tab title="Model" %} API error response. | Parent field | Field | Type | Description | | ------------ | ------------------------ | -------- | ------------------------------------------------------------------------------- | | | errors [*required*] | [object] | A list of errors. | | errors | detail | string | A human-readable explanation specific to this occurrence of the error. | | errors | meta | object | Non-standard meta-information about the error | | errors | source | object | References to the source of the error. | | source | header | string | A string indicating the name of a single request header which caused the error. | | source | parameter | string | A string indicating which URI query parameter caused the error. | | source | pointer | string | A JSON pointer to the value in the request document that caused the error. | | errors | status | string | Status code of the response. | | errors | title | string | Short human-readable summary of the error. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ { "detail": "Missing required attribute in body", "meta": {}, "source": { "header": "Authorization", "parameter": "limit", "pointer": "/data/attributes/title" }, "status": "400", "title": "Bad Request" } ] } ``` {% /tab %} {% /tab %} {% tab title="429" %} Too many requests {% tab title="Model" %} API error response. | Field | Type | Description | | ------------------------ | -------- | ----------------- | | errors [*required*] | [string] | A list of errors. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} ### Code Example ##### \## default # \# Path parameters export ruleset_name="CHANGE_ME" \# Curl command curl -X PUT "https://api.datadoghq.com/api/v2/static-analysis/custom/rulesets/${ruleset_name}/rules" \ -H "Accept: application/json" \ -H "Content-Type: application/json" \ -H "DD-API-KEY: ${DD_API_KEY}" \ -H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \ -d @- << EOF { "data": { "type": "custom_rule" } } EOF ##### ```python """ Create Custom Rule returns "Successfully created" response """ from datadog_api_client import ApiClient, Configuration from datadog_api_client.v2.api.static_analysis_api import StaticAnalysisApi from datadog_api_client.v2.model.custom_rule_data_type import CustomRuleDataType from datadog_api_client.v2.model.custom_rule_request import CustomRuleRequest from datadog_api_client.v2.model.custom_rule_request_data import CustomRuleRequestData from datadog_api_client.v2.model.custom_rule_request_data_attributes import CustomRuleRequestDataAttributes body = CustomRuleRequest( data=CustomRuleRequestData( attributes=CustomRuleRequestDataAttributes(), type=CustomRuleDataType.CUSTOM_RULE, ), ) configuration = Configuration() configuration.unstable_operations["create_custom_rule"] = True with ApiClient(configuration) as api_client: api_instance = StaticAnalysisApi(api_client) response = api_instance.create_custom_rule(ruleset_name="ruleset_name", body=body) print(response) ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=python) and then save the example to `example.py` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" python3 "example.py" ##### ```ruby # Create Custom Rule returns "Successfully created" response require "datadog_api_client" DatadogAPIClient.configure do |config| config.unstable_operations["v2.create_custom_rule".to_sym] = true end api_instance = DatadogAPIClient::V2::StaticAnalysisAPI.new body = DatadogAPIClient::V2::CustomRuleRequest.new({ data: DatadogAPIClient::V2::CustomRuleRequestData.new({ attributes: DatadogAPIClient::V2::CustomRuleRequestDataAttributes.new({}), type: DatadogAPIClient::V2::CustomRuleDataType::CUSTOM_RULE, }), }) p api_instance.create_custom_rule("ruleset_name", body) ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=ruby) and then save the example to `example.rb` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" rb "example.rb" ##### ```go // Create Custom Rule returns "Successfully created" response package main import ( "context" "encoding/json" "fmt" "os" "github.com/DataDog/datadog-api-client-go/v2/api/datadog" "github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" ) func main() { body := datadogV2.CustomRuleRequest{ Data: &datadogV2.CustomRuleRequestData{ Attributes: &datadogV2.CustomRuleRequestDataAttributes{}, Type: datadogV2.CUSTOMRULEDATATYPE_CUSTOM_RULE.Ptr(), }, } ctx := datadog.NewDefaultContext(context.Background()) configuration := datadog.NewConfiguration() configuration.SetUnstableOperationEnabled("v2.CreateCustomRule", true) apiClient := datadog.NewAPIClient(configuration) api := datadogV2.NewStaticAnalysisApi(apiClient) resp, r, err := api.CreateCustomRule(ctx, "ruleset_name", body) if err != nil { fmt.Fprintf(os.Stderr, "Error when calling `StaticAnalysisApi.CreateCustomRule`: %v\n", err) fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) } responseContent, _ := json.MarshalIndent(resp, "", " ") fmt.Fprintf(os.Stdout, "Response from `StaticAnalysisApi.CreateCustomRule`:\n%s\n", responseContent) } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=go) and then save the example to `main.go` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" go run "main.go" ##### ```java // Create Custom Rule returns "Successfully created" response import com.datadog.api.client.ApiClient; import com.datadog.api.client.ApiException; import com.datadog.api.client.v2.api.StaticAnalysisApi; import com.datadog.api.client.v2.model.CustomRuleDataType; import com.datadog.api.client.v2.model.CustomRuleRequest; import com.datadog.api.client.v2.model.CustomRuleRequestData; import com.datadog.api.client.v2.model.CustomRuleRequestDataAttributes; import com.datadog.api.client.v2.model.CustomRuleResponse; public class Example { public static void main(String[] args) { ApiClient defaultClient = ApiClient.getDefaultApiClient(); defaultClient.setUnstableOperationEnabled("v2.createCustomRule", true); StaticAnalysisApi apiInstance = new StaticAnalysisApi(defaultClient); CustomRuleRequest body = new CustomRuleRequest() .data( new CustomRuleRequestData() .attributes(new CustomRuleRequestDataAttributes()) .type(CustomRuleDataType.CUSTOM_RULE)); try { CustomRuleResponse result = apiInstance.createCustomRule("ruleset_name", body); System.out.println(result); } catch (ApiException e) { System.err.println("Exception when calling StaticAnalysisApi#createCustomRule"); System.err.println("Status code: " + e.getCode()); System.err.println("Reason: " + e.getResponseBody()); System.err.println("Response headers: " + e.getResponseHeaders()); e.printStackTrace(); } } } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=java) and then save the example to `Example.java` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" java "Example.java" ##### ```rust // Create Custom Rule returns "Successfully created" response use datadog_api_client::datadog; use datadog_api_client::datadogV2::api_static_analysis::StaticAnalysisAPI; use datadog_api_client::datadogV2::model::CustomRuleDataType; use datadog_api_client::datadogV2::model::CustomRuleRequest; use datadog_api_client::datadogV2::model::CustomRuleRequestData; use datadog_api_client::datadogV2::model::CustomRuleRequestDataAttributes; #[tokio::main] async fn main() { let body = CustomRuleRequest::new().data( CustomRuleRequestData::new() .attributes(CustomRuleRequestDataAttributes::new()) .type_(CustomRuleDataType::CUSTOM_RULE), ); let mut configuration = datadog::Configuration::new(); configuration.set_unstable_operation_enabled("v2.CreateCustomRule", true); let api = StaticAnalysisAPI::with_config(configuration); let resp = api .create_custom_rule("ruleset_name".to_string(), body) .await; if let Ok(value) = resp { println!("{:#?}", value); } else { println!("{:#?}", resp.unwrap_err()); } } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=rust) and then save the example to `src/main.rs` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" cargo run ##### ```typescript /** * Create Custom Rule returns "Successfully created" response */ import { client, v2 } from "@datadog/datadog-api-client"; const configuration = client.createConfiguration(); configuration.unstableOperations["v2.createCustomRule"] = true; const apiInstance = new v2.StaticAnalysisApi(configuration); const params: v2.StaticAnalysisApiCreateCustomRuleRequest = { body: { data: { attributes: {}, type: "custom_rule", }, }, rulesetName: "ruleset_name", }; apiInstance .createCustomRule(params) .then((data: v2.CustomRuleResponse) => { console.log( "API called successfully. Returned data: " + JSON.stringify(data) ); }) .catch((error: any) => console.error(error)); ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=typescript) and then save the example to `example.ts` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" tsc "example.ts" {% /tab %}