From 360de42fabcc25ba415f61a6b46187ce9b78f856 Mon Sep 17 00:00:00 2001 From: "ci.datadog-api-spec" Date: Mon, 8 Jun 2026 15:04:09 +0000 Subject: [PATCH] Regenerate client from commit e6354d0 of spec repo --- .generator/schemas/v2/openapi.yaml | 223 ++++++++++++ .../CreateIoCTriageState.java | 38 ++ .../GetIndicatorOfCompromise.java | 4 +- .../com/datadog/api/client/ApiClient.java | 1 + .../client/v2/api/SecurityMonitoringApi.java | 335 +++++++++++++++++- .../api/client/v2/model/IoCIndicator.java | 86 ++++- .../client/v2/model/IoCIndicatorDetailed.java | 124 +++++++ .../api/client/v2/model/IoCTriageEvent.java | 192 ++++++++++ .../v2/model/IoCTriageWriteRequest.java | 145 ++++++++ .../IoCTriageWriteRequestAttributes.java | 175 +++++++++ .../v2/model/IoCTriageWriteRequestData.java | 177 +++++++++ .../v2/model/IoCTriageWriteResponse.java | 136 +++++++ .../IoCTriageWriteResponseAttributes.java | 249 +++++++++++++ .../v2/model/IoCTriageWriteResponseData.java | 193 ++++++++++ ..._state_returns_Bad_Request_response.freeze | 1 + ...ge_state_returns_Bad_Request_response.json | 32 ++ ...iage_state_returns_Created_response.freeze | 1 + ...triage_state_returns_Created_response.json | 32 ++ ...r_of_compromise_returns_OK_response.freeze | 2 +- ...tor_of_compromise_returns_OK_response.json | 9 +- ...s_of_compromise_returns_OK_response.freeze | 2 +- ...ors_of_compromise_returns_OK_response.json | 2 +- .../client/v2/api/security_monitoring.feature | 19 +- .../com/datadog/api/client/v2/api/undo.json | 6 + 24 files changed, 2170 insertions(+), 14 deletions(-) create mode 100644 examples/v2/security-monitoring/CreateIoCTriageState.java create mode 100644 src/main/java/com/datadog/api/client/v2/model/IoCTriageEvent.java create mode 100644 src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteRequest.java create mode 100644 src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteRequestAttributes.java create mode 100644 src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteRequestData.java create mode 100644 src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteResponse.java create mode 100644 src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteResponseAttributes.java create mode 100644 src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteResponseData.java create mode 100644 src/test/resources/cassettes/features/v2/Create_or_update_an_indicator_triage_state_returns_Bad_Request_response.freeze create mode 100644 src/test/resources/cassettes/features/v2/Create_or_update_an_indicator_triage_state_returns_Bad_Request_response.json create mode 100644 src/test/resources/cassettes/features/v2/Create_or_update_an_indicator_triage_state_returns_Created_response.freeze create mode 100644 src/test/resources/cassettes/features/v2/Create_or_update_an_indicator_triage_state_returns_Created_response.json diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index 2d470c8f2f0..2d1f24f0905 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -44181,6 +44181,16 @@ components: items: type: string type: array + triage_state: + description: "Current triage state of the indicator: not_reviewed or reviewed." + type: string + triaged_at: + description: Timestamp when the indicator was last triaged. + format: date-time + type: string + triaged_by: + description: UUID of the user who last triaged the indicator. + type: string type: object IoCIndicatorDetailed: description: An indicator of compromise with extended context from your environment. @@ -44299,6 +44309,21 @@ components: items: type: string type: array + triage_history: + description: Full triage history timeline. Returned only when `include_triage_history` is true. + items: + $ref: "#/components/schemas/IoCTriageEvent" + type: array + triage_state: + description: "Current triage state of the indicator: not_reviewed or reviewed." + type: string + triaged_at: + description: Timestamp when the indicator was last triaged. + format: date-time + type: string + triaged_by: + description: UUID of the user who last triaged the indicator. + type: string users: additionalProperties: description: List of user identifiers in this category. @@ -44337,6 +44362,97 @@ components: description: Name of the threat intelligence source. type: string type: object + IoCTriageEvent: + description: A single entry in an indicator's triage history timeline. + properties: + triage_state: + description: "Triage state set by this action: not_reviewed or reviewed." + type: string + triaged_at: + description: Timestamp when this triage action occurred. + format: date-time + type: string + triaged_by: + description: UUID of the user who performed this triage action. + type: string + type: object + IoCTriageWriteRequest: + description: Request body for creating or updating an indicator triage state. + properties: + data: + $ref: "#/components/schemas/IoCTriageWriteRequestData" + required: + - data + type: object + IoCTriageWriteRequestAttributes: + description: Attributes for setting an indicator's triage state. + properties: + indicator: + description: The indicator value to triage (for example, an IP address or domain). + example: "192.0.2.1" + type: string + triage_state: + description: "The triage state to set: not_reviewed or reviewed." + example: reviewed + type: string + required: + - indicator + - triage_state + type: object + IoCTriageWriteRequestData: + description: Data object for the triage write request. + properties: + attributes: + $ref: "#/components/schemas/IoCTriageWriteRequestAttributes" + type: + default: ioc_triage_state + description: Triage state resource type. + example: ioc_triage_state + type: string + required: + - type + - attributes + type: object + IoCTriageWriteResponse: + description: Response for the create indicator triage state endpoint. + properties: + data: + $ref: "#/components/schemas/IoCTriageWriteResponseData" + type: object + IoCTriageWriteResponseAttributes: + description: Attributes of a created or updated triage state. + properties: + created_at: + description: Timestamp when the triage record was created. + format: date-time + type: string + indicator: + description: The indicator value that was triaged. + type: string + triage_state: + description: "The triage state that was set: not_reviewed or reviewed." + type: string + triaged_at: + description: Timestamp when the triage state was set. + format: date-time + type: string + triaged_by: + description: UUID of the user who set the triage state. + type: string + type: object + IoCTriageWriteResponseData: + description: Data object of the triage write response. + properties: + attributes: + $ref: "#/components/schemas/IoCTriageWriteResponseAttributes" + id: + description: Unique identifier for the triage state record. + type: string + type: + default: ioc_triage_state + description: Triage state resource type. + type: string + type: object Issue: description: The issue matching the request. properties: @@ -159560,6 +159676,25 @@ paths: schema: default: desc type: string + - description: When true, return only OCSF field-based matches. When false, return regex/message-based matches. + in: query + name: ocsf + required: false + schema: + default: true + type: boolean + - description: Filter indicators whose triage state was updated by a specific user UUID. + in: query + name: worked_by + required: false + schema: + type: string + - description: "Filter by triage state: not_reviewed or reviewed." + in: query + name: triage_state + required: false + schema: + type: string responses: "200": content: @@ -159611,6 +159746,38 @@ paths: required: true schema: type: string + - description: When true, return only OCSF field-based matches. When false, return regex/message-based matches. + in: query + name: ocsf + required: false + schema: + default: true + type: boolean + - description: Include full triage history for the indicator. + in: query + name: include_triage_history + required: false + schema: + default: false + type: boolean + - description: Maximum number of triage history events returned. Only applied when `include_triage_history` is true. + in: query + name: triage_history_limit + required: false + schema: + default: 50 + format: int32 + maximum: 1000 + minimum: 1 + type: integer + - description: Pagination offset into the triage history. Only applied when `include_triage_history` is true. + in: query + name: triage_history_offset + required: false + schema: + default: 0 + format: int32 + type: integer responses: "200": content: @@ -159648,6 +159815,62 @@ paths: x-unstable: |- **Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates. + /api/v2/security/siem/ioc-explorer/triage: + post: + description: |- + Set the triage state of an indicator of compromise (IoC). This creates or + updates the triage state for the indicator in your organization. + operationId: CreateIoCTriageState + requestBody: + content: + "application/json": + examples: + default: + value: + data: + attributes: + indicator: "192.0.2.1" + triage_state: reviewed + type: ioc_triage_state + schema: + $ref: "#/components/schemas/IoCTriageWriteRequest" + description: The triage state to set for the indicator. + required: true + responses: + "201": + content: + "application/json": + examples: + default: + value: + data: + attributes: + created_at: "2026-06-04T12:00:00Z" + indicator: "192.0.2.1" + triage_state: reviewed + triaged_at: "2026-06-04T12:00:00Z" + triaged_by: 11111111-2222-3333-4444-555555555555 + id: abc-123 + type: ioc_triage_state + schema: + $ref: "#/components/schemas/IoCTriageWriteResponse" + description: Created + "400": + $ref: "#/components/responses/BadRequestResponse" + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_signals_write + summary: Create or update an indicator triage state + tags: ["Security Monitoring"] + x-unstable: |- + **Note**: This endpoint is in beta and may be subject to changes. + Please check the documentation regularly for updates. /api/v2/security/signals/notification_rules: get: description: Returns the list of notification rules for security signals. diff --git a/examples/v2/security-monitoring/CreateIoCTriageState.java b/examples/v2/security-monitoring/CreateIoCTriageState.java new file mode 100644 index 00000000000..cef6a69e721 --- /dev/null +++ b/examples/v2/security-monitoring/CreateIoCTriageState.java @@ -0,0 +1,38 @@ +// Create or update an indicator triage state returns "Created" response + +import com.datadog.api.client.ApiClient; +import com.datadog.api.client.ApiException; +import com.datadog.api.client.v2.api.SecurityMonitoringApi; +import com.datadog.api.client.v2.model.IoCTriageWriteRequest; +import com.datadog.api.client.v2.model.IoCTriageWriteRequestAttributes; +import com.datadog.api.client.v2.model.IoCTriageWriteRequestData; +import com.datadog.api.client.v2.model.IoCTriageWriteResponse; + +public class Example { + public static void main(String[] args) { + ApiClient defaultClient = ApiClient.getDefaultApiClient(); + defaultClient.setUnstableOperationEnabled("v2.createIoCTriageState", true); + SecurityMonitoringApi apiInstance = new SecurityMonitoringApi(defaultClient); + + IoCTriageWriteRequest body = + new IoCTriageWriteRequest() + .data( + new IoCTriageWriteRequestData() + .attributes( + new IoCTriageWriteRequestAttributes() + .indicator("192.0.2.1") + .triageState("reviewed")) + .type("ioc_triage_state")); + + try { + IoCTriageWriteResponse result = apiInstance.createIoCTriageState(body); + System.out.println(result); + } catch (ApiException e) { + System.err.println("Exception when calling SecurityMonitoringApi#createIoCTriageState"); + System.err.println("Status code: " + e.getCode()); + System.err.println("Reason: " + e.getResponseBody()); + System.err.println("Response headers: " + e.getResponseHeaders()); + e.printStackTrace(); + } + } +} diff --git a/examples/v2/security-monitoring/GetIndicatorOfCompromise.java b/examples/v2/security-monitoring/GetIndicatorOfCompromise.java index 175c536de1e..dae46eb24a6 100644 --- a/examples/v2/security-monitoring/GetIndicatorOfCompromise.java +++ b/examples/v2/security-monitoring/GetIndicatorOfCompromise.java @@ -3,6 +3,7 @@ import com.datadog.api.client.ApiClient; import com.datadog.api.client.ApiException; import com.datadog.api.client.v2.api.SecurityMonitoringApi; +import com.datadog.api.client.v2.api.SecurityMonitoringApi.GetIndicatorOfCompromiseOptionalParameters; import com.datadog.api.client.v2.model.GetIoCIndicatorResponse; public class Example { @@ -14,7 +15,8 @@ public static void main(String[] args) { try { GetIoCIndicatorResponse result = apiInstance.getIndicatorOfCompromise( - "masscan/1.3 (https://github.com/robertdavidgraham/masscan)"); + "192.0.2.1", + new GetIndicatorOfCompromiseOptionalParameters().includeTriageHistory(true)); System.out.println(result); } catch (ApiException e) { System.err.println("Exception when calling SecurityMonitoringApi#getIndicatorOfCompromise"); diff --git a/src/main/java/com/datadog/api/client/ApiClient.java b/src/main/java/com/datadog/api/client/ApiClient.java index 3c2d2401c35..ba44eeb43df 100644 --- a/src/main/java/com/datadog/api/client/ApiClient.java +++ b/src/main/java/com/datadog/api/client/ApiClient.java @@ -902,6 +902,7 @@ public class ApiClient { put("v2.cancelHistoricalJob", false); put("v2.convertJobResultToSignal", false); put("v2.convertSecurityMonitoringTerraformResource", false); + put("v2.createIoCTriageState", false); put("v2.createSampleLogGenerationSubscription", false); put("v2.createSecurityMonitoringDataset", false); put("v2.createSecurityMonitoringIntegrationConfig", false); diff --git a/src/main/java/com/datadog/api/client/v2/api/SecurityMonitoringApi.java b/src/main/java/com/datadog/api/client/v2/api/SecurityMonitoringApi.java index bcb269b2137..4bdabaa239f 100644 --- a/src/main/java/com/datadog/api/client/v2/api/SecurityMonitoringApi.java +++ b/src/main/java/com/datadog/api/client/v2/api/SecurityMonitoringApi.java @@ -46,6 +46,8 @@ import com.datadog.api.client.v2.model.GetSuppressionVersionHistoryResponse; import com.datadog.api.client.v2.model.HistoricalJobResponse; import com.datadog.api.client.v2.model.IoCExplorerListResponse; +import com.datadog.api.client.v2.model.IoCTriageWriteRequest; +import com.datadog.api.client.v2.model.IoCTriageWriteResponse; import com.datadog.api.client.v2.model.JobCreateResponse; import com.datadog.api.client.v2.model.ListAssetsSBOMsResponse; import com.datadog.api.client.v2.model.ListFindingsResponse; @@ -3249,6 +3251,157 @@ public ApiResponse createCustomFrameworkWithHttpI new GenericType() {}); } + /** + * Create or update an indicator triage state. + * + *

See {@link #createIoCTriageStateWithHttpInfo}. + * + * @param body The triage state to set for the indicator. (required) + * @return IoCTriageWriteResponse + * @throws ApiException if fails to make API call + */ + public IoCTriageWriteResponse createIoCTriageState(IoCTriageWriteRequest body) + throws ApiException { + return createIoCTriageStateWithHttpInfo(body).getData(); + } + + /** + * Create or update an indicator triage state. + * + *

See {@link #createIoCTriageStateWithHttpInfoAsync}. + * + * @param body The triage state to set for the indicator. (required) + * @return CompletableFuture<IoCTriageWriteResponse> + */ + public CompletableFuture createIoCTriageStateAsync( + IoCTriageWriteRequest body) { + return createIoCTriageStateWithHttpInfoAsync(body) + .thenApply( + response -> { + return response.getData(); + }); + } + + /** + * Set the triage state of an indicator of compromise (IoC). This creates or updates the triage + * state for the indicator in your organization. + * + * @param body The triage state to set for the indicator. (required) + * @return ApiResponse<IoCTriageWriteResponse> + * @throws ApiException if fails to make API call + * @http.response.details + * + * + * + * + * + * + * + *
Response details
Status Code Description Response Headers
201 Created -
400 Bad Request -
403 Not Authorized -
429 Too many requests -
+ */ + public ApiResponse createIoCTriageStateWithHttpInfo( + IoCTriageWriteRequest body) throws ApiException { + // Check if unstable operation is enabled + String operationId = "createIoCTriageState"; + if (apiClient.isUnstableOperationEnabled("v2." + operationId)) { + apiClient.getLogger().warning(String.format("Using unstable operation '%s'", operationId)); + } else { + throw new ApiException(0, String.format("Unstable operation '%s' is disabled", operationId)); + } + Object localVarPostBody = body; + + // verify the required parameter 'body' is set + if (body == null) { + throw new ApiException( + 400, "Missing the required parameter 'body' when calling createIoCTriageState"); + } + // create path and map variables + String localVarPath = "/api/v2/security/siem/ioc-explorer/triage"; + + Map localVarHeaderParams = new HashMap(); + + Invocation.Builder builder = + apiClient.createBuilder( + "v2.SecurityMonitoringApi.createIoCTriageState", + localVarPath, + new ArrayList(), + localVarHeaderParams, + new HashMap(), + new String[] {"application/json"}, + new String[] {"apiKeyAuth", "appKeyAuth", "AuthZ"}); + return apiClient.invokeAPI( + "POST", + builder, + localVarHeaderParams, + new String[] {"application/json"}, + localVarPostBody, + new HashMap(), + false, + new GenericType() {}); + } + + /** + * Create or update an indicator triage state. + * + *

See {@link #createIoCTriageStateWithHttpInfo}. + * + * @param body The triage state to set for the indicator. (required) + * @return CompletableFuture<ApiResponse<IoCTriageWriteResponse>> + */ + public CompletableFuture> + createIoCTriageStateWithHttpInfoAsync(IoCTriageWriteRequest body) { + // Check if unstable operation is enabled + String operationId = "createIoCTriageState"; + if (apiClient.isUnstableOperationEnabled("v2." + operationId)) { + apiClient.getLogger().warning(String.format("Using unstable operation '%s'", operationId)); + } else { + CompletableFuture> result = new CompletableFuture<>(); + result.completeExceptionally( + new ApiException(0, String.format("Unstable operation '%s' is disabled", operationId))); + return result; + } + Object localVarPostBody = body; + + // verify the required parameter 'body' is set + if (body == null) { + CompletableFuture> result = new CompletableFuture<>(); + result.completeExceptionally( + new ApiException( + 400, "Missing the required parameter 'body' when calling createIoCTriageState")); + return result; + } + // create path and map variables + String localVarPath = "/api/v2/security/siem/ioc-explorer/triage"; + + Map localVarHeaderParams = new HashMap(); + + Invocation.Builder builder; + try { + builder = + apiClient.createBuilder( + "v2.SecurityMonitoringApi.createIoCTriageState", + localVarPath, + new ArrayList(), + localVarHeaderParams, + new HashMap(), + new String[] {"application/json"}, + new String[] {"apiKeyAuth", "appKeyAuth", "AuthZ"}); + } catch (ApiException ex) { + CompletableFuture> result = new CompletableFuture<>(); + result.completeExceptionally(ex); + return result; + } + return apiClient.invokeAPIAsync( + "POST", + builder, + localVarHeaderParams, + new String[] {"application/json"}, + localVarPostBody, + new HashMap(), + false, + new GenericType() {}); + } + /** * Create Jira issues for security findings. * @@ -9070,6 +9223,65 @@ public CompletableFuture> getHistoricalJobWit new GenericType() {}); } + /** Manage optional parameters to getIndicatorOfCompromise. */ + public static class GetIndicatorOfCompromiseOptionalParameters { + private Boolean ocsf; + private Boolean includeTriageHistory; + private Integer triageHistoryLimit; + private Integer triageHistoryOffset; + + /** + * Set ocsf. + * + * @param ocsf When true, return only OCSF field-based matches. When false, return + * regex/message-based matches. (optional, default to true) + * @return GetIndicatorOfCompromiseOptionalParameters + */ + public GetIndicatorOfCompromiseOptionalParameters ocsf(Boolean ocsf) { + this.ocsf = ocsf; + return this; + } + + /** + * Set includeTriageHistory. + * + * @param includeTriageHistory Include full triage history for the indicator. (optional, default + * to false) + * @return GetIndicatorOfCompromiseOptionalParameters + */ + public GetIndicatorOfCompromiseOptionalParameters includeTriageHistory( + Boolean includeTriageHistory) { + this.includeTriageHistory = includeTriageHistory; + return this; + } + + /** + * Set triageHistoryLimit. + * + * @param triageHistoryLimit Maximum number of triage history events returned. Only applied when + * include_triage_history is true. (optional, default to 50) + * @return GetIndicatorOfCompromiseOptionalParameters + */ + public GetIndicatorOfCompromiseOptionalParameters triageHistoryLimit( + Integer triageHistoryLimit) { + this.triageHistoryLimit = triageHistoryLimit; + return this; + } + + /** + * Set triageHistoryOffset. + * + * @param triageHistoryOffset Pagination offset into the triage history. Only applied when + * include_triage_history is true. (optional, default to 0) + * @return GetIndicatorOfCompromiseOptionalParameters + */ + public GetIndicatorOfCompromiseOptionalParameters triageHistoryOffset( + Integer triageHistoryOffset) { + this.triageHistoryOffset = triageHistoryOffset; + return this; + } + } + /** * Get an indicator of compromise. * @@ -9081,7 +9293,9 @@ public CompletableFuture> getHistoricalJobWit * @throws ApiException if fails to make API call */ public GetIoCIndicatorResponse getIndicatorOfCompromise(String indicator) throws ApiException { - return getIndicatorOfCompromiseWithHttpInfo(indicator).getData(); + return getIndicatorOfCompromiseWithHttpInfo( + indicator, new GetIndicatorOfCompromiseOptionalParameters()) + .getData(); } /** @@ -9095,7 +9309,43 @@ public GetIoCIndicatorResponse getIndicatorOfCompromise(String indicator) throws */ public CompletableFuture getIndicatorOfCompromiseAsync( String indicator) { - return getIndicatorOfCompromiseWithHttpInfoAsync(indicator) + return getIndicatorOfCompromiseWithHttpInfoAsync( + indicator, new GetIndicatorOfCompromiseOptionalParameters()) + .thenApply( + response -> { + return response.getData(); + }); + } + + /** + * Get an indicator of compromise. + * + *

See {@link #getIndicatorOfCompromiseWithHttpInfo}. + * + * @param indicator The indicator value to look up (for example, an IP address or domain). + * (required) + * @param parameters Optional parameters for the request. + * @return GetIoCIndicatorResponse + * @throws ApiException if fails to make API call + */ + public GetIoCIndicatorResponse getIndicatorOfCompromise( + String indicator, GetIndicatorOfCompromiseOptionalParameters parameters) throws ApiException { + return getIndicatorOfCompromiseWithHttpInfo(indicator, parameters).getData(); + } + + /** + * Get an indicator of compromise. + * + *

See {@link #getIndicatorOfCompromiseWithHttpInfoAsync}. + * + * @param indicator The indicator value to look up (for example, an IP address or domain). + * (required) + * @param parameters Optional parameters for the request. + * @return CompletableFuture<GetIoCIndicatorResponse> + */ + public CompletableFuture getIndicatorOfCompromiseAsync( + String indicator, GetIndicatorOfCompromiseOptionalParameters parameters) { + return getIndicatorOfCompromiseWithHttpInfoAsync(indicator, parameters) .thenApply( response -> { return response.getData(); @@ -9107,6 +9357,7 @@ public CompletableFuture getIndicatorOfCompromiseAsync( * * @param indicator The indicator value to look up (for example, an IP address or domain). * (required) + * @param parameters Optional parameters for the request. * @return ApiResponse<GetIoCIndicatorResponse> * @throws ApiException if fails to make API call * @http.response.details @@ -9120,8 +9371,8 @@ public CompletableFuture getIndicatorOfCompromiseAsync( * 429 Too many requests - * */ - public ApiResponse getIndicatorOfCompromiseWithHttpInfo(String indicator) - throws ApiException { + public ApiResponse getIndicatorOfCompromiseWithHttpInfo( + String indicator, GetIndicatorOfCompromiseOptionalParameters parameters) throws ApiException { // Check if unstable operation is enabled String operationId = "getIndicatorOfCompromise"; if (apiClient.isUnstableOperationEnabled("v2." + operationId)) { @@ -9136,6 +9387,10 @@ public ApiResponse getIndicatorOfCompromiseWithHttpInfo throw new ApiException( 400, "Missing the required parameter 'indicator' when calling getIndicatorOfCompromise"); } + Boolean ocsf = parameters.ocsf; + Boolean includeTriageHistory = parameters.includeTriageHistory; + Integer triageHistoryLimit = parameters.triageHistoryLimit; + Integer triageHistoryOffset = parameters.triageHistoryOffset; // create path and map variables String localVarPath = "/api/v2/security/siem/ioc-explorer/indicator"; @@ -9143,6 +9398,13 @@ public ApiResponse getIndicatorOfCompromiseWithHttpInfo Map localVarHeaderParams = new HashMap(); localVarQueryParams.addAll(apiClient.parameterToPairs("", "indicator", indicator)); + localVarQueryParams.addAll(apiClient.parameterToPairs("", "ocsf", ocsf)); + localVarQueryParams.addAll( + apiClient.parameterToPairs("", "include_triage_history", includeTriageHistory)); + localVarQueryParams.addAll( + apiClient.parameterToPairs("", "triage_history_limit", triageHistoryLimit)); + localVarQueryParams.addAll( + apiClient.parameterToPairs("", "triage_history_offset", triageHistoryOffset)); Invocation.Builder builder = apiClient.createBuilder( @@ -9171,10 +9433,12 @@ public ApiResponse getIndicatorOfCompromiseWithHttpInfo * * @param indicator The indicator value to look up (for example, an IP address or domain). * (required) + * @param parameters Optional parameters for the request. * @return CompletableFuture<ApiResponse<GetIoCIndicatorResponse>> */ public CompletableFuture> - getIndicatorOfCompromiseWithHttpInfoAsync(String indicator) { + getIndicatorOfCompromiseWithHttpInfoAsync( + String indicator, GetIndicatorOfCompromiseOptionalParameters parameters) { // Check if unstable operation is enabled String operationId = "getIndicatorOfCompromise"; if (apiClient.isUnstableOperationEnabled("v2." + operationId)) { @@ -9196,6 +9460,10 @@ public ApiResponse getIndicatorOfCompromiseWithHttpInfo "Missing the required parameter 'indicator' when calling getIndicatorOfCompromise")); return result; } + Boolean ocsf = parameters.ocsf; + Boolean includeTriageHistory = parameters.includeTriageHistory; + Integer triageHistoryLimit = parameters.triageHistoryLimit; + Integer triageHistoryOffset = parameters.triageHistoryOffset; // create path and map variables String localVarPath = "/api/v2/security/siem/ioc-explorer/indicator"; @@ -9203,6 +9471,13 @@ public ApiResponse getIndicatorOfCompromiseWithHttpInfo Map localVarHeaderParams = new HashMap(); localVarQueryParams.addAll(apiClient.parameterToPairs("", "indicator", indicator)); + localVarQueryParams.addAll(apiClient.parameterToPairs("", "ocsf", ocsf)); + localVarQueryParams.addAll( + apiClient.parameterToPairs("", "include_triage_history", includeTriageHistory)); + localVarQueryParams.addAll( + apiClient.parameterToPairs("", "triage_history_limit", triageHistoryLimit)); + localVarQueryParams.addAll( + apiClient.parameterToPairs("", "triage_history_offset", triageHistoryOffset)); Invocation.Builder builder; try { @@ -15335,6 +15610,9 @@ public static class ListIndicatorsOfCompromiseOptionalParameters { private String query; private String sortColumn; private String sortOrder; + private Boolean ocsf; + private String workedBy; + private String triageState; /** * Set limit. @@ -15392,6 +15670,41 @@ public ListIndicatorsOfCompromiseOptionalParameters sortOrder(String sortOrder) this.sortOrder = sortOrder; return this; } + + /** + * Set ocsf. + * + * @param ocsf When true, return only OCSF field-based matches. When false, return + * regex/message-based matches. (optional, default to true) + * @return ListIndicatorsOfCompromiseOptionalParameters + */ + public ListIndicatorsOfCompromiseOptionalParameters ocsf(Boolean ocsf) { + this.ocsf = ocsf; + return this; + } + + /** + * Set workedBy. + * + * @param workedBy Filter indicators whose triage state was updated by a specific user UUID. + * (optional) + * @return ListIndicatorsOfCompromiseOptionalParameters + */ + public ListIndicatorsOfCompromiseOptionalParameters workedBy(String workedBy) { + this.workedBy = workedBy; + return this; + } + + /** + * Set triageState. + * + * @param triageState Filter by triage state: not_reviewed or reviewed. (optional) + * @return ListIndicatorsOfCompromiseOptionalParameters + */ + public ListIndicatorsOfCompromiseOptionalParameters triageState(String triageState) { + this.triageState = triageState; + return this; + } } /** @@ -15486,6 +15799,9 @@ public ApiResponse listIndicatorsOfCompromiseWithHttpIn String query = parameters.query; String sortColumn = parameters.sortColumn; String sortOrder = parameters.sortOrder; + Boolean ocsf = parameters.ocsf; + String workedBy = parameters.workedBy; + String triageState = parameters.triageState; // create path and map variables String localVarPath = "/api/v2/security/siem/ioc-explorer"; @@ -15497,6 +15813,9 @@ public ApiResponse listIndicatorsOfCompromiseWithHttpIn localVarQueryParams.addAll(apiClient.parameterToPairs("", "query", query)); localVarQueryParams.addAll(apiClient.parameterToPairs("", "sort[column]", sortColumn)); localVarQueryParams.addAll(apiClient.parameterToPairs("", "sort[order]", sortOrder)); + localVarQueryParams.addAll(apiClient.parameterToPairs("", "ocsf", ocsf)); + localVarQueryParams.addAll(apiClient.parameterToPairs("", "worked_by", workedBy)); + localVarQueryParams.addAll(apiClient.parameterToPairs("", "triage_state", triageState)); Invocation.Builder builder = apiClient.createBuilder( @@ -15545,6 +15864,9 @@ public ApiResponse listIndicatorsOfCompromiseWithHttpIn String query = parameters.query; String sortColumn = parameters.sortColumn; String sortOrder = parameters.sortOrder; + Boolean ocsf = parameters.ocsf; + String workedBy = parameters.workedBy; + String triageState = parameters.triageState; // create path and map variables String localVarPath = "/api/v2/security/siem/ioc-explorer"; @@ -15556,6 +15878,9 @@ public ApiResponse listIndicatorsOfCompromiseWithHttpIn localVarQueryParams.addAll(apiClient.parameterToPairs("", "query", query)); localVarQueryParams.addAll(apiClient.parameterToPairs("", "sort[column]", sortColumn)); localVarQueryParams.addAll(apiClient.parameterToPairs("", "sort[order]", sortOrder)); + localVarQueryParams.addAll(apiClient.parameterToPairs("", "ocsf", ocsf)); + localVarQueryParams.addAll(apiClient.parameterToPairs("", "worked_by", workedBy)); + localVarQueryParams.addAll(apiClient.parameterToPairs("", "triage_state", triageState)); Invocation.Builder builder; try { diff --git a/src/main/java/com/datadog/api/client/v2/model/IoCIndicator.java b/src/main/java/com/datadog/api/client/v2/model/IoCIndicator.java index 1e9d83fd4ab..d41d3ced927 100644 --- a/src/main/java/com/datadog/api/client/v2/model/IoCIndicator.java +++ b/src/main/java/com/datadog/api/client/v2/model/IoCIndicator.java @@ -42,7 +42,10 @@ IoCIndicator.JSON_PROPERTY_SIGNAL_MATCHES, IoCIndicator.JSON_PROPERTY_SIGNAL_TIER, IoCIndicator.JSON_PROPERTY_SUSPICIOUS_SOURCES, - IoCIndicator.JSON_PROPERTY_TAGS + IoCIndicator.JSON_PROPERTY_TAGS, + IoCIndicator.JSON_PROPERTY_TRIAGE_STATE, + IoCIndicator.JSON_PROPERTY_TRIAGED_AT, + IoCIndicator.JSON_PROPERTY_TRIAGED_BY }) @jakarta.annotation.Generated( value = "https://github.com/DataDog/datadog-api-client-java/blob/master/.generator") @@ -113,6 +116,15 @@ public class IoCIndicator { public static final String JSON_PROPERTY_TAGS = "tags"; private List tags = null; + public static final String JSON_PROPERTY_TRIAGE_STATE = "triage_state"; + private String triageState; + + public static final String JSON_PROPERTY_TRIAGED_AT = "triaged_at"; + private OffsetDateTime triagedAt; + + public static final String JSON_PROPERTY_TRIAGED_BY = "triaged_by"; + private String triagedBy; + public IoCIndicator asGeo(IoCGeoLocation asGeo) { this.asGeo = asGeo; this.unparsed |= asGeo.unparsed; @@ -657,6 +669,69 @@ public void setTags(List tags) { this.tags = tags; } + public IoCIndicator triageState(String triageState) { + this.triageState = triageState; + return this; + } + + /** + * Current triage state of the indicator: not_reviewed or reviewed. + * + * @return triageState + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_TRIAGE_STATE) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public String getTriageState() { + return triageState; + } + + public void setTriageState(String triageState) { + this.triageState = triageState; + } + + public IoCIndicator triagedAt(OffsetDateTime triagedAt) { + this.triagedAt = triagedAt; + return this; + } + + /** + * Timestamp when the indicator was last triaged. + * + * @return triagedAt + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_TRIAGED_AT) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public OffsetDateTime getTriagedAt() { + return triagedAt; + } + + public void setTriagedAt(OffsetDateTime triagedAt) { + this.triagedAt = triagedAt; + } + + public IoCIndicator triagedBy(String triagedBy) { + this.triagedBy = triagedBy; + return this; + } + + /** + * UUID of the user who last triaged the indicator. + * + * @return triagedBy + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_TRIAGED_BY) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public String getTriagedBy() { + return triagedBy; + } + + public void setTriagedBy(String triagedBy) { + this.triagedBy = triagedBy; + } + /** * A container for additional, undeclared properties. This is a holder for any undeclared * properties as specified with the 'additionalProperties' keyword in the OAS document. @@ -734,6 +809,9 @@ public boolean equals(Object o) { && Objects.equals(this.signalTier, ioCIndicator.signalTier) && Objects.equals(this.suspiciousSources, ioCIndicator.suspiciousSources) && Objects.equals(this.tags, ioCIndicator.tags) + && Objects.equals(this.triageState, ioCIndicator.triageState) + && Objects.equals(this.triagedAt, ioCIndicator.triagedAt) + && Objects.equals(this.triagedBy, ioCIndicator.triagedBy) && Objects.equals(this.additionalProperties, ioCIndicator.additionalProperties); } @@ -761,6 +839,9 @@ public int hashCode() { signalTier, suspiciousSources, tags, + triageState, + triagedAt, + triagedBy, additionalProperties); } @@ -789,6 +870,9 @@ public String toString() { sb.append(" signalTier: ").append(toIndentedString(signalTier)).append("\n"); sb.append(" suspiciousSources: ").append(toIndentedString(suspiciousSources)).append("\n"); sb.append(" tags: ").append(toIndentedString(tags)).append("\n"); + sb.append(" triageState: ").append(toIndentedString(triageState)).append("\n"); + sb.append(" triagedAt: ").append(toIndentedString(triagedAt)).append("\n"); + sb.append(" triagedBy: ").append(toIndentedString(triagedBy)).append("\n"); sb.append(" additionalProperties: ") .append(toIndentedString(additionalProperties)) .append("\n"); diff --git a/src/main/java/com/datadog/api/client/v2/model/IoCIndicatorDetailed.java b/src/main/java/com/datadog/api/client/v2/model/IoCIndicatorDetailed.java index 6c4ebfbecfc..b8ce7e9133e 100644 --- a/src/main/java/com/datadog/api/client/v2/model/IoCIndicatorDetailed.java +++ b/src/main/java/com/datadog/api/client/v2/model/IoCIndicatorDetailed.java @@ -52,6 +52,10 @@ IoCIndicatorDetailed.JSON_PROPERTY_SIGNAL_TIER, IoCIndicatorDetailed.JSON_PROPERTY_SUSPICIOUS_SOURCES, IoCIndicatorDetailed.JSON_PROPERTY_TAGS, + IoCIndicatorDetailed.JSON_PROPERTY_TRIAGE_HISTORY, + IoCIndicatorDetailed.JSON_PROPERTY_TRIAGE_STATE, + IoCIndicatorDetailed.JSON_PROPERTY_TRIAGED_AT, + IoCIndicatorDetailed.JSON_PROPERTY_TRIAGED_BY, IoCIndicatorDetailed.JSON_PROPERTY_USERS }) @jakarta.annotation.Generated( @@ -150,6 +154,18 @@ public class IoCIndicatorDetailed { public static final String JSON_PROPERTY_TAGS = "tags"; private List tags = null; + public static final String JSON_PROPERTY_TRIAGE_HISTORY = "triage_history"; + private List triageHistory = null; + + public static final String JSON_PROPERTY_TRIAGE_STATE = "triage_state"; + private String triageState; + + public static final String JSON_PROPERTY_TRIAGED_AT = "triaged_at"; + private OffsetDateTime triagedAt; + + public static final String JSON_PROPERTY_TRIAGED_BY = "triaged_by"; + private String triagedBy; + public static final String JSON_PROPERTY_USERS = "users"; private Map> users = null; @@ -938,6 +954,102 @@ public void setTags(List tags) { this.tags = tags; } + public IoCIndicatorDetailed triageHistory(List triageHistory) { + this.triageHistory = triageHistory; + for (IoCTriageEvent item : triageHistory) { + this.unparsed |= item.unparsed; + } + return this; + } + + public IoCIndicatorDetailed addTriageHistoryItem(IoCTriageEvent triageHistoryItem) { + if (this.triageHistory == null) { + this.triageHistory = new ArrayList<>(); + } + this.triageHistory.add(triageHistoryItem); + this.unparsed |= triageHistoryItem.unparsed; + return this; + } + + /** + * Full triage history timeline. Returned only when include_triage_history is true. + * + * @return triageHistory + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_TRIAGE_HISTORY) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public List getTriageHistory() { + return triageHistory; + } + + public void setTriageHistory(List triageHistory) { + this.triageHistory = triageHistory; + } + + public IoCIndicatorDetailed triageState(String triageState) { + this.triageState = triageState; + return this; + } + + /** + * Current triage state of the indicator: not_reviewed or reviewed. + * + * @return triageState + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_TRIAGE_STATE) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public String getTriageState() { + return triageState; + } + + public void setTriageState(String triageState) { + this.triageState = triageState; + } + + public IoCIndicatorDetailed triagedAt(OffsetDateTime triagedAt) { + this.triagedAt = triagedAt; + return this; + } + + /** + * Timestamp when the indicator was last triaged. + * + * @return triagedAt + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_TRIAGED_AT) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public OffsetDateTime getTriagedAt() { + return triagedAt; + } + + public void setTriagedAt(OffsetDateTime triagedAt) { + this.triagedAt = triagedAt; + } + + public IoCIndicatorDetailed triagedBy(String triagedBy) { + this.triagedBy = triagedBy; + return this; + } + + /** + * UUID of the user who last triaged the indicator. + * + * @return triagedBy + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_TRIAGED_BY) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public String getTriagedBy() { + return triagedBy; + } + + public void setTriagedBy(String triagedBy) { + this.triagedBy = triagedBy; + } + public IoCIndicatorDetailed users(Map> users) { this.users = users; return this; @@ -1053,6 +1165,10 @@ public boolean equals(Object o) { && Objects.equals(this.signalTier, ioCIndicatorDetailed.signalTier) && Objects.equals(this.suspiciousSources, ioCIndicatorDetailed.suspiciousSources) && Objects.equals(this.tags, ioCIndicatorDetailed.tags) + && Objects.equals(this.triageHistory, ioCIndicatorDetailed.triageHistory) + && Objects.equals(this.triageState, ioCIndicatorDetailed.triageState) + && Objects.equals(this.triagedAt, ioCIndicatorDetailed.triagedAt) + && Objects.equals(this.triagedBy, ioCIndicatorDetailed.triagedBy) && Objects.equals(this.users, ioCIndicatorDetailed.users) && Objects.equals(this.additionalProperties, ioCIndicatorDetailed.additionalProperties); } @@ -1090,6 +1206,10 @@ public int hashCode() { signalTier, suspiciousSources, tags, + triageHistory, + triageState, + triagedAt, + triagedBy, users, additionalProperties); } @@ -1128,6 +1248,10 @@ public String toString() { sb.append(" signalTier: ").append(toIndentedString(signalTier)).append("\n"); sb.append(" suspiciousSources: ").append(toIndentedString(suspiciousSources)).append("\n"); sb.append(" tags: ").append(toIndentedString(tags)).append("\n"); + sb.append(" triageHistory: ").append(toIndentedString(triageHistory)).append("\n"); + sb.append(" triageState: ").append(toIndentedString(triageState)).append("\n"); + sb.append(" triagedAt: ").append(toIndentedString(triagedAt)).append("\n"); + sb.append(" triagedBy: ").append(toIndentedString(triagedBy)).append("\n"); sb.append(" users: ").append(toIndentedString(users)).append("\n"); sb.append(" additionalProperties: ") .append(toIndentedString(additionalProperties)) diff --git a/src/main/java/com/datadog/api/client/v2/model/IoCTriageEvent.java b/src/main/java/com/datadog/api/client/v2/model/IoCTriageEvent.java new file mode 100644 index 00000000000..fe4a0e9dae0 --- /dev/null +++ b/src/main/java/com/datadog/api/client/v2/model/IoCTriageEvent.java @@ -0,0 +1,192 @@ +/* + * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + * This product includes software developed at Datadog (https://www.datadoghq.com/). + * Copyright 2019-Present Datadog, Inc. + */ + +package com.datadog.api.client.v2.model; + +import com.fasterxml.jackson.annotation.JsonAnyGetter; +import com.fasterxml.jackson.annotation.JsonAnySetter; +import com.fasterxml.jackson.annotation.JsonIgnore; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonPropertyOrder; +import java.time.OffsetDateTime; +import java.util.HashMap; +import java.util.Map; +import java.util.Objects; + +/** A single entry in an indicator's triage history timeline. */ +@JsonPropertyOrder({ + IoCTriageEvent.JSON_PROPERTY_TRIAGE_STATE, + IoCTriageEvent.JSON_PROPERTY_TRIAGED_AT, + IoCTriageEvent.JSON_PROPERTY_TRIAGED_BY +}) +@jakarta.annotation.Generated( + value = "https://github.com/DataDog/datadog-api-client-java/blob/master/.generator") +public class IoCTriageEvent { + @JsonIgnore public boolean unparsed = false; + public static final String JSON_PROPERTY_TRIAGE_STATE = "triage_state"; + private String triageState; + + public static final String JSON_PROPERTY_TRIAGED_AT = "triaged_at"; + private OffsetDateTime triagedAt; + + public static final String JSON_PROPERTY_TRIAGED_BY = "triaged_by"; + private String triagedBy; + + public IoCTriageEvent triageState(String triageState) { + this.triageState = triageState; + return this; + } + + /** + * Triage state set by this action: not_reviewed or reviewed. + * + * @return triageState + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_TRIAGE_STATE) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public String getTriageState() { + return triageState; + } + + public void setTriageState(String triageState) { + this.triageState = triageState; + } + + public IoCTriageEvent triagedAt(OffsetDateTime triagedAt) { + this.triagedAt = triagedAt; + return this; + } + + /** + * Timestamp when this triage action occurred. + * + * @return triagedAt + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_TRIAGED_AT) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public OffsetDateTime getTriagedAt() { + return triagedAt; + } + + public void setTriagedAt(OffsetDateTime triagedAt) { + this.triagedAt = triagedAt; + } + + public IoCTriageEvent triagedBy(String triagedBy) { + this.triagedBy = triagedBy; + return this; + } + + /** + * UUID of the user who performed this triage action. + * + * @return triagedBy + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_TRIAGED_BY) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public String getTriagedBy() { + return triagedBy; + } + + public void setTriagedBy(String triagedBy) { + this.triagedBy = triagedBy; + } + + /** + * A container for additional, undeclared properties. This is a holder for any undeclared + * properties as specified with the 'additionalProperties' keyword in the OAS document. + */ + private Map additionalProperties; + + /** + * Set the additional (undeclared) property with the specified name and value. If the property + * does not already exist, create it otherwise replace it. + * + * @param key The arbitrary key to set + * @param value The associated value + * @return IoCTriageEvent + */ + @JsonAnySetter + public IoCTriageEvent putAdditionalProperty(String key, Object value) { + if (this.additionalProperties == null) { + this.additionalProperties = new HashMap(); + } + this.additionalProperties.put(key, value); + return this; + } + + /** + * Return the additional (undeclared) property. + * + * @return The additional properties + */ + @JsonAnyGetter + public Map getAdditionalProperties() { + return additionalProperties; + } + + /** + * Return the additional (undeclared) property with the specified name. + * + * @param key The arbitrary key to get + * @return The specific additional property for the given key + */ + public Object getAdditionalProperty(String key) { + if (this.additionalProperties == null) { + return null; + } + return this.additionalProperties.get(key); + } + + /** Return true if this IoCTriageEvent object is equal to o. */ + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + IoCTriageEvent ioCTriageEvent = (IoCTriageEvent) o; + return Objects.equals(this.triageState, ioCTriageEvent.triageState) + && Objects.equals(this.triagedAt, ioCTriageEvent.triagedAt) + && Objects.equals(this.triagedBy, ioCTriageEvent.triagedBy) + && Objects.equals(this.additionalProperties, ioCTriageEvent.additionalProperties); + } + + @Override + public int hashCode() { + return Objects.hash(triageState, triagedAt, triagedBy, additionalProperties); + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder(); + sb.append("class IoCTriageEvent {\n"); + sb.append(" triageState: ").append(toIndentedString(triageState)).append("\n"); + sb.append(" triagedAt: ").append(toIndentedString(triagedAt)).append("\n"); + sb.append(" triagedBy: ").append(toIndentedString(triagedBy)).append("\n"); + sb.append(" additionalProperties: ") + .append(toIndentedString(additionalProperties)) + .append("\n"); + sb.append('}'); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces (except the first line). + */ + private String toIndentedString(Object o) { + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n "); + } +} diff --git a/src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteRequest.java b/src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteRequest.java new file mode 100644 index 00000000000..ca78b81ddfd --- /dev/null +++ b/src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteRequest.java @@ -0,0 +1,145 @@ +/* + * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + * This product includes software developed at Datadog (https://www.datadoghq.com/). + * Copyright 2019-Present Datadog, Inc. + */ + +package com.datadog.api.client.v2.model; + +import com.fasterxml.jackson.annotation.JsonAnyGetter; +import com.fasterxml.jackson.annotation.JsonAnySetter; +import com.fasterxml.jackson.annotation.JsonCreator; +import com.fasterxml.jackson.annotation.JsonIgnore; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonPropertyOrder; +import java.util.HashMap; +import java.util.Map; +import java.util.Objects; + +/** Request body for creating or updating an indicator triage state. */ +@JsonPropertyOrder({IoCTriageWriteRequest.JSON_PROPERTY_DATA}) +@jakarta.annotation.Generated( + value = "https://github.com/DataDog/datadog-api-client-java/blob/master/.generator") +public class IoCTriageWriteRequest { + @JsonIgnore public boolean unparsed = false; + public static final String JSON_PROPERTY_DATA = "data"; + private IoCTriageWriteRequestData data; + + public IoCTriageWriteRequest() {} + + @JsonCreator + public IoCTriageWriteRequest( + @JsonProperty(required = true, value = JSON_PROPERTY_DATA) IoCTriageWriteRequestData data) { + this.data = data; + this.unparsed |= data.unparsed; + } + + public IoCTriageWriteRequest data(IoCTriageWriteRequestData data) { + this.data = data; + this.unparsed |= data.unparsed; + return this; + } + + /** + * Data object for the triage write request. + * + * @return data + */ + @JsonProperty(JSON_PROPERTY_DATA) + @JsonInclude(value = JsonInclude.Include.ALWAYS) + public IoCTriageWriteRequestData getData() { + return data; + } + + public void setData(IoCTriageWriteRequestData data) { + this.data = data; + } + + /** + * A container for additional, undeclared properties. This is a holder for any undeclared + * properties as specified with the 'additionalProperties' keyword in the OAS document. + */ + private Map additionalProperties; + + /** + * Set the additional (undeclared) property with the specified name and value. If the property + * does not already exist, create it otherwise replace it. + * + * @param key The arbitrary key to set + * @param value The associated value + * @return IoCTriageWriteRequest + */ + @JsonAnySetter + public IoCTriageWriteRequest putAdditionalProperty(String key, Object value) { + if (this.additionalProperties == null) { + this.additionalProperties = new HashMap(); + } + this.additionalProperties.put(key, value); + return this; + } + + /** + * Return the additional (undeclared) property. + * + * @return The additional properties + */ + @JsonAnyGetter + public Map getAdditionalProperties() { + return additionalProperties; + } + + /** + * Return the additional (undeclared) property with the specified name. + * + * @param key The arbitrary key to get + * @return The specific additional property for the given key + */ + public Object getAdditionalProperty(String key) { + if (this.additionalProperties == null) { + return null; + } + return this.additionalProperties.get(key); + } + + /** Return true if this IoCTriageWriteRequest object is equal to o. */ + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + IoCTriageWriteRequest ioCTriageWriteRequest = (IoCTriageWriteRequest) o; + return Objects.equals(this.data, ioCTriageWriteRequest.data) + && Objects.equals(this.additionalProperties, ioCTriageWriteRequest.additionalProperties); + } + + @Override + public int hashCode() { + return Objects.hash(data, additionalProperties); + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder(); + sb.append("class IoCTriageWriteRequest {\n"); + sb.append(" data: ").append(toIndentedString(data)).append("\n"); + sb.append(" additionalProperties: ") + .append(toIndentedString(additionalProperties)) + .append("\n"); + sb.append('}'); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces (except the first line). + */ + private String toIndentedString(Object o) { + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n "); + } +} diff --git a/src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteRequestAttributes.java b/src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteRequestAttributes.java new file mode 100644 index 00000000000..871c111f1b8 --- /dev/null +++ b/src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteRequestAttributes.java @@ -0,0 +1,175 @@ +/* + * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + * This product includes software developed at Datadog (https://www.datadoghq.com/). + * Copyright 2019-Present Datadog, Inc. + */ + +package com.datadog.api.client.v2.model; + +import com.fasterxml.jackson.annotation.JsonAnyGetter; +import com.fasterxml.jackson.annotation.JsonAnySetter; +import com.fasterxml.jackson.annotation.JsonCreator; +import com.fasterxml.jackson.annotation.JsonIgnore; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonPropertyOrder; +import java.util.HashMap; +import java.util.Map; +import java.util.Objects; + +/** Attributes for setting an indicator's triage state. */ +@JsonPropertyOrder({ + IoCTriageWriteRequestAttributes.JSON_PROPERTY_INDICATOR, + IoCTriageWriteRequestAttributes.JSON_PROPERTY_TRIAGE_STATE +}) +@jakarta.annotation.Generated( + value = "https://github.com/DataDog/datadog-api-client-java/blob/master/.generator") +public class IoCTriageWriteRequestAttributes { + @JsonIgnore public boolean unparsed = false; + public static final String JSON_PROPERTY_INDICATOR = "indicator"; + private String indicator; + + public static final String JSON_PROPERTY_TRIAGE_STATE = "triage_state"; + private String triageState; + + public IoCTriageWriteRequestAttributes() {} + + @JsonCreator + public IoCTriageWriteRequestAttributes( + @JsonProperty(required = true, value = JSON_PROPERTY_INDICATOR) String indicator, + @JsonProperty(required = true, value = JSON_PROPERTY_TRIAGE_STATE) String triageState) { + this.indicator = indicator; + this.triageState = triageState; + } + + public IoCTriageWriteRequestAttributes indicator(String indicator) { + this.indicator = indicator; + return this; + } + + /** + * The indicator value to triage (for example, an IP address or domain). + * + * @return indicator + */ + @JsonProperty(JSON_PROPERTY_INDICATOR) + @JsonInclude(value = JsonInclude.Include.ALWAYS) + public String getIndicator() { + return indicator; + } + + public void setIndicator(String indicator) { + this.indicator = indicator; + } + + public IoCTriageWriteRequestAttributes triageState(String triageState) { + this.triageState = triageState; + return this; + } + + /** + * The triage state to set: not_reviewed or reviewed. + * + * @return triageState + */ + @JsonProperty(JSON_PROPERTY_TRIAGE_STATE) + @JsonInclude(value = JsonInclude.Include.ALWAYS) + public String getTriageState() { + return triageState; + } + + public void setTriageState(String triageState) { + this.triageState = triageState; + } + + /** + * A container for additional, undeclared properties. This is a holder for any undeclared + * properties as specified with the 'additionalProperties' keyword in the OAS document. + */ + private Map additionalProperties; + + /** + * Set the additional (undeclared) property with the specified name and value. If the property + * does not already exist, create it otherwise replace it. + * + * @param key The arbitrary key to set + * @param value The associated value + * @return IoCTriageWriteRequestAttributes + */ + @JsonAnySetter + public IoCTriageWriteRequestAttributes putAdditionalProperty(String key, Object value) { + if (this.additionalProperties == null) { + this.additionalProperties = new HashMap(); + } + this.additionalProperties.put(key, value); + return this; + } + + /** + * Return the additional (undeclared) property. + * + * @return The additional properties + */ + @JsonAnyGetter + public Map getAdditionalProperties() { + return additionalProperties; + } + + /** + * Return the additional (undeclared) property with the specified name. + * + * @param key The arbitrary key to get + * @return The specific additional property for the given key + */ + public Object getAdditionalProperty(String key) { + if (this.additionalProperties == null) { + return null; + } + return this.additionalProperties.get(key); + } + + /** Return true if this IoCTriageWriteRequestAttributes object is equal to o. */ + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + IoCTriageWriteRequestAttributes ioCTriageWriteRequestAttributes = + (IoCTriageWriteRequestAttributes) o; + return Objects.equals(this.indicator, ioCTriageWriteRequestAttributes.indicator) + && Objects.equals(this.triageState, ioCTriageWriteRequestAttributes.triageState) + && Objects.equals( + this.additionalProperties, ioCTriageWriteRequestAttributes.additionalProperties); + } + + @Override + public int hashCode() { + return Objects.hash(indicator, triageState, additionalProperties); + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder(); + sb.append("class IoCTriageWriteRequestAttributes {\n"); + sb.append(" indicator: ").append(toIndentedString(indicator)).append("\n"); + sb.append(" triageState: ").append(toIndentedString(triageState)).append("\n"); + sb.append(" additionalProperties: ") + .append(toIndentedString(additionalProperties)) + .append("\n"); + sb.append('}'); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces (except the first line). + */ + private String toIndentedString(Object o) { + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n "); + } +} diff --git a/src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteRequestData.java b/src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteRequestData.java new file mode 100644 index 00000000000..56212b596d5 --- /dev/null +++ b/src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteRequestData.java @@ -0,0 +1,177 @@ +/* + * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + * This product includes software developed at Datadog (https://www.datadoghq.com/). + * Copyright 2019-Present Datadog, Inc. + */ + +package com.datadog.api.client.v2.model; + +import com.fasterxml.jackson.annotation.JsonAnyGetter; +import com.fasterxml.jackson.annotation.JsonAnySetter; +import com.fasterxml.jackson.annotation.JsonCreator; +import com.fasterxml.jackson.annotation.JsonIgnore; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonPropertyOrder; +import java.util.HashMap; +import java.util.Map; +import java.util.Objects; + +/** Data object for the triage write request. */ +@JsonPropertyOrder({ + IoCTriageWriteRequestData.JSON_PROPERTY_ATTRIBUTES, + IoCTriageWriteRequestData.JSON_PROPERTY_TYPE +}) +@jakarta.annotation.Generated( + value = "https://github.com/DataDog/datadog-api-client-java/blob/master/.generator") +public class IoCTriageWriteRequestData { + @JsonIgnore public boolean unparsed = false; + public static final String JSON_PROPERTY_ATTRIBUTES = "attributes"; + private IoCTriageWriteRequestAttributes attributes; + + public static final String JSON_PROPERTY_TYPE = "type"; + private String type = "ioc_triage_state"; + + public IoCTriageWriteRequestData() {} + + @JsonCreator + public IoCTriageWriteRequestData( + @JsonProperty(required = true, value = JSON_PROPERTY_ATTRIBUTES) + IoCTriageWriteRequestAttributes attributes, + @JsonProperty(required = true, value = JSON_PROPERTY_TYPE) String type) { + this.attributes = attributes; + this.unparsed |= attributes.unparsed; + this.type = type; + } + + public IoCTriageWriteRequestData attributes(IoCTriageWriteRequestAttributes attributes) { + this.attributes = attributes; + this.unparsed |= attributes.unparsed; + return this; + } + + /** + * Attributes for setting an indicator's triage state. + * + * @return attributes + */ + @JsonProperty(JSON_PROPERTY_ATTRIBUTES) + @JsonInclude(value = JsonInclude.Include.ALWAYS) + public IoCTriageWriteRequestAttributes getAttributes() { + return attributes; + } + + public void setAttributes(IoCTriageWriteRequestAttributes attributes) { + this.attributes = attributes; + } + + public IoCTriageWriteRequestData type(String type) { + this.type = type; + return this; + } + + /** + * Triage state resource type. + * + * @return type + */ + @JsonProperty(JSON_PROPERTY_TYPE) + @JsonInclude(value = JsonInclude.Include.ALWAYS) + public String getType() { + return type; + } + + public void setType(String type) { + this.type = type; + } + + /** + * A container for additional, undeclared properties. This is a holder for any undeclared + * properties as specified with the 'additionalProperties' keyword in the OAS document. + */ + private Map additionalProperties; + + /** + * Set the additional (undeclared) property with the specified name and value. If the property + * does not already exist, create it otherwise replace it. + * + * @param key The arbitrary key to set + * @param value The associated value + * @return IoCTriageWriteRequestData + */ + @JsonAnySetter + public IoCTriageWriteRequestData putAdditionalProperty(String key, Object value) { + if (this.additionalProperties == null) { + this.additionalProperties = new HashMap(); + } + this.additionalProperties.put(key, value); + return this; + } + + /** + * Return the additional (undeclared) property. + * + * @return The additional properties + */ + @JsonAnyGetter + public Map getAdditionalProperties() { + return additionalProperties; + } + + /** + * Return the additional (undeclared) property with the specified name. + * + * @param key The arbitrary key to get + * @return The specific additional property for the given key + */ + public Object getAdditionalProperty(String key) { + if (this.additionalProperties == null) { + return null; + } + return this.additionalProperties.get(key); + } + + /** Return true if this IoCTriageWriteRequestData object is equal to o. */ + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + IoCTriageWriteRequestData ioCTriageWriteRequestData = (IoCTriageWriteRequestData) o; + return Objects.equals(this.attributes, ioCTriageWriteRequestData.attributes) + && Objects.equals(this.type, ioCTriageWriteRequestData.type) + && Objects.equals( + this.additionalProperties, ioCTriageWriteRequestData.additionalProperties); + } + + @Override + public int hashCode() { + return Objects.hash(attributes, type, additionalProperties); + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder(); + sb.append("class IoCTriageWriteRequestData {\n"); + sb.append(" attributes: ").append(toIndentedString(attributes)).append("\n"); + sb.append(" type: ").append(toIndentedString(type)).append("\n"); + sb.append(" additionalProperties: ") + .append(toIndentedString(additionalProperties)) + .append("\n"); + sb.append('}'); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces (except the first line). + */ + private String toIndentedString(Object o) { + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n "); + } +} diff --git a/src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteResponse.java b/src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteResponse.java new file mode 100644 index 00000000000..e5e2f9aab88 --- /dev/null +++ b/src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteResponse.java @@ -0,0 +1,136 @@ +/* + * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + * This product includes software developed at Datadog (https://www.datadoghq.com/). + * Copyright 2019-Present Datadog, Inc. + */ + +package com.datadog.api.client.v2.model; + +import com.fasterxml.jackson.annotation.JsonAnyGetter; +import com.fasterxml.jackson.annotation.JsonAnySetter; +import com.fasterxml.jackson.annotation.JsonIgnore; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonPropertyOrder; +import java.util.HashMap; +import java.util.Map; +import java.util.Objects; + +/** Response for the create indicator triage state endpoint. */ +@JsonPropertyOrder({IoCTriageWriteResponse.JSON_PROPERTY_DATA}) +@jakarta.annotation.Generated( + value = "https://github.com/DataDog/datadog-api-client-java/blob/master/.generator") +public class IoCTriageWriteResponse { + @JsonIgnore public boolean unparsed = false; + public static final String JSON_PROPERTY_DATA = "data"; + private IoCTriageWriteResponseData data; + + public IoCTriageWriteResponse data(IoCTriageWriteResponseData data) { + this.data = data; + this.unparsed |= data.unparsed; + return this; + } + + /** + * Data object of the triage write response. + * + * @return data + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_DATA) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public IoCTriageWriteResponseData getData() { + return data; + } + + public void setData(IoCTriageWriteResponseData data) { + this.data = data; + } + + /** + * A container for additional, undeclared properties. This is a holder for any undeclared + * properties as specified with the 'additionalProperties' keyword in the OAS document. + */ + private Map additionalProperties; + + /** + * Set the additional (undeclared) property with the specified name and value. If the property + * does not already exist, create it otherwise replace it. + * + * @param key The arbitrary key to set + * @param value The associated value + * @return IoCTriageWriteResponse + */ + @JsonAnySetter + public IoCTriageWriteResponse putAdditionalProperty(String key, Object value) { + if (this.additionalProperties == null) { + this.additionalProperties = new HashMap(); + } + this.additionalProperties.put(key, value); + return this; + } + + /** + * Return the additional (undeclared) property. + * + * @return The additional properties + */ + @JsonAnyGetter + public Map getAdditionalProperties() { + return additionalProperties; + } + + /** + * Return the additional (undeclared) property with the specified name. + * + * @param key The arbitrary key to get + * @return The specific additional property for the given key + */ + public Object getAdditionalProperty(String key) { + if (this.additionalProperties == null) { + return null; + } + return this.additionalProperties.get(key); + } + + /** Return true if this IoCTriageWriteResponse object is equal to o. */ + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + IoCTriageWriteResponse ioCTriageWriteResponse = (IoCTriageWriteResponse) o; + return Objects.equals(this.data, ioCTriageWriteResponse.data) + && Objects.equals(this.additionalProperties, ioCTriageWriteResponse.additionalProperties); + } + + @Override + public int hashCode() { + return Objects.hash(data, additionalProperties); + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder(); + sb.append("class IoCTriageWriteResponse {\n"); + sb.append(" data: ").append(toIndentedString(data)).append("\n"); + sb.append(" additionalProperties: ") + .append(toIndentedString(additionalProperties)) + .append("\n"); + sb.append('}'); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces (except the first line). + */ + private String toIndentedString(Object o) { + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n "); + } +} diff --git a/src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteResponseAttributes.java b/src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteResponseAttributes.java new file mode 100644 index 00000000000..886f603d1cd --- /dev/null +++ b/src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteResponseAttributes.java @@ -0,0 +1,249 @@ +/* + * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + * This product includes software developed at Datadog (https://www.datadoghq.com/). + * Copyright 2019-Present Datadog, Inc. + */ + +package com.datadog.api.client.v2.model; + +import com.fasterxml.jackson.annotation.JsonAnyGetter; +import com.fasterxml.jackson.annotation.JsonAnySetter; +import com.fasterxml.jackson.annotation.JsonIgnore; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonPropertyOrder; +import java.time.OffsetDateTime; +import java.util.HashMap; +import java.util.Map; +import java.util.Objects; + +/** Attributes of a created or updated triage state. */ +@JsonPropertyOrder({ + IoCTriageWriteResponseAttributes.JSON_PROPERTY_CREATED_AT, + IoCTriageWriteResponseAttributes.JSON_PROPERTY_INDICATOR, + IoCTriageWriteResponseAttributes.JSON_PROPERTY_TRIAGE_STATE, + IoCTriageWriteResponseAttributes.JSON_PROPERTY_TRIAGED_AT, + IoCTriageWriteResponseAttributes.JSON_PROPERTY_TRIAGED_BY +}) +@jakarta.annotation.Generated( + value = "https://github.com/DataDog/datadog-api-client-java/blob/master/.generator") +public class IoCTriageWriteResponseAttributes { + @JsonIgnore public boolean unparsed = false; + public static final String JSON_PROPERTY_CREATED_AT = "created_at"; + private OffsetDateTime createdAt; + + public static final String JSON_PROPERTY_INDICATOR = "indicator"; + private String indicator; + + public static final String JSON_PROPERTY_TRIAGE_STATE = "triage_state"; + private String triageState; + + public static final String JSON_PROPERTY_TRIAGED_AT = "triaged_at"; + private OffsetDateTime triagedAt; + + public static final String JSON_PROPERTY_TRIAGED_BY = "triaged_by"; + private String triagedBy; + + public IoCTriageWriteResponseAttributes createdAt(OffsetDateTime createdAt) { + this.createdAt = createdAt; + return this; + } + + /** + * Timestamp when the triage record was created. + * + * @return createdAt + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_CREATED_AT) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public OffsetDateTime getCreatedAt() { + return createdAt; + } + + public void setCreatedAt(OffsetDateTime createdAt) { + this.createdAt = createdAt; + } + + public IoCTriageWriteResponseAttributes indicator(String indicator) { + this.indicator = indicator; + return this; + } + + /** + * The indicator value that was triaged. + * + * @return indicator + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_INDICATOR) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public String getIndicator() { + return indicator; + } + + public void setIndicator(String indicator) { + this.indicator = indicator; + } + + public IoCTriageWriteResponseAttributes triageState(String triageState) { + this.triageState = triageState; + return this; + } + + /** + * The triage state that was set: not_reviewed or reviewed. + * + * @return triageState + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_TRIAGE_STATE) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public String getTriageState() { + return triageState; + } + + public void setTriageState(String triageState) { + this.triageState = triageState; + } + + public IoCTriageWriteResponseAttributes triagedAt(OffsetDateTime triagedAt) { + this.triagedAt = triagedAt; + return this; + } + + /** + * Timestamp when the triage state was set. + * + * @return triagedAt + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_TRIAGED_AT) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public OffsetDateTime getTriagedAt() { + return triagedAt; + } + + public void setTriagedAt(OffsetDateTime triagedAt) { + this.triagedAt = triagedAt; + } + + public IoCTriageWriteResponseAttributes triagedBy(String triagedBy) { + this.triagedBy = triagedBy; + return this; + } + + /** + * UUID of the user who set the triage state. + * + * @return triagedBy + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_TRIAGED_BY) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public String getTriagedBy() { + return triagedBy; + } + + public void setTriagedBy(String triagedBy) { + this.triagedBy = triagedBy; + } + + /** + * A container for additional, undeclared properties. This is a holder for any undeclared + * properties as specified with the 'additionalProperties' keyword in the OAS document. + */ + private Map additionalProperties; + + /** + * Set the additional (undeclared) property with the specified name and value. If the property + * does not already exist, create it otherwise replace it. + * + * @param key The arbitrary key to set + * @param value The associated value + * @return IoCTriageWriteResponseAttributes + */ + @JsonAnySetter + public IoCTriageWriteResponseAttributes putAdditionalProperty(String key, Object value) { + if (this.additionalProperties == null) { + this.additionalProperties = new HashMap(); + } + this.additionalProperties.put(key, value); + return this; + } + + /** + * Return the additional (undeclared) property. + * + * @return The additional properties + */ + @JsonAnyGetter + public Map getAdditionalProperties() { + return additionalProperties; + } + + /** + * Return the additional (undeclared) property with the specified name. + * + * @param key The arbitrary key to get + * @return The specific additional property for the given key + */ + public Object getAdditionalProperty(String key) { + if (this.additionalProperties == null) { + return null; + } + return this.additionalProperties.get(key); + } + + /** Return true if this IoCTriageWriteResponseAttributes object is equal to o. */ + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + IoCTriageWriteResponseAttributes ioCTriageWriteResponseAttributes = + (IoCTriageWriteResponseAttributes) o; + return Objects.equals(this.createdAt, ioCTriageWriteResponseAttributes.createdAt) + && Objects.equals(this.indicator, ioCTriageWriteResponseAttributes.indicator) + && Objects.equals(this.triageState, ioCTriageWriteResponseAttributes.triageState) + && Objects.equals(this.triagedAt, ioCTriageWriteResponseAttributes.triagedAt) + && Objects.equals(this.triagedBy, ioCTriageWriteResponseAttributes.triagedBy) + && Objects.equals( + this.additionalProperties, ioCTriageWriteResponseAttributes.additionalProperties); + } + + @Override + public int hashCode() { + return Objects.hash( + createdAt, indicator, triageState, triagedAt, triagedBy, additionalProperties); + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder(); + sb.append("class IoCTriageWriteResponseAttributes {\n"); + sb.append(" createdAt: ").append(toIndentedString(createdAt)).append("\n"); + sb.append(" indicator: ").append(toIndentedString(indicator)).append("\n"); + sb.append(" triageState: ").append(toIndentedString(triageState)).append("\n"); + sb.append(" triagedAt: ").append(toIndentedString(triagedAt)).append("\n"); + sb.append(" triagedBy: ").append(toIndentedString(triagedBy)).append("\n"); + sb.append(" additionalProperties: ") + .append(toIndentedString(additionalProperties)) + .append("\n"); + sb.append('}'); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces (except the first line). + */ + private String toIndentedString(Object o) { + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n "); + } +} diff --git a/src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteResponseData.java b/src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteResponseData.java new file mode 100644 index 00000000000..8c1dd16fc1f --- /dev/null +++ b/src/main/java/com/datadog/api/client/v2/model/IoCTriageWriteResponseData.java @@ -0,0 +1,193 @@ +/* + * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + * This product includes software developed at Datadog (https://www.datadoghq.com/). + * Copyright 2019-Present Datadog, Inc. + */ + +package com.datadog.api.client.v2.model; + +import com.fasterxml.jackson.annotation.JsonAnyGetter; +import com.fasterxml.jackson.annotation.JsonAnySetter; +import com.fasterxml.jackson.annotation.JsonIgnore; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonPropertyOrder; +import java.util.HashMap; +import java.util.Map; +import java.util.Objects; + +/** Data object of the triage write response. */ +@JsonPropertyOrder({ + IoCTriageWriteResponseData.JSON_PROPERTY_ATTRIBUTES, + IoCTriageWriteResponseData.JSON_PROPERTY_ID, + IoCTriageWriteResponseData.JSON_PROPERTY_TYPE +}) +@jakarta.annotation.Generated( + value = "https://github.com/DataDog/datadog-api-client-java/blob/master/.generator") +public class IoCTriageWriteResponseData { + @JsonIgnore public boolean unparsed = false; + public static final String JSON_PROPERTY_ATTRIBUTES = "attributes"; + private IoCTriageWriteResponseAttributes attributes; + + public static final String JSON_PROPERTY_ID = "id"; + private String id; + + public static final String JSON_PROPERTY_TYPE = "type"; + private String type = "ioc_triage_state"; + + public IoCTriageWriteResponseData attributes(IoCTriageWriteResponseAttributes attributes) { + this.attributes = attributes; + this.unparsed |= attributes.unparsed; + return this; + } + + /** + * Attributes of a created or updated triage state. + * + * @return attributes + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_ATTRIBUTES) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public IoCTriageWriteResponseAttributes getAttributes() { + return attributes; + } + + public void setAttributes(IoCTriageWriteResponseAttributes attributes) { + this.attributes = attributes; + } + + public IoCTriageWriteResponseData id(String id) { + this.id = id; + return this; + } + + /** + * Unique identifier for the triage state record. + * + * @return id + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_ID) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public String getId() { + return id; + } + + public void setId(String id) { + this.id = id; + } + + public IoCTriageWriteResponseData type(String type) { + this.type = type; + return this; + } + + /** + * Triage state resource type. + * + * @return type + */ + @jakarta.annotation.Nullable + @JsonProperty(JSON_PROPERTY_TYPE) + @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS) + public String getType() { + return type; + } + + public void setType(String type) { + this.type = type; + } + + /** + * A container for additional, undeclared properties. This is a holder for any undeclared + * properties as specified with the 'additionalProperties' keyword in the OAS document. + */ + private Map additionalProperties; + + /** + * Set the additional (undeclared) property with the specified name and value. If the property + * does not already exist, create it otherwise replace it. + * + * @param key The arbitrary key to set + * @param value The associated value + * @return IoCTriageWriteResponseData + */ + @JsonAnySetter + public IoCTriageWriteResponseData putAdditionalProperty(String key, Object value) { + if (this.additionalProperties == null) { + this.additionalProperties = new HashMap(); + } + this.additionalProperties.put(key, value); + return this; + } + + /** + * Return the additional (undeclared) property. + * + * @return The additional properties + */ + @JsonAnyGetter + public Map getAdditionalProperties() { + return additionalProperties; + } + + /** + * Return the additional (undeclared) property with the specified name. + * + * @param key The arbitrary key to get + * @return The specific additional property for the given key + */ + public Object getAdditionalProperty(String key) { + if (this.additionalProperties == null) { + return null; + } + return this.additionalProperties.get(key); + } + + /** Return true if this IoCTriageWriteResponseData object is equal to o. */ + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + IoCTriageWriteResponseData ioCTriageWriteResponseData = (IoCTriageWriteResponseData) o; + return Objects.equals(this.attributes, ioCTriageWriteResponseData.attributes) + && Objects.equals(this.id, ioCTriageWriteResponseData.id) + && Objects.equals(this.type, ioCTriageWriteResponseData.type) + && Objects.equals( + this.additionalProperties, ioCTriageWriteResponseData.additionalProperties); + } + + @Override + public int hashCode() { + return Objects.hash(attributes, id, type, additionalProperties); + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder(); + sb.append("class IoCTriageWriteResponseData {\n"); + sb.append(" attributes: ").append(toIndentedString(attributes)).append("\n"); + sb.append(" id: ").append(toIndentedString(id)).append("\n"); + sb.append(" type: ").append(toIndentedString(type)).append("\n"); + sb.append(" additionalProperties: ") + .append(toIndentedString(additionalProperties)) + .append("\n"); + sb.append('}'); + return sb.toString(); + } + + /** + * Convert the given object to string with each line indented by 4 spaces (except the first line). + */ + private String toIndentedString(Object o) { + if (o == null) { + return "null"; + } + return o.toString().replace("\n", "\n "); + } +} diff --git a/src/test/resources/cassettes/features/v2/Create_or_update_an_indicator_triage_state_returns_Bad_Request_response.freeze b/src/test/resources/cassettes/features/v2/Create_or_update_an_indicator_triage_state_returns_Bad_Request_response.freeze new file mode 100644 index 00000000000..d6a26ed39db --- /dev/null +++ b/src/test/resources/cassettes/features/v2/Create_or_update_an_indicator_triage_state_returns_Bad_Request_response.freeze @@ -0,0 +1 @@ +2026-06-05T12:20:47.940Z \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/Create_or_update_an_indicator_triage_state_returns_Bad_Request_response.json b/src/test/resources/cassettes/features/v2/Create_or_update_an_indicator_triage_state_returns_Bad_Request_response.json new file mode 100644 index 00000000000..55b9962db0e --- /dev/null +++ b/src/test/resources/cassettes/features/v2/Create_or_update_an_indicator_triage_state_returns_Bad_Request_response.json @@ -0,0 +1,32 @@ +[ + { + "httpRequest": { + "body": { + "type": "JSON", + "json": "{\"data\":{\"attributes\":{\"indicator\":\"192.0.2.1\",\"triage_state\":\"invalid_state\"},\"type\":\"ioc_triage_state\"}}" + }, + "headers": {}, + "method": "POST", + "path": "/api/v2/security/siem/ioc-explorer/triage", + "keepAlive": false, + "secure": true + }, + "httpResponse": { + "body": "{\"errors\":[{\"title\":\"Generic Error\",\"detail\":\"invalid triage_state\"}]}", + "headers": { + "Content-Type": [ + "application/vnd.api+json" + ] + }, + "statusCode": 400, + "reasonPhrase": "Bad Request" + }, + "times": { + "remainingTimes": 1 + }, + "timeToLive": { + "unlimited": true + }, + "id": "61fd0efb-7a23-54b5-c2dc-4bbb1626c3cb" + } +] \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/Create_or_update_an_indicator_triage_state_returns_Created_response.freeze b/src/test/resources/cassettes/features/v2/Create_or_update_an_indicator_triage_state_returns_Created_response.freeze new file mode 100644 index 00000000000..0ac630dda1e --- /dev/null +++ b/src/test/resources/cassettes/features/v2/Create_or_update_an_indicator_triage_state_returns_Created_response.freeze @@ -0,0 +1 @@ +2026-06-05T12:22:26.137Z \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/Create_or_update_an_indicator_triage_state_returns_Created_response.json b/src/test/resources/cassettes/features/v2/Create_or_update_an_indicator_triage_state_returns_Created_response.json new file mode 100644 index 00000000000..b751de4f5dc --- /dev/null +++ b/src/test/resources/cassettes/features/v2/Create_or_update_an_indicator_triage_state_returns_Created_response.json @@ -0,0 +1,32 @@ +[ + { + "httpRequest": { + "body": { + "type": "JSON", + "json": "{\"data\":{\"attributes\":{\"indicator\":\"192.0.2.1\",\"triage_state\":\"reviewed\"},\"type\":\"ioc_triage_state\"}}" + }, + "headers": {}, + "method": "POST", + "path": "/api/v2/security/siem/ioc-explorer/triage", + "keepAlive": false, + "secure": true + }, + "httpResponse": { + "body": "{\"data\":{\"id\":\"2e6eff68-4ffa-4cab-b9bb-d9ce1ef3b42a\",\"type\":\"ioc_triage_state\",\"attributes\":{\"created_at\":\"2026-06-05T12:22:26.488248Z\",\"indicator\":\"192.0.2.1\",\"triage_state\":\"reviewed\",\"triaged_at\":\"2026-06-05T12:22:26.488248Z\",\"triaged_by\":\"dc6535c4-0b70-47aa-9c6a-9b0fc0be3f19\"}}}", + "headers": { + "Content-Type": [ + "application/vnd.api+json" + ] + }, + "statusCode": 201, + "reasonPhrase": "Created" + }, + "times": { + "remainingTimes": 1 + }, + "timeToLive": { + "unlimited": true + }, + "id": "cd15ebe8-6c73-4bfc-c795-e31b00313bca" + } +] \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/Get_an_indicator_of_compromise_returns_OK_response.freeze b/src/test/resources/cassettes/features/v2/Get_an_indicator_of_compromise_returns_OK_response.freeze index fc8ed109ad7..3dc6b0aa0a0 100644 --- a/src/test/resources/cassettes/features/v2/Get_an_indicator_of_compromise_returns_OK_response.freeze +++ b/src/test/resources/cassettes/features/v2/Get_an_indicator_of_compromise_returns_OK_response.freeze @@ -1 +1 @@ -2026-04-14T18:22:29.733Z \ No newline at end of file +2026-06-05T12:58:33.985Z \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/Get_an_indicator_of_compromise_returns_OK_response.json b/src/test/resources/cassettes/features/v2/Get_an_indicator_of_compromise_returns_OK_response.json index 99da3a11737..c1fb5195c52 100644 --- a/src/test/resources/cassettes/features/v2/Get_an_indicator_of_compromise_returns_OK_response.json +++ b/src/test/resources/cassettes/features/v2/Get_an_indicator_of_compromise_returns_OK_response.json @@ -6,14 +6,17 @@ "path": "/api/v2/security/siem/ioc-explorer/indicator", "queryStringParameters": { "indicator": [ - "masscan/1.3 (https://github.com/robertdavidgraham/masscan)" + "192.0.2.1" + ], + "include_triage_history": [ + "true" ] }, "keepAlive": false, "secure": true }, "httpResponse": { - "body": "{\"data\":{\"id\":\"65a31893-cc59-4125-9424-44f7ba083e53\",\"type\":\"get_indicator_response\",\"attributes\":{\"data\":{\"id\":\"masscan/1.3 (https://github.com/robertdavidgraham/masscan)\",\"indicator\":\"masscan/1.3 (https://github.com/robertdavidgraham/masscan)\",\"indicator_type\":\"User Agent\",\"score\":4,\"as_type\":\"hosting\",\"malicious_sources\":null,\"suspicious_sources\":[{\"name\":\"Datadog Threat Research\"}],\"benign_sources\":null,\"categories\":[\"scanner\"],\"tags\":[],\"signal_matches\":0,\"log_matches\":45,\"first_seen\":\"2025-01-08T23:24:45Z\",\"last_seen\":\"2026-04-10T14:36:20Z\",\"signal_tier\":0,\"max_trust_score\":\"RAISE_SCORE\",\"m_sources\":\"NO_EFFECT\",\"m_persistence\":\"RAISE_SCORE\",\"m_signal\":\"NO_EFFECT\",\"m_as_type\":\"NO_EFFECT\",\"log_sources\":[],\"services\":[],\"signal_severity\":[],\"users\":{},\"critical_assets\":[],\"hosts\":[],\"as_number\":\"\",\"as_organization\":\"\",\"as_cidr_block\":\"\"}}}}", + "body": "{\"data\":{\"id\":\"b38eb8e1-61c8-470f-be58-f41531a7c134\",\"type\":\"get_indicator_response\",\"attributes\":{\"data\":{\"id\":\"192.0.2.1\",\"indicator\":\"192.0.2.1\",\"indicator_type\":\"IP Address\",\"score\":4,\"as_type\":\"hosting\",\"malicious_sources\":null,\"suspicious_sources\":[{\"name\":\"SOURCE1\"}],\"benign_sources\":null,\"categories\":[\"hosting_proxy\"],\"tags\":[],\"signal_matches\":1,\"log_matches\":7,\"signal_tier\":0,\"max_trust_score\":\"RAISE_SCORE\",\"m_sources\":\"NO_EFFECT\",\"m_persistence\":\"NO_EFFECT\",\"m_signal\":\"NO_EFFECT\",\"m_as_type\":\"NO_EFFECT\",\"triage_state\":\"reviewed\",\"triaged_at\":\"2026-06-03T18:55:42.108938Z\",\"triaged_by\":\"00000000-0000-0000-0000-000000000000\",\"log_sources\":[],\"services\":[],\"signal_severity\":[{\"severity\":\"info\",\"count\":1}],\"users\":{},\"critical_assets\":[],\"hosts\":[],\"additional_data\":{},\"triage_history\":[{\"triaged_at\":\"2026-06-03T18:55:42.108938Z\",\"triaged_by\":\"00000000-0000-0000-0000-000000000000\",\"triage_state\":\"reviewed\"},{\"triaged_at\":\"2026-06-03T13:32:14.735424Z\",\"triaged_by\":\"00000000-0000-0000-0000-000000000000\",\"triage_state\":\"reviewed\"}]}}}}", "headers": { "Content-Type": [ "application/vnd.api+json" @@ -28,6 +31,6 @@ "timeToLive": { "unlimited": true }, - "id": "46983f38-5258-9614-d88d-beb54245e244" + "id": "4b3edb47-ae75-2072-c4e4-d164cf28e966" } ] \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/List_indicators_of_compromise_returns_OK_response.freeze b/src/test/resources/cassettes/features/v2/List_indicators_of_compromise_returns_OK_response.freeze index 5814ac627e4..b1bf7726a10 100644 --- a/src/test/resources/cassettes/features/v2/List_indicators_of_compromise_returns_OK_response.freeze +++ b/src/test/resources/cassettes/features/v2/List_indicators_of_compromise_returns_OK_response.freeze @@ -1 +1 @@ -2026-04-14T18:22:48.392Z \ No newline at end of file +2026-06-05T12:32:21.136Z \ No newline at end of file diff --git a/src/test/resources/cassettes/features/v2/List_indicators_of_compromise_returns_OK_response.json b/src/test/resources/cassettes/features/v2/List_indicators_of_compromise_returns_OK_response.json index b44aac537fb..c7be69e2dcb 100644 --- a/src/test/resources/cassettes/features/v2/List_indicators_of_compromise_returns_OK_response.json +++ b/src/test/resources/cassettes/features/v2/List_indicators_of_compromise_returns_OK_response.json @@ -13,7 +13,7 @@ "secure": true }, "httpResponse": { - "body": "{\"data\":{\"id\":\"a4e3b616-e180-4b47-a379-43da9c5b300e\",\"type\":\"ioc_explorer_response\",\"attributes\":{\"data\":[{\"id\":\"43.228.157.121\",\"indicator\":\"43.228.157.121\",\"indicator_type\":\"IP Address\",\"score\":8,\"as_type\":\"hosting\",\"malicious_sources\":[{\"name\":\"threatfox\"}],\"suspicious_sources\":[{\"name\":\"tor\"},{\"name\":\"SPUR\"}],\"benign_sources\":null,\"categories\":[\"malware\",\"tor\",\"hosting_proxy\"],\"tags\":[],\"signal_matches\":0,\"log_matches\":14,\"signal_tier\":0,\"max_trust_score\":\"RAISE_SCORE\",\"m_sources\":\"RAISE_SCORE\",\"m_persistence\":\"NO_EFFECT\",\"m_signal\":\"NO_EFFECT\",\"m_as_type\":\"NO_EFFECT\",\"as_geo\":{\"city\":\"Frankfurt am Main\",\"country_code\":\"DE\",\"country_name\":\"Germany\"}}],\"metadata\":{\"count\":25091},\"paging\":{\"offset\":1}}}}", + "body": "{\"data\":{\"id\":\"22b62903-4053-42ed-9448-c750da2ecd81\",\"type\":\"ioc_explorer_response\",\"attributes\":{\"data\":[{\"id\":\"192.0.2.1\",\"indicator\":\"192.0.2.1\",\"indicator_type\":\"IP Address\",\"score\":4,\"as_type\":\"hosting\",\"malicious_sources\":null,\"suspicious_sources\":[{\"name\":\"SOURCE1\"}],\"benign_sources\":null,\"categories\":[\"hosting_proxy\"],\"tags\":[],\"signal_matches\":1,\"log_matches\":7,\"signal_tier\":0,\"max_trust_score\":\"RAISE_SCORE\",\"m_sources\":\"NO_EFFECT\",\"m_persistence\":\"NO_EFFECT\",\"m_signal\":\"NO_EFFECT\",\"m_as_type\":\"NO_EFFECT\",\"triage_state\":\"reviewed\",\"triaged_at\":\"2026-06-03T18:55:42.108938Z\",\"triaged_by\":\"00000000-0000-0000-0000-000000000000\"}],\"metadata\":{\"count\":585},\"paging\":{\"offset\":1}}}}", "headers": { "Content-Type": [ "application/vnd.api+json" diff --git a/src/test/resources/com/datadog/api/client/v2/api/security_monitoring.feature b/src/test/resources/com/datadog/api/client/v2/api/security_monitoring.feature index bae8918780e..7e4a21f8c64 100644 --- a/src/test/resources/com/datadog/api/client/v2/api/security_monitoring.feature +++ b/src/test/resources/com/datadog/api/client/v2/api/security_monitoring.feature @@ -954,6 +954,22 @@ Feature: Security Monitoring When the request is sent Then the response status is 404 Not Found + @replay-only @skip-terraform-config @team:DataDog/k9-cloud-siem + Scenario: Create or update an indicator triage state returns "Bad Request" response + Given operation "CreateIoCTriageState" enabled + And new "CreateIoCTriageState" request + And body with value {"data": {"attributes": {"indicator": "192.0.2.1", "triage_state": "invalid_state"}, "type": "ioc_triage_state"}} + When the request is sent + Then the response status is 400 Bad Request + + @replay-only @skip-terraform-config @team:DataDog/k9-cloud-siem + Scenario: Create or update an indicator triage state returns "Created" response + Given operation "CreateIoCTriageState" enabled + And new "CreateIoCTriageState" request + And body with value {"data": {"attributes": {"indicator": "192.0.2.1", "triage_state": "reviewed"}, "type": "ioc_triage_state"}} + When the request is sent + Then the response status is 201 Created + @generated @skip @team:DataDog/k9-cloud-siem Scenario: Deactivate content pack returns "Accepted" response Given operation "DeactivateContentPack" enabled @@ -1730,7 +1746,8 @@ Feature: Security Monitoring Scenario: Get an indicator of compromise returns "OK" response Given operation "GetIndicatorOfCompromise" enabled And new "GetIndicatorOfCompromise" request - And request contains "indicator" parameter with value "masscan/1.3 (https://github.com/robertdavidgraham/masscan)" + And request contains "indicator" parameter with value "192.0.2.1" + And request contains "include_triage_history" parameter with value true When the request is sent Then the response status is 200 OK diff --git a/src/test/resources/com/datadog/api/client/v2/api/undo.json b/src/test/resources/com/datadog/api/client/v2/api/undo.json index 9101d0155cb..e5e1b9ed262 100644 --- a/src/test/resources/com/datadog/api/client/v2/api/undo.json +++ b/src/test/resources/com/datadog/api/client/v2/api/undo.json @@ -6706,6 +6706,12 @@ "type": "safe" } }, + "CreateIoCTriageState": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, "GetSignalNotificationRules": { "tag": "Security Monitoring", "undo": {